=======================================
Sat, 26 Mar 2022 - Debian 11.3 released
=======================================
=========================================================================
[Date: Sat, 26 Mar 2022 09:37:35 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

btrfs-modules-5.10.0-11-s390x-di |  5.10.92-2 | s390x
btrfs-modules-5.10.0-12-s390x-di | 5.10.103-1 | s390x
btrfs-modules-5.10.0-9-s390x-di |  5.10.70-1 | s390x
cdrom-core-modules-5.10.0-11-s390x-di |  5.10.92-2 | s390x
cdrom-core-modules-5.10.0-12-s390x-di | 5.10.103-1 | s390x
cdrom-core-modules-5.10.0-9-s390x-di |  5.10.70-1 | s390x
crc-modules-5.10.0-11-s390x-di |  5.10.92-2 | s390x
crc-modules-5.10.0-12-s390x-di | 5.10.103-1 | s390x
crc-modules-5.10.0-9-s390x-di |  5.10.70-1 | s390x
crypto-dm-modules-5.10.0-11-s390x-di |  5.10.92-2 | s390x
crypto-dm-modules-5.10.0-12-s390x-di | 5.10.103-1 | s390x
crypto-dm-modules-5.10.0-9-s390x-di |  5.10.70-1 | s390x
crypto-modules-5.10.0-11-s390x-di |  5.10.92-2 | s390x
crypto-modules-5.10.0-12-s390x-di | 5.10.103-1 | s390x
crypto-modules-5.10.0-9-s390x-di |  5.10.70-1 | s390x
dasd-extra-modules-5.10.0-11-s390x-di |  5.10.92-2 | s390x
dasd-extra-modules-5.10.0-12-s390x-di | 5.10.103-1 | s390x
dasd-extra-modules-5.10.0-9-s390x-di |  5.10.70-1 | s390x
dasd-modules-5.10.0-11-s390x-di |  5.10.92-2 | s390x
dasd-modules-5.10.0-12-s390x-di | 5.10.103-1 | s390x
dasd-modules-5.10.0-9-s390x-di |  5.10.70-1 | s390x
ext4-modules-5.10.0-11-s390x-di |  5.10.92-2 | s390x
ext4-modules-5.10.0-12-s390x-di | 5.10.103-1 | s390x
ext4-modules-5.10.0-9-s390x-di |  5.10.70-1 | s390x
f2fs-modules-5.10.0-11-s390x-di |  5.10.92-2 | s390x
f2fs-modules-5.10.0-12-s390x-di | 5.10.103-1 | s390x
f2fs-modules-5.10.0-9-s390x-di |  5.10.70-1 | s390x
fat-modules-5.10.0-11-s390x-di |  5.10.92-2 | s390x
fat-modules-5.10.0-12-s390x-di | 5.10.103-1 | s390x
fat-modules-5.10.0-9-s390x-di |  5.10.70-1 | s390x
fuse-modules-5.10.0-11-s390x-di |  5.10.92-2 | s390x
fuse-modules-5.10.0-12-s390x-di | 5.10.103-1 | s390x
fuse-modules-5.10.0-9-s390x-di |  5.10.70-1 | s390x
isofs-modules-5.10.0-11-s390x-di |  5.10.92-2 | s390x
isofs-modules-5.10.0-12-s390x-di | 5.10.103-1 | s390x
isofs-modules-5.10.0-9-s390x-di |  5.10.70-1 | s390x
kernel-image-5.10.0-11-s390x-di |  5.10.92-2 | s390x
kernel-image-5.10.0-12-s390x-di | 5.10.103-1 | s390x
kernel-image-5.10.0-9-s390x-di |  5.10.70-1 | s390x
linux-headers-5.10.0-11-s390x |  5.10.92-2 | s390x
linux-headers-5.10.0-12-s390x | 5.10.103-1 | s390x
linux-headers-5.10.0-9-s390x |  5.10.70-1 | s390x
linux-image-5.10.0-11-s390x |  5.10.92-2 | s390x
linux-image-5.10.0-11-s390x-dbg |  5.10.92-2 | s390x
linux-image-5.10.0-12-s390x | 5.10.103-1 | s390x
linux-image-5.10.0-12-s390x-dbg | 5.10.103-1 | s390x
linux-image-5.10.0-9-s390x |  5.10.70-1 | s390x
linux-image-5.10.0-9-s390x-dbg |  5.10.70-1 | s390x
loop-modules-5.10.0-11-s390x-di |  5.10.92-2 | s390x
loop-modules-5.10.0-12-s390x-di | 5.10.103-1 | s390x
loop-modules-5.10.0-9-s390x-di |  5.10.70-1 | s390x
md-modules-5.10.0-11-s390x-di |  5.10.92-2 | s390x
md-modules-5.10.0-12-s390x-di | 5.10.103-1 | s390x
md-modules-5.10.0-9-s390x-di |  5.10.70-1 | s390x
mtd-core-modules-5.10.0-11-s390x-di |  5.10.92-2 | s390x
mtd-core-modules-5.10.0-12-s390x-di | 5.10.103-1 | s390x
mtd-core-modules-5.10.0-9-s390x-di |  5.10.70-1 | s390x
multipath-modules-5.10.0-11-s390x-di |  5.10.92-2 | s390x
multipath-modules-5.10.0-12-s390x-di | 5.10.103-1 | s390x
multipath-modules-5.10.0-9-s390x-di |  5.10.70-1 | s390x
nbd-modules-5.10.0-11-s390x-di |  5.10.92-2 | s390x
nbd-modules-5.10.0-12-s390x-di | 5.10.103-1 | s390x
nbd-modules-5.10.0-9-s390x-di |  5.10.70-1 | s390x
nic-modules-5.10.0-11-s390x-di |  5.10.92-2 | s390x
nic-modules-5.10.0-12-s390x-di | 5.10.103-1 | s390x
nic-modules-5.10.0-9-s390x-di |  5.10.70-1 | s390x
scsi-core-modules-5.10.0-11-s390x-di |  5.10.92-2 | s390x
scsi-core-modules-5.10.0-12-s390x-di | 5.10.103-1 | s390x
scsi-core-modules-5.10.0-9-s390x-di |  5.10.70-1 | s390x
scsi-modules-5.10.0-11-s390x-di |  5.10.92-2 | s390x
scsi-modules-5.10.0-12-s390x-di | 5.10.103-1 | s390x
scsi-modules-5.10.0-9-s390x-di |  5.10.70-1 | s390x
udf-modules-5.10.0-11-s390x-di |  5.10.92-2 | s390x
udf-modules-5.10.0-12-s390x-di | 5.10.103-1 | s390x
udf-modules-5.10.0-9-s390x-di |  5.10.70-1 | s390x
xfs-modules-5.10.0-11-s390x-di |  5.10.92-2 | s390x
xfs-modules-5.10.0-12-s390x-di | 5.10.103-1 | s390x
xfs-modules-5.10.0-9-s390x-di |  5.10.70-1 | s390x

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 26 Mar 2022 09:37:46 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

affs-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
affs-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
affs-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
affs-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
affs-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
affs-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
ata-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
ata-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
ata-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
btrfs-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
btrfs-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
btrfs-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
btrfs-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
btrfs-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
btrfs-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
cdrom-core-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
cdrom-core-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
cdrom-core-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
cdrom-core-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
cdrom-core-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
cdrom-core-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
crc-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
crc-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
crc-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
crc-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
crc-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
crc-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
crypto-dm-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
crypto-dm-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
crypto-dm-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
crypto-dm-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
crypto-dm-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
crypto-dm-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
crypto-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
crypto-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
crypto-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
crypto-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
crypto-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
crypto-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
event-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
event-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
event-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
event-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
event-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
event-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
ext4-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
ext4-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
ext4-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
ext4-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
ext4-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
ext4-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
f2fs-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
f2fs-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
f2fs-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
f2fs-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
f2fs-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
f2fs-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
fat-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
fat-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
fat-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
fat-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
fat-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
fat-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
fb-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
fb-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
fb-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
firewire-core-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
firewire-core-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
firewire-core-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
fuse-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
fuse-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
fuse-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
fuse-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
fuse-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
fuse-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
input-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
input-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
input-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
input-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
input-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
input-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
isofs-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
isofs-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
isofs-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
isofs-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
isofs-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
isofs-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
jfs-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
jfs-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
jfs-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
jfs-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
jfs-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
jfs-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
kernel-image-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
kernel-image-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
kernel-image-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
kernel-image-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
kernel-image-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
kernel-image-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
linux-headers-5.10.0-11-5kc-malta |  5.10.92-2 | mips64el, mipsel
linux-headers-5.10.0-11-loongson-3 |  5.10.92-2 | mips64el, mipsel
linux-headers-5.10.0-11-octeon |  5.10.92-2 | mips64el, mipsel
linux-headers-5.10.0-12-5kc-malta | 5.10.103-1 | mips64el, mipsel
linux-headers-5.10.0-12-loongson-3 | 5.10.103-1 | mips64el, mipsel
linux-headers-5.10.0-12-octeon | 5.10.103-1 | mips64el, mipsel
linux-headers-5.10.0-9-5kc-malta |  5.10.70-1 | mips64el, mipsel
linux-headers-5.10.0-9-loongson-3 |  5.10.70-1 | mips64el, mipsel
linux-headers-5.10.0-9-octeon |  5.10.70-1 | mips64el, mipsel
linux-image-5.10.0-11-5kc-malta |  5.10.92-2 | mips64el, mipsel
linux-image-5.10.0-11-5kc-malta-dbg |  5.10.92-2 | mips64el, mipsel
linux-image-5.10.0-11-loongson-3 |  5.10.92-2 | mips64el, mipsel
linux-image-5.10.0-11-loongson-3-dbg |  5.10.92-2 | mips64el, mipsel
linux-image-5.10.0-11-octeon |  5.10.92-2 | mips64el, mipsel
linux-image-5.10.0-11-octeon-dbg |  5.10.92-2 | mips64el, mipsel
linux-image-5.10.0-12-5kc-malta | 5.10.103-1 | mips64el, mipsel
linux-image-5.10.0-12-5kc-malta-dbg | 5.10.103-1 | mips64el, mipsel
linux-image-5.10.0-12-loongson-3 | 5.10.103-1 | mips64el, mipsel
linux-image-5.10.0-12-loongson-3-dbg | 5.10.103-1 | mips64el, mipsel
linux-image-5.10.0-12-octeon | 5.10.103-1 | mips64el, mipsel
linux-image-5.10.0-12-octeon-dbg | 5.10.103-1 | mips64el, mipsel
linux-image-5.10.0-9-5kc-malta |  5.10.70-1 | mips64el, mipsel
linux-image-5.10.0-9-5kc-malta-dbg |  5.10.70-1 | mips64el, mipsel
linux-image-5.10.0-9-loongson-3 |  5.10.70-1 | mips64el, mipsel
linux-image-5.10.0-9-loongson-3-dbg |  5.10.70-1 | mips64el, mipsel
linux-image-5.10.0-9-octeon |  5.10.70-1 | mips64el, mipsel
linux-image-5.10.0-9-octeon-dbg |  5.10.70-1 | mips64el, mipsel
loop-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
loop-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
loop-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
loop-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
loop-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
loop-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
md-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
md-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
md-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
md-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
md-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
md-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
minix-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
minix-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
minix-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
minix-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
minix-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
minix-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
mtd-core-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
mtd-core-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
mtd-core-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
multipath-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
multipath-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
multipath-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
multipath-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
multipath-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
multipath-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
nbd-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
nbd-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
nbd-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
nbd-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
nbd-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
nbd-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
nfs-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
nfs-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
nfs-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
nic-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
nic-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
nic-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
nic-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
nic-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
nic-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
nic-shared-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
nic-shared-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
nic-shared-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
nic-shared-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
nic-shared-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
nic-shared-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
nic-usb-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
nic-usb-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
nic-usb-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
nic-usb-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
nic-usb-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
nic-usb-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
nic-wireless-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
nic-wireless-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
nic-wireless-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
nic-wireless-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
nic-wireless-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
nic-wireless-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
pata-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
pata-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
pata-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
pata-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
pata-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
pata-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
ppp-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
ppp-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
ppp-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
ppp-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
ppp-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
ppp-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
rtc-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
rtc-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
rtc-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
sata-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
sata-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
sata-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
sata-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
sata-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
sata-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
scsi-core-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
scsi-core-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
scsi-core-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
scsi-core-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
scsi-core-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
scsi-core-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
scsi-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
scsi-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
scsi-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
scsi-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
scsi-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
scsi-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
scsi-nic-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
scsi-nic-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
scsi-nic-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
scsi-nic-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
scsi-nic-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
scsi-nic-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
sound-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
sound-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
sound-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
sound-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
sound-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
sound-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
speakup-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
speakup-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
speakup-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
squashfs-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
squashfs-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
squashfs-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
squashfs-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
squashfs-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
squashfs-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
udf-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
udf-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
udf-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
udf-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
udf-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
udf-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
usb-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
usb-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
usb-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
usb-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
usb-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
usb-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
usb-serial-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
usb-serial-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
usb-serial-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
usb-serial-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
usb-serial-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
usb-serial-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
usb-storage-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
usb-storage-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
usb-storage-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
usb-storage-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
usb-storage-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
usb-storage-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel
xfs-modules-5.10.0-11-loongson-3-di |  5.10.92-2 | mips64el, mipsel
xfs-modules-5.10.0-11-octeon-di |  5.10.92-2 | mips64el, mipsel
xfs-modules-5.10.0-12-loongson-3-di | 5.10.103-1 | mips64el, mipsel
xfs-modules-5.10.0-12-octeon-di | 5.10.103-1 | mips64el, mipsel
xfs-modules-5.10.0-9-loongson-3-di |  5.10.70-1 | mips64el, mipsel
xfs-modules-5.10.0-9-octeon-di |  5.10.70-1 | mips64el, mipsel

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 26 Mar 2022 09:37:56 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

affs-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
affs-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
affs-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
ata-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
ata-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
ata-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
btrfs-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
btrfs-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
btrfs-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
cdrom-core-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
cdrom-core-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
cdrom-core-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
crc-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
crc-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
crc-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
crypto-dm-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
crypto-dm-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
crypto-dm-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
crypto-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
crypto-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
crypto-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
event-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
event-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
event-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
ext4-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
ext4-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
ext4-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
f2fs-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
f2fs-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
f2fs-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
fat-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
fat-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
fat-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
fb-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
fb-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
fb-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
fuse-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
fuse-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
fuse-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
i2c-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
i2c-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
i2c-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
input-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
input-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
input-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
isofs-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
isofs-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
isofs-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
jfs-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
jfs-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
jfs-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
kernel-image-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
kernel-image-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
kernel-image-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
linux-headers-5.10.0-11-4kc-malta |  5.10.92-2 | mipsel
linux-headers-5.10.0-12-4kc-malta | 5.10.103-1 | mipsel
linux-headers-5.10.0-9-4kc-malta |  5.10.70-1 | mipsel
linux-image-5.10.0-11-4kc-malta |  5.10.92-2 | mipsel
linux-image-5.10.0-11-4kc-malta-dbg |  5.10.92-2 | mipsel
linux-image-5.10.0-12-4kc-malta | 5.10.103-1 | mipsel
linux-image-5.10.0-12-4kc-malta-dbg | 5.10.103-1 | mipsel
linux-image-5.10.0-9-4kc-malta |  5.10.70-1 | mipsel
linux-image-5.10.0-9-4kc-malta-dbg |  5.10.70-1 | mipsel
loop-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
loop-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
loop-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
md-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
md-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
md-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
minix-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
minix-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
minix-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
mmc-core-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
mmc-core-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
mmc-core-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
mmc-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
mmc-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
mmc-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
mouse-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
mouse-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
mouse-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
mtd-core-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
mtd-core-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
mtd-core-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
multipath-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
multipath-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
multipath-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
nbd-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
nbd-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
nbd-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
nic-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
nic-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
nic-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
nic-shared-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
nic-shared-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
nic-shared-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
nic-usb-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
nic-usb-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
nic-usb-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
nic-wireless-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
nic-wireless-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
nic-wireless-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
pata-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
pata-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
pata-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
ppp-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
ppp-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
ppp-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
sata-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
sata-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
sata-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
scsi-core-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
scsi-core-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
scsi-core-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
scsi-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
scsi-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
scsi-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
scsi-nic-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
scsi-nic-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
scsi-nic-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
sound-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
sound-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
sound-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
squashfs-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
squashfs-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
squashfs-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
udf-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
udf-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
udf-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
usb-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
usb-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
usb-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
usb-serial-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
usb-serial-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
usb-serial-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
usb-storage-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
usb-storage-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
usb-storage-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel
xfs-modules-5.10.0-11-4kc-malta-di |  5.10.92-2 | mipsel
xfs-modules-5.10.0-12-4kc-malta-di | 5.10.103-1 | mipsel
xfs-modules-5.10.0-9-4kc-malta-di |  5.10.70-1 | mipsel

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 26 Mar 2022 09:38:05 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

ata-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
ata-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
ata-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
btrfs-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
btrfs-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
btrfs-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
cdrom-core-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
cdrom-core-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
cdrom-core-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
crc-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
crc-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
crc-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
crypto-dm-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
crypto-dm-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
crypto-dm-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
crypto-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
crypto-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
crypto-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
event-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
event-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
event-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
ext4-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
ext4-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
ext4-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
f2fs-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
f2fs-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
f2fs-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
fancontrol-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
fancontrol-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
fancontrol-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
fat-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
fat-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
fat-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
fb-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
fb-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
fb-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
firewire-core-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
firewire-core-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
firewire-core-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
fuse-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
fuse-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
fuse-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
hypervisor-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
hypervisor-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
hypervisor-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
i2c-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
i2c-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
i2c-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
input-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
input-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
input-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
isofs-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
isofs-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
isofs-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
jfs-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
jfs-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
jfs-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
kernel-image-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
kernel-image-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
kernel-image-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
linux-headers-5.10.0-11-powerpc64le |  5.10.92-2 | ppc64el
linux-headers-5.10.0-12-powerpc64le | 5.10.103-1 | ppc64el
linux-headers-5.10.0-9-powerpc64le |  5.10.70-1 | ppc64el
linux-image-5.10.0-11-powerpc64le |  5.10.92-2 | ppc64el
linux-image-5.10.0-11-powerpc64le-dbg |  5.10.92-2 | ppc64el
linux-image-5.10.0-12-powerpc64le | 5.10.103-1 | ppc64el
linux-image-5.10.0-12-powerpc64le-dbg | 5.10.103-1 | ppc64el
linux-image-5.10.0-9-powerpc64le |  5.10.70-1 | ppc64el
linux-image-5.10.0-9-powerpc64le-dbg |  5.10.70-1 | ppc64el
loop-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
loop-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
loop-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
md-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
md-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
md-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
mouse-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
mouse-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
mouse-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
mtd-core-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
mtd-core-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
mtd-core-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
multipath-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
multipath-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
multipath-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
nbd-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
nbd-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
nbd-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
nic-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
nic-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
nic-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
nic-shared-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
nic-shared-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
nic-shared-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
nic-usb-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
nic-usb-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
nic-usb-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
nic-wireless-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
nic-wireless-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
nic-wireless-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
ppp-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
ppp-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
ppp-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
sata-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
sata-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
sata-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
scsi-core-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
scsi-core-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
scsi-core-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
scsi-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
scsi-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
scsi-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
scsi-nic-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
scsi-nic-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
scsi-nic-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
serial-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
serial-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
serial-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
squashfs-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
squashfs-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
squashfs-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
udf-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
udf-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
udf-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
uinput-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
uinput-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
uinput-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
usb-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
usb-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
usb-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
usb-serial-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
usb-serial-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
usb-serial-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
usb-storage-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
usb-storage-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
usb-storage-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el
xfs-modules-5.10.0-11-powerpc64le-di |  5.10.92-2 | ppc64el
xfs-modules-5.10.0-12-powerpc64le-di | 5.10.103-1 | ppc64el
xfs-modules-5.10.0-9-powerpc64le-di |  5.10.70-1 | ppc64el

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 26 Mar 2022 09:38:13 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

linux-headers-5.10.0-11-amd64 |  5.10.92-2 | amd64
linux-headers-5.10.0-11-cloud-amd64 |  5.10.92-2 | amd64
linux-headers-5.10.0-11-rt-amd64 |  5.10.92-2 | amd64
linux-headers-5.10.0-12-amd64 | 5.10.103-1 | amd64
linux-headers-5.10.0-12-cloud-amd64 | 5.10.103-1 | amd64
linux-headers-5.10.0-12-rt-amd64 | 5.10.103-1 | amd64
linux-headers-5.10.0-9-amd64 |  5.10.70-1 | amd64
linux-headers-5.10.0-9-cloud-amd64 |  5.10.70-1 | amd64
linux-headers-5.10.0-9-rt-amd64 |  5.10.70-1 | amd64
linux-image-5.10.0-11-amd64-dbg |  5.10.92-2 | amd64
linux-image-5.10.0-11-amd64-unsigned |  5.10.92-2 | amd64
linux-image-5.10.0-11-cloud-amd64-dbg |  5.10.92-2 | amd64
linux-image-5.10.0-11-cloud-amd64-unsigned |  5.10.92-2 | amd64
linux-image-5.10.0-11-rt-amd64-dbg |  5.10.92-2 | amd64
linux-image-5.10.0-11-rt-amd64-unsigned |  5.10.92-2 | amd64
linux-image-5.10.0-12-amd64-dbg | 5.10.103-1 | amd64
linux-image-5.10.0-12-amd64-unsigned | 5.10.103-1 | amd64
linux-image-5.10.0-12-cloud-amd64-dbg | 5.10.103-1 | amd64
linux-image-5.10.0-12-cloud-amd64-unsigned | 5.10.103-1 | amd64
linux-image-5.10.0-12-rt-amd64-dbg | 5.10.103-1 | amd64
linux-image-5.10.0-12-rt-amd64-unsigned | 5.10.103-1 | amd64
linux-image-5.10.0-9-amd64-dbg |  5.10.70-1 | amd64
linux-image-5.10.0-9-amd64-unsigned |  5.10.70-1 | amd64
linux-image-5.10.0-9-cloud-amd64-dbg |  5.10.70-1 | amd64
linux-image-5.10.0-9-cloud-amd64-unsigned |  5.10.70-1 | amd64
linux-image-5.10.0-9-rt-amd64-dbg |  5.10.70-1 | amd64
linux-image-5.10.0-9-rt-amd64-unsigned |  5.10.70-1 | amd64

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 26 Mar 2022 09:38:24 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

linux-headers-5.10.0-11-arm64 |  5.10.92-2 | arm64
linux-headers-5.10.0-11-cloud-arm64 |  5.10.92-2 | arm64
linux-headers-5.10.0-11-rt-arm64 |  5.10.92-2 | arm64
linux-headers-5.10.0-12-arm64 | 5.10.103-1 | arm64
linux-headers-5.10.0-12-cloud-arm64 | 5.10.103-1 | arm64
linux-headers-5.10.0-12-rt-arm64 | 5.10.103-1 | arm64
linux-headers-5.10.0-9-arm64 |  5.10.70-1 | arm64
linux-headers-5.10.0-9-cloud-arm64 |  5.10.70-1 | arm64
linux-headers-5.10.0-9-rt-arm64 |  5.10.70-1 | arm64
linux-image-5.10.0-11-arm64-dbg |  5.10.92-2 | arm64
linux-image-5.10.0-11-arm64-unsigned |  5.10.92-2 | arm64
linux-image-5.10.0-11-cloud-arm64-dbg |  5.10.92-2 | arm64
linux-image-5.10.0-11-cloud-arm64-unsigned |  5.10.92-2 | arm64
linux-image-5.10.0-11-rt-arm64-dbg |  5.10.92-2 | arm64
linux-image-5.10.0-11-rt-arm64-unsigned |  5.10.92-2 | arm64
linux-image-5.10.0-12-arm64-dbg | 5.10.103-1 | arm64
linux-image-5.10.0-12-arm64-unsigned | 5.10.103-1 | arm64
linux-image-5.10.0-12-cloud-arm64-dbg | 5.10.103-1 | arm64
linux-image-5.10.0-12-cloud-arm64-unsigned | 5.10.103-1 | arm64
linux-image-5.10.0-12-rt-arm64-dbg | 5.10.103-1 | arm64
linux-image-5.10.0-12-rt-arm64-unsigned | 5.10.103-1 | arm64
linux-image-5.10.0-9-arm64-dbg |  5.10.70-1 | arm64
linux-image-5.10.0-9-arm64-unsigned |  5.10.70-1 | arm64
linux-image-5.10.0-9-cloud-arm64-dbg |  5.10.70-1 | arm64
linux-image-5.10.0-9-cloud-arm64-unsigned |  5.10.70-1 | arm64
linux-image-5.10.0-9-rt-arm64-dbg |  5.10.70-1 | arm64
linux-image-5.10.0-9-rt-arm64-unsigned |  5.10.70-1 | arm64

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 26 Mar 2022 09:38:32 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

btrfs-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
btrfs-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
btrfs-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
cdrom-core-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
cdrom-core-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
cdrom-core-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
crc-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
crc-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
crc-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
crypto-dm-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
crypto-dm-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
crypto-dm-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
crypto-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
crypto-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
crypto-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
event-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
event-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
event-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
ext4-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
ext4-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
ext4-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
f2fs-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
f2fs-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
f2fs-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
fat-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
fat-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
fat-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
fb-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
fb-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
fb-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
fuse-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
fuse-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
fuse-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
input-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
input-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
input-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
ipv6-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
ipv6-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
ipv6-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
isofs-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
isofs-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
isofs-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
jffs2-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
jffs2-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
jffs2-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
jfs-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
jfs-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
jfs-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
kernel-image-5.10.0-11-marvell-di |  5.10.92-2 | armel
kernel-image-5.10.0-12-marvell-di | 5.10.103-1 | armel
kernel-image-5.10.0-9-marvell-di |  5.10.70-1 | armel
leds-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
leds-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
leds-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
linux-headers-5.10.0-11-marvell |  5.10.92-2 | armel
linux-headers-5.10.0-11-rpi |  5.10.92-2 | armel
linux-headers-5.10.0-12-marvell | 5.10.103-1 | armel
linux-headers-5.10.0-12-rpi | 5.10.103-1 | armel
linux-headers-5.10.0-9-marvell |  5.10.70-1 | armel
linux-headers-5.10.0-9-rpi |  5.10.70-1 | armel
linux-image-5.10.0-11-marvell |  5.10.92-2 | armel
linux-image-5.10.0-11-marvell-dbg |  5.10.92-2 | armel
linux-image-5.10.0-11-rpi |  5.10.92-2 | armel
linux-image-5.10.0-11-rpi-dbg |  5.10.92-2 | armel
linux-image-5.10.0-12-marvell | 5.10.103-1 | armel
linux-image-5.10.0-12-marvell-dbg | 5.10.103-1 | armel
linux-image-5.10.0-12-rpi | 5.10.103-1 | armel
linux-image-5.10.0-12-rpi-dbg | 5.10.103-1 | armel
linux-image-5.10.0-9-marvell |  5.10.70-1 | armel
linux-image-5.10.0-9-marvell-dbg |  5.10.70-1 | armel
linux-image-5.10.0-9-rpi |  5.10.70-1 | armel
linux-image-5.10.0-9-rpi-dbg |  5.10.70-1 | armel
loop-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
loop-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
loop-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
md-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
md-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
md-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
minix-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
minix-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
minix-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
mmc-core-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
mmc-core-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
mmc-core-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
mmc-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
mmc-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
mmc-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
mouse-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
mouse-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
mouse-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
mtd-core-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
mtd-core-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
mtd-core-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
mtd-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
mtd-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
mtd-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
multipath-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
multipath-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
multipath-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
nbd-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
nbd-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
nbd-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
nic-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
nic-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
nic-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
nic-shared-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
nic-shared-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
nic-shared-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
nic-usb-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
nic-usb-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
nic-usb-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
ppp-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
ppp-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
ppp-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
sata-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
sata-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
sata-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
scsi-core-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
scsi-core-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
scsi-core-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
squashfs-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
squashfs-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
squashfs-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
udf-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
udf-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
udf-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
uinput-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
uinput-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
uinput-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
usb-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
usb-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
usb-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
usb-serial-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
usb-serial-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
usb-serial-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel
usb-storage-modules-5.10.0-11-marvell-di |  5.10.92-2 | armel
usb-storage-modules-5.10.0-12-marvell-di | 5.10.103-1 | armel
usb-storage-modules-5.10.0-9-marvell-di |  5.10.70-1 | armel

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 26 Mar 2022 09:38:41 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

ata-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
ata-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
ata-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
btrfs-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
btrfs-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
btrfs-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
cdrom-core-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
cdrom-core-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
cdrom-core-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
crc-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
crc-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
crc-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
crypto-dm-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
crypto-dm-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
crypto-dm-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
crypto-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
crypto-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
crypto-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
efi-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
efi-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
efi-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
event-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
event-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
event-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
ext4-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
ext4-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
ext4-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
f2fs-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
f2fs-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
f2fs-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
fat-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
fat-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
fat-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
fb-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
fb-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
fb-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
fuse-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
fuse-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
fuse-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
i2c-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
i2c-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
i2c-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
input-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
input-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
input-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
isofs-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
isofs-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
isofs-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
jfs-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
jfs-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
jfs-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
kernel-image-5.10.0-11-armmp-di |  5.10.92-2 | armhf
kernel-image-5.10.0-12-armmp-di | 5.10.103-1 | armhf
kernel-image-5.10.0-9-armmp-di |  5.10.70-1 | armhf
leds-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
leds-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
leds-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
linux-headers-5.10.0-11-armmp |  5.10.92-2 | armhf
linux-headers-5.10.0-11-armmp-lpae |  5.10.92-2 | armhf
linux-headers-5.10.0-11-rt-armmp |  5.10.92-2 | armhf
linux-headers-5.10.0-12-armmp | 5.10.103-1 | armhf
linux-headers-5.10.0-12-armmp-lpae | 5.10.103-1 | armhf
linux-headers-5.10.0-12-rt-armmp | 5.10.103-1 | armhf
linux-headers-5.10.0-9-armmp |  5.10.70-1 | armhf
linux-headers-5.10.0-9-armmp-lpae |  5.10.70-1 | armhf
linux-headers-5.10.0-9-rt-armmp |  5.10.70-1 | armhf
linux-image-5.10.0-11-armmp |  5.10.92-2 | armhf
linux-image-5.10.0-11-armmp-dbg |  5.10.92-2 | armhf
linux-image-5.10.0-11-armmp-lpae |  5.10.92-2 | armhf
linux-image-5.10.0-11-armmp-lpae-dbg |  5.10.92-2 | armhf
linux-image-5.10.0-11-rt-armmp |  5.10.92-2 | armhf
linux-image-5.10.0-11-rt-armmp-dbg |  5.10.92-2 | armhf
linux-image-5.10.0-12-armmp | 5.10.103-1 | armhf
linux-image-5.10.0-12-armmp-dbg | 5.10.103-1 | armhf
linux-image-5.10.0-12-armmp-lpae | 5.10.103-1 | armhf
linux-image-5.10.0-12-armmp-lpae-dbg | 5.10.103-1 | armhf
linux-image-5.10.0-12-rt-armmp | 5.10.103-1 | armhf
linux-image-5.10.0-12-rt-armmp-dbg | 5.10.103-1 | armhf
linux-image-5.10.0-9-armmp |  5.10.70-1 | armhf
linux-image-5.10.0-9-armmp-dbg |  5.10.70-1 | armhf
linux-image-5.10.0-9-armmp-lpae |  5.10.70-1 | armhf
linux-image-5.10.0-9-armmp-lpae-dbg |  5.10.70-1 | armhf
linux-image-5.10.0-9-rt-armmp |  5.10.70-1 | armhf
linux-image-5.10.0-9-rt-armmp-dbg |  5.10.70-1 | armhf
loop-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
loop-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
loop-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
md-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
md-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
md-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
mmc-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
mmc-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
mmc-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
mtd-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
mtd-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
mtd-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
multipath-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
multipath-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
multipath-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
nbd-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
nbd-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
nbd-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
nic-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
nic-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
nic-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
nic-shared-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
nic-shared-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
nic-shared-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
nic-usb-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
nic-usb-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
nic-usb-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
nic-wireless-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
nic-wireless-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
nic-wireless-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
pata-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
pata-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
pata-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
ppp-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
ppp-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
ppp-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
sata-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
sata-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
sata-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
scsi-core-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
scsi-core-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
scsi-core-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
scsi-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
scsi-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
scsi-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
scsi-nic-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
scsi-nic-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
scsi-nic-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
squashfs-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
squashfs-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
squashfs-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
udf-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
udf-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
udf-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
uinput-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
uinput-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
uinput-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
usb-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
usb-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
usb-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
usb-serial-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
usb-serial-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
usb-serial-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf
usb-storage-modules-5.10.0-11-armmp-di |  5.10.92-2 | armhf
usb-storage-modules-5.10.0-12-armmp-di | 5.10.103-1 | armhf
usb-storage-modules-5.10.0-9-armmp-di |  5.10.70-1 | armhf

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 26 Mar 2022 09:38:49 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

linux-headers-5.10.0-11-686 |  5.10.92-2 | i386
linux-headers-5.10.0-11-686-pae |  5.10.92-2 | i386
linux-headers-5.10.0-11-rt-686-pae |  5.10.92-2 | i386
linux-headers-5.10.0-12-686 | 5.10.103-1 | i386
linux-headers-5.10.0-12-686-pae | 5.10.103-1 | i386
linux-headers-5.10.0-12-rt-686-pae | 5.10.103-1 | i386
linux-headers-5.10.0-9-686 |  5.10.70-1 | i386
linux-headers-5.10.0-9-686-pae |  5.10.70-1 | i386
linux-headers-5.10.0-9-rt-686-pae |  5.10.70-1 | i386
linux-image-5.10.0-11-686-dbg |  5.10.92-2 | i386
linux-image-5.10.0-11-686-pae-dbg |  5.10.92-2 | i386
linux-image-5.10.0-11-686-pae-unsigned |  5.10.92-2 | i386
linux-image-5.10.0-11-686-unsigned |  5.10.92-2 | i386
linux-image-5.10.0-11-rt-686-pae-dbg |  5.10.92-2 | i386
linux-image-5.10.0-11-rt-686-pae-unsigned |  5.10.92-2 | i386
linux-image-5.10.0-12-686-dbg | 5.10.103-1 | i386
linux-image-5.10.0-12-686-pae-dbg | 5.10.103-1 | i386
linux-image-5.10.0-12-686-pae-unsigned | 5.10.103-1 | i386
linux-image-5.10.0-12-686-unsigned | 5.10.103-1 | i386
linux-image-5.10.0-12-rt-686-pae-dbg | 5.10.103-1 | i386
linux-image-5.10.0-12-rt-686-pae-unsigned | 5.10.103-1 | i386
linux-image-5.10.0-9-686-dbg |  5.10.70-1 | i386
linux-image-5.10.0-9-686-pae-dbg |  5.10.70-1 | i386
linux-image-5.10.0-9-686-pae-unsigned |  5.10.70-1 | i386
linux-image-5.10.0-9-686-unsigned |  5.10.70-1 | i386
linux-image-5.10.0-9-rt-686-pae-dbg |  5.10.70-1 | i386
linux-image-5.10.0-9-rt-686-pae-unsigned |  5.10.70-1 | i386

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 26 Mar 2022 09:38:57 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

affs-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
affs-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
affs-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
ata-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
ata-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
ata-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
btrfs-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
btrfs-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
btrfs-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
cdrom-core-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
cdrom-core-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
cdrom-core-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
crc-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
crc-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
crc-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
crypto-dm-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
crypto-dm-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
crypto-dm-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
crypto-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
crypto-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
crypto-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
event-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
event-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
event-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
ext4-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
ext4-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
ext4-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
f2fs-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
f2fs-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
f2fs-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
fat-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
fat-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
fat-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
fb-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
fb-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
fb-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
fuse-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
fuse-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
fuse-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
i2c-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
i2c-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
i2c-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
input-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
input-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
input-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
isofs-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
isofs-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
isofs-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
jfs-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
jfs-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
jfs-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
kernel-image-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
kernel-image-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
kernel-image-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
loop-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
loop-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
loop-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
md-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
md-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
md-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
minix-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
minix-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
minix-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
mmc-core-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
mmc-core-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
mmc-core-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
mmc-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
mmc-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
mmc-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
mouse-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
mouse-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
mouse-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
mtd-core-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
mtd-core-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
mtd-core-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
multipath-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
multipath-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
multipath-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
nbd-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
nbd-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
nbd-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
nic-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
nic-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
nic-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
nic-shared-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
nic-shared-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
nic-shared-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
nic-usb-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
nic-usb-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
nic-usb-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
nic-wireless-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
nic-wireless-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
nic-wireless-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
pata-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
pata-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
pata-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
ppp-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
ppp-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
ppp-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
sata-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
sata-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
sata-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
scsi-core-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
scsi-core-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
scsi-core-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
scsi-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
scsi-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
scsi-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
scsi-nic-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
scsi-nic-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
scsi-nic-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
sound-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
sound-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
sound-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
squashfs-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
squashfs-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
squashfs-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
udf-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
udf-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
udf-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
usb-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
usb-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
usb-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
usb-serial-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
usb-serial-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
usb-serial-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
usb-storage-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
usb-storage-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
usb-storage-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el
xfs-modules-5.10.0-11-5kc-malta-di |  5.10.92-2 | mips64el
xfs-modules-5.10.0-12-5kc-malta-di | 5.10.103-1 | mips64el
xfs-modules-5.10.0-9-5kc-malta-di |  5.10.70-1 | mips64el

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 26 Mar 2022 09:39:06 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

acpi-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
acpi-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
acpi-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
ata-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
ata-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
ata-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
btrfs-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
btrfs-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
btrfs-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
cdrom-core-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
cdrom-core-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
cdrom-core-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
crc-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
crc-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
crc-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
crypto-dm-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
crypto-dm-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
crypto-dm-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
crypto-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
crypto-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
crypto-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
efi-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
efi-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
efi-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
event-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
event-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
event-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
ext4-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
ext4-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
ext4-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
f2fs-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
f2fs-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
f2fs-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
fat-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
fat-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
fat-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
fb-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
fb-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
fb-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
firewire-core-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
firewire-core-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
firewire-core-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
fuse-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
fuse-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
fuse-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
i2c-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
i2c-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
i2c-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
input-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
input-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
input-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
isofs-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
isofs-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
isofs-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
jfs-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
jfs-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
jfs-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
kernel-image-5.10.0-11-amd64-di |  5.10.92-2 | amd64
kernel-image-5.10.0-12-amd64-di | 5.10.103-1 | amd64
kernel-image-5.10.0-9-amd64-di |  5.10.70-1 | amd64
linux-image-5.10.0-11-amd64 |  5.10.92-2 | amd64
linux-image-5.10.0-11-cloud-amd64 |  5.10.92-2 | amd64
linux-image-5.10.0-11-rt-amd64 |  5.10.92-2 | amd64
linux-image-5.10.0-12-amd64 | 5.10.103-1 | amd64
linux-image-5.10.0-12-cloud-amd64 | 5.10.103-1 | amd64
linux-image-5.10.0-12-rt-amd64 | 5.10.103-1 | amd64
linux-image-5.10.0-9-amd64 |  5.10.70-1 | amd64
linux-image-5.10.0-9-cloud-amd64 |  5.10.70-1 | amd64
linux-image-5.10.0-9-rt-amd64 |  5.10.70-1 | amd64
loop-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
loop-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
loop-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
md-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
md-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
md-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
mmc-core-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
mmc-core-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
mmc-core-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
mmc-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
mmc-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
mmc-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
mouse-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
mouse-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
mouse-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
mtd-core-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
mtd-core-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
mtd-core-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
multipath-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
multipath-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
multipath-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
nbd-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
nbd-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
nbd-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
nic-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
nic-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
nic-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
nic-pcmcia-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
nic-pcmcia-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
nic-pcmcia-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
nic-shared-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
nic-shared-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
nic-shared-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
nic-usb-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
nic-usb-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
nic-usb-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
nic-wireless-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
nic-wireless-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
nic-wireless-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
pata-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
pata-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
pata-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
pcmcia-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
pcmcia-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
pcmcia-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
pcmcia-storage-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
pcmcia-storage-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
pcmcia-storage-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
ppp-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
ppp-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
ppp-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
rfkill-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
rfkill-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
rfkill-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
sata-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
sata-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
sata-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
scsi-core-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
scsi-core-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
scsi-core-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
scsi-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
scsi-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
scsi-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
scsi-nic-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
scsi-nic-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
scsi-nic-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
serial-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
serial-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
serial-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
sound-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
sound-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
sound-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
speakup-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
speakup-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
speakup-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
squashfs-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
squashfs-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
squashfs-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
udf-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
udf-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
udf-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
uinput-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
uinput-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
uinput-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
usb-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
usb-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
usb-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
usb-serial-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
usb-serial-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
usb-serial-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
usb-storage-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
usb-storage-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
usb-storage-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64
xfs-modules-5.10.0-11-amd64-di |  5.10.92-2 | amd64
xfs-modules-5.10.0-12-amd64-di | 5.10.103-1 | amd64
xfs-modules-5.10.0-9-amd64-di |  5.10.70-1 | amd64

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux-signed-amd64)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 26 Mar 2022 09:39:15 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

ata-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
ata-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
ata-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
btrfs-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
btrfs-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
btrfs-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
cdrom-core-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
cdrom-core-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
cdrom-core-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
crc-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
crc-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
crc-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
crypto-dm-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
crypto-dm-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
crypto-dm-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
crypto-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
crypto-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
crypto-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
efi-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
efi-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
efi-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
event-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
event-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
event-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
ext4-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
ext4-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
ext4-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
f2fs-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
f2fs-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
f2fs-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
fat-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
fat-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
fat-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
fb-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
fb-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
fb-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
fuse-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
fuse-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
fuse-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
i2c-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
i2c-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
i2c-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
input-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
input-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
input-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
isofs-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
isofs-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
isofs-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
jfs-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
jfs-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
jfs-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
kernel-image-5.10.0-11-arm64-di |  5.10.92-2 | arm64
kernel-image-5.10.0-12-arm64-di | 5.10.103-1 | arm64
kernel-image-5.10.0-9-arm64-di |  5.10.70-1 | arm64
leds-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
leds-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
leds-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
linux-image-5.10.0-11-arm64 |  5.10.92-2 | arm64
linux-image-5.10.0-11-cloud-arm64 |  5.10.92-2 | arm64
linux-image-5.10.0-11-rt-arm64 |  5.10.92-2 | arm64
linux-image-5.10.0-12-arm64 | 5.10.103-1 | arm64
linux-image-5.10.0-12-cloud-arm64 | 5.10.103-1 | arm64
linux-image-5.10.0-12-rt-arm64 | 5.10.103-1 | arm64
linux-image-5.10.0-9-arm64 |  5.10.70-1 | arm64
linux-image-5.10.0-9-cloud-arm64 |  5.10.70-1 | arm64
linux-image-5.10.0-9-rt-arm64 |  5.10.70-1 | arm64
loop-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
loop-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
loop-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
md-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
md-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
md-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
mmc-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
mmc-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
mmc-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
mtd-core-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
mtd-core-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
mtd-core-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
multipath-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
multipath-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
multipath-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
nbd-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
nbd-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
nbd-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
nic-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
nic-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
nic-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
nic-shared-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
nic-shared-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
nic-shared-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
nic-usb-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
nic-usb-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
nic-usb-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
nic-wireless-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
nic-wireless-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
nic-wireless-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
ppp-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
ppp-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
ppp-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
sata-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
sata-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
sata-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
scsi-core-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
scsi-core-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
scsi-core-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
scsi-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
scsi-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
scsi-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
scsi-nic-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
scsi-nic-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
scsi-nic-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
squashfs-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
squashfs-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
squashfs-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
udf-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
udf-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
udf-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
uinput-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
uinput-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
uinput-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
usb-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
usb-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
usb-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
usb-serial-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
usb-serial-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
usb-serial-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
usb-storage-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
usb-storage-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
usb-storage-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64
xfs-modules-5.10.0-11-arm64-di |  5.10.92-2 | arm64
xfs-modules-5.10.0-12-arm64-di | 5.10.103-1 | arm64
xfs-modules-5.10.0-9-arm64-di |  5.10.70-1 | arm64

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux-signed-arm64)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 26 Mar 2022 09:39:25 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

acpi-modules-5.10.0-11-686-di |  5.10.92-2 | i386
acpi-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
acpi-modules-5.10.0-12-686-di | 5.10.103-1 | i386
acpi-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
acpi-modules-5.10.0-9-686-di |  5.10.70-1 | i386
acpi-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
ata-modules-5.10.0-11-686-di |  5.10.92-2 | i386
ata-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
ata-modules-5.10.0-12-686-di | 5.10.103-1 | i386
ata-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
ata-modules-5.10.0-9-686-di |  5.10.70-1 | i386
ata-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
btrfs-modules-5.10.0-11-686-di |  5.10.92-2 | i386
btrfs-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
btrfs-modules-5.10.0-12-686-di | 5.10.103-1 | i386
btrfs-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
btrfs-modules-5.10.0-9-686-di |  5.10.70-1 | i386
btrfs-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
cdrom-core-modules-5.10.0-11-686-di |  5.10.92-2 | i386
cdrom-core-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
cdrom-core-modules-5.10.0-12-686-di | 5.10.103-1 | i386
cdrom-core-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
cdrom-core-modules-5.10.0-9-686-di |  5.10.70-1 | i386
cdrom-core-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
crc-modules-5.10.0-11-686-di |  5.10.92-2 | i386
crc-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
crc-modules-5.10.0-12-686-di | 5.10.103-1 | i386
crc-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
crc-modules-5.10.0-9-686-di |  5.10.70-1 | i386
crc-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
crypto-dm-modules-5.10.0-11-686-di |  5.10.92-2 | i386
crypto-dm-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
crypto-dm-modules-5.10.0-12-686-di | 5.10.103-1 | i386
crypto-dm-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
crypto-dm-modules-5.10.0-9-686-di |  5.10.70-1 | i386
crypto-dm-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
crypto-modules-5.10.0-11-686-di |  5.10.92-2 | i386
crypto-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
crypto-modules-5.10.0-12-686-di | 5.10.103-1 | i386
crypto-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
crypto-modules-5.10.0-9-686-di |  5.10.70-1 | i386
crypto-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
efi-modules-5.10.0-11-686-di |  5.10.92-2 | i386
efi-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
efi-modules-5.10.0-12-686-di | 5.10.103-1 | i386
efi-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
efi-modules-5.10.0-9-686-di |  5.10.70-1 | i386
efi-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
event-modules-5.10.0-11-686-di |  5.10.92-2 | i386
event-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
event-modules-5.10.0-12-686-di | 5.10.103-1 | i386
event-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
event-modules-5.10.0-9-686-di |  5.10.70-1 | i386
event-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
ext4-modules-5.10.0-11-686-di |  5.10.92-2 | i386
ext4-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
ext4-modules-5.10.0-12-686-di | 5.10.103-1 | i386
ext4-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
ext4-modules-5.10.0-9-686-di |  5.10.70-1 | i386
ext4-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
f2fs-modules-5.10.0-11-686-di |  5.10.92-2 | i386
f2fs-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
f2fs-modules-5.10.0-12-686-di | 5.10.103-1 | i386
f2fs-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
f2fs-modules-5.10.0-9-686-di |  5.10.70-1 | i386
f2fs-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
fat-modules-5.10.0-11-686-di |  5.10.92-2 | i386
fat-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
fat-modules-5.10.0-12-686-di | 5.10.103-1 | i386
fat-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
fat-modules-5.10.0-9-686-di |  5.10.70-1 | i386
fat-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
fb-modules-5.10.0-11-686-di |  5.10.92-2 | i386
fb-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
fb-modules-5.10.0-12-686-di | 5.10.103-1 | i386
fb-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
fb-modules-5.10.0-9-686-di |  5.10.70-1 | i386
fb-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
firewire-core-modules-5.10.0-11-686-di |  5.10.92-2 | i386
firewire-core-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
firewire-core-modules-5.10.0-12-686-di | 5.10.103-1 | i386
firewire-core-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
firewire-core-modules-5.10.0-9-686-di |  5.10.70-1 | i386
firewire-core-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
fuse-modules-5.10.0-11-686-di |  5.10.92-2 | i386
fuse-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
fuse-modules-5.10.0-12-686-di | 5.10.103-1 | i386
fuse-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
fuse-modules-5.10.0-9-686-di |  5.10.70-1 | i386
fuse-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
i2c-modules-5.10.0-11-686-di |  5.10.92-2 | i386
i2c-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
i2c-modules-5.10.0-12-686-di | 5.10.103-1 | i386
i2c-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
i2c-modules-5.10.0-9-686-di |  5.10.70-1 | i386
i2c-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
input-modules-5.10.0-11-686-di |  5.10.92-2 | i386
input-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
input-modules-5.10.0-12-686-di | 5.10.103-1 | i386
input-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
input-modules-5.10.0-9-686-di |  5.10.70-1 | i386
input-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
isofs-modules-5.10.0-11-686-di |  5.10.92-2 | i386
isofs-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
isofs-modules-5.10.0-12-686-di | 5.10.103-1 | i386
isofs-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
isofs-modules-5.10.0-9-686-di |  5.10.70-1 | i386
isofs-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
jfs-modules-5.10.0-11-686-di |  5.10.92-2 | i386
jfs-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
jfs-modules-5.10.0-12-686-di | 5.10.103-1 | i386
jfs-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
jfs-modules-5.10.0-9-686-di |  5.10.70-1 | i386
jfs-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
kernel-image-5.10.0-11-686-di |  5.10.92-2 | i386
kernel-image-5.10.0-11-686-pae-di |  5.10.92-2 | i386
kernel-image-5.10.0-12-686-di | 5.10.103-1 | i386
kernel-image-5.10.0-12-686-pae-di | 5.10.103-1 | i386
kernel-image-5.10.0-9-686-di |  5.10.70-1 | i386
kernel-image-5.10.0-9-686-pae-di |  5.10.70-1 | i386
linux-image-5.10.0-11-686 |  5.10.92-2 | i386
linux-image-5.10.0-11-686-pae |  5.10.92-2 | i386
linux-image-5.10.0-11-rt-686-pae |  5.10.92-2 | i386
linux-image-5.10.0-12-686 | 5.10.103-1 | i386
linux-image-5.10.0-12-686-pae | 5.10.103-1 | i386
linux-image-5.10.0-12-rt-686-pae | 5.10.103-1 | i386
linux-image-5.10.0-9-686 |  5.10.70-1 | i386
linux-image-5.10.0-9-686-pae |  5.10.70-1 | i386
linux-image-5.10.0-9-rt-686-pae |  5.10.70-1 | i386
loop-modules-5.10.0-11-686-di |  5.10.92-2 | i386
loop-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
loop-modules-5.10.0-12-686-di | 5.10.103-1 | i386
loop-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
loop-modules-5.10.0-9-686-di |  5.10.70-1 | i386
loop-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
md-modules-5.10.0-11-686-di |  5.10.92-2 | i386
md-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
md-modules-5.10.0-12-686-di | 5.10.103-1 | i386
md-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
md-modules-5.10.0-9-686-di |  5.10.70-1 | i386
md-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
mmc-core-modules-5.10.0-11-686-di |  5.10.92-2 | i386
mmc-core-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
mmc-core-modules-5.10.0-12-686-di | 5.10.103-1 | i386
mmc-core-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
mmc-core-modules-5.10.0-9-686-di |  5.10.70-1 | i386
mmc-core-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
mmc-modules-5.10.0-11-686-di |  5.10.92-2 | i386
mmc-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
mmc-modules-5.10.0-12-686-di | 5.10.103-1 | i386
mmc-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
mmc-modules-5.10.0-9-686-di |  5.10.70-1 | i386
mmc-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
mouse-modules-5.10.0-11-686-di |  5.10.92-2 | i386
mouse-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
mouse-modules-5.10.0-12-686-di | 5.10.103-1 | i386
mouse-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
mouse-modules-5.10.0-9-686-di |  5.10.70-1 | i386
mouse-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
mtd-core-modules-5.10.0-11-686-di |  5.10.92-2 | i386
mtd-core-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
mtd-core-modules-5.10.0-12-686-di | 5.10.103-1 | i386
mtd-core-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
mtd-core-modules-5.10.0-9-686-di |  5.10.70-1 | i386
mtd-core-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
multipath-modules-5.10.0-11-686-di |  5.10.92-2 | i386
multipath-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
multipath-modules-5.10.0-12-686-di | 5.10.103-1 | i386
multipath-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
multipath-modules-5.10.0-9-686-di |  5.10.70-1 | i386
multipath-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
nbd-modules-5.10.0-11-686-di |  5.10.92-2 | i386
nbd-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
nbd-modules-5.10.0-12-686-di | 5.10.103-1 | i386
nbd-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
nbd-modules-5.10.0-9-686-di |  5.10.70-1 | i386
nbd-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
nic-modules-5.10.0-11-686-di |  5.10.92-2 | i386
nic-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
nic-modules-5.10.0-12-686-di | 5.10.103-1 | i386
nic-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
nic-modules-5.10.0-9-686-di |  5.10.70-1 | i386
nic-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
nic-pcmcia-modules-5.10.0-11-686-di |  5.10.92-2 | i386
nic-pcmcia-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
nic-pcmcia-modules-5.10.0-12-686-di | 5.10.103-1 | i386
nic-pcmcia-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
nic-pcmcia-modules-5.10.0-9-686-di |  5.10.70-1 | i386
nic-pcmcia-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
nic-shared-modules-5.10.0-11-686-di |  5.10.92-2 | i386
nic-shared-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
nic-shared-modules-5.10.0-12-686-di | 5.10.103-1 | i386
nic-shared-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
nic-shared-modules-5.10.0-9-686-di |  5.10.70-1 | i386
nic-shared-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
nic-usb-modules-5.10.0-11-686-di |  5.10.92-2 | i386
nic-usb-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
nic-usb-modules-5.10.0-12-686-di | 5.10.103-1 | i386
nic-usb-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
nic-usb-modules-5.10.0-9-686-di |  5.10.70-1 | i386
nic-usb-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
nic-wireless-modules-5.10.0-11-686-di |  5.10.92-2 | i386
nic-wireless-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
nic-wireless-modules-5.10.0-12-686-di | 5.10.103-1 | i386
nic-wireless-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
nic-wireless-modules-5.10.0-9-686-di |  5.10.70-1 | i386
nic-wireless-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
pata-modules-5.10.0-11-686-di |  5.10.92-2 | i386
pata-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
pata-modules-5.10.0-12-686-di | 5.10.103-1 | i386
pata-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
pata-modules-5.10.0-9-686-di |  5.10.70-1 | i386
pata-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
pcmcia-modules-5.10.0-11-686-di |  5.10.92-2 | i386
pcmcia-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
pcmcia-modules-5.10.0-12-686-di | 5.10.103-1 | i386
pcmcia-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
pcmcia-modules-5.10.0-9-686-di |  5.10.70-1 | i386
pcmcia-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
pcmcia-storage-modules-5.10.0-11-686-di |  5.10.92-2 | i386
pcmcia-storage-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
pcmcia-storage-modules-5.10.0-12-686-di | 5.10.103-1 | i386
pcmcia-storage-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
pcmcia-storage-modules-5.10.0-9-686-di |  5.10.70-1 | i386
pcmcia-storage-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
ppp-modules-5.10.0-11-686-di |  5.10.92-2 | i386
ppp-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
ppp-modules-5.10.0-12-686-di | 5.10.103-1 | i386
ppp-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
ppp-modules-5.10.0-9-686-di |  5.10.70-1 | i386
ppp-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
rfkill-modules-5.10.0-11-686-di |  5.10.92-2 | i386
rfkill-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
rfkill-modules-5.10.0-12-686-di | 5.10.103-1 | i386
rfkill-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
rfkill-modules-5.10.0-9-686-di |  5.10.70-1 | i386
rfkill-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
sata-modules-5.10.0-11-686-di |  5.10.92-2 | i386
sata-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
sata-modules-5.10.0-12-686-di | 5.10.103-1 | i386
sata-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
sata-modules-5.10.0-9-686-di |  5.10.70-1 | i386
sata-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
scsi-core-modules-5.10.0-11-686-di |  5.10.92-2 | i386
scsi-core-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
scsi-core-modules-5.10.0-12-686-di | 5.10.103-1 | i386
scsi-core-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
scsi-core-modules-5.10.0-9-686-di |  5.10.70-1 | i386
scsi-core-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
scsi-modules-5.10.0-11-686-di |  5.10.92-2 | i386
scsi-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
scsi-modules-5.10.0-12-686-di | 5.10.103-1 | i386
scsi-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
scsi-modules-5.10.0-9-686-di |  5.10.70-1 | i386
scsi-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
scsi-nic-modules-5.10.0-11-686-di |  5.10.92-2 | i386
scsi-nic-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
scsi-nic-modules-5.10.0-12-686-di | 5.10.103-1 | i386
scsi-nic-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
scsi-nic-modules-5.10.0-9-686-di |  5.10.70-1 | i386
scsi-nic-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
serial-modules-5.10.0-11-686-di |  5.10.92-2 | i386
serial-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
serial-modules-5.10.0-12-686-di | 5.10.103-1 | i386
serial-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
serial-modules-5.10.0-9-686-di |  5.10.70-1 | i386
serial-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
sound-modules-5.10.0-11-686-di |  5.10.92-2 | i386
sound-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
sound-modules-5.10.0-12-686-di | 5.10.103-1 | i386
sound-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
sound-modules-5.10.0-9-686-di |  5.10.70-1 | i386
sound-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
speakup-modules-5.10.0-11-686-di |  5.10.92-2 | i386
speakup-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
speakup-modules-5.10.0-12-686-di | 5.10.103-1 | i386
speakup-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
speakup-modules-5.10.0-9-686-di |  5.10.70-1 | i386
speakup-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
squashfs-modules-5.10.0-11-686-di |  5.10.92-2 | i386
squashfs-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
squashfs-modules-5.10.0-12-686-di | 5.10.103-1 | i386
squashfs-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
squashfs-modules-5.10.0-9-686-di |  5.10.70-1 | i386
squashfs-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
udf-modules-5.10.0-11-686-di |  5.10.92-2 | i386
udf-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
udf-modules-5.10.0-12-686-di | 5.10.103-1 | i386
udf-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
udf-modules-5.10.0-9-686-di |  5.10.70-1 | i386
udf-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
uinput-modules-5.10.0-11-686-di |  5.10.92-2 | i386
uinput-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
uinput-modules-5.10.0-12-686-di | 5.10.103-1 | i386
uinput-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
uinput-modules-5.10.0-9-686-di |  5.10.70-1 | i386
uinput-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
usb-modules-5.10.0-11-686-di |  5.10.92-2 | i386
usb-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
usb-modules-5.10.0-12-686-di | 5.10.103-1 | i386
usb-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
usb-modules-5.10.0-9-686-di |  5.10.70-1 | i386
usb-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
usb-serial-modules-5.10.0-11-686-di |  5.10.92-2 | i386
usb-serial-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
usb-serial-modules-5.10.0-12-686-di | 5.10.103-1 | i386
usb-serial-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
usb-serial-modules-5.10.0-9-686-di |  5.10.70-1 | i386
usb-serial-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
usb-storage-modules-5.10.0-11-686-di |  5.10.92-2 | i386
usb-storage-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
usb-storage-modules-5.10.0-12-686-di | 5.10.103-1 | i386
usb-storage-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
usb-storage-modules-5.10.0-9-686-di |  5.10.70-1 | i386
usb-storage-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386
xfs-modules-5.10.0-11-686-di |  5.10.92-2 | i386
xfs-modules-5.10.0-11-686-pae-di |  5.10.92-2 | i386
xfs-modules-5.10.0-12-686-di | 5.10.103-1 | i386
xfs-modules-5.10.0-12-686-pae-di | 5.10.103-1 | i386
xfs-modules-5.10.0-9-686-di |  5.10.70-1 | i386
xfs-modules-5.10.0-9-686-pae-di |  5.10.70-1 | i386

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux-signed-i386)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 26 Mar 2022 09:39:45 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

linux-headers-5.10.0-11-common |  5.10.92-2 | all
linux-headers-5.10.0-11-common-rt |  5.10.92-2 | all
linux-headers-5.10.0-12-common | 5.10.103-1 | all
linux-headers-5.10.0-12-common-rt | 5.10.103-1 | all
linux-headers-5.10.0-9-common |  5.10.70-1 | all
linux-headers-5.10.0-9-common-rt |  5.10.70-1 | all
linux-support-5.10.0-11 |  5.10.92-2 | all
linux-support-5.10.0-12 | 5.10.103-1 | all
linux-support-5.10.0-9 |  5.10.70-1 | all

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux - based on source metadata)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 26 Mar 2022 09:42:29 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

libegl1-nvidia-tesla-450 | 450.142.00-1 | amd64, arm64, ppc64el

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by nvidia-graphics-drivers-tesla-450)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 26 Mar 2022 09:23:22 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

angular-maven-plugin |    0.3.4-3 | source
libangular-maven-plugin-java |    0.3.4-3 | all
Closed bugs: 1006450

------------------- Reason -------------------
RoM; no longer useful; tied to unsupported AngularJS version
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 26 Mar 2022 09:23:39 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

libminify-maven-plugin-java |  1.7.4-1.1 | all
minify-maven-plugin |  1.7.4-1.1 | source
Closed bugs: 1006452

------------------- Reason -------------------
RoM: old and not useful
----------------------------------------------
=========================================================================

aide (0.17.3-4+deb11u1) bullseye-security; urgency=high
 .
   * Apply upstream patch to fix heap-based buffer overflow in base64 functions
     (CVE-2021-45417)

apache-log4j1.2 (1.2.17-10+deb11u1) bullseye; urgency=medium
 .
   * Team upload.
   * Fix CVE-2021-4104, CVE-2022-23302, CVE-2022-23305 and CVE-2022-23307.
     Multiple security vulnerabilities have been discovered in
     Apache Log4j 1.2 when it is configured to use JMSSink, JDBCAppender and
     JMSAppender or Apache Chainsaw. Note that a possible attacker requires
     write access to the Log4j configuration and the aforementioned features are
     not enabled by default. In order to completely mitigate against these
     vulnerabilities the related classes have been removed from the resulting
     jar file.

apache-log4j2 (2.17.1-1~deb11u1) bullseye; urgency=medium
 .
   * Team upload.
   * Backport 2.17.1 to Bullseye and fix CVE-2021-44832: remote code execution
     vulnerability but requires permission to modify the logging configuration.
apache-log4j2 (2.17.1-1~deb10u1) buster; urgency=medium
 .
   * Team upload.
   * Backport 2.17.1 to Buster and fix CVE-2021-44832: remote code execution
     vulnerability but requires permission to modify the logging configuration.
apache-log4j2 (2.17.0-1) unstable; urgency=high
 .
   * Team upload.
   * New upstream version 2.17.0.
     - Fix CVE-2021-45105:
       Apache Log4j2 did not protect from uncontrolled recursion from
       self-referential lookups. When the logging configuration uses a
       non-default Pattern Layout with a Context Lookup (for example,
       $${ctx:loginId}), attackers with control over Thread Context Map (MDC)
       input data can craft malicious input data that contains a recursive
       lookup, resulting in a denial of service. (Closes: #1001891)
       Thanks to Salvatore Bonaccorso for the report.
apache-log4j2 (2.17.0-1~deb11u1) bullseye-security; urgency=high
 .
   * Team upload.
   * Backport 2.17.0-1 to Bullseye and fix CVE-2021-45105. (Closes: #1001891)
apache-log4j2 (2.17.0-1~deb10u1) buster-security; urgency=high
 .
   * Team upload.
   * Backport 2.17.0-1 to Buster and fix CVE-2021-45105. (Closes: #1001891)
apache-log4j2 (2.16.0-1) unstable; urgency=high
 .
   * Team upload.
   * New upstream version 2.16.0.
     - Fix CVE-2021-45046:
       It was found that the fix to address CVE-2021-44228 in Apache Log4j
       2.15.0 was incomplete in certain non-default configurations. This could
       allow attackers with control over Thread Context Map (MDC) input data
       when the logging configuration uses a non-default Pattern Layout with
       either a Context Lookup (for example, $${ctx:loginId}) or a Thread
       Context Map pattern (%X, %mdc, or %MDC) to craft malicious input data
       using a JNDI Lookup pattern resulting in a denial of service (DOS)
       attack.
       Thanks to Salvatore Bonaccorso for the report. (Closes: #1001729)

apache2 (2.4.53-1~deb11u1) bullseye; urgency=medium
 .
   * New upstream version 2.4.53 (Closes: CVE-2022-22719,
     CVE-2022-22720, CVE-2022-22721, CVE-2022-23943)
   * Update copyright
   * Drop fix-2.4.52-regression.patch, now included in upstream
   * Refresh fhs_compliance.patch
   * Update test framework (fixes autopkgtest)
apache2 (2.4.52-3) experimental; urgency=medium
 .
   * Fix autopkgtest with libpcre2 (autopkgtest still fails due to an SSL
     error)
   * Set hardening=+all instead of hardening=+bindnow
apache2 (2.4.52-2) experimental; urgency=medium
 .
   * Build with pcre2 (Closes: #1000114)
apache2 (2.4.52-1) unstable; urgency=medium
 .
   * Refresh suexec-custom.patch
   * Update lintian overrides
   * Wrap long lines in changelog entries: 2.4.51-2.
   * New upstream version 2.4.52 (Closes: CVE-2021-44224, CVE-2021-44790)
   * Refresh patches
apache2 (2.4.52-1~deb11u2) bullseye-security; urgency=medium
 .
   * Fix 2.4.52 regression
apache2 (2.4.52-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream version 2.4.52 (Closes: CVE-2021-44224, CVE-2021-44790)
   * Refresh patches
apache2 (2.4.52-1~bpo10+1) buster-backports; urgency=medium
 .
   * Rebuild for buster-backports.
apache2 (2.4.51-2) unstable; urgency=medium
 .
   * Add patch to have new macro_ignore_empty and macro_ignore_bad_nesting parameters
apache2 (2.4.51-1) unstable; urgency=medium
 .
   * New upstream version 2.4.51 (Closes: CVE-2021-41773, CVE-2021-42013)
   * Fix apache2ctl (see https://github.com/oerdnj/deb.sury.org/issues/1659)

atftp (0.7.git20120829-3.3+deb11u2) bullseye; urgency=medium
 .
   * Fix for CVE-2021-46671 (Closes: #1004974)

base-files (11.1+deb11u3) bullseye; urgency=medium
 .
   * Change /etc/debian_version to 11.3, for Debian 11.3 point release.

bible-kjv (4.34+deb11u1) bullseye; urgency=medium
 .
   * Fix off-by-one-error in search (Closes: #1005856)

bind9 (1:9.16.27-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream version 9.16.27
   * CVE-2022-0396: A synchronous call to closehandle_cb() caused
     isc__nm_process_sock_buffer() to be called recursively, which in turn
     left TCP connections hanging in the CLOSE_WAIT state blocking
     indefinitely when out-of-order processing was disabled.
   * CVE-2021-25220: The rules for acceptance of records into the cache
     have been tightened to prevent the possibility of poisoning if
     forwarders send records outside the configured bailiwick
   * Remove patch to fix sphinx-build failure (fixed upstream)
bind9 (1:9.16.27-1~deb11u1~bpo10+1) buster-backports; urgency=high
 .
   * Rebuild for bullseye-backports.
 .
 bind9 (1:9.16.27-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream version 9.16.27
   * CVE-2022-0396: A synchronous call to closehandle_cb() caused
     isc__nm_process_sock_buffer() to be called recursively, which in turn
     left TCP connections hanging in the CLOSE_WAIT state blocking
     indefinitely when out-of-order processing was disabled.
   * CVE-2021-25220: The rules for acceptance of records into the cache
     have been tightened to prevent the possibility of poisoning if
     forwarders send records outside the configured bailiwick
   * Remove patch to fix sphinx-build failure (fixed upstream)

cfrpki (1.4.2-1~deb11u1) bullseye-security; urgency=high
 .
   * Rebuild for bullseye-security. Fixes:
     - Certificate chain loop.
     - RRDP Gzip bomb (CVE-2021-43174 CVE-2021-3912).
     - RRDP Slowloris (CVE-2021-43173 CVE-2021-3909).
     - ROA with ASCII NUL char (CVE-2021-3910).
     - Malformed ROAs (CVE-2021-3911).
     - Repo contains 100GB of trash.
     - Dot-dot-slash path traversal (CVE-2021-3907).
     - Improper preservation of permissions (CVE-2021-3978).
cfrpki (1.4.0-1) unstable; urgency=high
 .
   * New upstream release.
cfrpki (1.3.0-1) unstable; urgency=medium
 .
   * New upstream release. Fixes:
     + Prevent ROA issuers from making cfrpki emit an invalid VRP
       "MaxLength" value, hence causing RTR sessions to terminate.
       (CVE-2021-3761, Closes: #994572)

chromium (99.0.4844.74-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream security release.
     - CVE-2022-0971: Use after free in Blink Layout.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2022-0972: Use after free in Extensions.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2022-0973: Use after free in Safe Browsing.
       Reported by avaue and Buff3tts at S.S.L.
     - CVE-2022-0974 : Use after free in Splitscreen.
       Reported by @ginggilBesel.
     - CVE-2022-0975: Use after free in ANGLE.
       Reported by SeongHwan Park (SeHwa).
     - CVE-2022-0976: Heap buffer overflow in GPU. Reported by Omair.
     - CVE-2022-0977: Use after free in Browser UI. Reported by Khalil Zhani.
     - CVE-2022-0978: Use after free in ANGLE. Reported by Cassidy Kim of
       Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd.
     - CVE-2022-0979: Use after free in Safe Browsing. Reported by anonymous.
     - CVE-2022-0980: Use after free in New Tab Page. Reported by Krace.
 .
 chromium (99.0.4844.51-2) unstable; urgency=medium
 .
   * Change dependency on xdg-desktop-portal-* packages to be
     libgtk-3-0|xdg-desktop-portal-backend. Some folks don't want all
     the dependencies of the xdg portal packages, and chromium really just
     requires gtk unless runnning under KDE (closes: #1006267).
   * Disable fieldtrial testing config to fix some sandboxing issues. We
     used to do this, but the config flag was renamed (closes: #1003622).
   * Adjust patches:
     + system/zlib.patch: drop part of it that is unnecessary.
chromium (99.0.4844.51-2) unstable; urgency=medium
 .
   * Change dependency on xdg-desktop-portal-* packages to be
     libgtk-3-0|xdg-desktop-portal-backend. Some folks don't want all
     the dependencies of the xdg portal packages, and chromium really just
     requires gtk unless runnning under KDE (closes: #1006267).
   * Disable fieldtrial testing config to fix some sandboxing issues. We
     used to do this, but the config flag was renamed (closes: #1003622).
   * Adjust patches:
     + system/zlib.patch: drop part of it that is unnecessary.
chromium (99.0.4844.51-1) unstable; urgency=high
 .
   * Embed harfbuzz instead of using the system harfbuzz. Debian doesn't
     yet package harfbuzz-subset (see #988781). Once it is packaged, we
     can go back to using it.
   * Build against Debian's rapidjson-dev package instead of ANGLE's
     bundled rapidjson.
   * Adjust patches:
     + system/harfbuzz.patch - drop, we're using bundled harfbuzz now.
     + upstream/quiche-include.patch - drop, merged upstream.
     + upstream/restrict.patch - drop, merged upstream.
     + upstream/sequence-point.patch - drop, merged upstream.
     + disable/installer.patch - use new BUILDFLAG() macro.
     + disable/unrar.patch - use new BUILDFLAG() macro.
     + disable/welcome-page.patch - use new BUILDFLAG() macro.
     + disable/widevine-cdm.cu.patch - use new BUILDFLAG() macro.
     + disable/tests.patch - drop unnecessary parts of the patch (which ends
       up being most of it).
     + disable/angle-perftests.patch - drop config disabling ANGLE's rapidjson.
     + disable/swiftshader.patch - drop removal of rapidjson dependency.
   * New upstream stable release.
     - CVE-2022-0789: Heap buffer overflow in ANGLE.
       Reported by SeongHwan Park (SeHwa).
     - CVE-2022-0790: Use after free in Cast UI. Reported by Anonymous.
     - CVE-2022-0791: Use after free in Omnibox.
       Reported by Zhihua Yao of KunLun Lab.
     - CVE-2022-0792: Out of bounds read in ANGLE.
       Reported by Jaehun Jeong(@n3sk) of Theori.
     - CVE-2022-0793: Use after free in Views. Reported by Thomas Orlita.
     - CVE-2022-0794: Use after free in WebShare. Reported by Khalil Zhani.
     - CVE-2022-0795: Type Confusion in Blink Layout. Reported by 0x74960.
     - CVE-2022-0796: Use after free in Media. Reported by Cassidy Kim
       of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd.
     - CVE-2022-0797: Out of bounds memory access in Mojo.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2022-0798: Use after free in MediaStream.
       Reported by Samet Bekmezci @sametbekmezci.
     - CVE-2022-0799: Insufficient policy enforcement in Installer.
       Reported by Abdelhamid Naceri (halov).
     - CVE-2022-0800: Heap buffer overflow in Cast UI.
       Reported by Khalil Zhani.
     - CVE-2022-0801: Inappropriate implementation in HTML parser.
       Reported by Michał Bentkowski of Securitum.
     - CVE-2022-0802: Inappropriate implementation in Full screen mode.
       Reported by Irvan Kurniawan (sourc7).
     - CVE-2022-0803: Inappropriate implementation in Permissions.
       Reported by Abdulla Aldoseri.
     - CVE-2022-0804: Inappropriate implementation in Full screen mode.
       Reported by Irvan Kurniawan (sourc7).
     - CVE-2022-0805: Use after free in Browser Switcher.
       Reported by raven at KunLun Lab.
     - CVE-2022-0806: Data leak in Canvas. Reported by Paril.
     - CVE-2022-0807: Inappropriate implementation in Autofill.
       Reported by Alesandro Ortiz.
     - CVE-2022-0808: Use after free in Chrome OS Shell.
       Reported by @ginggilBesel.
     - CVE-2022-0809: Out of bounds memory access in WebXR.
       Reported by @uwu7586.
chromium (99.0.4844.51-1~deb11u1) bullseye-security; urgency=high
 .
   * Embed harfbuzz instead of using the system harfbuzz. Debian doesn't
     yet package harfbuzz-subset (see #988781). Once it is packaged, we
     can go back to using it.
   * Build against Debian's rapidjson-dev package instead of ANGLE's
     bundled rapidjson.
   * Adjust patches:
     + system/harfbuzz.patch - drop, we're using bundled harfbuzz now.
     + upstream/quiche-include.patch - drop, merged upstream.
     + upstream/restrict.patch - drop, merged upstream.
     + upstream/sequence-point.patch - drop, merged upstream.
     + disable/installer.patch - use new BUILDFLAG() macro.
     + disable/unrar.patch - use new BUILDFLAG() macro.
     + disable/welcome-page.patch - use new BUILDFLAG() macro.
     + disable/widevine-cdm.cu.patch - use new BUILDFLAG() macro.
     + disable/tests.patch - drop unnecessary parts of the patch (which ends
       up being most of it).
     + disable/angle-perftests.patch - drop config disabling ANGLE's rapidjson.
     + disable/swiftshader.patch - drop removal of rapidjson dependency.
   * New upstream stable release.
     - CVE-2022-0789: Heap buffer overflow in ANGLE.
       Reported by SeongHwan Park (SeHwa).
     - CVE-2022-0790: Use after free in Cast UI. Reported by Anonymous.
     - CVE-2022-0791: Use after free in Omnibox.
       Reported by Zhihua Yao of KunLun Lab.
     - CVE-2022-0792: Out of bounds read in ANGLE.
       Reported by Jaehun Jeong(@n3sk) of Theori.
     - CVE-2022-0793: Use after free in Views. Reported by Thomas Orlita.
     - CVE-2022-0794: Use after free in WebShare. Reported by Khalil Zhani.
     - CVE-2022-0795: Type Confusion in Blink Layout. Reported by 0x74960.
     - CVE-2022-0796: Use after free in Media. Reported by Cassidy Kim
       of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd.
     - CVE-2022-0797: Out of bounds memory access in Mojo.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2022-0798: Use after free in MediaStream.
       Reported by Samet Bekmezci @sametbekmezci.
     - CVE-2022-0799: Insufficient policy enforcement in Installer.
       Reported by Abdelhamid Naceri (halov).
     - CVE-2022-0800: Heap buffer overflow in Cast UI.
       Reported by Khalil Zhani.
     - CVE-2022-0801: Inappropriate implementation in HTML parser.
       Reported by Michał Bentkowski of Securitum.
     - CVE-2022-0802: Inappropriate implementation in Full screen mode.
       Reported by Irvan Kurniawan (sourc7).
     - CVE-2022-0803: Inappropriate implementation in Permissions.
       Reported by Abdulla Aldoseri.
     - CVE-2022-0804: Inappropriate implementation in Full screen mode.
       Reported by Irvan Kurniawan (sourc7).
     - CVE-2022-0805: Use after free in Browser Switcher.
       Reported by raven at KunLun Lab.
     - CVE-2022-0806: Data leak in Canvas. Reported by Paril.
     - CVE-2022-0807: Inappropriate implementation in Autofill.
       Reported by Alesandro Ortiz.
     - CVE-2022-0808: Use after free in Chrome OS Shell.
       Reported by @ginggilBesel.
     - CVE-2022-0809: Out of bounds memory access in WebXR.
       Reported by @uwu7586.
chromium (99.0.4818.0-0.1) experimental; urgency=low
 .
   * Non-maintainer upload.
   * New upstream development release.
   * Build-dep on rapidjson-dev and actually use rapidjson instead of disabling
     it in ANGLE.
chromium (98.0.4758.102-1) unstable; urgency=high
 .
   * Enable pipewire support in webrtc (closes: #954824).
   * Enable optimize_webui. This UI speed improvement was originally
     disabled due to nodejs deps, but recent upstream changes makes those
     deps necessary either way (closes: #970571).
   * Switch to using bundled node modules, to deal with (frequent) build
     failures (closes: #1005466).
   * Manually depend on xdg-desktop-portal-* packages. The file saving
     dialog needs a UI toolkit (closes: #1005230).
   * New upstream security release.
     - CVE-2022-0603: Use after free in File Manager.
       Reported by Chaoyuan Peng (@ret2happy).
     - CVE-2022-0604: Heap buffer overflow in Tab Groups. Reported by Krace.
     - CVE-2022-0605: Use after free in Webstore API.
       Reported by Thomas Orlita.
     - CVE-2022-0606: Use after free in ANGLE.
     - CVE-2022-0606: Use after free in ANGLE. Reported by Cassidy Kim of
       Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd.
     - CVE-2022-0607: Use after free in GPU. Reported by 0x74960.
     - CVE-2022-0608: Integer overflow in Mojo.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2022-0609: Use after free in Animation. Reported by
       Adam Weidemann and Clément Lecigne of Google's Threat Analysis Group.
     - CVE-2022-0610: Inappropriate implementation in Gamepad API.
       Reported by Anonymous.
chromium (98.0.4758.102-1~deb11u1) bullseye-security; urgency=high
 .
   * Enable pipewire support in webrtc (closes: #954824).
   * Enable optimize_webui. This UI speed improvement was originally
     disabled due to nodejs deps, but recent upstream changes makes those
     deps necessary either way (closes: #970571).
   * Switch to using bundled node modules, to deal with (frequent) build
     failures (closes: #1005466).
   * Manually depend on xdg-desktop-portal-* packages. The file saving
     dialog needs a UI toolkit (closes: #1005230).
   * New upstream security release.
     - CVE-2022-0603: Use after free in File Manager.
       Reported by Chaoyuan Peng (@ret2happy).
     - CVE-2022-0604: Heap buffer overflow in Tab Groups. Reported by Krace.
     - CVE-2022-0605: Use after free in Webstore API.
       Reported by Thomas Orlita.
     - CVE-2022-0606: Use after free in ANGLE.
     - CVE-2022-0606: Use after free in ANGLE. Reported by Cassidy Kim of
       Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd.
     - CVE-2022-0607: Use after free in GPU. Reported by 0x74960.
     - CVE-2022-0608: Integer overflow in Mojo.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2022-0609: Use after free in Animation. Reported by
       Adam Weidemann and Clément Lecigne of Google's Threat Analysis Group.
     - CVE-2022-0610: Inappropriate implementation in Gamepad API.
       Reported by Anonymous.
chromium (98.0.4758.80-1) unstable; urgency=high
 .
   * Update manpage for package rename and everyone moving to https.
   * Drop libnpsr4-dev versioned dep.
   * Drop a bunch of patches (changes shouldn't affect chromium users).
     See https://salsa.debian.org/chromium-team/chromium/-/commits/master/
     for the dropped patches.
   * New upstream stable release.
     - CVE-2022-0452: Use after free in Safe Browsing.
       Reported by avaue at S.S.L.
     - CVE-2022-0453: Use after free in Reader Mode.
       Reported by Rong Jian of VRI.
     - CVE-2022-0454: Heap buffer overflow in ANGLE.
       Reported by Seong-Hwan Park (SeHwa).
     - CVE-2022-0455: Inappropriate implementation in Full Screen Mode.
       Reported by Irvan Kurniawan (sourc7).
     - CVE-2022-0456: Use after free in Web Search.
       Reported by Zhihua Yao of KunLun Lab.
     - CVE-2022-0457: Type Confusion in V8. Reported by rax of the Group0x58.
     - CVE-2022-0458: Use after free in Thumbnail Tab Strip.
       Reported by Anonymous.
     - CVE-2022-0459: Use after free in Screen Capture.
       Reported by raven (@raid_akame).
     - CVE-2022-0460: Use after free in Window Dialog. Reported by 0x74960.
     - CVE-2022-0461: Policy bypass in COOP. Reported by NDevTK.
     - CVE-2022-0462: Inappropriate implementation in Scroll.
       Reported by Youssef Sammouda.
     - CVE-2022-0463: Use after free in Accessibility.
       Reported by Zhihua Yao of KunLun Lab.
     - CVE-2022-0464: Use after free in Accessibility.
       Reported by Zhihua Yao of KunLun Lab.
     - CVE-2022-0465: Use after free in Extensions.
       Reported by Samet Bekmezci @sametbekmezci.
     - CVE-2022-0466: Inappropriate implementation in Extensions Platform.
       Reported by David Erceg.
     - CVE-2022-0467: Inappropriate implementation in Pointer Lock.
       Reported by Alesandro Ortiz.
     - CVE-2022-0468: Use after free in Payments. Reported by Krace.
     - CVE-2022-0469: Use after free in Cast. Reported by Thomas Orlita.
     - CVE-2022-0470: Out of bounds memory access in V8. Reported by Looben Yang.
chromium (98.0.4758.80-1~deb11u1) bullseye-security; urgency=high
 .
   * Update manpage for package rename and everyone moving to https.
   * Drop libnpsr4-dev versioned dep.
   * Drop a bunch of patches (changes shouldn't affect chromium users).
     See https://salsa.debian.org/chromium-team/chromium/-/commits/master/
     for the dropped patches.
   * New upstream stable release.
     - CVE-2022-0452: Use after free in Safe Browsing.
       Reported by avaue at S.S.L.
     - CVE-2022-0453: Use after free in Reader Mode.
       Reported by Rong Jian of VRI.
     - CVE-2022-0454: Heap buffer overflow in ANGLE.
       Reported by Seong-Hwan Park (SeHwa).
     - CVE-2022-0455: Inappropriate implementation in Full Screen Mode.
       Reported by Irvan Kurniawan (sourc7).
     - CVE-2022-0456: Use after free in Web Search.
       Reported by Zhihua Yao of KunLun Lab.
     - CVE-2022-0457: Type Confusion in V8. Reported by rax of the Group0x58.
     - CVE-2022-0458: Use after free in Thumbnail Tab Strip.
       Reported by Anonymous.
     - CVE-2022-0459: Use after free in Screen Capture.
       Reported by raven (@raid_akame).
     - CVE-2022-0460: Use after free in Window Dialog. Reported by 0x74960.
     - CVE-2022-0461: Policy bypass in COOP. Reported by NDevTK.
     - CVE-2022-0462: Inappropriate implementation in Scroll.
       Reported by Youssef Sammouda.
     - CVE-2022-0463: Use after free in Accessibility.
       Reported by Zhihua Yao of KunLun Lab.
     - CVE-2022-0464: Use after free in Accessibility.
       Reported by Zhihua Yao of KunLun Lab.
     - CVE-2022-0465: Use after free in Extensions.
       Reported by Samet Bekmezci @sametbekmezci.
     - CVE-2022-0466: Inappropriate implementation in Extensions Platform.
       Reported by David Erceg.
     - CVE-2022-0467: Inappropriate implementation in Pointer Lock.
       Reported by Alesandro Ortiz.
     - CVE-2022-0468: Use after free in Payments. Reported by Krace.
     - CVE-2022-0469: Use after free in Cast. Reported by Thomas Orlita.
     - CVE-2022-0470: Out of bounds memory access in V8. Reported by Looben Yang.
chromium (97.0.4692.99-1) unstable; urgency=high
 .
   * Add myself as an uploader.
   * Ack my NMU (closes: #1003440).
   * Remove Riku Voipio from uploaders at the request of the Debian MIA team -
     thanks for all your past work on chromium, Riku! (closes: #1001562)
   * Build-dep on terser | uglifyjs.terser (closes: #1001036).
   * Revert automatic wayland detection for now (closes: #1003689).
     We'll try again in chromium v98 or v99.
   * New upstream stable release.
     - CVE-2022-0289: Use after free in Safe browsing.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2022-0290: Use after free in Site isolation. Reported by
       Brendon Tiszka and Sergei Glazunov of Google Project Zero.
     - CVE-2022-0291: Inappropriate implementation in Storage.
       Reported by Anonymous.
     - CVE-2022-0292: Inappropriate implementation in Fenced Frames.
       Reported by Brendon Tiszka.
     - CVE-2022-0293: Use after free in Web packaging. Reported by
       Rong Jian and Guang Gong of 360 Alpha Lab.
     - CVE-2022-0294: Inappropriate implementation in Push messaging.
       Reported by Rong Jian and Guang Gong of 360 Alpha Lab.
     - CVE-2022-0295: Use after free in Omnibox. Reported by Weipeng Jiang
       (@Krace) and Guang Gong of 360 Vulnerability Research Institute.
     - CVE-2022-0296: Use after free in Printing. Reported by koocola(@alo_cook)
       and Guang Gong of 360 Vulnerability Research Institute.
     - CVE-2022-0297: Use after free in Vulkan. Reported by Cassidy Kim of
       Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd.
     - CVE-2022-0298: Use after free in Scheduling.
       Reported by Yangkang (@dnpushme) of 360 ATA.
     - CVE-2022-0300: Use after free in Text Input Method Editor. Reported by
       Rong Jian and Guang Gong of 360 Alpha Lab.
     - CVE-2022-0301: Heap buffer overflow in DevTools. Reported by
       Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research.
     - CVE-2022-0302: Use after free in Omnibox. Reported by Weipeng Jiang
       (@Krace) and Guang Gong of 360 Vulnerability Research Institute.
     - CVE-2022-0303: Race in GPU Watchdog.
       Reported by Yiğit Can YILMAZ (@yilmazcanyigit).
     - CVE-2022-0304: Use after free in Bookmarks. Reported by Rong Jian and
       Guang Gong of 360 Alpha Lab.
     - CVE-2022-0305: Inappropriate implementation in Service Worker API.
       Reported by @uwu7586.
     - CVE-2022-0306: Heap buffer overflow in PDFium.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2022-0307: Use after free in Optimization Guide.
       Reported by Samet Bekmezci @sametbekmezci.
     - CVE-2022-0308: Use after free in Data Transfer.
       Reported by @ginggilBesel.
     - CVE-2022-0309: Inappropriate implementation in Autofill.
       Reported by Alesandro Ortiz.
     - CVE-2022-0310: Heap buffer overflow in Task Manager.
       Reported by Samet Bekmezci @sametbekmezci.
     - CVE-2022-0311: Heap buffer overflow in Task Manager.
       Reported by Samet Bekmezci @sametbekmezci.
chromium (97.0.4692.99-1~deb11u2) bullseye-security; urgency=high
 .
   * Revert the terser build-dep for bullseye.
chromium (97.0.4692.99-1~deb11u1) bullseye-security; urgency=high
 .
   * Add myself as an uploader.
   * Build-dep on terser | uglifyjs.terser (closes: #1001036).
   * Revert automatic wayland detection for now (closes: #1003689).
     We'll try again in chromium v98 or v99.
   * New upstream stable release.
     - CVE-2022-0289: Use after free in Safe browsing.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2022-0290: Use after free in Site isolation. Reported by
       Brendon Tiszka and Sergei Glazunov of Google Project Zero.
     - CVE-2022-0291: Inappropriate implementation in Storage.
       Reported by Anonymous.
     - CVE-2022-0292: Inappropriate implementation in Fenced Frames.
       Reported by Brendon Tiszka.
     - CVE-2022-0293: Use after free in Web packaging. Reported by
       Rong Jian and Guang Gong of 360 Alpha Lab.
     - CVE-2022-0294: Inappropriate implementation in Push messaging.
       Reported by Rong Jian and Guang Gong of 360 Alpha Lab.
     - CVE-2022-0295: Use after free in Omnibox. Reported by Weipeng Jiang
       (@Krace) and Guang Gong of 360 Vulnerability Research Institute.
     - CVE-2022-0296: Use after free in Printing. Reported by koocola(@alo_cook)
       and Guang Gong of 360 Vulnerability Research Institute.
     - CVE-2022-0297: Use after free in Vulkan. Reported by Cassidy Kim of
       Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd.
     - CVE-2022-0298: Use after free in Scheduling.
       Reported by Yangkang (@dnpushme) of 360 ATA.
     - CVE-2022-0300: Use after free in Text Input Method Editor. Reported by
       Rong Jian and Guang Gong of 360 Alpha Lab.
     - CVE-2022-0301: Heap buffer overflow in DevTools. Reported by
       Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research.
     - CVE-2022-0302: Use after free in Omnibox. Reported by Weipeng Jiang
       (@Krace) and Guang Gong of 360 Vulnerability Research Institute.
     - CVE-2022-0303: Race in GPU Watchdog.
       Reported by Yiğit Can YILMAZ (@yilmazcanyigit).
     - CVE-2022-0304: Use after free in Bookmarks. Reported by Rong Jian and
       Guang Gong of 360 Alpha Lab.
     - CVE-2022-0305: Inappropriate implementation in Service Worker API.
       Reported by @uwu7586.
     - CVE-2022-0306: Heap buffer overflow in PDFium.
       Reported by Sergei Glazunov of Google Project Zero.
     - CVE-2022-0307: Use after free in Optimization Guide.
       Reported by Samet Bekmezci @sametbekmezci.
     - CVE-2022-0308: Use after free in Data Transfer.
       Reported by @ginggilBesel.
     - CVE-2022-0309: Inappropriate implementation in Autofill.
       Reported by Alesandro Ortiz.
     - CVE-2022-0310: Heap buffer overflow in Task Manager.
       Reported by Samet Bekmezci @sametbekmezci.
     - CVE-2022-0311: Heap buffer overflow in Task Manager.
       Reported by Samet Bekmezci @sametbekmezci.
chromium (97.0.4692.71-0.1) unstable; urgency=high
 .
   * Non-maintainer upload.
   * Stop building chromium's bunded gn and instead build-dep on generate-ninja.
   * Drop numerous patches related to gcc building, since we just build w/ clang.
   * Use python3 as default instead of relying on python2
     (closes: #942962, #996375).
   * Enable the ozone backend in the build (closes: #955540).
   * Automatically detect & enable Wayland support when launching chromium
     (closes: #861796).
   * Rename crashpad_handler to chrome_crashpad_handler.
   * No longer hardcode desktop GL implementation as default - it causes
     the chromium compositor's draw buffer to fill up & crash on my system.
   * Enable official builds.
   * New upstream stable release (closes: #995212).
     - CVE-2022-0096: Use after free in Storage. Reported by Yangkang
       (@dnpushme) of 360 ATA
     - CVE-2022-0097: Inappropriate implementation in DevTools. Reported by
       David Erceg
     - CVE-2022-0098: Use after free in Screen Capture. Reported by
       @ginggilBesel
     - CVE-2022-0099: Use after free in Sign-in. Reported by Rox
     - CVE-2022-0100: Heap buffer overflow in Media streams API. Reported by
       Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications
       Corp. Ltd.
     - CVE-2022-0101: Heap buffer overflow in Bookmarks. Reported by raven
       (@raid_akame)
     - CVE-2022-0102: Type Confusion in V8. Reported by Brendon Tiszka
     - CVE-2022-0103: Use after free in SwiftShader. Reported by Abraruddin
       Khan and Omair
     - CVE-2022-0104: Heap buffer overflow in ANGLE. Reported by Abraruddin
       Khan and Omair
     - CVE-2022-0105: Use after free in PDF. Reported by Cassidy Kim of Amber
       Security Lab, OPPO Mobile Telecommunications Corp. Ltd.
     - CVE-2022-0106: Use after free in Autofill. Reported by Khalil Zhani
     - CVE-2022-0107: Use after free in File Manager API. Reported by raven
       (@raid_akame)
     - CVE-2022-0108: Inappropriate implementation in Navigation. Reported by
       Luan Herrera (@lbherrera_)
     - CVE-2022-0109: Inappropriate implementation in Autofill. Reported by
       Young Min Kim (@ylemkimon), CompSec Lab at Seoul National University
     - CVE-2022-0110: Incorrect security UI in Autofill. Reported by
       Alesandro Ortiz
     - CVE-2022-0111: Inappropriate implementation in Navigation. Reported by
       garygreen
     - CVE-2022-0112: Incorrect security UI in Browser UI. Reported by Thomas
       Orlita
     - CVE-2022-0113: Inappropriate implementation in Blink. Reported by Luan
       Herrera (@lbherrera_)
     - CVE-2022-0114: Out of bounds memory access in Web Serial. Reported by
       Looben Yang
     - CVE-2022-0115: Uninitialized Use in File API. Reported by Mark Brand
       of Google Project Zero
     - CVE-2022-0116: Inappropriate implementation in Compositing. Reported
       by Irvan Kurniawan (sourc7)
     - CVE-2022-0117: Policy bypass in Service Workers. Reported by
       Dongsung Kim (@kid1ng)
     - CVE-2022-0118: Inappropriate implementation in WebShare. Reported by
       Alesandro Ortiz
     - CVE-2022-0120: Inappropriate implementation in Passwords. Reported by
       CHAKRAVARTHI (Ruler96)
     (96.0.4664.110)
     - CVE-2021-4098: Insufficient data validation in Mojo. Reported by
       Sergei Glazunov of Google Project Zero
     - CVE-2021-4099: Use after free in Swiftshader. Reported by Aki Helin
       of Solita
     - CVE-2021-4100: Object lifecycle issue in ANGLE. Reported by Aki Helin
       of Solita
     - CVE-2021-4101: Heap buffer overflow in Swiftshader. Reported by
       Abraruddin Khan and Omair
     - CVE-2021-4102: Use after free in V8. Reported by Anonymous
     (96.0.4664.93)
     - CVE-2021-4052: Use after free in web apps. Reported by Wei Yuan of
       MoyunSec VLab
     - CVE-2021-4053: Use after free in UI. Reported by Rox
     - CVE-2021-4079: Out of bounds write in WebRTC. Reported by Brendon
       Tiszka
     - CVE-2021-4054: Incorrect security UI in autofill. Reported by
       Alesandro Ortiz
     - CVE-2021-4078: Type confusion in V8. Reported by Nan
       Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab
     - CVE-2021-4055: Heap buffer overflow in extensions. Reported by Chen
       Rong
     - CVE-2021-4056: Type Confusion in loader. Reported by @__R0ng of 360
       Alpha Lab
     - CVE-2021-4057: Use after free in file API. Reported by Sergei
       Glazunov of Google Project Zero
     - CVE-2021-4058: Heap buffer overflow in ANGLE. Reported by Abraruddin
       Khan and Omair
     - CVE-2021-4059: Insufficient data validation in loader. Reported by
       Luan Herrera (@lbherrera_)
     - CVE-2021-4061: Type Confusion in V8. Reported by Paolo Severini
     - CVE-2021-4062: Heap buffer overflow in BFCache. Reported by Leecraso
       and Guang Gong of 360 Alpha Lab
     - CVE-2021-4063: Use after free in developer tools. Reported by
       Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research
     - CVE-2021-4064: Use after free in screen capture. Reported by
       @ginggilBesel
     - CVE-2021-4065: Use after free in autofill. Reported by 5n1p3r0010
       from Topsec ChiXiao Lab
     - CVE-2021-4066: Integer underflow in ANGLE. Reported by Jaehun
       Jeong(@n3sk) of Theori
     - CVE-2021-4067: Use after free in window manager. Reported by
       @ginggilBesel
     - CVE-2021-4068: Insufficient validation of untrusted input in new tab
       page. Reported by NDevTK
     (96.0.4664.45)
     - CVE-2021-38008: Use after free in media. Reported by Marcin Towalski
     - CVE-2021-38009: Inappropriate implementation in cache.
       Reported by Luan Herrera (@lbherrera_)
     - CVE-2021-38006: Use after free in storage foundation.
       Reported by Sergei Glazunov of Google Project Zero
     - CVE-2021-38007: Type Confusion in V8. Reported by Polaris Feng and
       SGFvamll at Singular Security Lab
     - CVE-2021-38005: Use after free in loader.
       Reported by Sergei Glazunov of Google Project Zero
     - CVE-2021-38010: Inappropriate implementation in service workers.
       Reported by Sergei Glazunov of Google Project Zero
     - CVE-2021-38011: Use after free in storage foundation.
       Reported by Sergei Glazunov of Google Project Zero
     - CVE-2021-38012: Type Confusion in V8. Reported by Yonghwi Jin (@jinmo123)
     - CVE-2021-38013: Heap buffer overflow in fingerprint recognition.
       Reported by raven (@raid_akame)
     - CVE-2021-38014: Out of bounds write in Swiftshader.
       Reported by Atte Kettunen of OUSPG
     - CVE-2021-38015: Inappropriate implementation in input.
       Reported by David Erceg
     - CVE-2021-38016: Insufficient policy enforcement in background fetch.
       Reported by Maurice Dauer
     - CVE-2021-38017: Insufficient policy enforcement in iframe sandbox.
       Reported by NDevTK
     - CVE-2021-38018: Inappropriate implementation in navigation.
       Reported by Alesandro Ortiz
     - CVE-2021-38019: Insufficient policy enforcement in CORS.
       Reported by Maurice Dauer
     - CVE-2021-38020: Insufficient policy enforcement in contacts picker.
       Reported by Luan Herrera (@lbherrera_)
     - CVE-2021-38021: Inappropriate implementation in referrer.
       Reported by Prakash (@1lastBr3ath)
     - CVE-2021-38022: Inappropriate implementation in WebAuthentication.
       Reported by Michal Kepkowski
     (95.0.4638.69)
     - CVE-2021-37997: Use after free in Sign-In. Reported by Wei Yuan of
       MoyunSec VLab
     - CVE-2021-37998: Use after free in Garbage Collection. Reported by
       Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications
       Corp. Ltd.
     - CVE-2021-37999: Insufficient data validation in New Tab Page.
       Reported by Ashish Arun Dhone
     - CVE-2021-38000: Insufficient validation of untrusted input in Intents.
       Reported by Clement Lecigne, Neel Mehta, and Maddie Stone of Google
       Threat Analysis Group
     - CVE-2021-38001: Type Confusion in V8. Reported by @s0rrymybad of
       Kunlun Lab via Tianfu Cup
     - CVE-2021-38002: Use after free in Web Transport. Reported by @__R0ng
       of 360 Alpha Lab, 漏洞研究院青训队 via Tianfu Cup
     - CVE-2021-38003: Inappropriate implementation in V8. Reported by Clément
       Lecigne from Google TAG and Samuel Groß from Google Project Zero
     - CVE-2021-38004: Insufficient policy enforcement in Autofill. Reported
       by Mark Amery
     (95.0.4638.54)
     - CVE-2021-37981: Heap buffer overflow in Skia. Reported by Yangkang
       (@dnpushme) of 360 ATA
     - CVE-2021-37982: Use after free in Incognito. Reported by Weipeng Jiang
       (@Krace) from Codesafe Team of Legendsec at Qi'anxin Group
     - CVE-2021-37983: Use after free in Dev Tools. Reported by Zhihua Yao
       of KunLun Lab
     - CVE-2021-37984: Heap buffer overflow in PDFium. Reported by Antti
       Levomäki, Joonas Pihlaja and Christian Jalio from Forcepoint
     - CVE-2021-37985: Use after free in V8. Reported by Yangkang (@dnpushme)
       of 360 ATA
     - CVE-2021-37986: Heap buffer overflow in Settings.
       Reported by raven (@raid_akame)
     - CVE-2021-37987: Use after free in Network APIs. Reported by
       Yangkang (@dnpushme) of 360 ATA
     - CVE-2021-37988: Use after free in Profiles. Reported by raven
      (@raid_akame)
     - CVE-2021-37989: Inappropriate implementation in Blink.
       Reported by Matt Dyas, Ankur Sundara
     - CVE-2021-37990: Inappropriate implementation in WebView. Reported by
       Kareem Selim of CyShield
     - CVE-2021-37991: Race in V8. Reported by Samuel Groß of Google Project
       Zero
     - CVE-2021-37992: Out of bounds read in WebAudio. Reported by
       sunburst@Ant Security Light-Year Lab
     - CVE-2021-37993: Use after free in PDF Accessibility. Reported by Cassidy
       Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd.
     - CVE-2021-37996: Insufficient validation of untrusted input in Downloads.
       Reported by Anonymous
     - CVE-2021-37994: Inappropriate implementation in iFrame Sandbox.
       Reported by David Erceg
     - CVE-2021-37995: Inappropriate implementation in WebApp Installer.
       Reported by Terence Eden
     (94.0.4606.81)
     - CVE-2021-37977: Use after free in Garbage Collection. Reported by
       Anonymous
     - CVE-2021-37978: Heap buffer overflow in Blink. Reported by Yangkang
       (@dnpushme) of 360 ATA
     - CVE-2021-37979: Heap buffer overflow in WebRTC. Reported by Marcin
       Towalski of Cisco Talos
     - CVE-2021-37980: Inappropriate implementation in Sandbox. Reported by
       Yonghwi Jin (@jinmo123) of Theori
     (94.0.4606.71)
     - CVE-2021-37974: Use after free in Safe Browsing. Reported by Weipeng
       Jiang (@Krace) from Codesafe Team of Legendsec at Qi'anxin Group
     - CVE-2021-37975: Use after free in V8. Reported by Anonymous
     - CVE-2021-37976: Information leak in core. Reported by Clément Lecigne
       from Google TAG, with technical assistance from Sergei Glazunov and
       Mark Brand from Google Project Zero
     (94.0.4606.61)
     - CVE-2021-37973: Use after free in Portals. Reported by Clément Lecigne
       from Google TAG, with technical assistance from Sergei Glazunov and
       Mark Brand from Google Project Zero
     (94.0.4606.54)
     - CVE-2021-37956 Use after free in Offline use. Reported by Huyna at
       Viettel Cyber Security
     - CVE-2021-37957: Use after free in WebGPU. Reported by Looben Yang
     - CVE-2021-37958: Inappropriate implementation in Navigation. Reported by
       James Lee (@Windowsrcer)
     - CVE-2021-37959: Use after free in Task Manager. Reported by raven
       (@raid_akame)
     - CVE-2021-37961: Use after free in Tab Strip. Reported by Khalil Zhani
     - CVE-2021-37962: Use after free in Performance Manager. Reported by Sri
     - CVE-2021-37963: Side-channel information leakage in DevTools. Reported
       by Daniel Genkin and Ayush Agarwal, University of Michigan, Eyal Ronen
       and Shaked Yehezkel, Tel Aviv University, Sioli O’Connell, University of
       Adelaide, and Jason Kim, Georgia Institute of Technology
     - CVE-2021-37964: Inappropriate implementation in ChromeOS Networking.
       Reported by Hugo Hue and Sze Yiu Chau of the Chinese University of Hong
       Kong
     - CVE-2021-37965: Inappropriate implementation in Background Fetch API.
       Reported by Maurice Dauer
     - CVE-2021-37966: Inappropriate implementation in Compositing. Reported by
       Mohit Raj (shadow2639)
     - CVE-2021-37967: Inappropriate implementation in Background Fetch API.
       Reported by SorryMybad (@S0rryMybad) of Kunlun Lab
     - CVE-2021-37968: Inappropriate implementation in Background Fetch API.
       Reported by Maurice Dauer
     - CVE-2021-37969: Inappropriate implementation in Google Updater. Reported
       by Abdelhamid Naceri (halov)
     - CVE-2021-37970: Use after free in File System API. Reported by
       SorryMybad (@S0rryMybad) of Kunlun Lab
     - CVE-2021-37971: Incorrect security UI in Web Browser UI. Reported by
       Rayyan Bijoora
     - CVE-2021-37972: Out of bounds read in libjpeg-turbo. Reported by Xu
       Hanyu and Lu Yutao from Panguite-Forensics-Lab of Qianxin
chromium (97.0.4692.71-0.1~deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload.
   * Stop building chromium's bunded gn and instead build-dep on generate-ninja.
   * Drop numerous patches related to gcc building, since we just build w/ clang.
   * Use python3 as default instead of relying on python2
     (closes: #942962, #996375).
   * Enable the ozone backend in the build (closes: #955540).
   * Automatically detect & enable Wayland support when launching chromium
     (closes: #861796).
   * Rename crashpad_handler to chrome_crashpad_handler.
   * No longer hardcode desktop GL implementation as default - it causes
     the chromium compositor's draw buffer to fill up & crash on my system.
   * Enable official builds.
   * New upstream stable release (closes: #995212).
     - CVE-2022-0096: Use after free in Storage. Reported by Yangkang
       (@dnpushme) of 360 ATA
     - CVE-2022-0097: Inappropriate implementation in DevTools. Reported by
       David Erceg
     - CVE-2022-0098: Use after free in Screen Capture. Reported by
       @ginggilBesel
     - CVE-2022-0099: Use after free in Sign-in. Reported by Rox
     - CVE-2022-0100: Heap buffer overflow in Media streams API. Reported by
       Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications
       Corp. Ltd.
     - CVE-2022-0101: Heap buffer overflow in Bookmarks. Reported by raven
       (@raid_akame)
     - CVE-2022-0102: Type Confusion in V8. Reported by Brendon Tiszka
     - CVE-2022-0103: Use after free in SwiftShader. Reported by Abraruddin
       Khan and Omair
     - CVE-2022-0104: Heap buffer overflow in ANGLE. Reported by Abraruddin
       Khan and Omair
     - CVE-2022-0105: Use after free in PDF. Reported by Cassidy Kim of Amber
       Security Lab, OPPO Mobile Telecommunications Corp. Ltd.
     - CVE-2022-0106: Use after free in Autofill. Reported by Khalil Zhani
     - CVE-2022-0107: Use after free in File Manager API. Reported by raven
       (@raid_akame)
     - CVE-2022-0108: Inappropriate implementation in Navigation. Reported by
       Luan Herrera (@lbherrera_)
     - CVE-2022-0109: Inappropriate implementation in Autofill. Reported by
       Young Min Kim (@ylemkimon), CompSec Lab at Seoul National University
     - CVE-2022-0110: Incorrect security UI in Autofill. Reported by
       Alesandro Ortiz
     - CVE-2022-0111: Inappropriate implementation in Navigation. Reported by
       garygreen
     - CVE-2022-0112: Incorrect security UI in Browser UI. Reported by Thomas
       Orlita
     - CVE-2022-0113: Inappropriate implementation in Blink. Reported by Luan
       Herrera (@lbherrera_)
     - CVE-2022-0114: Out of bounds memory access in Web Serial. Reported by
       Looben Yang
     - CVE-2022-0115: Uninitialized Use in File API. Reported by Mark Brand
       of Google Project Zero
     - CVE-2022-0116: Inappropriate implementation in Compositing. Reported
       by Irvan Kurniawan (sourc7)
     - CVE-2022-0117: Policy bypass in Service Workers. Reported by
       Dongsung Kim (@kid1ng)
     - CVE-2022-0118: Inappropriate implementation in WebShare. Reported by
       Alesandro Ortiz
     - CVE-2022-0120: Inappropriate implementation in Passwords. Reported by
       CHAKRAVARTHI (Ruler96)
     (96.0.4664.110)
     - CVE-2021-4098: Insufficient data validation in Mojo. Reported by
       Sergei Glazunov of Google Project Zero
     - CVE-2021-4099: Use after free in Swiftshader. Reported by Aki Helin
       of Solita
     - CVE-2021-4100: Object lifecycle issue in ANGLE. Reported by Aki Helin
       of Solita
     - CVE-2021-4101: Heap buffer overflow in Swiftshader. Reported by
       Abraruddin Khan and Omair
     - CVE-2021-4102: Use after free in V8. Reported by Anonymous
     (96.0.4664.93)
     - CVE-2021-4052: Use after free in web apps. Reported by Wei Yuan of
       MoyunSec VLab
     - CVE-2021-4053: Use after free in UI. Reported by Rox
     - CVE-2021-4079: Out of bounds write in WebRTC. Reported by Brendon
       Tiszka
     - CVE-2021-4054: Incorrect security UI in autofill. Reported by
       Alesandro Ortiz
     - CVE-2021-4078: Type confusion in V8. Reported by Nan
       Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab
     - CVE-2021-4055: Heap buffer overflow in extensions. Reported by Chen
       Rong
     - CVE-2021-4056: Type Confusion in loader. Reported by @__R0ng of 360
       Alpha Lab
     - CVE-2021-4057: Use after free in file API. Reported by Sergei
       Glazunov of Google Project Zero
     - CVE-2021-4058: Heap buffer overflow in ANGLE. Reported by Abraruddin
       Khan and Omair
     - CVE-2021-4059: Insufficient data validation in loader. Reported by
       Luan Herrera (@lbherrera_)
     - CVE-2021-4061: Type Confusion in V8. Reported by Paolo Severini
     - CVE-2021-4062: Heap buffer overflow in BFCache. Reported by Leecraso
       and Guang Gong of 360 Alpha Lab
     - CVE-2021-4063: Use after free in developer tools. Reported by
       Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research
     - CVE-2021-4064: Use after free in screen capture. Reported by
       @ginggilBesel
     - CVE-2021-4065: Use after free in autofill. Reported by 5n1p3r0010
       from Topsec ChiXiao Lab
     - CVE-2021-4066: Integer underflow in ANGLE. Reported by Jaehun
       Jeong(@n3sk) of Theori
     - CVE-2021-4067: Use after free in window manager. Reported by
       @ginggilBesel
     - CVE-2021-4068: Insufficient validation of untrusted input in new tab
       page. Reported by NDevTK
     (96.0.4664.45)
     - CVE-2021-38008: Use after free in media. Reported by Marcin Towalski
     - CVE-2021-38009: Inappropriate implementation in cache.
       Reported by Luan Herrera (@lbherrera_)
     - CVE-2021-38006: Use after free in storage foundation.
       Reported by Sergei Glazunov of Google Project Zero
     - CVE-2021-38007: Type Confusion in V8. Reported by Polaris Feng and
       SGFvamll at Singular Security Lab
     - CVE-2021-38005: Use after free in loader.
       Reported by Sergei Glazunov of Google Project Zero
     - CVE-2021-38010: Inappropriate implementation in service workers.
       Reported by Sergei Glazunov of Google Project Zero
     - CVE-2021-38011: Use after free in storage foundation.
       Reported by Sergei Glazunov of Google Project Zero
     - CVE-2021-38012: Type Confusion in V8. Reported by Yonghwi Jin (@jinmo123)
     - CVE-2021-38013: Heap buffer overflow in fingerprint recognition.
       Reported by raven (@raid_akame)
     - CVE-2021-38014: Out of bounds write in Swiftshader.
       Reported by Atte Kettunen of OUSPG
     - CVE-2021-38015: Inappropriate implementation in input.
       Reported by David Erceg
     - CVE-2021-38016: Insufficient policy enforcement in background fetch.
       Reported by Maurice Dauer
     - CVE-2021-38017: Insufficient policy enforcement in iframe sandbox.
       Reported by NDevTK
     - CVE-2021-38018: Inappropriate implementation in navigation.
       Reported by Alesandro Ortiz
     - CVE-2021-38019: Insufficient policy enforcement in CORS.
       Reported by Maurice Dauer
     - CVE-2021-38020: Insufficient policy enforcement in contacts picker.
       Reported by Luan Herrera (@lbherrera_)
     - CVE-2021-38021: Inappropriate implementation in referrer.
       Reported by Prakash (@1lastBr3ath)
     - CVE-2021-38022: Inappropriate implementation in WebAuthentication.
       Reported by Michal Kepkowski
     (95.0.4638.69)
     - CVE-2021-37997: Use after free in Sign-In. Reported by Wei Yuan of
       MoyunSec VLab
     - CVE-2021-37998: Use after free in Garbage Collection. Reported by
       Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications
       Corp. Ltd.
     - CVE-2021-37999: Insufficient data validation in New Tab Page.
       Reported by Ashish Arun Dhone
     - CVE-2021-38000: Insufficient validation of untrusted input in Intents.
       Reported by Clement Lecigne, Neel Mehta, and Maddie Stone of Google
       Threat Analysis Group
     - CVE-2021-38001: Type Confusion in V8. Reported by @s0rrymybad of
       Kunlun Lab via Tianfu Cup
     - CVE-2021-38002: Use after free in Web Transport. Reported by @__R0ng
       of 360 Alpha Lab, 漏洞研究院青训队 via Tianfu Cup
     - CVE-2021-38003: Inappropriate implementation in V8. Reported by Clément
       Lecigne from Google TAG and Samuel Groß from Google Project Zero
     - CVE-2021-38004: Insufficient policy enforcement in Autofill. Reported
       by Mark Amery
     (95.0.4638.54)
     - CVE-2021-37981: Heap buffer overflow in Skia. Reported by Yangkang
       (@dnpushme) of 360 ATA
     - CVE-2021-37982: Use after free in Incognito. Reported by Weipeng Jiang
       (@Krace) from Codesafe Team of Legendsec at Qi'anxin Group
     - CVE-2021-37983: Use after free in Dev Tools. Reported by Zhihua Yao
       of KunLun Lab
     - CVE-2021-37984: Heap buffer overflow in PDFium. Reported by Antti
       Levomäki, Joonas Pihlaja and Christian Jalio from Forcepoint
     - CVE-2021-37985: Use after free in V8. Reported by Yangkang (@dnpushme)
       of 360 ATA
     - CVE-2021-37986: Heap buffer overflow in Settings.
       Reported by raven (@raid_akame)
     - CVE-2021-37987: Use after free in Network APIs. Reported by
       Yangkang (@dnpushme) of 360 ATA
     - CVE-2021-37988: Use after free in Profiles. Reported by raven
      (@raid_akame)
     - CVE-2021-37989: Inappropriate implementation in Blink.
       Reported by Matt Dyas, Ankur Sundara
     - CVE-2021-37990: Inappropriate implementation in WebView. Reported by
       Kareem Selim of CyShield
     - CVE-2021-37991: Race in V8. Reported by Samuel Groß of Google Project
       Zero
     - CVE-2021-37992: Out of bounds read in WebAudio. Reported by
       sunburst@Ant Security Light-Year Lab
     - CVE-2021-37993: Use after free in PDF Accessibility. Reported by Cassidy
       Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd.
     - CVE-2021-37996: Insufficient validation of untrusted input in Downloads.
       Reported by Anonymous
     - CVE-2021-37994: Inappropriate implementation in iFrame Sandbox.
       Reported by David Erceg
     - CVE-2021-37995: Inappropriate implementation in WebApp Installer.
       Reported by Terence Eden
     (94.0.4606.81)
     - CVE-2021-37977: Use after free in Garbage Collection. Reported by
       Anonymous
     - CVE-2021-37978: Heap buffer overflow in Blink. Reported by Yangkang
       (@dnpushme) of 360 ATA
     - CVE-2021-37979: Heap buffer overflow in WebRTC. Reported by Marcin
       Towalski of Cisco Talos
     - CVE-2021-37980: Inappropriate implementation in Sandbox. Reported by
       Yonghwi Jin (@jinmo123) of Theori
     (94.0.4606.71)
     - CVE-2021-37974: Use after free in Safe Browsing. Reported by Weipeng
       Jiang (@Krace) from Codesafe Team of Legendsec at Qi'anxin Group
     - CVE-2021-37975: Use after free in V8. Reported by Anonymous
     - CVE-2021-37976: Information leak in core. Reported by Clément Lecigne
       from Google TAG, with technical assistance from Sergei Glazunov and
       Mark Brand from Google Project Zero
     (94.0.4606.61)
     - CVE-2021-37973: Use after free in Portals. Reported by Clément Lecigne
       from Google TAG, with technical assistance from Sergei Glazunov and
       Mark Brand from Google Project Zero
     (94.0.4606.54)
     - CVE-2021-37956 Use after free in Offline use. Reported by Huyna at
       Viettel Cyber Security
     - CVE-2021-37957: Use after free in WebGPU. Reported by Looben Yang
     - CVE-2021-37958: Inappropriate implementation in Navigation. Reported by
       James Lee (@Windowsrcer)
     - CVE-2021-37959: Use after free in Task Manager. Reported by raven
       (@raid_akame)
     - CVE-2021-37961: Use after free in Tab Strip. Reported by Khalil Zhani
     - CVE-2021-37962: Use after free in Performance Manager. Reported by Sri
     - CVE-2021-37963: Side-channel information leakage in DevTools. Reported
       by Daniel Genkin and Ayush Agarwal, University of Michigan, Eyal Ronen
       and Shaked Yehezkel, Tel Aviv University, Sioli O’Connell, University of
       Adelaide, and Jason Kim, Georgia Institute of Technology
     - CVE-2021-37964: Inappropriate implementation in ChromeOS Networking.
       Reported by Hugo Hue and Sze Yiu Chau of the Chinese University of Hong
       Kong
     - CVE-2021-37965: Inappropriate implementation in Background Fetch API.
       Reported by Maurice Dauer
     - CVE-2021-37966: Inappropriate implementation in Compositing. Reported by
       Mohit Raj (shadow2639)
     - CVE-2021-37967: Inappropriate implementation in Background Fetch API.
       Reported by SorryMybad (@S0rryMybad) of Kunlun Lab
     - CVE-2021-37968: Inappropriate implementation in Background Fetch API.
       Reported by Maurice Dauer
     - CVE-2021-37969: Inappropriate implementation in Google Updater. Reported
       by Abdelhamid Naceri (halov)
     - CVE-2021-37970: Use after free in File System API. Reported by
       SorryMybad (@S0rryMybad) of Kunlun Lab
     - CVE-2021-37971: Incorrect security UI in Web Browser UI. Reported by
       Rayyan Bijoora
     - CVE-2021-37972: Out of bounds read in libjpeg-turbo. Reported by Xu
       Hanyu and Lu Yutao from Panguite-Forensics-Lab of Qianxin
chromium (93.0.4577.82-1) unstable; urgency=medium
 .
   * New upstream stable release.
     - CVE-2021-30625: Use after free in Selection API. Reported by Marcin
       Towalski of Cisco Talos
     - CVE-2021-30626: Out of bounds memory access in ANGLE. Reported by
       Jeonghoon Shin of Theori
     - CVE-2021-30627: Type Confusion in Blink layout. Reported by Aki Helin of
       OUSPG
     - CVE-2021-30628: Stack buffer overflow in ANGLE. Reported by Jaehun Jeong
       @n3sk of Theori
     - CVE-2021-30629: Use after free in Permissions. Reported by Weipeng Jiang
       @Krace from Codesafe Team of Legendsec at Qi'anxin Group
     - CVE-2021-30630: Inappropriate implementation in Blink . Reported by
       SorryMybad @S0rryMybad of Kunlun Lab
     - CVE-2021-30631: Type Confusion in Blink layout. Reported by Atte Kettunen
       of OUSPG
     - CVE-2021-30632: Out of bounds write in V8. Reported by Anonymous
     - CVE-2021-30633: Use after free in Indexed DB API. Reported by Anonymous
     - CVE-2021-30606: Use after free in Blink. Reported by Nan Wang
       @eternalsakura13 and koocola @alo_cook of 360 Alpha Lab
     - CVE-2021-30607: Use after free in Permissions. Reported by Weipeng Jiang
       @Krace from Codesafe Team of Legendsec at Qi'anxin Group
     - CVE-2021-30608: Use after free in Web Share. Reported by Huyna at Viettel
       Cyber Security
     - CVE-2021-30609: Use after free in Sign-In. Reported by raven @raid_akame
     - CVE-2021-30610: Use after free in Extensions API. Reported by Igor
       Bukanov from Vivaldi
     - CVE-2021-30611: Use after free in WebRTC. Reported by Nan Wang
       @eternalsakura13 and koocola @alo_cook of 360 Alpha Lab
     - CVE-2021-30612: Use after free in WebRTC. Reported by Nan Wang
       @eternalsakura13 and koocola @alo_cook of 360 Alpha Lab
     - CVE-2021-30613: Use after free in Base internals. Reported by Yangkang
       @dnpushme of 360 ATA
     - CVE-2021-30614: Heap buffer overflow in TabStrip. Reported by Huinian
       Yang @vmth6 of Amber Security Lab, OPPO Mobile Telecommunications Corp.
       Ltd.
     - CVE-2021-30615: Cross-origin data leak in Navigation. Reported by NDevTK
     - CVE-2021-30616: Use after free in Media. Reported by Anonymous
     - CVE-2021-30617: Policy bypass in Blink. Reported by NDevTK
     - CVE-2021-30618: Inappropriate implementation in DevTools. Reported by
       @DanAmodio and @mattaustin from Contrast Security
     - CVE-2021-30619: UI Spoofing in Autofill. Reported by Alesandro Ortiz
     - CVE-2021-30620: Insufficient policy enforcement in Blink. Reported by Jun
       Kokatsu, Microsoft Browser Vulnerability Research
     - CVE-2021-30621: UI Spoofing in Autofill. Reported by Abdulrahman
       Alqabandi, Microsoft Browser Vulnerability Research
     - CVE-2021-30622: Use after free in WebApp Installs. Reported by Jun
       Kokatsu, Microsoft Browser Vulnerability Research
     - CVE-2021-30623: Use after free in Bookmarks. Reported by Leecraso and
       Guang Gong of 360 Alpha Lab
     - CVE-2021-30624: Use after free in Autofill. Reported by Wei Yuan of
       MoyunSec VLab
     - CVE-2021-30598: Type Confusion in V8. Reported by Manfred Paul
     - CVE-2021-30599: Type Confusion in V8. Reported by Manfred Paul
     - CVE-2021-30600: Use after free in Printing. Reported by Leecraso and
       Guang Gong of 360 Alpha Lab
     - CVE-2021-30601: Use after free in Extensions API. Reported by koocola
       @alo_cook and Nan Wang @eternalsakura13 of 360 Alpha Lab
     - CVE-2021-30602: Use after free in WebRTC. Reported by Marcin Towalski of
       Cisco Talos
     - CVE-2021-30603: Race in WebAudio. Reported by Sergei Glazunov of Google
       Project Zero
     - CVE-2021-30604: Use after free in ANGLE. Reported by Seong-Hwan Park
       SeHwa of SecunologyLab
     - CVE-2021-30554: Use after free in WebGL. Reported by anonymous
     - CVE-2021-30555: Use after free in Sharing. Reported by David Erceg
     - CVE-2021-30556: Use after free in WebAudio. Reported by Yangkang
       @dnpushme of 360 ATA
     - CVE-2021-30557: Use after free in TabGroups. Reported by David Erceg
     - CVE-2021-30544: Use after free in BFCache. Reported by Rong Jian and
       Guang Gong of 360 Alpha Lab
     - CVE-2021-30545: Use after free in Extensions. Reported by kkwon with
       everpall and kkomdal
     - CVE-2021-30546: Use after free in Autofill. Reported by Abdulrahman
       Alqabandi, Microsoft Browser Vulnerability Research
     - CVE-2021-30547: Out of bounds write in ANGLE. Reported by Seong-Hwan Park
       SeHwa of SecunologyLab
     - CVE-2021-30548: Use after free in Loader. Reported by Yangkang @dnpushme
       & Wanglu of Qihoo360 Qex Team
     - CVE-2021-30549: Use after free in Spell check. Reported by David Erceg
     - CVE-2021-30550: Use after free in Accessibility. Reported by David Erceg
     - CVE-2021-30551: Type Confusion in V8. Reported by Clement Lecigne of
       Google's Threat Analysis Group and Sergei Glazunov of Google Project Zero
     - CVE-2021-30552: Use after free in Extensions. Reported by David Erceg
     - CVE-2021-30553: Use after free in Network service. Reported by Anonymous
     - CVE-2021-30521: Heap buffer overflow in Autofill. Reported by ZhanJia
       Song
     - CVE-2021-30522: Use after free in WebAudio. Reported by Piotr Bania of
       Cisco Talos
     - CVE-2021-30523: Use after free in WebRTC. Reported by Tolyan Korniltsev
     - CVE-2021-30524: Use after free in TabStrip. Reported by David Erceg
     - CVE-2021-30525: Use after free in TabGroups. Reported by David Erceg
     - CVE-2021-30526: Out of bounds write in TabStrip. Reported by David Erceg
     - CVE-2021-30527: Use after free in WebUI. Reported by David Erceg
     - CVE-2021-30528: Use after free in WebAuthentication. Reported by Man Yue
       Mo of GitHub Security Lab
     - CVE-2021-30529: Use after free in Bookmarks. Reported by koocola
       @alo_cook and Nan Wang @eternalsakura13 of 360 Alpha Lab
     - CVE-2021-30530: Out of bounds memory access in WebAudio. Reported by
       kkwon
     - CVE-2021-30531: Insufficient policy enforcement in Content Security
       Policy. Reported by Philip Papurt
     - CVE-2021-30532: Insufficient policy enforcement in Content Security
       Policy. Reported by Philip Papurt
     - CVE-2021-30533: Insufficient policy enforcement in PopupBlocker. Reported
       by Eliya Stein
     - CVE-2021-30534: Insufficient policy enforcement in iFrameSandbox.
       Reported by Alesandro Ortiz
     - CVE-2021-30535: Double free in ICU. Reported by nocma, leogan, cheneyxu
       of WeChat Open Platform Security Team
     - CVE-2021-21212: Insufficient data validation in networking. Reported by
       Hugo Hue and Sze Yiu Chau of the Chinese University of Hong Kong
     - CVE-2021-30536: Out of bounds read in V8. Reported by Chris Salls @salls
     - CVE-2021-30537: Insufficient policy enforcement in cookies. Reported by
       Jun Kokatsu @shhnjk
     - CVE-2021-30538: Insufficient policy enforcement in content security
       policy. Reported by Tianze Ding @D1iv3 of Tencent Security Xuanwu Lab
     - CVE-2021-30539: Insufficient policy enforcement in content security
       policy. Reported by unnamed researcher
     - CVE-2021-30540: Incorrect security UI in payments. Reported by
       @retsew0x01

chrony (4.0-8+deb11u2) bullseye; urgency=medium
 .
   * debian/usr.sbin.chronyd:
     - Allow reading the chronyd configuration file that timemaster(8)
     generates. Thanks to Michael Lestinsky for the report! (Closes: #1004745)

cinnamon (4.8.6-2+deb11u1) bullseye; urgency=medium
 .
   * d/patches: add upstream patch that solves a crash adding
     an online account with login on web component (Closes: #1001536)
   * change vcs-git, CI and gbp to bullseye

clamav (0.103.5+dfsg-0+deb11u1) bullseye; urgency=medium
 .
   * Import 0.103.5
    - CVE-2022-20698 (Fix for invalid pointer read that may cause a crash).
    - Update symbol file.
clamav (0.103.5+dfsg-0+deb10u1) buster; urgency=medium
 .
   * Import 0.103.5
    - CVE-2022-20698 (Fix for invalid pointer read that may cause a crash).
    - Update symbol file.
clamav (0.103.4+dfsg-1) unstable; urgency=medium
 .
   * Import 0.103.4
    - Update symbol file.
   * Add clamonacc.8.
   * Install clamonacc only on Linux. Patch by Laurent Bigonvill
     (Closes: #992776).
   * Drop unused libidn11-dev dependency, suggested by Simon Josefsson
     (Closes: #991976).
clamav (0.103.4+dfsg-0+deb11u1) bullseye; urgency=medium
 .
   * Import 0.103.4
    - Update symbol file.
   * Add clamonacc.8.
   * Install clamonacc only on Linux. Patch by Laurent Bigonvill
     (Closes: #992776).
clamav (0.103.4+dfsg-0+deb10u1) buster; urgency=medium
 .
   * Import 0.103.4
    - Update symbol file.
   * Add clamonacc.8.
   * Install clamonacc only on Linux. Patch by Laurent Bigonvill
     (Closes: #992776).
clamav (0.103.3+dfsg-1) unstable; urgency=medium
 .
   * Import 0.103.2
     - Update symbol file.
     - Regression: clamdscan segfaults with --fdpass --multipass and
       ExcludePath (Closes: #988218).
   * Remove clamav user on purge (Closes: #987861).
   * Remove freshclam.dat on purge.

containerd (1.4.13~ds1-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream version 1.4.13~ds1
     CVE-2022-23648: CRI plugin: insecure handling of image volumes.

cryptsetup (2:2.3.7-1+deb11u1) bullseye-security; urgency=high
 .
   * New upstream security/bugfix release, with fixes for:
     + CVE-2021-4122: decryption through LUKS2 reencryption crash recovery.
       (Closes: #1003686)
     + Key truncation for standalone dm-integrity devices using HMAC integrity
       protection.  (Closes: #949336)
   * Update d/gbp.conf and d/salsa-ci.yml to use d/bullseye branch.
cryptsetup (2:2.3.7-1+deb11u1~bpo10+1) buster-backports; urgency=medium
 .
   * Rebuild for buster-backports.
 .
 cryptsetup (2:2.3.7-1+deb11u1) bullseye-security; urgency=high
 .
   * New upstream security/bugfix release, with fixes for:
     + CVE-2021-4122: decryption through LUKS2 reencryption crash recovery.
       (Closes: #1003686)
     + Key truncation for standalone dm-integrity devices using HMAC integrity
       protection.  (Closes: #949336)
   * Update d/gbp.conf and d/salsa-ci.yml to use d/bullseye branch.
cryptsetup (2:2.3.6-1+exp1) experimental; urgency=medium
 .
   * New upstream bugfix release.  (Closes: #949336)
cryptsetup (2:2.3.5-1+exp1) experimental; urgency=medium
 .
   * Upload to experimental.
 .
 cryptsetup (2:2.3.5-1) unstable; urgency=medium
 .
   * New upstream bugfix release.
   * d/watch: Monitor upstream tags rather than tarballs.
   * d/gbp.conf: Set 'upstream-vcs-tag' to add upstream tag as additional
     parent.
   * Simplify d/README.source in accordance with the above.
   * Rename d/upstream-signing-key.asc to d/upstream/signing-key.asc as uscan
     is now able to verify git tags.
   * encrypted-boot.md: Clarify how to solve double password prompt for the
     device holding /boot.

cups-filters (1.28.7-1+deb11u1) bullseye; urgency=medium
 .
   * debian/apparmor/usr.sbin.cups-browsed: Allow reading from Debian Edu's
     cups-browsed config file (/etc/cups/cups-browsed-debian-edu.conf).
     (Closes: #1006183). (patch provided by Mike Gabriel)
   * debian/control: add myself to Uploaders:

cyrus-sasl2 (2.1.27+dfsg-2.1+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Fix _sasl_add_string
   * Escape password for SQL insert/update commands (CVE-2022-24407)

dask.distributed (2021.01.0+ds.1-2.1+deb11u1) bullseye; urgency=medium
 .
   * Apply pass-host-to-local-cluster.patch. Resolves CVE-2021-42343
   * Add python3.9-compatibility.patch. Fixes cannot import name 'Popen'
     from partially initialized module 'multiprocessing.popen_spawn_posix'

debian-edu-config (2.11.56+deb11u3) bullseye-security; urgency=medium
 .
   * etc/apache2/mods-available/debian-edu-userdir.conf:
     - White-space cleanup (tabs and spaces mixed).
     - CVE-2021-20001: Disable built-in PHP engine.
     - Add warning to not re-enable PHP interpretation in user dirs (with
       reference to our README).
   * README.public_html_with_PHP-CGI+suExec.md:
     - Provide documentation on how to enable suExec support in Apache2 user
       directories (i.e. ~/public_html).
   * debian/NEWS:
     + Add file, inform about PHP being disabled in Apache2 user directories.

debian-installer (20210731+deb11u3) bullseye; urgency=medium
 .
   * Bump Linux kernel ABI to 5.10.0-13.

debian-installer-netboot-images (20210731+deb11u3) bullseye; urgency=medium
 .
   * Update to 20210731+deb11u3, from bullseye-proposed-updates.

debian-ports-archive-keyring (2022.02.15~deb11u1) bullseye; urgency=medium
 .
   * Upload to bullseye.
debian-ports-archive-keyring (2021.12.30) unstable; urgency=medium
 .
   * Add "Debian Ports Archive Automatic Signing Key (2023)
     <ftpmaster@ports-master.debian.org>" (ID: B523E5F3FC4E5F2C).
   * Upgrade Standard-Version to 4.6.0 (no changes).

django-allauth (0.44.0+ds-1+deb11u1) bullseye; urgency=medium
 .
   * Import from 0.47.0-1 the patch to fix OpenID failures.
     (Closes: #1003069)
   * Disable forwarding for two patches

djbdns (1:1.05-13+deb11u1) bullseye; urgency=medium
 .
   * Add the 0011-datalimit patch to catch up with recent versions of
     glibc generating larger executable files. Closes: #996807
   * Several improvements to the Python tinytest autopkgtest tool:
     - use "with subprocess.Popen()"
     - simplify the command-line parsing a bit
     - minor import statement fixes
     - add a tox.ini file to make it easier to run static code checkers
     - turn a class into a dataclass
     - send a lot of queries to tinydns to make sure that the fix for
       #996807 actually works

dpdk (20.11.4-2~deb11u1) bullseye; urgency=medium
 .
   * Upload to stable-proposed-updates.
 .
 dpdk (20.11.4-2) unstable; urgency=medium
 .
   * Backport patch to fix ppc64el FTBFS
 .
 dpdk (20.11.4-1) unstable; urgency=medium
 .
   * Update upstream source from tag 'upstream/20.11.4'
   * New upstream release 20.11.4; for a full list of changes see:
     http://doc.dpdk.org/guides-20.11/rel_notes/release_20_11.html
   * Bump copyright year ranges in d/copyright
 .
 dpdk (20.11.3-2) unstable; urgency=medium
 .
   [ Christian Ehrhardt ]
   * d/rules: drop per_library_versions removed since 19.11 (Closes:
     #998532)
dpdk (20.11.4-1) unstable; urgency=medium
 .
   * Update upstream source from tag 'upstream/20.11.4'
   * New upstream release 20.11.4; for a full list of changes see:
     http://doc.dpdk.org/guides-20.11/rel_notes/release_20_11.html
   * Bump copyright year ranges in d/copyright
dpdk (20.11.3-2) unstable; urgency=medium
 .
   [ Christian Ehrhardt ]
   * d/rules: drop per_library_versions removed since 19.11 (Closes:
     #998532)
dpdk (20.11.3-1) unstable; urgency=medium
 .
   [ Henning Schild ]
   * d/rules: honor "nocheck" in test override
 .
   [ Christian Ehrhardt ]
   * Merge upstream stable release 20.11.3
   * drop d/p/0001-rib-fix-insertion-in-some-cases.patch [applied upstream]
   * drop d/p/test-catch-coredumps.patch [applied upstream]
   * d/p/disable_autopkgtest_fails.patch: disable failures that do not
     represent regressions
   * d/p/disable_armhf_autopkgtest_fails.patch: disable arm failures that
     do not represent regressions
   * d/p/disable_ppc64_autopkgtest_fails.patch: skip known false-positives
     (LP: #1939861)
 .
   [ Luca Boccassi ]
   * Fix d/watch file syntax

e2guardian (5.3.4-1+deb11u1) bullseye; urgency=medium
 .
   * debian/patches:
     + CVE-2021-44273: Fix missing SSL certificate validation in the SSL MiTM
       engine. Add 0001_CVE-2021-44273_fix-hostname-validation-in-
       certificates.patch. (Closes: #1003125).

epiphany-browser (3.38.2-1+deb11u2) bullseye; urgency=medium
 .
   * d/p/glib-bug-workaround.patch:
     - Cherry pick upstream patch ff8ecbf6. This works around a bug in GLib
       and fixes a UI process crash (Closes: #1005810).
epiphany-browser (3.38.2-1+deb11u1) bullseye-security; urgency=medium
 .
   * d/p/encode-untrusted-data.patch:
     - Cherry pick upstream changes from c27a8180e until abac58c51.
     - Fixes CVE-2021-45085, CVE-2021-45086, CVE-2021-45087 and
       CVE-2021-45088.

espeak-ng (1.50+dfsg-7+deb11u1) bullseye; urgency=medium
 .
   * patches/even-delay: Drop spurious 50ms delay while processing events, this
     adds potentially very long latency to canceling speech.

espeakup (1:0.80-20+deb11u1) stable; urgency=medium
 .
   * debian/espeakup.service: Protect espeakup from system overloads.

expat (2.2.10-2+deb11u3) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * lib: Relax fix to CVE-2022-25236 with regard to RFC 3986 URI characters
   * tests: Cover relaxed fix to CVE-2022-25236
   * lib: Document namespace separator effect right in header <expat.h>
   * lib|doc: Add a note on namespace URI validation
expat (2.2.10-2+deb11u2) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Prevent stack exhaustion in build_model (CVE-2022-25313)
   * Prevent integer overflow in storeRawNames (CVE-2022-25315)
   * Prevent integer overflow in copyString (CVE-2022-25314)
   * lib: Fix (harmless) use of uninitialized memory
   * lib: Protect against malicious namespace declarations (CVE-2022-25236)
     (Closes: #1005895)
   * tests: Cover CVE-2022-25236
   * lib: Drop unused macro UTF8_GET_NAMING
   * lib: Add missing validation of encoding (CVE-2022-25235)
     (Closes: #1005894)
   * lib: Add comments to BT_LEAD* cases where encoding has already been
     validated
   * tests: Cover missing validation of encoding (CVE-2022-25235)
   * Fix build_model regression.
   * tests: Protect against nested element declaration model regressions
expat (2.2.10-2+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * lib: Detect and prevent troublesome left shifts in function storeAtts
     (CVE-2021-45960) (Closes: #1002994)
   * lib: Prevent integer overflow on m_groupSize in function doProlog
     (CVE-2021-46143)
   * lib: Prevent integer overflow at multiple places (CVE-2022-22822,
     CVE-2022-22823, CVE-2022-22824, CVE-2022-22825, CVE-2022-22826,
     CVE-2022-22827) (Closes: #1003474)
   * lib: Detect and prevent integer overflow in XML_GetBuffer (CVE-2022-23852)
   * tests: Cover integer overflow in XML_GetBuffer (CVE-2022-23852)
   * lib: Prevent integer overflow in doProlog (CVE-2022-23990)

fcitx5-chinese-addons (5.0.4-1+deb11u1) bullseye; urgency=medium
 .
   * debian/control: Add missing package dependency relationship:
     + fcitx5-table:
       - fcitx5-module-pinyinhelper (Dep)
       - fcitx5-module-punctuation (Dep) (Closes: #1001739)

flac (1.3.3-2+deb11u1) bullseye; urgency=medium
 .
   * CVE-2021-0561 (Closes: #1006339)

flatpak (1.10.7-0+deb11u1) bullseye-security; urgency=high
 .
   * New upstream stable release
   * Security fixes:
     - Prevent a malicious repository from arranging for permissions to be
       granted without being correctly displayed during installation
       (CVE-2021-43860, GHSA-qpjc-vq3c-572j)
     - Provide a new --nofilesystem=host:reset option which flatpak-builder
       can use to prevent malicious builds from creating directories
       outside the build directory (CVE-2022-21682, GHSA-8ch7-5j3h-g4fx)
   * Other bug fixes:
     - Fix error handling for syscalls that are only allowed with --devel
       (this change was already included in 1.10.5-0+deb11u1)
     - Improve diagnostic messages when seccomp rules cannot be applied
     - Update Polish translation
     - Clarify documentation related to CVE-2022-21682
     - Improve test coverage related to CVE-2022-21682
     - Be compatible with newer versions of python3-pyparsing
       (the version in Debian 11 generates identical code before and
       after this change)
   * d/p/Fix-handling-of-syscalls-only-allowed-by-devel.patch:
     Drop patch, included in 1.10.6
   * d/copyright: Update
flatpak (1.10.7-0+deb11u1~bpo10+1) buster-backports; urgency=medium
 .
   * Rebuild for buster-backports.
     - Revert "debian/control: Add libmalcontent-0-dev to the
       build-dependencies". It wasn't available in buster.
     - Revert "Add Suggests on malcontent-gui".
     - Downgrade dbus from Depends to Recommends.
       It only needed to be a Depends for the libmalcontent integration,
       but it is necessary for system-wide installations (without --user),
       so a Recommends still seems appropriate.
 .
 flatpak (1.10.7-0+deb11u1) bullseye-security; urgency=high
 .
   * New upstream stable release
   * Security fixes:
     - Prevent a malicious repository from arranging for permissions to be
       granted without being correctly displayed during installation
       (CVE-2021-43860, GHSA-qpjc-vq3c-572j)
     - Provide a new --nofilesystem=host:reset option which flatpak-builder
       can use to prevent malicious builds from creating directories
       outside the build directory (CVE-2022-21682, GHSA-8ch7-5j3h-g4fx)
   * Other bug fixes:
     - Fix error handling for syscalls that are only allowed with --devel
       (this change was already included in 1.10.5-0+deb11u1)
     - Improve diagnostic messages when seccomp rules cannot be applied
     - Update Polish translation
     - Clarify documentation related to CVE-2022-21682
     - Improve test coverage related to CVE-2022-21682
     - Be compatible with newer versions of python3-pyparsing
       (the version in Debian 11 generates identical code before and
       after this change)
   * d/p/Fix-handling-of-syscalls-only-allowed-by-devel.patch:
     Drop patch, included in 1.10.6
   * d/copyright: Update

flatpak-builder (1.0.12-1+deb11u1) bullseye-security; urgency=high
 .
   * d/gbp.conf, Vcs-Git: Configure for bullseye stable updates
   * d/p/Disable-filesystem-access-with-nofilesystem-host-reset.patch,
     d/p/Allow-nofilesystem-host-reset-in-flatpak-builder-run.patch:
     Add patches from upstream to prevent unintended access to host
     filesystem (CVE-2022-21682). To be effective, this also requires an
     updated version of flatpak.
   * d/control: Bump flatpak dependencies to 1.10.7.
     This ensures that we have the version that enables us to avoid
     CVE-2022-21682.

fort-validator (1.5.3-1~deb11u1) bullseye-security; urgency=high
 .
   * Rebuild for bullseye-security. Fixes:
     - RRDP Slowloris (CVE-2021-43173 CVE-2021-3909).
     - Repo contains 100GB of trash.
     - Dot-dot-slash path traversal (CVE-2021-3907).
fort-validator (1.5.2-1) unstable; urgency=medium
 .
   * New upstream release.
fort-validator (1.5.1-1) unstable; urgency=medium
 .
   * New upstream release.

freerdp2 (2.3.0+dfsg1-2+deb11u1) bullseye; urgency=medium
 .
   [ Bernhard Miklautz ]
   * debian/rules:
     + Disable additional debug logging. (Closes: #1006683).
 .
   [ Mike Gabriel ]
   * debian/patches:
     + Add 1001_keep-symbol-DumpThreadHandles-if-debugging-is-disabled.patch.
       Keep DumpThreadHandles as a symbol even if WITH_DEBUG_THREADS is OFF.

galera-3 (25.3.36-0+deb11u1) bullseye; urgency=medium
 .
   * New upstream version 25.3.36. Includes multiple bug fixes, see
     https://github.com/codership/documentation/blob/master/release-notes/release-notes-galera-25.3.36.txt
     and for previous release 25.3.35 see
     https://github.com/codership/documentation/blob/master/release-notes/release-notes-galera-25.3.35.txt
galera-3 (25.3.35-1) unstable; urgency=medium
 .
   [ Otto Kekäläinen ]
   * New upstream version 25.3.35. Includes multiple bug fixes, see
     https://github.com/codership/documentation/blob/master/release-notes/release-notes-galera-25.3.35.txt
 .
   [ Debian Janitor ]
   * Remove constraints unnecessary since buster:
     + Build-Depends: Drop versioned constraint on cmake, libboost-dev and
       libboost-program-options-dev.
     + galera-arbitrator-3: Drop versioned constraint on lsb-base in Depends.
galera-3 (25.3.34-1) unstable; urgency=medium
 .
   * New upstream version 25.3.34. Includes multiple bug fixes, see
     https://github.com/codership/documentation/blob/master/release-notes/release-notes-galera-25.3.34.txt
   * Restore CK_TIMEOUT_MULTIPLIER in debian rules to avoid having
     various slow builds and CI runs fail in vain

galera-4 (26.4.11-0+deb11u1) bullseye; urgency=medium
 .
   * New upstream release 26.4.11. Includes multiple bug fixes, see
     https://github.com/codership/documentation/blob/master/release-notes/release-notes-galera-26.4.11.txt
     and for previous release 26.4.10 see
     https://github.com/codership/documentation/blob/master/release-notes/release-notes-galera-26.4.10.txt
galera-4 (26.4.10-1) unstable; urgency=medium
 .
   [ Otto Kekäläinen ]
   * New upstream release 26.4.10. Includes multiple bug fixes, see
     https://github.com/codership/documentation/blob/master/release-notes/release-notes-galera-26.4.10.txt
 .
   [ Debian Janitor ]
   * Remove constraints unnecessary since buster
galera-4 (26.4.9-1) unstable; urgency=medium
 .
   [ Otto Kekäläinen ]
   * New upstream release 26.4.9. Includes multiple bug fixes, see
     https://github.com/codership/documentation/blob/master/release-notes/release-notes-galera-26.4.9.txt
   * Restore CK_TIMEOUT_MULTIPLIER in debian rules to avoid unnecassary
     test failures due to slow builders
 .
   [ Andreas Beckmann ]
   * Solve circular Conflicts with galera-3 by no longer providing a virtual
     galera package (Closes: #990708)

gbonds (2.0.3-16+deb11u1) bullseye; urgency=high
 .
   * Add redemption data through 11/2021 (sb202106.asc)
   * Use Treasury API for redemption data (Closes: 1001610)

ghostscript (9.53.3~dfsg-7+deb11u2) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Check stack limits after function evaluation (CVE-2021-45944)
   * Fix op stack management in sampled_data_continue() (CVE-2021-45949)

glewlwyd (2.5.2-2+deb11u2) bullseye; urgency=medium
 .
   * d/patches: Fix possible privilege escalation (Closes: #1001849)

glibc (2.31-13+deb11u3) bullseye; urgency=medium
 .
   [ Aurelien Jarno ]
   * debian/patches/git-updates.diff: update from upstream stable branch:
     - Fix bad conversion from ISO-2022-JP-3 with iconv (CVE-2021-43396).
       Closes: #998622.
     - Remove PIE check on amd64 to fix FTBFS with binutils 2.37.
     - Fix a buffer overflow in sunrpc svcunix_create (CVE-2022-23218).
     - Fix a buffer overflow in sunrpc clnt_create (CVE-2022-23219).
   * debian/debhelper.in/libc-bin.postinst: stop replacing older versions from
     /etc/nsswitch.conf.  Closes: #998008.
   * debian/debhelper.in/libc.preinst: simplify the version comparison by only
     comparing the two first parts, now that kernel 2.X are not supported
     anymore.  Closes: #1004861.
   * debian/debhelper.in/libc.preinst: drop the check for kernel release > 255
     now that glibc and preinstall script are fixed.  Closes: #987266.
   * debian/patches/local-CVE-2021-33574-mq_notify-use-after-free.diff:
     fix a possible use-after-free in mq_notify (CVE-2021-33574).  Closes:
     #989147.

glx-alternatives (1.2.1~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
 .
 glx-alternatives (1.2.1) unstable; urgency=medium
 .
   * glx-diversions: After initial setup of the diversions, install a minimal
     alternative to the diverted files s.t. libGL.so.1 etc. are not missing
     until glx-alternative-mesa processes its triggers.  (Closes: #993338)
   * Bump Standards-Version to 4.6.0. No changes needed.

gnupg2 (2.2.27-2+deb11u1) bullseye; urgency=medium
 .
   [ Raphaël Hertzog ]
   * Avoid network interaction in generator. Closes: #993578
 .
   [ Christoph Biedl ]
   * Backport "Scd: Fix CCID driver for SCM SPR332/SPR532". Closes: #982546
 .
   [ Daniel Kahn Gillmor ]
   * update git to point to debian/bullseye branch

gnuplot (5.4.1+dfsg1-1+deb11u1) bullseye; urgency=medium
 .
   * Fix divide by zero vulnerability. CVE-2021-44917.  (Closes: #1002539)

golang-1.15 (1.15.15-1~deb11u4) bullseye; urgency=medium
 .
   * Backport patch for CVE-2022-24921:
     regexp: stack exhaustion compiling deeply nested expressions
golang-1.15 (1.15.15-1~deb11u3) bullseye; urgency=medium
 .
   * Backport patches for CVE-2022-23806 CVE-2022-23772 CVE-2022-23773
     + CVE-2022-23806: crypto/elliptic: fix IsOnCurve for big.Int values
       that are not valid coordinates
     + CVE-2022-23772: math/big: prevent large memory consumption in
       Rat.SetString
     + CVE-2022-23773: cmd/go: prevent branches from materializing into versions

golang-github-containers-common (0.33.4+ds1-1+deb11u1) bullseye; urgency=medium
 .
   * Backport seccomp patches from upstream to allow execution of newer
     syscalls. Closes: #994451, #1006137

golang-github-opencontainers-specs (1.0.2.41.g7413a7f-1+deb11u1) bullseye; urgency=medium
 .
   * Backport seccomp patches from upstream to allow execution of newer
     syscalls, Closes: #994451, #1004533

gtk+3.0 (3.24.24-4+deb11u2) bullseye; urgency=medium
 .
   [ Jian-Hong Pan ]
   * d/p/printing-Create-temporary-queues-for-Avahi-printers.patch,
     d/p/printing-Show-all-Avahi-advertised-printers.patch:
     Backport patches from upstream 3.24.25 to enable temporary CUPS queues
     for local printers advertised via mDNS.
     This enables GTK to discover local printers and print to them, without
     needing to install the cups-browsed package or configure CUPS queues
     manually.
     (Closes: #982925)
   * d/p/Don-t-try-to-create-local-cups-printers-before-CUPS-2.2.patch:
     Backport patch from upstream 3.24.29 to make the printing module
     identical to the more widely-tested version in unstable.
 .
   [ Simon McVittie ]
   * debian/cups-Use-the-same-name-mangling-as-Debian-11-s-cups-brows.patch:
     Avoid creating confusing duplicate printer entries if the printer's mDNS
     name begins or ends with a non-alphanumeric character. This change is
     specific to the Debian 11 version of cups-browsed, and is not necessary
     with cups-browsed 1.28.11 or later.
   * d/p/wayland-Ensure-clipboard-handling-doesn-t-lock-up-in-cert.patch:
     Backport patch from upstream 3.24.31 to prevent Wayland clipboard
     handling from locking up in certain corner cases (Closes: #1006281)
gtk+3.0 (3.24.24-4+deb11u1) bullseye; urgency=medium
 .
   * Add patch from upstream to fix missing search results when using NFS
     (Closes: #976334)
   * d/gbp.conf, d/control.in: Set packaging branch to debian/bullseye

h2database (1.4.197-4+deb11u1) bullseye-security; urgency=high
 .
   * Team upload.
   * Security researchers of JFrog Security and Ismail Aydemir discovered two
     remote code execution vulnerabilities in the H2 Java SQL database engine
     which can be exploited through various attack vectors, most notably through
     the H2 Console and by loading custom classes from remote servers through
     JNDI. The H2 console is a developer tool and not required by any
     reverse-dependency in Debian. It has been disabled in (old)stable
     releases. Database developers are advised to use at least version
     2.1.210-1, currently available in Debian unstable.
h2database (1.4.197-4+deb10u1) buster-security; urgency=high
 .
   * Team upload.
   * Security researchers of JFrog Security and Ismail Aydemir discovered two
     remote code execution vulnerabilities in the H2 Java SQL database engine
     which can be exploited through various attack vectors, most notably through
     the H2 Console and by loading custom classes from remote servers through
     JNDI. The H2 console is a developer tool and not required by any
     reverse-dependency in Debian. It has been disabled in (old)stable
     releases. Database developers are advised to use at least version
     2.1.210-1, currently available in Debian unstable.

haproxy (2.2.9-2+deb11u3) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * BUG/MAJOR: http/htx: prevent unbounded loop in
     http_manage_server_side_cookies (CVE-2022-0711)
haproxy (2.2.9-2+deb11u3~bpo10+1) buster-backports; urgency=medium
 .
   * Rebuild for buster-backports.

heartbeat (1:3.0.6-11+deb11u1) bullseye; urgency=medium
 .
   * Use tmpfiles.d to create /run/heartbeat (Closes: #1002037)

htmldoc (1.9.11-4+deb11u2) bullseye; urgency=medium
 .
   * Non-maintainer upload by the LTS Team.
   * CVE-2022-0534
     A crafted GIF file could lead to a stack out-of-bounds read,
     which could result in a crash (segmentation fault).

installation-guide (20220129~deb11u1) bullseye; urgency=medium
 .
   * Backport documentation fixes to bullseye.

intel-microcode (3.20220207.1~deb11u1) bullseye; urgency=medium
 .
   * Backport for Debian stable (no changes)
   * Release manager: this is the same package already in bullseye-backports,
     testing and unstable.  It fixes several security issues, adds MSRs that
     can be enabled by updated kernels for enhanced security mitigaton, and
     also fixes several critical "functional issues" (i.e.  processor errata).
     There were no reports to date of regressions introduced by this microcode
     drelease.
 .
 intel-microcode (3.20220207.1) unstable; urgency=medium
 .
   * upstream changelog: new upstream datafile 20220207
     * Mitigates (*only* when loaded from UEFI firmware through the FIT)
       CVE-2021-0146, INTEL-SA-00528: VT-d privilege escalation through
       debug port, on Pentium, Celeron and Atom processors with signatures
       0x506c9, 0x506ca, 0x506f1, 0x706a1, 0x706a8
       https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/issues/57#issuecomment-1036363145
     * Mitigates CVE-2021-0127, INTEL-SA-00532: an unexpected code breakpoint
       may cause a system hang, on many processors.
     * Mitigates CVE-2021-0145, INTEL-SA-00561: information disclosure due
       to improper sanitization of shared resources (fast-store forward
       predictor), on many processors.
     * Mitigates CVE-2021-33120, INTEL-SA-00589: out-of-bounds read on some
       Atom Processors may allow information disclosure or denial of service
       via network access.
     * Fixes critical errata (functional issues) on many processors
     * Adds a MSR switch to enable RAPL filtering (default off, once enabled
       it can only be disabled by poweroff or reboot).  Useful to protect
       SGX and other threads from side-channel info leak.  Improves the
       mitigation for CVE-2020-8694, CVE-2020-8695, INTEL-SA-00389 on many
       processors.
     * Disables TSX in more processor models.
     * Fixes issue with WBINDV on multi-socket (server) systems which could
       cause resets and unpredictable system behavior.
     * Adds a MSR switch to 10th and 11th-gen (Ice Lake, Tiger Lake, Rocket
       Lake) processors, to control a fix for (hopefully rare) unpredictable
       processor behavior when HyperThreading is enabled.  This MSR switch
       is enabled by default on *server* processors.  On other processors,
       it needs to be explicitly enabled by an updated UEFI/BIOS (with added
       configuration logic).  An updated operating system kernel might also
       be able to enable it.  When enabled, this fix can impact performance.
     * Updated Microcodes:
       sig 0x000306f2, pf_mask 0x6f, 2021-08-11, rev 0x0049, size 38912
       sig 0x000306f4, pf_mask 0x80, 2021-05-24, rev 0x001a, size 23552
       sig 0x000406e3, pf_mask 0xc0, 2021-04-28, rev 0x00ec, size 105472
       sig 0x00050653, pf_mask 0x97, 2021-05-26, rev 0x100015c, size 34816
       sig 0x00050654, pf_mask 0xb7, 2021-06-16, rev 0x2006c0a, size 43008
       sig 0x00050656, pf_mask 0xbf, 2021-08-13, rev 0x400320a, size 35840
       sig 0x00050657, pf_mask 0xbf, 2021-08-13, rev 0x500320a, size 36864
       sig 0x0005065b, pf_mask 0xbf, 2021-06-04, rev 0x7002402, size 28672
       sig 0x00050663, pf_mask 0x10, 2021-06-12, rev 0x700001c, size 28672
       sig 0x00050664, pf_mask 0x10, 2021-06-12, rev 0xf00001a, size 27648
       sig 0x00050665, pf_mask 0x10, 2021-09-18, rev 0xe000014, size 23552
       sig 0x000506c9, pf_mask 0x03, 2021-05-10, rev 0x0046, size 17408
       sig 0x000506ca, pf_mask 0x03, 2021-05-10, rev 0x0024, size 16384
       sig 0x000506e3, pf_mask 0x36, 2021-04-29, rev 0x00ec, size 108544
       sig 0x000506f1, pf_mask 0x01, 2021-05-10, rev 0x0036, size 11264
       sig 0x000606a6, pf_mask 0x87, 2021-12-03, rev 0xd000331, size 291840
       sig 0x000706a1, pf_mask 0x01, 2021-05-10, rev 0x0038, size 74752
       sig 0x000706a8, pf_mask 0x01, 2021-05-10, rev 0x001c, size 75776
       sig 0x000706e5, pf_mask 0x80, 2021-05-26, rev 0x00a8, size 110592
       sig 0x000806a1, pf_mask 0x10, 2021-09-02, rev 0x002d, size 34816
       sig 0x000806c1, pf_mask 0x80, 2021-08-06, rev 0x009a, size 109568
       sig 0x000806c2, pf_mask 0xc2, 2021-07-16, rev 0x0022, size 96256
       sig 0x000806d1, pf_mask 0xc2, 2021-07-16, rev 0x003c, size 101376
       sig 0x000806e9, pf_mask 0x10, 2021-04-28, rev 0x00ec, size 104448
       sig 0x000806e9, pf_mask 0xc0, 2021-04-28, rev 0x00ec, size 104448
       sig 0x000806ea, pf_mask 0xc0, 2021-04-28, rev 0x00ec, size 103424
       sig 0x000806eb, pf_mask 0xd0, 2021-04-28, rev 0x00ec, size 104448
       sig 0x000806ec, pf_mask 0x94, 2021-04-28, rev 0x00ec, size 104448
       sig 0x00090661, pf_mask 0x01, 2021-09-21, rev 0x0015, size 20480
       sig 0x000906c0, pf_mask 0x01, 2021-08-09, rev 0x2400001f, size 20480
       sig 0x000906e9, pf_mask 0x2a, 2021-04-29, rev 0x00ec, size 106496
       sig 0x000906ea, pf_mask 0x22, 2021-04-28, rev 0x00ec, size 102400
       sig 0x000906eb, pf_mask 0x02, 2021-04-28, rev 0x00ec, size 104448
       sig 0x000906ec, pf_mask 0x22, 2021-04-28, rev 0x00ec, size 103424
       sig 0x000906ed, pf_mask 0x22, 2021-04-28, rev 0x00ec, size 103424
       sig 0x000a0652, pf_mask 0x20, 2021-04-28, rev 0x00ec, size 93184
       sig 0x000a0653, pf_mask 0x22, 2021-04-28, rev 0x00ec, size 94208
       sig 0x000a0655, pf_mask 0x22, 2021-04-28, rev 0x00ee, size 94208
       sig 0x000a0660, pf_mask 0x80, 2021-04-28, rev 0x00ea, size 94208
       sig 0x000a0661, pf_mask 0x80, 2021-04-29, rev 0x00ec, size 93184
       sig 0x000a0671, pf_mask 0x02, 2021-08-29, rev 0x0050, size 102400
     * Removed Microcodes:
       sig 0x00080664, pf_mask 0x01, 2021-02-17, rev 0xb00000f, size 130048
       sig 0x00080665, pf_mask 0x01, 2021-02-17, rev 0xb00000f, size 130048
   * update .gitignore and debian/.gitignore.
     Add some missing items from .gitignore and debian/.gitignore.
   * ucode-blacklist: do not late-load 0x406e3 and 0x506e3.
     When the BIOS microcode is older than revision 0x7f (and perhaps in some
     other cases as well), the latest microcode updates for 0x406e3 and
     0x506e3 must be applied using the early update method.  Otherwise, the
     system might hang.  Also: there must not be any other intermediate
     microcode update attempts [other than the one done by the BIOS itself],
     either.  It must go from the BIOS microcode update directly to the
     latest microcode update.
   * source: update symlinks to reflect id of the latest release, 20220207
intel-microcode (3.20220207.1~deb10u1) buster; urgency=medium
 .
   * Backport for Debian oldstable (no changes)
   * Release manager: this is the same package already in bullseye-backports,
     testing and unstable.  It fixes several security issues, adds MSRs that
     can be enabled by updated kernels for enhanced security mitigaton, and
     also fixes several critical "functional issues" (i.e.  processor errata).
     There were no reports to date of regressions introduced by this microcode
     drelease.
 .
 intel-microcode (3.20220207.1) unstable; urgency=medium
 .
   * upstream changelog: new upstream datafile 20220207
     * Mitigates (*only* when loaded from UEFI firmware through the FIT)
       CVE-2021-0146, INTEL-SA-00528: VT-d privilege escalation through
       debug port, on Pentium, Celeron and Atom processors with signatures
       0x506c9, 0x506ca, 0x506f1, 0x706a1, 0x706a8
       https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/issues/57#issuecomment-1036363145
     * Mitigates CVE-2021-0127, INTEL-SA-00532: an unexpected code breakpoint
       may cause a system hang, on many processors.
     * Mitigates CVE-2021-0145, INTEL-SA-00561: information disclosure due
       to improper sanitization of shared resources (fast-store forward
       predictor), on many processors.
     * Mitigates CVE-2021-33120, INTEL-SA-00589: out-of-bounds read on some
       Atom Processors may allow information disclosure or denial of service
       via network access.
     * Fixes critical errata (functional issues) on many processors
     * Adds a MSR switch to enable RAPL filtering (default off, once enabled
       it can only be disabled by poweroff or reboot).  Useful to protect
       SGX and other threads from side-channel info leak.  Improves the
       mitigation for CVE-2020-8694, CVE-2020-8695, INTEL-SA-00389 on many
       processors.
     * Disables TSX in more processor models.
     * Fixes issue with WBINDV on multi-socket (server) systems which could
       cause resets and unpredictable system behavior.
     * Adds a MSR switch to 10th and 11th-gen (Ice Lake, Tiger Lake, Rocket
       Lake) processors, to control a fix for (hopefully rare) unpredictable
       processor behavior when HyperThreading is enabled.  This MSR switch
       is enabled by default on *server* processors.  On other processors,
       it needs to be explicitly enabled by an updated UEFI/BIOS (with added
       configuration logic).  An updated operating system kernel might also
       be able to enable it.  When enabled, this fix can impact performance.
     * Updated Microcodes:
       sig 0x000306f2, pf_mask 0x6f, 2021-08-11, rev 0x0049, size 38912
       sig 0x000306f4, pf_mask 0x80, 2021-05-24, rev 0x001a, size 23552
       sig 0x000406e3, pf_mask 0xc0, 2021-04-28, rev 0x00ec, size 105472
       sig 0x00050653, pf_mask 0x97, 2021-05-26, rev 0x100015c, size 34816
       sig 0x00050654, pf_mask 0xb7, 2021-06-16, rev 0x2006c0a, size 43008
       sig 0x00050656, pf_mask 0xbf, 2021-08-13, rev 0x400320a, size 35840
       sig 0x00050657, pf_mask 0xbf, 2021-08-13, rev 0x500320a, size 36864
       sig 0x0005065b, pf_mask 0xbf, 2021-06-04, rev 0x7002402, size 28672
       sig 0x00050663, pf_mask 0x10, 2021-06-12, rev 0x700001c, size 28672
       sig 0x00050664, pf_mask 0x10, 2021-06-12, rev 0xf00001a, size 27648
       sig 0x00050665, pf_mask 0x10, 2021-09-18, rev 0xe000014, size 23552
       sig 0x000506c9, pf_mask 0x03, 2021-05-10, rev 0x0046, size 17408
       sig 0x000506ca, pf_mask 0x03, 2021-05-10, rev 0x0024, size 16384
       sig 0x000506e3, pf_mask 0x36, 2021-04-29, rev 0x00ec, size 108544
       sig 0x000506f1, pf_mask 0x01, 2021-05-10, rev 0x0036, size 11264
       sig 0x000606a6, pf_mask 0x87, 2021-12-03, rev 0xd000331, size 291840
       sig 0x000706a1, pf_mask 0x01, 2021-05-10, rev 0x0038, size 74752
       sig 0x000706a8, pf_mask 0x01, 2021-05-10, rev 0x001c, size 75776
       sig 0x000706e5, pf_mask 0x80, 2021-05-26, rev 0x00a8, size 110592
       sig 0x000806a1, pf_mask 0x10, 2021-09-02, rev 0x002d, size 34816
       sig 0x000806c1, pf_mask 0x80, 2021-08-06, rev 0x009a, size 109568
       sig 0x000806c2, pf_mask 0xc2, 2021-07-16, rev 0x0022, size 96256
       sig 0x000806d1, pf_mask 0xc2, 2021-07-16, rev 0x003c, size 101376
       sig 0x000806e9, pf_mask 0x10, 2021-04-28, rev 0x00ec, size 104448
       sig 0x000806e9, pf_mask 0xc0, 2021-04-28, rev 0x00ec, size 104448
       sig 0x000806ea, pf_mask 0xc0, 2021-04-28, rev 0x00ec, size 103424
       sig 0x000806eb, pf_mask 0xd0, 2021-04-28, rev 0x00ec, size 104448
       sig 0x000806ec, pf_mask 0x94, 2021-04-28, rev 0x00ec, size 104448
       sig 0x00090661, pf_mask 0x01, 2021-09-21, rev 0x0015, size 20480
       sig 0x000906c0, pf_mask 0x01, 2021-08-09, rev 0x2400001f, size 20480
       sig 0x000906e9, pf_mask 0x2a, 2021-04-29, rev 0x00ec, size 106496
       sig 0x000906ea, pf_mask 0x22, 2021-04-28, rev 0x00ec, size 102400
       sig 0x000906eb, pf_mask 0x02, 2021-04-28, rev 0x00ec, size 104448
       sig 0x000906ec, pf_mask 0x22, 2021-04-28, rev 0x00ec, size 103424
       sig 0x000906ed, pf_mask 0x22, 2021-04-28, rev 0x00ec, size 103424
       sig 0x000a0652, pf_mask 0x20, 2021-04-28, rev 0x00ec, size 93184
       sig 0x000a0653, pf_mask 0x22, 2021-04-28, rev 0x00ec, size 94208
       sig 0x000a0655, pf_mask 0x22, 2021-04-28, rev 0x00ee, size 94208
       sig 0x000a0660, pf_mask 0x80, 2021-04-28, rev 0x00ea, size 94208
       sig 0x000a0661, pf_mask 0x80, 2021-04-29, rev 0x00ec, size 93184
       sig 0x000a0671, pf_mask 0x02, 2021-08-29, rev 0x0050, size 102400
     * Removed Microcodes:
       sig 0x00080664, pf_mask 0x01, 2021-02-17, rev 0xb00000f, size 130048
       sig 0x00080665, pf_mask 0x01, 2021-02-17, rev 0xb00000f, size 130048
   * update .gitignore and debian/.gitignore.
     Add some missing items from .gitignore and debian/.gitignore.
   * ucode-blacklist: do not late-load 0x406e3 and 0x506e3.
     When the BIOS microcode is older than revision 0x7f (and perhaps in some
     other cases as well), the latest microcode updates for 0x406e3 and
     0x506e3 must be applied using the early update method.  Otherwise, the
     system might hang.  Also: there must not be any other intermediate
     microcode update attempts [other than the one done by the BIOS itself],
     either.  It must go from the BIOS microcode update directly to the
     latest microcode update.
   * source: update symlinks to reflect id of the latest release, 20220207
intel-microcode (3.20220207.1~bpo11+1) bullseye-backports; urgency=medium
 .
   * Rebuild for bullseye-backports (no changes required)
 .
 intel-microcode (3.20220207.1) unstable; urgency=medium
 .
   * upstream changelog: new upstream datafile 20220207
     * Mitigates (*only* when loaded from UEFI firmware through the FIT)
       CVE-2021-0146, INTEL-SA-00528: VT-d privilege escalation through
       debug port, on Pentium, Celeron and Atom processors with signatures
       0x506c9, 0x506ca, 0x506f1, 0x706a1, 0x706a8
       https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/issues/57#issuecomment-1036363145
     * Mitigates CVE-2021-0127, INTEL-SA-00532: an unexpected code breakpoint
       may cause a system hang, on many processors.
     * Mitigates CVE-2021-0145, INTEL-SA-00561: information disclosure due
       to improper sanitization of shared resources (fast-store forward
       predictor), on many processors.
     * Mitigates CVE-2021-33120, INTEL-SA-00589: out-of-bounds read on some
       Atom Processors may allow information disclosure or denial of service
       via network access.
     * Fixes critical errata (functional issues) on many processors
     * Adds a MSR switch to enable RAPL filtering (default off, once enabled
       it can only be disabled by poweroff or reboot).  Useful to protect
       SGX and other threads from side-channel info leak.  Improves the
       mitigation for CVE-2020-8694, CVE-2020-8695, INTEL-SA-00389 on many
       processors.
     * Disables TSX in more processor models.
     * Fixes issue with WBINDV on multi-socket (server) systems which could
       cause resets and unpredictable system behavior.
     * Adds a MSR switch to 10th and 11th-gen (Ice Lake, Tiger Lake, Rocket
       Lake) processors, to control a fix for (hopefully rare) unpredictable
       processor behavior when HyperThreading is enabled.  This MSR switch
       is enabled by default on *server* processors.  On other processors,
       it needs to be explicitly enabled by an updated UEFI/BIOS (with added
       configuration logic).  An updated operating system kernel might also
       be able to enable it.  When enabled, this fix can impact performance.
     * Updated Microcodes:
       sig 0x000306f2, pf_mask 0x6f, 2021-08-11, rev 0x0049, size 38912
       sig 0x000306f4, pf_mask 0x80, 2021-05-24, rev 0x001a, size 23552
       sig 0x000406e3, pf_mask 0xc0, 2021-04-28, rev 0x00ec, size 105472
       sig 0x00050653, pf_mask 0x97, 2021-05-26, rev 0x100015c, size 34816
       sig 0x00050654, pf_mask 0xb7, 2021-06-16, rev 0x2006c0a, size 43008
       sig 0x00050656, pf_mask 0xbf, 2021-08-13, rev 0x400320a, size 35840
       sig 0x00050657, pf_mask 0xbf, 2021-08-13, rev 0x500320a, size 36864
       sig 0x0005065b, pf_mask 0xbf, 2021-06-04, rev 0x7002402, size 28672
       sig 0x00050663, pf_mask 0x10, 2021-06-12, rev 0x700001c, size 28672
       sig 0x00050664, pf_mask 0x10, 2021-06-12, rev 0xf00001a, size 27648
       sig 0x00050665, pf_mask 0x10, 2021-09-18, rev 0xe000014, size 23552
       sig 0x000506c9, pf_mask 0x03, 2021-05-10, rev 0x0046, size 17408
       sig 0x000506ca, pf_mask 0x03, 2021-05-10, rev 0x0024, size 16384
       sig 0x000506e3, pf_mask 0x36, 2021-04-29, rev 0x00ec, size 108544
       sig 0x000506f1, pf_mask 0x01, 2021-05-10, rev 0x0036, size 11264
       sig 0x000606a6, pf_mask 0x87, 2021-12-03, rev 0xd000331, size 291840
       sig 0x000706a1, pf_mask 0x01, 2021-05-10, rev 0x0038, size 74752
       sig 0x000706a8, pf_mask 0x01, 2021-05-10, rev 0x001c, size 75776
       sig 0x000706e5, pf_mask 0x80, 2021-05-26, rev 0x00a8, size 110592
       sig 0x000806a1, pf_mask 0x10, 2021-09-02, rev 0x002d, size 34816
       sig 0x000806c1, pf_mask 0x80, 2021-08-06, rev 0x009a, size 109568
       sig 0x000806c2, pf_mask 0xc2, 2021-07-16, rev 0x0022, size 96256
       sig 0x000806d1, pf_mask 0xc2, 2021-07-16, rev 0x003c, size 101376
       sig 0x000806e9, pf_mask 0x10, 2021-04-28, rev 0x00ec, size 104448
       sig 0x000806e9, pf_mask 0xc0, 2021-04-28, rev 0x00ec, size 104448
       sig 0x000806ea, pf_mask 0xc0, 2021-04-28, rev 0x00ec, size 103424
       sig 0x000806eb, pf_mask 0xd0, 2021-04-28, rev 0x00ec, size 104448
       sig 0x000806ec, pf_mask 0x94, 2021-04-28, rev 0x00ec, size 104448
       sig 0x00090661, pf_mask 0x01, 2021-09-21, rev 0x0015, size 20480
       sig 0x000906c0, pf_mask 0x01, 2021-08-09, rev 0x2400001f, size 20480
       sig 0x000906e9, pf_mask 0x2a, 2021-04-29, rev 0x00ec, size 106496
       sig 0x000906ea, pf_mask 0x22, 2021-04-28, rev 0x00ec, size 102400
       sig 0x000906eb, pf_mask 0x02, 2021-04-28, rev 0x00ec, size 104448
       sig 0x000906ec, pf_mask 0x22, 2021-04-28, rev 0x00ec, size 103424
       sig 0x000906ed, pf_mask 0x22, 2021-04-28, rev 0x00ec, size 103424
       sig 0x000a0652, pf_mask 0x20, 2021-04-28, rev 0x00ec, size 93184
       sig 0x000a0653, pf_mask 0x22, 2021-04-28, rev 0x00ec, size 94208
       sig 0x000a0655, pf_mask 0x22, 2021-04-28, rev 0x00ee, size 94208
       sig 0x000a0660, pf_mask 0x80, 2021-04-28, rev 0x00ea, size 94208
       sig 0x000a0661, pf_mask 0x80, 2021-04-29, rev 0x00ec, size 93184
       sig 0x000a0671, pf_mask 0x02, 2021-08-29, rev 0x0050, size 102400
     * Removed Microcodes:
       sig 0x00080664, pf_mask 0x01, 2021-02-17, rev 0xb00000f, size 130048
       sig 0x00080665, pf_mask 0x01, 2021-02-17, rev 0xb00000f, size 130048
   * update .gitignore and debian/.gitignore.
     Add some missing items from .gitignore and debian/.gitignore.
   * ucode-blacklist: do not late-load 0x406e3 and 0x506e3.
     When the BIOS microcode is older than revision 0x7f (and perhaps in some
     other cases as well), the latest microcode updates for 0x406e3 and
     0x506e3 must be applied using the early update method.  Otherwise, the
     system might hang.  Also: there must not be any other intermediate
     microcode update attempts [other than the one done by the BIOS itself],
     either.  It must go from the BIOS microcode update directly to the
     latest microcode update.
   * source: update symlinks to reflect id of the latest release, 20220207

ipython (7.20.0-1+deb11u1) bullseye-security; urgency=high
 .
   * Fixes CVE-2022-21699 (execution of config files from the current
     directory, which might allow cross-user attacks if ipython is run from a
     directory multiple users can write). Closes: #1004122

ldap2zone (0.2-11+deb11u1) bullseye; urgency=medium
 .
   * debian/patches:
     + Update 0004_revert-broken-zones.patch. Stop using deprecated $(tempfile)
       command. (Closes: #1005354)

lemonldap-ng (2.0.11+ds-4+deb11u1) bullseye; urgency=medium
 .
   * Fix auth process in password-testing plugins (Closes: CVE-2021-20874)

libarchive (3.4.3-2+deb11u1) bullseye; urgency=medium
 .
   * Add four upstream fixes for various problems:
     - fix extracting hardlinks to symlinks
     - CVE-2021-23177: fix handling of symlink ACLs; Closes: 1001986
     - CVE-2021-31566: never follow symlinks when setting file flags;
       Closes: 1001990

libdatetime-timezone-perl (1:2.47-1+2022a) bullseye; urgency=medium
 .
   * Update to Olson database version 2022a.
     This update includes contemporary changes for Palestine.

libphp-adodb (5.20.19-1+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Prevent auth bypass with PostgreSQL connections (CVE-2021-3850)
     (Closes: #1004376)

libpod (3.0.1+dfsg1-3+deb11u1) bullseye; urgency=medium
 .
   * Rebuild against containers-common to pickup seccomp updates required
     for newer kernels. Closes: #​994451, #1006138

librecad (2.1.3-1.3+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * CVE-2021-21898: A code execution vulnerability exists in the
     dwgCompressor::decompress18() functionality of LibreCad libdxfrw. A
     specially-crafted .dwg file can lead to an out-of-bounds write.
   * CVE-2021-21899: A code execution vulnerability exists in the
     dwgCompressor::copyCompBytes21 functionality of LibreCad libdxfrw. A
     specially-crafted .dwg file can lead to a heap buffer overflow.
   * CVE-2021-21900: A code execution vulnerability exists in the
     dxfRW::processLType() functionality of LibreCad libdxfrw. A
     specially-crafted .dxf file can lead to a use-after-free
     vulnerability.
   * CVE-2021-45341: Buffer overflow vulnerabilities in CDataMoji of the jwwlib
     component of LibreCAD allows an attacker to achieve Remote Code Execution
     using a crafted JWW document.
   * CVE-2021-45342: Buffer overflow vulnerabilities in CDataList of the jwwlib
     component of LibreCAD allows an attacker to achieve Remote Code Execution
     using a crafted JWW document.
   * CVE-2021-45343: a NULL pointer dereference in the HATCH handling of
     libdxfrw allows an attacker to crash the application using a crafted DXF
     document.

libreswan (4.3-1+deb11u1) bullseye-security; urgency=high
 .
   * Fixes CVE-2022-23094

libxml2 (2.9.10+dfsg-6.7+deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Use-after-free of ID and IDREF attributes (CVE-2022-23308)
     (Closes: #1006489)

lighttpd (1.4.59-1+deb11u1) bullseye-security; urgency=medium
 .
   [ Glenn Strauss ]
   * Fix CVE-2022-22707 32-bit lighttpd mod_extforward crash.

linux (5.10.106-1) bullseye; urgency=medium
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.104
     - mac80211_hwsim: report NOACK frames in tx_status
     - mac80211_hwsim: initialize ieee80211_tx_info at hw_scan_work
     - [arm*] i2c: bcm2835: Avoid clock stretching timeouts
     - ASoC: rt5682: do not block workqueue if card is unbound
     - regulator: core: fix false positive in regulator_late_cleanup()
     - Input: clear BTN_RIGHT/MIDDLE on buttonpads
     - [arm64] KVM: arm64: vgic: Read HW interrupt pending state from the HW
     - tipc: fix a bit overflow in tipc_crypto_key_rcv()
     - cifs: fix double free race when mount fails in cifs_get_root()
     - net: usb: cdc_mbim: avoid altsetting toggling for Telit FN990
     - usb: gadget: don't release an existing dev->buf (CVE-2022-24958)
     - usb: gadget: clear related members when goto fail (CVE-2022-24958)
     - exfat: reuse exfat_inode_info variable instead of calling EXFAT_I()
     - exfat: fix i_blocks for files truncated over 4 GiB
     - tracing: Add test for user space strings when filtering on string pointers
     - [armhf] serial: stm32: prevent TDR register overwrite when sending x_char
     - ata: pata_hpt37x: fix PCI clock detection
     - drm/amdgpu: check vm ready by amdgpu_vm->evicting flag
     - tracing: Add ustring operation to filtering string pointers
     - [x86] ALSA: intel_hdmi: Fix reference to PCM buffer address
     - ASoC: ops: Shift tested values in snd_soc_put_volsw() by +min
     - [amd64] iommu/amd: Recover from event log overflow
     - [x86] drm/i915: s/JSP2/ICP2/ PCH
     - xen/netfront: destroy queues before real_num_tx_queues is zeroed
     - mm: Consider __GFP_NOWARN flag for oversized kvmalloc() calls
     - xfrm: fix MTU regression
     - netfilter: fix use-after-free in __nf_register_net_hook()
     - bpf, sockmap: Do not ignore orig_len parameter
     - xfrm: fix the if_id check in changelink
     - xfrm: enforce validity of offload input flags
     - e1000e: Correct NVM checksum verification flow
     - net: fix up skbs delta_truesize in UDP GRO frag_list
     - netfilter: nf_queue: don't assume sk is full socket
     - netfilter: nf_queue: fix possible use-after-free
     - netfilter: nf_queue: handle socket prefetch
     - batman-adv: Request iflink once in batadv-on-batadv check
     - batman-adv: Request iflink once in batadv_get_real_netdevice
     - batman-adv: Don't expect inter-netns unique iflink indices
     - net: ipv6: ensure we call ipv6_mc_down() at most once
     - net: dcb: flush lingering app table entries for unregistered devices
     - net/smc: fix connection leak
     - net/smc: fix unexpected SMC_CLC_DECL_ERR_REGRMB error generated by client
     - net/smc: fix unexpected SMC_CLC_DECL_ERR_REGRMB error cause by server
     - rcu/nocb: Fix missed nocb_timer requeue
     - ice: Fix race conditions between virtchnl handling and VF ndo ops
     - ice: fix concurrent reset and removal of VFs
     - sched/topology: Make sched_init_numa() use a set for the deduplicating
       sort
     - sched/topology: Fix sched_domain_topology_level alloc in sched_init_numa()
     - mac80211: fix forwarded mesh frames AC & queue selection
     - net: stmmac: fix return value of __setup handler
     - mac80211: treat some SAE auth steps as final
     - iavf: Fix missing check for running netdev
     - net: arcnet: com20020: Fix null-ptr-deref in com20020pci_probe()
     - ixgbe: xsk: change !netif_carrier_ok() handling in ixgbe_xmit_zc()
     - efivars: Respect "block" flag in efivar_entry_set_safe()
     - can: gs_usb: change active_channels's type from atomic_t to u8
     - igc: igc_read_phy_reg_gpy: drop premature return
     - [armel,armhf] 9182/1: mmu: fix returns from early_param() and __setup()
       functions
     - [arm64,armhf] pinctrl: sunxi: Use unique lockdep classes for IRQs
     - igc: igc_write_phy_reg_gpy: drop premature return
     - memfd: fix F_SEAL_WRITE after shmem huge page allocated
     - [armhf] dts: switch timer config to common devkit8000 devicetree
     - [armhf] dts: Use 32KiHz oscillator on devkit8000
     - [arm64] soc: fsl: guts: Revert commit 3c0d64e867ed
     - [arm64] soc: fsl: guts: Add a missing memory allocation failure check
     - [armhf] tegra: Move panels to AUX bus
     - net: chelsio: cxgb3: check the return value of pci_find_capability()
     - iavf: Refactor iavf state machine tracking
     - nl80211: Handle nla_memdup failures in handle_nan_filter
     - drm/amdgpu: fix suspend/resume hang regression
     - net: dcb: disable softirqs in dcbnl_flush_dev()
     - Input: elan_i2c - move regulator_[en|dis]able() out of
       elan_[en|dis]able_power()
     - Input: elan_i2c - fix regulator enable count imbalance after
       suspend/resume
     - HID: add mapping for KEY_DICTATE
     - HID: add mapping for KEY_ALL_APPLICATIONS
     - tracing/histogram: Fix sorting on old "cpu" value
     - tracing: Fix return value of __setup handlers
     - btrfs: fix lost prealloc extents beyond eof after full fsync
     - btrfs: qgroup: fix deadlock between rescan worker and remove qgroup
     - btrfs: add missing run of delayed items after unlink during log replay
     - Revert "xfrm: xfrm_state_mtu should return at least 1280 for ipv6"
     - hamradio: fix macro redefine warning
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.105
     - [x86] bugs: Unconditionally allow spectre_v2=retpoline,amd
     - [armhf] report Spectre v2 status through sysfs
     - [armel,armhf] early traps initialisation
     - [armel,armhf] use LOADADDR() to get load address of sections
     - [armel,armhf] Spectre-BHB workaround
     - [armel,armhf] include unprivileged BPF status in Spectre V2 reporting
     - [arm64] cputype: Add CPU implementor & types for the Apple M1 cores
     - [arm64] Add Neoverse-N2, Cortex-A710 CPU part definition
     - [arm64] Add Cortex-X2 CPU part definition
     - [arm64] Add Cortex-A510 CPU part definition
     - [arm64] Add HWCAP for self-synchronising virtual counter
     - [arm64] add ID_AA64ISAR2_EL1 sys register
     - [arm64] cpufeature: add HWCAP for FEAT_AFP
     - [arm64] cpufeature: add HWCAP for FEAT_RPRES
     - [arm64] entry.S: Add ventry overflow sanity checks
     - [arm64] spectre: Rename spectre_v4_patch_fw_mitigation_conduit
     - [arm64] entry: Make the trampoline cleanup optional
     - [arm64] entry: Free up another register on kpti's tramp_exit path
     - [arm64] entry: Move the trampoline data page before the text page
     - [arm64] entry: Allow tramp_alias to access symbols after the 4K boundary
     - [arm64] entry: Don't assume tramp_vectors is the start of the vectors
     - [arm64] entry: Move trampoline macros out of ifdef'd section
     - [arm64] entry: Make the kpti trampoline's kpti sequence optional
     - [arm64] entry: Allow the trampoline text to occupy multiple pages
     - [arm64] entry: Add non-kpti __bp_harden_el1_vectors for mitigations
     - [arm64] entry: Add vectors that have the bhb mitigation sequences
     - [arm64] entry: Add macro for reading symbol addresses from the trampoline
     - [arm64] Add percpu vectors for EL1
     - [arm64] proton-pack: Report Spectre-BHB vulnerabilities as part of
       Spectre-v2
     - [arm64] KVM: arm64: Allow indirect vectors to be used without SPECTRE_V3A
     - [arm64] Mitigate spectre style branch history side channels
     - [arm64] KVM: arm64: Allow SMCCC_ARCH_WORKAROUND_3 to be discovered and
       migrated
     - [arm64] Use the clearbhb instruction in mitigations
     - [arm64] proton-pack: Include unprivileged eBPF status in Spectre v2
       mitigation reporting
     - [armel,armhf] fix co-processor register typo
     - [armel,armhf] Do not use NOCROSSREFS directive with ld.lld
     - [armhf] fix build warning in proc-v7-bugs.c
     - xen/xenbus: don't let xenbus_grant_ring() remove grants in error case
       (CVE-2022-23040, XSA-396)
     - xen/grant-table: add gnttab_try_end_foreign_access() (CVE-2022-23036,
       CVE-2022-23038, XSA-396)
     - xen/blkfront: don't use gnttab_query_foreign_access() for mapped status
       (CVE-2022-23036, XSA-396)
     - xen/netfront: don't use gnttab_query_foreign_access() for mapped status
       (CVE-2022-23037, XSA-396)
     - xen/scsifront: don't use gnttab_query_foreign_access() for mapped status
       (CVE-2022-23038, XSA-396)
     - xen/gntalloc: don't use gnttab_query_foreign_access() (CVE-2022-23039,
       XSA-396)
     - xen: remove gnttab_query_foreign_access()
     - xen/9p: use alloc/free_pages_exact() (CVE-2022-23041, XSA-396)
     - xen/pvcalls: use alloc/free_pages_exact() (CVE-2022-23041, XSA-396)
     - xen/gnttab: fix gnttab_end_foreign_access() without page specified
       (CVE-2022-23041, XSA-396)
     - xen/netfront: react properly to failing gnttab_end_foreign_access_ref()
       (CVE-2022-23042, XSA-396)
     - Revert "ACPI: PM: s2idle: Cancel wakeup before dispatching EC GPE"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.106
     - [arm64] clk: qcom: gdsc: Add support to update GDSC transition delay
     - [arm64] dts: armada-3720-turris-mox: Add missing ethernet0 alias
     - tipc: fix kernel panic when enabling bearer
     - mISDN: Remove obsolete PIPELINE_DEBUG debugging information
     - mISDN: Fix memory leak in dsp_pipeline_build()
     - virtio-blk: Don't use MAX_DISCARD_SEGMENTS if max_discard_seg is zero
     - isdn: hfcpci: check the return value of dma_set_mask() in setup_hw()
     - net: qlogic: check the return value of dma_alloc_coherent() in
       qed_vf_hw_prepare()
     - esp: Fix BEET mode inter address family tunneling on GSO
     - qed: return status of qed_iov_get_link
     - i40e: stop disabling VFs due to PF error responses
     - ice: stop disabling VFs due to PF error responses
     - ice: Align macro names to the specification
     - ice: Remove unnecessary checker loop
     - ice: Rename a couple of variables
     - ice: Fix curr_link_speed advertised speed
     - tipc: fix incorrect order of state message data sanity check
     - [armhf] net: ethernet: ti: cpts: Handle error for clk_enable
     - ax25: Fix NULL pointer dereference in ax25_kill_by_device
     - net/mlx5: Fix size field in bufferx_reg struct
     - net/mlx5: Fix a race on command flush flow
     - net/mlx5e: Lag, Only handle events from highest priority multipath entry
     - NFC: port100: fix use-after-free in port100_send_complete
     - net: phy: DP83822: clear MISR2 register to disable interrupts
     - sctp: fix kernel-infoleak for SCTP sockets
     - [arm64] net: bcmgenet: Don't claim WOL when its not available
     - [arm64,armhf] spi: rockchip: Fix error in getting num-cs property
     - [arm64,armhf] spi: rockchip: terminate dma transmission when slave abort
     - net-sysfs: add check for netdevice being present to speed_show
     - [armhf] hwmon: (pmbus) Clear pmbus fault/warning bits after read
     - gpio: Return EPROBE_DEFER if gc->to_irq is NULL
     - Revert "xen-netback: remove 'hotplug-status' once it has served its
       purpose"
     - Revert "xen-netback: Check for hotplug-status existence before watching"
     - ipv6: prevent a possible race condition with lifetimes
     - tracing: Ensure trace buffer is at least 4096 bytes large
     - fuse: fix pipe buffer lifetime for direct_io
     - staging: rtl8723bs: Fix access-point mode deadlock
     - [arm64] net: macb: Fix lost RX packet wakeup race in NAPI receive
     - [arm64] mmc: meson: Fix usage of meson_mmc_post_req()
     - [arm64] dts: marvell: armada-37xx: Remap IO space to bus address 0x0
     - virtio: unexport virtio_finalize_features
     - virtio: acknowledge all features before access
     - watch_queue, pipe: Free watchqueue state after clearing pipe ring
       (CVE-2022-0995)
     - watch_queue: Fix to release page in ->release() (CVE-2022-0995)
     - watch_queue: Fix to always request a pow-of-2 pipe ring size
       (CVE-2022-0995)
     - watch_queue: Fix the alloc bitmap size to reflect notes allocated
       (CVE-2022-0995)
     - watch_queue: Free the alloc bitmap when the watch_queue is torn down
       (CVE-2022-0995)
     - watch_queue: Fix lack of barrier/sync/lock between post and read
       (CVE-2022-0995)
     - watch_queue: Make comment about setting ->defunct more accurate
       (CVE-2022-0995)
     - [x86] boot: Fix memremap of setup_indirect structures
     - [x86] boot: Add setup_indirect support in early_memremap_is_setup_data()
     - [x86] traps: Mark do_int3() NOKPROBE_SYMBOL
     - ext4: add check to prevent attempting to resize an fs with sparse_super2
     - [armel,armhf] fix Thumb2 regression with Spectre BHB
     - watch_queue: Fix filter limit check ((CVE-2022-0995)
 .
   [ Salvatore Bonaccorso ]
   * Bump ABI to 13
   * [rt] Update to 5.10.104-rt63
   * [rt] Update to 5.10.106-rt64
   * sctp: fix the processing for INIT chunk (CVE-2021-3772)
   * tcp: make tcp_read_sock() more robust
   * io_uring: return back safer resurrect
   * [arm64] kvm: Fix copy-and-paste error in bhb templates for v5.10 stable
linux (5.10.103-1) bullseye-security; urgency=high
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.93
     - kbuild: Add $(KBUILD_HOSTLDFLAGS) to 'has_libelf' test
     - devtmpfs regression fix: reconfigure on each mount
     - orangefs: Fix the size of a memory allocation in orangefs_bufmap_alloc()
     - perf: Protect perf_guest_cbs with RCU
     - [x86] KVM: Register Processor Trace interrupt hook iff PT enabled in guest
     - [s390x] KVM: Clarify SIGP orders versus STOP/RESTART
     - 9p: only copy valid iattrs in 9P2000.L setattr implementation
     - [x86] video: vga16fb: Only probe for EGA and VGA 16 color graphic cards
     - media: uvcvideo: fix division by zero at stream start
     - rtlwifi: rtl8192cu: Fix WARNING when calling local_irq_restore() with
       interrupts enabled
     - firmware: qemu_fw_cfg: fix sysfs information leak
     - firmware: qemu_fw_cfg: fix NULL-pointer deref on duplicate entries
     - firmware: qemu_fw_cfg: fix kobject leak in probe error path
     - [x86] KVM: remove PMU FIXED_CTR3 from msrs_to_save_all
     - ALSA: hda/realtek: Add speaker fixup for some Yoga 15ITL5 devices
     - ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Master after
       reboot from Windows
     - ALSA: hda: ALC287: Add Lenovo IdeaPad Slim 9i 14ITL5 speaker quirk
     - ALSA: hda/realtek: Add quirk for Legion Y9000X 2020
     - ALSA: hda/realtek: Re-order quirk entries for Lenovo
     - [powerpc*] pseries: Get entry and uaccess flush required bits from
       H_GET_CPU_CHARACTERISTICS
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.94
     - [x86] KVM: VMX: switch blocked_vcpu_on_cpu_lock to raw spinlock
     - HID: uhid: Fix worker destroying device without any protection
     - HID: wacom: Reset expected and received contact counts at the same time
     - HID: wacom: Ignore the confidence flag when a touch is removed
     - HID: wacom: Avoid using stale array indicies to read contact count
     - f2fs: fix to do sanity check in is_alive()
     - nfc: llcp: fix NULL error pointer dereference on sendmsg() after failed
       bind()
     - [armhf] mtd: rawnand: gpmi: Add ERR007117 protection for nfc_apply_timings
     - [armhf] mtd: rawnand: gpmi: Remove explicit default gpmi clock setting for
       i.MX6
     - mtd: Fixed breaking list in __mtd_del_partition.
     - [x86] gpu: Reserve stolen memory for first integrated Intel GPU
     - rtc: cmos: take rtc_lock while reading from CMOS
     - media: v4l2-ioctl.c: readbuffers depends on V4L2_CAP_READWRITE
     - media: flexcop-usb: fix control-message timeouts
     - media: mceusb: fix control-message timeouts
     - media: em28xx: fix control-message timeouts
     - media: cpia2: fix control-message timeouts
     - media: s2255: fix control-message timeouts
     - media: dib0700: fix undefined behavior in tuner shutdown
     - media: redrat3: fix control-message timeouts
     - media: pvrusb2: fix control-message timeouts
     - media: stk1160: fix control-message timeouts
     - [armhf] media: cec-pin: fix interrupt en/disable handling
     - [x86] can: softing_cs: softingcs_probe(): fix memleak on registration
       failure
     - iio: adc: ti-adc081c: Partial revert of removal of ACPI IDs
     - [arm64,armhf] gpu: host1x: Add back arm_iommu_detach_device()
     - dma_fence_array: Fix PENDING_ERROR leak in dma_fence_array_signaled()
     - PCI: Add function 1 DMA alias quirk for Marvell 88SE9125 SATA controller
     - mm_zone: add function to check if managed dma zone exists
     - [arm64] dma/pool: create dma atomic pool only if dma zone has managed
       pages
     - mm/page_alloc.c: do not warn allocation failure on zone DMA if no managed
       pages
     - shmem: fix a race between shmem_unused_huge_shrink and shmem_evict_inode
     - drm/ttm: Put BO in its memory manager's lru list
     - Bluetooth: L2CAP: Fix not initializing sk_peer_pid
     - [armhf] drm/bridge: display-connector: fix an uninitialized pointer in
       probe()
     - drm: fix null-ptr-deref in drm_dev_init_release()
     - [arm64,armhf] drm/rockchip: dsi: Fix unbalanced clock on probe error
     - [arm64,armhf] drm/rockchip: dsi: Hold pm-runtime across bind/unbind
     - [arm64,armhf] drm/rockchip: dsi: Disable PLL clock on bind error
     - [arm64,armhf] drm/rockchip: dsi: Reconfigure hardware on resume()
     - Bluetooth: cmtp: fix possible panic when cmtp_init_sockets() fails
     - [arm*] clk: bcm-2835: Pick the closest clock rate
     - [arm*] clk: bcm-2835: Remove rounding up the dividers
     - [arm*] drm/vc4: hdmi: Set a default HSM rate
     - [arm64] wcn36xx: ensure pairing of init_scan/finish_scan and
       start_scan/end_scan
     - [arm64] wcn36xx: Indicate beacon not connection loss on MISSED_BEACON_IND
     - [arm64] wcn36xx: Fix DMA channel enable/disable cycle
     - [arm64] wcn36xx: Release DMA channel descriptor allocations
     - [arm64] wcn36xx: Put DXE block into reset before freeing memory
     - [arm64] wcn36xx: populate band before determining rate on RX
     - [arm64] wcn36xx: fix RX BD rate mapping for 5GHz legacy rates
     - ath11k: Send PPDU_STATS_CFG with proper pdev mask to firmware
     - media: videobuf2: Fix the size printk format
     - [armhf] media: aspeed: fix mode-detect always time out at 2nd run
     - media: em28xx: fix memory leak in em28xx_init_dev
     - [armhf] media: aspeed: Update signal status immediately to ensure sane hw
       state
     - fs: dlm: use sk->sk_socket instead of con->sock
     - fs: dlm: don't call kernel_getpeername() in error_report()
     - Bluetooth: stop proccessing malicious adv data
     - ath11k: Fix ETSI regd with weather radar overlap
     - ath11k: clear the keys properly via DISABLE_KEY
     - ath11k: reset RSN/WPA present state for open BSS
     - [arm64] tee: fix put order in teedev_close_context()
     - [x86] drm/vboxvideo: fix a NULL vs IS_ERR() check
     - media: dmxdev: fix UAF when dvb_register_device() fails
     - [arm64] crypto: qce - fix uaf on qce_ahash_register_one
     - [arm64] crypto: qce - fix uaf on qce_skcipher_register_one
     - [armhf] dts: stm32: fix dtbs_check warning on ili9341 dts binding on
       stm32f429 disco
     - [x86] crypto: qat - fix spelling mistake: "messge" -> "message"
     - [x86] crypto: qat - remove unnecessary collision prevention step in PFVF
     - [x86] crypto: qat - make pfvf send message direction agnostic
     - [x86] crypto: qat - fix undetected PFVF timeout in ACK loop
     - ath11k: Use host CE parameters for CE interrupts configuration
     - [armhf] media: imx-pxp: Initialize the spinlock prior to using it
     - [armhf] media: coda: fix CODA960 JPEG encoder buffer overflow
     - [arm64] media: venus: pm_helpers: Control core power domain manually
     - [arm64] media: venus: core, venc, vdec: Fix probe dependency error
     - [arm64] media: venus: core: Fix a potential NULL pointer dereference in an
       error handling path
     - [arm64] media: venus: core: Fix a resource leak in the error handling path
       of 'venus_probe()'
     - [armhf] thermal/drivers/imx: Implement runtime PM support
     - netfilter: bridge: add support for pppoe filtering
     - cgroup: Trace event cgroup id fields should be u64
     - ACPI: EC: Rework flushing of EC work while suspended to idle
     - drm/amdgpu: Fix a NULL pointer dereference in
       amdgpu_connector_lcd_native_mode()
     - drm/radeon/radeon_kms: Fix a NULL pointer dereference in
       radeon_driver_open_kms()
     - [arm*] serial: amba-pl011: do not request memory region twice
     - floppy: Fix hang in watchdog when disk is ejected
     - [x86] staging: rtl8192e: return error code from rtllib_softmac_init()
     - [x86] staging: rtl8192e: rtllib_module: fix error handle case in
       alloc_rtllib()
     - sched/fair: Fix detection of per-CPU kthreads waking a task
     - sched/fair: Fix per-CPU kthread and wakee stacking for asym CPU capacity
     - bpf: Adjust BTF log size limit.
     - bpf: Disallow BPF_LOG_KERNEL log level for bpf(BPF_BTF_LOAD)
     - bpf: Remove config check to enable bpf support for branch records
     - [arm64] lib: Annotate {clear, copy}_page() as position-independent
     - [arm64] clear_page() shouldn't use DC ZVA when DCZID_EL0.DZP == 1
     - media: dib8000: Fix a memleak in dib8000_init()
     - media: saa7146: mxb: Fix a NULL pointer dereference in mxb_attach()
     - media: si2157: Fix "warm" tuner state detection
     - wireless: iwlwifi: Fix a double free in iwl_txq_dyn_alloc_dma
     - sched/rt: Try to restart rt period timer when rt runtime exceeded
     - rcu/exp: Mark current CPU as exp-QS in IPI loop second pass
     - mwifiex: Fix possible ABBA deadlock
     - xfrm: fix a small bug in xfrm_sa_len()
     - [x86] uaccess: Move variable into switch case statement
     - [armhf] crypto: stm32 - Fix last sparse warning in
       stm32_cryp_check_ctr_counter
     - [armhf] crypto: stm32/cryp - fix CTR counter carry
     - [armhf] crypto: stm32/cryp - fix xts and race condition in crypto_engine
       requests
     - [armhf] crypto: stm32/cryp - check early input data
     - [armhf] crypto: stm32/cryp - fix double pm exit
     - [armhf] crypto: stm32/cryp - fix lrw chaining mode
     - [armhf] crypto: stm32/cryp - fix bugs and crash in tests
     - [armhf] crypto: stm32 - Revert broken pm_runtime_resume_and_get changes
     - ath11k: Fix deleting uninitialized kernel timer during fragment cache
       flush
     - media: dw2102: Fix use after free
     - media: msi001: fix possible null-ptr-deref in msi001_probe()
     - [armhf] media: coda/imx-vdoa: Handle dma_set_coherent_mask error codes
     - ath11k: Fix a NULL pointer dereference in ath11k_mac_op_hw_scan()
     - [arm64] dts: qcom: c630: Fix soundcard setup
     - [arm64] drm/msm/dpu: fix safe status debugfs file
     - [arm64,armhf] drm/tegra: vic: Fix DMA API misuse
     - xfrm: interface with if_id 0 should return error
     - xfrm: state and policy should fail if XFRMA_IF_ID 0
     - [armel,armhf] 9159/1: decompressor: Avoid UNPREDICTABLE NOP encoding
     - usb: ftdi-elan: fix memory leak on device disconnect
     - iwlwifi: mvm: fix 32-bit build in FTM
     - iwlwifi: mvm: test roc running status bits before removing the sta
     - [armhf] mmc: meson-mx-sdio: add IRQ check
     - selinux: fix potential memleak in selinux_add_opt()
     - Bluetooth: L2CAP: Fix using wrong mode
     - bpftool: Enable line buffering for stdout
     - software node: fix wrong node passed to find nargs_prop
     - Bluetooth: hci_qca: Stop IBS timer during BT OFF
     - [x86] mce/inject: Avoid out-of-bounds write when setting flags
     - ACPI: scan: Create platform device for BCM4752 and LNV4752 ACPI nodes
     - [x86] pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in
       __nonstatic_find_io_region()
     - [x86] pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in
       nonstatic_find_mem_region()
     - netfilter: ipt_CLUSTERIP: fix refcount leak in clusterip_tg_check()
     - bpf: Don't promote bogus looking registers after null check.
     - bpf: Fix SO_RCVBUF/SO_SNDBUF handling in _bpf_setsockopt().
     - netfilter: nft_set_pipapo: allocate pcpu scratch maps on clone
     - ppp: ensure minimum packet size in ppp_write()
     - Bluetooth: hci_bcm: Check for error irq
     - Bluetooth: hci_qca: Fix NULL vs IS_ERR_OR_NULL check in qca_serdev_probe
     - [arm64] usb: dwc3: qcom: Fix NULL vs IS_ERR checking in dwc3_qcom_probe
     - HID: hid-uclogic-params: Invalid parameter check in uclogic_params_init
     - HID: hid-uclogic-params: Invalid parameter check in
       uclogic_params_get_str_desc
     - HID: hid-uclogic-params: Invalid parameter check in
       uclogic_params_huion_init
     - HID: hid-uclogic-params: Invalid parameter check in
       uclogic_params_frame_init_v1_buttonpad
     - debugfs: lockdown: Allow reading debugfs files that are not world readable
     - net/mlx5e: Fix page DMA map/unmap attributes
     - net/mlx5e: Don't block routes with nexthop objects in SW
     - Revert "net/mlx5e: Block offload of outer header csum for UDP tunnels"
     - net/mlx5: Set command entry semaphore up once got index free
     - lib/mpi: Add the return value check of kcalloc()
     - Bluetooth: L2CAP: uninitialized variables in l2cap_sock_setsockopt()
     - [arm64,armhf] spi: spi-meson-spifc: Add missing pm_runtime_disable() in
       meson_spifc_probe
     - ax25: uninitialized variable in ax25_setsockopt()
     - netrom: fix api breakage in nr_setsockopt()
     - regmap: Call regmap_debugfs_exit() prior to _init()
     - tpm: add request_locality before write TPM_INT_ENABLE
     - tpm_tis: Fix an error handling path in 'tpm_tis_core_init()'
     - can: softing: softing_startstop(): fix set but not used variable warning
     - pcmcia: fix setting of kthread task states
     - iwlwifi: mvm: Use div_s64 instead of do_div in iwl_mvm_ftm_rtt_smoothing()
     - net: mcs7830: handle usb read errors properly
     - ext4: avoid trim error on fs with small groups
     - ALSA: jack: Add missing rwsem around snd_ctl_remove() calls
     - ALSA: PCM: Add missing rwsem around snd_ctl_remove() calls
     - ALSA: hda: Add missing rwsem around snd_ctl_remove() calls
     - RDMA/bnxt_re: Scan the whole bitmap when checking if "disabling RCFW with
       pending cmd-bit"
     - [arm64] RDMA/hns: Validate the pkey index
     - scsi: pm80xx: Update WARN_ON check in pm8001_mpi_build_cmd()
     - [arm64] clk: imx8mn: Fix imx8mn_clko1_sels
     - [powerpc*] prom_init: Fix improper check of prom_getprop()
     - dt-bindings: thermal: Fix definition of cooling-maps contribution property
     - [powerpc*] 64s: Convert some cpu_setup() and cpu_restore() functions to C
     - [powerpc*] perf: MMCR0 control for PMU registers under PMCC=00
     - [powerpc*] perf: move perf irq/nmi handling details into traps.c
     - [powerpc*] irq: Add helper to set regs->softe
     - [powerpc*] perf: Fix PMU callbacks to clear pending PMI before resetting
       an overflown PMC
     - clocksource: Reduce clocksource-skew threshold
     - clocksource: Avoid accidental unstable marking of clocksources
     - ALSA: oss: fix compile error when OSS_DEBUG is enabled
     - ALSA: usb-audio: Drop superfluous '0' in Presonus Studio 1810c's ID
     - [arm*] binder: fix handling of error during copy
     - [arm64,armhf] iommu/io-pgtable-arm: Fix table descriptor paddr formatting
     - scsi: ufs: Fix race conditions related to driver data
     - RDMA/qedr: Fix reporting max_{send/recv}_wr attrs
     - PCI/MSI: Fix pci_irq_vector()/pci_irq_get_affinity()
     - RDMA/core: Let ib_find_gid() continue search even after empty entry
     - RDMA/cma: Let cma_resolve_ib_dev() continue search even after empty entry
     - [x86] ASoC: rt5663: Handle device_property_read_u32_array error codes
     - [amd64] iommu/amd: Remove iommu_init_ga()
     - [amd64] iommu/amd: Restore GA log/tail pointer on host resume
     - [x86] ASoC: Intel: catpt: Test dmaengine_submit() result before moving on
     - iommu/iova: Fix race between FQ timeout and teardown
     - scsi: block: pm: Always set request queue runtime active in
       blk_post_runtime_resume()
     - [powerpc*] xive: Add missing null check after calling kmalloc
     - RDMA/cxgb4: Set queue pair state when being queried
     - of: base: Fix phandle argument length mismatch error message
     - [armhf] dts: omap3-n900: Fix lp5523 for multi color
     - Bluetooth: Fix debugfs entry leak in hci_register_dev()
     - fs: dlm: filter user dlm messages for kernel locks
     - [arm64,armhf] drm/lima: fix warning when CONFIG_DEBUG_SG=y &
       CONFIG_DMA_API_DEBUG=y
     - ar5523: Fix null-ptr-deref with unexpected WDCMSG_TARGET_START reply
     - [arm64,armhf] drm/bridge: dw-hdmi: handle ELD when
       DRM_BRIDGE_ATTACH_NO_CONNECTOR
     - drm/nouveau/pmu/gm200-: avoid touching PMU outside of DEVINIT/PREOS/ACR
     - batman-adv: allow netlink usage in unprivileged containers
     - ath11k: Fix crash caused by uninitialized TX ring
     - usb: gadget: f_fs: Use stream_open() for endpoint files
     - drm: panel-orientation-quirks: Add quirk for the Lenovo Yoga Book X91F/L
     - HID: apple: Do not reset quirks when the Fn key is not found
     - media: b2c2: Add missing check in flexcop_pci_isr:
     - drm/amdgpu/display: set vblank_disable_immediate for DC
     - [arm64,armhf] tty: serial: imx: disable UCR4_OREN in .stop_rx() instead of
       .shutdown()
     - gpiolib: acpi: Do not set the IRQ type if the IRQ is already in use
     - [armhf] HSI: core: Fix return freed object in hsi_new_client
     - crypto: jitter - consider 32 LSB for APT
     - rsi: Fix use-after-free in rsi_rx_done_handler()
     - rsi: Fix out-of-bounds read in rsi_read_pkt()
     - ath11k: Avoid NULL ptr access during mgmt tx cleanup
     - [arm64] media: venus: avoid calling core_clk_setrate() concurrently during
       concurrent video sessions
     - [x86] ACPI / x86: Drop PWM2 device on Lenovo Yoga Book from always present
       table
     - ACPI: Change acpi_device_always_present() into
       acpi_device_override_status()
     - [x86] ACPI / x86: Allow specifying acpi_device_override_status() quirks by
       path
     - [x86] ACPI / x86: Add not-present quirk for the PCI0.SDHB.BRC1 device on
       the GPD win
     - floppy: Add max size check for user space request
     - [x86] mm: Flush global TLB when switching to trampoline page-table
     - media: saa7146: hexium_orion: Fix a NULL pointer dereference in
       hexium_attach()
     - media: m920x: don't use stack on USB reads
     - [x86] thunderbolt: Runtime PM activate both ends of the device link
     - iwlwifi: mvm: synchronize with FW after multicast commands
     - iwlwifi: mvm: avoid clearing a just saved session protection id
     - ath11k: avoid deadlock by change ieee80211_queue_work for regd_update_work
     - ath10k: Fix tx hanging
     - net-sysfs: update the queue counts in the unregistration path
     - net: phy: prefer 1000baseT over 1000baseKX
     - [armhf] gpio: aspeed: Convert aspeed_gpio.lock to raw_spinlock
     - ath11k: Avoid false DEADLOCK warning reported by lockdep
     - [x86] mce: Allow instrumentation during task work queueing
     - [x86] mce: Mark mce_panic() noinstr
     - [x86] mce: Mark mce_end() noinstr
     - [x86] mce: Mark mce_read_aux() noinstr
     - net: bonding: debug: avoid printing debug logs when bond is not notifying
       peers
     - bpf: Do not WARN in bpf_warn_invalid_xdp_action()
     - HID: quirks: Allow inverting the absolute X/Y values
     - media: igorplugusb: receiver overflow should be reported
     - media: saa7146: hexium_gemini: Fix a NULL pointer dereference in
       hexium_attach()
     - mmc: core: Fixup storing of OCR for MMC_QUIRK_NONSTD_SDIO
     - audit: ensure userspace is penalized the same as the kernel when under
       pressure
     - [arm64] dts: ls1028a-qds: move rtc node to the correct i2c bus
     - PM: runtime: Add safety net to supplier device release
     - cpufreq: Fix initialization of min and max frequency QoS requests
     - usb: hub: Add delay for SuperSpeed hub resume to let links transit to U0
     - ath9k: Fix out-of-bound memcpy in ath9k_hif_usb_rx_stream
     - rtw88: 8822c: update rx settings to prevent potential hw deadlock
     - iwlwifi: fix leaks/bad data after failed firmware load
     - iwlwifi: remove module loading failure message
     - iwlwifi: mvm: Fix calculation of frame length
     - iwlwifi: pcie: make sure prph_info is set when treating wakeup IRQ
     - ath11k: Fix napi related hang
     - Bluetooth: vhci: Set HCI_QUIRK_VALID_LE_STATES
     - xfrm: rate limit SA mapping change message to user space
     - [armhf] drm/etnaviv: consider completed fence seqno in hang check
     - jffs2: GC deadlock reading a page that is used in jffs2_write_begin()
     - ACPICA: actypes.h: Expand the ACPI_ACCESS_ definitions
     - ACPICA: Utilities: Avoid deleting the same object twice in a row
     - ACPICA: Executer: Fix the REFCLASS_REFOF case in acpi_ex_opcode_1A_0T_1R()
     - ACPICA: Fix wrong interpretation of PCC address
     - ACPICA: Hardware: Do not flush CPU cache when entering S4 and S5
     - drm/amdgpu: fixup bad vram size on gmc v8
     - ACPI: battery: Add the ThinkPad "Not Charging" quirk
     - btrfs: remove BUG_ON() in find_parent_nodes()
     - btrfs: remove BUG_ON(!eie) in find_parent_nodes
     - net: mdio: Demote probed message to debug print
     - mac80211: allow non-standard VHT MCS-10/11
     - dm btree: add a defensive bounds check to insert_at()
     - dm space map common: add bounds check to sm_ll_lookup_bitmap()
     - net: phy: marvell: configure RGMII delays for 88E1118
     - [arm64] regulator: qcom_smd: Align probe function with rpmh-regulator
     - [arm64,armhf] serial: pl010: Drop CR register reset on set_termios
     - serial: core: Keep mctrl register state and cached copy in sync
     - random: do not throw away excess input to crng_fast_load
     - [powerpc*] powernv: add missing of_node_put
     - [powerpc*] btext: add missing of_node_put
     - [powerpc*] watchdog: Fix missed watchdog reset due to memory ordering race
     - [x86] i2c: i801: Don't silently correct invalid transfer size
     - [powerpc*] smp: Move setup_profiling_timer() under CONFIG_PROFILING
     - [powerpc*] i2c: mpc: Correct I2C reset procedure
     - [arm64] clk: meson: gxbb: Fix the SDM_EN bit for MPLL0 on GXBB
     - [powerpc*] KVM: PPC: Book3S: Suppress warnings when allocating too big
       memory slots
     - [powerpc*] KVM: PPC: Book3S: Suppress failed alloc warning in
       H_COPY_TOFROM_GUEST
     - w1: Misuse of get_user()/put_user() reported by sparse
     - nvmem: core: set size for sysfs bin file
     - dm: fix alloc_dax error handling in alloc_dev
     - scsi: lpfc: Trigger SLI4 firmware dump before doing driver cleanup
     - ALSA: seq: Set upper limit of processed events
     - [powerpc*] handle kdump appropriately with crash_kexec_post_notifiers
       option
     - [powerpc*] fadump: Fix inaccurate CPU state info in vmcore generated with
       panic
     - udf: Fix error handling in udf_new_inode()
     - [mips64el,mipsel] OCTEON: add put_device() after of_find_device_by_node()
     - [arm64,armhf] irqchip/gic-v4: Disable redistributors' view of the VPE
       table at boot time
     - [x86] i2c: designware-pci: Fix to change data types of hcnt and lcnt
       parameters
     - scsi: sr: Don't use GFP_DMA
     - [arm64] rpmsg: core: Clean up resources on announce_create failure.
     - [armhf] crypto: stm32/crc32 - Fix kernel BUG triggered in probe()
     - [arm64] crypto: caam - replace this_cpu_ptr with raw_cpu_ptr
     - ubifs: Error path in ubifs_remount_rw() seems to wrongly free write
       buffers
     - tpm: fix NPE on probe for missing device
     - xen/gntdev: fix unmap notification order
     - fuse: Pass correct lend value to filemap_write_and_wait_range()
     - serial: Fix incorrect rs485 polarity on uart open
     - cputime, cpuacct: Include guest time in user time in cpuacct.stat
     - tracing/kprobes: 'nmissed' not showed correctly for kretprobe
     - iwlwifi: mvm: Increase the scan timeout guard to 30 seconds
     - [s390x] mm: fix 2KB pgtable release race
     - device property: Fix fwnode_graph_devcon_match() fwnode leak
     - [armhf] drm/etnaviv: limit submit sizes
     - drm/nouveau/kms/nv04: use vzalloc for nv04_display
     - [arm64,armhf] drm/bridge: analogix_dp: Make PSR-exit block less
     - [powerpc*] 64s/radix: Fix huge vmap false positive
     - [arm64] PCI: xgene: Fix IB window setup
     - PCI: pciehp: Use down_read/write_nested(reset_lock) to fix lockdep errors
     - [arm*] PCI: pci-bridge-emul: Make expansion ROM Base Address register
       read-only
     - [arm*] PCI: pci-bridge-emul: Properly mark reserved PCIe bits in PCI
       config space
     - [arm*] PCI: pci-bridge-emul: Fix definitions of reserved bits
     - [arm*] PCI: pci-bridge-emul: Correctly set PCIe capabilities
     - [arm*] PCI: pci-bridge-emul: Set PCI_STATUS_CAP_LIST for PCIe device
     - xfrm: fix policy lookup for ipv6 gre packets
     - btrfs: fix deadlock between quota enable and other quota operations
     - btrfs: check the root node for uptodate before returning it
     - btrfs: respect the max size in the header when activating swap file
     - ext4: make sure to reset inode lockdep class when quota enabling fails
     - ext4: make sure quota gets properly shutdown on error
     - ext4: fix a possible ABBA deadlock due to busy PA
     - ext4: initialize err_blk before calling __ext4_get_inode_loc
     - ext4: fix fast commit may miss tracking range for FALLOC_FL_ZERO_RANGE
     - ext4: set csum seed in tmp inode while migrating to extents
     - ext4: Fix BUG_ON in ext4_bread when write quota data
     - ext4: use ext4_ext_remove_space() for fast commit replay delete range
     - ext4: fast commit may miss tracking unwritten range during ftruncate
     - ext4: destroy ext4_fc_dentry_cachep kmemcache on module removal
     - ext4: fix null-ptr-deref in '__ext4_journal_ensure_credits'
     - ext4: don't use the orphan list when migrating an inode
     - drm/radeon: fix error handling in radeon_driver_open_kms
     - of: base: Improve argument length mismatch error
     - firmware: Update Kconfig help text for Google firmware
     - [arm*] drm/vc4: hdmi: Make sure the device is powered with CEC
     - Documentation: dmaengine: Correctly describe dmatest with channel unset
     - Documentation: ACPI: Fix data node reference documentation
     - Documentation: refer to config RANDOMIZE_BASE for kernel address-space
       randomization
     - Documentation: fix firewire.rst ABI file path error
     - Bluetooth: hci_sync: Fix not setting adv set duration
     - scsi: core: Show SCMD_LAST in text form
     - [arm64] RDMA/hns: Modify the mapping attribute of doorbell to device
     - RDMA/rxe: Fix a typo in opcode name
     - [armhf] dmaengine: stm32-mdma: fix STM32_MDMA_CTBR_TSEL_MASK
     - Revert "net/mlx5: Add retry mechanism to the command entry index
       allocation"
     - block: Fix fsync always failed if once failed
     - bpftool: Remove inclusion of utilities.mak from Makefiles
     - xdp: check prog type before updating BPF link
     - ipv4: update fib_info_cnt under spinlock protection
     - ipv4: avoid quadratic behavior in netns dismantle
     - [arm64] net/fsl: xgmac_mdio: Add workaround for erratum A-009885
     - [arm64] net/fsl: xgmac_mdio: Fix incorrect iounmap when removing module
     - f2fs: compress: fix potential deadlock of compress file
     - f2fs: fix to reserve space for IO align feature
     - af_unix: annote lockless accesses to unix_tot_inflight & gc_in_progress
     - clk: Emit a stern warning with writable debugfs enabled
     - net/smc: Fix hung_task when removing SMC-R devices
     - virtio_ring: mark ring unused on error
     - taskstats: Cleanup the use of task->exit_code
     - inet: frags: annotate races around fqdir->dead and fqdir->high_thresh
     - netns: add schedule point in ops_exit_list()
     - xfrm: Don't accidentally set RTO_ONLINK in decode_session4()
     - gre: Don't accidentally set RTO_ONLINK in gre_fill_metadata_dst()
     - libcxgb: Don't accidentally set RTO_ONLINK in cxgb_find_route()
     - perf script: Fix hex dump character output
     - perf probe: Fix ppc64 'perf probe add events failed' case
     - devlink: Remove misleading internal_flags from health reporter dump
     - net: bonding: fix bond_xmit_broadcast return value error bug
     - net_sched: restore "mpu xxx" handling
     - [arm64] bcmgenet: add WOL IRQ check
     - net: sfp: fix high power modules without diagnostic monitoring
     - [arm64] net: mscc: ocelot: fix using match before it is set
     - dt-bindings: display: meson-dw-hdmi: add missing sound-name-prefix
       property
     - dt-bindings: display: meson-vpu: Add missing amlogic,canvas property
     - dt-bindings: watchdog: Require samsung,syscon-phandle for Exynos7
     - mm/hmm.c: allow VM_MIXEDMAP to work with hmm_range_fault
     - mtd: nand: bbt: Fix corner case in bad block table handling
     - ath10k: Fix the MTU size on QCA9377 SDIO
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.95
     - bnx2x: Utilize firmware 7.13.21.0
     - bnx2x: Invalidate fastpath HSI version for VFs
     - rcu: Tighten rcu_advance_cbs_nowake() checks
     - [x86] KVM: x86/mmu: Fix write-protection of PTs mapped by the TDP MMU
     - select: Fix indefinitely sleeping task in poll_schedule_timeout()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.96
     - Bluetooth: refactor malicious adv data check
     - [arm64] media: venus: core: Drop second v4l2 device unregister
     - net: sfp: ignore disabled SFP node
     - net: stmmac: skip only stmmac_ptp_register when resume from suspend
     - [s390x] module: fix loading modules with a lot of relocations
     - [s390x] hypfs: include z/VM guests with access control group set
     - bpf: Guard against accessing NULL pt_regs in bpf_get_task_stack()
     - [s390x] scsi: zfcp: Fix failed recovery on gone remote port with non-NPIV
       FCP devices
     - udf: Restore i_lenAlloc when inode expansion fails (CVE-2022-0617)
     - udf: Fix NULL ptr deref when converting from inline format (CVE-2022-0617)
     - efi: runtime: avoid EFIv2 runtime services on Apple x86 machines
     - tracing: Don't inc err_log entry count if entry allocation fails
     - ceph: properly put ceph_string reference after async create attempt
     - ceph: set pool_ns in new inode layout for async creates
     - fsnotify: fix fsnotify hooks in pseudo filesystems
     - Revert "KVM: SVM: avoid infinite loop on NPF from bad address"
     - [x86] perf/x86/intel/uncore: Fix CAS_COUNT_WRITE issue for ICX
     - [armhf] drm/etnaviv: relax submit size limits
     - [x86] KVM: x86: Update vCPU's runtime CPUID on write to MSR_IA32_XSS
     - [arm64] errata: Fix exec handling in erratum 1418040 workaround
     - netfilter: nft_payload: do not update layer 4 checksum when mangling
       fragments
     - serial: 8250: of: Fix mapped region size when using reg-offset property
     - [armhf] serial: stm32: fix software flow control transfer
     - tty: n_gsm: fix SW flow control encoding/handling
     - tty: Add support for Brainboxes UC cards.
     - usb-storage: Add unusual-devs entry for VL817 USB-SATA bridge
     - [arm64,armhf] usb: xhci-plat: fix crash when suspend if remote wake enable
     - [arm64,armhf] usb: common: ulpi: Fix crash in ulpi_match()
     - usb: gadget: f_sourcesink: Fix isoc transfer for USB_SPEED_SUPER_PLUS
     - USB: core: Fix hang in usb_kill_urb by adding memory barriers
     - usb: typec: tcpm: Do not disconnect while receiving VBUS off
     - jbd2: export jbd2_journal_[grab|put]_journal_head
     - ocfs2: fix a deadlock when commit trans
     - sched/membarrier: Fix membarrier-rseq fence command missing from query
       bitmask
     - [x86] MCE/AMD: Allow thresholding interface updates after init
     - i40e: Increase delay to 1 s after global EMP reset
     - i40e: Fix issue when maximum queues is exceeded
     - i40e: Fix queues reservation for XDP
     - i40e: Fix for failed to init adminq while VF reset
     - i40e: fix unsigned stat widths
     - scsi: bnx2fc: Flush destroy_work queue before calling
       bnx2fc_interface_put()
     - ipv6_tunnel: Rate limit warning messages
     - net: fix information leakage in /proc/net/ptype
     - hwmon: (lm90) Mark alert as broken for MAX6646/6647/6649
     - hwmon: (lm90) Mark alert as broken for MAX6680
     - ping: fix the sk_bound_dev_if match in ping_lookup
     - ipv4: avoid using shared IP generator for connected sockets
     - hwmon: (lm90) Reduce maximum conversion rate for G781
     - NFSv4: nfs_atomic_open() can race when looking up a non-regular file
     - net-procfs: show net devices bound packet types
     - [arm64] drm/msm: Fix wrong size calculation
     - [arm64] drm/msm/dsi: Fix missing put_device() call in dsi_get_phy
     - [arm64] drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable
     - ipv6: annotate accesses to fn->fn_sernum
     - NFS: Ensure the server has an up to date ctime before hardlinking
     - NFS: Ensure the server has an up to date ctime before renaming
     - [powerpc*] powerpc64/bpf: Limit 'ldbrx' to processors compliant with ISA
       v2.06
     - netfilter: conntrack: don't increment invalid counter on NF_REPEAT
     - kernel: delete repeated words in comments
     - perf: Fix perf_event_read_local() time
     - sched/pelt: Relax the sync of util_sum with util_avg
     - net: phy: broadcom: hook up soft_reset for BCM54616S
     - phylib: fix potential use-after-free
     - rxrpc: Adjust retransmission backoff
     - [arm64] efi/libstub: arm64: Fix image check alignment at entry
     - hwmon: (lm90) Mark alert as broken for MAX6654
     - [powerpc*] perf: Fix power_pmu_disable to call clear_pmi_irq_pending only
       if PMI is pending
     - net: ipv4: Move ip_options_fragment() out of loop
     - net: ipv4: Fix the warning for dereference
     - ipv4: fix ip option filtering for locally generated fragments
     - [x86] video: hyperv_fb: Fix validation of screen resolution
     - [arm64] drm/msm/hdmi: Fix missing put_device() call in msm_hdmi_get_phy
     - [arm64] drm/msm/dpu: invalid parameter check in dpu_setup_dspp_pcc
     - [armhf] net: cpsw: Properly initialise struct page_pool_params
     - [arm64] net: hns3: handle empty unknown interrupt for VF
     - Revert "ipv6: Honor all IPv6 PIO Valid Lifetime values"
     - net: bridge: vlan: fix single net device option dumping
     - ipv4: raw: lock the socket in raw_bind()
     - ipv4: tcp: send zero IPID in SYNACK messages
     - ipv4: remove sparse error in ip_neigh_gw4()
     - net: bridge: vlan: fix memory leak in __allowed_ingress
     - dt-bindings: can: tcan4x5x: fix mram-cfg RX FIFO config
     - fsnotify: invalidate dcache before IN_DELETE event
     - block: Fix wrong offset in bio_truncate()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.97
     - PCI: pciehp: Fix infinite loop in IRQ handler upon power fault
     - [x86] KVM: x86: Forcibly leave nested virt when SMM state is toggled
     - psi: Fix uaf issue when psi trigger is destroyed while being polled
     - [x86] mce: Add Xeon Sapphire Rapids to list of CPUs that support PPIN
     - [x86] cpu: Add Xeon Icelake-D to list of CPUs that support PPIN
     - [arm*] drm/vc4: hdmi: Make sure the device is powered with CEC
     - cgroup-v1: Require capabilities to set release_agent (CVE-2022-0492)
     - net/mlx5e: Fix handling of wrong devices during bond netevent
     - net/mlx5: Use del_timer_sync in fw reset flow of halting poll
     - net/mlx5: E-Switch, Fix uninitialized variable modact
     - ipheth: fix EOVERFLOW in ipheth_rcvbulk_callback
     - [amd64,arm64] net: amd-xgbe: ensure to reset the tx_timer_active flag
     - [amd64,arm64] net: amd-xgbe: Fix skb data length underflow
     - fanotify: Fix stale file descriptor in copy_event_to_user()
     - net: sched: fix use-after-free in tc_new_tfilter()
     - rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink()
     - cpuset: Fix the bug that subpart_cpus updated wrongly in update_cpumask()
     - af_packet: fix data-race in packet_setsockopt / packet_setsockopt
     - tcp: add missing tcp_skb_can_collapse() test in tcp_shift_skb_data()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.98
     - [arm*] Revert "drm/vc4: hdmi: Make sure the device is powered with CEC"
     - [arm*] Revert "drm/vc4: hdmi: Make sure the device is powered with CEC"
       again
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.99
     - selinux: fix double free of cond_list on error paths
     - audit: improve audit queue handling when "audit=1" on cmdline
     - ASoC: ops: Reject out of bounds values in snd_soc_put_volsw()
     - ASoC: ops: Reject out of bounds values in snd_soc_put_volsw_sx()
     - ASoC: ops: Reject out of bounds values in snd_soc_put_xr_sx()
     - ALSA: usb-audio: Correct quirk for VF0770
     - ALSA: hda: Fix UAF of leds class devs at unbinding
     - ALSA: hda: realtek: Fix race at concurrent COEF updates
     - ALSA: hda/realtek: Add quirk for ASUS GU603
     - ALSA: hda/realtek: Add missing fixup-model entry for Gigabyte X570 ALC1220
       quirks
     - ALSA: hda/realtek: Fix silent output on Gigabyte X570S Aorus Master (newer
       chipset)
     - ALSA: hda/realtek: Fix silent output on Gigabyte X570 Aorus Xtreme after
       reboot from Windows
     - btrfs: fix deadlock between quota disable and qgroup rescan worker
     - drm/nouveau: fix off by one in BIOS boundary checking
     - mm/pgtable: define pte_index so that preprocessor could recognize it
     - block: bio-integrity: Advance seed correctly for larger interval sizes
     - dma-buf: heaps: Fix potential spectre v1 gadget
     - [amd64] IB/hfi1: Fix AIP early init panic
     - memcg: charge fs_context and legacy_fs_context
     - RDMA/cma: Use correct address when leaving multicast group
     - RDMA/ucma: Protect mc during concurrent multicast leaves
     - [amd64] IB/rdmavt: Validate remote_addr during loopback atomic tests
     - RDMA/mlx4: Don't continue event handler after memory allocation failure
     - [amd64] iommu/vt-d: Fix potential memory leak in
       intel_setup_irq_remapping()
     - [amd64] iommu/amd: Fix loop timeout issue in iommu_ga_log_enable()
     - [arm64,armhf] spi: meson-spicc: add IRQ check in meson_spicc_probe
     - net: ieee802154: hwsim: Ensure proper channel selection at probe time
     - net: ieee802154: Return meaningful error codes from the netlink helpers
     - net: macsec: Fix offload support for NETDEV_UNREGISTER event
     - net: macsec: Verify that send_sci is on when setting Tx sci explicitly
     - net: stmmac: dump gmac4 DMA registers correctly
     - net: stmmac: ensure PTP time register reads are consistent
     - [x86] drm/i915/overlay: Prevent divide by zero bugs in scaling
     - [x86] pinctrl: intel: Fix a glitch when updating IRQ flags on a
       preconfigured line
     - [x86] pinctrl: intel: fix unexpected interrupt
     - [arm*] pinctrl: bcm2835: Fix a few error paths
     - scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe
     - nfsd: nfsd4_setclientid_confirm mistakenly expires confirmed client.
     - [amd64,arm64] gve: fix the wrong AdminQ buffer queue index check
     - bpf: Use VM_MAP instead of VM_ALLOC for ringbuf
     - rtc: cmos: Evaluate century appropriate
     - Revert "fbcon: Disable accelerated scrolling"
     - fbcon: Add option to enable legacy hardware acceleration
     - perf stat: Fix display of grouped aliased events
     - [x86] perf/x86/intel/pt: Fix crash with stop filters in single-range mode
     - [x86] perf: Default set FREEZE_ON_SMI for all
     - [arm64] EDAC/xgene: Fix deferred probing
     - ext4: prevent used blocks from being allocated during fast commit replay
     - ext4: modify the logic of ext4_mb_new_blocks_simple
     - ext4: fix error handling in ext4_restore_inline_data()
     - ext4: fix error handling in ext4_fc_record_modified_inode()
     - ext4: fix incorrect type issue during replay_del_range
     - cgroup/cpuset: Fix "suspicious RCU usage" lockdep warning
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.100
     - moxart: fix potential use-after-free on remove path (CVE-2022-0487)
     - crypto: api - Move cryptomgr soft dependency into algapi
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.101
     - integrity: check the return value of audit_log_start()
     - [arm64] mmc: sdhci-of-esdhc: Check for error num after setting mask
     - can: isotp: fix potential CAN frame reception race in isotp_rcv()
     - net: phy: marvell: Fix RGMII Tx/Rx delays setting in 88e1121-compatible
       PHYs
     - net: phy: marvell: Fix MDI-x polarity setting in 88e1118-compatible PHYs
     - NFS: Fix initialisation of nfs_client cl_flags field
     - NFSD: Clamp WRITE offsets
     - NFSD: Fix offset type in I/O trace points
     - drm/amdgpu: Set a suitable dev_info.gart_page_size (Closes: #990279)
     - NFS: change nfs_access_get_cached to only report the mask
     - NFSv4 only print the label when its queried
     - nfs: nfs4clinet: check the return value of kstrdup()
     - NFSv4.1: Fix uninitialised variable in devicenotify
     - NFSv4 remove zero number of fs_locations entries error check
     - NFSv4 expose nfs_parse_server_name function
     - NFSv4 handle port presence in fs_location server string
     - [x86] perf: Avoid warning for Arch LBR without XSAVE
     - drm: panel-orientation-quirks: Add quirk for the 1Netbook OneXPlayer
     - net: sched: Clarify error message when qdisc kind is unknown
     - [powerpc*] fixmap: Fix VM debug warning on unmap
     - scsi: target: iscsi: Make sure the np under each tpg is unique
     - scsi: qedf: Add stag_work to all the vports
     - scsi: qedf: Fix refcount issue when LOGO is received during TMF
     - scsi: pm8001: Fix bogus FW crash for maxcpus=1
     - scsi: ufs: Treat link loss as fatal error
     - scsi: myrs: Fix crash in error case
     - PM: hibernate: Remove register_nosave_region_late()
     - [arm*] usb: dwc2: gadget: don't try to disable ep0 in dwc2_hsotg_suspend
     - perf: Always wake the parent event
     - nvme-pci: add the IGNORE_DEV_SUBNQN quirk for Intel P4500/P4600 SSDs
     - [arm64,armhf] net: stmmac: dwmac-sun8i: use return val of
       readl_poll_timeout()
     - KVM: eventfd: Fix false positive RCU usage warning
     - [x86] KVM: nVMX: eVMCS: Filter out VM_EXIT_SAVE_VMX_PREEMPTION_TIMER
     - [x86] KVM: nVMX: Also filter MSR_IA32_VMX_TRUE_PINBASED_CTLS when eVMCS
     - [x86] KVM: SVM: Don't kill SEV guest if SMAP erratum triggers in usermode
     - [x86] KVM: VMX: Set vmcs.PENDING_DBG.BS on #DB in STI/MOVSS blocking
       shadow
     - nvme-tcp: fix bogus request completion when failing to send AER
     - [arm64] ACPI/IORT: Check node revision for PMCG resources
     - PM: s2idle: ACPI: Fix wakeup interrupts handling
     - [arm64,armhf] drm/rockchip: vop: Correct RK3399 VOP register fields
     - [armhf] ARM: dts: Fix timer regression for beagleboard revision c
     - usb: f_fs: Fix use-after-free for epfile
     - [arm*] drm/vc4: hdmi: Allow DBLCLK modes even if horz timing is odd.
     - netfilter: ctnetlink: disable helper autoassign
     - ixgbevf: Require large buffers for build_skb on 82599VF
     - [arm64,armhf] drm/panel: simple: Assign data from panel_dpi_probe()
       correctly
     - ACPI: PM: s2idle: Cancel wakeup before dispatching EC GPE
     - bonding: pair enable_port with slave_arr_updates
     - [arm64,armhf] net: dsa: mv88e6xxx: don't use devres for mdiobus
     - [armhf] net: dsa: bcm_sf2: don't use devres for mdiobus
     - [arm64] net: dsa: felix: don't use devres for mdiobus
     - ipmr,ip6mr: acquire RTNL before calling ip[6]mr_free_table() on failure
       path
     - nfp: flower: fix ida_idx not being released
     - net: do not keep the dst cache when uncloning an skb dst and its metadata
     - net: fix a memleak when uncloning an skb dst and its metadata
     - veth: fix races around rq->rx_notify_masked
     - [armhf] net: mdio: aspeed: Add missing MODULE_DEVICE_TABLE
     - tipc: rate limit warning for received illegal binding update
     - [amd64,arm64] net: amd-xgbe: disable interrupts during pci removal
     - [arm64] dpaa2-eth: unregister the netdev before disconnecting from the PHY
     - ice: fix an error code in ice_cfg_phy_fec()
     - ice: fix IPIP and SIT TSO offload
     - [arm64] net: mscc: ocelot: fix mutex lock error during ethtool stats read
     - [arm64,armhf] net: dsa: mv88e6xxx: fix use-after-free in
       mv88e6xxx_mdios_unregister
     - vt_ioctl: fix array_index_nospec in vt_setactivate
     - vt_ioctl: add array_index_nospec to VT_ACTIVATE
     - n_tty: wake up poll(POLLRDNORM) on receiving data
     - eeprom: ee1004: limit i2c reads to I2C_SMBUS_BLOCK_MAX
     - [arm*] usb: dwc2: drd: fix soft connect when gadget is unconfigured
     - [arm*] Revert "usb: dwc2: drd: fix soft connect when gadget is
       unconfigured"
     - net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
     - [arm64,armhf] usb: ulpi: Move of_node_put to ulpi_dev_release
     - [arm64,armhf] usb: ulpi: Call of_node_put correctly
     - [arm64,armhf] usb: dwc3: gadget: Prevent core from processing stale TRBs
     - usb: gadget: f_uac2: Define specific wTerminalType
     - USB: serial: ftdi_sio: add support for Brainboxes US-159/235/320
     - USB: serial: option: add ZTE MF286D modem
     - USB: serial: ch341: add support for GW Instek USB2.0-Serial devices
     - USB: serial: cp210x: add NCR Retail IO box id
     - USB: serial: cp210x: add CPI Bulk Coin Recycler id
     - speakup-dectlk: Restore pitch setting
     - [x86] hwmon: (dell-smm) Speed up setting of fan speed
     - can: isotp: fix error path in isotp_sendmsg() to unlock wait queue
     - scsi: lpfc: Remove NVMe support if kernel has NVME_FC disabled
     - scsi: lpfc: Reduce log messages seen after firmware download
     - perf: Fix list corruption in perf_cgroup_switch()
     - iommu: Fix potential use-after-free during probe
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.102
     - drm/nouveau/pmu/gm200-: use alternate falcon reset sequence
     - mm: memcg: synchronize objcg lists with a dedicated spinlock
     - rcu: Do not report strict GPs for outgoing CPUs
     - fget: clarify and improve __fget_files() implementation
     - fs/proc: task_mmu.c: don't read mapcount for migration entry
     - can: isotp: prevent race between isotp_bind() and isotp_setsockopt()
     - can: isotp: add SF_BROADCAST support for functional addressing
     - scsi: lpfc: Fix mailbox command failure during driver initialization
     - HID:Add support for UGTABLET WP5540
     - [x86] Revert "svm: Add warning message for AVIC IPI invalid target"
     - mmc: block: fix read single on recovery logic
     - mm: don't try to NUMA-migrate COW pages that have other uses
     - [amd64] PCI: hv: Fix NUMA node assignment when kernel boots with custom
       NUMA topology
     - btrfs: send: in case of IO error log it
     - net: ieee802154: at86rf230: Stop leaking skb's
     - ax25: improve the incomplete fix to avoid UAF and NPD bugs
     - vfs: make freeze_super abort when sync_filesystem returns error
     - quota: make dquot_quota_sync return errors from ->sync_fs
     - scsi: pm8001: Fix use-after-free for aborted TMF sas_task
     - scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task
     - nvme: fix a possible use-after-free in controller reset during load
     - nvme-tcp: fix possible use-after-free in transport error_recovery work
     - nvme-rdma: fix possible use-after-free in transport error_recovery work
     - drm/amdgpu: fix logic inversion in check
     - [amd64] x86/Xen: streamline (and fix) PV CPU enumeration
     - Revert "module, async: async_synchronize_full() on module init iff async
       is used"
     - random: wake up /dev/random writers after zap
     - iwlwifi: fix use-after-free
     - drm/radeon: Fix backlight control on iMac 12,1
     - [x86] drm/i915/opregion: check port number bounds for SWSCI display power
       state
     - vsock: remove vsock from connected table when connect is interrupted by a
       signal
     - [x86] drm/i915/gvt: Make DRM_I915_GVT depend on X86
     - iwlwifi: pcie: fix locking when "HW not ready"
     - iwlwifi: pcie: gen2: fix locking when "HW not ready"
     - netfilter: nft_synproxy: unregister hooks on init error path
     - ipv6: per-netns exclusive flowlabel checks
     - net: dsa: lantiq_gswip: fix use after free in gswip_remove()
     - ping: fix the dif and sdif check in ping_lookup
     - bonding: force carrier update when releasing slave
     - drop_monitor: fix data-race in dropmon_net_event / trace_napi_poll_hit
     - net_sched: add __rcu annotation to netdev->qdisc
     - bonding: fix data-races around agg_select_timer
     - libsubcmd: Fix use-after-free for realloc(..., 0)
     - [arm64] dpaa2-eth: Initialize mutex used in one step timestamping path
     - ALSA: hda/realtek: Add quirk for Legion Y9000X 2019
     - ALSA: hda/realtek: Fix deadlock by COEF mutex
     - ALSA: hda: Fix regression on forced probe mask option
     - ALSA: hda: Fix missing codec probe on Shenker Dock 15
     - ASoC: ops: Fix stereo change notifications in snd_soc_put_volsw()
     - ASoC: ops: Fix stereo change notifications in snd_soc_put_volsw_range()
     - [powerpc*[ lib/sstep: fix 'ptesync' build error
     - [armhf] mtd: rawnand: gpmi: don't leak PM reference in error path
     - [x86] KVM: SVM: Never reject emulation due to SMAP errata for !SEV guests
       (CVE-2020-36310)
     - block/wbt: fix negative inflight counter when remove scsi device
     - NFS: LOOKUP_DIRECTORY is also ok with symlinks
     - NFS: Do not report writeback errors in nfs_getattr()
     - tty: n_tty: do not look ahead for EOL character past the end of the buffer
     - [x86] Drivers: hv: vmbus: Fix memory leak in vmbus_add_channel_kobj
     - [x86] KVM: x86/pmu: Refactoring find_arch_event() to pmc_perf_hw_id()
     - [x86] KVM: x86/pmu: Don't truncate the PerfEvtSeln MSR when creating a
       perf event
     - [x86] KVM: x86/pmu: Use AMD64_RAW_EVENT_MASK for PERF_TYPE_RAW
     - NFS: Don't set NFS_INO_INVALID_XATTR if there is no xattr cache
     - [armhf] OMAP2+: hwmod: Add of_node_put() before break
     - [armhf] OMAP2+: adjust the location of put_device() call in
       omapdss_init_of
     - netfilter: conntrack: don't refresh sctp entries in closed state
     - kconfig: let 'shell' return enough output for deep path names
     - ata: libata-core: Disable TRIM on M88V29
     - [armhf] soc: aspeed: lpc-ctrl: Block error printing on probe defer cases
     - xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create
     - [arm64,armhf] drm/rockchip: dw_hdmi: Do not leave clock enabled in error
       case
     - tracing: Fix tp_printk option related with tp_printk_stop_on_boot
     - net: usb: qmi_wwan: Add support for Dell DW5829e
     - [arm64] net: macb: Align the dma and coherent dma masks
     - kconfig: fix failing to generate auto.conf
     - scsi: lpfc: Fix pt2pt NVMe PRLI reject LOGO loop
     - EDAC: Fix calculation of returned address and next offset in
       edac_align_ptr()
     - net: sched: limit TC_ACT_REPEAT loops
     - [armhf] dmaengine: stm32-dmamux: Fix PM disable depth imbalance in
       stm32_dmamux_probe
     - copy_process(): Move fd_install() out of sighand->siglock critical section
     - [arm*] i2c: brcmstb: fix support for DSL and CM variants
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.103
     - cgroup/cpuset: Fix a race between cpuset_attach() and cpu hotplug
     - btrfs: tree-checker: check item_size for inode_item
     - btrfs: tree-checker: check item_size for dev_item
     - vhost/vsock: don't check owner in vhost_vsock_stop() while releasing
     - [x86] KVM: x86/mmu: make apf token non-zero to fix bug
     - drm/amdgpu: disable MMHUB PG for Picasso
     - [x86] drm/i915: Correctly populate use_sagv_wm for all pipes
     - sr9700: sanity check for packet length
     - USB: zaurus: support another broken Zaurus
     - CDC-NCM: avoid overflow in sanity checking
     - netfilter: nf_tables_offload: incorrect flow offload action array size
       (CVE-2022-25636)
     - [x86] fpu: Correct pkru/xstate inconsistency
     - [arm64] tee: export teedev_open() and teedev_close_context()
     - [arm64] optee: use driver internal tee_context for some rpc
     - ping: remove pr_err from ping_lookup
     - perf data: Fix double free in perf_session__delete()
     - bnx2x: fix driver load from initrd
     - bnxt_en: Fix active FEC reporting to ethtool
     - hwmon: Handle failure to register sensor with thermal zone correctly
     - bpf: Do not try bpf_msg_push_data with len 0
     - bpf: Add schedule points in batch ops
     - io_uring: add a schedule point in io_add_buffers()
     - net: __pskb_pull_tail() & pskb_carve_frag_list() drop_monitor friends
     - tipc: Fix end of loop tests for list_for_each_entry()
     - gso: do not skip outer ip header in case of ipip and net_failover
     - openvswitch: Fix setting ipv6 fields causing hw csum failure
     - drm/edid: Always set RGB444
     - net/mlx5e: Fix wrong return value on ioctl EEPROM query failure
     - net/sched: act_ct: Fix flow table lookup after ct clear or switching zones
     - net: Force inlining of checksum functions in net/checksum.h
     - nfp: flower: Fix a potential leak in nfp_tunnel_add_shared_mac()
     - netfilter: nf_tables: fix memory leak during stateful obj update
     - net/smc: Use a mutex for locking "struct smc_pnettable"
     - udp_tunnel: Fix end of loop test in udp_tunnel_nic_unregister()
     - net/mlx5: Fix possible deadlock on rule deletion
     - net/mlx5: Fix wrong limitation of metadata match on ecpf
     - net/mlx5e: kTLS, Use CHECKSUM_UNNECESSARY for device-offloaded packets
     - regmap-irq: Update interrupt clear register for proper reset
     - configfs: fix a race in configfs_{,un}register_subsystem()
     - RDMA/ib_srp: Fix a deadlock
     - tracing: Have traceon and traceoff trigger honor the instance
     - iio: adc: ad7124: fix mask used for setting AIN_BUFP & AIN_BUFM bits
     - iio: imu: st_lsm6dsx: wait for settling time in st_lsm6dsx_read_oneshot
     - iio: Fix error handling for PM
     - ata: pata_hpt37x: disable primary channel on HPT371
     - Revert "USB: serial: ch341: add new Product ID for CH341A"
     - usb: gadget: rndis: add spinlock for rndis response list
     - tracefs: Set the group ownership in apply_options() not parse_options()
     - USB: serial: option: add support for DW5829e
     - USB: serial: option: add Telit LE910R1 compositions
     - [arm*] usb: dwc2: drd: fix soft connect when gadget is unconfigured
     - [arm64] usb: dwc3: pci: Fix Bay Trail phy GPIO mappings
     - [arm64,armhf] usb: dwc3: gadget: Let the interrupt handler disable bottom
       halves.
     - xhci: re-initialize the HC during resume if HCE was set
     - xhci: Prevent futile URB re-submissions due to incorrect return value.
     - driver core: Free DMA range map when device is released
     - RDMA/cma: Do not change route.addr.src_addr outside state checks
     - [x86] thermal: int340x: fix memory leak in int3400_notify()
     - tty: n_gsm: fix encoding of control signal octet bit DV
     - tty: n_gsm: fix proper link termination after failed open
     - tty: n_gsm: fix NULL pointer access due to DLCI release
     - tty: n_gsm: fix wrong tty control line for flow control
     - tty: n_gsm: fix deadlock in gsmtty_open()
     - memblock: use kfree() to release kmalloced memblock regions
 .
   [ Salvatore Bonaccorso ]
   * Refresh "Makefile: Do not check for libelf when building OOT module"
   * Bump ABI to 12
   * Refresh "firmware: Remove redundant log messages from drivers"
   * [rt] Refresh "locking/rtmutex: add sleeping lock implementation"
   * [rt] Refresh "cpuset: Convert callback_lock to raw_spinlock_t"
   * [rt] Update to 5.10.100-rt62
   * Mitigate Spectre v2-type Branch History Buffer attacks (CVE-2022-0001,
     CVE-2022-0002)
     - [x86] bugs: Unconditionally allow spectre_v2=retpoline,amd
     - [x86] speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE
     - [x86] speculation: Add eIBRS + Retpoline options
     - Documentation/hw-vuln: Update spectre doc
     - [x86] speculation: Include unprivileged eBPF status in Spectre v2
       mitigation reporting
     - [x86] speculation: Use generic retpoline by default on AMD
     - [x86] speculation: Update link to AMD speculation whitepaper
     - [x86] speculation: Warn about Spectre v2 LFENCE mitigation
     - [x86] speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT
linux (5.10.103-1~bpo10+1) buster-backports; urgency=high
 .
   * Rebuild for buster-backports:
     - Change ABI number to 0.bpo.12
 .
 linux (5.10.103-1) bullseye-security; urgency=high
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.93
     - kbuild: Add $(KBUILD_HOSTLDFLAGS) to 'has_libelf' test
     - devtmpfs regression fix: reconfigure on each mount
     - orangefs: Fix the size of a memory allocation in orangefs_bufmap_alloc()
     - perf: Protect perf_guest_cbs with RCU
     - [x86] KVM: Register Processor Trace interrupt hook iff PT enabled in guest
     - [s390x] KVM: Clarify SIGP orders versus STOP/RESTART
     - 9p: only copy valid iattrs in 9P2000.L setattr implementation
     - [x86] video: vga16fb: Only probe for EGA and VGA 16 color graphic cards
     - media: uvcvideo: fix division by zero at stream start
     - rtlwifi: rtl8192cu: Fix WARNING when calling local_irq_restore() with
       interrupts enabled
     - firmware: qemu_fw_cfg: fix sysfs information leak
     - firmware: qemu_fw_cfg: fix NULL-pointer deref on duplicate entries
     - firmware: qemu_fw_cfg: fix kobject leak in probe error path
     - [x86] KVM: remove PMU FIXED_CTR3 from msrs_to_save_all
     - ALSA: hda/realtek: Add speaker fixup for some Yoga 15ITL5 devices
     - ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Master after
       reboot from Windows
     - ALSA: hda: ALC287: Add Lenovo IdeaPad Slim 9i 14ITL5 speaker quirk
     - ALSA: hda/realtek: Add quirk for Legion Y9000X 2020
     - ALSA: hda/realtek: Re-order quirk entries for Lenovo
     - [powerpc*] pseries: Get entry and uaccess flush required bits from
       H_GET_CPU_CHARACTERISTICS
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.94
     - [x86] KVM: VMX: switch blocked_vcpu_on_cpu_lock to raw spinlock
     - HID: uhid: Fix worker destroying device without any protection
     - HID: wacom: Reset expected and received contact counts at the same time
     - HID: wacom: Ignore the confidence flag when a touch is removed
     - HID: wacom: Avoid using stale array indicies to read contact count
     - f2fs: fix to do sanity check in is_alive()
     - nfc: llcp: fix NULL error pointer dereference on sendmsg() after failed
       bind()
     - [armhf] mtd: rawnand: gpmi: Add ERR007117 protection for nfc_apply_timings
     - [armhf] mtd: rawnand: gpmi: Remove explicit default gpmi clock setting for
       i.MX6
     - mtd: Fixed breaking list in __mtd_del_partition.
     - [x86] gpu: Reserve stolen memory for first integrated Intel GPU
     - rtc: cmos: take rtc_lock while reading from CMOS
     - media: v4l2-ioctl.c: readbuffers depends on V4L2_CAP_READWRITE
     - media: flexcop-usb: fix control-message timeouts
     - media: mceusb: fix control-message timeouts
     - media: em28xx: fix control-message timeouts
     - media: cpia2: fix control-message timeouts
     - media: s2255: fix control-message timeouts
     - media: dib0700: fix undefined behavior in tuner shutdown
     - media: redrat3: fix control-message timeouts
     - media: pvrusb2: fix control-message timeouts
     - media: stk1160: fix control-message timeouts
     - [armhf] media: cec-pin: fix interrupt en/disable handling
     - [x86] can: softing_cs: softingcs_probe(): fix memleak on registration
       failure
     - iio: adc: ti-adc081c: Partial revert of removal of ACPI IDs
     - [arm64,armhf] gpu: host1x: Add back arm_iommu_detach_device()
     - dma_fence_array: Fix PENDING_ERROR leak in dma_fence_array_signaled()
     - PCI: Add function 1 DMA alias quirk for Marvell 88SE9125 SATA controller
     - mm_zone: add function to check if managed dma zone exists
     - [arm64] dma/pool: create dma atomic pool only if dma zone has managed
       pages
     - mm/page_alloc.c: do not warn allocation failure on zone DMA if no managed
       pages
     - shmem: fix a race between shmem_unused_huge_shrink and shmem_evict_inode
     - drm/ttm: Put BO in its memory manager's lru list
     - Bluetooth: L2CAP: Fix not initializing sk_peer_pid
     - [armhf] drm/bridge: display-connector: fix an uninitialized pointer in
       probe()
     - drm: fix null-ptr-deref in drm_dev_init_release()
     - [arm64,armhf] drm/rockchip: dsi: Fix unbalanced clock on probe error
     - [arm64,armhf] drm/rockchip: dsi: Hold pm-runtime across bind/unbind
     - [arm64,armhf] drm/rockchip: dsi: Disable PLL clock on bind error
     - [arm64,armhf] drm/rockchip: dsi: Reconfigure hardware on resume()
     - Bluetooth: cmtp: fix possible panic when cmtp_init_sockets() fails
     - [arm*] clk: bcm-2835: Pick the closest clock rate
     - [arm*] clk: bcm-2835: Remove rounding up the dividers
     - [arm*] drm/vc4: hdmi: Set a default HSM rate
     - [arm64] wcn36xx: ensure pairing of init_scan/finish_scan and
       start_scan/end_scan
     - [arm64] wcn36xx: Indicate beacon not connection loss on MISSED_BEACON_IND
     - [arm64] wcn36xx: Fix DMA channel enable/disable cycle
     - [arm64] wcn36xx: Release DMA channel descriptor allocations
     - [arm64] wcn36xx: Put DXE block into reset before freeing memory
     - [arm64] wcn36xx: populate band before determining rate on RX
     - [arm64] wcn36xx: fix RX BD rate mapping for 5GHz legacy rates
     - ath11k: Send PPDU_STATS_CFG with proper pdev mask to firmware
     - media: videobuf2: Fix the size printk format
     - [armhf] media: aspeed: fix mode-detect always time out at 2nd run
     - media: em28xx: fix memory leak in em28xx_init_dev
     - [armhf] media: aspeed: Update signal status immediately to ensure sane hw
       state
     - fs: dlm: use sk->sk_socket instead of con->sock
     - fs: dlm: don't call kernel_getpeername() in error_report()
     - Bluetooth: stop proccessing malicious adv data
     - ath11k: Fix ETSI regd with weather radar overlap
     - ath11k: clear the keys properly via DISABLE_KEY
     - ath11k: reset RSN/WPA present state for open BSS
     - [arm64] tee: fix put order in teedev_close_context()
     - [x86] drm/vboxvideo: fix a NULL vs IS_ERR() check
     - media: dmxdev: fix UAF when dvb_register_device() fails
     - [arm64] crypto: qce - fix uaf on qce_ahash_register_one
     - [arm64] crypto: qce - fix uaf on qce_skcipher_register_one
     - [armhf] dts: stm32: fix dtbs_check warning on ili9341 dts binding on
       stm32f429 disco
     - [x86] crypto: qat - fix spelling mistake: "messge" -> "message"
     - [x86] crypto: qat - remove unnecessary collision prevention step in PFVF
     - [x86] crypto: qat - make pfvf send message direction agnostic
     - [x86] crypto: qat - fix undetected PFVF timeout in ACK loop
     - ath11k: Use host CE parameters for CE interrupts configuration
     - [armhf] media: imx-pxp: Initialize the spinlock prior to using it
     - [armhf] media: coda: fix CODA960 JPEG encoder buffer overflow
     - [arm64] media: venus: pm_helpers: Control core power domain manually
     - [arm64] media: venus: core, venc, vdec: Fix probe dependency error
     - [arm64] media: venus: core: Fix a potential NULL pointer dereference in an
       error handling path
     - [arm64] media: venus: core: Fix a resource leak in the error handling path
       of 'venus_probe()'
     - [armhf] thermal/drivers/imx: Implement runtime PM support
     - netfilter: bridge: add support for pppoe filtering
     - cgroup: Trace event cgroup id fields should be u64
     - ACPI: EC: Rework flushing of EC work while suspended to idle
     - drm/amdgpu: Fix a NULL pointer dereference in
       amdgpu_connector_lcd_native_mode()
     - drm/radeon/radeon_kms: Fix a NULL pointer dereference in
       radeon_driver_open_kms()
     - [arm*] serial: amba-pl011: do not request memory region twice
     - floppy: Fix hang in watchdog when disk is ejected
     - [x86] staging: rtl8192e: return error code from rtllib_softmac_init()
     - [x86] staging: rtl8192e: rtllib_module: fix error handle case in
       alloc_rtllib()
     - sched/fair: Fix detection of per-CPU kthreads waking a task
     - sched/fair: Fix per-CPU kthread and wakee stacking for asym CPU capacity
     - bpf: Adjust BTF log size limit.
     - bpf: Disallow BPF_LOG_KERNEL log level for bpf(BPF_BTF_LOAD)
     - bpf: Remove config check to enable bpf support for branch records
     - [arm64] lib: Annotate {clear, copy}_page() as position-independent
     - [arm64] clear_page() shouldn't use DC ZVA when DCZID_EL0.DZP == 1
     - media: dib8000: Fix a memleak in dib8000_init()
     - media: saa7146: mxb: Fix a NULL pointer dereference in mxb_attach()
     - media: si2157: Fix "warm" tuner state detection
     - wireless: iwlwifi: Fix a double free in iwl_txq_dyn_alloc_dma
     - sched/rt: Try to restart rt period timer when rt runtime exceeded
     - rcu/exp: Mark current CPU as exp-QS in IPI loop second pass
     - mwifiex: Fix possible ABBA deadlock
     - xfrm: fix a small bug in xfrm_sa_len()
     - [x86] uaccess: Move variable into switch case statement
     - [armhf] crypto: stm32 - Fix last sparse warning in
       stm32_cryp_check_ctr_counter
     - [armhf] crypto: stm32/cryp - fix CTR counter carry
     - [armhf] crypto: stm32/cryp - fix xts and race condition in crypto_engine
       requests
     - [armhf] crypto: stm32/cryp - check early input data
     - [armhf] crypto: stm32/cryp - fix double pm exit
     - [armhf] crypto: stm32/cryp - fix lrw chaining mode
     - [armhf] crypto: stm32/cryp - fix bugs and crash in tests
     - [armhf] crypto: stm32 - Revert broken pm_runtime_resume_and_get changes
     - ath11k: Fix deleting uninitialized kernel timer during fragment cache
       flush
     - media: dw2102: Fix use after free
     - media: msi001: fix possible null-ptr-deref in msi001_probe()
     - [armhf] media: coda/imx-vdoa: Handle dma_set_coherent_mask error codes
     - ath11k: Fix a NULL pointer dereference in ath11k_mac_op_hw_scan()
     - [arm64] dts: qcom: c630: Fix soundcard setup
     - [arm64] drm/msm/dpu: fix safe status debugfs file
     - [arm64,armhf] drm/tegra: vic: Fix DMA API misuse
     - xfrm: interface with if_id 0 should return error
     - xfrm: state and policy should fail if XFRMA_IF_ID 0
     - [armel,armhf] 9159/1: decompressor: Avoid UNPREDICTABLE NOP encoding
     - usb: ftdi-elan: fix memory leak on device disconnect
     - iwlwifi: mvm: fix 32-bit build in FTM
     - iwlwifi: mvm: test roc running status bits before removing the sta
     - [armhf] mmc: meson-mx-sdio: add IRQ check
     - selinux: fix potential memleak in selinux_add_opt()
     - Bluetooth: L2CAP: Fix using wrong mode
     - bpftool: Enable line buffering for stdout
     - software node: fix wrong node passed to find nargs_prop
     - Bluetooth: hci_qca: Stop IBS timer during BT OFF
     - [x86] mce/inject: Avoid out-of-bounds write when setting flags
     - ACPI: scan: Create platform device for BCM4752 and LNV4752 ACPI nodes
     - [x86] pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in
       __nonstatic_find_io_region()
     - [x86] pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in
       nonstatic_find_mem_region()
     - netfilter: ipt_CLUSTERIP: fix refcount leak in clusterip_tg_check()
     - bpf: Don't promote bogus looking registers after null check.
     - bpf: Fix SO_RCVBUF/SO_SNDBUF handling in _bpf_setsockopt().
     - netfilter: nft_set_pipapo: allocate pcpu scratch maps on clone
     - ppp: ensure minimum packet size in ppp_write()
     - Bluetooth: hci_bcm: Check for error irq
     - Bluetooth: hci_qca: Fix NULL vs IS_ERR_OR_NULL check in qca_serdev_probe
     - [arm64] usb: dwc3: qcom: Fix NULL vs IS_ERR checking in dwc3_qcom_probe
     - HID: hid-uclogic-params: Invalid parameter check in uclogic_params_init
     - HID: hid-uclogic-params: Invalid parameter check in
       uclogic_params_get_str_desc
     - HID: hid-uclogic-params: Invalid parameter check in
       uclogic_params_huion_init
     - HID: hid-uclogic-params: Invalid parameter check in
       uclogic_params_frame_init_v1_buttonpad
     - debugfs: lockdown: Allow reading debugfs files that are not world readable
     - net/mlx5e: Fix page DMA map/unmap attributes
     - net/mlx5e: Don't block routes with nexthop objects in SW
     - Revert "net/mlx5e: Block offload of outer header csum for UDP tunnels"
     - net/mlx5: Set command entry semaphore up once got index free
     - lib/mpi: Add the return value check of kcalloc()
     - Bluetooth: L2CAP: uninitialized variables in l2cap_sock_setsockopt()
     - [arm64,armhf] spi: spi-meson-spifc: Add missing pm_runtime_disable() in
       meson_spifc_probe
     - ax25: uninitialized variable in ax25_setsockopt()
     - netrom: fix api breakage in nr_setsockopt()
     - regmap: Call regmap_debugfs_exit() prior to _init()
     - tpm: add request_locality before write TPM_INT_ENABLE
     - tpm_tis: Fix an error handling path in 'tpm_tis_core_init()'
     - can: softing: softing_startstop(): fix set but not used variable warning
     - pcmcia: fix setting of kthread task states
     - iwlwifi: mvm: Use div_s64 instead of do_div in iwl_mvm_ftm_rtt_smoothing()
     - net: mcs7830: handle usb read errors properly
     - ext4: avoid trim error on fs with small groups
     - ALSA: jack: Add missing rwsem around snd_ctl_remove() calls
     - ALSA: PCM: Add missing rwsem around snd_ctl_remove() calls
     - ALSA: hda: Add missing rwsem around snd_ctl_remove() calls
     - RDMA/bnxt_re: Scan the whole bitmap when checking if "disabling RCFW with
       pending cmd-bit"
     - [arm64] RDMA/hns: Validate the pkey index
     - scsi: pm80xx: Update WARN_ON check in pm8001_mpi_build_cmd()
     - [arm64] clk: imx8mn: Fix imx8mn_clko1_sels
     - [powerpc*] prom_init: Fix improper check of prom_getprop()
     - dt-bindings: thermal: Fix definition of cooling-maps contribution property
     - [powerpc*] 64s: Convert some cpu_setup() and cpu_restore() functions to C
     - [powerpc*] perf: MMCR0 control for PMU registers under PMCC=00
     - [powerpc*] perf: move perf irq/nmi handling details into traps.c
     - [powerpc*] irq: Add helper to set regs->softe
     - [powerpc*] perf: Fix PMU callbacks to clear pending PMI before resetting
       an overflown PMC
     - clocksource: Reduce clocksource-skew threshold
     - clocksource: Avoid accidental unstable marking of clocksources
     - ALSA: oss: fix compile error when OSS_DEBUG is enabled
     - ALSA: usb-audio: Drop superfluous '0' in Presonus Studio 1810c's ID
     - [arm*] binder: fix handling of error during copy
     - [arm64,armhf] iommu/io-pgtable-arm: Fix table descriptor paddr formatting
     - scsi: ufs: Fix race conditions related to driver data
     - RDMA/qedr: Fix reporting max_{send/recv}_wr attrs
     - PCI/MSI: Fix pci_irq_vector()/pci_irq_get_affinity()
     - RDMA/core: Let ib_find_gid() continue search even after empty entry
     - RDMA/cma: Let cma_resolve_ib_dev() continue search even after empty entry
     - [x86] ASoC: rt5663: Handle device_property_read_u32_array error codes
     - [amd64] iommu/amd: Remove iommu_init_ga()
     - [amd64] iommu/amd: Restore GA log/tail pointer on host resume
     - [x86] ASoC: Intel: catpt: Test dmaengine_submit() result before moving on
     - iommu/iova: Fix race between FQ timeout and teardown
     - scsi: block: pm: Always set request queue runtime active in
       blk_post_runtime_resume()
     - [powerpc*] xive: Add missing null check after calling kmalloc
     - RDMA/cxgb4: Set queue pair state when being queried
     - of: base: Fix phandle argument length mismatch error message
     - [armhf] dts: omap3-n900: Fix lp5523 for multi color
     - Bluetooth: Fix debugfs entry leak in hci_register_dev()
     - fs: dlm: filter user dlm messages for kernel locks
     - [arm64,armhf] drm/lima: fix warning when CONFIG_DEBUG_SG=y &
       CONFIG_DMA_API_DEBUG=y
     - ar5523: Fix null-ptr-deref with unexpected WDCMSG_TARGET_START reply
     - [arm64,armhf] drm/bridge: dw-hdmi: handle ELD when
       DRM_BRIDGE_ATTACH_NO_CONNECTOR
     - drm/nouveau/pmu/gm200-: avoid touching PMU outside of DEVINIT/PREOS/ACR
     - batman-adv: allow netlink usage in unprivileged containers
     - ath11k: Fix crash caused by uninitialized TX ring
     - usb: gadget: f_fs: Use stream_open() for endpoint files
     - drm: panel-orientation-quirks: Add quirk for the Lenovo Yoga Book X91F/L
     - HID: apple: Do not reset quirks when the Fn key is not found
     - media: b2c2: Add missing check in flexcop_pci_isr:
     - drm/amdgpu/display: set vblank_disable_immediate for DC
     - [arm64,armhf] tty: serial: imx: disable UCR4_OREN in .stop_rx() instead of
       .shutdown()
     - gpiolib: acpi: Do not set the IRQ type if the IRQ is already in use
     - [armhf] HSI: core: Fix return freed object in hsi_new_client
     - crypto: jitter - consider 32 LSB for APT
     - rsi: Fix use-after-free in rsi_rx_done_handler()
     - rsi: Fix out-of-bounds read in rsi_read_pkt()
     - ath11k: Avoid NULL ptr access during mgmt tx cleanup
     - [arm64] media: venus: avoid calling core_clk_setrate() concurrently during
       concurrent video sessions
     - [x86] ACPI / x86: Drop PWM2 device on Lenovo Yoga Book from always present
       table
     - ACPI: Change acpi_device_always_present() into
       acpi_device_override_status()
     - [x86] ACPI / x86: Allow specifying acpi_device_override_status() quirks by
       path
     - [x86] ACPI / x86: Add not-present quirk for the PCI0.SDHB.BRC1 device on
       the GPD win
     - floppy: Add max size check for user space request
     - [x86] mm: Flush global TLB when switching to trampoline page-table
     - media: saa7146: hexium_orion: Fix a NULL pointer dereference in
       hexium_attach()
     - media: m920x: don't use stack on USB reads
     - [x86] thunderbolt: Runtime PM activate both ends of the device link
     - iwlwifi: mvm: synchronize with FW after multicast commands
     - iwlwifi: mvm: avoid clearing a just saved session protection id
     - ath11k: avoid deadlock by change ieee80211_queue_work for regd_update_work
     - ath10k: Fix tx hanging
     - net-sysfs: update the queue counts in the unregistration path
     - net: phy: prefer 1000baseT over 1000baseKX
     - [armhf] gpio: aspeed: Convert aspeed_gpio.lock to raw_spinlock
     - ath11k: Avoid false DEADLOCK warning reported by lockdep
     - [x86] mce: Allow instrumentation during task work queueing
     - [x86] mce: Mark mce_panic() noinstr
     - [x86] mce: Mark mce_end() noinstr
     - [x86] mce: Mark mce_read_aux() noinstr
     - net: bonding: debug: avoid printing debug logs when bond is not notifying
       peers
     - bpf: Do not WARN in bpf_warn_invalid_xdp_action()
     - HID: quirks: Allow inverting the absolute X/Y values
     - media: igorplugusb: receiver overflow should be reported
     - media: saa7146: hexium_gemini: Fix a NULL pointer dereference in
       hexium_attach()
     - mmc: core: Fixup storing of OCR for MMC_QUIRK_NONSTD_SDIO
     - audit: ensure userspace is penalized the same as the kernel when under
       pressure
     - [arm64] dts: ls1028a-qds: move rtc node to the correct i2c bus
     - PM: runtime: Add safety net to supplier device release
     - cpufreq: Fix initialization of min and max frequency QoS requests
     - usb: hub: Add delay for SuperSpeed hub resume to let links transit to U0
     - ath9k: Fix out-of-bound memcpy in ath9k_hif_usb_rx_stream
     - rtw88: 8822c: update rx settings to prevent potential hw deadlock
     - iwlwifi: fix leaks/bad data after failed firmware load
     - iwlwifi: remove module loading failure message
     - iwlwifi: mvm: Fix calculation of frame length
     - iwlwifi: pcie: make sure prph_info is set when treating wakeup IRQ
     - ath11k: Fix napi related hang
     - Bluetooth: vhci: Set HCI_QUIRK_VALID_LE_STATES
     - xfrm: rate limit SA mapping change message to user space
     - [armhf] drm/etnaviv: consider completed fence seqno in hang check
     - jffs2: GC deadlock reading a page that is used in jffs2_write_begin()
     - ACPICA: actypes.h: Expand the ACPI_ACCESS_ definitions
     - ACPICA: Utilities: Avoid deleting the same object twice in a row
     - ACPICA: Executer: Fix the REFCLASS_REFOF case in acpi_ex_opcode_1A_0T_1R()
     - ACPICA: Fix wrong interpretation of PCC address
     - ACPICA: Hardware: Do not flush CPU cache when entering S4 and S5
     - drm/amdgpu: fixup bad vram size on gmc v8
     - ACPI: battery: Add the ThinkPad "Not Charging" quirk
     - btrfs: remove BUG_ON() in find_parent_nodes()
     - btrfs: remove BUG_ON(!eie) in find_parent_nodes
     - net: mdio: Demote probed message to debug print
     - mac80211: allow non-standard VHT MCS-10/11
     - dm btree: add a defensive bounds check to insert_at()
     - dm space map common: add bounds check to sm_ll_lookup_bitmap()
     - net: phy: marvell: configure RGMII delays for 88E1118
     - [arm64] regulator: qcom_smd: Align probe function with rpmh-regulator
     - [arm64,armhf] serial: pl010: Drop CR register reset on set_termios
     - serial: core: Keep mctrl register state and cached copy in sync
     - random: do not throw away excess input to crng_fast_load
     - [powerpc*] powernv: add missing of_node_put
     - [powerpc*] btext: add missing of_node_put
     - [powerpc*] watchdog: Fix missed watchdog reset due to memory ordering race
     - [x86] i2c: i801: Don't silently correct invalid transfer size
     - [powerpc*] smp: Move setup_profiling_timer() under CONFIG_PROFILING
     - [powerpc*] i2c: mpc: Correct I2C reset procedure
     - [arm64] clk: meson: gxbb: Fix the SDM_EN bit for MPLL0 on GXBB
     - [powerpc*] KVM: PPC: Book3S: Suppress warnings when allocating too big
       memory slots
     - [powerpc*] KVM: PPC: Book3S: Suppress failed alloc warning in
       H_COPY_TOFROM_GUEST
     - w1: Misuse of get_user()/put_user() reported by sparse
     - nvmem: core: set size for sysfs bin file
     - dm: fix alloc_dax error handling in alloc_dev
     - scsi: lpfc: Trigger SLI4 firmware dump before doing driver cleanup
     - ALSA: seq: Set upper limit of processed events
     - [powerpc*] handle kdump appropriately with crash_kexec_post_notifiers
       option
     - [powerpc*] fadump: Fix inaccurate CPU state info in vmcore generated with
       panic
     - udf: Fix error handling in udf_new_inode()
     - [mips64el,mipsel] OCTEON: add put_device() after of_find_device_by_node()
     - [arm64,armhf] irqchip/gic-v4: Disable redistributors' view of the VPE
       table at boot time
     - [x86] i2c: designware-pci: Fix to change data types of hcnt and lcnt
       parameters
     - scsi: sr: Don't use GFP_DMA
     - [arm64] rpmsg: core: Clean up resources on announce_create failure.
     - [armhf] crypto: stm32/crc32 - Fix kernel BUG triggered in probe()
     - [arm64] crypto: caam - replace this_cpu_ptr with raw_cpu_ptr
     - ubifs: Error path in ubifs_remount_rw() seems to wrongly free write
       buffers
     - tpm: fix NPE on probe for missing device
     - xen/gntdev: fix unmap notification order
     - fuse: Pass correct lend value to filemap_write_and_wait_range()
     - serial: Fix incorrect rs485 polarity on uart open
     - cputime, cpuacct: Include guest time in user time in cpuacct.stat
     - tracing/kprobes: 'nmissed' not showed correctly for kretprobe
     - iwlwifi: mvm: Increase the scan timeout guard to 30 seconds
     - [s390x] mm: fix 2KB pgtable release race
     - device property: Fix fwnode_graph_devcon_match() fwnode leak
     - [armhf] drm/etnaviv: limit submit sizes
     - drm/nouveau/kms/nv04: use vzalloc for nv04_display
     - [arm64,armhf] drm/bridge: analogix_dp: Make PSR-exit block less
     - [powerpc*] 64s/radix: Fix huge vmap false positive
     - [arm64] PCI: xgene: Fix IB window setup
     - PCI: pciehp: Use down_read/write_nested(reset_lock) to fix lockdep errors
     - [arm*] PCI: pci-bridge-emul: Make expansion ROM Base Address register
       read-only
     - [arm*] PCI: pci-bridge-emul: Properly mark reserved PCIe bits in PCI
       config space
     - [arm*] PCI: pci-bridge-emul: Fix definitions of reserved bits
     - [arm*] PCI: pci-bridge-emul: Correctly set PCIe capabilities
     - [arm*] PCI: pci-bridge-emul: Set PCI_STATUS_CAP_LIST for PCIe device
     - xfrm: fix policy lookup for ipv6 gre packets
     - btrfs: fix deadlock between quota enable and other quota operations
     - btrfs: check the root node for uptodate before returning it
     - btrfs: respect the max size in the header when activating swap file
     - ext4: make sure to reset inode lockdep class when quota enabling fails
     - ext4: make sure quota gets properly shutdown on error
     - ext4: fix a possible ABBA deadlock due to busy PA
     - ext4: initialize err_blk before calling __ext4_get_inode_loc
     - ext4: fix fast commit may miss tracking range for FALLOC_FL_ZERO_RANGE
     - ext4: set csum seed in tmp inode while migrating to extents
     - ext4: Fix BUG_ON in ext4_bread when write quota data
     - ext4: use ext4_ext_remove_space() for fast commit replay delete range
     - ext4: fast commit may miss tracking unwritten range during ftruncate
     - ext4: destroy ext4_fc_dentry_cachep kmemcache on module removal
     - ext4: fix null-ptr-deref in '__ext4_journal_ensure_credits'
     - ext4: don't use the orphan list when migrating an inode
     - drm/radeon: fix error handling in radeon_driver_open_kms
     - of: base: Improve argument length mismatch error
     - firmware: Update Kconfig help text for Google firmware
     - [arm*] drm/vc4: hdmi: Make sure the device is powered with CEC
     - Documentation: dmaengine: Correctly describe dmatest with channel unset
     - Documentation: ACPI: Fix data node reference documentation
     - Documentation: refer to config RANDOMIZE_BASE for kernel address-space
       randomization
     - Documentation: fix firewire.rst ABI file path error
     - Bluetooth: hci_sync: Fix not setting adv set duration
     - scsi: core: Show SCMD_LAST in text form
     - [arm64] RDMA/hns: Modify the mapping attribute of doorbell to device
     - RDMA/rxe: Fix a typo in opcode name
     - [armhf] dmaengine: stm32-mdma: fix STM32_MDMA_CTBR_TSEL_MASK
     - Revert "net/mlx5: Add retry mechanism to the command entry index
       allocation"
     - block: Fix fsync always failed if once failed
     - bpftool: Remove inclusion of utilities.mak from Makefiles
     - xdp: check prog type before updating BPF link
     - ipv4: update fib_info_cnt under spinlock protection
     - ipv4: avoid quadratic behavior in netns dismantle
     - [arm64] net/fsl: xgmac_mdio: Add workaround for erratum A-009885
     - [arm64] net/fsl: xgmac_mdio: Fix incorrect iounmap when removing module
     - f2fs: compress: fix potential deadlock of compress file
     - f2fs: fix to reserve space for IO align feature
     - af_unix: annote lockless accesses to unix_tot_inflight & gc_in_progress
     - clk: Emit a stern warning with writable debugfs enabled
     - net/smc: Fix hung_task when removing SMC-R devices
     - virtio_ring: mark ring unused on error
     - taskstats: Cleanup the use of task->exit_code
     - inet: frags: annotate races around fqdir->dead and fqdir->high_thresh
     - netns: add schedule point in ops_exit_list()
     - xfrm: Don't accidentally set RTO_ONLINK in decode_session4()
     - gre: Don't accidentally set RTO_ONLINK in gre_fill_metadata_dst()
     - libcxgb: Don't accidentally set RTO_ONLINK in cxgb_find_route()
     - perf script: Fix hex dump character output
     - perf probe: Fix ppc64 'perf probe add events failed' case
     - devlink: Remove misleading internal_flags from health reporter dump
     - net: bonding: fix bond_xmit_broadcast return value error bug
     - net_sched: restore "mpu xxx" handling
     - [arm64] bcmgenet: add WOL IRQ check
     - net: sfp: fix high power modules without diagnostic monitoring
     - [arm64] net: mscc: ocelot: fix using match before it is set
     - dt-bindings: display: meson-dw-hdmi: add missing sound-name-prefix
       property
     - dt-bindings: display: meson-vpu: Add missing amlogic,canvas property
     - dt-bindings: watchdog: Require samsung,syscon-phandle for Exynos7
     - mm/hmm.c: allow VM_MIXEDMAP to work with hmm_range_fault
     - mtd: nand: bbt: Fix corner case in bad block table handling
     - ath10k: Fix the MTU size on QCA9377 SDIO
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.95
     - bnx2x: Utilize firmware 7.13.21.0
     - bnx2x: Invalidate fastpath HSI version for VFs
     - rcu: Tighten rcu_advance_cbs_nowake() checks
     - [x86] KVM: x86/mmu: Fix write-protection of PTs mapped by the TDP MMU
     - select: Fix indefinitely sleeping task in poll_schedule_timeout()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.96
     - Bluetooth: refactor malicious adv data check
     - [arm64] media: venus: core: Drop second v4l2 device unregister
     - net: sfp: ignore disabled SFP node
     - net: stmmac: skip only stmmac_ptp_register when resume from suspend
     - [s390x] module: fix loading modules with a lot of relocations
     - [s390x] hypfs: include z/VM guests with access control group set
     - bpf: Guard against accessing NULL pt_regs in bpf_get_task_stack()
     - [s390x] scsi: zfcp: Fix failed recovery on gone remote port with non-NPIV
       FCP devices
     - udf: Restore i_lenAlloc when inode expansion fails (CVE-2022-0617)
     - udf: Fix NULL ptr deref when converting from inline format (CVE-2022-0617)
     - efi: runtime: avoid EFIv2 runtime services on Apple x86 machines
     - tracing: Don't inc err_log entry count if entry allocation fails
     - ceph: properly put ceph_string reference after async create attempt
     - ceph: set pool_ns in new inode layout for async creates
     - fsnotify: fix fsnotify hooks in pseudo filesystems
     - Revert "KVM: SVM: avoid infinite loop on NPF from bad address"
     - [x86] perf/x86/intel/uncore: Fix CAS_COUNT_WRITE issue for ICX
     - [armhf] drm/etnaviv: relax submit size limits
     - [x86] KVM: x86: Update vCPU's runtime CPUID on write to MSR_IA32_XSS
     - [arm64] errata: Fix exec handling in erratum 1418040 workaround
     - netfilter: nft_payload: do not update layer 4 checksum when mangling
       fragments
     - serial: 8250: of: Fix mapped region size when using reg-offset property
     - [armhf] serial: stm32: fix software flow control transfer
     - tty: n_gsm: fix SW flow control encoding/handling
     - tty: Add support for Brainboxes UC cards.
     - usb-storage: Add unusual-devs entry for VL817 USB-SATA bridge
     - [arm64,armhf] usb: xhci-plat: fix crash when suspend if remote wake enable
     - [arm64,armhf] usb: common: ulpi: Fix crash in ulpi_match()
     - usb: gadget: f_sourcesink: Fix isoc transfer for USB_SPEED_SUPER_PLUS
     - USB: core: Fix hang in usb_kill_urb by adding memory barriers
     - usb: typec: tcpm: Do not disconnect while receiving VBUS off
     - jbd2: export jbd2_journal_[grab|put]_journal_head
     - ocfs2: fix a deadlock when commit trans
     - sched/membarrier: Fix membarrier-rseq fence command missing from query
       bitmask
     - [x86] MCE/AMD: Allow thresholding interface updates after init
     - i40e: Increase delay to 1 s after global EMP reset
     - i40e: Fix issue when maximum queues is exceeded
     - i40e: Fix queues reservation for XDP
     - i40e: Fix for failed to init adminq while VF reset
     - i40e: fix unsigned stat widths
     - scsi: bnx2fc: Flush destroy_work queue before calling
       bnx2fc_interface_put()
     - ipv6_tunnel: Rate limit warning messages
     - net: fix information leakage in /proc/net/ptype
     - hwmon: (lm90) Mark alert as broken for MAX6646/6647/6649
     - hwmon: (lm90) Mark alert as broken for MAX6680
     - ping: fix the sk_bound_dev_if match in ping_lookup
     - ipv4: avoid using shared IP generator for connected sockets
     - hwmon: (lm90) Reduce maximum conversion rate for G781
     - NFSv4: nfs_atomic_open() can race when looking up a non-regular file
     - net-procfs: show net devices bound packet types
     - [arm64] drm/msm: Fix wrong size calculation
     - [arm64] drm/msm/dsi: Fix missing put_device() call in dsi_get_phy
     - [arm64] drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable
     - ipv6: annotate accesses to fn->fn_sernum
     - NFS: Ensure the server has an up to date ctime before hardlinking
     - NFS: Ensure the server has an up to date ctime before renaming
     - [powerpc*] powerpc64/bpf: Limit 'ldbrx' to processors compliant with ISA
       v2.06
     - netfilter: conntrack: don't increment invalid counter on NF_REPEAT
     - kernel: delete repeated words in comments
     - perf: Fix perf_event_read_local() time
     - sched/pelt: Relax the sync of util_sum with util_avg
     - net: phy: broadcom: hook up soft_reset for BCM54616S
     - phylib: fix potential use-after-free
     - rxrpc: Adjust retransmission backoff
     - [arm64] efi/libstub: arm64: Fix image check alignment at entry
     - hwmon: (lm90) Mark alert as broken for MAX6654
     - [powerpc*] perf: Fix power_pmu_disable to call clear_pmi_irq_pending only
       if PMI is pending
     - net: ipv4: Move ip_options_fragment() out of loop
     - net: ipv4: Fix the warning for dereference
     - ipv4: fix ip option filtering for locally generated fragments
     - [x86] video: hyperv_fb: Fix validation of screen resolution
     - [arm64] drm/msm/hdmi: Fix missing put_device() call in msm_hdmi_get_phy
     - [arm64] drm/msm/dpu: invalid parameter check in dpu_setup_dspp_pcc
     - [armhf] net: cpsw: Properly initialise struct page_pool_params
     - [arm64] net: hns3: handle empty unknown interrupt for VF
     - Revert "ipv6: Honor all IPv6 PIO Valid Lifetime values"
     - net: bridge: vlan: fix single net device option dumping
     - ipv4: raw: lock the socket in raw_bind()
     - ipv4: tcp: send zero IPID in SYNACK messages
     - ipv4: remove sparse error in ip_neigh_gw4()
     - net: bridge: vlan: fix memory leak in __allowed_ingress
     - dt-bindings: can: tcan4x5x: fix mram-cfg RX FIFO config
     - fsnotify: invalidate dcache before IN_DELETE event
     - block: Fix wrong offset in bio_truncate()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.97
     - PCI: pciehp: Fix infinite loop in IRQ handler upon power fault
     - [x86] KVM: x86: Forcibly leave nested virt when SMM state is toggled
     - psi: Fix uaf issue when psi trigger is destroyed while being polled
     - [x86] mce: Add Xeon Sapphire Rapids to list of CPUs that support PPIN
     - [x86] cpu: Add Xeon Icelake-D to list of CPUs that support PPIN
     - [arm*] drm/vc4: hdmi: Make sure the device is powered with CEC
     - cgroup-v1: Require capabilities to set release_agent (CVE-2022-0492)
     - net/mlx5e: Fix handling of wrong devices during bond netevent
     - net/mlx5: Use del_timer_sync in fw reset flow of halting poll
     - net/mlx5: E-Switch, Fix uninitialized variable modact
     - ipheth: fix EOVERFLOW in ipheth_rcvbulk_callback
     - [amd64,arm64] net: amd-xgbe: ensure to reset the tx_timer_active flag
     - [amd64,arm64] net: amd-xgbe: Fix skb data length underflow
     - fanotify: Fix stale file descriptor in copy_event_to_user()
     - net: sched: fix use-after-free in tc_new_tfilter()
     - rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink()
     - cpuset: Fix the bug that subpart_cpus updated wrongly in update_cpumask()
     - af_packet: fix data-race in packet_setsockopt / packet_setsockopt
     - tcp: add missing tcp_skb_can_collapse() test in tcp_shift_skb_data()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.98
     - [arm*] Revert "drm/vc4: hdmi: Make sure the device is powered with CEC"
     - [arm*] Revert "drm/vc4: hdmi: Make sure the device is powered with CEC"
       again
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.99
     - selinux: fix double free of cond_list on error paths
     - audit: improve audit queue handling when "audit=1" on cmdline
     - ASoC: ops: Reject out of bounds values in snd_soc_put_volsw()
     - ASoC: ops: Reject out of bounds values in snd_soc_put_volsw_sx()
     - ASoC: ops: Reject out of bounds values in snd_soc_put_xr_sx()
     - ALSA: usb-audio: Correct quirk for VF0770
     - ALSA: hda: Fix UAF of leds class devs at unbinding
     - ALSA: hda: realtek: Fix race at concurrent COEF updates
     - ALSA: hda/realtek: Add quirk for ASUS GU603
     - ALSA: hda/realtek: Add missing fixup-model entry for Gigabyte X570 ALC1220
       quirks
     - ALSA: hda/realtek: Fix silent output on Gigabyte X570S Aorus Master (newer
       chipset)
     - ALSA: hda/realtek: Fix silent output on Gigabyte X570 Aorus Xtreme after
       reboot from Windows
     - btrfs: fix deadlock between quota disable and qgroup rescan worker
     - drm/nouveau: fix off by one in BIOS boundary checking
     - mm/pgtable: define pte_index so that preprocessor could recognize it
     - block: bio-integrity: Advance seed correctly for larger interval sizes
     - dma-buf: heaps: Fix potential spectre v1 gadget
     - [amd64] IB/hfi1: Fix AIP early init panic
     - memcg: charge fs_context and legacy_fs_context
     - RDMA/cma: Use correct address when leaving multicast group
     - RDMA/ucma: Protect mc during concurrent multicast leaves
     - [amd64] IB/rdmavt: Validate remote_addr during loopback atomic tests
     - RDMA/mlx4: Don't continue event handler after memory allocation failure
     - [amd64] iommu/vt-d: Fix potential memory leak in
       intel_setup_irq_remapping()
     - [amd64] iommu/amd: Fix loop timeout issue in iommu_ga_log_enable()
     - [arm64,armhf] spi: meson-spicc: add IRQ check in meson_spicc_probe
     - net: ieee802154: hwsim: Ensure proper channel selection at probe time
     - net: ieee802154: Return meaningful error codes from the netlink helpers
     - net: macsec: Fix offload support for NETDEV_UNREGISTER event
     - net: macsec: Verify that send_sci is on when setting Tx sci explicitly
     - net: stmmac: dump gmac4 DMA registers correctly
     - net: stmmac: ensure PTP time register reads are consistent
     - [x86] drm/i915/overlay: Prevent divide by zero bugs in scaling
     - [x86] pinctrl: intel: Fix a glitch when updating IRQ flags on a
       preconfigured line
     - [x86] pinctrl: intel: fix unexpected interrupt
     - [arm*] pinctrl: bcm2835: Fix a few error paths
     - scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe
     - nfsd: nfsd4_setclientid_confirm mistakenly expires confirmed client.
     - [amd64,arm64] gve: fix the wrong AdminQ buffer queue index check
     - bpf: Use VM_MAP instead of VM_ALLOC for ringbuf
     - rtc: cmos: Evaluate century appropriate
     - Revert "fbcon: Disable accelerated scrolling"
     - fbcon: Add option to enable legacy hardware acceleration
     - perf stat: Fix display of grouped aliased events
     - [x86] perf/x86/intel/pt: Fix crash with stop filters in single-range mode
     - [x86] perf: Default set FREEZE_ON_SMI for all
     - [arm64] EDAC/xgene: Fix deferred probing
     - ext4: prevent used blocks from being allocated during fast commit replay
     - ext4: modify the logic of ext4_mb_new_blocks_simple
     - ext4: fix error handling in ext4_restore_inline_data()
     - ext4: fix error handling in ext4_fc_record_modified_inode()
     - ext4: fix incorrect type issue during replay_del_range
     - cgroup/cpuset: Fix "suspicious RCU usage" lockdep warning
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.100
     - moxart: fix potential use-after-free on remove path (CVE-2022-0487)
     - crypto: api - Move cryptomgr soft dependency into algapi
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.101
     - integrity: check the return value of audit_log_start()
     - [arm64] mmc: sdhci-of-esdhc: Check for error num after setting mask
     - can: isotp: fix potential CAN frame reception race in isotp_rcv()
     - net: phy: marvell: Fix RGMII Tx/Rx delays setting in 88e1121-compatible
       PHYs
     - net: phy: marvell: Fix MDI-x polarity setting in 88e1118-compatible PHYs
     - NFS: Fix initialisation of nfs_client cl_flags field
     - NFSD: Clamp WRITE offsets
     - NFSD: Fix offset type in I/O trace points
     - drm/amdgpu: Set a suitable dev_info.gart_page_size (Closes: #990279)
     - NFS: change nfs_access_get_cached to only report the mask
     - NFSv4 only print the label when its queried
     - nfs: nfs4clinet: check the return value of kstrdup()
     - NFSv4.1: Fix uninitialised variable in devicenotify
     - NFSv4 remove zero number of fs_locations entries error check
     - NFSv4 expose nfs_parse_server_name function
     - NFSv4 handle port presence in fs_location server string
     - [x86] perf: Avoid warning for Arch LBR without XSAVE
     - drm: panel-orientation-quirks: Add quirk for the 1Netbook OneXPlayer
     - net: sched: Clarify error message when qdisc kind is unknown
     - [powerpc*] fixmap: Fix VM debug warning on unmap
     - scsi: target: iscsi: Make sure the np under each tpg is unique
     - scsi: qedf: Add stag_work to all the vports
     - scsi: qedf: Fix refcount issue when LOGO is received during TMF
     - scsi: pm8001: Fix bogus FW crash for maxcpus=1
     - scsi: ufs: Treat link loss as fatal error
     - scsi: myrs: Fix crash in error case
     - PM: hibernate: Remove register_nosave_region_late()
     - [arm*] usb: dwc2: gadget: don't try to disable ep0 in dwc2_hsotg_suspend
     - perf: Always wake the parent event
     - nvme-pci: add the IGNORE_DEV_SUBNQN quirk for Intel P4500/P4600 SSDs
     - [arm64,armhf] net: stmmac: dwmac-sun8i: use return val of
       readl_poll_timeout()
     - KVM: eventfd: Fix false positive RCU usage warning
     - [x86] KVM: nVMX: eVMCS: Filter out VM_EXIT_SAVE_VMX_PREEMPTION_TIMER
     - [x86] KVM: nVMX: Also filter MSR_IA32_VMX_TRUE_PINBASED_CTLS when eVMCS
     - [x86] KVM: SVM: Don't kill SEV guest if SMAP erratum triggers in usermode
     - [x86] KVM: VMX: Set vmcs.PENDING_DBG.BS on #DB in STI/MOVSS blocking
       shadow
     - nvme-tcp: fix bogus request completion when failing to send AER
     - [arm64] ACPI/IORT: Check node revision for PMCG resources
     - PM: s2idle: ACPI: Fix wakeup interrupts handling
     - [arm64,armhf] drm/rockchip: vop: Correct RK3399 VOP register fields
     - [armhf] ARM: dts: Fix timer regression for beagleboard revision c
     - usb: f_fs: Fix use-after-free for epfile
     - [arm*] drm/vc4: hdmi: Allow DBLCLK modes even if horz timing is odd.
     - netfilter: ctnetlink: disable helper autoassign
     - ixgbevf: Require large buffers for build_skb on 82599VF
     - [arm64,armhf] drm/panel: simple: Assign data from panel_dpi_probe()
       correctly
     - ACPI: PM: s2idle: Cancel wakeup before dispatching EC GPE
     - bonding: pair enable_port with slave_arr_updates
     - [arm64,armhf] net: dsa: mv88e6xxx: don't use devres for mdiobus
     - [armhf] net: dsa: bcm_sf2: don't use devres for mdiobus
     - [arm64] net: dsa: felix: don't use devres for mdiobus
     - ipmr,ip6mr: acquire RTNL before calling ip[6]mr_free_table() on failure
       path
     - nfp: flower: fix ida_idx not being released
     - net: do not keep the dst cache when uncloning an skb dst and its metadata
     - net: fix a memleak when uncloning an skb dst and its metadata
     - veth: fix races around rq->rx_notify_masked
     - [armhf] net: mdio: aspeed: Add missing MODULE_DEVICE_TABLE
     - tipc: rate limit warning for received illegal binding update
     - [amd64,arm64] net: amd-xgbe: disable interrupts during pci removal
     - [arm64] dpaa2-eth: unregister the netdev before disconnecting from the PHY
     - ice: fix an error code in ice_cfg_phy_fec()
     - ice: fix IPIP and SIT TSO offload
     - [arm64] net: mscc: ocelot: fix mutex lock error during ethtool stats read
     - [arm64,armhf] net: dsa: mv88e6xxx: fix use-after-free in
       mv88e6xxx_mdios_unregister
     - vt_ioctl: fix array_index_nospec in vt_setactivate
     - vt_ioctl: add array_index_nospec to VT_ACTIVATE
     - n_tty: wake up poll(POLLRDNORM) on receiving data
     - eeprom: ee1004: limit i2c reads to I2C_SMBUS_BLOCK_MAX
     - [arm*] usb: dwc2: drd: fix soft connect when gadget is unconfigured
     - [arm*] Revert "usb: dwc2: drd: fix soft connect when gadget is
       unconfigured"
     - net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
     - [arm64,armhf] usb: ulpi: Move of_node_put to ulpi_dev_release
     - [arm64,armhf] usb: ulpi: Call of_node_put correctly
     - [arm64,armhf] usb: dwc3: gadget: Prevent core from processing stale TRBs
     - usb: gadget: f_uac2: Define specific wTerminalType
     - USB: serial: ftdi_sio: add support for Brainboxes US-159/235/320
     - USB: serial: option: add ZTE MF286D modem
     - USB: serial: ch341: add support for GW Instek USB2.0-Serial devices
     - USB: serial: cp210x: add NCR Retail IO box id
     - USB: serial: cp210x: add CPI Bulk Coin Recycler id
     - speakup-dectlk: Restore pitch setting
     - [x86] hwmon: (dell-smm) Speed up setting of fan speed
     - can: isotp: fix error path in isotp_sendmsg() to unlock wait queue
     - scsi: lpfc: Remove NVMe support if kernel has NVME_FC disabled
     - scsi: lpfc: Reduce log messages seen after firmware download
     - perf: Fix list corruption in perf_cgroup_switch()
     - iommu: Fix potential use-after-free during probe
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.102
     - drm/nouveau/pmu/gm200-: use alternate falcon reset sequence
     - mm: memcg: synchronize objcg lists with a dedicated spinlock
     - rcu: Do not report strict GPs for outgoing CPUs
     - fget: clarify and improve __fget_files() implementation
     - fs/proc: task_mmu.c: don't read mapcount for migration entry
     - can: isotp: prevent race between isotp_bind() and isotp_setsockopt()
     - can: isotp: add SF_BROADCAST support for functional addressing
     - scsi: lpfc: Fix mailbox command failure during driver initialization
     - HID:Add support for UGTABLET WP5540
     - [x86] Revert "svm: Add warning message for AVIC IPI invalid target"
     - mmc: block: fix read single on recovery logic
     - mm: don't try to NUMA-migrate COW pages that have other uses
     - [amd64] PCI: hv: Fix NUMA node assignment when kernel boots with custom
       NUMA topology
     - btrfs: send: in case of IO error log it
     - net: ieee802154: at86rf230: Stop leaking skb's
     - ax25: improve the incomplete fix to avoid UAF and NPD bugs
     - vfs: make freeze_super abort when sync_filesystem returns error
     - quota: make dquot_quota_sync return errors from ->sync_fs
     - scsi: pm8001: Fix use-after-free for aborted TMF sas_task
     - scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task
     - nvme: fix a possible use-after-free in controller reset during load
     - nvme-tcp: fix possible use-after-free in transport error_recovery work
     - nvme-rdma: fix possible use-after-free in transport error_recovery work
     - drm/amdgpu: fix logic inversion in check
     - [amd64] x86/Xen: streamline (and fix) PV CPU enumeration
     - Revert "module, async: async_synchronize_full() on module init iff async
       is used"
     - random: wake up /dev/random writers after zap
     - iwlwifi: fix use-after-free
     - drm/radeon: Fix backlight control on iMac 12,1
     - [x86] drm/i915/opregion: check port number bounds for SWSCI display power
       state
     - vsock: remove vsock from connected table when connect is interrupted by a
       signal
     - [x86] drm/i915/gvt: Make DRM_I915_GVT depend on X86
     - iwlwifi: pcie: fix locking when "HW not ready"
     - iwlwifi: pcie: gen2: fix locking when "HW not ready"
     - netfilter: nft_synproxy: unregister hooks on init error path
     - ipv6: per-netns exclusive flowlabel checks
     - net: dsa: lantiq_gswip: fix use after free in gswip_remove()
     - ping: fix the dif and sdif check in ping_lookup
     - bonding: force carrier update when releasing slave
     - drop_monitor: fix data-race in dropmon_net_event / trace_napi_poll_hit
     - net_sched: add __rcu annotation to netdev->qdisc
     - bonding: fix data-races around agg_select_timer
     - libsubcmd: Fix use-after-free for realloc(..., 0)
     - [arm64] dpaa2-eth: Initialize mutex used in one step timestamping path
     - ALSA: hda/realtek: Add quirk for Legion Y9000X 2019
     - ALSA: hda/realtek: Fix deadlock by COEF mutex
     - ALSA: hda: Fix regression on forced probe mask option
     - ALSA: hda: Fix missing codec probe on Shenker Dock 15
     - ASoC: ops: Fix stereo change notifications in snd_soc_put_volsw()
     - ASoC: ops: Fix stereo change notifications in snd_soc_put_volsw_range()
     - [powerpc*[ lib/sstep: fix 'ptesync' build error
     - [armhf] mtd: rawnand: gpmi: don't leak PM reference in error path
     - [x86] KVM: SVM: Never reject emulation due to SMAP errata for !SEV guests
       (CVE-2020-36310)
     - block/wbt: fix negative inflight counter when remove scsi device
     - NFS: LOOKUP_DIRECTORY is also ok with symlinks
     - NFS: Do not report writeback errors in nfs_getattr()
     - tty: n_tty: do not look ahead for EOL character past the end of the buffer
     - [x86] Drivers: hv: vmbus: Fix memory leak in vmbus_add_channel_kobj
     - [x86] KVM: x86/pmu: Refactoring find_arch_event() to pmc_perf_hw_id()
     - [x86] KVM: x86/pmu: Don't truncate the PerfEvtSeln MSR when creating a
       perf event
     - [x86] KVM: x86/pmu: Use AMD64_RAW_EVENT_MASK for PERF_TYPE_RAW
     - NFS: Don't set NFS_INO_INVALID_XATTR if there is no xattr cache
     - [armhf] OMAP2+: hwmod: Add of_node_put() before break
     - [armhf] OMAP2+: adjust the location of put_device() call in
       omapdss_init_of
     - netfilter: conntrack: don't refresh sctp entries in closed state
     - kconfig: let 'shell' return enough output for deep path names
     - ata: libata-core: Disable TRIM on M88V29
     - [armhf] soc: aspeed: lpc-ctrl: Block error printing on probe defer cases
     - xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create
     - [arm64,armhf] drm/rockchip: dw_hdmi: Do not leave clock enabled in error
       case
     - tracing: Fix tp_printk option related with tp_printk_stop_on_boot
     - net: usb: qmi_wwan: Add support for Dell DW5829e
     - [arm64] net: macb: Align the dma and coherent dma masks
     - kconfig: fix failing to generate auto.conf
     - scsi: lpfc: Fix pt2pt NVMe PRLI reject LOGO loop
     - EDAC: Fix calculation of returned address and next offset in
       edac_align_ptr()
     - net: sched: limit TC_ACT_REPEAT loops
     - [armhf] dmaengine: stm32-dmamux: Fix PM disable depth imbalance in
       stm32_dmamux_probe
     - copy_process(): Move fd_install() out of sighand->siglock critical section
     - [arm*] i2c: brcmstb: fix support for DSL and CM variants
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.103
     - cgroup/cpuset: Fix a race between cpuset_attach() and cpu hotplug
     - btrfs: tree-checker: check item_size for inode_item
     - btrfs: tree-checker: check item_size for dev_item
     - vhost/vsock: don't check owner in vhost_vsock_stop() while releasing
     - [x86] KVM: x86/mmu: make apf token non-zero to fix bug
     - drm/amdgpu: disable MMHUB PG for Picasso
     - [x86] drm/i915: Correctly populate use_sagv_wm for all pipes
     - sr9700: sanity check for packet length
     - USB: zaurus: support another broken Zaurus
     - CDC-NCM: avoid overflow in sanity checking
     - netfilter: nf_tables_offload: incorrect flow offload action array size
       (CVE-2022-25636)
     - [x86] fpu: Correct pkru/xstate inconsistency
     - [arm64] tee: export teedev_open() and teedev_close_context()
     - [arm64] optee: use driver internal tee_context for some rpc
     - ping: remove pr_err from ping_lookup
     - perf data: Fix double free in perf_session__delete()
     - bnx2x: fix driver load from initrd
     - bnxt_en: Fix active FEC reporting to ethtool
     - hwmon: Handle failure to register sensor with thermal zone correctly
     - bpf: Do not try bpf_msg_push_data with len 0
     - bpf: Add schedule points in batch ops
     - io_uring: add a schedule point in io_add_buffers()
     - net: __pskb_pull_tail() & pskb_carve_frag_list() drop_monitor friends
     - tipc: Fix end of loop tests for list_for_each_entry()
     - gso: do not skip outer ip header in case of ipip and net_failover
     - openvswitch: Fix setting ipv6 fields causing hw csum failure
     - drm/edid: Always set RGB444
     - net/mlx5e: Fix wrong return value on ioctl EEPROM query failure
     - net/sched: act_ct: Fix flow table lookup after ct clear or switching zones
     - net: Force inlining of checksum functions in net/checksum.h
     - nfp: flower: Fix a potential leak in nfp_tunnel_add_shared_mac()
     - netfilter: nf_tables: fix memory leak during stateful obj update
     - net/smc: Use a mutex for locking "struct smc_pnettable"
     - udp_tunnel: Fix end of loop test in udp_tunnel_nic_unregister()
     - net/mlx5: Fix possible deadlock on rule deletion
     - net/mlx5: Fix wrong limitation of metadata match on ecpf
     - net/mlx5e: kTLS, Use CHECKSUM_UNNECESSARY for device-offloaded packets
     - regmap-irq: Update interrupt clear register for proper reset
     - configfs: fix a race in configfs_{,un}register_subsystem()
     - RDMA/ib_srp: Fix a deadlock
     - tracing: Have traceon and traceoff trigger honor the instance
     - iio: adc: ad7124: fix mask used for setting AIN_BUFP & AIN_BUFM bits
     - iio: imu: st_lsm6dsx: wait for settling time in st_lsm6dsx_read_oneshot
     - iio: Fix error handling for PM
     - ata: pata_hpt37x: disable primary channel on HPT371
     - Revert "USB: serial: ch341: add new Product ID for CH341A"
     - usb: gadget: rndis: add spinlock for rndis response list
     - tracefs: Set the group ownership in apply_options() not parse_options()
     - USB: serial: option: add support for DW5829e
     - USB: serial: option: add Telit LE910R1 compositions
     - [arm*] usb: dwc2: drd: fix soft connect when gadget is unconfigured
     - [arm64] usb: dwc3: pci: Fix Bay Trail phy GPIO mappings
     - [arm64,armhf] usb: dwc3: gadget: Let the interrupt handler disable bottom
       halves.
     - xhci: re-initialize the HC during resume if HCE was set
     - xhci: Prevent futile URB re-submissions due to incorrect return value.
     - driver core: Free DMA range map when device is released
     - RDMA/cma: Do not change route.addr.src_addr outside state checks
     - [x86] thermal: int340x: fix memory leak in int3400_notify()
     - tty: n_gsm: fix encoding of control signal octet bit DV
     - tty: n_gsm: fix proper link termination after failed open
     - tty: n_gsm: fix NULL pointer access due to DLCI release
     - tty: n_gsm: fix wrong tty control line for flow control
     - tty: n_gsm: fix deadlock in gsmtty_open()
     - memblock: use kfree() to release kmalloced memblock regions
 .
   [ Salvatore Bonaccorso ]
   * Refresh "Makefile: Do not check for libelf when building OOT module"
   * Bump ABI to 12
   * Refresh "firmware: Remove redundant log messages from drivers"
   * [rt] Refresh "locking/rtmutex: add sleeping lock implementation"
   * [rt] Refresh "cpuset: Convert callback_lock to raw_spinlock_t"
   * [rt] Update to 5.10.100-rt62
   * Mitigate Spectre v2-type Branch History Buffer attacks (CVE-2022-0001,
     CVE-2022-0002)
     - [x86] bugs: Unconditionally allow spectre_v2=retpoline,amd
     - [x86] speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE
     - [x86] speculation: Add eIBRS + Retpoline options
     - Documentation/hw-vuln: Update spectre doc
     - [x86] speculation: Include unprivileged eBPF status in Spectre v2
       mitigation reporting
     - [x86] speculation: Use generic retpoline by default on AMD
     - [x86] speculation: Update link to AMD speculation whitepaper
     - [x86] speculation: Warn about Spectre v2 LFENCE mitigation
     - [x86] speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT
 .
 linux (5.10.92-2) bullseye-security; urgency=high
 .
   * lib/iov_iter: initialize "flags" in new pipe_buffer
   * [x86] mwifiex: Fix skb_over_panic in mwifiex_usb_recv() (CVE-2021-43976)
   * [x86] drm/i915: Flush TLBs before releasing backing store (CVE-2022-0330)
   * [x86] drm/vmwgfx: Fix stale file descriptors on failed usercopy
     (CVE-2022-22942)
   * NFSv4: Handle case where the lookup of a directory fails (CVE-2022-24448)
   * yam: fix a memory leak in yam_siocdevprivate() (CVE-2022-24959)
   * tipc: improve size validations for received domain records (CVE-2022-0435)
   * [s390x] KVM: s390: Return error on SIDA memop on normal guest
     (CVE-2022-0516)
   * USB: gadget: validate interface OS descriptor requests (CVE-2022-25258)
   * usb: gadget: rndis: check size of RNDIS_MSG_SET command (CVE-2022-25375)
linux (5.10.92-2) bullseye-security; urgency=high
 .
   * lib/iov_iter: initialize "flags" in new pipe_buffer
   * [x86] mwifiex: Fix skb_over_panic in mwifiex_usb_recv() (CVE-2021-43976)
   * [x86] drm/i915: Flush TLBs before releasing backing store (CVE-2022-0330)
   * [x86] drm/vmwgfx: Fix stale file descriptors on failed usercopy
     (CVE-2022-22942)
   * NFSv4: Handle case where the lookup of a directory fails (CVE-2022-24448)
   * yam: fix a memory leak in yam_siocdevprivate() (CVE-2022-24959)
   * tipc: improve size validations for received domain records (CVE-2022-0435)
   * [s390x] KVM: s390: Return error on SIDA memop on normal guest
     (CVE-2022-0516)
   * USB: gadget: validate interface OS descriptor requests (CVE-2022-25258)
   * usb: gadget: rndis: check size of RNDIS_MSG_SET command (CVE-2022-25375)
linux (5.10.92-1) bullseye-security; urgency=high
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.85
     - usb: gadget: uvc: fix multiple opens
     - gcc-plugins: simplify GCC plugin-dev capability test
     - gcc-plugins: fix gcc 11 indigestion with plugins...
     - HID: quirks: Add quirk for the Microsoft Surface 3 type-cover
     - HID: add hid_is_usb() function to make it simpler for USB detection
     - HID: bigbenff: prevent null pointer dereference
     - HID: wacom: fix problems when device is not a valid USB device
     - HID: check for valid USB device for many HID drivers
     - [amd64] nft_set_pipapo: Fix bucket load in AVX2 lookup routine for six
       8-bit groups
     - [amd64] IB/hfi1: Insure use of smp_processor_id() is preempt disabled
     - [amd64] IB/hfi1: Fix early init panic
     - [amd64] IB/hfi1: Fix leak of rcvhdrtail_dummy_kvaddr
     - can: kvaser_usb: get CAN clock frequency from device
     - [x86] can: sja1000: fix use after free in ems_pcmcia_add_card()
     - drm/amdgpu: move iommu_resume before ip init/resume
     - drm/amdgpu: init iommu after amdkfd device init
     - nfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done
     - vrf: don't run conntrack on vrf with !dflt qdisc
     - bpf, x86: Fix "no previous prototype" warning
     - bpf: Fix the off-by-two error in range markings
     - ice: ignore dropped packets during init
     - bonding: make tx_rebalance_counter an atomic
     - nfp: Fix memory leak in nfp_cpp_area_cache_add()
     - seg6: fix the iif in the IPv6 socket control block
     - udp: using datalen to cap max gso segments
     - netfilter: conntrack: annotate data-races around ct->timeout
     - iavf: restore MSI state on reset
     - iavf: Fix reporting when setting descriptor count
     - [amd64] IB/hfi1: Correct guard on eager buffer deallocation
     - devlink: fix netns refcount leak in devlink_nl_cmd_reload()
     - net/sched: fq_pie: prevent dismantle issue
     - [x86] KVM: x86: Wait for IPIs to be delivered when handling Hyper-V TLB
       flush hypercall
     - mm: bdi: initialize bdi_min_ratio when bdi is unregistered
     - ALSA: hda/realtek - Add headset Mic support for Lenovo ALC897 platform
     - ALSA: hda/realtek: Fix quirk for TongFang PHxTxX1
     - ALSA: pcm: oss: Fix negative period/buffer sizes
     - ALSA: pcm: oss: Limit the period size to 16MB
     - ALSA: pcm: oss: Handle missing errors in snd_pcm_oss_change_params*()
     - scsi: qla2xxx: Format log strings only if needed
     - btrfs: clear extent buffer uptodate when we fail to write it
     - btrfs: replace the BUG_ON in btrfs_del_root_ref with proper error handling
     - md: fix update super 1.0 on rdev size change
     - nfsd: fix use-after-free due to delegation race (Closes: #988044)
     - nfsd: Fix nsfd startup race (again)
     - tracefs: Have new files inherit the ownership of their parent
     - [arm64] clk: qcom: regmap-mux: fix parent clock lookup
     - drm/syncobj: Deal with signalled fences in drm_syncobj_find_fence.
     - [i386] can: pch_can: pch_can_rx_normal: fix use after free
     - libata: add horkage for ASMedia 1092
     - wait: add wake_up_pollfree()
     - binder: use wake_up_pollfree()
     - signalfd: use wake_up_pollfree()
     - aio: keep poll requests on waitqueue until completed
     - aio: fix use-after-free due to missing POLLFREE handling
     - [arm64,armhf] net: mvpp2: fix XDP rx queues registering
     - tracefs: Set all files to the same group ownership as the mount option
     - block: fix ioprio_get(IOPRIO_WHO_PGRP) vs setuid(2)
     - scsi: pm80xx: Do not call scsi_remove_host() in pm8001_alloc()
     - scsi: scsi_debug: Fix buffer size of REPORT ZONES command
     - qede: validate non LSO skb length
     - PM: runtime: Fix pm_runtime_active() kerneldoc comment
     - ASoC: rt5682: Fix crash due to out of scope stack vars
     - [arm64] RDMA/hns: Do not halt commands during reset until later
     - [arm64] RDMA/hns: Do not destroy QP resources in the hw resetting phase
     - i40e: Fix failed opcode appearing if handling messages from VF
     - i40e: Fix pre-set max number of queues for VF
     - i40e: Fix NULL pointer dereference in i40e_dbg_dump_desc
     - [arm64] Revert "PCI: aardvark: Fix support for PCI_ROM_ADDRESS1 on
       emulated bridge"
     - Documentation/locking/locktypes: Update migrate_disable() bits.
     - dt-bindings: net: Reintroduce PHY no lane swap binding
     - net: cdc_ncm: Allow for dwNtbOutMaxSize to be unset or zero
     - [arm64,armhf] net: fec: only clear interrupt of handling queue in
       fec_enet_rx_queue()
     - net, neigh: clear whole pneigh_entry at alloc time
     - net/qla3xxx: fix an error code in ql_adapter_up()
     - USB: gadget: detect too-big endpoint 0 requests (CVE-2021-39685)
     - USB: gadget: zero allocate endpoint 0 buffers (CVE-2021-39685)
     - usb: core: config: fix validation of wMaxPacketValue entries
     - xhci: Remove CONFIG_USB_DEFAULT_PERSIST to prevent xHCI from runtime
       suspending
     - usb: core: config: using bit mask instead of individual bits
     - xhci: avoid race between disable slot command and host runtime suspend
     - iio: gyro: adxrs290: fix data signedness
     - iio: trigger: Fix reference counting
     - iio: stk3310: Don't return error code in interrupt handler
     - iio: mma8452: Fix trigger reference couting
     - iio: ltr501: Don't return error code in trigger handler
     - iio: kxsd9: Don't return error code in trigger handler
     - iio: itg3200: Call iio_trigger_notify_done() on error
     - iio: adc: axp20x_adc: fix charging current reporting on AXP22x
     - iio: ad7768-1: Call iio_trigger_notify_done() on error
     - iio: accel: kxcjk-1013: Fix possible memory leak in probe and remove
     - [armhf] irqchip/aspeed-scu: Replace update_bits with write_bits.
     - [armhf] irqchip/armada-370-xp: Fix return value of
       armada_370_xp_msi_alloc()
     - [armhf] irqchip/armada-370-xp: Fix support for Multi-MSI interrupts
     - [arm64,armhf] irqchip/irq-gic-v3-its.c: Force synchronisation when issuing
       INVALL
     - kbuild: simplify GCC_PLUGINS enablement in dummy-tools/gcc
     - doc: gcc-plugins: update gcc-plugins.rst
     - MAINTAINERS: adjust GCC PLUGINS after gcc-plugin.sh removal
     - Documentation/Kbuild: Remove references to gcc-plugin.sh
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.86
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.87
     - nfc: fix segfault in nfc_genl_dump_devices_done
     - [arm64] drm/msm/dsi: set default num_data_lanes
     - [arm64] KVM: arm64: Save PSTATE early on exit
     - [arm64] Revert "tty: serial: fsl_lpuart: drop earlycon entry for i.MX8QXP"
     - net/mlx4_en: Update reported link modes for 1/10G
     - ALSA: hda: Add Intel DG2 PCI ID and HDMI codec vid
     - ALSA: hda/hdmi: fix HDA codec entry table order for ADL-P
     - [arm64,armhf] i2c: rk3x: Handle a spurious start completion interrupt flag
     - net: netlink: af_netlink: Prevent empty skb by adding a check on len.
     - [x86] KVM: x86: Ignore sparse banks size for an "all CPUs", non-sparse IPI
       req
     - bpf: Fix integer overflow in argument calculation for bpf_map_area_alloc
     - fuse: make sure reclaim doesn't write the inode
     - [x86] hwmon: (dell-smm) Fix warning on /proc/i8k creation error
     - ethtool: do not perform operations on net devices being unregistered
     - [armel,armhf] memblock: free_unused_memmap: use pageblock units instead of
       MAX_ORDER
     - [armel,armhf] memblock: align freed memory map on pageblock boundaries
       with SPARSEMEM
     - memblock: ensure there is no overflow in memblock_overlaps_region()
     - [armel,armhf] arm: extend pfn_valid to take into account freed memory map
       alignment
     - [armel,armhf] arm: ioremap: don't abuse pfn_valid() to check if pfn is in
       RAM
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.88
     - KVM: downgrade two BUG_ONs to WARN_ON_ONCE
     - mac80211: fix regression in SSN handling of addba tx
     - mac80211: mark TX-during-stop for TX in in_reconfig
     - mac80211: send ADDBA requests using the tid/queue of the aggregation
       session
     - mac80211: validate extended element ID is present
     - bpf: Fix signed bounds propagation after mov32
     - bpf: Make 32->64 bounds propagation slightly more robust
     - virtio_ring: Fix querying of maximum DMA mapping size for virtio device
     - dm btree remove: fix use after free in rebalance_children()
     - audit: improve robustness of the audit queue handling
     - [arm64] dts: imx8mp-evk: Improve the Ethernet PHY description
     - [arm64] dts: rockchip: fix rk3308-roc-cc vcc-sd supply
     - [arm64] dts: rockchip: fix rk3399-leez-p710 vcc3v3-lan supply
     - mac80211: track only QoS data frames for admission control
     - ceph: fix duplicate increment of opened_inodes metric
     - ceph: initialize pathlen variable in reconnect_caps_cb
     - [armhf] socfpga: dts: fix qspi node compatible
     - clk: Don't parent clks until the parent is fully registered
     - [armhf] soc: imx: Register SoC device only on i.MX boards
     - virtio/vsock: fix the transport to work with VMADDR_CID_ANY
     - [s390x] kexec_file: fix error handling when applying relocations
     - sch_cake: do not call cake_destroy() from cake_init()
     - inet_diag: fix kernel-infoleak for UDP sockets
     - [arm64] net: hns3: fix use-after-free bug in hclgevf_send_mbx_msg
     - net/sched: sch_ets: don't remove idle classes from the round-robin list
     - drm/ast: potential dereference of null pointer
     - mac80211: agg-tx: don't schedule_and_wake_txq() under sta->lock
     - mac80211: fix lookup when adding AddBA extension element
     - flow_offload: return EOPNOTSUPP for the unsupported mpls action type
     - rds: memory leak in __rds_conn_create() (CVE-2021-45480)
     - [arm64,armhf] soc/tegra: fuse: Fix bitwise vs. logical OR warning
     - igb: Fix removal of unicast MAC filters of VFs
     - igbvf: fix double free in `igbvf_probe`
     - igc: Fix typo in i225 LTR functions
     - ixgbe: Document how to enable NBASE-T support
     - ixgbe: set X550 MDIO speed before talking to PHY
     - netdevsim: Zero-initialize memory for new map's value in function
       nsim_bpf_map_alloc (CVE-2021-4135)
     - net/packet: rx_owner_map depends on pg_vec
     - sfc_ef100: potential dereference of null pointer
     - net: Fix double 0x prefix print in SKB dump
     - net/smc: Prevent smc_release() from long blocking
     - sit: do not call ipip6_dev_free() from sit_init_net()
     - USB: gadget: bRequestType is a bitfield, not a enum
     - Revert "usb: early: convert to readl_poll_timeout_atomic()"
     - [x86] KVM: x86: Drop guest CPUID check for host initiated writes to
       MSR_IA32_PERF_CAPABILITIES
     - [x86] tty: n_hdlc: make n_hdlc_tty_wakeup() asynchronous
     - USB: NO_LPM quirk Lenovo USB-C to Ethernet Adapher(RTL8153-04)
     - [arm*] usb: dwc2: fix STM ID/VBUS detection startup delay in
       dwc2_driver_probe
     - PCI/MSI: Clear PCI_MSIX_FLAGS_MASKALL on error
     - PCI/MSI: Mask MSI-X vectors only on success
     - usb: xhci: Extend support for runtime power management for AMD's Yellow
       carp.
     - USB: serial: cp210x: fix CP2105 GPIO registration
     - USB: serial: option: add Telit FN990 compositions
     - btrfs: fix memory leak in __add_inode_ref()
     - btrfs: fix double free of anon_dev after failure to create subvolume
     - zonefs: add MODULE_ALIAS_FS
     - iocost: Fix divide-by-zero on donation from low hweight cgroup
     - [x86] serial: 8250_fintek: Fix garbled text for console
     - timekeeping: Really make sure wall_to_monotonic isn't positive
     - libata: if T_LENGTH is zero, dma direction should be DMA_NONE
     - drm/amdgpu: correct register access for RLC_JUMP_TABLE_RESTORE
     - Input: touchscreen - avoid bitwise vs logical OR warning
     - xsk: Do not sleep in poll() when need_wakeup set
     - media: mxl111sf: change mutex_init() location
     - fuse: annotate lock in fuse_reverse_inval_entry()
     - ovl: fix warning in ovl_create_real()
     - scsi: scsi_debug: Don't call kcalloc() if size arg is zero
     - scsi: scsi_debug: Fix type in min_t to avoid stack OOB
     - scsi: scsi_debug: Sanity check block descriptor length in
       resp_mode_select()
     - rcu: Mark accesses to rcu_state.n_force_qs
     - [armhf] bus: ti-sysc: Fix variable set but not used warning for
       reinit_modules
     - Revert "xsk: Do not sleep in poll() when need_wakeup set"
     - xen/blkfront: harden blkfront against event channel storms
       (CVE-2021-28711)
     - xen/netfront: harden netfront against event channel storms
       (CVE-2021-28712)
     - xen/console: harden hvc_xen against event channel storms (CVE-2021-28713)
     - xen/netback: fix rx queue stall detection (CVE-2021-28714)
     - xen/netback: don't queue unlimited number of packages (CVE-2021-28715)
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.89
     - net: usb: lan78xx: add Allied Telesis AT29M2-AF
     - ext4: prevent partial update of the extent blocks
     - ext4: check for out-of-order index extents in ext4_valid_extent_entries()
     - ext4: check for inconsistent extents between index and leaf block
     - HID: holtek: fix mouse probing
     - [arm64] dts: allwinner: orangepi-zero-plus: fix PHY mode
     - [arm64] spi: change clk_disable_unprepare to clk_unprepare
     - [amd64] IB/qib: Fix memory leak in qib_user_sdma_queue_pkts()
     - [arm64] RDMA/hns: Replace kfree() with kvfree()
     - netfilter: fix regression in looped (broad|multi)cast's MAC handling
     - qlcnic: potential dereference null pointer of rx_queue->page_ring
     - net: accept UFOv6 packages in virtio_net_hdr_to_skb
     - net: skip virtio_net_hdr_set_proto if protocol already set
     - igb: fix deadlock caused by taking RTNL in RPM resume path
     - ipmi: Fix UAF when uninstall ipmi_si and ipmi_msghandler module
     - bonding: fix ad_actor_system option setting to default
     - [amd64] fjes: Check for error irq
     - [armhf] drivers: net: smc911x: Check for error irq
     - sfc: Check null pointer of rx_queue->page_ring
     - sfc: falcon: Check null pointer of rx_queue->page_ring
     - Input: elantech - fix stack out of bound access in
       elantech_change_report_id()
     - [arm*] pinctrl: bcm2835: Change init order for gpio hogs
     - hwmon: (lm90) Fix usage of CONFIG2 register in detect function
     - hwmon: (lm90) Add basic support for TI TMP461
     - hwmon: (lm90) Introduce flag indicating extended temperature support
     - hwmon: (lm90) Drop critical attribute support for MAX6654
     - ALSA: jack: Check the return value of kstrdup()
     - ALSA: drivers: opl3: Fix incorrect use of vp->state
     - ALSA: hda/realtek: Amp init fixup for HP ZBook 15 G6
     - ALSA: hda/realtek: Add new alc285-hp-amp-init model
     - ALSA: hda/realtek: Fix quirk for Clevo NJ51CU
     - Input: atmel_mxt_ts - fix double free in mxt_read_info_block
     - ipmi: bail out if init_srcu_struct fails
     - ipmi: ssif: initialize ssif_info->client early
     - ipmi: fix initialization when workqueue allocation fails
     - [arm64] tee: handle lookup of shm with reference count 0
     - [x86] pkey: Fix undefined behaviour with PKRU_WD_BIT
     - [x86] platform/x86: intel_pmc_core: fix memleak on registration failure
     - [x86] KVM: VMX: Wake vCPU when delivering posted IRQ even if vCPU == this
       vCPU
     - [armhf] pinctrl: stm32: consider the GPIO offset to expose all the GPIO
       lines
     - [arm64,armhf] mmc: sdhci-tegra: Fix switch to HS400ES mode
     - mmc: core: Disable card detect during shutdown
     - [arm64,armhf] mmc: mmci: stm32: clear DLYB_CR after sending tuning command
     - [armel,armhf] 9169/1: entry: fix Thumb2 bug in iWMMXt exception handling
     - mac80211: fix locking in ieee80211_start_ap error path
     - mm/hwpoison: clear MF_COUNT_INCREASED before retrying get_any_page()
     - [arm64] tee: optee: Fix incorrect page free bug
     - f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr()
       (CVE-2021-45469)
     - ceph: fix up non-directory creation in SGID directories
     - usb: gadget: u_ether: fix race in setting MAC address in setup phase
     - [x86] KVM: VMX: Fix stale docs for kvm-intel.emulate_invalid_guest_state
     - mm: mempolicy: fix THP allocations escaping mempolicy restrictions
     - [arm64] Input: elants_i2c - do not check Remark ID on eKTH3900/eKTH5312
     - Input: goodix - add id->model mapping for the "9111" model
     - ASoC: rt5682: fix the wrong jack type detected
     - hwmom: (lm90) Fix citical alarm status for MAX6680/MAX6681
     - hwmon: (lm90) Do not report 'busy' status bit as alarm
     - ax25: NPD bug when detaching AX25 device
     - hamradio: defer ax25 kfree after unregister_netdev
     - hamradio: improve the incomplete fix to avoid NPD
     - phonet/pep: refuse to enable an unbound pipe
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.90
     - Input: i8042 - add deferred probe support
     - Input: i8042 - enable deferred probe quirk for ASUS UM325UA
     - tomoyo: Check exceeded quota early in tomoyo_domain_quota_is_ok().
     - tomoyo: use hwight16() in tomoyo_domain_quota_is_ok()
     - [x86] platform/x86: apple-gmux: use resource_size() with res
     - memblock: fix memblock_phys_alloc() section mismatch error
     - selinux: initialize proto variable in selinux_ip_postroute_compat()
     - scsi: lpfc: Terminate string in lpfc_debugfs_nvmeio_trc_write()
     - net/mlx5: DR, Fix NULL vs IS_ERR checking in dr_domain_init_resources
     - net/mlx5e: Wrap the tx reporter dump callback to extract the sq
     - net/mlx5e: Fix ICOSQ recovery flow for XSK
     - udp: using datalen to cap ipv6 udp max gso segments
     - sctp: use call_rcu to free endpoint
     - net/smc: fix using of uninitialized completions
     - net: usb: pegasus: Do not drop long Ethernet frames
     - net/smc: improved fix wait on already cleared link
     - net/smc: don't send CDC/LLC message if link not ready
     - net/smc: fix kernel panic caused by race of smc_sock
     - igc: Fix TX timestamp support for non-MSI-X platforms
     - net/mlx5e: Fix wrong features assignment in case of error
     - [armhf] net/ncsi: check for error return from call to nla_put_u32
     - i2c: validate user data in compat ioctl
     - nfc: uapi: use kernel size_t to fix user-space builds
     - uapi: fix linux/nfc.h userspace compilation errors
     - drm/amdgpu: When the VCN(1.0) block is suspended, powergating is
       explicitly enabled
     - drm/amdgpu: add support for IP discovery gc_info table v2
     - xhci: Fresco FL1100 controller should not have BROKEN_MSI quirk set.
     - usb: gadget: f_fs: Clear ffs_eventfd in ffs_data_clear.
     - [arm*] binder: fix async_free_space accounting for empty parcels
     - [x86] scsi: vmw_pvscsi: Set residual data length conditionally
     - Input: appletouch - initialize work before device registration
     - Input: spaceball - fix parsing of movement data packets
     - net: fix use-after-free in tw_timer_handler
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.91
     - f2fs: quota: fix potential deadlock
     - tracing: Fix check for trace_percpu_buffer validity in get_trace_buf()
     - tracing: Tag trace_percpu_buffer as a percpu pointer
     - ieee802154: atusb: fix uninit value in atusb_set_extended_addr
     - i40e: Fix to not show opcode msg on unsuccessful VF MAC change
     - iavf: Fix limit of total number of queues to active queues of VF
     - RDMA/core: Don't infoleak GRH fields
     - netrom: fix copying in user data in nr_setsockopt
     - RDMA/uverbs: Check for null return of kmalloc_array
     - mac80211: initialize variable have_higher_than_11mbit
     - sfc: The RX page_ring is optional
     - i40e: fix use-after-free in i40e_sync_filters_subtask()
     - i40e: Fix for displaying message regarding NVM version
     - i40e: Fix incorrect netdev's real number of RX/TX queues
     - ipv4: Check attribute length for RTA_GATEWAY in multipath route
     - ipv4: Check attribute length for RTA_FLOW in multipath route
     - ipv6: Check attribute length for RTA_GATEWAY in multipath route
     - ipv6: Check attribute length for RTA_GATEWAY when deleting multipath route
     - lwtunnel: Validate RTA_ENCAP_TYPE attribute length
     - batman-adv: mcast: don't send link-local multicast to mcast routers
     - sch_qfq: prevent shift-out-of-bounds in qfq_init_qdisc
     - net: ena: Fix undefined state when tx request id is out of bounds
     - net: ena: Fix error handling when calculating max IO queues number
     - xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate
       (CVE-2021-4155)
     - power: supply: core: Break capacity loop
     - rndis_host: support Hytera digital radios
     - phonet: refcount leak in pep_sock_accep (CVE-2021-45095)
     - ipv6: Continue processing multipath route even if gateway attribute is
       invalid
     - ipv6: Do cleanup if attribute validation fails in multipath route
     - scsi: libiscsi: Fix UAF in iscsi_conn_get_param()/iscsi_conn_teardown()
     - ip6_vti: initialize __ip6_tnl_parm struct in vti6_siocdevprivate
     - net: udp: fix alignment problem in udp4_seq_show()
     - [amd64,arm64] atlantic: Fix buff_ring OOB in aq_ring_rx_clean
     - mISDN: change function names to avoid conflicts
     - drm/amd/display: Added power down for DCN10
     - ipv6: raw: check passed optlen before reading
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.92
     - md: revert io stats accounting
     - workqueue: Fix unbind_workers() VS wq_worker_running() race
     - bpf: Fix out of bounds access from invalid *_or_null type verification
       (CVE-2022-23222)
     - Bluetooth: btusb: fix memory leak in btusb_mtk_submit_wmt_recv_urb()
     - Bluetooth: btusb: Add two more Bluetooth parts for WCN6855
     - Bluetooth: btusb: Add support for Foxconn MT7922A
     - Bluetooth: btusb: Add support for Foxconn QCA 0xe0d0
     - Bluetooth: bfusb: fix division by zero in send path
     - [armhf] dts: exynos: Fix BCM4330 Bluetooth reset polarity in I9100
     - USB: core: Fix bug in resuming hub's handling of wakeup requests
     - USB: Fix "slab-out-of-bounds Write" bug in usb_hcd_poll_rh_status
     - ath11k: Fix buffer overflow when scanning with extraie
     - mmc: sdhci-pci: Add PCI ID for Intel ADL
     - veth: Do not record rx queue hint in veth_xmit
     - [x86] mfd: intel-lpss: Fix too early PM enablement in the ACPI ->probe()
     - can: gs_usb: fix use of uninitialized variable, detach device on reception
       of invalid USB data
     - can: isotp: convert struct tpcon::{idx,len} to unsigned int
     - can: gs_usb: gs_can_start_xmit(): zero-initialize hf->{flags,reserved}
     - random: fix data race on crng_node_pool
     - random: fix data race on crng init time
     - random: fix crash on multiple early calls to add_bootloader_randomness()
     - media: Revert "media: uvcvideo: Set unique vdev name based in type"
     - [x86] drm/i915: Avoid bitwise vs logical OR warning in
       snb_wm_latency_quirk()
 .
   [ Salvatore Bonaccorso ]
   * [arm64] drivers/net/ethernet/google: Enable GVE as module (Closes: #996974)
   * Refresh "Export symbols needed by Android drivers"
   * [rt] Update to 5.10.87-rt59
   * Bump ABI to 11
   * [rt] Update to 5.10.90-rt60
   * vfs: fs_context: fix up param length parsing in legacy_parse_param
     (CVE-2022-0185)
 .
   [ Andrew Balmos ]
   * net/can: Enable CONFIG_CAN_MCP251X as module
 .
   [ Cyril Brulebois ]
   * arm64: dts: Add support for Raspberry Pi Compute Module 4 IO Board,
     producing a DTB that's almost entirely identical to what a v5.16-rc8
     build produces, with lots of thanks to Uwe Kleine-König for the heavy
     lifting!
linux (5.10.92-1~bpo10+1) buster-backports; urgency=medium
 .
   * Rebuild for buster-backports:
     - Change ABI number to 0.bpo.11
 .
 linux (5.10.92-1) bullseye-security; urgency=high
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.85
     - usb: gadget: uvc: fix multiple opens
     - gcc-plugins: simplify GCC plugin-dev capability test
     - gcc-plugins: fix gcc 11 indigestion with plugins...
     - HID: quirks: Add quirk for the Microsoft Surface 3 type-cover
     - HID: add hid_is_usb() function to make it simpler for USB detection
     - HID: bigbenff: prevent null pointer dereference
     - HID: wacom: fix problems when device is not a valid USB device
     - HID: check for valid USB device for many HID drivers
     - [amd64] nft_set_pipapo: Fix bucket load in AVX2 lookup routine for six
       8-bit groups
     - [amd64] IB/hfi1: Insure use of smp_processor_id() is preempt disabled
     - [amd64] IB/hfi1: Fix early init panic
     - [amd64] IB/hfi1: Fix leak of rcvhdrtail_dummy_kvaddr
     - can: kvaser_usb: get CAN clock frequency from device
     - [x86] can: sja1000: fix use after free in ems_pcmcia_add_card()
     - drm/amdgpu: move iommu_resume before ip init/resume
     - drm/amdgpu: init iommu after amdkfd device init
     - nfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done
     - vrf: don't run conntrack on vrf with !dflt qdisc
     - bpf, x86: Fix "no previous prototype" warning
     - bpf: Fix the off-by-two error in range markings
     - ice: ignore dropped packets during init
     - bonding: make tx_rebalance_counter an atomic
     - nfp: Fix memory leak in nfp_cpp_area_cache_add()
     - seg6: fix the iif in the IPv6 socket control block
     - udp: using datalen to cap max gso segments
     - netfilter: conntrack: annotate data-races around ct->timeout
     - iavf: restore MSI state on reset
     - iavf: Fix reporting when setting descriptor count
     - [amd64] IB/hfi1: Correct guard on eager buffer deallocation
     - devlink: fix netns refcount leak in devlink_nl_cmd_reload()
     - net/sched: fq_pie: prevent dismantle issue
     - [x86] KVM: x86: Wait for IPIs to be delivered when handling Hyper-V TLB
       flush hypercall
     - mm: bdi: initialize bdi_min_ratio when bdi is unregistered
     - ALSA: hda/realtek - Add headset Mic support for Lenovo ALC897 platform
     - ALSA: hda/realtek: Fix quirk for TongFang PHxTxX1
     - ALSA: pcm: oss: Fix negative period/buffer sizes
     - ALSA: pcm: oss: Limit the period size to 16MB
     - ALSA: pcm: oss: Handle missing errors in snd_pcm_oss_change_params*()
     - scsi: qla2xxx: Format log strings only if needed
     - btrfs: clear extent buffer uptodate when we fail to write it
     - btrfs: replace the BUG_ON in btrfs_del_root_ref with proper error handling
     - md: fix update super 1.0 on rdev size change
     - nfsd: fix use-after-free due to delegation race (Closes: #988044)
     - nfsd: Fix nsfd startup race (again)
     - tracefs: Have new files inherit the ownership of their parent
     - [arm64] clk: qcom: regmap-mux: fix parent clock lookup
     - drm/syncobj: Deal with signalled fences in drm_syncobj_find_fence.
     - [i386] can: pch_can: pch_can_rx_normal: fix use after free
     - libata: add horkage for ASMedia 1092
     - wait: add wake_up_pollfree()
     - binder: use wake_up_pollfree()
     - signalfd: use wake_up_pollfree()
     - aio: keep poll requests on waitqueue until completed
     - aio: fix use-after-free due to missing POLLFREE handling
     - [arm64,armhf] net: mvpp2: fix XDP rx queues registering
     - tracefs: Set all files to the same group ownership as the mount option
     - block: fix ioprio_get(IOPRIO_WHO_PGRP) vs setuid(2)
     - scsi: pm80xx: Do not call scsi_remove_host() in pm8001_alloc()
     - scsi: scsi_debug: Fix buffer size of REPORT ZONES command
     - qede: validate non LSO skb length
     - PM: runtime: Fix pm_runtime_active() kerneldoc comment
     - ASoC: rt5682: Fix crash due to out of scope stack vars
     - [arm64] RDMA/hns: Do not halt commands during reset until later
     - [arm64] RDMA/hns: Do not destroy QP resources in the hw resetting phase
     - i40e: Fix failed opcode appearing if handling messages from VF
     - i40e: Fix pre-set max number of queues for VF
     - i40e: Fix NULL pointer dereference in i40e_dbg_dump_desc
     - [arm64] Revert "PCI: aardvark: Fix support for PCI_ROM_ADDRESS1 on
       emulated bridge"
     - Documentation/locking/locktypes: Update migrate_disable() bits.
     - dt-bindings: net: Reintroduce PHY no lane swap binding
     - net: cdc_ncm: Allow for dwNtbOutMaxSize to be unset or zero
     - [arm64,armhf] net: fec: only clear interrupt of handling queue in
       fec_enet_rx_queue()
     - net, neigh: clear whole pneigh_entry at alloc time
     - net/qla3xxx: fix an error code in ql_adapter_up()
     - USB: gadget: detect too-big endpoint 0 requests (CVE-2021-39685)
     - USB: gadget: zero allocate endpoint 0 buffers (CVE-2021-39685)
     - usb: core: config: fix validation of wMaxPacketValue entries
     - xhci: Remove CONFIG_USB_DEFAULT_PERSIST to prevent xHCI from runtime
       suspending
     - usb: core: config: using bit mask instead of individual bits
     - xhci: avoid race between disable slot command and host runtime suspend
     - iio: gyro: adxrs290: fix data signedness
     - iio: trigger: Fix reference counting
     - iio: stk3310: Don't return error code in interrupt handler
     - iio: mma8452: Fix trigger reference couting
     - iio: ltr501: Don't return error code in trigger handler
     - iio: kxsd9: Don't return error code in trigger handler
     - iio: itg3200: Call iio_trigger_notify_done() on error
     - iio: adc: axp20x_adc: fix charging current reporting on AXP22x
     - iio: ad7768-1: Call iio_trigger_notify_done() on error
     - iio: accel: kxcjk-1013: Fix possible memory leak in probe and remove
     - [armhf] irqchip/aspeed-scu: Replace update_bits with write_bits.
     - [armhf] irqchip/armada-370-xp: Fix return value of
       armada_370_xp_msi_alloc()
     - [armhf] irqchip/armada-370-xp: Fix support for Multi-MSI interrupts
     - [arm64,armhf] irqchip/irq-gic-v3-its.c: Force synchronisation when issuing
       INVALL
     - kbuild: simplify GCC_PLUGINS enablement in dummy-tools/gcc
     - doc: gcc-plugins: update gcc-plugins.rst
     - MAINTAINERS: adjust GCC PLUGINS after gcc-plugin.sh removal
     - Documentation/Kbuild: Remove references to gcc-plugin.sh
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.86
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.87
     - nfc: fix segfault in nfc_genl_dump_devices_done
     - [arm64] drm/msm/dsi: set default num_data_lanes
     - [arm64] KVM: arm64: Save PSTATE early on exit
     - [arm64] Revert "tty: serial: fsl_lpuart: drop earlycon entry for i.MX8QXP"
     - net/mlx4_en: Update reported link modes for 1/10G
     - ALSA: hda: Add Intel DG2 PCI ID and HDMI codec vid
     - ALSA: hda/hdmi: fix HDA codec entry table order for ADL-P
     - [arm64,armhf] i2c: rk3x: Handle a spurious start completion interrupt flag
     - net: netlink: af_netlink: Prevent empty skb by adding a check on len.
     - [x86] KVM: x86: Ignore sparse banks size for an "all CPUs", non-sparse IPI
       req
     - bpf: Fix integer overflow in argument calculation for bpf_map_area_alloc
     - fuse: make sure reclaim doesn't write the inode
     - [x86] hwmon: (dell-smm) Fix warning on /proc/i8k creation error
     - ethtool: do not perform operations on net devices being unregistered
     - [armel,armhf] memblock: free_unused_memmap: use pageblock units instead of
       MAX_ORDER
     - [armel,armhf] memblock: align freed memory map on pageblock boundaries
       with SPARSEMEM
     - memblock: ensure there is no overflow in memblock_overlaps_region()
     - [armel,armhf] arm: extend pfn_valid to take into account freed memory map
       alignment
     - [armel,armhf] arm: ioremap: don't abuse pfn_valid() to check if pfn is in
       RAM
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.88
     - KVM: downgrade two BUG_ONs to WARN_ON_ONCE
     - mac80211: fix regression in SSN handling of addba tx
     - mac80211: mark TX-during-stop for TX in in_reconfig
     - mac80211: send ADDBA requests using the tid/queue of the aggregation
       session
     - mac80211: validate extended element ID is present
     - bpf: Fix signed bounds propagation after mov32
     - bpf: Make 32->64 bounds propagation slightly more robust
     - virtio_ring: Fix querying of maximum DMA mapping size for virtio device
     - dm btree remove: fix use after free in rebalance_children()
     - audit: improve robustness of the audit queue handling
     - [arm64] dts: imx8mp-evk: Improve the Ethernet PHY description
     - [arm64] dts: rockchip: fix rk3308-roc-cc vcc-sd supply
     - [arm64] dts: rockchip: fix rk3399-leez-p710 vcc3v3-lan supply
     - mac80211: track only QoS data frames for admission control
     - ceph: fix duplicate increment of opened_inodes metric
     - ceph: initialize pathlen variable in reconnect_caps_cb
     - [armhf] socfpga: dts: fix qspi node compatible
     - clk: Don't parent clks until the parent is fully registered
     - [armhf] soc: imx: Register SoC device only on i.MX boards
     - virtio/vsock: fix the transport to work with VMADDR_CID_ANY
     - [s390x] kexec_file: fix error handling when applying relocations
     - sch_cake: do not call cake_destroy() from cake_init()
     - inet_diag: fix kernel-infoleak for UDP sockets
     - [arm64] net: hns3: fix use-after-free bug in hclgevf_send_mbx_msg
     - net/sched: sch_ets: don't remove idle classes from the round-robin list
     - drm/ast: potential dereference of null pointer
     - mac80211: agg-tx: don't schedule_and_wake_txq() under sta->lock
     - mac80211: fix lookup when adding AddBA extension element
     - flow_offload: return EOPNOTSUPP for the unsupported mpls action type
     - rds: memory leak in __rds_conn_create() (CVE-2021-45480)
     - [arm64,armhf] soc/tegra: fuse: Fix bitwise vs. logical OR warning
     - igb: Fix removal of unicast MAC filters of VFs
     - igbvf: fix double free in `igbvf_probe`
     - igc: Fix typo in i225 LTR functions
     - ixgbe: Document how to enable NBASE-T support
     - ixgbe: set X550 MDIO speed before talking to PHY
     - netdevsim: Zero-initialize memory for new map's value in function
       nsim_bpf_map_alloc (CVE-2021-4135)
     - net/packet: rx_owner_map depends on pg_vec
     - sfc_ef100: potential dereference of null pointer
     - net: Fix double 0x prefix print in SKB dump
     - net/smc: Prevent smc_release() from long blocking
     - sit: do not call ipip6_dev_free() from sit_init_net()
     - USB: gadget: bRequestType is a bitfield, not a enum
     - Revert "usb: early: convert to readl_poll_timeout_atomic()"
     - [x86] KVM: x86: Drop guest CPUID check for host initiated writes to
       MSR_IA32_PERF_CAPABILITIES
     - [x86] tty: n_hdlc: make n_hdlc_tty_wakeup() asynchronous
     - USB: NO_LPM quirk Lenovo USB-C to Ethernet Adapher(RTL8153-04)
     - [arm*] usb: dwc2: fix STM ID/VBUS detection startup delay in
       dwc2_driver_probe
     - PCI/MSI: Clear PCI_MSIX_FLAGS_MASKALL on error
     - PCI/MSI: Mask MSI-X vectors only on success
     - usb: xhci: Extend support for runtime power management for AMD's Yellow
       carp.
     - USB: serial: cp210x: fix CP2105 GPIO registration
     - USB: serial: option: add Telit FN990 compositions
     - btrfs: fix memory leak in __add_inode_ref()
     - btrfs: fix double free of anon_dev after failure to create subvolume
     - zonefs: add MODULE_ALIAS_FS
     - iocost: Fix divide-by-zero on donation from low hweight cgroup
     - [x86] serial: 8250_fintek: Fix garbled text for console
     - timekeeping: Really make sure wall_to_monotonic isn't positive
     - libata: if T_LENGTH is zero, dma direction should be DMA_NONE
     - drm/amdgpu: correct register access for RLC_JUMP_TABLE_RESTORE
     - Input: touchscreen - avoid bitwise vs logical OR warning
     - xsk: Do not sleep in poll() when need_wakeup set
     - media: mxl111sf: change mutex_init() location
     - fuse: annotate lock in fuse_reverse_inval_entry()
     - ovl: fix warning in ovl_create_real()
     - scsi: scsi_debug: Don't call kcalloc() if size arg is zero
     - scsi: scsi_debug: Fix type in min_t to avoid stack OOB
     - scsi: scsi_debug: Sanity check block descriptor length in
       resp_mode_select()
     - rcu: Mark accesses to rcu_state.n_force_qs
     - [armhf] bus: ti-sysc: Fix variable set but not used warning for
       reinit_modules
     - Revert "xsk: Do not sleep in poll() when need_wakeup set"
     - xen/blkfront: harden blkfront against event channel storms
       (CVE-2021-28711)
     - xen/netfront: harden netfront against event channel storms
       (CVE-2021-28712)
     - xen/console: harden hvc_xen against event channel storms (CVE-2021-28713)
     - xen/netback: fix rx queue stall detection (CVE-2021-28714)
     - xen/netback: don't queue unlimited number of packages (CVE-2021-28715)
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.89
     - net: usb: lan78xx: add Allied Telesis AT29M2-AF
     - ext4: prevent partial update of the extent blocks
     - ext4: check for out-of-order index extents in ext4_valid_extent_entries()
     - ext4: check for inconsistent extents between index and leaf block
     - HID: holtek: fix mouse probing
     - [arm64] dts: allwinner: orangepi-zero-plus: fix PHY mode
     - [arm64] spi: change clk_disable_unprepare to clk_unprepare
     - [amd64] IB/qib: Fix memory leak in qib_user_sdma_queue_pkts()
     - [arm64] RDMA/hns: Replace kfree() with kvfree()
     - netfilter: fix regression in looped (broad|multi)cast's MAC handling
     - qlcnic: potential dereference null pointer of rx_queue->page_ring
     - net: accept UFOv6 packages in virtio_net_hdr_to_skb
     - net: skip virtio_net_hdr_set_proto if protocol already set
     - igb: fix deadlock caused by taking RTNL in RPM resume path
     - ipmi: Fix UAF when uninstall ipmi_si and ipmi_msghandler module
     - bonding: fix ad_actor_system option setting to default
     - [amd64] fjes: Check for error irq
     - [armhf] drivers: net: smc911x: Check for error irq
     - sfc: Check null pointer of rx_queue->page_ring
     - sfc: falcon: Check null pointer of rx_queue->page_ring
     - Input: elantech - fix stack out of bound access in
       elantech_change_report_id()
     - [arm*] pinctrl: bcm2835: Change init order for gpio hogs
     - hwmon: (lm90) Fix usage of CONFIG2 register in detect function
     - hwmon: (lm90) Add basic support for TI TMP461
     - hwmon: (lm90) Introduce flag indicating extended temperature support
     - hwmon: (lm90) Drop critical attribute support for MAX6654
     - ALSA: jack: Check the return value of kstrdup()
     - ALSA: drivers: opl3: Fix incorrect use of vp->state
     - ALSA: hda/realtek: Amp init fixup for HP ZBook 15 G6
     - ALSA: hda/realtek: Add new alc285-hp-amp-init model
     - ALSA: hda/realtek: Fix quirk for Clevo NJ51CU
     - Input: atmel_mxt_ts - fix double free in mxt_read_info_block
     - ipmi: bail out if init_srcu_struct fails
     - ipmi: ssif: initialize ssif_info->client early
     - ipmi: fix initialization when workqueue allocation fails
     - [arm64] tee: handle lookup of shm with reference count 0
     - [x86] pkey: Fix undefined behaviour with PKRU_WD_BIT
     - [x86] platform/x86: intel_pmc_core: fix memleak on registration failure
     - [x86] KVM: VMX: Wake vCPU when delivering posted IRQ even if vCPU == this
       vCPU
     - [armhf] pinctrl: stm32: consider the GPIO offset to expose all the GPIO
       lines
     - [arm64,armhf] mmc: sdhci-tegra: Fix switch to HS400ES mode
     - mmc: core: Disable card detect during shutdown
     - [arm64,armhf] mmc: mmci: stm32: clear DLYB_CR after sending tuning command
     - [armel,armhf] 9169/1: entry: fix Thumb2 bug in iWMMXt exception handling
     - mac80211: fix locking in ieee80211_start_ap error path
     - mm/hwpoison: clear MF_COUNT_INCREASED before retrying get_any_page()
     - [arm64] tee: optee: Fix incorrect page free bug
     - f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr()
       (CVE-2021-45469)
     - ceph: fix up non-directory creation in SGID directories
     - usb: gadget: u_ether: fix race in setting MAC address in setup phase
     - [x86] KVM: VMX: Fix stale docs for kvm-intel.emulate_invalid_guest_state
     - mm: mempolicy: fix THP allocations escaping mempolicy restrictions
     - [arm64] Input: elants_i2c - do not check Remark ID on eKTH3900/eKTH5312
     - Input: goodix - add id->model mapping for the "9111" model
     - ASoC: rt5682: fix the wrong jack type detected
     - hwmom: (lm90) Fix citical alarm status for MAX6680/MAX6681
     - hwmon: (lm90) Do not report 'busy' status bit as alarm
     - ax25: NPD bug when detaching AX25 device
     - hamradio: defer ax25 kfree after unregister_netdev
     - hamradio: improve the incomplete fix to avoid NPD
     - phonet/pep: refuse to enable an unbound pipe
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.90
     - Input: i8042 - add deferred probe support
     - Input: i8042 - enable deferred probe quirk for ASUS UM325UA
     - tomoyo: Check exceeded quota early in tomoyo_domain_quota_is_ok().
     - tomoyo: use hwight16() in tomoyo_domain_quota_is_ok()
     - [x86] platform/x86: apple-gmux: use resource_size() with res
     - memblock: fix memblock_phys_alloc() section mismatch error
     - selinux: initialize proto variable in selinux_ip_postroute_compat()
     - scsi: lpfc: Terminate string in lpfc_debugfs_nvmeio_trc_write()
     - net/mlx5: DR, Fix NULL vs IS_ERR checking in dr_domain_init_resources
     - net/mlx5e: Wrap the tx reporter dump callback to extract the sq
     - net/mlx5e: Fix ICOSQ recovery flow for XSK
     - udp: using datalen to cap ipv6 udp max gso segments
     - sctp: use call_rcu to free endpoint
     - net/smc: fix using of uninitialized completions
     - net: usb: pegasus: Do not drop long Ethernet frames
     - net/smc: improved fix wait on already cleared link
     - net/smc: don't send CDC/LLC message if link not ready
     - net/smc: fix kernel panic caused by race of smc_sock
     - igc: Fix TX timestamp support for non-MSI-X platforms
     - net/mlx5e: Fix wrong features assignment in case of error
     - [armhf] net/ncsi: check for error return from call to nla_put_u32
     - i2c: validate user data in compat ioctl
     - nfc: uapi: use kernel size_t to fix user-space builds
     - uapi: fix linux/nfc.h userspace compilation errors
     - drm/amdgpu: When the VCN(1.0) block is suspended, powergating is
       explicitly enabled
     - drm/amdgpu: add support for IP discovery gc_info table v2
     - xhci: Fresco FL1100 controller should not have BROKEN_MSI quirk set.
     - usb: gadget: f_fs: Clear ffs_eventfd in ffs_data_clear.
     - [arm*] binder: fix async_free_space accounting for empty parcels
     - [x86] scsi: vmw_pvscsi: Set residual data length conditionally
     - Input: appletouch - initialize work before device registration
     - Input: spaceball - fix parsing of movement data packets
     - net: fix use-after-free in tw_timer_handler
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.91
     - f2fs: quota: fix potential deadlock
     - tracing: Fix check for trace_percpu_buffer validity in get_trace_buf()
     - tracing: Tag trace_percpu_buffer as a percpu pointer
     - ieee802154: atusb: fix uninit value in atusb_set_extended_addr
     - i40e: Fix to not show opcode msg on unsuccessful VF MAC change
     - iavf: Fix limit of total number of queues to active queues of VF
     - RDMA/core: Don't infoleak GRH fields
     - netrom: fix copying in user data in nr_setsockopt
     - RDMA/uverbs: Check for null return of kmalloc_array
     - mac80211: initialize variable have_higher_than_11mbit
     - sfc: The RX page_ring is optional
     - i40e: fix use-after-free in i40e_sync_filters_subtask()
     - i40e: Fix for displaying message regarding NVM version
     - i40e: Fix incorrect netdev's real number of RX/TX queues
     - ipv4: Check attribute length for RTA_GATEWAY in multipath route
     - ipv4: Check attribute length for RTA_FLOW in multipath route
     - ipv6: Check attribute length for RTA_GATEWAY in multipath route
     - ipv6: Check attribute length for RTA_GATEWAY when deleting multipath route
     - lwtunnel: Validate RTA_ENCAP_TYPE attribute length
     - batman-adv: mcast: don't send link-local multicast to mcast routers
     - sch_qfq: prevent shift-out-of-bounds in qfq_init_qdisc
     - net: ena: Fix undefined state when tx request id is out of bounds
     - net: ena: Fix error handling when calculating max IO queues number
     - xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate
       (CVE-2021-4155)
     - power: supply: core: Break capacity loop
     - rndis_host: support Hytera digital radios
     - phonet: refcount leak in pep_sock_accep (CVE-2021-45095)
     - ipv6: Continue processing multipath route even if gateway attribute is
       invalid
     - ipv6: Do cleanup if attribute validation fails in multipath route
     - scsi: libiscsi: Fix UAF in iscsi_conn_get_param()/iscsi_conn_teardown()
     - ip6_vti: initialize __ip6_tnl_parm struct in vti6_siocdevprivate
     - net: udp: fix alignment problem in udp4_seq_show()
     - [amd64,arm64] atlantic: Fix buff_ring OOB in aq_ring_rx_clean
     - mISDN: change function names to avoid conflicts
     - drm/amd/display: Added power down for DCN10
     - ipv6: raw: check passed optlen before reading
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.92
     - md: revert io stats accounting
     - workqueue: Fix unbind_workers() VS wq_worker_running() race
     - bpf: Fix out of bounds access from invalid *_or_null type verification
       (CVE-2022-23222)
     - Bluetooth: btusb: fix memory leak in btusb_mtk_submit_wmt_recv_urb()
     - Bluetooth: btusb: Add two more Bluetooth parts for WCN6855
     - Bluetooth: btusb: Add support for Foxconn MT7922A
     - Bluetooth: btusb: Add support for Foxconn QCA 0xe0d0
     - Bluetooth: bfusb: fix division by zero in send path
     - [armhf] dts: exynos: Fix BCM4330 Bluetooth reset polarity in I9100
     - USB: core: Fix bug in resuming hub's handling of wakeup requests
     - USB: Fix "slab-out-of-bounds Write" bug in usb_hcd_poll_rh_status
     - ath11k: Fix buffer overflow when scanning with extraie
     - mmc: sdhci-pci: Add PCI ID for Intel ADL
     - veth: Do not record rx queue hint in veth_xmit
     - [x86] mfd: intel-lpss: Fix too early PM enablement in the ACPI ->probe()
     - can: gs_usb: fix use of uninitialized variable, detach device on reception
       of invalid USB data
     - can: isotp: convert struct tpcon::{idx,len} to unsigned int
     - can: gs_usb: gs_can_start_xmit(): zero-initialize hf->{flags,reserved}
     - random: fix data race on crng_node_pool
     - random: fix data race on crng init time
     - random: fix crash on multiple early calls to add_bootloader_randomness()
     - media: Revert "media: uvcvideo: Set unique vdev name based in type"
     - [x86] drm/i915: Avoid bitwise vs logical OR warning in
       snb_wm_latency_quirk()
 .
   [ Salvatore Bonaccorso ]
   * [arm64] drivers/net/ethernet/google: Enable GVE as module (Closes: #996974)
   * Refresh "Export symbols needed by Android drivers"
   * [rt] Update to 5.10.87-rt59
   * Bump ABI to 11
   * [rt] Update to 5.10.90-rt60
   * vfs: fs_context: fix up param length parsing in legacy_parse_param
     (CVE-2022-0185)
 .
   [ Andrew Balmos ]
   * net/can: Enable CONFIG_CAN_MCP251X as module
 .
   [ Cyril Brulebois ]
   * arm64: dts: Add support for Raspberry Pi Compute Module 4 IO Board,
     producing a DTB that's almost entirely identical to what a v5.16-rc8
     build produces, with lots of thanks to Uwe Kleine-König for the heavy
     lifting!
 .
 linux (5.10.84-1) bullseye; urgency=medium
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.71
     - tty: Fix out-of-bound vmalloc access in imageblit
     - cpufreq: schedutil: Use kobject release() method to free sugov_tunables
     - scsi: qla2xxx: Changes to support kdump kernel for NVMe BFS
     - cpufreq: schedutil: Destroy mutex before kobject_put() frees the memory
     - ALSA: hda/realtek: Quirks to enable speaker output for Lenovo Legion 7i
       15IMHG05, Yoga 7i 14ITL5/15ITL5, and 13s Gen2 laptops.
     - [amd64,arm64] ACPI: NFIT: Use fallback node id when numa info in NFIT
       table is incorrect
     - fs-verity: fix signed integer overflow with i_size near S64_MAX
     - hwmon: (tmp421) handle I2C errors
     - hwmon: (w83793) Fix NULL pointer dereference by removing unnecessary
       structure field
     - hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary
       structure field
     - hwmon: (w83791d) Fix NULL pointer dereference by removing unnecessary
       structure field
     - [arm64,armhf] gpio: pca953x: do not ignore i2c errors
     - scsi: ufs: Fix illegal offset in UPIU event trace
     - mac80211: fix use-after-free in CCMP/GCMP RX
     - [x86] kvmclock: Move this_cpu_pvti into kvmclock.h
     - [x86] KVM: x86: Fix stack-out-of-bounds memory access from
       ioapic_write_indirect()
     - [x86] KVM: x86: nSVM: don't copy virt_ext from vmcb12
     - [x86] KVM: nVMX: Filter out all unsupported controls when eVMCS was
       activated
     - KVM: rseq: Update rseq when processing NOTIFY_RESUME on xfer to KVM guest
     - RDMA/cma: Do not change route.addr.src_addr.ss_family
     - drm/amd/display: Pass PCI deviceid into DC
     - drm/amdgpu: correct initial cp_hqd_quantum for gfx9
     - ipvs: check that ip_vs_conn_tab_bits is between 8 and 20
     - bpf: Handle return value of BPF_PROG_TYPE_STRUCT_OPS prog
     - IB/cma: Do not send IGMP leaves for sendonly Multicast groups
     - RDMA/cma: Fix listener leak in rdma_cma_listen_on_all() failure
     - mac80211: Fix ieee80211_amsdu_aggregate frag_tail bug
     - mac80211: limit injected vht mcs/nss in ieee80211_parse_tx_radiotap
     - mac80211: mesh: fix potentially unaligned access
     - mac80211-hwsim: fix late beacon hrtimer handling
     - sctp: break out if skb_header_pointer returns NULL in sctp_rcv_ootb
     - hwmon: (tmp421) report /PVLD condition as fault
     - hwmon: (tmp421) fix rounding for negative values
     - [arm64] net: enetc: fix the incorrect clearing of IF_MODE bits
     - net: ipv4: Fix rtnexthop len when RTA_FLOW is present
     - smsc95xx: fix stalled rx after link change
     - [x86] drm/i915/request: fix early tracepoints
     - [arm64,armhf] dsa: mv88e6xxx: 6161: Use chip wide MAX MTU
     - [arm64,armhf] dsa: mv88e6xxx: Fix MTU definition
     - [arm64,armhf] dsa: mv88e6xxx: Include tagger overhead when setting MTU for
       DSA and CPU ports
     - e100: fix length calculation in e100_get_regs_len
     - e100: fix buffer overrun in e100_get_regs
     - [arm64] RDMA/hns: Fix inaccurate prints
     - bpf: Exempt CAP_BPF from checks against bpf_jit_limit
     - Revert "block, bfq: honor already-setup queue merges"
     - scsi: csiostor: Add module softdep on cxgb4
     - ixgbe: Fix NULL pointer dereference in ixgbe_xdp_setup
     - [arm64] net: hns3: do not allow call hns3_nic_net_open repeatedly
     - [arm64] net: hns3: keep MAC pause mode when multiple TCs are enabled
     - [arm64] net: hns3: fix mixed flag HCLGE_FLAG_MQPRIO_ENABLE and
       HCLGE_FLAG_DCB_ENABLE
     - [arm64] net: hns3: fix show wrong state when add existing uc mac address
     - [arm64] net: hns3: fix prototype warning
     - [arm64] net: hns3: reconstruct function hns3_self_test
     - [arm64] net: hns3: fix always enable rx vlan filter problem after selftest
     - [arm64,armhf] net: phy: bcm7xxx: Fixed indirect MMD operations
     - net: sched: flower: protect fl_walk() with rcu
     - af_unix: fix races in sk_peer_pid and sk_peer_cred accesses
     - [x86] perf/x86/intel: Update event constraints for ICX
     - nvme: add command id quirk for apple controllers
     - elf: don't use MAP_FIXED_NOREPLACE for elf interpreter mappings
     - debugfs: debugfs_create_file_size(): use IS_ERR to check for error
     - ext4: fix loff_t overflow in ext4_max_bitmap_size()
     - ext4: limit the number of blocks in one ADD_RANGE TLV (Closes: #995425)
     - ext4: fix reserved space counter leakage
     - ext4: add error checking to ext4_ext_replay_set_iblocks()
     - ext4: fix potential infinite loop in ext4_dx_readdir()
     - HID: u2fzero: ignore incomplete packets without data
     - net: udp: annotate data race around udp_sk(sk)->corkflag
     - ASoC: dapm: use component prefix when checking widget names
     - usb: hso: remove the bailout parameter
     - [x86] crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()
       (CVE-2021-3744, CVE-2021-3764)
     - HID: betop: fix slab-out-of-bounds Write in betop_probe
     - netfilter: ipset: Fix oversized kvmalloc() calls
     - mm: don't allow oversized kvmalloc() calls
     - HID: usbhid: free raw_report buffers in usbhid_stop
     - [x86] KVM: x86: Handle SRCU initialization failure during page track init
     - netfilter: conntrack: serialize hash resizes and cleanups
     - netfilter: nf_tables: Fix oversized kvmalloc() calls
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.72
     - [arm64,armhf] spi: rockchip: handle zero length transfers without timing
       out
     - nfsd: back channel stuck in SEQ4_STATUS_CB_PATH_DOWN
     - btrfs: replace BUG_ON() in btrfs_csum_one_bio() with proper error handling
     - btrfs: fix mount failure due to past and transient device flush error
     - net: mdio: introduce a shutdown method to mdio device drivers
     - xen-netback: correct success/error reporting for the SKB-with-fraglist
       case
     - scsi: sd: Free scsi_disk device via put_device()
     - [arm*] usb: dwc2: check return value after calling platform_get_resource()
     - nvme-fc: update hardware queues before using them
     - nvme-fc: avoid race between time out and tear down
     - [arm64] thermal/drivers/tsens: Fix wrong check for tzd in irq handlers
     - scsi: ses: Retry failed Send/Receive Diagnostic commands
     - [arm64,armhf] irqchip/gic: Work around broken Renesas integration
     - smb3: correct smb3 ACL security descriptor
     - KVM: do not shrink halt_poll_ns below grow_start
     - [x86] kvm: Add AMD PMU MSRs to msrs_to_save_all[]
     - [x86] KVM: nSVM: restore int_vector in svm_clear_vintr
     - [x86] perf/x86: Reset destroy callback on event init failure
     - libata: Add ATA_HORKAGE_NO_NCQ_ON_ATI for Samsung 860 and 870 SSD.
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.73
     - [arm64,armhf] usb: chipidea: ci_hdrc_imx: Also search for 'phys' phandle
     - USB: cdc-acm: fix racy tty buffer accesses
     - USB: cdc-acm: fix break reporting
     - usb: typec: tcpm: handle SRC_STARTUP state if cc changes
     - drm/nouveau/kms/tu102-: delay enabling cursor until after assign_windows
     - xen/privcmd: fix error handling in mmap-resource processing
     - [arm64] mmc: meson-gx: do not use memcpy_to/fromio for dram-access-quirk
     - ovl: fix missing negative dentry check in ovl_rename() (CVE-2021-20321)
     - ovl: fix IOCB_DIRECT if underlying fs doesn't support direct IO
     - nfsd: fix error handling of register_pernet_subsys() in init_nfsd()
     - nfsd4: Handle the NFSv4 READDIR 'dircount' hint being zero
     - SUNRPC: fix sign error causing rpcsec_gss drops
     - xen/balloon: fix cancelled balloon action
     - [armhf] dts: omap3430-sdp: Fix NAND device node
     - [armhf] bus: ti-sysc: Add break in switch statement in sysc_init_soc()
     - [arm64] soc: qcom: mdt_loader: Drop PT_LOAD check on hash segment
     - [armhf] dts: imx: Add missing pinctrl-names for panel on M53Menlo
     - [armhf] dts: imx: Fix USB host power regulator polarity on M53Menlo
     - [amd64] PCI: hv: Fix sleep while in non-sleep context when removing child
       devices from the bus
     - iwlwifi: pcie: add configuration of a Wi-Fi adapter on Dell XPS 15
     - [armel,armhf] bpf, arm: Fix register clobbering in div/mod implementation
     - [armhf] soc: ti: omap-prm: Fix external abort for am335x pruss
     - bpf: Fix integer overflow in prealloc_elems_and_freelist()
       (CVE-2021-41864)
     - net/mlx5e: IPSEC RX, enable checksum complete
     - net/mlx5: E-Switch, Fix double allocation of acl flow counter
     - phy: mdio: fix memory leak
     - net_sched: fix NULL deref in fifo_set_limit()
     - [i386] ptp_pch: Load module automatically if ID matches
     - [armhf] imx6: disable the GIC CPU interface before calling stby-poweroff
       sequence
     - net: bridge: use nla_total_size_64bit() in br_get_linkxstats_size()
     - net: bridge: fix under estimation in br_get_linkxstats_size()
     - net/sched: sch_taprio: properly cancel timer from taprio_destroy()
     - net: sfp: Fix typo in state machine debug string
     - netlink: annotate data races around nlk->bound
     - perf jevents: Tidy error handling
     - [armhf] bus: ti-sysc: Use CLKDM_NOAUTO for dra7 dcan1 for errata i893
     - [arm64,armhf] drm/sun4i: dw-hdmi: Fix HDMI PHY clock setup
     - drm/nouveau: avoid a use-after-free when BO init fails
     - drm/nouveau/kms/nv50-: fix file release memory leak
     - drm/nouveau/debugfs: fix file release memory leak
     - [amd64] gve: Correct available tx qpl check
     - [amd64] gve: Avoid freeing NULL pointer
     - rtnetlink: fix if_nlmsg_stats_size() under estimation
     - [amd64] gve: fix gve_get_stats()
     - [amd64] gve: report 64bit tx_bytes counter from gve_handle_report_stats()
     - i40e: fix endless loop under rtnl
     - i40e: Fix freeing of uninitialized misc IRQ vector
     - net: prefer socket bound to interface when not in VRF
     - [powerpc*] iommu: Report the correct most efficient DMA mask for PCI
       devices
     - i2c: acpi: fix resource leak in reconfiguration device addition
     - [s390x] bpf, s390: Fix potential memory leak about jit_data
     - [powerpc*] bpf: Fix BPF_SUB when imm == 0x80000000
     - [powerpc*] pseries/eeh: Fix the kdump kernel crash during eeh_pseries_init
     - [i386] x86/platform/olpc: Correct ifdef symbol to intended
       CONFIG_OLPC_XO15_SCI
     - [x86] entry: Correct reference to intended CONFIG_64_BIT
     - [x86] hpet: Use another crystalball to evaluate HPET usability
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.74
     - ext4: check and update i_disksize properly
     - ext4: correct the error path of ext4_write_inline_data_end()
     - [x86] ASoC: Intel: sof_sdw: tag SoundWire BEs as non-atomic
     - HID: apple: Fix logical maximum and usage maximum of Magic Keyboard JIS
     - netfilter: ip6_tables: zero-initialize fragment offset
     - HID: wacom: Add new Intuos BT (CTL-4100WL/CTL-6100WL) device IDs
     - [x86] ASoC: SOF: loader: release_firmware() on load failure to avoid
       batching
     - netfilter: nf_nat_masquerade: make async masq_inet6_event handling generic
     - netfilter: nf_nat_masquerade: defer conntrack walk to work queue
     - mac80211: Drop frames from invalid MAC address in ad-hoc mode
     - net: prevent user from passing illegal stab size
     - mac80211: check return value of rhashtable_init
     - [x86] vboxfs: fix broken legacy mount signature checking
     - drm/amdgpu: fix gart.bo pin_count leak
     - scsi: ses: Fix unsigned comparison with less than zero
     - scsi: virtio_scsi: Fix spelling mistake "Unsupport" -> "Unsupported"
     - perf/core: fix userpage->time_enabled of inactive events
     - sched: Always inline is_percpu_thread()
     - [armhf] hwmon: (pmbus/ibm-cffps) max_power_out swap changes
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.75
     - ALSA: usb-audio: Add quirk for VF0770
     - ALSA: pcm: Workaround for a wrong offset in SYNC_PTR compat ioctl
     - ALSA: seq: Fix a potential UAF by wrong private_free call order
     - ALSA: hda/realtek: Enable 4-speaker output for Dell Precision 5560 laptop
     - ALSA: hda - Enable headphone mic on Dell Latitude laptops with ALC3254
     - ALSA: hda/realtek: Complete partial device name to avoid ambiguity
     - ALSA: hda/realtek: Add quirk for Clevo X170KM-G
     - ALSA: hda/realtek - ALC236 headset MIC recording issue
     - ALSA: hda/realtek: Add quirk for TongFang PHxTxX1
     - ALSA: hda/realtek: Fix for quirk to enable speaker output on the Lenovo
       13s Gen2
     - ALSA: hda/realtek: Fix the mic type detection issue for ASUS G551JW
     - [s390x] fix strrchr() implementation
     - [arm64] hugetlb: fix CMA gigantic page order for non-4K PAGE_SIZE
     - drm/msm: Avoid potential overflow in timeout_to_jiffies()
     - btrfs: unlock newly allocated extent buffer after error
     - btrfs: deal with errors when replaying dir entry during log replay
     - btrfs: deal with errors when adding inode reference during log replay
     - btrfs: check for error when looking up inode during dir entry replay
     - btrfs: update refs for any root except tree log roots
     - btrfs: fix abort logic in btrfs_replace_file_extents
     - [x86] resctrl: Free the ctrlval arrays when domain_setup_mon_state() fails
     - [x86] mei: me: add Ice Lake-N device id.
     - xhci: guard accesses to ep_state in xhci_endpoint_reset()
     - xhci: Fix command ring pointer corruption while aborting a command
     - xhci: Enable trust tx length quirk for Fresco FL11 USB controller
     - cb710: avoid NULL pointer subtraction
     - [arm64,x86] efi/cper: use stack buffer for error record decoding
     - efi: Change down_interruptible() in virt_efi_reset_system() to
       down_trylock()
     - [armhf] usb: musb: dsps: Fix the probe error path (Closes: 1000900)
     - Input: xpad - add support for another USB ID of Nacon GC-100
     - USB: serial: qcserial: add EM9191 QDL support
     - USB: serial: option: add Quectel EC200S-CN module support
     - USB: serial: option: add Telit LE910Cx composition 0x1204
     - USB: serial: option: add prod. id for Quectel EG91
     - virtio: write back F_VERSION_1 before validate
     - nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells
     - [powerpc*] xive: Discard disabled interrupts in get_irqchip_state()
     - driver core: Reject pointless SYNC_STATE_ONLY device links
     - iio: adc: ad7192: Add IRQ flag
     - iio: adc: ad7780: Fix IRQ flag
     - iio: adc: ad7793: Fix IRQ flag
     - iio: adc128s052: Fix the error handling path of 'adc128_probe()'
     - iio: adc: max1027: Fix wrong shift with 12-bit devices
     - iio: light: opt3001: Fixed timeout error when 0 lux
     - iio: adc: max1027: Fix the number of max1X31 channels
     - iio: dac: ti-dac5571: fix an error code in probe()
     - [arm64] tee: optee: Fix missing devices unregister during optee_remove
     - [armel,armhf] dts: bcm2711-rpi-4-b: Fix usb's unit address
     - [armel,armhf] dts: bcm2711-rpi-4-b: fix sd_io_1v8_reg regulator states
     - [armel,armhf] dts: bcm2711-rpi-4-b: Fix pcie0's unit address formatting
     - nvme-pci: Fix abort command id
     - sctp: account stream padding length for reconf chunk
     - [arm64,armhf] gpio: pca953x: Improve bias setting
     - net/mlx5e: Fix memory leak in mlx5_core_destroy_cq() error path
     - net/mlx5e: Mutually exclude RX-FCS and RX-port-timestamp
     - net: stmmac: fix get_hw_feature() on old hardware
     - ethernet: s2io: fix setting mac address during resume
     - nfc: fix error handling of nfc_proto_register()
     - NFC: digital: fix possible memory leak in digital_tg_listen_mdaa()
     - NFC: digital: fix possible memory leak in digital_in_send_sdd_req()
     - [i386] pata_legacy: fix a couple uninitialized variable bugs
     - ata: ahci_platform: fix null-ptr-deref in
       ahci_platform_enable_regulators()
     - drm/edid: In connector_bad_edid() cap num_of_ext by num_blocks read
     - [arm64] drm/msm: Fix null pointer dereference on pointer edp
     - [arm64] drm/msm/mdp5: fix cursor-related warnings
     - [arm64] drm/msm/a6xx: Track current ctx by seqno
     - [arm64] drm/msm/dsi: Fix an error code in msm_dsi_modeset_init()
     - [arm64] drm/msm/dsi: fix off by one in dsi_bus_clk_enable error handling
     - [arm64] acpi/arm64: fix next_platform_timer() section mismatch error
     - [x86] platform/x86: intel_scu_ipc: Fix busy loop expiry time
     - mqprio: Correct stats in mqprio_dump_class_stats().
     - qed: Fix missing error code in qed_slowpath_start()
     - nfp: flow_offload: move flow_indr_dev_register from app init to app start
     - [arm64] net: mscc: ocelot: warn when a PTP IRQ is raised for an unknown
       skb
     - [arm64,armhf] net: dsa: mv88e6xxx: don't use PHY_DETECT on internal PHY's
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.76
     - xhci: add quirk for host controllers that don't update endpoint DCS
     - io_uring: fix splice_fd_in checks backport typo
     - [armhf] dts: vexpress-v2p-ca9: Fix the SMB unit-address
     - block: decode QUEUE_FLAG_HCTX_ACTIVE in debugfs output
     - [x86] xen/x86: prevent PVH type from getting clobbered
     - NFSD: Keep existing listeners on portlist error
     - netfilter: xt_IDLETIMER: fix panic that occurs when timer_type has garbage
       value
     - ice: fix getting UDP tunnel entry
     - netfilter: ip6t_rt: fix rt0_hdr parsing in rt_mt6
     - netfilter: ipvs: make global sysctl readonly in non-init netns
     - tcp: md5: Fix overlap between vrf and non-vrf keys
     - ipv6: When forwarding count rx stats on the orig netdev
     - [powerpc*] smp: do not decrement idle task preempt count in CPU offline
     - [arm64] net: hns3: reset DWRR of unused tc to zero
     - [arm64] net: hns3: add limit ets dwrr bandwidth cannot be 0
     - [arm64] net: hns3: schedule the polling again when allocation fails
     - [arm64] net: hns3: fix vf reset workqueue cannot exit
     - [arm64] net: hns3: disable sriov before unload hclge layer
     - net: stmmac: Fix E2E delay mechanism
     - e1000e: Fix packet loss on Tiger Lake and later
     - ice: Add missing E810 device ids
     - [arm64] net: enetc: fix ethtool counter name for PM0_TERR
     - can: peak_usb: pcan_usb_fd_decode_status(): fix back to ERROR_ACTIVE state
       notification
     - can: peak_pci: peak_pci_remove(): fix UAF
     - can: isotp: isotp_sendmsg(): fix return error on FC timeout on TX path
     - can: isotp: isotp_sendmsg(): add result check for
       wait_event_interruptible()
     - can: j1939: j1939_tp_rxtimer(): fix errant alert in j1939_tp_rxtimer
     - can: j1939: j1939_netdev_start(): fix UAF for rx_kref of j1939_priv
     - can: j1939: j1939_xtp_rx_dat_one(): cancel session if receive TP.DT with
       error length
     - can: j1939: j1939_xtp_rx_rts_session_new(): abort TP less than 9 bytes
     - ceph: skip existing superblocks that are blocklisted or shut down when
       mounting
     - ceph: fix handling of "meta" errors
     - ocfs2: fix data corruption after conversion from inline format
     - ocfs2: mount fails with buffer overflow in strlen
     - userfaultfd: fix a race between writeprotect and exit_mmap()
     - vfs: check fd has read access in kernel_read_file_from_fd()
     - ALSA: usb-audio: Provide quirk for Sennheiser GSP670 Headset
     - ALSA: hda/realtek: Add quirk for Clevo PC50HS
     - ASoC: DAPM: Fix missing kctl change notifications
     - audit: fix possible null-pointer dereference in audit_filter_rules
     - [powerpc*] powerpc64/idle: Fix SP offsets when saving GPRs
     - [powerpc*] KVM: PPC: Book3S HV: Fix stack handling in
       idle_kvm_start_guest()
     - [powerpc*] KVM: PPC: Book3S HV: Make idle_kvm_start_guest() return 0 if it
       went to guest (CVE-2021-43056)
     - [powerpc*] idle: Don't corrupt back chain when going idle
     - mm, slub: fix mismatch between reconstructed freelist depth and cnt
     - mm, slub: fix potential memoryleak in kmem_cache_open()
     - mm, slub: fix incorrect memcg slab count for bulk free
     - [x86] KVM: nVMX: promptly process interrupts delivered while in guest mode
     - nfc: nci: fix the UAF of rf_conn_info object (CVE-2021-3760)
     - isdn: cpai: check ctr->cnr to avoid array index out of bound
       (CVE-2021-43389)
     - [arm64] net: hns3: fix the max tx size according to user manual
     - ALSA: hda: intel: Allow repeatedly probing on codec configuration errors
     - btrfs: deal with errors when checking if a dir entry exists during log
       replay
     - net: stmmac: add support for dwmac 3.40a
     - isdn: mISDN: Fix sleeping function called from invalid context
     - [x86] platform/x86: intel_scu_ipc: Update timeout value in comment
     - ALSA: hda: avoid write to STATESTS if controller is in reset
     - [x86] perf/x86/msr: Add Sapphire Rapids CPU support
     - scsi: iscsi: Fix set_param() handling
     - scsi: qla2xxx: Fix a memory leak in an error path of qla2x00_process_els()
     - sched/scs: Reset the shadow stack when idle_task_exit
     - [arm64] net: hns3: fix for miscalculation of rx unused desc
     - scsi: core: Fix shost->cmd_per_lun calculation in scsi_add_host_with_dma()
     - can: isotp: isotp_sendmsg(): fix TX buffer concurrent access in
       isotp_sendmsg()
     - [s390x] pci: fix zpci_zdev_put() on reserve
     - net: mdiobus: Fix memory leak in __mdiobus_register
     - tracing: Have all levels of checks prevent recursion
     - e1000e: Separate TGP board type from SPT
     - [armhf] pinctrl: stm32: use valid pin identifier in stm32_pinctrl_resume()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.77
     - [armel,armhf] 9139/1: kprobes: fix arch_init_kprobes() prototype
     - io_uring: don't take uring_lock during iowq cancel
     - [powerpc*] bpf: Fix BPF_MOD when imm == 1
     - [arm64] Avoid premature usercopy failure
     - ext4: fix possible UAF when remounting r/o a mmp-protected file system
     - usbnet: sanity check for maxpacket
     - usbnet: fix error return code in usbnet_probe()
     - pinctrl: amd: disable and mask interrupts on probe
     - ata: sata_mv: Fix the error handling of mv_chip_id()
     - tipc: fix size validations for the MSG_CRYPTO type (CVE-2021-43267)
     - nfc: port100: fix using -ERRNO as command type mask
     - Revert "net: mdiobus: Fix memory leak in __mdiobus_register"
     - mmc: vub300: fix control-message timeouts
     - mmc: cqhci: clear HALT state after CQE enable
     - [armhf] mmc: dw_mmc: exynos: fix the finding clock sample value
     - mmc: sdhci: Map more voltage level to SDHCI_POWER_330
     - [arm64,armhf] mmc: sdhci-esdhc-imx: clear the buffer_read_ready to reset
       standard tuning circuit
     - ocfs2: fix race between searching chunks and release journal_head from
       buffer_head
     - nvme-tcp: fix H2CData PDU send accounting (again)
     - cfg80211: scan: fix RCU in cfg80211_add_nontrans_list()
     - cfg80211: fix management registrations locking
     - net: lan78xx: fix division by zero in send path
     - mm, thp: bail out early in collapse_file for writeback page
     - drm/ttm: fix memleak in ttm_transfered_destroy
     - drm/amdgpu: fix out of bounds write (CVE-2021-42327)
     - cgroup: Fix memory leak caused by missing cgroup_bpf_offline
     - tcp_bpf: Fix one concurrency problem in the tcp_bpf_send_verdict function
     - bpf: Fix potential race in tail call compatibility check
     - bpf: Fix error usage of map_fd and fdget() in generic_map_update_batch()
     - [amd64] IB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt
       fields
     - [amd64] IB/hfi1: Fix abba locking issue with sc_disable()
     - nvmet-tcp: fix data digest pointer calculation
     - nvme-tcp: fix data digest pointer calculation
     - nvme-tcp: fix possible req->offset corruption
     - RDMA/mlx5: Set user priority for DCT
     - [arm64] dts: allwinner: h5: NanoPI Neo 2: Fix ethernet node
     - regmap: Fix possible double-free in regcache_rbtree_exit()
     - net: batman-adv: fix error handling
     - net-sysfs: initialize uid and gid before calling net_ns_get_ownership
     - cfg80211: correct bridge/4addr mode check
     - net: Prevent infinite while loop in skb_tx_hash()
     - RDMA/sa_query: Use strscpy_pad instead of memcpy to copy a string
     - net: ethernet: microchip: lan743x: Fix driver crash when lan743x_pm_resume
       fails
     - net: ethernet: microchip: lan743x: Fix dma allocation failure by using
       dma_set_mask_and_coherent
     - phy: phy_ethtool_ksettings_get: Lock the phy for consistency
     - phy: phy_ethtool_ksettings_set: Move after phy_start_aneg
     - phy: phy_start_aneg: Add an unlocked version
     - phy: phy_ethtool_ksettings_set: Lock the PHY while changing settings
     - sctp: use init_tag from inithdr for ABORT chunk (CVE-2021-3772)
     - sctp: fix the processing for INIT_ACK chunk (CVE-2021-3772)
     - sctp: fix the processing for COOKIE_ECHO chunk (CVE-2021-3772)
     - sctp: add vtag check in sctp_sf_violation (CVE-2021-3772)
     - sctp: add vtag check in sctp_sf_do_8_5_1_E_sa (CVE-2021-3772)
     - sctp: add vtag check in sctp_sf_ootb (CVE-2021-3772)
     - lan743x: fix endianness when accessing descriptors
     - [s390x] KVM: clear kicked_mask before sleeping again
     - [s390x] KVM: preserve deliverable_mask in __airqs_kick_single_vcpu
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.78
     - scsi: core: Put LLD module refcnt after SCSI device is released
     - Revert "io_uring: reinforce cancel on flush during exit"
     - sfc: Fix reading non-legacy supported link modes
     - vrf: Revert "Reset skb conntrack connection..."
     - net: ethernet: microchip: lan743x: Fix skb allocation failure
     - media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt()
       (CVE-2021-42739)
     - Revert "xhci: Set HCD flag to defer primary roothub registration"
     - Revert "usb: core: hcd: Add support for deferring roothub registration"
     - mm: khugepaged: skip huge page collapse for special files
     - Revert "drm/ttm: fix memleak in ttm_transfered_destroy"
     - [arm*] 9120/1: Revert "amba: make use of -1 IRQs warn"
     - [arm64] Revert "wcn36xx: Disable bmps when encryption is disabled"
     - ALSA: usb-audio: Add Schiit Hel device to mixer map quirk table
     - ALSA: usb-audio: Add Audient iD14 to mixer map quirk table
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.79
     - [x86] Revert "x86/kvm: fix vcpu-id indexed array sizes"
     - [arm64,armhf] usb: musb: Balance list entry in musb_gadget_queue
     - usb-storage: Add compatibility quirk flags for iODD 2531/2541
     - [arm*] binder: don't detect sender/target during buffer cleanup
     - printk/console: Allow to disable console output by using console="" or
       console=null
     - staging: rtl8712: fix use-after-free in rtl8712_dl_fw
     - isofs: Fix out of bound access for corrupted isofs image
     - [x86] comedi: dt9812: fix DMA buffers on stack
     - [x86] comedi: ni_usb6501: fix NULL-deref in command paths
     - [x86] comedi: vmk80xx: fix transfer-buffer overflows
     - [x86] comedi: vmk80xx: fix bulk-buffer overflow
     - [x86] comedi: vmk80xx: fix bulk and interrupt message timeouts
     - staging: r8712u: fix control-message timeout
     - [x86] staging: rtl8192u: fix control-message timeouts
     - rsi: fix control-message timeout
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.80
     - xhci: Fix USB 3.1 enumeration issues by increasing roothub power-on-good
       delay
     - usb: xhci: Enable runtime-pm by default on AMD Yellow Carp platform
     - [arm*] binder: use euid from cred instead of using task
     - [arm*] binder: use cred instead of task for selinux checks
     - [arm*] binder: use cred instead of task for getsecid
     - Input: iforce - fix control-message timeout
     - Input: elantench - fix misreporting trackpoint coordinates
       (Closes: #989285)
     - libata: fix read log timeout value
     - ocfs2: fix data corruption on truncate
     - scsi: core: Remove command size deduction from scsi_setup_scsi_cmnd()
     - scsi: qla2xxx: Fix kernel crash when accessing port_speed sysfs file
     - scsi: qla2xxx: Fix use after free in eh_abort path
     - [arm64,armhf] mmc: dw_mmc: Dont wait for DRTO on Write RSP error
     - exfat: fix incorrect loading of i_blocks for large files
     - tpm: Check for integer overflow in tpm2_map_response_body()
     - media: ite-cir: IR receiver stop working after receive overflow
       (Closes: #996672)
     - media: ir-kbd-i2c: improve responsiveness of hauppauge zilog receivers
       (Closes: #994050)
     - media: v4l2-ioctl: Fix check_ext_ctrls
     - ALSA: hda/realtek: Fix mic mute LED for the HP Spectre x360 14
     - ALSA: hda/realtek: Add a quirk for HP OMEN 15 mute LED
     - ALSA: hda/realtek: Add quirk for Clevo PC70HS
     - ALSA: hda/realtek: Headset fixup for Clevo NH77HJQ
     - ALSA: hda/realtek: Add a quirk for Acer Spin SP513-54N
     - ALSA: hda/realtek: Add quirk for ASUS UX550VE
     - ALSA: hda/realtek: Add quirk for HP EliteBook 840 G7 mute LED
     - ALSA: ua101: fix division by zero at probe
     - ALSA: 6fire: fix control and bulk message timeouts
     - ALSA: line6: fix control and interrupt message timeouts
     - ALSA: usb-audio: Line6 HX-Stomp XL USB_ID for 48k-fixed quirk
     - ALSA: usb-audio: Add registration quirk for JBL Quantum 400
     - ALSA: hda: Free card instance properly at probe errors
     - ALSA: synth: missing check for possible NULL after the call to kstrdup
     - ALSA: timer: Fix use-after-free problem
     - ALSA: timer: Unconditionally unlink slave instances, too
     - ext4: fix lazy initialization next schedule time computation in more
       granular unit
     - ext4: ensure enough credits in ext4_ext_shift_path_extents
     - ext4: refresh the ext4_ext_path struct after dropping i_data_sem.
     - fuse: fix page stealing
     - [x86] cpu: Fix migration safety with X86_BUG_NULL_SEL
     - [x86] irq: Ensure PI wakeup handler is unregistered before module unload
     - ASoC: soc-core: fix null-ptr-deref in snd_soc_del_component_unlocked()
     - ALSA: hda/realtek: Fixes HP Spectre x360 15-eb1xxx speakers
     - [arm64] cavium: Return negative value when pci_alloc_irq_vectors() fails
     - scsi: qla2xxx: Return -ENOMEM if kzalloc() fails
     - scsi: qla2xxx: Fix unmap of already freed sgl
     - mISDN: Fix return values of the probe function
     - [arm64] cavium: Fix return values of the probe function
     - sfc: Export fibre-specific supported link modes
     - sfc: Don't use netif_info before net_device setup
     - [armhf] reset: socfpga: add empty driver allowing consumers to probe
     - drm: panel-orientation-quirks: Add quirk for Aya Neo 2021
     - bpf: Define bpf_jit_alloc_exec_limit for arm64 JIT
     - bpf: Prevent increasing bpf_jit_limit above max
     - xen/netfront: stop tx queues during live migration
     - nvmet-tcp: fix a memory leak when releasing a queue
     - [armhf] spi: spl022: fix Microwire full duplex mode
     - net: multicast: calculate csum of looped-back and forwarded packets
     - [armhf] watchdog: Fix OMAP watchdog early handling
     - drm: panel-orientation-quirks: Add quirk for GPD Win3
     - block: schedule queue restart after BLK_STS_ZONE_RESOURCE
     - nvmet-tcp: fix header digest verification
     - r8169: Add device 10ec:8162 to driver r8169
     - [x86] vmxnet3: do not stop tx queues after netif_device_detach()
     - nfp: bpf: relax prog rejection for mtu check through max_pkt_offset
     - net/smc: Fix smc_link->llc_testlink_time overflow
     - net/smc: Correct spelling mistake to TCPF_SYN_RECV
     - rds: stop using dmapool
     - btrfs: clear MISSING device status bit in btrfs_close_one_device
     - btrfs: fix lost error handling when replaying directory deletes
     - btrfs: call btrfs_check_rw_degradable only if there is a missing device
     - [x86] KVM: VMX: Unregister posted interrupt wakeup handler on hardware
       unsetup
     - selinux: fix race condition when computing ocontext SIDs
     - [armhf] regulator: s5m8767: do not use reset value as DVS voltage if GPIO
       DVS is disabled
     - [amd64] EDAC/sb_edac: Fix top-of-high-memory value for Broadwell/Haswell
     - [x86] mwifiex: fix division by zero in fw download path
     - ath6kl: fix division by zero in send path
     - ath6kl: fix control-message timeout
     - ath10k: fix control-message timeout
     - ath10k: fix division by zero in send path
     - PCI: Mark Atheros QCA6174 to avoid bus reset
     - rtl8187: fix control-message timeouts
     - [arm64] wcn36xx: Fix HT40 capability for 2Ghz band
     - [arm64] wcn36xx: Fix tx_status mechanism
     - [arm64] wcn36xx: Fix (QoS) null data frame bitrate/modulation
     - PM: sleep: Do not let "syscore" devices runtime-suspend during system
       transitions
     - mwifiex: Read a PCI register after writing the TX ring write pointer
     - mwifiex: Try waking the firmware until we get an interrupt
     - libata: fix checking of DMA state
     - [arm64] wcn36xx: handle connection loss indication
     - rsi: fix occasional initialisation failure with BT coex
     - rsi: fix key enabled check causing unwanted encryption for vap_id > 0
     - rsi: fix rate mask set leading to P2P failure
     - rsi: Fix module dev_oper_mode parameter description
     - [x86] perf/x86/intel/uncore: Support extra IMC channel on Ice Lake server
     - [x86] perf/x86/intel/uncore: Fix Intel ICX IIO event constraints
     - RDMA/qedr: Fix NULL deref for query_qp on the GSI QP
     - signal: Remove the bogus sigkill_pending in ptrace_stop
     - [mips*] signal/mips: Update (_save|_restore)_fp_context to fail with
       -EFAULT
     - [arm64] soc: fsl: dpio: replace smp_processor_id with raw_smp_processor_id
     - [arm64] soc: fsl: dpio: use the combined functions to protect critical
       zone
     - [x86] power: supply: max17042_battery: Prevent int underflow in
       set_soc_threshold
     - [x86] power: supply: max17042_battery: use VFSOC for capacity when no rsns
     - [arm64] KVM: arm64: Extract ESR_ELx.EC only
     - [x86] KVM: nVMX: Query current VMCS when determining if MSR bitmaps are in
       use
     - can: j1939: j1939_tp_cmd_recv(): ignore abort message in the BAM transport
     - can: j1939: j1939_can_recv(): ignore messages with invalid source address
     - ring-buffer: Protect ring_buffer_reset() from reentrancy
     - serial: core: Fix initializing and restoring termios speed
     - ifb: fix building without CONFIG_NET_CLS_ACT
     - ALSA: mixer: oss: Fix racy access to slots
     - ALSA: mixer: fix deadlock in snd_mixer_oss_set_volume
     - xen/balloon: add late_initcall_sync() for initial ballooning done
     - ovl: fix use after free in struct ovl_aio_req
     - [arm*] PCI: pci-bridge-emul: Fix emulation of W1C bits
     - [arm64] PCI: aardvark: Do not clear status bits of masked interrupts
     - [arm64] PCI: aardvark: Fix checking for link up via LTSSM state
     - [arm64] PCI: aardvark: Do not unmask unused interrupts
     - [arm64] PCI: aardvark: Fix reporting Data Link Layer Link Active
     - [arm64] PCI: aardvark: Fix configuring Reference clock
     - [arm64] PCI: aardvark: Fix return value of MSI domain .alloc() method
     - [arm64] PCI: aardvark: Read all 16-bits from PCIE_MSI_PAYLOAD_REG
     - [arm64] PCI: aardvark: Fix support for bus mastering and PCI_COMMAND on
       emulated bridge
     - [arm64] PCI: aardvark: Fix support for PCI_BRIDGE_CTL_BUS_RESET on
       emulated bridge
     - [arm64] PCI: aardvark: Set PCI Bridge Class Code to PCI Bridge
     - [arm64] PCI: aardvark: Fix support for PCI_ROM_ADDRESS1 on emulated bridge
     - quota: check block number when reading the block in quota file
     - quota: correct error number in free_dqentry()
     - pinctrl: core: fix possible memory leak in pinctrl_enable()
     - iio: dac: ad5446: Fix ad5622_write() return value
     - iio: ad5770r: make devicetree property reading consistent
     - USB: serial: keyspan: fix memleak on probe errors
     - serial: 8250: fix racy uartclk update
     - USB: iowarrior: fix control-message timeouts
     - [arm64,armhf] USB: chipidea: fix interrupt deadlock
     - [x86] power: supply: max17042_battery: Clear status bits in interrupt
       handler
     - dma-buf: WARN on dmabuf release with pending attachments
     - drm: panel-orientation-quirks: Update the Lenovo Ideapad D330 quirk (v2)
     - drm: panel-orientation-quirks: Add quirk for KD Kurio Smart C15200 2-in-1
     - drm: panel-orientation-quirks: Add quirk for the Samsung Galaxy Book 10.6
     - Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg()
       (CVE-2021-3640)
     - Bluetooth: fix use-after-free error in lock_sock_nested()
     - drm/panel-orientation-quirks: add Valve Steam Deck
     - [x86] platform/x86: wmi: do not fail if disabling fails
     - locking/lockdep: Avoid RCU-induced noinstr fail
     - net: sched: update default qdisc visibility after Tx queue cnt changes
     - rcu-tasks: Move RTGS_WAIT_CBS to beginning of rcu_tasks_kthread() loop
     - ath11k: Align bss_chan_info structure with firmware
     - [x86] Increase exception stack sizes
     - mwifiex: Run SET_BSS_MODE when changing from P2P to STATION vif-type
     - mwifiex: Properly initialize private structure on interface type changes
     - fscrypt: allow 256-bit master keys with AES-256-XTS
     - drm/amdgpu: Fix MMIO access page fault
     - ath11k: Avoid reg rules update during firmware recovery
     - ath11k: add handler for scan event WMI_SCAN_EVENT_DEQUEUED
     - ath11k: Change DMA_FROM_DEVICE to DMA_TO_DEVICE when map reinjected
       packets
     - ath10k: high latency fixes for beacon buffer
     - media: netup_unidvb: handle interrupt properly according to the firmware
     - media: uvcvideo: Set capability in s_param
     - media: uvcvideo: Return -EIO for control errors
     - media: uvcvideo: Set unique vdev name based in type
     - [armhf] media: imx: set a media_device bus_info string
     - media: mceusb: return without resubmitting URB in case of -EPROTO error.
     - rtw88: fix RX clock gate setting while fifo dump
     - brcmfmac: Add DMI nvram filename quirk for Cyberbook T116 tablet
     - ipmi: Disable some operations during a panic
     - fs/proc/uptime.c: Fix idle time reporting in /proc/uptime
     - ACPICA: Avoid evaluating methods too early during system resume
     - media: usb: dvd-usb: fix uninit-value bug in dibusb_read_eeprom_byte()
     - net-sysfs: try not to restart the syscall if it will fail eventually
     - tracefs: Have tracefs directories not set OTH permission bits by default
     - ath: dfs_pattern_detector: Fix possible null-pointer dereference in
       channel_detector_create()
     - iov_iter: Fix iov_iter_get_pages{,_alloc} page fault return value
     - ACPI: battery: Accept charges over the design capacity as full
     - net: phy: micrel: make *-skew-ps check more lenient
     - [arm64] drm/msm: prevent NULL dereference in msm_gpu_crashstate_capture()
     - block: bump max plugged deferred size from 16 to 32
     - md: update superblock after changing rdev flags in state_store
     - memstick: r592: Fix a UAF bug when removing the driver
     - lib/xz: Avoid overlapping memcpy() with invalid input with in-place
       decompression
     - lib/xz: Validate the value before assigning it to an enum variable
     - workqueue: make sysfs of unbound kworker cpumask more clever
     - mwl8k: Fix use-after-free in mwl8k_fw_state_machine()
     - block: remove inaccurate requeue check
     - nvmet: fix use-after-free when a port is removed
     - nvmet-rdma: fix use-after-free when a port is removed
     - nvmet-tcp: fix use-after-free when a port is removed
     - nvme: drop scan_lock and always kick requeue list when removing namespaces
     - PM: hibernate: Get block device exclusively in swsusp_check()
     - iwlwifi: mvm: disable RX-diversity in powersave
     - gre/sit: Don't generate link-local addr if addr_gen_mode is
       IN6_ADDR_GEN_MODE_NONE
     - gfs2: Cancel remote delete work asynchronously
     - gfs2: Fix glock_hash_walk bugs
     - vrf: run conntrack only in context of lower/physdev for locally generated
       packets
     - net: annotate data-race in neigh_output()
     - ACPI: AC: Quirk GK45 to skip reading _PSR
     - btrfs: reflink: initialize return value to 0 in btrfs_extent_same()
     - btrfs: do not take the uuid_mutex in btrfs_rm_device
     - [arm64] wcn36xx: Correct band/freq reporting on RX
     - [x86] hyperv: Protect set_hv_tscchange_cb() against getting preempted
     - drm/amd/display: dcn20_resource_construct reduce scope of FPU enabled
     - task_stack: Fix end_of_stack() for architectures with upwards-growing
       stack
     - erofs: don't trigger WARN() when decompression fails
     - netfilter: conntrack: set on IPS_ASSURED if flows enters internal stream
       state
     - Bluetooth: fix init and cleanup of sco_conn.timeout_work
     - rcu: Fix existing exp request check in sync_sched_exp_online_cleanup()
     - objtool: Add xen_start_kernel() to noreturn list
     - [x86] xen: Mark cpu_bringup_and_idle() as dead_end_function
     - objtool: Fix static_call list generation
     - virtio-gpu: fix possible memory allocation failure
     - lockdep: Let lock_is_held_type() detect recursive read as read
     - net: net_namespace: Fix undefined member in key_remove_domain()
     - cgroup: Make rebind_subsystems() disable v2 controllers all at once
     - [arm64] wcn36xx: Fix Antenna Diversity Switching
     - Bluetooth: btmtkuart: fix a memleak in mtk_hci_wmt_sync
     - [arm64] crypto: caam - disable pkc for non-E SoCs
     - rxrpc: Fix _usecs_to_jiffies() by using usecs_to_jiffies()
     - ath11k: fix some sleeping in atomic bugs
     - ath11k: Avoid race during regd updates
     - ath11k: fix packet drops due to incorrect 6 GHz freq value in rx status
     - ath11k: Fix memory leak in ath11k_qmi_driver_event_work
     - ath10k: Fix missing frame timestamp for beacon/probe-resp
     - ath10k: sdio: Add missing BH locking around napi_schdule()
     - drm/ttm: stop calling tt_swapin in vm_access
     - [arm64] mm: update max_pfn after memory hotplug
     - drm/amdgpu: fix warning for overflow check
     - media: em28xx: add missing em28xx_close_extension
     - media: dvb-usb: fix ununit-value in az6027_rc_query
     - media: v4l2-ioctl: S_CTRL output the right value
     - media: si470x: Avoid card name truncation
     - [x86] media: tm6000: Avoid card name truncation
     - media: cx23885: Fix snd_card_free call on null card pointer
     - kprobes: Do not use local variable when creating debugfs file
     - cpuidle: Fix kobject memory leaks in error paths
     - media: em28xx: Don't use ops->suspend if it is NULL
     - ath9k: Fix potential interrupt storm on queue reset
     - PM: EM: Fix inefficient states detection
     - [amd64] EDAC/amd64: Handle three rank interleaving mode
     - rcu: Always inline rcu_dynticks_task*_{enter,exit}()
     - netfilter: nft_dynset: relax superfluous check on set updates
     - [x86] crypto: qat - detect PFVF collision after ACK
     - [x86] crypto: qat - disregard spurious PFVF interrupts
     - b43legacy: fix a lower bounds test
     - b43: fix a lower bounds test
     - [amd64] gve: Recover from queue stall due to missed IRQ
     - [armhf] mmc: sdhci-omap: Fix NULL pointer exception if regulator is not
       configured
     - [armhf] mmc: sdhci-omap: Fix context restore
     - memstick: jmb38x_ms: use appropriate free function in
       jmb38x_ms_alloc_host()
     - net, neigh: Fix NTF_EXT_LEARNED in combination with NTF_USE
     - hwmon: Fix possible memleak in __hwmon_device_register()
     - ath10k: fix max antenna gain unit
     - kernel/sched: Fix sched_fork() access an invalid sched_task_group
     - tcp: switch orphan_count to bare per-cpu counters
     - [arm64] drm/msm: potential error pointer dereference in init()
     - [arm64] drm/msm: uninitialized variable in msm_gem_import()
     - net: stream: don't purge sk_error_queue in sk_stream_kill_queues()
     - [x86] platform/x86: thinkpad_acpi: Fix bitwise vs. logical warning
     - mt76: mt76x02: fix endianness warnings in mt76x02_mac.c
     - rsi: stop thread firstly in rsi_91x_init() error handling
     - mwifiex: Send DELBA requests according to spec
     - [arm64] net: enetc: unmap DMA in enetc_send_cmd()
     - phy: micrel: ksz8041nl: do not use power down mode
     - nvme-rdma: fix error code in nvme_rdma_setup_ctrl
     - PM: hibernate: fix sparse warnings
     - [arm64] drm/msm: Fix potential NULL dereference in DPU SSPP
     - bpftool: Avoid leaking the JSON writer prepared for program metadata
     - [s390x] gmap: don't unconditionally call pte_unmap_unlock() in
       __gmap_zap()
     - [s390x] KVM: pv: avoid double free of sida page
     - [s390x] KVM: pv: avoid stalls for kvm_s390_pv_init_vm
     - tpm: fix Atmel TPM crash caused by too frequent queries
     - tpm_tis_spi: Add missing SPI ID
     - tcp: don't free a FIN sk_buff in tcp_remove_empty_skb()
     - [s390x] KVM: Fix handle_sske page fault handling
     - libertas_tf: Fix possible memory leak in probe and disconnect
     - libertas: Fix possible memory leak in probe and disconnect
     - [arm64] wcn36xx: add proper DMA memory barriers in rx path
     - [arm64] wcn36xx: Fix discarded frames due to wrong sequence number
     - drm/amdgpu/gmc6: fix DMA mask from 44 to 40 bits
     - [amd64,arm64] net: amd-xgbe: Toggle PLL settings during rate change
     - net: phylink: avoid mvneta warning when setting pause parameters
     - crypto: pcrypt - Delay write to padata->info
     - udp6: allow SO_MARK ctrl msg to affect routing
     - cgroup: Fix rootcg cpu.stat guest double counting
     - bpf: Fix propagation of bounds from 64-bit min/max into 32-bit and
       var_off.
     - bpf: Fix propagation of signed bounds from 64-bit min/max into 32-bit.
     - iio: st_sensors: Call st_sensors_power_enable() from bus drivers
     - iio: st_sensors: disable regulators after device unregistration
     - RDMA/bnxt_re: Fix query SRQ failure
     - [arm64] dts: meson-g12a: Fix the pwm regulator supply properties
     - [armhf] bus: ti-sysc: Fix timekeeping_suspended warning on resume
     - scsi: dc395: Fix error case unwinding
     - JFS: fix memleak in jfs_mount
     - ALSA: hda: Reduce udelay() at SKL+ position reporting
     - ALSA: hda: Release controller display power during shutdown/reboot
     - ALSA: hda: Fix hang during shutdown due to link reset
     - ALSA: hda: Use position buffer for SKL+ again
     - soundwire: debugfs: use controller id and link_id for debugfs
     - scsi: pm80xx: Fix misleading log statement in pm8001_mpi_get_nvmd_resp()
     - driver core: Fix possible memory leak in device_link_add()
     - [x86] ASoC: SOF: topology: do not power down primary core during topology
       removal
     - [arm64,armhf] soc/tegra: Fix an error handling path in
       tegra_powergate_power_up()
     - [powerpc*] Refactor is_kvm_guest() declaration to new header
     - [powerpc*] Rename is_kvm_guest() to check_kvm_guest()
     - [powerpc*] Reintroduce is_kvm_guest() as a fast-path check
     - [powerpc*] Fix is_kvm_guest() / kvm_para_available()
     - [powerpc*] fix unbalanced node refcount in check_kvm_guest()
     - serial: 8250_dw: Drop wrong use of ACPI_PTR()
     - scsi: csiostor: Uninitialized data in csio_ln_vnp_read_cbfn()
     - RDMA/mlx4: Return missed an error if device doesn't support steering
     - iio: adis: do not disabe IRQs in 'adis_init()'
     - scsi: ufs: Refactor ufshcd_setup_clocks() to remove skip_ref_clk
     - [arm64,armhf] serial: imx: fix detach/attach of serial console
     - [arm*] usb: dwc2: drd: fix dwc2_force_mode call in dwc2_ovr_init
     - [arm*] usb: dwc2: drd: fix dwc2_drd_role_sw_set when clock could be
       disabled
     - [arm*] usb: dwc2: drd: reset current session before setting the new one
     - [arm64] firmware: qcom_scm: Fix error retval in
       __qcom_scm_is_call_available()
     - [arm64] phy: qcom-qusb2: Fix a memory leak on probe
     - [armhf] phy: ti: gmii-sel: check of_get_address() for failure
     - [arm64] serial: xilinx_uartps: Fix race condition causing stuck TX
     - HID: u2fzero: clarify error check and length calculations
     - HID: u2fzero: properly handle timeouts in usb_submit_urb
     - virtio_ring: check desc == NULL when using indirect with packed
     - [mips*] cm: Convert to bitfield API to fix out-of-bounds access
     - apparmor: fix error check
     - rpmsg: Fix rpmsg_create_ept return when RPMSG config is not defined
     - nfsd: don't alloc under spinlock in rpc_parse_scope_id
     - NFS: Fix dentry verifier races
     - pnfs/flexfiles: Fix misplaced barrier in nfs4_ff_layout_prepare_ds
     - drm/plane-helper: fix uninitialized variable reference
     - [arm64] PCI: aardvark: Don't spam about PIO Response Status
     - [arm64] PCI: aardvark: Fix preserving PCI_EXP_RTCTL_CRSSVE flag on
       emulated bridge
     - opp: Fix return in _opp_add_static_v2()
     - NFS: Fix deadlocks in nfs_scan_commit_list()
     - fs: orangefs: fix error return code of orangefs_revalidate_lookup()
     - [arm64] mtd: spi-nor: hisi-sfc: Remove excessive clk_disable_unprepare()
     - mtd: core: don't remove debugfs directory if device is in use
     - [armhf] remoteproc: Fix a memory leak in an error handling path in
       'rproc_handle_vdev()'
     - NFS: Fix up commit deadlocks
     - NFS: Fix an Oops in pnfs_mark_request_commit()
     - Fix user namespace leak
     - [arm64] soc: fsl: dpaa2-console: free buffer before returning from
       dpaa2_console_read
     - netfilter: nfnetlink_queue: fix OOB when mac header was cleared
     - [x86] watchdog: f71808e_wdt: fix inaccurate report in WDIOC_GETTIMEOUT
     - scsi: qla2xxx: Changes to support FCP2 Target
     - scsi: qla2xxx: Relogin during fabric disturbance
     - scsi: qla2xxx: Fix gnl list corruption
     - scsi: qla2xxx: Turn off target reset during issue_lip
     - NFSv4: Fix a regression in nfs_set_open_stateid_locked()
     - xen-pciback: Fix return in pm_ctrl_init()
     - [armhf] net: davinci_emac: Fix interrupt pacing disable
     - ethtool: fix ethtool msg len calculation for pause stats
     - net: vlan: fix a UAF in vlan_dev_real_dev()
     - ice: Fix replacing VF hardware MAC to existing MAC filter
     - ice: Fix not stopping Tx queues for VFs
     - [x86] ACPI: PMIC: Fix intel_pmic_regs_handler() read accesses
     - net: phy: fix duplex out of sync problem while changing settings
     - bonding: Fix a use-after-free problem when bond_sysfs_slave_add() failed
     - mfd: core: Add missing of_node_put for loop iteration
     - mm/zsmalloc.c: close race window between zs_pool_dec_isolated() and
       zs_unregister_migration()
     - zram: off by one in read_block_state()
     - llc: fix out-of-bound array index in llc_sk_dev_hash()
     - nfc: pn533: Fix double free when pn533_fill_fragment_skbs() fails
     - [arm64] pgtable: make __pte_to_phys/__phys_to_pte_val inline functions
     - bpf, sockmap: Remove unhash handler for BPF sockmap usage
     - bpf: sockmap, strparser, and tls are reusing qdisc_skb_cb and colliding
     - [amd64] gve: Fix off by one in gve_tx_timeout()
     - seq_file: fix passing wrong private data
     - net/sched: sch_taprio: fix undefined behavior in ktime_mono_to_any
     - [arm64] net: hns3: fix kernel crash when unload VF while it is being reset
     - [arm64] net: hns3: allow configure ETS bandwidth of all TCs
     - net: stmmac: allow a tc-taprio base-time of zero
     - vsock: prevent unnecessary refcnt inc for nonblocking connect
     - net/smc: fix sk_refcnt underflow on linkdown and fallback
     - cxgb4: fix eeprom len when diagnostics not implemented
     - [armel,armhf] 9155/1: fix early early_iounmap()
     - [armhf] 9156/1: drop cc-option fallbacks for architecture selection
     - [x86] mce: Add errata workaround for Skylake SKX37
     - posix-cpu-timers: Clear task::posix_cputimers_work in copy_process()
     - f2fs: should use GFP_NOFS for directory inodes
     - net, neigh: Enable state migration between NUD_PERMANENT and NTF_USE
     - 9p/net: fix missing error check in p9_check_errors
     - memcg: prohibit unconditional exceeding the limit of dying tasks
     - [powerpc*] lib: Add helper to check if offset is within conditional branch
       range
     - [powerpc*] bpf: Validate branch ranges
     - [powerpc*] security: Add a helper to query stf_barrier type
     - [powerpc*] bpf: Emit stf barrier instruction sequences for BPF_NOSPEC
     - mm, oom: pagefault_out_of_memory: don't force global OOM for dying tasks
     - mm, oom: do not trigger out_of_memory from the #PF
     - video: backlight: Drop maximum brightness override for brightness zero
     - [s390x] cio: check the subchannel validity for dev_busid
     - [s390x] tape: fix timer initialization in tape_std_assign()
     - [s390x] ap: Fix hanging ioctl caused by orphaned replies
     - [s390x] cio: make ccw_device_dma_* more robust
     - [powerpc*] powernv/prd: Unregister OPAL_MSG_PRD2 notifier during module
       unload
     - [arm64,armhf] drm/sun4i: Fix macros in sun8i_csc.h
     - PCI: Add PCI_EXP_DEVCTL_PAYLOAD_* macros
     - [arm64] PCI: aardvark: Fix PCIe Max Payload Size setting
     - SUNRPC: Partial revert of commit 6f9f17287e78
     - ath10k: fix invalid dma_addr_t token assignment
     - arch/cc: Introduce a function to check for confidential computing features
     - [arm64,armhf] soc/tegra: pmc: Fix imbalanced clock disabling in error code
       path
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.81
     - block: Add a helper to validate the block size
     - loop: Use blk_validate_block_size() to validate block size
     - bootconfig: init: Fix memblock leak in xbc_make_cmdline()
     - net: stmmac: add clocks management for gmac driver
     - net: stmmac: fix missing unlock on error in stmmac_suspend()
     - net: stmmac: fix system hang if change mac address after interface ifdown
     - net: stmmac: fix issue where clk is being unprepared twice
     - [arm64,armhf] net: stmmac: dwmac-rk: fix unbalanced pm_runtime_enable
       warnings
     - [x86] iopl: Fake iopl(3) CLI/STI usage
     - PCI/MSI: Destroy sysfs before freeing entries
     - PCI/MSI: Deal with devices lying about their MSI mask capability
     - PCI: Add MSI masking quirk for Nvidia ION AHCI
     - erofs: remove the occupied parameter from z_erofs_pagevec_enqueue()
     - erofs: fix unsafe pagevec reuse of hooked pclusters
     - scripts/lld-version.sh: Rewrite based on upstream ld-version.sh
     - perf/core: Avoid put_page() when GUP fails
     - thermal: Fix NULL pointer dereferences in of_thermal_ functions
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.82
     - [arm64] zynqmp: Do not duplicate flash partition label property
     - [arm64] zynqmp: Fix serial compatible string
     - scsi: lpfc: Fix list_add() corruption in lpfc_drain_txq()
     - [armhf] bus: ti-sysc: Add quirk handling for reinit on context lost
     - [armhf] bus: ti-sysc: Use context lost quirk for otg
     - [armhf] usb: musb: tusb6010: check return value after calling
       platform_get_resource()
     - [x86] usb: typec: tipd: Remove WARN_ON in tps6598x_block_read
     - staging: rtl8723bs: remove possible deadlock when disconnect (v2)
     - [x86] ASoC: SOF: Intel: hda-dai: fix potential locking issue
     - [armhf] clk: imx: imx6ul: Move csi_sel mux to correct base register
     - [x86] ASoC: nau8824: Add DMI quirk mechanism for active-high jack-detect
     - scsi: advansys: Fix kernel pointer leak
     - ALSA: intel-dsp-config: add quirk for APL/GLK/TGL devices based on ES8336
       codec
     - firmware_loader: fix pre-allocated buf built-in firmware use
     - tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc
     - scsi: scsi_debug: Fix out-of-bound read in resp_readcap16()
     - scsi: scsi_debug: Fix out-of-bound read in resp_report_tgtpgs()
     - scsi: target: Fix ordered tag handling
     - scsi: target: Fix alua_tg_pt_gps_count tracking
     - iio: imu: st_lsm6dsx: Avoid potential array overflow in
       st_lsm6dsx_set_odr()
     - [i386] ALSA: gus: fix null pointer dereference on pointer block
     - maple: fix wrong return value of maple_bus_init().
     - f2fs: fix up f2fs_lookup tracepoints
     - f2fs: fix to use WHINT_MODE
     - f2fs: compress: disallow disabling compress on non-empty compressed file
     - f2fs: fix incorrect return value in f2fs_sanity_check_ckpt()
     - [armhf] clk/ast2600: Fix soc revision for AHB
     - [arm64] clk: qcom: gcc-msm8996: Drop (again) gcc_aggre1_pnoc_ahb_clk
     - sched/core: Mitigate race cpus_share_cache()/update_top_cache_domain()
     - [x86] perf/x86/vlbr: Add c->flags to vlbr event constraints
     - blkcg: Remove extra blkcg_bio_issue_init
     - perf bpf: Avoid memory leak from perf_env__insert_btf()
     - perf bench futex: Fix memory leak of perf_cpu_map__new()
     - perf tests: Remove bash construct from record+zstd_comp_decomp.sh
     - drm/nouveau: hdmigv100.c: fix corrupted HDMI Vendor InfoFrame
     - net-zerocopy: Copy straggler unaligned data for TCP Rx. zerocopy.
     - net-zerocopy: Refactor skb frag fast-forward op.
     - tcp: Fix uninitialized access in skb frags array for Rx 0cp.
     - tracing: Add length protection to histogram string copies
     - bnxt_en: reject indirect blk offload when hw-tc-offload is off
     - tipc: only accept encrypted MSG_CRYPTO msgs
     - net: reduce indentation level in sk_clone_lock()
     - sock: fix /proc/net/sockstat underflow in sk_clone_lock()
     - net/smc: Make sure the link_id is unique
     - iavf: Fix return of set the new channel count
     - iavf: check for null in iavf_fix_features
     - iavf: free q_vectors before queues in iavf_disable_vf
     - iavf: Fix failure to exit out from last all-multicast mode
     - iavf: prevent accidental free of filter structure
     - iavf: validate pointers
     - iavf: Fix for the false positive ASQ/ARQ errors while issuing VF reset
     - iavf: Fix for setting queues to 0
     - [x86] platform/x86: hp_accel: Fix an error handling path in
       'lis3lv02d_probe()'
     - net/mlx5e: nullify cq->dbg pointer in mlx5_debug_cq_remove()
     - net/mlx5: Lag, update tracker when state change event received
     - net/mlx5: E-Switch, Change mode lock from mutex to rw semaphore
     - net/mlx5: E-Switch, return error if encap isn't supported
     - scsi: core: sysfs: Fix hang when device state is set via sysfs
     - net: sched: act_mirred: drop dst for the direction from egress to ingress
     - [arm64] net: dpaa2-eth: fix use-after-free in dpaa2_eth_remove
     - net: virtio_net_hdr_to_skb: count transport header in UFO
     - i40e: Fix correct max_pkt_size on VF RX queue
     - i40e: Fix NULL ptr dereference on VSI filter sync
     - i40e: Fix changing previously set num_queue_pairs for PFs
     - i40e: Fix ping is lost after configuring ADq on VF
     - i40e: Fix warning message and call stack during rmmod i40e driver
     - i40e: Fix creation of first queue by omitting it if is not power of two
     - i40e: Fix display error code in dmesg
     - e100: fix device suspend/resume (Closes: #995927)
     - [powerpc*] KVM: PPC: Book3S HV: Use GLOBAL_TOC for
       kvmppc_h_set_dabr/xdabr()
     - [x86] perf/x86/intel/uncore: Fix filter_tid mask for CHA events on Skylake
       Server
     - [x86] perf/x86/intel/uncore: Fix IIO event constraints for Skylake Server
     - [s390x] kexec: fix return code handling
     - [arm64,armhf] net: stmmac: dwmac-rk: Fix ethernet on rk3399 based devices
     - tun: fix bonding active backup with arp monitoring
     - tipc: check for null after calling kmemdup
     - ipc: WARN if trying to remove ipc object which is absent
     - [x86] hyperv: Fix NULL deref in set_hv_tscchange_cb() if Hyper-V setup
       fails
     - scsi: qla2xxx: Fix mailbox direction flags in qla2xxx_get_adapter_id()
     - [s390x] kexec: fix memory leak of ipl report buffer
     - block: Check ADMIN before NICE for IOPRIO_CLASS_RT
     - [x86] KVM: nVMX: don't use vcpu->arch.efer when checking host state on
       nested state load
     - udf: Fix crash after seekdir
     - [armhf] net: stmmac: socfpga: add runtime suspend/resume callback for
       stratix10 platform
     - btrfs: fix memory ordering between normal and ordered work functions
     - cfg80211: call cfg80211_stop_ap when switch from P2P_GO type
     - drm/udl: fix control-message timeout
     - drm/nouveau: Add a dedicated mutex for the clients list (CVE-2020-27820)
     - drm/nouveau: use drm_dev_unplug() during device removal (CVE-2020-27820)
     - drm/nouveau: clean up all clients on device removal (CVE-2020-27820)
     - [x86] drm/i915/dp: Ensure sink rate values are always valid
     - drm/amdgpu: fix set scaling mode Full/Full aspect/Center not works on vga
       and dvi connectors
     - scsi: ufs: core: Fix task management completion
     - scsi: ufs: core: Fix task management completion timeout race
     - hugetlbfs: flush TLBs correctly after huge_pmd_unshare (CVE-2021-4002)
     - RDMA/netlink: Add __maybe_unused to static inline in C file
     - selinux: fix NULL-pointer dereference when hashtab allocation fails
     - ASoC: DAPM: Cover regression by kctl change notification fix
     - ice: Delete always true check of PF pointer
     - fs: export an inode_update_time helper
     - btrfs: update device path inode time instead of bd_inode
     - [x86] ALSA: hda: hdac_ext_stream: fix potential locking issues
     - ALSA: hda: hdac_stream: fix potential locking issue in
       snd_hdac_stream_assign()
     - Revert "perf: Rework perf_event_exit_event()"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.83
     - bpf: Fix toctou on read-only map's constant scalar tracking
       (CVE-2021-4001)
     - ACPI: Get acpi_device's parent from the parent field
     - USB: serial: option: add Telit LE910S1 0x9200 composition
     - USB: serial: option: add Fibocom FM101-GL variants
     - [arm*] usb: dwc2: gadget: Fix ISOC flow for elapsed frames
     - [arm*] usb: dwc2: hcd_queue: Fix use of floating point literal
     - [arm64,armhf] usb: dwc3: gadget: Ignore NoStream after End Transfer
     - [arm64,armhf] usb: dwc3: gadget: Check for L1/L2/U3 for Start Transfer
     - [arm64,armhf] usb: dwc3: gadget: Fix null pointer exception
     - net: nexthop: fix null pointer dereference when IPv6 is not enabled
     - [arm64,armhf] usb: chipidea: ci_hdrc_imx: fix potential error pointer
       dereference in probe
     - usb: typec: fusb302: Fix masking of comparator and bc_lvl interrupts
     - usb: hub: Fix usb enumeration issue due to address0 race
     - usb: hub: Fix locking issues with address0_mutex
     - [arm*] binder: fix test regression due to sender_euid change
     - ALSA: ctxfi: Fix out-of-range access
     - ALSA: hda/realtek: Add quirk for ASRock NUC Box 1100
     - ALSA: hda/realtek: Fix LED on HP ProBook 435 G7
     - media: cec: copy sequence field for the reply
     - HID: wacom: Use "Confidence" flag to prevent reporting invalid contacts
     - [x86] staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect()
     - fuse: release pipe buf after last use
     - xen: don't continue xenstore initialization in case of errors
     - xen: detect uninitialized xenbus in xenbus_init
     - [powerpc*] KVM: PPC: Book3S HV: Prevent POWER7/8 TLB flush flushing SLB
     - tracing/uprobe: Fix uprobe_perf_open probes iteration
     - tracing: Fix pid filtering when triggers are attached
     - [arm64,armhf] mmc: sdhci-esdhc-imx: disable CMDQ support
     - mmc: sdhci: Fix ADMA for PAGE_SIZE >= 64KiB
     - [armhf] mdio: aspeed: Fix "Link is Down" issue
     - [arm64] PCI: aardvark: Deduplicate code in advk_pcie_rd_conf()
     - [arm64] PCI: aardvark: Update comment about disabling link training
     - [arm64] PCI: aardvark: Implement re-issuing config requests on CRS
       response
     - [arm64] PCI: aardvark: Simplify initialization of rootcap on virtual
       bridge
     - [arm64] PCI: aardvark: Fix link training
     - proc/vmcore: fix clearing user buffer by properly using clear_user()
     - netfilter: ctnetlink: fix filtering with CTA_TUPLE_REPLY
     - netfilter: ctnetlink: do not erase error code with EINVAL
     - netfilter: ipvs: Fix reuse connection if RS weight is 0
     - netfilter: flowtable: fix IPv6 tunnel addr match
     - [x86] ASoC: topology: Add missing rwsem around snd_ctl_remove() calls
     - net: ieee802154: handle iftypes as u32
     - NFSv42: Don't fail clone() unless the OP_CLONE operation failed
     - [armhf] socfpga: Fix crash with CONFIG_FORTIRY_SOURCE
     - drm/nouveau/acr: fix a couple NULL vs IS_ERR() checks
     - scsi: mpt3sas: Fix kernel panic during drive powercycle test
     - [arm*] drm/vc4: fix error code in vc4_create_object()
     - iavf: Prevent changing static ITR values if adaptive moderation is on
     - ALSA: intel-dsp-config: add quirk for JSL devices based on ES8336 codec
     - [arm64,armhf] firmware: smccc: Fix check for ARCH_SOC_ID not implemented
     - ipv6: fix typos in __ip6_finish_output()
     - nfp: checking parameter process for rx-usecs/tx-usecs is invalid
     - net: stmmac: fix system hang caused by eee_ctrl_timer during
       suspend/resume
     - net: stmmac: retain PTP clock time during SIOCSHWTSTAMP ioctls
     - net: ipv6: add fib6_nh_release_dsts stub
     - net: nexthop: release IPv6 per-cpu dsts when replacing a nexthop group
     - ice: fix vsi->txq_map sizing
     - ice: avoid bpf_prog refcount underflow
     - scsi: core: sysfs: Fix setting device state to SDEV_RUNNING
     - scsi: scsi_debug: Zero clear zones at reset write pointer
     - erofs: fix deadlock when shrink erofs slab
     - net/smc: Ensure the active closing peer first closes clcsock
     - [arm64,armhf] net: marvell: mvpp2: increase MTU limit when XDP enabled
     - nvmet-tcp: fix incomplete data digest send
     - [armhf] net/ncsi : Add payload to be 32-bit aligned to fix dropped packets
     - PM: hibernate: use correct mode for swsusp_close()
     - drm/amd/display: Set plane update flags for all planes in reset
     - tcp_cubic: fix spurious Hystart ACK train detections for not-cwnd-limited
       flows
     - lan743x: fix deadlock in lan743x_phy_link_status_change()
     - net: phylink: Force link down and retrigger resolve on interface change
     - net: phylink: Force retrigger in case of latched link-fail indicator
     - net/smc: Fix NULL pointer dereferencing in smc_vlan_by_tcpsk()
     - net/smc: Fix loop in smc_listen
     - nvmet: use IOCB_NOWAIT only if the filesystem supports it
     - igb: fix netpoll exit with traffic
     - [mips*] loongson64: fix FTLB configuration
     - [mips*] use 3-level pgtable for 64KB page size on MIPS_VA_BITS_48
     - net/sched: sch_ets: don't peek at classes beyond 'nbands'
     - net: vlan: fix underflow for the real_dev refcnt
     - net/smc: Don't call clcsock shutdown twice when smc shutdown
     - [arm64] net: hns3: fix VF RSS failed problem after PF enable multi-TCs
     - [arm64] net: mscc: ocelot: don't downgrade timestamping RX filters in
       SIOCSHWTSTAMP
     - [arm64] net: mscc: ocelot: correctly report the timestamping RX filters in
       ethtool
     - tcp: correctly handle increased zerocopy args struct size
     - sched/scs: Reset task stack state in bringup_cpu()
     - f2fs: set SBI_NEED_FSCK flag when inconsistent node block found
     - ceph: properly handle statfs on multifs setups
     - smb3: do not error on fsync when readonly
     - [amd64] iommu/amd: Clarify AMD IOMMUv2 initialization messages
     - vhost/vsock: fix incorrect used length reported to the guest
     - tracing: Check pid filtering when creating events
     - xen: sync include/xen/interface/io/ring.h with Xen's newest version
     - xen/blkfront: read response from backend only once
     - xen/blkfront: don't take local copy of a request from the ring page
     - xen/blkfront: don't trust the backend response data blindly
     - xen/netfront: read response from backend only once
     - xen/netfront: don't read data from request on the ring page
     - xen/netfront: disentangle tx_skb_freelist
     - xen/netfront: don't trust the backend response data blindly
     - tty: hvc: replace BUG_ON() with negative return value
     - [s390x] mm: validate VMA in PGSTE manipulation functions
     - shm: extend forced shm destroy to support objects from several IPC nses
     - net: stmmac: platform: fix build warning when with !CONFIG_PM_SLEEP
     - drm/amdgpu/gfx9: switch to golden tsc registers for renoir+
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.84
     - NFSv42: Fix pagecache invalidation after COPY/CLONE
     - can: j1939: j1939_tp_cmd_recv(): check the dst address of TP.CM_BAM
     - ovl: simplify file splice
     - ovl: fix deadlock in splice write
     - gfs2: release iopen glock early in evict
     - gfs2: Fix length of holes reported at end-of-file
     - [powerpc*] pseries/ddw: Revert "Extend upper limit for huge DMA window for
       persistent memory"
     - mac80211: do not access the IV when it was stripped
     - net/smc: Transfer remaining wait queue entries during fallback
     - [amd64,arm64] atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait
       (CVE-2021-43975)
     - net: return correct error code
     - [x86] platform/x86: thinkpad_acpi: Add support for dual fan control
     - [x86] platform/x86: thinkpad_acpi: Fix WWAN device disabled issue after S3
       deep
     - [s390x] setup: avoid using memblock_enforce_memory_limit
     - btrfs: check-integrity: fix a warning on write caching disabled disk
     - thermal: core: Reset previous low and high trip during thermal zone init
     - scsi: iscsi: Unblock session then wake up error handler
     - drm/amd/amdgpu: fix potential memleak
     - ata: ahci: Add Green Sardine vendor ID as board_ahci_mobile
     - [arm64] ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array
       overflow in hns_dsaf_ge_srst_by_port()
     - ipv6: check return value of ipv6_skip_exthdr
     - net/smc: Avoid warning of possible recursive locking
     - ACPI: Add stubs for wakeup handler functions
     - vrf: Reset IPCB/IP6CB when processing outbound pkts in vrf dev xmit
     - kprobes: Limit max data_size of the kretprobe instances
     - rt2x00: do not mark device gone on EPROTO errors during start
     - ipmi: Move remove_work to dedicated workqueue
     - cpufreq: Fix get_cpu_device() failure in add_cpu_dev_symlink()
     - [s390x] pci: move pseudo-MMIO to prevent MIO overlap
     - fget: check that the fd still exists after getting a ref to it
     - ipv6: fix memory leak in fib6_rule_suppress
     - drm/amd/display: Allow DSC on supported MST branch devices
     - KVM: Disallow user memslot with size that exceeds "unsigned long"
     - [x86] KVM: nVMX: Flush current VPID (L1 vs. L2) for
       KVM_REQ_TLB_FLUSH_GUEST
     - [x86] KVM: x86: Use a stable condition around all VT-d PI paths
     - [arm64] KVM: arm64: Avoid setting the upper 32 bits of TCR_EL2 and
       CPTR_EL2 to 1
     - [x86] KVM: X86: Use vcpu->arch.walk_mmu for kvm_mmu_invlpg()
     - wireguard: allowedips: add missing __rcu annotation to satisfy sparse
     - wireguard: device: reset peer src endpoint when netns exits
     - wireguard: receive: use ring buffer for incoming handshakes
     - wireguard: receive: drop handshakes if queue lock is contended
     - wireguard: ratelimiter: use kvcalloc() instead of kvzalloc()
     - [armhf] i2c: stm32f7: flush TX FIFO upon transfer errors
     - [armhf] i2c: stm32f7: recover the bus on access timeout
     - [armhf] i2c: stm32f7: stop dma transfer in case of NACK
     - tcp: fix page frag corruption on page fault
     - net: qlogic: qlcnic: Fix a NULL pointer dereference in
       qlcnic_83xx_add_rings()
     - net: mpls: Fix notifications when deleting a device
     - siphash: use _unaligned version by default
     - [arm64] ftrace: add missing BTIs
     - net/mlx4_en: Fix an use-after-free bug in mlx4_en_try_alloc_resources()
     - rxrpc: Fix rxrpc_peer leak in rxrpc_look_up_bundle()
     - rxrpc: Fix rxrpc_local leak in rxrpc_lookup_peer()
     - ALSA: intel-dsp-config: add quirk for CML devices based on ES8336 codec
     - net: usb: lan78xx: lan78xx_phy_init(): use PHY_POLL instead of "0" if no
       IRQ is available
     - [arm64,armhf] net: marvell: mvpp2: Fix the computation of shared CPUs
     - [arm64] dpaa2-eth: destroy workqueue at the end of remove function
     - net: annotate data-races on txq->xmit_lock_owner
     - ipv4: convert fib_num_tclassid_users to atomic_t
     - net/smc: fix wrong list_del in smc_lgr_cleanup_early
     - net/rds: correct socket tunable error in rds_tcp_tune()
     - net/smc: Keep smc_close_final rc during active close
     - [arm64] drm/msm/a6xx: Allocate enough space for GMU registers
     - [arm64] drm/msm: Do hw_init() before capturing GPU state
     - [amd64,arm64] atlantic: Increase delay for fw transactions
     - [amd64,arm64] atlatnic: enable Nbase-t speeds with base-t
     - [amd64,arm64] atlantic: Fix to display FW bundle version instead of FW mac
       version.
     - [amd64,arm64] atlantic: Add missing DIDs and fix 115c.
     - [amd64,arm64] Remove Half duplex mode speed capabilities.
     - [amd64,arm64] atlantic: Fix statistics logic for production hardware
     - [amd64,arm64] atlantic: Remove warn trace message.
     - [x86] KVM: x86/pmu: Fix reserved bits for AMD PerfEvtSeln register
     - [x86] KVM: VMX: Set failure code in prepare_vmcs02()
     - [x86] entry: Use the correct fence macro after swapgs in kernel CR3
     - [x86] xen: Add xenpv_restore_regs_and_return_to_usermode()
     - sched/uclamp: Fix rq->uclamp_max not set on first enqueue
     - [x86] pv: Switch SWAPGS to ALTERNATIVE
     - [x86] entry: Add a fence for kernel entry SWAPGS in paranoid_entry()
     - vgacon: Propagate console boot parameters before calling `vc_resize'
     - xhci: Fix commad ring abort, write all 64 bits to CRCR register.
     - USB: NO_LPM quirk Lenovo Powered USB-C Travel Hub
     - usb: typec: tcpm: Wait in SNK_DEBOUNCED until disconnect
     - [x86] tsc: Add a timer to make sure TSC_adjust is always checked
     - [x86] tsc: Disable clocksource watchdog for TSC on qualified platorms
     - [x86] 64/mm: Map all kernel memory into trampoline_pgd
     - [arm64] tty: serial: msm_serial: Deactivate RX DMA for polling support
     - [arm*] serial: pl011: Add ACPI SBSA UART match id
     - [arm64,armhf] serial: tegra: Change lower tolerance baud rate limit for
       tegra20 and tegra30
     - serial: core: fix transmit-buffer reset and memleak
     - serial: 8250_pci: Fix ACCES entries in pci_serial_quirks array
     - serial: 8250_pci: rewrite pericom_do_set_divisor()
     - serial: 8250: Fix RTS modem control while in rs485 mode
     - iwlwifi: mvm: retry init flow if failed
     - ipmi: msghandler: Make symbol 'remove_work_wq' static
 .
   [ Salvatore Bonaccorso ]
   * integrity: Drop "MODSIGN: load blacklist from MOKx" as redundant after
     5.10.47.
   * Bump ABI to 10
   * Refresh "tools/perf: pmu-events: Fix reproducibility"
   * [rt] Update to 5.10.73-rt54
   * [rt] Refresh "tracing: Merge irqflags + preempt counter."
   * Refresh "Export symbols needed by Android drivers"
   * [rt] Refresh "printk: introduce kernel sync mode"
   * [rt] Refresh "printk: move console printing to kthreads"
   * [rt] Drop "rcutorture: Avoid problematic critical section nesting on RT"
   * [rt] Add new signing key for Luis Claudio R. Goncalves
   * [rt] Update to 5.10.83-rt58
 .
   [ Ben Hutchings ]
   * tools/perf: Fix warning introduced by "tools/perf: pmu-events: Fix
     reproducibility"

linux-signed-amd64 (5.10.106+1) bullseye; urgency=medium
 .
   * Sign kernel from linux 5.10.106-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.104
     - mac80211_hwsim: report NOACK frames in tx_status
     - mac80211_hwsim: initialize ieee80211_tx_info at hw_scan_work
     - [arm*] i2c: bcm2835: Avoid clock stretching timeouts
     - ASoC: rt5682: do not block workqueue if card is unbound
     - regulator: core: fix false positive in regulator_late_cleanup()
     - Input: clear BTN_RIGHT/MIDDLE on buttonpads
     - [arm64] KVM: arm64: vgic: Read HW interrupt pending state from the HW
     - tipc: fix a bit overflow in tipc_crypto_key_rcv()
     - cifs: fix double free race when mount fails in cifs_get_root()
     - net: usb: cdc_mbim: avoid altsetting toggling for Telit FN990
     - usb: gadget: don't release an existing dev->buf (CVE-2022-24958)
     - usb: gadget: clear related members when goto fail (CVE-2022-24958)
     - exfat: reuse exfat_inode_info variable instead of calling EXFAT_I()
     - exfat: fix i_blocks for files truncated over 4 GiB
     - tracing: Add test for user space strings when filtering on string pointers
     - [armhf] serial: stm32: prevent TDR register overwrite when sending x_char
     - ata: pata_hpt37x: fix PCI clock detection
     - drm/amdgpu: check vm ready by amdgpu_vm->evicting flag
     - tracing: Add ustring operation to filtering string pointers
     - [x86] ALSA: intel_hdmi: Fix reference to PCM buffer address
     - ASoC: ops: Shift tested values in snd_soc_put_volsw() by +min
     - [amd64] iommu/amd: Recover from event log overflow
     - [x86] drm/i915: s/JSP2/ICP2/ PCH
     - xen/netfront: destroy queues before real_num_tx_queues is zeroed
     - mm: Consider __GFP_NOWARN flag for oversized kvmalloc() calls
     - xfrm: fix MTU regression
     - netfilter: fix use-after-free in __nf_register_net_hook()
     - bpf, sockmap: Do not ignore orig_len parameter
     - xfrm: fix the if_id check in changelink
     - xfrm: enforce validity of offload input flags
     - e1000e: Correct NVM checksum verification flow
     - net: fix up skbs delta_truesize in UDP GRO frag_list
     - netfilter: nf_queue: don't assume sk is full socket
     - netfilter: nf_queue: fix possible use-after-free
     - netfilter: nf_queue: handle socket prefetch
     - batman-adv: Request iflink once in batadv-on-batadv check
     - batman-adv: Request iflink once in batadv_get_real_netdevice
     - batman-adv: Don't expect inter-netns unique iflink indices
     - net: ipv6: ensure we call ipv6_mc_down() at most once
     - net: dcb: flush lingering app table entries for unregistered devices
     - net/smc: fix connection leak
     - net/smc: fix unexpected SMC_CLC_DECL_ERR_REGRMB error generated by client
     - net/smc: fix unexpected SMC_CLC_DECL_ERR_REGRMB error cause by server
     - rcu/nocb: Fix missed nocb_timer requeue
     - ice: Fix race conditions between virtchnl handling and VF ndo ops
     - ice: fix concurrent reset and removal of VFs
     - sched/topology: Make sched_init_numa() use a set for the deduplicating
       sort
     - sched/topology: Fix sched_domain_topology_level alloc in sched_init_numa()
     - mac80211: fix forwarded mesh frames AC & queue selection
     - net: stmmac: fix return value of __setup handler
     - mac80211: treat some SAE auth steps as final
     - iavf: Fix missing check for running netdev
     - net: arcnet: com20020: Fix null-ptr-deref in com20020pci_probe()
     - ixgbe: xsk: change !netif_carrier_ok() handling in ixgbe_xmit_zc()
     - efivars: Respect "block" flag in efivar_entry_set_safe()
     - can: gs_usb: change active_channels's type from atomic_t to u8
     - igc: igc_read_phy_reg_gpy: drop premature return
     - [armel,armhf] 9182/1: mmu: fix returns from early_param() and __setup()
       functions
     - [arm64,armhf] pinctrl: sunxi: Use unique lockdep classes for IRQs
     - igc: igc_write_phy_reg_gpy: drop premature return
     - memfd: fix F_SEAL_WRITE after shmem huge page allocated
     - [armhf] dts: switch timer config to common devkit8000 devicetree
     - [armhf] dts: Use 32KiHz oscillator on devkit8000
     - [arm64] soc: fsl: guts: Revert commit 3c0d64e867ed
     - [arm64] soc: fsl: guts: Add a missing memory allocation failure check
     - [armhf] tegra: Move panels to AUX bus
     - net: chelsio: cxgb3: check the return value of pci_find_capability()
     - iavf: Refactor iavf state machine tracking
     - nl80211: Handle nla_memdup failures in handle_nan_filter
     - drm/amdgpu: fix suspend/resume hang regression
     - net: dcb: disable softirqs in dcbnl_flush_dev()
     - Input: elan_i2c - move regulator_[en|dis]able() out of
       elan_[en|dis]able_power()
     - Input: elan_i2c - fix regulator enable count imbalance after
       suspend/resume
     - HID: add mapping for KEY_DICTATE
     - HID: add mapping for KEY_ALL_APPLICATIONS
     - tracing/histogram: Fix sorting on old "cpu" value
     - tracing: Fix return value of __setup handlers
     - btrfs: fix lost prealloc extents beyond eof after full fsync
     - btrfs: qgroup: fix deadlock between rescan worker and remove qgroup
     - btrfs: add missing run of delayed items after unlink during log replay
     - Revert "xfrm: xfrm_state_mtu should return at least 1280 for ipv6"
     - hamradio: fix macro redefine warning
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.105
     - [x86] bugs: Unconditionally allow spectre_v2=retpoline,amd
     - [armhf] report Spectre v2 status through sysfs
     - [armel,armhf] early traps initialisation
     - [armel,armhf] use LOADADDR() to get load address of sections
     - [armel,armhf] Spectre-BHB workaround
     - [armel,armhf] include unprivileged BPF status in Spectre V2 reporting
     - [arm64] cputype: Add CPU implementor & types for the Apple M1 cores
     - [arm64] Add Neoverse-N2, Cortex-A710 CPU part definition
     - [arm64] Add Cortex-X2 CPU part definition
     - [arm64] Add Cortex-A510 CPU part definition
     - [arm64] Add HWCAP for self-synchronising virtual counter
     - [arm64] add ID_AA64ISAR2_EL1 sys register
     - [arm64] cpufeature: add HWCAP for FEAT_AFP
     - [arm64] cpufeature: add HWCAP for FEAT_RPRES
     - [arm64] entry.S: Add ventry overflow sanity checks
     - [arm64] spectre: Rename spectre_v4_patch_fw_mitigation_conduit
     - [arm64] entry: Make the trampoline cleanup optional
     - [arm64] entry: Free up another register on kpti's tramp_exit path
     - [arm64] entry: Move the trampoline data page before the text page
     - [arm64] entry: Allow tramp_alias to access symbols after the 4K boundary
     - [arm64] entry: Don't assume tramp_vectors is the start of the vectors
     - [arm64] entry: Move trampoline macros out of ifdef'd section
     - [arm64] entry: Make the kpti trampoline's kpti sequence optional
     - [arm64] entry: Allow the trampoline text to occupy multiple pages
     - [arm64] entry: Add non-kpti __bp_harden_el1_vectors for mitigations
     - [arm64] entry: Add vectors that have the bhb mitigation sequences
     - [arm64] entry: Add macro for reading symbol addresses from the trampoline
     - [arm64] Add percpu vectors for EL1
     - [arm64] proton-pack: Report Spectre-BHB vulnerabilities as part of
       Spectre-v2
     - [arm64] KVM: arm64: Allow indirect vectors to be used without SPECTRE_V3A
     - [arm64] Mitigate spectre style branch history side channels
     - [arm64] KVM: arm64: Allow SMCCC_ARCH_WORKAROUND_3 to be discovered and
       migrated
     - [arm64] Use the clearbhb instruction in mitigations
     - [arm64] proton-pack: Include unprivileged eBPF status in Spectre v2
       mitigation reporting
     - [armel,armhf] fix co-processor register typo
     - [armel,armhf] Do not use NOCROSSREFS directive with ld.lld
     - [armhf] fix build warning in proc-v7-bugs.c
     - xen/xenbus: don't let xenbus_grant_ring() remove grants in error case
       (CVE-2022-23040, XSA-396)
     - xen/grant-table: add gnttab_try_end_foreign_access() (CVE-2022-23036,
       CVE-2022-23038, XSA-396)
     - xen/blkfront: don't use gnttab_query_foreign_access() for mapped status
       (CVE-2022-23036, XSA-396)
     - xen/netfront: don't use gnttab_query_foreign_access() for mapped status
       (CVE-2022-23037, XSA-396)
     - xen/scsifront: don't use gnttab_query_foreign_access() for mapped status
       (CVE-2022-23038, XSA-396)
     - xen/gntalloc: don't use gnttab_query_foreign_access() (CVE-2022-23039,
       XSA-396)
     - xen: remove gnttab_query_foreign_access()
     - xen/9p: use alloc/free_pages_exact() (CVE-2022-23041, XSA-396)
     - xen/pvcalls: use alloc/free_pages_exact() (CVE-2022-23041, XSA-396)
     - xen/gnttab: fix gnttab_end_foreign_access() without page specified
       (CVE-2022-23041, XSA-396)
     - xen/netfront: react properly to failing gnttab_end_foreign_access_ref()
       (CVE-2022-23042, XSA-396)
     - Revert "ACPI: PM: s2idle: Cancel wakeup before dispatching EC GPE"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.106
     - [arm64] clk: qcom: gdsc: Add support to update GDSC transition delay
     - [arm64] dts: armada-3720-turris-mox: Add missing ethernet0 alias
     - tipc: fix kernel panic when enabling bearer
     - mISDN: Remove obsolete PIPELINE_DEBUG debugging information
     - mISDN: Fix memory leak in dsp_pipeline_build()
     - virtio-blk: Don't use MAX_DISCARD_SEGMENTS if max_discard_seg is zero
     - isdn: hfcpci: check the return value of dma_set_mask() in setup_hw()
     - net: qlogic: check the return value of dma_alloc_coherent() in
       qed_vf_hw_prepare()
     - esp: Fix BEET mode inter address family tunneling on GSO
     - qed: return status of qed_iov_get_link
     - i40e: stop disabling VFs due to PF error responses
     - ice: stop disabling VFs due to PF error responses
     - ice: Align macro names to the specification
     - ice: Remove unnecessary checker loop
     - ice: Rename a couple of variables
     - ice: Fix curr_link_speed advertised speed
     - tipc: fix incorrect order of state message data sanity check
     - [armhf] net: ethernet: ti: cpts: Handle error for clk_enable
     - ax25: Fix NULL pointer dereference in ax25_kill_by_device
     - net/mlx5: Fix size field in bufferx_reg struct
     - net/mlx5: Fix a race on command flush flow
     - net/mlx5e: Lag, Only handle events from highest priority multipath entry
     - NFC: port100: fix use-after-free in port100_send_complete
     - net: phy: DP83822: clear MISR2 register to disable interrupts
     - sctp: fix kernel-infoleak for SCTP sockets
     - [arm64] net: bcmgenet: Don't claim WOL when its not available
     - [arm64,armhf] spi: rockchip: Fix error in getting num-cs property
     - [arm64,armhf] spi: rockchip: terminate dma transmission when slave abort
     - net-sysfs: add check for netdevice being present to speed_show
     - [armhf] hwmon: (pmbus) Clear pmbus fault/warning bits after read
     - gpio: Return EPROBE_DEFER if gc->to_irq is NULL
     - Revert "xen-netback: remove 'hotplug-status' once it has served its
       purpose"
     - Revert "xen-netback: Check for hotplug-status existence before watching"
     - ipv6: prevent a possible race condition with lifetimes
     - tracing: Ensure trace buffer is at least 4096 bytes large
     - fuse: fix pipe buffer lifetime for direct_io
     - staging: rtl8723bs: Fix access-point mode deadlock
     - [arm64] net: macb: Fix lost RX packet wakeup race in NAPI receive
     - [arm64] mmc: meson: Fix usage of meson_mmc_post_req()
     - [arm64] dts: marvell: armada-37xx: Remap IO space to bus address 0x0
     - virtio: unexport virtio_finalize_features
     - virtio: acknowledge all features before access
     - watch_queue, pipe: Free watchqueue state after clearing pipe ring
       (CVE-2022-0995)
     - watch_queue: Fix to release page in ->release() (CVE-2022-0995)
     - watch_queue: Fix to always request a pow-of-2 pipe ring size
       (CVE-2022-0995)
     - watch_queue: Fix the alloc bitmap size to reflect notes allocated
       (CVE-2022-0995)
     - watch_queue: Free the alloc bitmap when the watch_queue is torn down
       (CVE-2022-0995)
     - watch_queue: Fix lack of barrier/sync/lock between post and read
       (CVE-2022-0995)
     - watch_queue: Make comment about setting ->defunct more accurate
       (CVE-2022-0995)
     - [x86] boot: Fix memremap of setup_indirect structures
     - [x86] boot: Add setup_indirect support in early_memremap_is_setup_data()
     - [x86] traps: Mark do_int3() NOKPROBE_SYMBOL
     - ext4: add check to prevent attempting to resize an fs with sparse_super2
     - [armel,armhf] fix Thumb2 regression with Spectre BHB
     - watch_queue: Fix filter limit check ((CVE-2022-0995)
 .
   [ Salvatore Bonaccorso ]
   * Bump ABI to 13
   * [rt] Update to 5.10.104-rt63
   * [rt] Update to 5.10.106-rt64
   * sctp: fix the processing for INIT chunk (CVE-2021-3772)
   * tcp: make tcp_read_sock() more robust
   * io_uring: return back safer resurrect
   * [arm64] kvm: Fix copy-and-paste error in bhb templates for v5.10 stable
linux-signed-amd64 (5.10.103+1) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.103-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.93
     - kbuild: Add $(KBUILD_HOSTLDFLAGS) to 'has_libelf' test
     - devtmpfs regression fix: reconfigure on each mount
     - orangefs: Fix the size of a memory allocation in orangefs_bufmap_alloc()
     - perf: Protect perf_guest_cbs with RCU
     - [x86] KVM: Register Processor Trace interrupt hook iff PT enabled in guest
     - [s390x] KVM: Clarify SIGP orders versus STOP/RESTART
     - 9p: only copy valid iattrs in 9P2000.L setattr implementation
     - [x86] video: vga16fb: Only probe for EGA and VGA 16 color graphic cards
     - media: uvcvideo: fix division by zero at stream start
     - rtlwifi: rtl8192cu: Fix WARNING when calling local_irq_restore() with
       interrupts enabled
     - firmware: qemu_fw_cfg: fix sysfs information leak
     - firmware: qemu_fw_cfg: fix NULL-pointer deref on duplicate entries
     - firmware: qemu_fw_cfg: fix kobject leak in probe error path
     - [x86] KVM: remove PMU FIXED_CTR3 from msrs_to_save_all
     - ALSA: hda/realtek: Add speaker fixup for some Yoga 15ITL5 devices
     - ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Master after
       reboot from Windows
     - ALSA: hda: ALC287: Add Lenovo IdeaPad Slim 9i 14ITL5 speaker quirk
     - ALSA: hda/realtek: Add quirk for Legion Y9000X 2020
     - ALSA: hda/realtek: Re-order quirk entries for Lenovo
     - [powerpc*] pseries: Get entry and uaccess flush required bits from
       H_GET_CPU_CHARACTERISTICS
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.94
     - [x86] KVM: VMX: switch blocked_vcpu_on_cpu_lock to raw spinlock
     - HID: uhid: Fix worker destroying device without any protection
     - HID: wacom: Reset expected and received contact counts at the same time
     - HID: wacom: Ignore the confidence flag when a touch is removed
     - HID: wacom: Avoid using stale array indicies to read contact count
     - f2fs: fix to do sanity check in is_alive()
     - nfc: llcp: fix NULL error pointer dereference on sendmsg() after failed
       bind()
     - [armhf] mtd: rawnand: gpmi: Add ERR007117 protection for nfc_apply_timings
     - [armhf] mtd: rawnand: gpmi: Remove explicit default gpmi clock setting for
       i.MX6
     - mtd: Fixed breaking list in __mtd_del_partition.
     - [x86] gpu: Reserve stolen memory for first integrated Intel GPU
     - rtc: cmos: take rtc_lock while reading from CMOS
     - media: v4l2-ioctl.c: readbuffers depends on V4L2_CAP_READWRITE
     - media: flexcop-usb: fix control-message timeouts
     - media: mceusb: fix control-message timeouts
     - media: em28xx: fix control-message timeouts
     - media: cpia2: fix control-message timeouts
     - media: s2255: fix control-message timeouts
     - media: dib0700: fix undefined behavior in tuner shutdown
     - media: redrat3: fix control-message timeouts
     - media: pvrusb2: fix control-message timeouts
     - media: stk1160: fix control-message timeouts
     - [armhf] media: cec-pin: fix interrupt en/disable handling
     - [x86] can: softing_cs: softingcs_probe(): fix memleak on registration
       failure
     - iio: adc: ti-adc081c: Partial revert of removal of ACPI IDs
     - [arm64,armhf] gpu: host1x: Add back arm_iommu_detach_device()
     - dma_fence_array: Fix PENDING_ERROR leak in dma_fence_array_signaled()
     - PCI: Add function 1 DMA alias quirk for Marvell 88SE9125 SATA controller
     - mm_zone: add function to check if managed dma zone exists
     - [arm64] dma/pool: create dma atomic pool only if dma zone has managed
       pages
     - mm/page_alloc.c: do not warn allocation failure on zone DMA if no managed
       pages
     - shmem: fix a race between shmem_unused_huge_shrink and shmem_evict_inode
     - drm/ttm: Put BO in its memory manager's lru list
     - Bluetooth: L2CAP: Fix not initializing sk_peer_pid
     - [armhf] drm/bridge: display-connector: fix an uninitialized pointer in
       probe()
     - drm: fix null-ptr-deref in drm_dev_init_release()
     - [arm64,armhf] drm/rockchip: dsi: Fix unbalanced clock on probe error
     - [arm64,armhf] drm/rockchip: dsi: Hold pm-runtime across bind/unbind
     - [arm64,armhf] drm/rockchip: dsi: Disable PLL clock on bind error
     - [arm64,armhf] drm/rockchip: dsi: Reconfigure hardware on resume()
     - Bluetooth: cmtp: fix possible panic when cmtp_init_sockets() fails
     - [arm*] clk: bcm-2835: Pick the closest clock rate
     - [arm*] clk: bcm-2835: Remove rounding up the dividers
     - [arm*] drm/vc4: hdmi: Set a default HSM rate
     - [arm64] wcn36xx: ensure pairing of init_scan/finish_scan and
       start_scan/end_scan
     - [arm64] wcn36xx: Indicate beacon not connection loss on MISSED_BEACON_IND
     - [arm64] wcn36xx: Fix DMA channel enable/disable cycle
     - [arm64] wcn36xx: Release DMA channel descriptor allocations
     - [arm64] wcn36xx: Put DXE block into reset before freeing memory
     - [arm64] wcn36xx: populate band before determining rate on RX
     - [arm64] wcn36xx: fix RX BD rate mapping for 5GHz legacy rates
     - ath11k: Send PPDU_STATS_CFG with proper pdev mask to firmware
     - media: videobuf2: Fix the size printk format
     - [armhf] media: aspeed: fix mode-detect always time out at 2nd run
     - media: em28xx: fix memory leak in em28xx_init_dev
     - [armhf] media: aspeed: Update signal status immediately to ensure sane hw
       state
     - fs: dlm: use sk->sk_socket instead of con->sock
     - fs: dlm: don't call kernel_getpeername() in error_report()
     - Bluetooth: stop proccessing malicious adv data
     - ath11k: Fix ETSI regd with weather radar overlap
     - ath11k: clear the keys properly via DISABLE_KEY
     - ath11k: reset RSN/WPA present state for open BSS
     - [arm64] tee: fix put order in teedev_close_context()
     - [x86] drm/vboxvideo: fix a NULL vs IS_ERR() check
     - media: dmxdev: fix UAF when dvb_register_device() fails
     - [arm64] crypto: qce - fix uaf on qce_ahash_register_one
     - [arm64] crypto: qce - fix uaf on qce_skcipher_register_one
     - [armhf] dts: stm32: fix dtbs_check warning on ili9341 dts binding on
       stm32f429 disco
     - [x86] crypto: qat - fix spelling mistake: "messge" -> "message"
     - [x86] crypto: qat - remove unnecessary collision prevention step in PFVF
     - [x86] crypto: qat - make pfvf send message direction agnostic
     - [x86] crypto: qat - fix undetected PFVF timeout in ACK loop
     - ath11k: Use host CE parameters for CE interrupts configuration
     - [armhf] media: imx-pxp: Initialize the spinlock prior to using it
     - [armhf] media: coda: fix CODA960 JPEG encoder buffer overflow
     - [arm64] media: venus: pm_helpers: Control core power domain manually
     - [arm64] media: venus: core, venc, vdec: Fix probe dependency error
     - [arm64] media: venus: core: Fix a potential NULL pointer dereference in an
       error handling path
     - [arm64] media: venus: core: Fix a resource leak in the error handling path
       of 'venus_probe()'
     - [armhf] thermal/drivers/imx: Implement runtime PM support
     - netfilter: bridge: add support for pppoe filtering
     - cgroup: Trace event cgroup id fields should be u64
     - ACPI: EC: Rework flushing of EC work while suspended to idle
     - drm/amdgpu: Fix a NULL pointer dereference in
       amdgpu_connector_lcd_native_mode()
     - drm/radeon/radeon_kms: Fix a NULL pointer dereference in
       radeon_driver_open_kms()
     - [arm*] serial: amba-pl011: do not request memory region twice
     - floppy: Fix hang in watchdog when disk is ejected
     - [x86] staging: rtl8192e: return error code from rtllib_softmac_init()
     - [x86] staging: rtl8192e: rtllib_module: fix error handle case in
       alloc_rtllib()
     - sched/fair: Fix detection of per-CPU kthreads waking a task
     - sched/fair: Fix per-CPU kthread and wakee stacking for asym CPU capacity
     - bpf: Adjust BTF log size limit.
     - bpf: Disallow BPF_LOG_KERNEL log level for bpf(BPF_BTF_LOAD)
     - bpf: Remove config check to enable bpf support for branch records
     - [arm64] lib: Annotate {clear, copy}_page() as position-independent
     - [arm64] clear_page() shouldn't use DC ZVA when DCZID_EL0.DZP == 1
     - media: dib8000: Fix a memleak in dib8000_init()
     - media: saa7146: mxb: Fix a NULL pointer dereference in mxb_attach()
     - media: si2157: Fix "warm" tuner state detection
     - wireless: iwlwifi: Fix a double free in iwl_txq_dyn_alloc_dma
     - sched/rt: Try to restart rt period timer when rt runtime exceeded
     - rcu/exp: Mark current CPU as exp-QS in IPI loop second pass
     - mwifiex: Fix possible ABBA deadlock
     - xfrm: fix a small bug in xfrm_sa_len()
     - [x86] uaccess: Move variable into switch case statement
     - [armhf] crypto: stm32 - Fix last sparse warning in
       stm32_cryp_check_ctr_counter
     - [armhf] crypto: stm32/cryp - fix CTR counter carry
     - [armhf] crypto: stm32/cryp - fix xts and race condition in crypto_engine
       requests
     - [armhf] crypto: stm32/cryp - check early input data
     - [armhf] crypto: stm32/cryp - fix double pm exit
     - [armhf] crypto: stm32/cryp - fix lrw chaining mode
     - [armhf] crypto: stm32/cryp - fix bugs and crash in tests
     - [armhf] crypto: stm32 - Revert broken pm_runtime_resume_and_get changes
     - ath11k: Fix deleting uninitialized kernel timer during fragment cache
       flush
     - media: dw2102: Fix use after free
     - media: msi001: fix possible null-ptr-deref in msi001_probe()
     - [armhf] media: coda/imx-vdoa: Handle dma_set_coherent_mask error codes
     - ath11k: Fix a NULL pointer dereference in ath11k_mac_op_hw_scan()
     - [arm64] dts: qcom: c630: Fix soundcard setup
     - [arm64] drm/msm/dpu: fix safe status debugfs file
     - [arm64,armhf] drm/tegra: vic: Fix DMA API misuse
     - xfrm: interface with if_id 0 should return error
     - xfrm: state and policy should fail if XFRMA_IF_ID 0
     - [armel,armhf] 9159/1: decompressor: Avoid UNPREDICTABLE NOP encoding
     - usb: ftdi-elan: fix memory leak on device disconnect
     - iwlwifi: mvm: fix 32-bit build in FTM
     - iwlwifi: mvm: test roc running status bits before removing the sta
     - [armhf] mmc: meson-mx-sdio: add IRQ check
     - selinux: fix potential memleak in selinux_add_opt()
     - Bluetooth: L2CAP: Fix using wrong mode
     - bpftool: Enable line buffering for stdout
     - software node: fix wrong node passed to find nargs_prop
     - Bluetooth: hci_qca: Stop IBS timer during BT OFF
     - [x86] mce/inject: Avoid out-of-bounds write when setting flags
     - ACPI: scan: Create platform device for BCM4752 and LNV4752 ACPI nodes
     - [x86] pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in
       __nonstatic_find_io_region()
     - [x86] pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in
       nonstatic_find_mem_region()
     - netfilter: ipt_CLUSTERIP: fix refcount leak in clusterip_tg_check()
     - bpf: Don't promote bogus looking registers after null check.
     - bpf: Fix SO_RCVBUF/SO_SNDBUF handling in _bpf_setsockopt().
     - netfilter: nft_set_pipapo: allocate pcpu scratch maps on clone
     - ppp: ensure minimum packet size in ppp_write()
     - Bluetooth: hci_bcm: Check for error irq
     - Bluetooth: hci_qca: Fix NULL vs IS_ERR_OR_NULL check in qca_serdev_probe
     - [arm64] usb: dwc3: qcom: Fix NULL vs IS_ERR checking in dwc3_qcom_probe
     - HID: hid-uclogic-params: Invalid parameter check in uclogic_params_init
     - HID: hid-uclogic-params: Invalid parameter check in
       uclogic_params_get_str_desc
     - HID: hid-uclogic-params: Invalid parameter check in
       uclogic_params_huion_init
     - HID: hid-uclogic-params: Invalid parameter check in
       uclogic_params_frame_init_v1_buttonpad
     - debugfs: lockdown: Allow reading debugfs files that are not world readable
     - net/mlx5e: Fix page DMA map/unmap attributes
     - net/mlx5e: Don't block routes with nexthop objects in SW
     - Revert "net/mlx5e: Block offload of outer header csum for UDP tunnels"
     - net/mlx5: Set command entry semaphore up once got index free
     - lib/mpi: Add the return value check of kcalloc()
     - Bluetooth: L2CAP: uninitialized variables in l2cap_sock_setsockopt()
     - [arm64,armhf] spi: spi-meson-spifc: Add missing pm_runtime_disable() in
       meson_spifc_probe
     - ax25: uninitialized variable in ax25_setsockopt()
     - netrom: fix api breakage in nr_setsockopt()
     - regmap: Call regmap_debugfs_exit() prior to _init()
     - tpm: add request_locality before write TPM_INT_ENABLE
     - tpm_tis: Fix an error handling path in 'tpm_tis_core_init()'
     - can: softing: softing_startstop(): fix set but not used variable warning
     - pcmcia: fix setting of kthread task states
     - iwlwifi: mvm: Use div_s64 instead of do_div in iwl_mvm_ftm_rtt_smoothing()
     - net: mcs7830: handle usb read errors properly
     - ext4: avoid trim error on fs with small groups
     - ALSA: jack: Add missing rwsem around snd_ctl_remove() calls
     - ALSA: PCM: Add missing rwsem around snd_ctl_remove() calls
     - ALSA: hda: Add missing rwsem around snd_ctl_remove() calls
     - RDMA/bnxt_re: Scan the whole bitmap when checking if "disabling RCFW with
       pending cmd-bit"
     - [arm64] RDMA/hns: Validate the pkey index
     - scsi: pm80xx: Update WARN_ON check in pm8001_mpi_build_cmd()
     - [arm64] clk: imx8mn: Fix imx8mn_clko1_sels
     - [powerpc*] prom_init: Fix improper check of prom_getprop()
     - dt-bindings: thermal: Fix definition of cooling-maps contribution property
     - [powerpc*] 64s: Convert some cpu_setup() and cpu_restore() functions to C
     - [powerpc*] perf: MMCR0 control for PMU registers under PMCC=00
     - [powerpc*] perf: move perf irq/nmi handling details into traps.c
     - [powerpc*] irq: Add helper to set regs->softe
     - [powerpc*] perf: Fix PMU callbacks to clear pending PMI before resetting
       an overflown PMC
     - clocksource: Reduce clocksource-skew threshold
     - clocksource: Avoid accidental unstable marking of clocksources
     - ALSA: oss: fix compile error when OSS_DEBUG is enabled
     - ALSA: usb-audio: Drop superfluous '0' in Presonus Studio 1810c's ID
     - [arm*] binder: fix handling of error during copy
     - [arm64,armhf] iommu/io-pgtable-arm: Fix table descriptor paddr formatting
     - scsi: ufs: Fix race conditions related to driver data
     - RDMA/qedr: Fix reporting max_{send/recv}_wr attrs
     - PCI/MSI: Fix pci_irq_vector()/pci_irq_get_affinity()
     - RDMA/core: Let ib_find_gid() continue search even after empty entry
     - RDMA/cma: Let cma_resolve_ib_dev() continue search even after empty entry
     - [x86] ASoC: rt5663: Handle device_property_read_u32_array error codes
     - [amd64] iommu/amd: Remove iommu_init_ga()
     - [amd64] iommu/amd: Restore GA log/tail pointer on host resume
     - [x86] ASoC: Intel: catpt: Test dmaengine_submit() result before moving on
     - iommu/iova: Fix race between FQ timeout and teardown
     - scsi: block: pm: Always set request queue runtime active in
       blk_post_runtime_resume()
     - [powerpc*] xive: Add missing null check after calling kmalloc
     - RDMA/cxgb4: Set queue pair state when being queried
     - of: base: Fix phandle argument length mismatch error message
     - [armhf] dts: omap3-n900: Fix lp5523 for multi color
     - Bluetooth: Fix debugfs entry leak in hci_register_dev()
     - fs: dlm: filter user dlm messages for kernel locks
     - [arm64,armhf] drm/lima: fix warning when CONFIG_DEBUG_SG=y &
       CONFIG_DMA_API_DEBUG=y
     - ar5523: Fix null-ptr-deref with unexpected WDCMSG_TARGET_START reply
     - [arm64,armhf] drm/bridge: dw-hdmi: handle ELD when
       DRM_BRIDGE_ATTACH_NO_CONNECTOR
     - drm/nouveau/pmu/gm200-: avoid touching PMU outside of DEVINIT/PREOS/ACR
     - batman-adv: allow netlink usage in unprivileged containers
     - ath11k: Fix crash caused by uninitialized TX ring
     - usb: gadget: f_fs: Use stream_open() for endpoint files
     - drm: panel-orientation-quirks: Add quirk for the Lenovo Yoga Book X91F/L
     - HID: apple: Do not reset quirks when the Fn key is not found
     - media: b2c2: Add missing check in flexcop_pci_isr:
     - drm/amdgpu/display: set vblank_disable_immediate for DC
     - [arm64,armhf] tty: serial: imx: disable UCR4_OREN in .stop_rx() instead of
       .shutdown()
     - gpiolib: acpi: Do not set the IRQ type if the IRQ is already in use
     - [armhf] HSI: core: Fix return freed object in hsi_new_client
     - crypto: jitter - consider 32 LSB for APT
     - rsi: Fix use-after-free in rsi_rx_done_handler()
     - rsi: Fix out-of-bounds read in rsi_read_pkt()
     - ath11k: Avoid NULL ptr access during mgmt tx cleanup
     - [arm64] media: venus: avoid calling core_clk_setrate() concurrently during
       concurrent video sessions
     - [x86] ACPI / x86: Drop PWM2 device on Lenovo Yoga Book from always present
       table
     - ACPI: Change acpi_device_always_present() into
       acpi_device_override_status()
     - [x86] ACPI / x86: Allow specifying acpi_device_override_status() quirks by
       path
     - [x86] ACPI / x86: Add not-present quirk for the PCI0.SDHB.BRC1 device on
       the GPD win
     - floppy: Add max size check for user space request
     - [x86] mm: Flush global TLB when switching to trampoline page-table
     - media: saa7146: hexium_orion: Fix a NULL pointer dereference in
       hexium_attach()
     - media: m920x: don't use stack on USB reads
     - [x86] thunderbolt: Runtime PM activate both ends of the device link
     - iwlwifi: mvm: synchronize with FW after multicast commands
     - iwlwifi: mvm: avoid clearing a just saved session protection id
     - ath11k: avoid deadlock by change ieee80211_queue_work for regd_update_work
     - ath10k: Fix tx hanging
     - net-sysfs: update the queue counts in the unregistration path
     - net: phy: prefer 1000baseT over 1000baseKX
     - [armhf] gpio: aspeed: Convert aspeed_gpio.lock to raw_spinlock
     - ath11k: Avoid false DEADLOCK warning reported by lockdep
     - [x86] mce: Allow instrumentation during task work queueing
     - [x86] mce: Mark mce_panic() noinstr
     - [x86] mce: Mark mce_end() noinstr
     - [x86] mce: Mark mce_read_aux() noinstr
     - net: bonding: debug: avoid printing debug logs when bond is not notifying
       peers
     - bpf: Do not WARN in bpf_warn_invalid_xdp_action()
     - HID: quirks: Allow inverting the absolute X/Y values
     - media: igorplugusb: receiver overflow should be reported
     - media: saa7146: hexium_gemini: Fix a NULL pointer dereference in
       hexium_attach()
     - mmc: core: Fixup storing of OCR for MMC_QUIRK_NONSTD_SDIO
     - audit: ensure userspace is penalized the same as the kernel when under
       pressure
     - [arm64] dts: ls1028a-qds: move rtc node to the correct i2c bus
     - PM: runtime: Add safety net to supplier device release
     - cpufreq: Fix initialization of min and max frequency QoS requests
     - usb: hub: Add delay for SuperSpeed hub resume to let links transit to U0
     - ath9k: Fix out-of-bound memcpy in ath9k_hif_usb_rx_stream
     - rtw88: 8822c: update rx settings to prevent potential hw deadlock
     - iwlwifi: fix leaks/bad data after failed firmware load
     - iwlwifi: remove module loading failure message
     - iwlwifi: mvm: Fix calculation of frame length
     - iwlwifi: pcie: make sure prph_info is set when treating wakeup IRQ
     - ath11k: Fix napi related hang
     - Bluetooth: vhci: Set HCI_QUIRK_VALID_LE_STATES
     - xfrm: rate limit SA mapping change message to user space
     - [armhf] drm/etnaviv: consider completed fence seqno in hang check
     - jffs2: GC deadlock reading a page that is used in jffs2_write_begin()
     - ACPICA: actypes.h: Expand the ACPI_ACCESS_ definitions
     - ACPICA: Utilities: Avoid deleting the same object twice in a row
     - ACPICA: Executer: Fix the REFCLASS_REFOF case in acpi_ex_opcode_1A_0T_1R()
     - ACPICA: Fix wrong interpretation of PCC address
     - ACPICA: Hardware: Do not flush CPU cache when entering S4 and S5
     - drm/amdgpu: fixup bad vram size on gmc v8
     - ACPI: battery: Add the ThinkPad "Not Charging" quirk
     - btrfs: remove BUG_ON() in find_parent_nodes()
     - btrfs: remove BUG_ON(!eie) in find_parent_nodes
     - net: mdio: Demote probed message to debug print
     - mac80211: allow non-standard VHT MCS-10/11
     - dm btree: add a defensive bounds check to insert_at()
     - dm space map common: add bounds check to sm_ll_lookup_bitmap()
     - net: phy: marvell: configure RGMII delays for 88E1118
     - [arm64] regulator: qcom_smd: Align probe function with rpmh-regulator
     - [arm64,armhf] serial: pl010: Drop CR register reset on set_termios
     - serial: core: Keep mctrl register state and cached copy in sync
     - random: do not throw away excess input to crng_fast_load
     - [powerpc*] powernv: add missing of_node_put
     - [powerpc*] btext: add missing of_node_put
     - [powerpc*] watchdog: Fix missed watchdog reset due to memory ordering race
     - [x86] i2c: i801: Don't silently correct invalid transfer size
     - [powerpc*] smp: Move setup_profiling_timer() under CONFIG_PROFILING
     - [powerpc*] i2c: mpc: Correct I2C reset procedure
     - [arm64] clk: meson: gxbb: Fix the SDM_EN bit for MPLL0 on GXBB
     - [powerpc*] KVM: PPC: Book3S: Suppress warnings when allocating too big
       memory slots
     - [powerpc*] KVM: PPC: Book3S: Suppress failed alloc warning in
       H_COPY_TOFROM_GUEST
     - w1: Misuse of get_user()/put_user() reported by sparse
     - nvmem: core: set size for sysfs bin file
     - dm: fix alloc_dax error handling in alloc_dev
     - scsi: lpfc: Trigger SLI4 firmware dump before doing driver cleanup
     - ALSA: seq: Set upper limit of processed events
     - [powerpc*] handle kdump appropriately with crash_kexec_post_notifiers
       option
     - [powerpc*] fadump: Fix inaccurate CPU state info in vmcore generated with
       panic
     - udf: Fix error handling in udf_new_inode()
     - [mips64el,mipsel] OCTEON: add put_device() after of_find_device_by_node()
     - [arm64,armhf] irqchip/gic-v4: Disable redistributors' view of the VPE
       table at boot time
     - [x86] i2c: designware-pci: Fix to change data types of hcnt and lcnt
       parameters
     - scsi: sr: Don't use GFP_DMA
     - [arm64] rpmsg: core: Clean up resources on announce_create failure.
     - [armhf] crypto: stm32/crc32 - Fix kernel BUG triggered in probe()
     - [arm64] crypto: caam - replace this_cpu_ptr with raw_cpu_ptr
     - ubifs: Error path in ubifs_remount_rw() seems to wrongly free write
       buffers
     - tpm: fix NPE on probe for missing device
     - xen/gntdev: fix unmap notification order
     - fuse: Pass correct lend value to filemap_write_and_wait_range()
     - serial: Fix incorrect rs485 polarity on uart open
     - cputime, cpuacct: Include guest time in user time in cpuacct.stat
     - tracing/kprobes: 'nmissed' not showed correctly for kretprobe
     - iwlwifi: mvm: Increase the scan timeout guard to 30 seconds
     - [s390x] mm: fix 2KB pgtable release race
     - device property: Fix fwnode_graph_devcon_match() fwnode leak
     - [armhf] drm/etnaviv: limit submit sizes
     - drm/nouveau/kms/nv04: use vzalloc for nv04_display
     - [arm64,armhf] drm/bridge: analogix_dp: Make PSR-exit block less
     - [powerpc*] 64s/radix: Fix huge vmap false positive
     - [arm64] PCI: xgene: Fix IB window setup
     - PCI: pciehp: Use down_read/write_nested(reset_lock) to fix lockdep errors
     - [arm*] PCI: pci-bridge-emul: Make expansion ROM Base Address register
       read-only
     - [arm*] PCI: pci-bridge-emul: Properly mark reserved PCIe bits in PCI
       config space
     - [arm*] PCI: pci-bridge-emul: Fix definitions of reserved bits
     - [arm*] PCI: pci-bridge-emul: Correctly set PCIe capabilities
     - [arm*] PCI: pci-bridge-emul: Set PCI_STATUS_CAP_LIST for PCIe device
     - xfrm: fix policy lookup for ipv6 gre packets
     - btrfs: fix deadlock between quota enable and other quota operations
     - btrfs: check the root node for uptodate before returning it
     - btrfs: respect the max size in the header when activating swap file
     - ext4: make sure to reset inode lockdep class when quota enabling fails
     - ext4: make sure quota gets properly shutdown on error
     - ext4: fix a possible ABBA deadlock due to busy PA
     - ext4: initialize err_blk before calling __ext4_get_inode_loc
     - ext4: fix fast commit may miss tracking range for FALLOC_FL_ZERO_RANGE
     - ext4: set csum seed in tmp inode while migrating to extents
     - ext4: Fix BUG_ON in ext4_bread when write quota data
     - ext4: use ext4_ext_remove_space() for fast commit replay delete range
     - ext4: fast commit may miss tracking unwritten range during ftruncate
     - ext4: destroy ext4_fc_dentry_cachep kmemcache on module removal
     - ext4: fix null-ptr-deref in '__ext4_journal_ensure_credits'
     - ext4: don't use the orphan list when migrating an inode
     - drm/radeon: fix error handling in radeon_driver_open_kms
     - of: base: Improve argument length mismatch error
     - firmware: Update Kconfig help text for Google firmware
     - [arm*] drm/vc4: hdmi: Make sure the device is powered with CEC
     - Documentation: dmaengine: Correctly describe dmatest with channel unset
     - Documentation: ACPI: Fix data node reference documentation
     - Documentation: refer to config RANDOMIZE_BASE for kernel address-space
       randomization
     - Documentation: fix firewire.rst ABI file path error
     - Bluetooth: hci_sync: Fix not setting adv set duration
     - scsi: core: Show SCMD_LAST in text form
     - [arm64] RDMA/hns: Modify the mapping attribute of doorbell to device
     - RDMA/rxe: Fix a typo in opcode name
     - [armhf] dmaengine: stm32-mdma: fix STM32_MDMA_CTBR_TSEL_MASK
     - Revert "net/mlx5: Add retry mechanism to the command entry index
       allocation"
     - block: Fix fsync always failed if once failed
     - bpftool: Remove inclusion of utilities.mak from Makefiles
     - xdp: check prog type before updating BPF link
     - ipv4: update fib_info_cnt under spinlock protection
     - ipv4: avoid quadratic behavior in netns dismantle
     - [arm64] net/fsl: xgmac_mdio: Add workaround for erratum A-009885
     - [arm64] net/fsl: xgmac_mdio: Fix incorrect iounmap when removing module
     - f2fs: compress: fix potential deadlock of compress file
     - f2fs: fix to reserve space for IO align feature
     - af_unix: annote lockless accesses to unix_tot_inflight & gc_in_progress
     - clk: Emit a stern warning with writable debugfs enabled
     - net/smc: Fix hung_task when removing SMC-R devices
     - virtio_ring: mark ring unused on error
     - taskstats: Cleanup the use of task->exit_code
     - inet: frags: annotate races around fqdir->dead and fqdir->high_thresh
     - netns: add schedule point in ops_exit_list()
     - xfrm: Don't accidentally set RTO_ONLINK in decode_session4()
     - gre: Don't accidentally set RTO_ONLINK in gre_fill_metadata_dst()
     - libcxgb: Don't accidentally set RTO_ONLINK in cxgb_find_route()
     - perf script: Fix hex dump character output
     - perf probe: Fix ppc64 'perf probe add events failed' case
     - devlink: Remove misleading internal_flags from health reporter dump
     - net: bonding: fix bond_xmit_broadcast return value error bug
     - net_sched: restore "mpu xxx" handling
     - [arm64] bcmgenet: add WOL IRQ check
     - net: sfp: fix high power modules without diagnostic monitoring
     - [arm64] net: mscc: ocelot: fix using match before it is set
     - dt-bindings: display: meson-dw-hdmi: add missing sound-name-prefix
       property
     - dt-bindings: display: meson-vpu: Add missing amlogic,canvas property
     - dt-bindings: watchdog: Require samsung,syscon-phandle for Exynos7
     - mm/hmm.c: allow VM_MIXEDMAP to work with hmm_range_fault
     - mtd: nand: bbt: Fix corner case in bad block table handling
     - ath10k: Fix the MTU size on QCA9377 SDIO
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.95
     - bnx2x: Utilize firmware 7.13.21.0
     - bnx2x: Invalidate fastpath HSI version for VFs
     - rcu: Tighten rcu_advance_cbs_nowake() checks
     - [x86] KVM: x86/mmu: Fix write-protection of PTs mapped by the TDP MMU
     - select: Fix indefinitely sleeping task in poll_schedule_timeout()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.96
     - Bluetooth: refactor malicious adv data check
     - [arm64] media: venus: core: Drop second v4l2 device unregister
     - net: sfp: ignore disabled SFP node
     - net: stmmac: skip only stmmac_ptp_register when resume from suspend
     - [s390x] module: fix loading modules with a lot of relocations
     - [s390x] hypfs: include z/VM guests with access control group set
     - bpf: Guard against accessing NULL pt_regs in bpf_get_task_stack()
     - [s390x] scsi: zfcp: Fix failed recovery on gone remote port with non-NPIV
       FCP devices
     - udf: Restore i_lenAlloc when inode expansion fails (CVE-2022-0617)
     - udf: Fix NULL ptr deref when converting from inline format (CVE-2022-0617)
     - efi: runtime: avoid EFIv2 runtime services on Apple x86 machines
     - tracing: Don't inc err_log entry count if entry allocation fails
     - ceph: properly put ceph_string reference after async create attempt
     - ceph: set pool_ns in new inode layout for async creates
     - fsnotify: fix fsnotify hooks in pseudo filesystems
     - Revert "KVM: SVM: avoid infinite loop on NPF from bad address"
     - [x86] perf/x86/intel/uncore: Fix CAS_COUNT_WRITE issue for ICX
     - [armhf] drm/etnaviv: relax submit size limits
     - [x86] KVM: x86: Update vCPU's runtime CPUID on write to MSR_IA32_XSS
     - [arm64] errata: Fix exec handling in erratum 1418040 workaround
     - netfilter: nft_payload: do not update layer 4 checksum when mangling
       fragments
     - serial: 8250: of: Fix mapped region size when using reg-offset property
     - [armhf] serial: stm32: fix software flow control transfer
     - tty: n_gsm: fix SW flow control encoding/handling
     - tty: Add support for Brainboxes UC cards.
     - usb-storage: Add unusual-devs entry for VL817 USB-SATA bridge
     - [arm64,armhf] usb: xhci-plat: fix crash when suspend if remote wake enable
     - [arm64,armhf] usb: common: ulpi: Fix crash in ulpi_match()
     - usb: gadget: f_sourcesink: Fix isoc transfer for USB_SPEED_SUPER_PLUS
     - USB: core: Fix hang in usb_kill_urb by adding memory barriers
     - usb: typec: tcpm: Do not disconnect while receiving VBUS off
     - jbd2: export jbd2_journal_[grab|put]_journal_head
     - ocfs2: fix a deadlock when commit trans
     - sched/membarrier: Fix membarrier-rseq fence command missing from query
       bitmask
     - [x86] MCE/AMD: Allow thresholding interface updates after init
     - i40e: Increase delay to 1 s after global EMP reset
     - i40e: Fix issue when maximum queues is exceeded
     - i40e: Fix queues reservation for XDP
     - i40e: Fix for failed to init adminq while VF reset
     - i40e: fix unsigned stat widths
     - scsi: bnx2fc: Flush destroy_work queue before calling
       bnx2fc_interface_put()
     - ipv6_tunnel: Rate limit warning messages
     - net: fix information leakage in /proc/net/ptype
     - hwmon: (lm90) Mark alert as broken for MAX6646/6647/6649
     - hwmon: (lm90) Mark alert as broken for MAX6680
     - ping: fix the sk_bound_dev_if match in ping_lookup
     - ipv4: avoid using shared IP generator for connected sockets
     - hwmon: (lm90) Reduce maximum conversion rate for G781
     - NFSv4: nfs_atomic_open() can race when looking up a non-regular file
     - net-procfs: show net devices bound packet types
     - [arm64] drm/msm: Fix wrong size calculation
     - [arm64] drm/msm/dsi: Fix missing put_device() call in dsi_get_phy
     - [arm64] drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable
     - ipv6: annotate accesses to fn->fn_sernum
     - NFS: Ensure the server has an up to date ctime before hardlinking
     - NFS: Ensure the server has an up to date ctime before renaming
     - [powerpc*] powerpc64/bpf: Limit 'ldbrx' to processors compliant with ISA
       v2.06
     - netfilter: conntrack: don't increment invalid counter on NF_REPEAT
     - kernel: delete repeated words in comments
     - perf: Fix perf_event_read_local() time
     - sched/pelt: Relax the sync of util_sum with util_avg
     - net: phy: broadcom: hook up soft_reset for BCM54616S
     - phylib: fix potential use-after-free
     - rxrpc: Adjust retransmission backoff
     - [arm64] efi/libstub: arm64: Fix image check alignment at entry
     - hwmon: (lm90) Mark alert as broken for MAX6654
     - [powerpc*] perf: Fix power_pmu_disable to call clear_pmi_irq_pending only
       if PMI is pending
     - net: ipv4: Move ip_options_fragment() out of loop
     - net: ipv4: Fix the warning for dereference
     - ipv4: fix ip option filtering for locally generated fragments
     - [x86] video: hyperv_fb: Fix validation of screen resolution
     - [arm64] drm/msm/hdmi: Fix missing put_device() call in msm_hdmi_get_phy
     - [arm64] drm/msm/dpu: invalid parameter check in dpu_setup_dspp_pcc
     - [armhf] net: cpsw: Properly initialise struct page_pool_params
     - [arm64] net: hns3: handle empty unknown interrupt for VF
     - Revert "ipv6: Honor all IPv6 PIO Valid Lifetime values"
     - net: bridge: vlan: fix single net device option dumping
     - ipv4: raw: lock the socket in raw_bind()
     - ipv4: tcp: send zero IPID in SYNACK messages
     - ipv4: remove sparse error in ip_neigh_gw4()
     - net: bridge: vlan: fix memory leak in __allowed_ingress
     - dt-bindings: can: tcan4x5x: fix mram-cfg RX FIFO config
     - fsnotify: invalidate dcache before IN_DELETE event
     - block: Fix wrong offset in bio_truncate()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.97
     - PCI: pciehp: Fix infinite loop in IRQ handler upon power fault
     - [x86] KVM: x86: Forcibly leave nested virt when SMM state is toggled
     - psi: Fix uaf issue when psi trigger is destroyed while being polled
     - [x86] mce: Add Xeon Sapphire Rapids to list of CPUs that support PPIN
     - [x86] cpu: Add Xeon Icelake-D to list of CPUs that support PPIN
     - [arm*] drm/vc4: hdmi: Make sure the device is powered with CEC
     - cgroup-v1: Require capabilities to set release_agent (CVE-2022-0492)
     - net/mlx5e: Fix handling of wrong devices during bond netevent
     - net/mlx5: Use del_timer_sync in fw reset flow of halting poll
     - net/mlx5: E-Switch, Fix uninitialized variable modact
     - ipheth: fix EOVERFLOW in ipheth_rcvbulk_callback
     - [amd64,arm64] net: amd-xgbe: ensure to reset the tx_timer_active flag
     - [amd64,arm64] net: amd-xgbe: Fix skb data length underflow
     - fanotify: Fix stale file descriptor in copy_event_to_user()
     - net: sched: fix use-after-free in tc_new_tfilter()
     - rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink()
     - cpuset: Fix the bug that subpart_cpus updated wrongly in update_cpumask()
     - af_packet: fix data-race in packet_setsockopt / packet_setsockopt
     - tcp: add missing tcp_skb_can_collapse() test in tcp_shift_skb_data()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.98
     - [arm*] Revert "drm/vc4: hdmi: Make sure the device is powered with CEC"
     - [arm*] Revert "drm/vc4: hdmi: Make sure the device is powered with CEC"
       again
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.99
     - selinux: fix double free of cond_list on error paths
     - audit: improve audit queue handling when "audit=1" on cmdline
     - ASoC: ops: Reject out of bounds values in snd_soc_put_volsw()
     - ASoC: ops: Reject out of bounds values in snd_soc_put_volsw_sx()
     - ASoC: ops: Reject out of bounds values in snd_soc_put_xr_sx()
     - ALSA: usb-audio: Correct quirk for VF0770
     - ALSA: hda: Fix UAF of leds class devs at unbinding
     - ALSA: hda: realtek: Fix race at concurrent COEF updates
     - ALSA: hda/realtek: Add quirk for ASUS GU603
     - ALSA: hda/realtek: Add missing fixup-model entry for Gigabyte X570 ALC1220
       quirks
     - ALSA: hda/realtek: Fix silent output on Gigabyte X570S Aorus Master (newer
       chipset)
     - ALSA: hda/realtek: Fix silent output on Gigabyte X570 Aorus Xtreme after
       reboot from Windows
     - btrfs: fix deadlock between quota disable and qgroup rescan worker
     - drm/nouveau: fix off by one in BIOS boundary checking
     - mm/pgtable: define pte_index so that preprocessor could recognize it
     - block: bio-integrity: Advance seed correctly for larger interval sizes
     - dma-buf: heaps: Fix potential spectre v1 gadget
     - [amd64] IB/hfi1: Fix AIP early init panic
     - memcg: charge fs_context and legacy_fs_context
     - RDMA/cma: Use correct address when leaving multicast group
     - RDMA/ucma: Protect mc during concurrent multicast leaves
     - [amd64] IB/rdmavt: Validate remote_addr during loopback atomic tests
     - RDMA/mlx4: Don't continue event handler after memory allocation failure
     - [amd64] iommu/vt-d: Fix potential memory leak in
       intel_setup_irq_remapping()
     - [amd64] iommu/amd: Fix loop timeout issue in iommu_ga_log_enable()
     - [arm64,armhf] spi: meson-spicc: add IRQ check in meson_spicc_probe
     - net: ieee802154: hwsim: Ensure proper channel selection at probe time
     - net: ieee802154: Return meaningful error codes from the netlink helpers
     - net: macsec: Fix offload support for NETDEV_UNREGISTER event
     - net: macsec: Verify that send_sci is on when setting Tx sci explicitly
     - net: stmmac: dump gmac4 DMA registers correctly
     - net: stmmac: ensure PTP time register reads are consistent
     - [x86] drm/i915/overlay: Prevent divide by zero bugs in scaling
     - [x86] pinctrl: intel: Fix a glitch when updating IRQ flags on a
       preconfigured line
     - [x86] pinctrl: intel: fix unexpected interrupt
     - [arm*] pinctrl: bcm2835: Fix a few error paths
     - scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe
     - nfsd: nfsd4_setclientid_confirm mistakenly expires confirmed client.
     - [amd64,arm64] gve: fix the wrong AdminQ buffer queue index check
     - bpf: Use VM_MAP instead of VM_ALLOC for ringbuf
     - rtc: cmos: Evaluate century appropriate
     - Revert "fbcon: Disable accelerated scrolling"
     - fbcon: Add option to enable legacy hardware acceleration
     - perf stat: Fix display of grouped aliased events
     - [x86] perf/x86/intel/pt: Fix crash with stop filters in single-range mode
     - [x86] perf: Default set FREEZE_ON_SMI for all
     - [arm64] EDAC/xgene: Fix deferred probing
     - ext4: prevent used blocks from being allocated during fast commit replay
     - ext4: modify the logic of ext4_mb_new_blocks_simple
     - ext4: fix error handling in ext4_restore_inline_data()
     - ext4: fix error handling in ext4_fc_record_modified_inode()
     - ext4: fix incorrect type issue during replay_del_range
     - cgroup/cpuset: Fix "suspicious RCU usage" lockdep warning
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.100
     - moxart: fix potential use-after-free on remove path (CVE-2022-0487)
     - crypto: api - Move cryptomgr soft dependency into algapi
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.101
     - integrity: check the return value of audit_log_start()
     - [arm64] mmc: sdhci-of-esdhc: Check for error num after setting mask
     - can: isotp: fix potential CAN frame reception race in isotp_rcv()
     - net: phy: marvell: Fix RGMII Tx/Rx delays setting in 88e1121-compatible
       PHYs
     - net: phy: marvell: Fix MDI-x polarity setting in 88e1118-compatible PHYs
     - NFS: Fix initialisation of nfs_client cl_flags field
     - NFSD: Clamp WRITE offsets
     - NFSD: Fix offset type in I/O trace points
     - drm/amdgpu: Set a suitable dev_info.gart_page_size (Closes: #990279)
     - NFS: change nfs_access_get_cached to only report the mask
     - NFSv4 only print the label when its queried
     - nfs: nfs4clinet: check the return value of kstrdup()
     - NFSv4.1: Fix uninitialised variable in devicenotify
     - NFSv4 remove zero number of fs_locations entries error check
     - NFSv4 expose nfs_parse_server_name function
     - NFSv4 handle port presence in fs_location server string
     - [x86] perf: Avoid warning for Arch LBR without XSAVE
     - drm: panel-orientation-quirks: Add quirk for the 1Netbook OneXPlayer
     - net: sched: Clarify error message when qdisc kind is unknown
     - [powerpc*] fixmap: Fix VM debug warning on unmap
     - scsi: target: iscsi: Make sure the np under each tpg is unique
     - scsi: qedf: Add stag_work to all the vports
     - scsi: qedf: Fix refcount issue when LOGO is received during TMF
     - scsi: pm8001: Fix bogus FW crash for maxcpus=1
     - scsi: ufs: Treat link loss as fatal error
     - scsi: myrs: Fix crash in error case
     - PM: hibernate: Remove register_nosave_region_late()
     - [arm*] usb: dwc2: gadget: don't try to disable ep0 in dwc2_hsotg_suspend
     - perf: Always wake the parent event
     - nvme-pci: add the IGNORE_DEV_SUBNQN quirk for Intel P4500/P4600 SSDs
     - [arm64,armhf] net: stmmac: dwmac-sun8i: use return val of
       readl_poll_timeout()
     - KVM: eventfd: Fix false positive RCU usage warning
     - [x86] KVM: nVMX: eVMCS: Filter out VM_EXIT_SAVE_VMX_PREEMPTION_TIMER
     - [x86] KVM: nVMX: Also filter MSR_IA32_VMX_TRUE_PINBASED_CTLS when eVMCS
     - [x86] KVM: SVM: Don't kill SEV guest if SMAP erratum triggers in usermode
     - [x86] KVM: VMX: Set vmcs.PENDING_DBG.BS on #DB in STI/MOVSS blocking
       shadow
     - nvme-tcp: fix bogus request completion when failing to send AER
     - [arm64] ACPI/IORT: Check node revision for PMCG resources
     - PM: s2idle: ACPI: Fix wakeup interrupts handling
     - [arm64,armhf] drm/rockchip: vop: Correct RK3399 VOP register fields
     - [armhf] ARM: dts: Fix timer regression for beagleboard revision c
     - usb: f_fs: Fix use-after-free for epfile
     - [arm*] drm/vc4: hdmi: Allow DBLCLK modes even if horz timing is odd.
     - netfilter: ctnetlink: disable helper autoassign
     - ixgbevf: Require large buffers for build_skb on 82599VF
     - [arm64,armhf] drm/panel: simple: Assign data from panel_dpi_probe()
       correctly
     - ACPI: PM: s2idle: Cancel wakeup before dispatching EC GPE
     - bonding: pair enable_port with slave_arr_updates
     - [arm64,armhf] net: dsa: mv88e6xxx: don't use devres for mdiobus
     - [armhf] net: dsa: bcm_sf2: don't use devres for mdiobus
     - [arm64] net: dsa: felix: don't use devres for mdiobus
     - ipmr,ip6mr: acquire RTNL before calling ip[6]mr_free_table() on failure
       path
     - nfp: flower: fix ida_idx not being released
     - net: do not keep the dst cache when uncloning an skb dst and its metadata
     - net: fix a memleak when uncloning an skb dst and its metadata
     - veth: fix races around rq->rx_notify_masked
     - [armhf] net: mdio: aspeed: Add missing MODULE_DEVICE_TABLE
     - tipc: rate limit warning for received illegal binding update
     - [amd64,arm64] net: amd-xgbe: disable interrupts during pci removal
     - [arm64] dpaa2-eth: unregister the netdev before disconnecting from the PHY
     - ice: fix an error code in ice_cfg_phy_fec()
     - ice: fix IPIP and SIT TSO offload
     - [arm64] net: mscc: ocelot: fix mutex lock error during ethtool stats read
     - [arm64,armhf] net: dsa: mv88e6xxx: fix use-after-free in
       mv88e6xxx_mdios_unregister
     - vt_ioctl: fix array_index_nospec in vt_setactivate
     - vt_ioctl: add array_index_nospec to VT_ACTIVATE
     - n_tty: wake up poll(POLLRDNORM) on receiving data
     - eeprom: ee1004: limit i2c reads to I2C_SMBUS_BLOCK_MAX
     - [arm*] usb: dwc2: drd: fix soft connect when gadget is unconfigured
     - [arm*] Revert "usb: dwc2: drd: fix soft connect when gadget is
       unconfigured"
     - net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
     - [arm64,armhf] usb: ulpi: Move of_node_put to ulpi_dev_release
     - [arm64,armhf] usb: ulpi: Call of_node_put correctly
     - [arm64,armhf] usb: dwc3: gadget: Prevent core from processing stale TRBs
     - usb: gadget: f_uac2: Define specific wTerminalType
     - USB: serial: ftdi_sio: add support for Brainboxes US-159/235/320
     - USB: serial: option: add ZTE MF286D modem
     - USB: serial: ch341: add support for GW Instek USB2.0-Serial devices
     - USB: serial: cp210x: add NCR Retail IO box id
     - USB: serial: cp210x: add CPI Bulk Coin Recycler id
     - speakup-dectlk: Restore pitch setting
     - [x86] hwmon: (dell-smm) Speed up setting of fan speed
     - can: isotp: fix error path in isotp_sendmsg() to unlock wait queue
     - scsi: lpfc: Remove NVMe support if kernel has NVME_FC disabled
     - scsi: lpfc: Reduce log messages seen after firmware download
     - perf: Fix list corruption in perf_cgroup_switch()
     - iommu: Fix potential use-after-free during probe
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.102
     - drm/nouveau/pmu/gm200-: use alternate falcon reset sequence
     - mm: memcg: synchronize objcg lists with a dedicated spinlock
     - rcu: Do not report strict GPs for outgoing CPUs
     - fget: clarify and improve __fget_files() implementation
     - fs/proc: task_mmu.c: don't read mapcount for migration entry
     - can: isotp: prevent race between isotp_bind() and isotp_setsockopt()
     - can: isotp: add SF_BROADCAST support for functional addressing
     - scsi: lpfc: Fix mailbox command failure during driver initialization
     - HID:Add support for UGTABLET WP5540
     - [x86] Revert "svm: Add warning message for AVIC IPI invalid target"
     - mmc: block: fix read single on recovery logic
     - mm: don't try to NUMA-migrate COW pages that have other uses
     - [amd64] PCI: hv: Fix NUMA node assignment when kernel boots with custom
       NUMA topology
     - btrfs: send: in case of IO error log it
     - net: ieee802154: at86rf230: Stop leaking skb's
     - ax25: improve the incomplete fix to avoid UAF and NPD bugs
     - vfs: make freeze_super abort when sync_filesystem returns error
     - quota: make dquot_quota_sync return errors from ->sync_fs
     - scsi: pm8001: Fix use-after-free for aborted TMF sas_task
     - scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task
     - nvme: fix a possible use-after-free in controller reset during load
     - nvme-tcp: fix possible use-after-free in transport error_recovery work
     - nvme-rdma: fix possible use-after-free in transport error_recovery work
     - drm/amdgpu: fix logic inversion in check
     - [amd64] x86/Xen: streamline (and fix) PV CPU enumeration
     - Revert "module, async: async_synchronize_full() on module init iff async
       is used"
     - random: wake up /dev/random writers after zap
     - iwlwifi: fix use-after-free
     - drm/radeon: Fix backlight control on iMac 12,1
     - [x86] drm/i915/opregion: check port number bounds for SWSCI display power
       state
     - vsock: remove vsock from connected table when connect is interrupted by a
       signal
     - [x86] drm/i915/gvt: Make DRM_I915_GVT depend on X86
     - iwlwifi: pcie: fix locking when "HW not ready"
     - iwlwifi: pcie: gen2: fix locking when "HW not ready"
     - netfilter: nft_synproxy: unregister hooks on init error path
     - ipv6: per-netns exclusive flowlabel checks
     - net: dsa: lantiq_gswip: fix use after free in gswip_remove()
     - ping: fix the dif and sdif check in ping_lookup
     - bonding: force carrier update when releasing slave
     - drop_monitor: fix data-race in dropmon_net_event / trace_napi_poll_hit
     - net_sched: add __rcu annotation to netdev->qdisc
     - bonding: fix data-races around agg_select_timer
     - libsubcmd: Fix use-after-free for realloc(..., 0)
     - [arm64] dpaa2-eth: Initialize mutex used in one step timestamping path
     - ALSA: hda/realtek: Add quirk for Legion Y9000X 2019
     - ALSA: hda/realtek: Fix deadlock by COEF mutex
     - ALSA: hda: Fix regression on forced probe mask option
     - ALSA: hda: Fix missing codec probe on Shenker Dock 15
     - ASoC: ops: Fix stereo change notifications in snd_soc_put_volsw()
     - ASoC: ops: Fix stereo change notifications in snd_soc_put_volsw_range()
     - [powerpc*[ lib/sstep: fix 'ptesync' build error
     - [armhf] mtd: rawnand: gpmi: don't leak PM reference in error path
     - [x86] KVM: SVM: Never reject emulation due to SMAP errata for !SEV guests
       (CVE-2020-36310)
     - block/wbt: fix negative inflight counter when remove scsi device
     - NFS: LOOKUP_DIRECTORY is also ok with symlinks
     - NFS: Do not report writeback errors in nfs_getattr()
     - tty: n_tty: do not look ahead for EOL character past the end of the buffer
     - [x86] Drivers: hv: vmbus: Fix memory leak in vmbus_add_channel_kobj
     - [x86] KVM: x86/pmu: Refactoring find_arch_event() to pmc_perf_hw_id()
     - [x86] KVM: x86/pmu: Don't truncate the PerfEvtSeln MSR when creating a
       perf event
     - [x86] KVM: x86/pmu: Use AMD64_RAW_EVENT_MASK for PERF_TYPE_RAW
     - NFS: Don't set NFS_INO_INVALID_XATTR if there is no xattr cache
     - [armhf] OMAP2+: hwmod: Add of_node_put() before break
     - [armhf] OMAP2+: adjust the location of put_device() call in
       omapdss_init_of
     - netfilter: conntrack: don't refresh sctp entries in closed state
     - kconfig: let 'shell' return enough output for deep path names
     - ata: libata-core: Disable TRIM on M88V29
     - [armhf] soc: aspeed: lpc-ctrl: Block error printing on probe defer cases
     - xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create
     - [arm64,armhf] drm/rockchip: dw_hdmi: Do not leave clock enabled in error
       case
     - tracing: Fix tp_printk option related with tp_printk_stop_on_boot
     - net: usb: qmi_wwan: Add support for Dell DW5829e
     - [arm64] net: macb: Align the dma and coherent dma masks
     - kconfig: fix failing to generate auto.conf
     - scsi: lpfc: Fix pt2pt NVMe PRLI reject LOGO loop
     - EDAC: Fix calculation of returned address and next offset in
       edac_align_ptr()
     - net: sched: limit TC_ACT_REPEAT loops
     - [armhf] dmaengine: stm32-dmamux: Fix PM disable depth imbalance in
       stm32_dmamux_probe
     - copy_process(): Move fd_install() out of sighand->siglock critical section
     - [arm*] i2c: brcmstb: fix support for DSL and CM variants
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.103
     - cgroup/cpuset: Fix a race between cpuset_attach() and cpu hotplug
     - btrfs: tree-checker: check item_size for inode_item
     - btrfs: tree-checker: check item_size for dev_item
     - vhost/vsock: don't check owner in vhost_vsock_stop() while releasing
     - [x86] KVM: x86/mmu: make apf token non-zero to fix bug
     - drm/amdgpu: disable MMHUB PG for Picasso
     - [x86] drm/i915: Correctly populate use_sagv_wm for all pipes
     - sr9700: sanity check for packet length
     - USB: zaurus: support another broken Zaurus
     - CDC-NCM: avoid overflow in sanity checking
     - netfilter: nf_tables_offload: incorrect flow offload action array size
       (CVE-2022-25636)
     - [x86] fpu: Correct pkru/xstate inconsistency
     - [arm64] tee: export teedev_open() and teedev_close_context()
     - [arm64] optee: use driver internal tee_context for some rpc
     - ping: remove pr_err from ping_lookup
     - perf data: Fix double free in perf_session__delete()
     - bnx2x: fix driver load from initrd
     - bnxt_en: Fix active FEC reporting to ethtool
     - hwmon: Handle failure to register sensor with thermal zone correctly
     - bpf: Do not try bpf_msg_push_data with len 0
     - bpf: Add schedule points in batch ops
     - io_uring: add a schedule point in io_add_buffers()
     - net: __pskb_pull_tail() & pskb_carve_frag_list() drop_monitor friends
     - tipc: Fix end of loop tests for list_for_each_entry()
     - gso: do not skip outer ip header in case of ipip and net_failover
     - openvswitch: Fix setting ipv6 fields causing hw csum failure
     - drm/edid: Always set RGB444
     - net/mlx5e: Fix wrong return value on ioctl EEPROM query failure
     - net/sched: act_ct: Fix flow table lookup after ct clear or switching zones
     - net: Force inlining of checksum functions in net/checksum.h
     - nfp: flower: Fix a potential leak in nfp_tunnel_add_shared_mac()
     - netfilter: nf_tables: fix memory leak during stateful obj update
     - net/smc: Use a mutex for locking "struct smc_pnettable"
     - udp_tunnel: Fix end of loop test in udp_tunnel_nic_unregister()
     - net/mlx5: Fix possible deadlock on rule deletion
     - net/mlx5: Fix wrong limitation of metadata match on ecpf
     - net/mlx5e: kTLS, Use CHECKSUM_UNNECESSARY for device-offloaded packets
     - regmap-irq: Update interrupt clear register for proper reset
     - configfs: fix a race in configfs_{,un}register_subsystem()
     - RDMA/ib_srp: Fix a deadlock
     - tracing: Have traceon and traceoff trigger honor the instance
     - iio: adc: ad7124: fix mask used for setting AIN_BUFP & AIN_BUFM bits
     - iio: imu: st_lsm6dsx: wait for settling time in st_lsm6dsx_read_oneshot
     - iio: Fix error handling for PM
     - ata: pata_hpt37x: disable primary channel on HPT371
     - Revert "USB: serial: ch341: add new Product ID for CH341A"
     - usb: gadget: rndis: add spinlock for rndis response list
     - tracefs: Set the group ownership in apply_options() not parse_options()
     - USB: serial: option: add support for DW5829e
     - USB: serial: option: add Telit LE910R1 compositions
     - [arm*] usb: dwc2: drd: fix soft connect when gadget is unconfigured
     - [arm64] usb: dwc3: pci: Fix Bay Trail phy GPIO mappings
     - [arm64,armhf] usb: dwc3: gadget: Let the interrupt handler disable bottom
       halves.
     - xhci: re-initialize the HC during resume if HCE was set
     - xhci: Prevent futile URB re-submissions due to incorrect return value.
     - driver core: Free DMA range map when device is released
     - RDMA/cma: Do not change route.addr.src_addr outside state checks
     - [x86] thermal: int340x: fix memory leak in int3400_notify()
     - tty: n_gsm: fix encoding of control signal octet bit DV
     - tty: n_gsm: fix proper link termination after failed open
     - tty: n_gsm: fix NULL pointer access due to DLCI release
     - tty: n_gsm: fix wrong tty control line for flow control
     - tty: n_gsm: fix deadlock in gsmtty_open()
     - memblock: use kfree() to release kmalloced memblock regions
 .
   [ Salvatore Bonaccorso ]
   * Refresh "Makefile: Do not check for libelf when building OOT module"
   * Bump ABI to 12
   * Refresh "firmware: Remove redundant log messages from drivers"
   * [rt] Refresh "locking/rtmutex: add sleeping lock implementation"
   * [rt] Refresh "cpuset: Convert callback_lock to raw_spinlock_t"
   * [rt] Update to 5.10.100-rt62
   * Mitigate Spectre v2-type Branch History Buffer attacks (CVE-2022-0001,
     CVE-2022-0002)
     - [x86] bugs: Unconditionally allow spectre_v2=retpoline,amd
     - [x86] speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE
     - [x86] speculation: Add eIBRS + Retpoline options
     - Documentation/hw-vuln: Update spectre doc
     - [x86] speculation: Include unprivileged eBPF status in Spectre v2
       mitigation reporting
     - [x86] speculation: Use generic retpoline by default on AMD
     - [x86] speculation: Update link to AMD speculation whitepaper
     - [x86] speculation: Warn about Spectre v2 LFENCE mitigation
     - [x86] speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT
linux-signed-amd64 (5.10.103+1~bpo10+1) buster-backports; urgency=high
 .
   * Sign kernel from linux 5.10.103-1~bpo10+1
 .
   * Rebuild for buster-backports:
     - Change ABI number to 0.bpo.12
linux-signed-amd64 (5.10.92+2) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.92-2
 .
   * lib/iov_iter: initialize "flags" in new pipe_buffer
   * [x86] mwifiex: Fix skb_over_panic in mwifiex_usb_recv() (CVE-2021-43976)
   * [x86] drm/i915: Flush TLBs before releasing backing store (CVE-2022-0330)
   * [x86] drm/vmwgfx: Fix stale file descriptors on failed usercopy
     (CVE-2022-22942)
   * NFSv4: Handle case where the lookup of a directory fails (CVE-2022-24448)
   * yam: fix a memory leak in yam_siocdevprivate() (CVE-2022-24959)
   * tipc: improve size validations for received domain records (CVE-2022-0435)
   * [s390x] KVM: s390: Return error on SIDA memop on normal guest
     (CVE-2022-0516)
   * USB: gadget: validate interface OS descriptor requests (CVE-2022-25258)
   * usb: gadget: rndis: check size of RNDIS_MSG_SET command (CVE-2022-25375)
linux-signed-amd64 (5.10.92+1) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.92-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.85
     - usb: gadget: uvc: fix multiple opens
     - gcc-plugins: simplify GCC plugin-dev capability test
     - gcc-plugins: fix gcc 11 indigestion with plugins...
     - HID: quirks: Add quirk for the Microsoft Surface 3 type-cover
     - HID: add hid_is_usb() function to make it simpler for USB detection
     - HID: bigbenff: prevent null pointer dereference
     - HID: wacom: fix problems when device is not a valid USB device
     - HID: check for valid USB device for many HID drivers
     - [amd64] nft_set_pipapo: Fix bucket load in AVX2 lookup routine for six
       8-bit groups
     - [amd64] IB/hfi1: Insure use of smp_processor_id() is preempt disabled
     - [amd64] IB/hfi1: Fix early init panic
     - [amd64] IB/hfi1: Fix leak of rcvhdrtail_dummy_kvaddr
     - can: kvaser_usb: get CAN clock frequency from device
     - [x86] can: sja1000: fix use after free in ems_pcmcia_add_card()
     - drm/amdgpu: move iommu_resume before ip init/resume
     - drm/amdgpu: init iommu after amdkfd device init
     - nfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done
     - vrf: don't run conntrack on vrf with !dflt qdisc
     - bpf, x86: Fix "no previous prototype" warning
     - bpf: Fix the off-by-two error in range markings
     - ice: ignore dropped packets during init
     - bonding: make tx_rebalance_counter an atomic
     - nfp: Fix memory leak in nfp_cpp_area_cache_add()
     - seg6: fix the iif in the IPv6 socket control block
     - udp: using datalen to cap max gso segments
     - netfilter: conntrack: annotate data-races around ct->timeout
     - iavf: restore MSI state on reset
     - iavf: Fix reporting when setting descriptor count
     - [amd64] IB/hfi1: Correct guard on eager buffer deallocation
     - devlink: fix netns refcount leak in devlink_nl_cmd_reload()
     - net/sched: fq_pie: prevent dismantle issue
     - [x86] KVM: x86: Wait for IPIs to be delivered when handling Hyper-V TLB
       flush hypercall
     - mm: bdi: initialize bdi_min_ratio when bdi is unregistered
     - ALSA: hda/realtek - Add headset Mic support for Lenovo ALC897 platform
     - ALSA: hda/realtek: Fix quirk for TongFang PHxTxX1
     - ALSA: pcm: oss: Fix negative period/buffer sizes
     - ALSA: pcm: oss: Limit the period size to 16MB
     - ALSA: pcm: oss: Handle missing errors in snd_pcm_oss_change_params*()
     - scsi: qla2xxx: Format log strings only if needed
     - btrfs: clear extent buffer uptodate when we fail to write it
     - btrfs: replace the BUG_ON in btrfs_del_root_ref with proper error handling
     - md: fix update super 1.0 on rdev size change
     - nfsd: fix use-after-free due to delegation race (Closes: #988044)
     - nfsd: Fix nsfd startup race (again)
     - tracefs: Have new files inherit the ownership of their parent
     - [arm64] clk: qcom: regmap-mux: fix parent clock lookup
     - drm/syncobj: Deal with signalled fences in drm_syncobj_find_fence.
     - [i386] can: pch_can: pch_can_rx_normal: fix use after free
     - libata: add horkage for ASMedia 1092
     - wait: add wake_up_pollfree()
     - binder: use wake_up_pollfree()
     - signalfd: use wake_up_pollfree()
     - aio: keep poll requests on waitqueue until completed
     - aio: fix use-after-free due to missing POLLFREE handling
     - [arm64,armhf] net: mvpp2: fix XDP rx queues registering
     - tracefs: Set all files to the same group ownership as the mount option
     - block: fix ioprio_get(IOPRIO_WHO_PGRP) vs setuid(2)
     - scsi: pm80xx: Do not call scsi_remove_host() in pm8001_alloc()
     - scsi: scsi_debug: Fix buffer size of REPORT ZONES command
     - qede: validate non LSO skb length
     - PM: runtime: Fix pm_runtime_active() kerneldoc comment
     - ASoC: rt5682: Fix crash due to out of scope stack vars
     - [arm64] RDMA/hns: Do not halt commands during reset until later
     - [arm64] RDMA/hns: Do not destroy QP resources in the hw resetting phase
     - i40e: Fix failed opcode appearing if handling messages from VF
     - i40e: Fix pre-set max number of queues for VF
     - i40e: Fix NULL pointer dereference in i40e_dbg_dump_desc
     - [arm64] Revert "PCI: aardvark: Fix support for PCI_ROM_ADDRESS1 on
       emulated bridge"
     - Documentation/locking/locktypes: Update migrate_disable() bits.
     - dt-bindings: net: Reintroduce PHY no lane swap binding
     - net: cdc_ncm: Allow for dwNtbOutMaxSize to be unset or zero
     - [arm64,armhf] net: fec: only clear interrupt of handling queue in
       fec_enet_rx_queue()
     - net, neigh: clear whole pneigh_entry at alloc time
     - net/qla3xxx: fix an error code in ql_adapter_up()
     - USB: gadget: detect too-big endpoint 0 requests (CVE-2021-39685)
     - USB: gadget: zero allocate endpoint 0 buffers (CVE-2021-39685)
     - usb: core: config: fix validation of wMaxPacketValue entries
     - xhci: Remove CONFIG_USB_DEFAULT_PERSIST to prevent xHCI from runtime
       suspending
     - usb: core: config: using bit mask instead of individual bits
     - xhci: avoid race between disable slot command and host runtime suspend
     - iio: gyro: adxrs290: fix data signedness
     - iio: trigger: Fix reference counting
     - iio: stk3310: Don't return error code in interrupt handler
     - iio: mma8452: Fix trigger reference couting
     - iio: ltr501: Don't return error code in trigger handler
     - iio: kxsd9: Don't return error code in trigger handler
     - iio: itg3200: Call iio_trigger_notify_done() on error
     - iio: adc: axp20x_adc: fix charging current reporting on AXP22x
     - iio: ad7768-1: Call iio_trigger_notify_done() on error
     - iio: accel: kxcjk-1013: Fix possible memory leak in probe and remove
     - [armhf] irqchip/aspeed-scu: Replace update_bits with write_bits.
     - [armhf] irqchip/armada-370-xp: Fix return value of
       armada_370_xp_msi_alloc()
     - [armhf] irqchip/armada-370-xp: Fix support for Multi-MSI interrupts
     - [arm64,armhf] irqchip/irq-gic-v3-its.c: Force synchronisation when issuing
       INVALL
     - kbuild: simplify GCC_PLUGINS enablement in dummy-tools/gcc
     - doc: gcc-plugins: update gcc-plugins.rst
     - MAINTAINERS: adjust GCC PLUGINS after gcc-plugin.sh removal
     - Documentation/Kbuild: Remove references to gcc-plugin.sh
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.86
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.87
     - nfc: fix segfault in nfc_genl_dump_devices_done
     - [arm64] drm/msm/dsi: set default num_data_lanes
     - [arm64] KVM: arm64: Save PSTATE early on exit
     - [arm64] Revert "tty: serial: fsl_lpuart: drop earlycon entry for i.MX8QXP"
     - net/mlx4_en: Update reported link modes for 1/10G
     - ALSA: hda: Add Intel DG2 PCI ID and HDMI codec vid
     - ALSA: hda/hdmi: fix HDA codec entry table order for ADL-P
     - [arm64,armhf] i2c: rk3x: Handle a spurious start completion interrupt flag
     - net: netlink: af_netlink: Prevent empty skb by adding a check on len.
     - [x86] KVM: x86: Ignore sparse banks size for an "all CPUs", non-sparse IPI
       req
     - bpf: Fix integer overflow in argument calculation for bpf_map_area_alloc
     - fuse: make sure reclaim doesn't write the inode
     - [x86] hwmon: (dell-smm) Fix warning on /proc/i8k creation error
     - ethtool: do not perform operations on net devices being unregistered
     - [armel,armhf] memblock: free_unused_memmap: use pageblock units instead of
       MAX_ORDER
     - [armel,armhf] memblock: align freed memory map on pageblock boundaries
       with SPARSEMEM
     - memblock: ensure there is no overflow in memblock_overlaps_region()
     - [armel,armhf] arm: extend pfn_valid to take into account freed memory map
       alignment
     - [armel,armhf] arm: ioremap: don't abuse pfn_valid() to check if pfn is in
       RAM
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.88
     - KVM: downgrade two BUG_ONs to WARN_ON_ONCE
     - mac80211: fix regression in SSN handling of addba tx
     - mac80211: mark TX-during-stop for TX in in_reconfig
     - mac80211: send ADDBA requests using the tid/queue of the aggregation
       session
     - mac80211: validate extended element ID is present
     - bpf: Fix signed bounds propagation after mov32
     - bpf: Make 32->64 bounds propagation slightly more robust
     - virtio_ring: Fix querying of maximum DMA mapping size for virtio device
     - dm btree remove: fix use after free in rebalance_children()
     - audit: improve robustness of the audit queue handling
     - [arm64] dts: imx8mp-evk: Improve the Ethernet PHY description
     - [arm64] dts: rockchip: fix rk3308-roc-cc vcc-sd supply
     - [arm64] dts: rockchip: fix rk3399-leez-p710 vcc3v3-lan supply
     - mac80211: track only QoS data frames for admission control
     - ceph: fix duplicate increment of opened_inodes metric
     - ceph: initialize pathlen variable in reconnect_caps_cb
     - [armhf] socfpga: dts: fix qspi node compatible
     - clk: Don't parent clks until the parent is fully registered
     - [armhf] soc: imx: Register SoC device only on i.MX boards
     - virtio/vsock: fix the transport to work with VMADDR_CID_ANY
     - [s390x] kexec_file: fix error handling when applying relocations
     - sch_cake: do not call cake_destroy() from cake_init()
     - inet_diag: fix kernel-infoleak for UDP sockets
     - [arm64] net: hns3: fix use-after-free bug in hclgevf_send_mbx_msg
     - net/sched: sch_ets: don't remove idle classes from the round-robin list
     - drm/ast: potential dereference of null pointer
     - mac80211: agg-tx: don't schedule_and_wake_txq() under sta->lock
     - mac80211: fix lookup when adding AddBA extension element
     - flow_offload: return EOPNOTSUPP for the unsupported mpls action type
     - rds: memory leak in __rds_conn_create() (CVE-2021-45480)
     - [arm64,armhf] soc/tegra: fuse: Fix bitwise vs. logical OR warning
     - igb: Fix removal of unicast MAC filters of VFs
     - igbvf: fix double free in `igbvf_probe`
     - igc: Fix typo in i225 LTR functions
     - ixgbe: Document how to enable NBASE-T support
     - ixgbe: set X550 MDIO speed before talking to PHY
     - netdevsim: Zero-initialize memory for new map's value in function
       nsim_bpf_map_alloc (CVE-2021-4135)
     - net/packet: rx_owner_map depends on pg_vec
     - sfc_ef100: potential dereference of null pointer
     - net: Fix double 0x prefix print in SKB dump
     - net/smc: Prevent smc_release() from long blocking
     - sit: do not call ipip6_dev_free() from sit_init_net()
     - USB: gadget: bRequestType is a bitfield, not a enum
     - Revert "usb: early: convert to readl_poll_timeout_atomic()"
     - [x86] KVM: x86: Drop guest CPUID check for host initiated writes to
       MSR_IA32_PERF_CAPABILITIES
     - [x86] tty: n_hdlc: make n_hdlc_tty_wakeup() asynchronous
     - USB: NO_LPM quirk Lenovo USB-C to Ethernet Adapher(RTL8153-04)
     - [arm*] usb: dwc2: fix STM ID/VBUS detection startup delay in
       dwc2_driver_probe
     - PCI/MSI: Clear PCI_MSIX_FLAGS_MASKALL on error
     - PCI/MSI: Mask MSI-X vectors only on success
     - usb: xhci: Extend support for runtime power management for AMD's Yellow
       carp.
     - USB: serial: cp210x: fix CP2105 GPIO registration
     - USB: serial: option: add Telit FN990 compositions
     - btrfs: fix memory leak in __add_inode_ref()
     - btrfs: fix double free of anon_dev after failure to create subvolume
     - zonefs: add MODULE_ALIAS_FS
     - iocost: Fix divide-by-zero on donation from low hweight cgroup
     - [x86] serial: 8250_fintek: Fix garbled text for console
     - timekeeping: Really make sure wall_to_monotonic isn't positive
     - libata: if T_LENGTH is zero, dma direction should be DMA_NONE
     - drm/amdgpu: correct register access for RLC_JUMP_TABLE_RESTORE
     - Input: touchscreen - avoid bitwise vs logical OR warning
     - xsk: Do not sleep in poll() when need_wakeup set
     - media: mxl111sf: change mutex_init() location
     - fuse: annotate lock in fuse_reverse_inval_entry()
     - ovl: fix warning in ovl_create_real()
     - scsi: scsi_debug: Don't call kcalloc() if size arg is zero
     - scsi: scsi_debug: Fix type in min_t to avoid stack OOB
     - scsi: scsi_debug: Sanity check block descriptor length in
       resp_mode_select()
     - rcu: Mark accesses to rcu_state.n_force_qs
     - [armhf] bus: ti-sysc: Fix variable set but not used warning for
       reinit_modules
     - Revert "xsk: Do not sleep in poll() when need_wakeup set"
     - xen/blkfront: harden blkfront against event channel storms
       (CVE-2021-28711)
     - xen/netfront: harden netfront against event channel storms
       (CVE-2021-28712)
     - xen/console: harden hvc_xen against event channel storms (CVE-2021-28713)
     - xen/netback: fix rx queue stall detection (CVE-2021-28714)
     - xen/netback: don't queue unlimited number of packages (CVE-2021-28715)
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.89
     - net: usb: lan78xx: add Allied Telesis AT29M2-AF
     - ext4: prevent partial update of the extent blocks
     - ext4: check for out-of-order index extents in ext4_valid_extent_entries()
     - ext4: check for inconsistent extents between index and leaf block
     - HID: holtek: fix mouse probing
     - [arm64] dts: allwinner: orangepi-zero-plus: fix PHY mode
     - [arm64] spi: change clk_disable_unprepare to clk_unprepare
     - [amd64] IB/qib: Fix memory leak in qib_user_sdma_queue_pkts()
     - [arm64] RDMA/hns: Replace kfree() with kvfree()
     - netfilter: fix regression in looped (broad|multi)cast's MAC handling
     - qlcnic: potential dereference null pointer of rx_queue->page_ring
     - net: accept UFOv6 packages in virtio_net_hdr_to_skb
     - net: skip virtio_net_hdr_set_proto if protocol already set
     - igb: fix deadlock caused by taking RTNL in RPM resume path
     - ipmi: Fix UAF when uninstall ipmi_si and ipmi_msghandler module
     - bonding: fix ad_actor_system option setting to default
     - [amd64] fjes: Check for error irq
     - [armhf] drivers: net: smc911x: Check for error irq
     - sfc: Check null pointer of rx_queue->page_ring
     - sfc: falcon: Check null pointer of rx_queue->page_ring
     - Input: elantech - fix stack out of bound access in
       elantech_change_report_id()
     - [arm*] pinctrl: bcm2835: Change init order for gpio hogs
     - hwmon: (lm90) Fix usage of CONFIG2 register in detect function
     - hwmon: (lm90) Add basic support for TI TMP461
     - hwmon: (lm90) Introduce flag indicating extended temperature support
     - hwmon: (lm90) Drop critical attribute support for MAX6654
     - ALSA: jack: Check the return value of kstrdup()
     - ALSA: drivers: opl3: Fix incorrect use of vp->state
     - ALSA: hda/realtek: Amp init fixup for HP ZBook 15 G6
     - ALSA: hda/realtek: Add new alc285-hp-amp-init model
     - ALSA: hda/realtek: Fix quirk for Clevo NJ51CU
     - Input: atmel_mxt_ts - fix double free in mxt_read_info_block
     - ipmi: bail out if init_srcu_struct fails
     - ipmi: ssif: initialize ssif_info->client early
     - ipmi: fix initialization when workqueue allocation fails
     - [arm64] tee: handle lookup of shm with reference count 0
     - [x86] pkey: Fix undefined behaviour with PKRU_WD_BIT
     - [x86] platform/x86: intel_pmc_core: fix memleak on registration failure
     - [x86] KVM: VMX: Wake vCPU when delivering posted IRQ even if vCPU == this
       vCPU
     - [armhf] pinctrl: stm32: consider the GPIO offset to expose all the GPIO
       lines
     - [arm64,armhf] mmc: sdhci-tegra: Fix switch to HS400ES mode
     - mmc: core: Disable card detect during shutdown
     - [arm64,armhf] mmc: mmci: stm32: clear DLYB_CR after sending tuning command
     - [armel,armhf] 9169/1: entry: fix Thumb2 bug in iWMMXt exception handling
     - mac80211: fix locking in ieee80211_start_ap error path
     - mm/hwpoison: clear MF_COUNT_INCREASED before retrying get_any_page()
     - [arm64] tee: optee: Fix incorrect page free bug
     - f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr()
       (CVE-2021-45469)
     - ceph: fix up non-directory creation in SGID directories
     - usb: gadget: u_ether: fix race in setting MAC address in setup phase
     - [x86] KVM: VMX: Fix stale docs for kvm-intel.emulate_invalid_guest_state
     - mm: mempolicy: fix THP allocations escaping mempolicy restrictions
     - [arm64] Input: elants_i2c - do not check Remark ID on eKTH3900/eKTH5312
     - Input: goodix - add id->model mapping for the "9111" model
     - ASoC: rt5682: fix the wrong jack type detected
     - hwmom: (lm90) Fix citical alarm status for MAX6680/MAX6681
     - hwmon: (lm90) Do not report 'busy' status bit as alarm
     - ax25: NPD bug when detaching AX25 device
     - hamradio: defer ax25 kfree after unregister_netdev
     - hamradio: improve the incomplete fix to avoid NPD
     - phonet/pep: refuse to enable an unbound pipe
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.90
     - Input: i8042 - add deferred probe support
     - Input: i8042 - enable deferred probe quirk for ASUS UM325UA
     - tomoyo: Check exceeded quota early in tomoyo_domain_quota_is_ok().
     - tomoyo: use hwight16() in tomoyo_domain_quota_is_ok()
     - [x86] platform/x86: apple-gmux: use resource_size() with res
     - memblock: fix memblock_phys_alloc() section mismatch error
     - selinux: initialize proto variable in selinux_ip_postroute_compat()
     - scsi: lpfc: Terminate string in lpfc_debugfs_nvmeio_trc_write()
     - net/mlx5: DR, Fix NULL vs IS_ERR checking in dr_domain_init_resources
     - net/mlx5e: Wrap the tx reporter dump callback to extract the sq
     - net/mlx5e: Fix ICOSQ recovery flow for XSK
     - udp: using datalen to cap ipv6 udp max gso segments
     - sctp: use call_rcu to free endpoint
     - net/smc: fix using of uninitialized completions
     - net: usb: pegasus: Do not drop long Ethernet frames
     - net/smc: improved fix wait on already cleared link
     - net/smc: don't send CDC/LLC message if link not ready
     - net/smc: fix kernel panic caused by race of smc_sock
     - igc: Fix TX timestamp support for non-MSI-X platforms
     - net/mlx5e: Fix wrong features assignment in case of error
     - [armhf] net/ncsi: check for error return from call to nla_put_u32
     - i2c: validate user data in compat ioctl
     - nfc: uapi: use kernel size_t to fix user-space builds
     - uapi: fix linux/nfc.h userspace compilation errors
     - drm/amdgpu: When the VCN(1.0) block is suspended, powergating is
       explicitly enabled
     - drm/amdgpu: add support for IP discovery gc_info table v2
     - xhci: Fresco FL1100 controller should not have BROKEN_MSI quirk set.
     - usb: gadget: f_fs: Clear ffs_eventfd in ffs_data_clear.
     - [arm*] binder: fix async_free_space accounting for empty parcels
     - [x86] scsi: vmw_pvscsi: Set residual data length conditionally
     - Input: appletouch - initialize work before device registration
     - Input: spaceball - fix parsing of movement data packets
     - net: fix use-after-free in tw_timer_handler
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.91
     - f2fs: quota: fix potential deadlock
     - tracing: Fix check for trace_percpu_buffer validity in get_trace_buf()
     - tracing: Tag trace_percpu_buffer as a percpu pointer
     - ieee802154: atusb: fix uninit value in atusb_set_extended_addr
     - i40e: Fix to not show opcode msg on unsuccessful VF MAC change
     - iavf: Fix limit of total number of queues to active queues of VF
     - RDMA/core: Don't infoleak GRH fields
     - netrom: fix copying in user data in nr_setsockopt
     - RDMA/uverbs: Check for null return of kmalloc_array
     - mac80211: initialize variable have_higher_than_11mbit
     - sfc: The RX page_ring is optional
     - i40e: fix use-after-free in i40e_sync_filters_subtask()
     - i40e: Fix for displaying message regarding NVM version
     - i40e: Fix incorrect netdev's real number of RX/TX queues
     - ipv4: Check attribute length for RTA_GATEWAY in multipath route
     - ipv4: Check attribute length for RTA_FLOW in multipath route
     - ipv6: Check attribute length for RTA_GATEWAY in multipath route
     - ipv6: Check attribute length for RTA_GATEWAY when deleting multipath route
     - lwtunnel: Validate RTA_ENCAP_TYPE attribute length
     - batman-adv: mcast: don't send link-local multicast to mcast routers
     - sch_qfq: prevent shift-out-of-bounds in qfq_init_qdisc
     - net: ena: Fix undefined state when tx request id is out of bounds
     - net: ena: Fix error handling when calculating max IO queues number
     - xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate
       (CVE-2021-4155)
     - power: supply: core: Break capacity loop
     - rndis_host: support Hytera digital radios
     - phonet: refcount leak in pep_sock_accep (CVE-2021-45095)
     - ipv6: Continue processing multipath route even if gateway attribute is
       invalid
     - ipv6: Do cleanup if attribute validation fails in multipath route
     - scsi: libiscsi: Fix UAF in iscsi_conn_get_param()/iscsi_conn_teardown()
     - ip6_vti: initialize __ip6_tnl_parm struct in vti6_siocdevprivate
     - net: udp: fix alignment problem in udp4_seq_show()
     - [amd64,arm64] atlantic: Fix buff_ring OOB in aq_ring_rx_clean
     - mISDN: change function names to avoid conflicts
     - drm/amd/display: Added power down for DCN10
     - ipv6: raw: check passed optlen before reading
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.92
     - md: revert io stats accounting
     - workqueue: Fix unbind_workers() VS wq_worker_running() race
     - bpf: Fix out of bounds access from invalid *_or_null type verification
       (CVE-2022-23222)
     - Bluetooth: btusb: fix memory leak in btusb_mtk_submit_wmt_recv_urb()
     - Bluetooth: btusb: Add two more Bluetooth parts for WCN6855
     - Bluetooth: btusb: Add support for Foxconn MT7922A
     - Bluetooth: btusb: Add support for Foxconn QCA 0xe0d0
     - Bluetooth: bfusb: fix division by zero in send path
     - [armhf] dts: exynos: Fix BCM4330 Bluetooth reset polarity in I9100
     - USB: core: Fix bug in resuming hub's handling of wakeup requests
     - USB: Fix "slab-out-of-bounds Write" bug in usb_hcd_poll_rh_status
     - ath11k: Fix buffer overflow when scanning with extraie
     - mmc: sdhci-pci: Add PCI ID for Intel ADL
     - veth: Do not record rx queue hint in veth_xmit
     - [x86] mfd: intel-lpss: Fix too early PM enablement in the ACPI ->probe()
     - can: gs_usb: fix use of uninitialized variable, detach device on reception
       of invalid USB data
     - can: isotp: convert struct tpcon::{idx,len} to unsigned int
     - can: gs_usb: gs_can_start_xmit(): zero-initialize hf->{flags,reserved}
     - random: fix data race on crng_node_pool
     - random: fix data race on crng init time
     - random: fix crash on multiple early calls to add_bootloader_randomness()
     - media: Revert "media: uvcvideo: Set unique vdev name based in type"
     - [x86] drm/i915: Avoid bitwise vs logical OR warning in
       snb_wm_latency_quirk()
 .
   [ Salvatore Bonaccorso ]
   * [arm64] drivers/net/ethernet/google: Enable GVE as module (Closes: #996974)
   * Refresh "Export symbols needed by Android drivers"
   * [rt] Update to 5.10.87-rt59
   * Bump ABI to 11
   * [rt] Update to 5.10.90-rt60
   * vfs: fs_context: fix up param length parsing in legacy_parse_param
     (CVE-2022-0185)
 .
   [ Andrew Balmos ]
   * net/can: Enable CONFIG_CAN_MCP251X as module
 .
   [ Cyril Brulebois ]
   * arm64: dts: Add support for Raspberry Pi Compute Module 4 IO Board,
     producing a DTB that's almost entirely identical to what a v5.16-rc8
     build produces, with lots of thanks to Uwe Kleine-König for the heavy
     lifting!
linux-signed-amd64 (5.10.92+1~bpo10+1) buster-backports; urgency=medium
 .
   * Sign kernel from linux 5.10.92-1~bpo10+1
 .
   * Rebuild for buster-backports:
     - Change ABI number to 0.bpo.11

linux-signed-arm64 (5.10.106+1) bullseye; urgency=medium
 .
   * Sign kernel from linux 5.10.106-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.104
     - mac80211_hwsim: report NOACK frames in tx_status
     - mac80211_hwsim: initialize ieee80211_tx_info at hw_scan_work
     - [arm*] i2c: bcm2835: Avoid clock stretching timeouts
     - ASoC: rt5682: do not block workqueue if card is unbound
     - regulator: core: fix false positive in regulator_late_cleanup()
     - Input: clear BTN_RIGHT/MIDDLE on buttonpads
     - [arm64] KVM: arm64: vgic: Read HW interrupt pending state from the HW
     - tipc: fix a bit overflow in tipc_crypto_key_rcv()
     - cifs: fix double free race when mount fails in cifs_get_root()
     - net: usb: cdc_mbim: avoid altsetting toggling for Telit FN990
     - usb: gadget: don't release an existing dev->buf (CVE-2022-24958)
     - usb: gadget: clear related members when goto fail (CVE-2022-24958)
     - exfat: reuse exfat_inode_info variable instead of calling EXFAT_I()
     - exfat: fix i_blocks for files truncated over 4 GiB
     - tracing: Add test for user space strings when filtering on string pointers
     - [armhf] serial: stm32: prevent TDR register overwrite when sending x_char
     - ata: pata_hpt37x: fix PCI clock detection
     - drm/amdgpu: check vm ready by amdgpu_vm->evicting flag
     - tracing: Add ustring operation to filtering string pointers
     - [x86] ALSA: intel_hdmi: Fix reference to PCM buffer address
     - ASoC: ops: Shift tested values in snd_soc_put_volsw() by +min
     - [amd64] iommu/amd: Recover from event log overflow
     - [x86] drm/i915: s/JSP2/ICP2/ PCH
     - xen/netfront: destroy queues before real_num_tx_queues is zeroed
     - mm: Consider __GFP_NOWARN flag for oversized kvmalloc() calls
     - xfrm: fix MTU regression
     - netfilter: fix use-after-free in __nf_register_net_hook()
     - bpf, sockmap: Do not ignore orig_len parameter
     - xfrm: fix the if_id check in changelink
     - xfrm: enforce validity of offload input flags
     - e1000e: Correct NVM checksum verification flow
     - net: fix up skbs delta_truesize in UDP GRO frag_list
     - netfilter: nf_queue: don't assume sk is full socket
     - netfilter: nf_queue: fix possible use-after-free
     - netfilter: nf_queue: handle socket prefetch
     - batman-adv: Request iflink once in batadv-on-batadv check
     - batman-adv: Request iflink once in batadv_get_real_netdevice
     - batman-adv: Don't expect inter-netns unique iflink indices
     - net: ipv6: ensure we call ipv6_mc_down() at most once
     - net: dcb: flush lingering app table entries for unregistered devices
     - net/smc: fix connection leak
     - net/smc: fix unexpected SMC_CLC_DECL_ERR_REGRMB error generated by client
     - net/smc: fix unexpected SMC_CLC_DECL_ERR_REGRMB error cause by server
     - rcu/nocb: Fix missed nocb_timer requeue
     - ice: Fix race conditions between virtchnl handling and VF ndo ops
     - ice: fix concurrent reset and removal of VFs
     - sched/topology: Make sched_init_numa() use a set for the deduplicating
       sort
     - sched/topology: Fix sched_domain_topology_level alloc in sched_init_numa()
     - mac80211: fix forwarded mesh frames AC & queue selection
     - net: stmmac: fix return value of __setup handler
     - mac80211: treat some SAE auth steps as final
     - iavf: Fix missing check for running netdev
     - net: arcnet: com20020: Fix null-ptr-deref in com20020pci_probe()
     - ixgbe: xsk: change !netif_carrier_ok() handling in ixgbe_xmit_zc()
     - efivars: Respect "block" flag in efivar_entry_set_safe()
     - can: gs_usb: change active_channels's type from atomic_t to u8
     - igc: igc_read_phy_reg_gpy: drop premature return
     - [armel,armhf] 9182/1: mmu: fix returns from early_param() and __setup()
       functions
     - [arm64,armhf] pinctrl: sunxi: Use unique lockdep classes for IRQs
     - igc: igc_write_phy_reg_gpy: drop premature return
     - memfd: fix F_SEAL_WRITE after shmem huge page allocated
     - [armhf] dts: switch timer config to common devkit8000 devicetree
     - [armhf] dts: Use 32KiHz oscillator on devkit8000
     - [arm64] soc: fsl: guts: Revert commit 3c0d64e867ed
     - [arm64] soc: fsl: guts: Add a missing memory allocation failure check
     - [armhf] tegra: Move panels to AUX bus
     - net: chelsio: cxgb3: check the return value of pci_find_capability()
     - iavf: Refactor iavf state machine tracking
     - nl80211: Handle nla_memdup failures in handle_nan_filter
     - drm/amdgpu: fix suspend/resume hang regression
     - net: dcb: disable softirqs in dcbnl_flush_dev()
     - Input: elan_i2c - move regulator_[en|dis]able() out of
       elan_[en|dis]able_power()
     - Input: elan_i2c - fix regulator enable count imbalance after
       suspend/resume
     - HID: add mapping for KEY_DICTATE
     - HID: add mapping for KEY_ALL_APPLICATIONS
     - tracing/histogram: Fix sorting on old "cpu" value
     - tracing: Fix return value of __setup handlers
     - btrfs: fix lost prealloc extents beyond eof after full fsync
     - btrfs: qgroup: fix deadlock between rescan worker and remove qgroup
     - btrfs: add missing run of delayed items after unlink during log replay
     - Revert "xfrm: xfrm_state_mtu should return at least 1280 for ipv6"
     - hamradio: fix macro redefine warning
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.105
     - [x86] bugs: Unconditionally allow spectre_v2=retpoline,amd
     - [armhf] report Spectre v2 status through sysfs
     - [armel,armhf] early traps initialisation
     - [armel,armhf] use LOADADDR() to get load address of sections
     - [armel,armhf] Spectre-BHB workaround
     - [armel,armhf] include unprivileged BPF status in Spectre V2 reporting
     - [arm64] cputype: Add CPU implementor & types for the Apple M1 cores
     - [arm64] Add Neoverse-N2, Cortex-A710 CPU part definition
     - [arm64] Add Cortex-X2 CPU part definition
     - [arm64] Add Cortex-A510 CPU part definition
     - [arm64] Add HWCAP for self-synchronising virtual counter
     - [arm64] add ID_AA64ISAR2_EL1 sys register
     - [arm64] cpufeature: add HWCAP for FEAT_AFP
     - [arm64] cpufeature: add HWCAP for FEAT_RPRES
     - [arm64] entry.S: Add ventry overflow sanity checks
     - [arm64] spectre: Rename spectre_v4_patch_fw_mitigation_conduit
     - [arm64] entry: Make the trampoline cleanup optional
     - [arm64] entry: Free up another register on kpti's tramp_exit path
     - [arm64] entry: Move the trampoline data page before the text page
     - [arm64] entry: Allow tramp_alias to access symbols after the 4K boundary
     - [arm64] entry: Don't assume tramp_vectors is the start of the vectors
     - [arm64] entry: Move trampoline macros out of ifdef'd section
     - [arm64] entry: Make the kpti trampoline's kpti sequence optional
     - [arm64] entry: Allow the trampoline text to occupy multiple pages
     - [arm64] entry: Add non-kpti __bp_harden_el1_vectors for mitigations
     - [arm64] entry: Add vectors that have the bhb mitigation sequences
     - [arm64] entry: Add macro for reading symbol addresses from the trampoline
     - [arm64] Add percpu vectors for EL1
     - [arm64] proton-pack: Report Spectre-BHB vulnerabilities as part of
       Spectre-v2
     - [arm64] KVM: arm64: Allow indirect vectors to be used without SPECTRE_V3A
     - [arm64] Mitigate spectre style branch history side channels
     - [arm64] KVM: arm64: Allow SMCCC_ARCH_WORKAROUND_3 to be discovered and
       migrated
     - [arm64] Use the clearbhb instruction in mitigations
     - [arm64] proton-pack: Include unprivileged eBPF status in Spectre v2
       mitigation reporting
     - [armel,armhf] fix co-processor register typo
     - [armel,armhf] Do not use NOCROSSREFS directive with ld.lld
     - [armhf] fix build warning in proc-v7-bugs.c
     - xen/xenbus: don't let xenbus_grant_ring() remove grants in error case
       (CVE-2022-23040, XSA-396)
     - xen/grant-table: add gnttab_try_end_foreign_access() (CVE-2022-23036,
       CVE-2022-23038, XSA-396)
     - xen/blkfront: don't use gnttab_query_foreign_access() for mapped status
       (CVE-2022-23036, XSA-396)
     - xen/netfront: don't use gnttab_query_foreign_access() for mapped status
       (CVE-2022-23037, XSA-396)
     - xen/scsifront: don't use gnttab_query_foreign_access() for mapped status
       (CVE-2022-23038, XSA-396)
     - xen/gntalloc: don't use gnttab_query_foreign_access() (CVE-2022-23039,
       XSA-396)
     - xen: remove gnttab_query_foreign_access()
     - xen/9p: use alloc/free_pages_exact() (CVE-2022-23041, XSA-396)
     - xen/pvcalls: use alloc/free_pages_exact() (CVE-2022-23041, XSA-396)
     - xen/gnttab: fix gnttab_end_foreign_access() without page specified
       (CVE-2022-23041, XSA-396)
     - xen/netfront: react properly to failing gnttab_end_foreign_access_ref()
       (CVE-2022-23042, XSA-396)
     - Revert "ACPI: PM: s2idle: Cancel wakeup before dispatching EC GPE"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.106
     - [arm64] clk: qcom: gdsc: Add support to update GDSC transition delay
     - [arm64] dts: armada-3720-turris-mox: Add missing ethernet0 alias
     - tipc: fix kernel panic when enabling bearer
     - mISDN: Remove obsolete PIPELINE_DEBUG debugging information
     - mISDN: Fix memory leak in dsp_pipeline_build()
     - virtio-blk: Don't use MAX_DISCARD_SEGMENTS if max_discard_seg is zero
     - isdn: hfcpci: check the return value of dma_set_mask() in setup_hw()
     - net: qlogic: check the return value of dma_alloc_coherent() in
       qed_vf_hw_prepare()
     - esp: Fix BEET mode inter address family tunneling on GSO
     - qed: return status of qed_iov_get_link
     - i40e: stop disabling VFs due to PF error responses
     - ice: stop disabling VFs due to PF error responses
     - ice: Align macro names to the specification
     - ice: Remove unnecessary checker loop
     - ice: Rename a couple of variables
     - ice: Fix curr_link_speed advertised speed
     - tipc: fix incorrect order of state message data sanity check
     - [armhf] net: ethernet: ti: cpts: Handle error for clk_enable
     - ax25: Fix NULL pointer dereference in ax25_kill_by_device
     - net/mlx5: Fix size field in bufferx_reg struct
     - net/mlx5: Fix a race on command flush flow
     - net/mlx5e: Lag, Only handle events from highest priority multipath entry
     - NFC: port100: fix use-after-free in port100_send_complete
     - net: phy: DP83822: clear MISR2 register to disable interrupts
     - sctp: fix kernel-infoleak for SCTP sockets
     - [arm64] net: bcmgenet: Don't claim WOL when its not available
     - [arm64,armhf] spi: rockchip: Fix error in getting num-cs property
     - [arm64,armhf] spi: rockchip: terminate dma transmission when slave abort
     - net-sysfs: add check for netdevice being present to speed_show
     - [armhf] hwmon: (pmbus) Clear pmbus fault/warning bits after read
     - gpio: Return EPROBE_DEFER if gc->to_irq is NULL
     - Revert "xen-netback: remove 'hotplug-status' once it has served its
       purpose"
     - Revert "xen-netback: Check for hotplug-status existence before watching"
     - ipv6: prevent a possible race condition with lifetimes
     - tracing: Ensure trace buffer is at least 4096 bytes large
     - fuse: fix pipe buffer lifetime for direct_io
     - staging: rtl8723bs: Fix access-point mode deadlock
     - [arm64] net: macb: Fix lost RX packet wakeup race in NAPI receive
     - [arm64] mmc: meson: Fix usage of meson_mmc_post_req()
     - [arm64] dts: marvell: armada-37xx: Remap IO space to bus address 0x0
     - virtio: unexport virtio_finalize_features
     - virtio: acknowledge all features before access
     - watch_queue, pipe: Free watchqueue state after clearing pipe ring
       (CVE-2022-0995)
     - watch_queue: Fix to release page in ->release() (CVE-2022-0995)
     - watch_queue: Fix to always request a pow-of-2 pipe ring size
       (CVE-2022-0995)
     - watch_queue: Fix the alloc bitmap size to reflect notes allocated
       (CVE-2022-0995)
     - watch_queue: Free the alloc bitmap when the watch_queue is torn down
       (CVE-2022-0995)
     - watch_queue: Fix lack of barrier/sync/lock between post and read
       (CVE-2022-0995)
     - watch_queue: Make comment about setting ->defunct more accurate
       (CVE-2022-0995)
     - [x86] boot: Fix memremap of setup_indirect structures
     - [x86] boot: Add setup_indirect support in early_memremap_is_setup_data()
     - [x86] traps: Mark do_int3() NOKPROBE_SYMBOL
     - ext4: add check to prevent attempting to resize an fs with sparse_super2
     - [armel,armhf] fix Thumb2 regression with Spectre BHB
     - watch_queue: Fix filter limit check ((CVE-2022-0995)
 .
   [ Salvatore Bonaccorso ]
   * Bump ABI to 13
   * [rt] Update to 5.10.104-rt63
   * [rt] Update to 5.10.106-rt64
   * sctp: fix the processing for INIT chunk (CVE-2021-3772)
   * tcp: make tcp_read_sock() more robust
   * io_uring: return back safer resurrect
   * [arm64] kvm: Fix copy-and-paste error in bhb templates for v5.10 stable
linux-signed-arm64 (5.10.103+1) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.103-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.93
     - kbuild: Add $(KBUILD_HOSTLDFLAGS) to 'has_libelf' test
     - devtmpfs regression fix: reconfigure on each mount
     - orangefs: Fix the size of a memory allocation in orangefs_bufmap_alloc()
     - perf: Protect perf_guest_cbs with RCU
     - [x86] KVM: Register Processor Trace interrupt hook iff PT enabled in guest
     - [s390x] KVM: Clarify SIGP orders versus STOP/RESTART
     - 9p: only copy valid iattrs in 9P2000.L setattr implementation
     - [x86] video: vga16fb: Only probe for EGA and VGA 16 color graphic cards
     - media: uvcvideo: fix division by zero at stream start
     - rtlwifi: rtl8192cu: Fix WARNING when calling local_irq_restore() with
       interrupts enabled
     - firmware: qemu_fw_cfg: fix sysfs information leak
     - firmware: qemu_fw_cfg: fix NULL-pointer deref on duplicate entries
     - firmware: qemu_fw_cfg: fix kobject leak in probe error path
     - [x86] KVM: remove PMU FIXED_CTR3 from msrs_to_save_all
     - ALSA: hda/realtek: Add speaker fixup for some Yoga 15ITL5 devices
     - ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Master after
       reboot from Windows
     - ALSA: hda: ALC287: Add Lenovo IdeaPad Slim 9i 14ITL5 speaker quirk
     - ALSA: hda/realtek: Add quirk for Legion Y9000X 2020
     - ALSA: hda/realtek: Re-order quirk entries for Lenovo
     - [powerpc*] pseries: Get entry and uaccess flush required bits from
       H_GET_CPU_CHARACTERISTICS
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.94
     - [x86] KVM: VMX: switch blocked_vcpu_on_cpu_lock to raw spinlock
     - HID: uhid: Fix worker destroying device without any protection
     - HID: wacom: Reset expected and received contact counts at the same time
     - HID: wacom: Ignore the confidence flag when a touch is removed
     - HID: wacom: Avoid using stale array indicies to read contact count
     - f2fs: fix to do sanity check in is_alive()
     - nfc: llcp: fix NULL error pointer dereference on sendmsg() after failed
       bind()
     - [armhf] mtd: rawnand: gpmi: Add ERR007117 protection for nfc_apply_timings
     - [armhf] mtd: rawnand: gpmi: Remove explicit default gpmi clock setting for
       i.MX6
     - mtd: Fixed breaking list in __mtd_del_partition.
     - [x86] gpu: Reserve stolen memory for first integrated Intel GPU
     - rtc: cmos: take rtc_lock while reading from CMOS
     - media: v4l2-ioctl.c: readbuffers depends on V4L2_CAP_READWRITE
     - media: flexcop-usb: fix control-message timeouts
     - media: mceusb: fix control-message timeouts
     - media: em28xx: fix control-message timeouts
     - media: cpia2: fix control-message timeouts
     - media: s2255: fix control-message timeouts
     - media: dib0700: fix undefined behavior in tuner shutdown
     - media: redrat3: fix control-message timeouts
     - media: pvrusb2: fix control-message timeouts
     - media: stk1160: fix control-message timeouts
     - [armhf] media: cec-pin: fix interrupt en/disable handling
     - [x86] can: softing_cs: softingcs_probe(): fix memleak on registration
       failure
     - iio: adc: ti-adc081c: Partial revert of removal of ACPI IDs
     - [arm64,armhf] gpu: host1x: Add back arm_iommu_detach_device()
     - dma_fence_array: Fix PENDING_ERROR leak in dma_fence_array_signaled()
     - PCI: Add function 1 DMA alias quirk for Marvell 88SE9125 SATA controller
     - mm_zone: add function to check if managed dma zone exists
     - [arm64] dma/pool: create dma atomic pool only if dma zone has managed
       pages
     - mm/page_alloc.c: do not warn allocation failure on zone DMA if no managed
       pages
     - shmem: fix a race between shmem_unused_huge_shrink and shmem_evict_inode
     - drm/ttm: Put BO in its memory manager's lru list
     - Bluetooth: L2CAP: Fix not initializing sk_peer_pid
     - [armhf] drm/bridge: display-connector: fix an uninitialized pointer in
       probe()
     - drm: fix null-ptr-deref in drm_dev_init_release()
     - [arm64,armhf] drm/rockchip: dsi: Fix unbalanced clock on probe error
     - [arm64,armhf] drm/rockchip: dsi: Hold pm-runtime across bind/unbind
     - [arm64,armhf] drm/rockchip: dsi: Disable PLL clock on bind error
     - [arm64,armhf] drm/rockchip: dsi: Reconfigure hardware on resume()
     - Bluetooth: cmtp: fix possible panic when cmtp_init_sockets() fails
     - [arm*] clk: bcm-2835: Pick the closest clock rate
     - [arm*] clk: bcm-2835: Remove rounding up the dividers
     - [arm*] drm/vc4: hdmi: Set a default HSM rate
     - [arm64] wcn36xx: ensure pairing of init_scan/finish_scan and
       start_scan/end_scan
     - [arm64] wcn36xx: Indicate beacon not connection loss on MISSED_BEACON_IND
     - [arm64] wcn36xx: Fix DMA channel enable/disable cycle
     - [arm64] wcn36xx: Release DMA channel descriptor allocations
     - [arm64] wcn36xx: Put DXE block into reset before freeing memory
     - [arm64] wcn36xx: populate band before determining rate on RX
     - [arm64] wcn36xx: fix RX BD rate mapping for 5GHz legacy rates
     - ath11k: Send PPDU_STATS_CFG with proper pdev mask to firmware
     - media: videobuf2: Fix the size printk format
     - [armhf] media: aspeed: fix mode-detect always time out at 2nd run
     - media: em28xx: fix memory leak in em28xx_init_dev
     - [armhf] media: aspeed: Update signal status immediately to ensure sane hw
       state
     - fs: dlm: use sk->sk_socket instead of con->sock
     - fs: dlm: don't call kernel_getpeername() in error_report()
     - Bluetooth: stop proccessing malicious adv data
     - ath11k: Fix ETSI regd with weather radar overlap
     - ath11k: clear the keys properly via DISABLE_KEY
     - ath11k: reset RSN/WPA present state for open BSS
     - [arm64] tee: fix put order in teedev_close_context()
     - [x86] drm/vboxvideo: fix a NULL vs IS_ERR() check
     - media: dmxdev: fix UAF when dvb_register_device() fails
     - [arm64] crypto: qce - fix uaf on qce_ahash_register_one
     - [arm64] crypto: qce - fix uaf on qce_skcipher_register_one
     - [armhf] dts: stm32: fix dtbs_check warning on ili9341 dts binding on
       stm32f429 disco
     - [x86] crypto: qat - fix spelling mistake: "messge" -> "message"
     - [x86] crypto: qat - remove unnecessary collision prevention step in PFVF
     - [x86] crypto: qat - make pfvf send message direction agnostic
     - [x86] crypto: qat - fix undetected PFVF timeout in ACK loop
     - ath11k: Use host CE parameters for CE interrupts configuration
     - [armhf] media: imx-pxp: Initialize the spinlock prior to using it
     - [armhf] media: coda: fix CODA960 JPEG encoder buffer overflow
     - [arm64] media: venus: pm_helpers: Control core power domain manually
     - [arm64] media: venus: core, venc, vdec: Fix probe dependency error
     - [arm64] media: venus: core: Fix a potential NULL pointer dereference in an
       error handling path
     - [arm64] media: venus: core: Fix a resource leak in the error handling path
       of 'venus_probe()'
     - [armhf] thermal/drivers/imx: Implement runtime PM support
     - netfilter: bridge: add support for pppoe filtering
     - cgroup: Trace event cgroup id fields should be u64
     - ACPI: EC: Rework flushing of EC work while suspended to idle
     - drm/amdgpu: Fix a NULL pointer dereference in
       amdgpu_connector_lcd_native_mode()
     - drm/radeon/radeon_kms: Fix a NULL pointer dereference in
       radeon_driver_open_kms()
     - [arm*] serial: amba-pl011: do not request memory region twice
     - floppy: Fix hang in watchdog when disk is ejected
     - [x86] staging: rtl8192e: return error code from rtllib_softmac_init()
     - [x86] staging: rtl8192e: rtllib_module: fix error handle case in
       alloc_rtllib()
     - sched/fair: Fix detection of per-CPU kthreads waking a task
     - sched/fair: Fix per-CPU kthread and wakee stacking for asym CPU capacity
     - bpf: Adjust BTF log size limit.
     - bpf: Disallow BPF_LOG_KERNEL log level for bpf(BPF_BTF_LOAD)
     - bpf: Remove config check to enable bpf support for branch records
     - [arm64] lib: Annotate {clear, copy}_page() as position-independent
     - [arm64] clear_page() shouldn't use DC ZVA when DCZID_EL0.DZP == 1
     - media: dib8000: Fix a memleak in dib8000_init()
     - media: saa7146: mxb: Fix a NULL pointer dereference in mxb_attach()
     - media: si2157: Fix "warm" tuner state detection
     - wireless: iwlwifi: Fix a double free in iwl_txq_dyn_alloc_dma
     - sched/rt: Try to restart rt period timer when rt runtime exceeded
     - rcu/exp: Mark current CPU as exp-QS in IPI loop second pass
     - mwifiex: Fix possible ABBA deadlock
     - xfrm: fix a small bug in xfrm_sa_len()
     - [x86] uaccess: Move variable into switch case statement
     - [armhf] crypto: stm32 - Fix last sparse warning in
       stm32_cryp_check_ctr_counter
     - [armhf] crypto: stm32/cryp - fix CTR counter carry
     - [armhf] crypto: stm32/cryp - fix xts and race condition in crypto_engine
       requests
     - [armhf] crypto: stm32/cryp - check early input data
     - [armhf] crypto: stm32/cryp - fix double pm exit
     - [armhf] crypto: stm32/cryp - fix lrw chaining mode
     - [armhf] crypto: stm32/cryp - fix bugs and crash in tests
     - [armhf] crypto: stm32 - Revert broken pm_runtime_resume_and_get changes
     - ath11k: Fix deleting uninitialized kernel timer during fragment cache
       flush
     - media: dw2102: Fix use after free
     - media: msi001: fix possible null-ptr-deref in msi001_probe()
     - [armhf] media: coda/imx-vdoa: Handle dma_set_coherent_mask error codes
     - ath11k: Fix a NULL pointer dereference in ath11k_mac_op_hw_scan()
     - [arm64] dts: qcom: c630: Fix soundcard setup
     - [arm64] drm/msm/dpu: fix safe status debugfs file
     - [arm64,armhf] drm/tegra: vic: Fix DMA API misuse
     - xfrm: interface with if_id 0 should return error
     - xfrm: state and policy should fail if XFRMA_IF_ID 0
     - [armel,armhf] 9159/1: decompressor: Avoid UNPREDICTABLE NOP encoding
     - usb: ftdi-elan: fix memory leak on device disconnect
     - iwlwifi: mvm: fix 32-bit build in FTM
     - iwlwifi: mvm: test roc running status bits before removing the sta
     - [armhf] mmc: meson-mx-sdio: add IRQ check
     - selinux: fix potential memleak in selinux_add_opt()
     - Bluetooth: L2CAP: Fix using wrong mode
     - bpftool: Enable line buffering for stdout
     - software node: fix wrong node passed to find nargs_prop
     - Bluetooth: hci_qca: Stop IBS timer during BT OFF
     - [x86] mce/inject: Avoid out-of-bounds write when setting flags
     - ACPI: scan: Create platform device for BCM4752 and LNV4752 ACPI nodes
     - [x86] pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in
       __nonstatic_find_io_region()
     - [x86] pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in
       nonstatic_find_mem_region()
     - netfilter: ipt_CLUSTERIP: fix refcount leak in clusterip_tg_check()
     - bpf: Don't promote bogus looking registers after null check.
     - bpf: Fix SO_RCVBUF/SO_SNDBUF handling in _bpf_setsockopt().
     - netfilter: nft_set_pipapo: allocate pcpu scratch maps on clone
     - ppp: ensure minimum packet size in ppp_write()
     - Bluetooth: hci_bcm: Check for error irq
     - Bluetooth: hci_qca: Fix NULL vs IS_ERR_OR_NULL check in qca_serdev_probe
     - [arm64] usb: dwc3: qcom: Fix NULL vs IS_ERR checking in dwc3_qcom_probe
     - HID: hid-uclogic-params: Invalid parameter check in uclogic_params_init
     - HID: hid-uclogic-params: Invalid parameter check in
       uclogic_params_get_str_desc
     - HID: hid-uclogic-params: Invalid parameter check in
       uclogic_params_huion_init
     - HID: hid-uclogic-params: Invalid parameter check in
       uclogic_params_frame_init_v1_buttonpad
     - debugfs: lockdown: Allow reading debugfs files that are not world readable
     - net/mlx5e: Fix page DMA map/unmap attributes
     - net/mlx5e: Don't block routes with nexthop objects in SW
     - Revert "net/mlx5e: Block offload of outer header csum for UDP tunnels"
     - net/mlx5: Set command entry semaphore up once got index free
     - lib/mpi: Add the return value check of kcalloc()
     - Bluetooth: L2CAP: uninitialized variables in l2cap_sock_setsockopt()
     - [arm64,armhf] spi: spi-meson-spifc: Add missing pm_runtime_disable() in
       meson_spifc_probe
     - ax25: uninitialized variable in ax25_setsockopt()
     - netrom: fix api breakage in nr_setsockopt()
     - regmap: Call regmap_debugfs_exit() prior to _init()
     - tpm: add request_locality before write TPM_INT_ENABLE
     - tpm_tis: Fix an error handling path in 'tpm_tis_core_init()'
     - can: softing: softing_startstop(): fix set but not used variable warning
     - pcmcia: fix setting of kthread task states
     - iwlwifi: mvm: Use div_s64 instead of do_div in iwl_mvm_ftm_rtt_smoothing()
     - net: mcs7830: handle usb read errors properly
     - ext4: avoid trim error on fs with small groups
     - ALSA: jack: Add missing rwsem around snd_ctl_remove() calls
     - ALSA: PCM: Add missing rwsem around snd_ctl_remove() calls
     - ALSA: hda: Add missing rwsem around snd_ctl_remove() calls
     - RDMA/bnxt_re: Scan the whole bitmap when checking if "disabling RCFW with
       pending cmd-bit"
     - [arm64] RDMA/hns: Validate the pkey index
     - scsi: pm80xx: Update WARN_ON check in pm8001_mpi_build_cmd()
     - [arm64] clk: imx8mn: Fix imx8mn_clko1_sels
     - [powerpc*] prom_init: Fix improper check of prom_getprop()
     - dt-bindings: thermal: Fix definition of cooling-maps contribution property
     - [powerpc*] 64s: Convert some cpu_setup() and cpu_restore() functions to C
     - [powerpc*] perf: MMCR0 control for PMU registers under PMCC=00
     - [powerpc*] perf: move perf irq/nmi handling details into traps.c
     - [powerpc*] irq: Add helper to set regs->softe
     - [powerpc*] perf: Fix PMU callbacks to clear pending PMI before resetting
       an overflown PMC
     - clocksource: Reduce clocksource-skew threshold
     - clocksource: Avoid accidental unstable marking of clocksources
     - ALSA: oss: fix compile error when OSS_DEBUG is enabled
     - ALSA: usb-audio: Drop superfluous '0' in Presonus Studio 1810c's ID
     - [arm*] binder: fix handling of error during copy
     - [arm64,armhf] iommu/io-pgtable-arm: Fix table descriptor paddr formatting
     - scsi: ufs: Fix race conditions related to driver data
     - RDMA/qedr: Fix reporting max_{send/recv}_wr attrs
     - PCI/MSI: Fix pci_irq_vector()/pci_irq_get_affinity()
     - RDMA/core: Let ib_find_gid() continue search even after empty entry
     - RDMA/cma: Let cma_resolve_ib_dev() continue search even after empty entry
     - [x86] ASoC: rt5663: Handle device_property_read_u32_array error codes
     - [amd64] iommu/amd: Remove iommu_init_ga()
     - [amd64] iommu/amd: Restore GA log/tail pointer on host resume
     - [x86] ASoC: Intel: catpt: Test dmaengine_submit() result before moving on
     - iommu/iova: Fix race between FQ timeout and teardown
     - scsi: block: pm: Always set request queue runtime active in
       blk_post_runtime_resume()
     - [powerpc*] xive: Add missing null check after calling kmalloc
     - RDMA/cxgb4: Set queue pair state when being queried
     - of: base: Fix phandle argument length mismatch error message
     - [armhf] dts: omap3-n900: Fix lp5523 for multi color
     - Bluetooth: Fix debugfs entry leak in hci_register_dev()
     - fs: dlm: filter user dlm messages for kernel locks
     - [arm64,armhf] drm/lima: fix warning when CONFIG_DEBUG_SG=y &
       CONFIG_DMA_API_DEBUG=y
     - ar5523: Fix null-ptr-deref with unexpected WDCMSG_TARGET_START reply
     - [arm64,armhf] drm/bridge: dw-hdmi: handle ELD when
       DRM_BRIDGE_ATTACH_NO_CONNECTOR
     - drm/nouveau/pmu/gm200-: avoid touching PMU outside of DEVINIT/PREOS/ACR
     - batman-adv: allow netlink usage in unprivileged containers
     - ath11k: Fix crash caused by uninitialized TX ring
     - usb: gadget: f_fs: Use stream_open() for endpoint files
     - drm: panel-orientation-quirks: Add quirk for the Lenovo Yoga Book X91F/L
     - HID: apple: Do not reset quirks when the Fn key is not found
     - media: b2c2: Add missing check in flexcop_pci_isr:
     - drm/amdgpu/display: set vblank_disable_immediate for DC
     - [arm64,armhf] tty: serial: imx: disable UCR4_OREN in .stop_rx() instead of
       .shutdown()
     - gpiolib: acpi: Do not set the IRQ type if the IRQ is already in use
     - [armhf] HSI: core: Fix return freed object in hsi_new_client
     - crypto: jitter - consider 32 LSB for APT
     - rsi: Fix use-after-free in rsi_rx_done_handler()
     - rsi: Fix out-of-bounds read in rsi_read_pkt()
     - ath11k: Avoid NULL ptr access during mgmt tx cleanup
     - [arm64] media: venus: avoid calling core_clk_setrate() concurrently during
       concurrent video sessions
     - [x86] ACPI / x86: Drop PWM2 device on Lenovo Yoga Book from always present
       table
     - ACPI: Change acpi_device_always_present() into
       acpi_device_override_status()
     - [x86] ACPI / x86: Allow specifying acpi_device_override_status() quirks by
       path
     - [x86] ACPI / x86: Add not-present quirk for the PCI0.SDHB.BRC1 device on
       the GPD win
     - floppy: Add max size check for user space request
     - [x86] mm: Flush global TLB when switching to trampoline page-table
     - media: saa7146: hexium_orion: Fix a NULL pointer dereference in
       hexium_attach()
     - media: m920x: don't use stack on USB reads
     - [x86] thunderbolt: Runtime PM activate both ends of the device link
     - iwlwifi: mvm: synchronize with FW after multicast commands
     - iwlwifi: mvm: avoid clearing a just saved session protection id
     - ath11k: avoid deadlock by change ieee80211_queue_work for regd_update_work
     - ath10k: Fix tx hanging
     - net-sysfs: update the queue counts in the unregistration path
     - net: phy: prefer 1000baseT over 1000baseKX
     - [armhf] gpio: aspeed: Convert aspeed_gpio.lock to raw_spinlock
     - ath11k: Avoid false DEADLOCK warning reported by lockdep
     - [x86] mce: Allow instrumentation during task work queueing
     - [x86] mce: Mark mce_panic() noinstr
     - [x86] mce: Mark mce_end() noinstr
     - [x86] mce: Mark mce_read_aux() noinstr
     - net: bonding: debug: avoid printing debug logs when bond is not notifying
       peers
     - bpf: Do not WARN in bpf_warn_invalid_xdp_action()
     - HID: quirks: Allow inverting the absolute X/Y values
     - media: igorplugusb: receiver overflow should be reported
     - media: saa7146: hexium_gemini: Fix a NULL pointer dereference in
       hexium_attach()
     - mmc: core: Fixup storing of OCR for MMC_QUIRK_NONSTD_SDIO
     - audit: ensure userspace is penalized the same as the kernel when under
       pressure
     - [arm64] dts: ls1028a-qds: move rtc node to the correct i2c bus
     - PM: runtime: Add safety net to supplier device release
     - cpufreq: Fix initialization of min and max frequency QoS requests
     - usb: hub: Add delay for SuperSpeed hub resume to let links transit to U0
     - ath9k: Fix out-of-bound memcpy in ath9k_hif_usb_rx_stream
     - rtw88: 8822c: update rx settings to prevent potential hw deadlock
     - iwlwifi: fix leaks/bad data after failed firmware load
     - iwlwifi: remove module loading failure message
     - iwlwifi: mvm: Fix calculation of frame length
     - iwlwifi: pcie: make sure prph_info is set when treating wakeup IRQ
     - ath11k: Fix napi related hang
     - Bluetooth: vhci: Set HCI_QUIRK_VALID_LE_STATES
     - xfrm: rate limit SA mapping change message to user space
     - [armhf] drm/etnaviv: consider completed fence seqno in hang check
     - jffs2: GC deadlock reading a page that is used in jffs2_write_begin()
     - ACPICA: actypes.h: Expand the ACPI_ACCESS_ definitions
     - ACPICA: Utilities: Avoid deleting the same object twice in a row
     - ACPICA: Executer: Fix the REFCLASS_REFOF case in acpi_ex_opcode_1A_0T_1R()
     - ACPICA: Fix wrong interpretation of PCC address
     - ACPICA: Hardware: Do not flush CPU cache when entering S4 and S5
     - drm/amdgpu: fixup bad vram size on gmc v8
     - ACPI: battery: Add the ThinkPad "Not Charging" quirk
     - btrfs: remove BUG_ON() in find_parent_nodes()
     - btrfs: remove BUG_ON(!eie) in find_parent_nodes
     - net: mdio: Demote probed message to debug print
     - mac80211: allow non-standard VHT MCS-10/11
     - dm btree: add a defensive bounds check to insert_at()
     - dm space map common: add bounds check to sm_ll_lookup_bitmap()
     - net: phy: marvell: configure RGMII delays for 88E1118
     - [arm64] regulator: qcom_smd: Align probe function with rpmh-regulator
     - [arm64,armhf] serial: pl010: Drop CR register reset on set_termios
     - serial: core: Keep mctrl register state and cached copy in sync
     - random: do not throw away excess input to crng_fast_load
     - [powerpc*] powernv: add missing of_node_put
     - [powerpc*] btext: add missing of_node_put
     - [powerpc*] watchdog: Fix missed watchdog reset due to memory ordering race
     - [x86] i2c: i801: Don't silently correct invalid transfer size
     - [powerpc*] smp: Move setup_profiling_timer() under CONFIG_PROFILING
     - [powerpc*] i2c: mpc: Correct I2C reset procedure
     - [arm64] clk: meson: gxbb: Fix the SDM_EN bit for MPLL0 on GXBB
     - [powerpc*] KVM: PPC: Book3S: Suppress warnings when allocating too big
       memory slots
     - [powerpc*] KVM: PPC: Book3S: Suppress failed alloc warning in
       H_COPY_TOFROM_GUEST
     - w1: Misuse of get_user()/put_user() reported by sparse
     - nvmem: core: set size for sysfs bin file
     - dm: fix alloc_dax error handling in alloc_dev
     - scsi: lpfc: Trigger SLI4 firmware dump before doing driver cleanup
     - ALSA: seq: Set upper limit of processed events
     - [powerpc*] handle kdump appropriately with crash_kexec_post_notifiers
       option
     - [powerpc*] fadump: Fix inaccurate CPU state info in vmcore generated with
       panic
     - udf: Fix error handling in udf_new_inode()
     - [mips64el,mipsel] OCTEON: add put_device() after of_find_device_by_node()
     - [arm64,armhf] irqchip/gic-v4: Disable redistributors' view of the VPE
       table at boot time
     - [x86] i2c: designware-pci: Fix to change data types of hcnt and lcnt
       parameters
     - scsi: sr: Don't use GFP_DMA
     - [arm64] rpmsg: core: Clean up resources on announce_create failure.
     - [armhf] crypto: stm32/crc32 - Fix kernel BUG triggered in probe()
     - [arm64] crypto: caam - replace this_cpu_ptr with raw_cpu_ptr
     - ubifs: Error path in ubifs_remount_rw() seems to wrongly free write
       buffers
     - tpm: fix NPE on probe for missing device
     - xen/gntdev: fix unmap notification order
     - fuse: Pass correct lend value to filemap_write_and_wait_range()
     - serial: Fix incorrect rs485 polarity on uart open
     - cputime, cpuacct: Include guest time in user time in cpuacct.stat
     - tracing/kprobes: 'nmissed' not showed correctly for kretprobe
     - iwlwifi: mvm: Increase the scan timeout guard to 30 seconds
     - [s390x] mm: fix 2KB pgtable release race
     - device property: Fix fwnode_graph_devcon_match() fwnode leak
     - [armhf] drm/etnaviv: limit submit sizes
     - drm/nouveau/kms/nv04: use vzalloc for nv04_display
     - [arm64,armhf] drm/bridge: analogix_dp: Make PSR-exit block less
     - [powerpc*] 64s/radix: Fix huge vmap false positive
     - [arm64] PCI: xgene: Fix IB window setup
     - PCI: pciehp: Use down_read/write_nested(reset_lock) to fix lockdep errors
     - [arm*] PCI: pci-bridge-emul: Make expansion ROM Base Address register
       read-only
     - [arm*] PCI: pci-bridge-emul: Properly mark reserved PCIe bits in PCI
       config space
     - [arm*] PCI: pci-bridge-emul: Fix definitions of reserved bits
     - [arm*] PCI: pci-bridge-emul: Correctly set PCIe capabilities
     - [arm*] PCI: pci-bridge-emul: Set PCI_STATUS_CAP_LIST for PCIe device
     - xfrm: fix policy lookup for ipv6 gre packets
     - btrfs: fix deadlock between quota enable and other quota operations
     - btrfs: check the root node for uptodate before returning it
     - btrfs: respect the max size in the header when activating swap file
     - ext4: make sure to reset inode lockdep class when quota enabling fails
     - ext4: make sure quota gets properly shutdown on error
     - ext4: fix a possible ABBA deadlock due to busy PA
     - ext4: initialize err_blk before calling __ext4_get_inode_loc
     - ext4: fix fast commit may miss tracking range for FALLOC_FL_ZERO_RANGE
     - ext4: set csum seed in tmp inode while migrating to extents
     - ext4: Fix BUG_ON in ext4_bread when write quota data
     - ext4: use ext4_ext_remove_space() for fast commit replay delete range
     - ext4: fast commit may miss tracking unwritten range during ftruncate
     - ext4: destroy ext4_fc_dentry_cachep kmemcache on module removal
     - ext4: fix null-ptr-deref in '__ext4_journal_ensure_credits'
     - ext4: don't use the orphan list when migrating an inode
     - drm/radeon: fix error handling in radeon_driver_open_kms
     - of: base: Improve argument length mismatch error
     - firmware: Update Kconfig help text for Google firmware
     - [arm*] drm/vc4: hdmi: Make sure the device is powered with CEC
     - Documentation: dmaengine: Correctly describe dmatest with channel unset
     - Documentation: ACPI: Fix data node reference documentation
     - Documentation: refer to config RANDOMIZE_BASE for kernel address-space
       randomization
     - Documentation: fix firewire.rst ABI file path error
     - Bluetooth: hci_sync: Fix not setting adv set duration
     - scsi: core: Show SCMD_LAST in text form
     - [arm64] RDMA/hns: Modify the mapping attribute of doorbell to device
     - RDMA/rxe: Fix a typo in opcode name
     - [armhf] dmaengine: stm32-mdma: fix STM32_MDMA_CTBR_TSEL_MASK
     - Revert "net/mlx5: Add retry mechanism to the command entry index
       allocation"
     - block: Fix fsync always failed if once failed
     - bpftool: Remove inclusion of utilities.mak from Makefiles
     - xdp: check prog type before updating BPF link
     - ipv4: update fib_info_cnt under spinlock protection
     - ipv4: avoid quadratic behavior in netns dismantle
     - [arm64] net/fsl: xgmac_mdio: Add workaround for erratum A-009885
     - [arm64] net/fsl: xgmac_mdio: Fix incorrect iounmap when removing module
     - f2fs: compress: fix potential deadlock of compress file
     - f2fs: fix to reserve space for IO align feature
     - af_unix: annote lockless accesses to unix_tot_inflight & gc_in_progress
     - clk: Emit a stern warning with writable debugfs enabled
     - net/smc: Fix hung_task when removing SMC-R devices
     - virtio_ring: mark ring unused on error
     - taskstats: Cleanup the use of task->exit_code
     - inet: frags: annotate races around fqdir->dead and fqdir->high_thresh
     - netns: add schedule point in ops_exit_list()
     - xfrm: Don't accidentally set RTO_ONLINK in decode_session4()
     - gre: Don't accidentally set RTO_ONLINK in gre_fill_metadata_dst()
     - libcxgb: Don't accidentally set RTO_ONLINK in cxgb_find_route()
     - perf script: Fix hex dump character output
     - perf probe: Fix ppc64 'perf probe add events failed' case
     - devlink: Remove misleading internal_flags from health reporter dump
     - net: bonding: fix bond_xmit_broadcast return value error bug
     - net_sched: restore "mpu xxx" handling
     - [arm64] bcmgenet: add WOL IRQ check
     - net: sfp: fix high power modules without diagnostic monitoring
     - [arm64] net: mscc: ocelot: fix using match before it is set
     - dt-bindings: display: meson-dw-hdmi: add missing sound-name-prefix
       property
     - dt-bindings: display: meson-vpu: Add missing amlogic,canvas property
     - dt-bindings: watchdog: Require samsung,syscon-phandle for Exynos7
     - mm/hmm.c: allow VM_MIXEDMAP to work with hmm_range_fault
     - mtd: nand: bbt: Fix corner case in bad block table handling
     - ath10k: Fix the MTU size on QCA9377 SDIO
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.95
     - bnx2x: Utilize firmware 7.13.21.0
     - bnx2x: Invalidate fastpath HSI version for VFs
     - rcu: Tighten rcu_advance_cbs_nowake() checks
     - [x86] KVM: x86/mmu: Fix write-protection of PTs mapped by the TDP MMU
     - select: Fix indefinitely sleeping task in poll_schedule_timeout()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.96
     - Bluetooth: refactor malicious adv data check
     - [arm64] media: venus: core: Drop second v4l2 device unregister
     - net: sfp: ignore disabled SFP node
     - net: stmmac: skip only stmmac_ptp_register when resume from suspend
     - [s390x] module: fix loading modules with a lot of relocations
     - [s390x] hypfs: include z/VM guests with access control group set
     - bpf: Guard against accessing NULL pt_regs in bpf_get_task_stack()
     - [s390x] scsi: zfcp: Fix failed recovery on gone remote port with non-NPIV
       FCP devices
     - udf: Restore i_lenAlloc when inode expansion fails (CVE-2022-0617)
     - udf: Fix NULL ptr deref when converting from inline format (CVE-2022-0617)
     - efi: runtime: avoid EFIv2 runtime services on Apple x86 machines
     - tracing: Don't inc err_log entry count if entry allocation fails
     - ceph: properly put ceph_string reference after async create attempt
     - ceph: set pool_ns in new inode layout for async creates
     - fsnotify: fix fsnotify hooks in pseudo filesystems
     - Revert "KVM: SVM: avoid infinite loop on NPF from bad address"
     - [x86] perf/x86/intel/uncore: Fix CAS_COUNT_WRITE issue for ICX
     - [armhf] drm/etnaviv: relax submit size limits
     - [x86] KVM: x86: Update vCPU's runtime CPUID on write to MSR_IA32_XSS
     - [arm64] errata: Fix exec handling in erratum 1418040 workaround
     - netfilter: nft_payload: do not update layer 4 checksum when mangling
       fragments
     - serial: 8250: of: Fix mapped region size when using reg-offset property
     - [armhf] serial: stm32: fix software flow control transfer
     - tty: n_gsm: fix SW flow control encoding/handling
     - tty: Add support for Brainboxes UC cards.
     - usb-storage: Add unusual-devs entry for VL817 USB-SATA bridge
     - [arm64,armhf] usb: xhci-plat: fix crash when suspend if remote wake enable
     - [arm64,armhf] usb: common: ulpi: Fix crash in ulpi_match()
     - usb: gadget: f_sourcesink: Fix isoc transfer for USB_SPEED_SUPER_PLUS
     - USB: core: Fix hang in usb_kill_urb by adding memory barriers
     - usb: typec: tcpm: Do not disconnect while receiving VBUS off
     - jbd2: export jbd2_journal_[grab|put]_journal_head
     - ocfs2: fix a deadlock when commit trans
     - sched/membarrier: Fix membarrier-rseq fence command missing from query
       bitmask
     - [x86] MCE/AMD: Allow thresholding interface updates after init
     - i40e: Increase delay to 1 s after global EMP reset
     - i40e: Fix issue when maximum queues is exceeded
     - i40e: Fix queues reservation for XDP
     - i40e: Fix for failed to init adminq while VF reset
     - i40e: fix unsigned stat widths
     - scsi: bnx2fc: Flush destroy_work queue before calling
       bnx2fc_interface_put()
     - ipv6_tunnel: Rate limit warning messages
     - net: fix information leakage in /proc/net/ptype
     - hwmon: (lm90) Mark alert as broken for MAX6646/6647/6649
     - hwmon: (lm90) Mark alert as broken for MAX6680
     - ping: fix the sk_bound_dev_if match in ping_lookup
     - ipv4: avoid using shared IP generator for connected sockets
     - hwmon: (lm90) Reduce maximum conversion rate for G781
     - NFSv4: nfs_atomic_open() can race when looking up a non-regular file
     - net-procfs: show net devices bound packet types
     - [arm64] drm/msm: Fix wrong size calculation
     - [arm64] drm/msm/dsi: Fix missing put_device() call in dsi_get_phy
     - [arm64] drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable
     - ipv6: annotate accesses to fn->fn_sernum
     - NFS: Ensure the server has an up to date ctime before hardlinking
     - NFS: Ensure the server has an up to date ctime before renaming
     - [powerpc*] powerpc64/bpf: Limit 'ldbrx' to processors compliant with ISA
       v2.06
     - netfilter: conntrack: don't increment invalid counter on NF_REPEAT
     - kernel: delete repeated words in comments
     - perf: Fix perf_event_read_local() time
     - sched/pelt: Relax the sync of util_sum with util_avg
     - net: phy: broadcom: hook up soft_reset for BCM54616S
     - phylib: fix potential use-after-free
     - rxrpc: Adjust retransmission backoff
     - [arm64] efi/libstub: arm64: Fix image check alignment at entry
     - hwmon: (lm90) Mark alert as broken for MAX6654
     - [powerpc*] perf: Fix power_pmu_disable to call clear_pmi_irq_pending only
       if PMI is pending
     - net: ipv4: Move ip_options_fragment() out of loop
     - net: ipv4: Fix the warning for dereference
     - ipv4: fix ip option filtering for locally generated fragments
     - [x86] video: hyperv_fb: Fix validation of screen resolution
     - [arm64] drm/msm/hdmi: Fix missing put_device() call in msm_hdmi_get_phy
     - [arm64] drm/msm/dpu: invalid parameter check in dpu_setup_dspp_pcc
     - [armhf] net: cpsw: Properly initialise struct page_pool_params
     - [arm64] net: hns3: handle empty unknown interrupt for VF
     - Revert "ipv6: Honor all IPv6 PIO Valid Lifetime values"
     - net: bridge: vlan: fix single net device option dumping
     - ipv4: raw: lock the socket in raw_bind()
     - ipv4: tcp: send zero IPID in SYNACK messages
     - ipv4: remove sparse error in ip_neigh_gw4()
     - net: bridge: vlan: fix memory leak in __allowed_ingress
     - dt-bindings: can: tcan4x5x: fix mram-cfg RX FIFO config
     - fsnotify: invalidate dcache before IN_DELETE event
     - block: Fix wrong offset in bio_truncate()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.97
     - PCI: pciehp: Fix infinite loop in IRQ handler upon power fault
     - [x86] KVM: x86: Forcibly leave nested virt when SMM state is toggled
     - psi: Fix uaf issue when psi trigger is destroyed while being polled
     - [x86] mce: Add Xeon Sapphire Rapids to list of CPUs that support PPIN
     - [x86] cpu: Add Xeon Icelake-D to list of CPUs that support PPIN
     - [arm*] drm/vc4: hdmi: Make sure the device is powered with CEC
     - cgroup-v1: Require capabilities to set release_agent (CVE-2022-0492)
     - net/mlx5e: Fix handling of wrong devices during bond netevent
     - net/mlx5: Use del_timer_sync in fw reset flow of halting poll
     - net/mlx5: E-Switch, Fix uninitialized variable modact
     - ipheth: fix EOVERFLOW in ipheth_rcvbulk_callback
     - [amd64,arm64] net: amd-xgbe: ensure to reset the tx_timer_active flag
     - [amd64,arm64] net: amd-xgbe: Fix skb data length underflow
     - fanotify: Fix stale file descriptor in copy_event_to_user()
     - net: sched: fix use-after-free in tc_new_tfilter()
     - rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink()
     - cpuset: Fix the bug that subpart_cpus updated wrongly in update_cpumask()
     - af_packet: fix data-race in packet_setsockopt / packet_setsockopt
     - tcp: add missing tcp_skb_can_collapse() test in tcp_shift_skb_data()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.98
     - [arm*] Revert "drm/vc4: hdmi: Make sure the device is powered with CEC"
     - [arm*] Revert "drm/vc4: hdmi: Make sure the device is powered with CEC"
       again
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.99
     - selinux: fix double free of cond_list on error paths
     - audit: improve audit queue handling when "audit=1" on cmdline
     - ASoC: ops: Reject out of bounds values in snd_soc_put_volsw()
     - ASoC: ops: Reject out of bounds values in snd_soc_put_volsw_sx()
     - ASoC: ops: Reject out of bounds values in snd_soc_put_xr_sx()
     - ALSA: usb-audio: Correct quirk for VF0770
     - ALSA: hda: Fix UAF of leds class devs at unbinding
     - ALSA: hda: realtek: Fix race at concurrent COEF updates
     - ALSA: hda/realtek: Add quirk for ASUS GU603
     - ALSA: hda/realtek: Add missing fixup-model entry for Gigabyte X570 ALC1220
       quirks
     - ALSA: hda/realtek: Fix silent output on Gigabyte X570S Aorus Master (newer
       chipset)
     - ALSA: hda/realtek: Fix silent output on Gigabyte X570 Aorus Xtreme after
       reboot from Windows
     - btrfs: fix deadlock between quota disable and qgroup rescan worker
     - drm/nouveau: fix off by one in BIOS boundary checking
     - mm/pgtable: define pte_index so that preprocessor could recognize it
     - block: bio-integrity: Advance seed correctly for larger interval sizes
     - dma-buf: heaps: Fix potential spectre v1 gadget
     - [amd64] IB/hfi1: Fix AIP early init panic
     - memcg: charge fs_context and legacy_fs_context
     - RDMA/cma: Use correct address when leaving multicast group
     - RDMA/ucma: Protect mc during concurrent multicast leaves
     - [amd64] IB/rdmavt: Validate remote_addr during loopback atomic tests
     - RDMA/mlx4: Don't continue event handler after memory allocation failure
     - [amd64] iommu/vt-d: Fix potential memory leak in
       intel_setup_irq_remapping()
     - [amd64] iommu/amd: Fix loop timeout issue in iommu_ga_log_enable()
     - [arm64,armhf] spi: meson-spicc: add IRQ check in meson_spicc_probe
     - net: ieee802154: hwsim: Ensure proper channel selection at probe time
     - net: ieee802154: Return meaningful error codes from the netlink helpers
     - net: macsec: Fix offload support for NETDEV_UNREGISTER event
     - net: macsec: Verify that send_sci is on when setting Tx sci explicitly
     - net: stmmac: dump gmac4 DMA registers correctly
     - net: stmmac: ensure PTP time register reads are consistent
     - [x86] drm/i915/overlay: Prevent divide by zero bugs in scaling
     - [x86] pinctrl: intel: Fix a glitch when updating IRQ flags on a
       preconfigured line
     - [x86] pinctrl: intel: fix unexpected interrupt
     - [arm*] pinctrl: bcm2835: Fix a few error paths
     - scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe
     - nfsd: nfsd4_setclientid_confirm mistakenly expires confirmed client.
     - [amd64,arm64] gve: fix the wrong AdminQ buffer queue index check
     - bpf: Use VM_MAP instead of VM_ALLOC for ringbuf
     - rtc: cmos: Evaluate century appropriate
     - Revert "fbcon: Disable accelerated scrolling"
     - fbcon: Add option to enable legacy hardware acceleration
     - perf stat: Fix display of grouped aliased events
     - [x86] perf/x86/intel/pt: Fix crash with stop filters in single-range mode
     - [x86] perf: Default set FREEZE_ON_SMI for all
     - [arm64] EDAC/xgene: Fix deferred probing
     - ext4: prevent used blocks from being allocated during fast commit replay
     - ext4: modify the logic of ext4_mb_new_blocks_simple
     - ext4: fix error handling in ext4_restore_inline_data()
     - ext4: fix error handling in ext4_fc_record_modified_inode()
     - ext4: fix incorrect type issue during replay_del_range
     - cgroup/cpuset: Fix "suspicious RCU usage" lockdep warning
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.100
     - moxart: fix potential use-after-free on remove path (CVE-2022-0487)
     - crypto: api - Move cryptomgr soft dependency into algapi
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.101
     - integrity: check the return value of audit_log_start()
     - [arm64] mmc: sdhci-of-esdhc: Check for error num after setting mask
     - can: isotp: fix potential CAN frame reception race in isotp_rcv()
     - net: phy: marvell: Fix RGMII Tx/Rx delays setting in 88e1121-compatible
       PHYs
     - net: phy: marvell: Fix MDI-x polarity setting in 88e1118-compatible PHYs
     - NFS: Fix initialisation of nfs_client cl_flags field
     - NFSD: Clamp WRITE offsets
     - NFSD: Fix offset type in I/O trace points
     - drm/amdgpu: Set a suitable dev_info.gart_page_size (Closes: #990279)
     - NFS: change nfs_access_get_cached to only report the mask
     - NFSv4 only print the label when its queried
     - nfs: nfs4clinet: check the return value of kstrdup()
     - NFSv4.1: Fix uninitialised variable in devicenotify
     - NFSv4 remove zero number of fs_locations entries error check
     - NFSv4 expose nfs_parse_server_name function
     - NFSv4 handle port presence in fs_location server string
     - [x86] perf: Avoid warning for Arch LBR without XSAVE
     - drm: panel-orientation-quirks: Add quirk for the 1Netbook OneXPlayer
     - net: sched: Clarify error message when qdisc kind is unknown
     - [powerpc*] fixmap: Fix VM debug warning on unmap
     - scsi: target: iscsi: Make sure the np under each tpg is unique
     - scsi: qedf: Add stag_work to all the vports
     - scsi: qedf: Fix refcount issue when LOGO is received during TMF
     - scsi: pm8001: Fix bogus FW crash for maxcpus=1
     - scsi: ufs: Treat link loss as fatal error
     - scsi: myrs: Fix crash in error case
     - PM: hibernate: Remove register_nosave_region_late()
     - [arm*] usb: dwc2: gadget: don't try to disable ep0 in dwc2_hsotg_suspend
     - perf: Always wake the parent event
     - nvme-pci: add the IGNORE_DEV_SUBNQN quirk for Intel P4500/P4600 SSDs
     - [arm64,armhf] net: stmmac: dwmac-sun8i: use return val of
       readl_poll_timeout()
     - KVM: eventfd: Fix false positive RCU usage warning
     - [x86] KVM: nVMX: eVMCS: Filter out VM_EXIT_SAVE_VMX_PREEMPTION_TIMER
     - [x86] KVM: nVMX: Also filter MSR_IA32_VMX_TRUE_PINBASED_CTLS when eVMCS
     - [x86] KVM: SVM: Don't kill SEV guest if SMAP erratum triggers in usermode
     - [x86] KVM: VMX: Set vmcs.PENDING_DBG.BS on #DB in STI/MOVSS blocking
       shadow
     - nvme-tcp: fix bogus request completion when failing to send AER
     - [arm64] ACPI/IORT: Check node revision for PMCG resources
     - PM: s2idle: ACPI: Fix wakeup interrupts handling
     - [arm64,armhf] drm/rockchip: vop: Correct RK3399 VOP register fields
     - [armhf] ARM: dts: Fix timer regression for beagleboard revision c
     - usb: f_fs: Fix use-after-free for epfile
     - [arm*] drm/vc4: hdmi: Allow DBLCLK modes even if horz timing is odd.
     - netfilter: ctnetlink: disable helper autoassign
     - ixgbevf: Require large buffers for build_skb on 82599VF
     - [arm64,armhf] drm/panel: simple: Assign data from panel_dpi_probe()
       correctly
     - ACPI: PM: s2idle: Cancel wakeup before dispatching EC GPE
     - bonding: pair enable_port with slave_arr_updates
     - [arm64,armhf] net: dsa: mv88e6xxx: don't use devres for mdiobus
     - [armhf] net: dsa: bcm_sf2: don't use devres for mdiobus
     - [arm64] net: dsa: felix: don't use devres for mdiobus
     - ipmr,ip6mr: acquire RTNL before calling ip[6]mr_free_table() on failure
       path
     - nfp: flower: fix ida_idx not being released
     - net: do not keep the dst cache when uncloning an skb dst and its metadata
     - net: fix a memleak when uncloning an skb dst and its metadata
     - veth: fix races around rq->rx_notify_masked
     - [armhf] net: mdio: aspeed: Add missing MODULE_DEVICE_TABLE
     - tipc: rate limit warning for received illegal binding update
     - [amd64,arm64] net: amd-xgbe: disable interrupts during pci removal
     - [arm64] dpaa2-eth: unregister the netdev before disconnecting from the PHY
     - ice: fix an error code in ice_cfg_phy_fec()
     - ice: fix IPIP and SIT TSO offload
     - [arm64] net: mscc: ocelot: fix mutex lock error during ethtool stats read
     - [arm64,armhf] net: dsa: mv88e6xxx: fix use-after-free in
       mv88e6xxx_mdios_unregister
     - vt_ioctl: fix array_index_nospec in vt_setactivate
     - vt_ioctl: add array_index_nospec to VT_ACTIVATE
     - n_tty: wake up poll(POLLRDNORM) on receiving data
     - eeprom: ee1004: limit i2c reads to I2C_SMBUS_BLOCK_MAX
     - [arm*] usb: dwc2: drd: fix soft connect when gadget is unconfigured
     - [arm*] Revert "usb: dwc2: drd: fix soft connect when gadget is
       unconfigured"
     - net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
     - [arm64,armhf] usb: ulpi: Move of_node_put to ulpi_dev_release
     - [arm64,armhf] usb: ulpi: Call of_node_put correctly
     - [arm64,armhf] usb: dwc3: gadget: Prevent core from processing stale TRBs
     - usb: gadget: f_uac2: Define specific wTerminalType
     - USB: serial: ftdi_sio: add support for Brainboxes US-159/235/320
     - USB: serial: option: add ZTE MF286D modem
     - USB: serial: ch341: add support for GW Instek USB2.0-Serial devices
     - USB: serial: cp210x: add NCR Retail IO box id
     - USB: serial: cp210x: add CPI Bulk Coin Recycler id
     - speakup-dectlk: Restore pitch setting
     - [x86] hwmon: (dell-smm) Speed up setting of fan speed
     - can: isotp: fix error path in isotp_sendmsg() to unlock wait queue
     - scsi: lpfc: Remove NVMe support if kernel has NVME_FC disabled
     - scsi: lpfc: Reduce log messages seen after firmware download
     - perf: Fix list corruption in perf_cgroup_switch()
     - iommu: Fix potential use-after-free during probe
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.102
     - drm/nouveau/pmu/gm200-: use alternate falcon reset sequence
     - mm: memcg: synchronize objcg lists with a dedicated spinlock
     - rcu: Do not report strict GPs for outgoing CPUs
     - fget: clarify and improve __fget_files() implementation
     - fs/proc: task_mmu.c: don't read mapcount for migration entry
     - can: isotp: prevent race between isotp_bind() and isotp_setsockopt()
     - can: isotp: add SF_BROADCAST support for functional addressing
     - scsi: lpfc: Fix mailbox command failure during driver initialization
     - HID:Add support for UGTABLET WP5540
     - [x86] Revert "svm: Add warning message for AVIC IPI invalid target"
     - mmc: block: fix read single on recovery logic
     - mm: don't try to NUMA-migrate COW pages that have other uses
     - [amd64] PCI: hv: Fix NUMA node assignment when kernel boots with custom
       NUMA topology
     - btrfs: send: in case of IO error log it
     - net: ieee802154: at86rf230: Stop leaking skb's
     - ax25: improve the incomplete fix to avoid UAF and NPD bugs
     - vfs: make freeze_super abort when sync_filesystem returns error
     - quota: make dquot_quota_sync return errors from ->sync_fs
     - scsi: pm8001: Fix use-after-free for aborted TMF sas_task
     - scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task
     - nvme: fix a possible use-after-free in controller reset during load
     - nvme-tcp: fix possible use-after-free in transport error_recovery work
     - nvme-rdma: fix possible use-after-free in transport error_recovery work
     - drm/amdgpu: fix logic inversion in check
     - [amd64] x86/Xen: streamline (and fix) PV CPU enumeration
     - Revert "module, async: async_synchronize_full() on module init iff async
       is used"
     - random: wake up /dev/random writers after zap
     - iwlwifi: fix use-after-free
     - drm/radeon: Fix backlight control on iMac 12,1
     - [x86] drm/i915/opregion: check port number bounds for SWSCI display power
       state
     - vsock: remove vsock from connected table when connect is interrupted by a
       signal
     - [x86] drm/i915/gvt: Make DRM_I915_GVT depend on X86
     - iwlwifi: pcie: fix locking when "HW not ready"
     - iwlwifi: pcie: gen2: fix locking when "HW not ready"
     - netfilter: nft_synproxy: unregister hooks on init error path
     - ipv6: per-netns exclusive flowlabel checks
     - net: dsa: lantiq_gswip: fix use after free in gswip_remove()
     - ping: fix the dif and sdif check in ping_lookup
     - bonding: force carrier update when releasing slave
     - drop_monitor: fix data-race in dropmon_net_event / trace_napi_poll_hit
     - net_sched: add __rcu annotation to netdev->qdisc
     - bonding: fix data-races around agg_select_timer
     - libsubcmd: Fix use-after-free for realloc(..., 0)
     - [arm64] dpaa2-eth: Initialize mutex used in one step timestamping path
     - ALSA: hda/realtek: Add quirk for Legion Y9000X 2019
     - ALSA: hda/realtek: Fix deadlock by COEF mutex
     - ALSA: hda: Fix regression on forced probe mask option
     - ALSA: hda: Fix missing codec probe on Shenker Dock 15
     - ASoC: ops: Fix stereo change notifications in snd_soc_put_volsw()
     - ASoC: ops: Fix stereo change notifications in snd_soc_put_volsw_range()
     - [powerpc*[ lib/sstep: fix 'ptesync' build error
     - [armhf] mtd: rawnand: gpmi: don't leak PM reference in error path
     - [x86] KVM: SVM: Never reject emulation due to SMAP errata for !SEV guests
       (CVE-2020-36310)
     - block/wbt: fix negative inflight counter when remove scsi device
     - NFS: LOOKUP_DIRECTORY is also ok with symlinks
     - NFS: Do not report writeback errors in nfs_getattr()
     - tty: n_tty: do not look ahead for EOL character past the end of the buffer
     - [x86] Drivers: hv: vmbus: Fix memory leak in vmbus_add_channel_kobj
     - [x86] KVM: x86/pmu: Refactoring find_arch_event() to pmc_perf_hw_id()
     - [x86] KVM: x86/pmu: Don't truncate the PerfEvtSeln MSR when creating a
       perf event
     - [x86] KVM: x86/pmu: Use AMD64_RAW_EVENT_MASK for PERF_TYPE_RAW
     - NFS: Don't set NFS_INO_INVALID_XATTR if there is no xattr cache
     - [armhf] OMAP2+: hwmod: Add of_node_put() before break
     - [armhf] OMAP2+: adjust the location of put_device() call in
       omapdss_init_of
     - netfilter: conntrack: don't refresh sctp entries in closed state
     - kconfig: let 'shell' return enough output for deep path names
     - ata: libata-core: Disable TRIM on M88V29
     - [armhf] soc: aspeed: lpc-ctrl: Block error printing on probe defer cases
     - xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create
     - [arm64,armhf] drm/rockchip: dw_hdmi: Do not leave clock enabled in error
       case
     - tracing: Fix tp_printk option related with tp_printk_stop_on_boot
     - net: usb: qmi_wwan: Add support for Dell DW5829e
     - [arm64] net: macb: Align the dma and coherent dma masks
     - kconfig: fix failing to generate auto.conf
     - scsi: lpfc: Fix pt2pt NVMe PRLI reject LOGO loop
     - EDAC: Fix calculation of returned address and next offset in
       edac_align_ptr()
     - net: sched: limit TC_ACT_REPEAT loops
     - [armhf] dmaengine: stm32-dmamux: Fix PM disable depth imbalance in
       stm32_dmamux_probe
     - copy_process(): Move fd_install() out of sighand->siglock critical section
     - [arm*] i2c: brcmstb: fix support for DSL and CM variants
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.103
     - cgroup/cpuset: Fix a race between cpuset_attach() and cpu hotplug
     - btrfs: tree-checker: check item_size for inode_item
     - btrfs: tree-checker: check item_size for dev_item
     - vhost/vsock: don't check owner in vhost_vsock_stop() while releasing
     - [x86] KVM: x86/mmu: make apf token non-zero to fix bug
     - drm/amdgpu: disable MMHUB PG for Picasso
     - [x86] drm/i915: Correctly populate use_sagv_wm for all pipes
     - sr9700: sanity check for packet length
     - USB: zaurus: support another broken Zaurus
     - CDC-NCM: avoid overflow in sanity checking
     - netfilter: nf_tables_offload: incorrect flow offload action array size
       (CVE-2022-25636)
     - [x86] fpu: Correct pkru/xstate inconsistency
     - [arm64] tee: export teedev_open() and teedev_close_context()
     - [arm64] optee: use driver internal tee_context for some rpc
     - ping: remove pr_err from ping_lookup
     - perf data: Fix double free in perf_session__delete()
     - bnx2x: fix driver load from initrd
     - bnxt_en: Fix active FEC reporting to ethtool
     - hwmon: Handle failure to register sensor with thermal zone correctly
     - bpf: Do not try bpf_msg_push_data with len 0
     - bpf: Add schedule points in batch ops
     - io_uring: add a schedule point in io_add_buffers()
     - net: __pskb_pull_tail() & pskb_carve_frag_list() drop_monitor friends
     - tipc: Fix end of loop tests for list_for_each_entry()
     - gso: do not skip outer ip header in case of ipip and net_failover
     - openvswitch: Fix setting ipv6 fields causing hw csum failure
     - drm/edid: Always set RGB444
     - net/mlx5e: Fix wrong return value on ioctl EEPROM query failure
     - net/sched: act_ct: Fix flow table lookup after ct clear or switching zones
     - net: Force inlining of checksum functions in net/checksum.h
     - nfp: flower: Fix a potential leak in nfp_tunnel_add_shared_mac()
     - netfilter: nf_tables: fix memory leak during stateful obj update
     - net/smc: Use a mutex for locking "struct smc_pnettable"
     - udp_tunnel: Fix end of loop test in udp_tunnel_nic_unregister()
     - net/mlx5: Fix possible deadlock on rule deletion
     - net/mlx5: Fix wrong limitation of metadata match on ecpf
     - net/mlx5e: kTLS, Use CHECKSUM_UNNECESSARY for device-offloaded packets
     - regmap-irq: Update interrupt clear register for proper reset
     - configfs: fix a race in configfs_{,un}register_subsystem()
     - RDMA/ib_srp: Fix a deadlock
     - tracing: Have traceon and traceoff trigger honor the instance
     - iio: adc: ad7124: fix mask used for setting AIN_BUFP & AIN_BUFM bits
     - iio: imu: st_lsm6dsx: wait for settling time in st_lsm6dsx_read_oneshot
     - iio: Fix error handling for PM
     - ata: pata_hpt37x: disable primary channel on HPT371
     - Revert "USB: serial: ch341: add new Product ID for CH341A"
     - usb: gadget: rndis: add spinlock for rndis response list
     - tracefs: Set the group ownership in apply_options() not parse_options()
     - USB: serial: option: add support for DW5829e
     - USB: serial: option: add Telit LE910R1 compositions
     - [arm*] usb: dwc2: drd: fix soft connect when gadget is unconfigured
     - [arm64] usb: dwc3: pci: Fix Bay Trail phy GPIO mappings
     - [arm64,armhf] usb: dwc3: gadget: Let the interrupt handler disable bottom
       halves.
     - xhci: re-initialize the HC during resume if HCE was set
     - xhci: Prevent futile URB re-submissions due to incorrect return value.
     - driver core: Free DMA range map when device is released
     - RDMA/cma: Do not change route.addr.src_addr outside state checks
     - [x86] thermal: int340x: fix memory leak in int3400_notify()
     - tty: n_gsm: fix encoding of control signal octet bit DV
     - tty: n_gsm: fix proper link termination after failed open
     - tty: n_gsm: fix NULL pointer access due to DLCI release
     - tty: n_gsm: fix wrong tty control line for flow control
     - tty: n_gsm: fix deadlock in gsmtty_open()
     - memblock: use kfree() to release kmalloced memblock regions
 .
   [ Salvatore Bonaccorso ]
   * Refresh "Makefile: Do not check for libelf when building OOT module"
   * Bump ABI to 12
   * Refresh "firmware: Remove redundant log messages from drivers"
   * [rt] Refresh "locking/rtmutex: add sleeping lock implementation"
   * [rt] Refresh "cpuset: Convert callback_lock to raw_spinlock_t"
   * [rt] Update to 5.10.100-rt62
   * Mitigate Spectre v2-type Branch History Buffer attacks (CVE-2022-0001,
     CVE-2022-0002)
     - [x86] bugs: Unconditionally allow spectre_v2=retpoline,amd
     - [x86] speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE
     - [x86] speculation: Add eIBRS + Retpoline options
     - Documentation/hw-vuln: Update spectre doc
     - [x86] speculation: Include unprivileged eBPF status in Spectre v2
       mitigation reporting
     - [x86] speculation: Use generic retpoline by default on AMD
     - [x86] speculation: Update link to AMD speculation whitepaper
     - [x86] speculation: Warn about Spectre v2 LFENCE mitigation
     - [x86] speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT
linux-signed-arm64 (5.10.103+1~bpo10+1) buster-backports; urgency=high
 .
   * Sign kernel from linux 5.10.103-1~bpo10+1
 .
   * Rebuild for buster-backports:
     - Change ABI number to 0.bpo.12
linux-signed-arm64 (5.10.92+2) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.92-2
 .
   * lib/iov_iter: initialize "flags" in new pipe_buffer
   * [x86] mwifiex: Fix skb_over_panic in mwifiex_usb_recv() (CVE-2021-43976)
   * [x86] drm/i915: Flush TLBs before releasing backing store (CVE-2022-0330)
   * [x86] drm/vmwgfx: Fix stale file descriptors on failed usercopy
     (CVE-2022-22942)
   * NFSv4: Handle case where the lookup of a directory fails (CVE-2022-24448)
   * yam: fix a memory leak in yam_siocdevprivate() (CVE-2022-24959)
   * tipc: improve size validations for received domain records (CVE-2022-0435)
   * [s390x] KVM: s390: Return error on SIDA memop on normal guest
     (CVE-2022-0516)
   * USB: gadget: validate interface OS descriptor requests (CVE-2022-25258)
   * usb: gadget: rndis: check size of RNDIS_MSG_SET command (CVE-2022-25375)
linux-signed-arm64 (5.10.92+1) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.92-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.85
     - usb: gadget: uvc: fix multiple opens
     - gcc-plugins: simplify GCC plugin-dev capability test
     - gcc-plugins: fix gcc 11 indigestion with plugins...
     - HID: quirks: Add quirk for the Microsoft Surface 3 type-cover
     - HID: add hid_is_usb() function to make it simpler for USB detection
     - HID: bigbenff: prevent null pointer dereference
     - HID: wacom: fix problems when device is not a valid USB device
     - HID: check for valid USB device for many HID drivers
     - [amd64] nft_set_pipapo: Fix bucket load in AVX2 lookup routine for six
       8-bit groups
     - [amd64] IB/hfi1: Insure use of smp_processor_id() is preempt disabled
     - [amd64] IB/hfi1: Fix early init panic
     - [amd64] IB/hfi1: Fix leak of rcvhdrtail_dummy_kvaddr
     - can: kvaser_usb: get CAN clock frequency from device
     - [x86] can: sja1000: fix use after free in ems_pcmcia_add_card()
     - drm/amdgpu: move iommu_resume before ip init/resume
     - drm/amdgpu: init iommu after amdkfd device init
     - nfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done
     - vrf: don't run conntrack on vrf with !dflt qdisc
     - bpf, x86: Fix "no previous prototype" warning
     - bpf: Fix the off-by-two error in range markings
     - ice: ignore dropped packets during init
     - bonding: make tx_rebalance_counter an atomic
     - nfp: Fix memory leak in nfp_cpp_area_cache_add()
     - seg6: fix the iif in the IPv6 socket control block
     - udp: using datalen to cap max gso segments
     - netfilter: conntrack: annotate data-races around ct->timeout
     - iavf: restore MSI state on reset
     - iavf: Fix reporting when setting descriptor count
     - [amd64] IB/hfi1: Correct guard on eager buffer deallocation
     - devlink: fix netns refcount leak in devlink_nl_cmd_reload()
     - net/sched: fq_pie: prevent dismantle issue
     - [x86] KVM: x86: Wait for IPIs to be delivered when handling Hyper-V TLB
       flush hypercall
     - mm: bdi: initialize bdi_min_ratio when bdi is unregistered
     - ALSA: hda/realtek - Add headset Mic support for Lenovo ALC897 platform
     - ALSA: hda/realtek: Fix quirk for TongFang PHxTxX1
     - ALSA: pcm: oss: Fix negative period/buffer sizes
     - ALSA: pcm: oss: Limit the period size to 16MB
     - ALSA: pcm: oss: Handle missing errors in snd_pcm_oss_change_params*()
     - scsi: qla2xxx: Format log strings only if needed
     - btrfs: clear extent buffer uptodate when we fail to write it
     - btrfs: replace the BUG_ON in btrfs_del_root_ref with proper error handling
     - md: fix update super 1.0 on rdev size change
     - nfsd: fix use-after-free due to delegation race (Closes: #988044)
     - nfsd: Fix nsfd startup race (again)
     - tracefs: Have new files inherit the ownership of their parent
     - [arm64] clk: qcom: regmap-mux: fix parent clock lookup
     - drm/syncobj: Deal with signalled fences in drm_syncobj_find_fence.
     - [i386] can: pch_can: pch_can_rx_normal: fix use after free
     - libata: add horkage for ASMedia 1092
     - wait: add wake_up_pollfree()
     - binder: use wake_up_pollfree()
     - signalfd: use wake_up_pollfree()
     - aio: keep poll requests on waitqueue until completed
     - aio: fix use-after-free due to missing POLLFREE handling
     - [arm64,armhf] net: mvpp2: fix XDP rx queues registering
     - tracefs: Set all files to the same group ownership as the mount option
     - block: fix ioprio_get(IOPRIO_WHO_PGRP) vs setuid(2)
     - scsi: pm80xx: Do not call scsi_remove_host() in pm8001_alloc()
     - scsi: scsi_debug: Fix buffer size of REPORT ZONES command
     - qede: validate non LSO skb length
     - PM: runtime: Fix pm_runtime_active() kerneldoc comment
     - ASoC: rt5682: Fix crash due to out of scope stack vars
     - [arm64] RDMA/hns: Do not halt commands during reset until later
     - [arm64] RDMA/hns: Do not destroy QP resources in the hw resetting phase
     - i40e: Fix failed opcode appearing if handling messages from VF
     - i40e: Fix pre-set max number of queues for VF
     - i40e: Fix NULL pointer dereference in i40e_dbg_dump_desc
     - [arm64] Revert "PCI: aardvark: Fix support for PCI_ROM_ADDRESS1 on
       emulated bridge"
     - Documentation/locking/locktypes: Update migrate_disable() bits.
     - dt-bindings: net: Reintroduce PHY no lane swap binding
     - net: cdc_ncm: Allow for dwNtbOutMaxSize to be unset or zero
     - [arm64,armhf] net: fec: only clear interrupt of handling queue in
       fec_enet_rx_queue()
     - net, neigh: clear whole pneigh_entry at alloc time
     - net/qla3xxx: fix an error code in ql_adapter_up()
     - USB: gadget: detect too-big endpoint 0 requests (CVE-2021-39685)
     - USB: gadget: zero allocate endpoint 0 buffers (CVE-2021-39685)
     - usb: core: config: fix validation of wMaxPacketValue entries
     - xhci: Remove CONFIG_USB_DEFAULT_PERSIST to prevent xHCI from runtime
       suspending
     - usb: core: config: using bit mask instead of individual bits
     - xhci: avoid race between disable slot command and host runtime suspend
     - iio: gyro: adxrs290: fix data signedness
     - iio: trigger: Fix reference counting
     - iio: stk3310: Don't return error code in interrupt handler
     - iio: mma8452: Fix trigger reference couting
     - iio: ltr501: Don't return error code in trigger handler
     - iio: kxsd9: Don't return error code in trigger handler
     - iio: itg3200: Call iio_trigger_notify_done() on error
     - iio: adc: axp20x_adc: fix charging current reporting on AXP22x
     - iio: ad7768-1: Call iio_trigger_notify_done() on error
     - iio: accel: kxcjk-1013: Fix possible memory leak in probe and remove
     - [armhf] irqchip/aspeed-scu: Replace update_bits with write_bits.
     - [armhf] irqchip/armada-370-xp: Fix return value of
       armada_370_xp_msi_alloc()
     - [armhf] irqchip/armada-370-xp: Fix support for Multi-MSI interrupts
     - [arm64,armhf] irqchip/irq-gic-v3-its.c: Force synchronisation when issuing
       INVALL
     - kbuild: simplify GCC_PLUGINS enablement in dummy-tools/gcc
     - doc: gcc-plugins: update gcc-plugins.rst
     - MAINTAINERS: adjust GCC PLUGINS after gcc-plugin.sh removal
     - Documentation/Kbuild: Remove references to gcc-plugin.sh
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.86
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.87
     - nfc: fix segfault in nfc_genl_dump_devices_done
     - [arm64] drm/msm/dsi: set default num_data_lanes
     - [arm64] KVM: arm64: Save PSTATE early on exit
     - [arm64] Revert "tty: serial: fsl_lpuart: drop earlycon entry for i.MX8QXP"
     - net/mlx4_en: Update reported link modes for 1/10G
     - ALSA: hda: Add Intel DG2 PCI ID and HDMI codec vid
     - ALSA: hda/hdmi: fix HDA codec entry table order for ADL-P
     - [arm64,armhf] i2c: rk3x: Handle a spurious start completion interrupt flag
     - net: netlink: af_netlink: Prevent empty skb by adding a check on len.
     - [x86] KVM: x86: Ignore sparse banks size for an "all CPUs", non-sparse IPI
       req
     - bpf: Fix integer overflow in argument calculation for bpf_map_area_alloc
     - fuse: make sure reclaim doesn't write the inode
     - [x86] hwmon: (dell-smm) Fix warning on /proc/i8k creation error
     - ethtool: do not perform operations on net devices being unregistered
     - [armel,armhf] memblock: free_unused_memmap: use pageblock units instead of
       MAX_ORDER
     - [armel,armhf] memblock: align freed memory map on pageblock boundaries
       with SPARSEMEM
     - memblock: ensure there is no overflow in memblock_overlaps_region()
     - [armel,armhf] arm: extend pfn_valid to take into account freed memory map
       alignment
     - [armel,armhf] arm: ioremap: don't abuse pfn_valid() to check if pfn is in
       RAM
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.88
     - KVM: downgrade two BUG_ONs to WARN_ON_ONCE
     - mac80211: fix regression in SSN handling of addba tx
     - mac80211: mark TX-during-stop for TX in in_reconfig
     - mac80211: send ADDBA requests using the tid/queue of the aggregation
       session
     - mac80211: validate extended element ID is present
     - bpf: Fix signed bounds propagation after mov32
     - bpf: Make 32->64 bounds propagation slightly more robust
     - virtio_ring: Fix querying of maximum DMA mapping size for virtio device
     - dm btree remove: fix use after free in rebalance_children()
     - audit: improve robustness of the audit queue handling
     - [arm64] dts: imx8mp-evk: Improve the Ethernet PHY description
     - [arm64] dts: rockchip: fix rk3308-roc-cc vcc-sd supply
     - [arm64] dts: rockchip: fix rk3399-leez-p710 vcc3v3-lan supply
     - mac80211: track only QoS data frames for admission control
     - ceph: fix duplicate increment of opened_inodes metric
     - ceph: initialize pathlen variable in reconnect_caps_cb
     - [armhf] socfpga: dts: fix qspi node compatible
     - clk: Don't parent clks until the parent is fully registered
     - [armhf] soc: imx: Register SoC device only on i.MX boards
     - virtio/vsock: fix the transport to work with VMADDR_CID_ANY
     - [s390x] kexec_file: fix error handling when applying relocations
     - sch_cake: do not call cake_destroy() from cake_init()
     - inet_diag: fix kernel-infoleak for UDP sockets
     - [arm64] net: hns3: fix use-after-free bug in hclgevf_send_mbx_msg
     - net/sched: sch_ets: don't remove idle classes from the round-robin list
     - drm/ast: potential dereference of null pointer
     - mac80211: agg-tx: don't schedule_and_wake_txq() under sta->lock
     - mac80211: fix lookup when adding AddBA extension element
     - flow_offload: return EOPNOTSUPP for the unsupported mpls action type
     - rds: memory leak in __rds_conn_create() (CVE-2021-45480)
     - [arm64,armhf] soc/tegra: fuse: Fix bitwise vs. logical OR warning
     - igb: Fix removal of unicast MAC filters of VFs
     - igbvf: fix double free in `igbvf_probe`
     - igc: Fix typo in i225 LTR functions
     - ixgbe: Document how to enable NBASE-T support
     - ixgbe: set X550 MDIO speed before talking to PHY
     - netdevsim: Zero-initialize memory for new map's value in function
       nsim_bpf_map_alloc (CVE-2021-4135)
     - net/packet: rx_owner_map depends on pg_vec
     - sfc_ef100: potential dereference of null pointer
     - net: Fix double 0x prefix print in SKB dump
     - net/smc: Prevent smc_release() from long blocking
     - sit: do not call ipip6_dev_free() from sit_init_net()
     - USB: gadget: bRequestType is a bitfield, not a enum
     - Revert "usb: early: convert to readl_poll_timeout_atomic()"
     - [x86] KVM: x86: Drop guest CPUID check for host initiated writes to
       MSR_IA32_PERF_CAPABILITIES
     - [x86] tty: n_hdlc: make n_hdlc_tty_wakeup() asynchronous
     - USB: NO_LPM quirk Lenovo USB-C to Ethernet Adapher(RTL8153-04)
     - [arm*] usb: dwc2: fix STM ID/VBUS detection startup delay in
       dwc2_driver_probe
     - PCI/MSI: Clear PCI_MSIX_FLAGS_MASKALL on error
     - PCI/MSI: Mask MSI-X vectors only on success
     - usb: xhci: Extend support for runtime power management for AMD's Yellow
       carp.
     - USB: serial: cp210x: fix CP2105 GPIO registration
     - USB: serial: option: add Telit FN990 compositions
     - btrfs: fix memory leak in __add_inode_ref()
     - btrfs: fix double free of anon_dev after failure to create subvolume
     - zonefs: add MODULE_ALIAS_FS
     - iocost: Fix divide-by-zero on donation from low hweight cgroup
     - [x86] serial: 8250_fintek: Fix garbled text for console
     - timekeeping: Really make sure wall_to_monotonic isn't positive
     - libata: if T_LENGTH is zero, dma direction should be DMA_NONE
     - drm/amdgpu: correct register access for RLC_JUMP_TABLE_RESTORE
     - Input: touchscreen - avoid bitwise vs logical OR warning
     - xsk: Do not sleep in poll() when need_wakeup set
     - media: mxl111sf: change mutex_init() location
     - fuse: annotate lock in fuse_reverse_inval_entry()
     - ovl: fix warning in ovl_create_real()
     - scsi: scsi_debug: Don't call kcalloc() if size arg is zero
     - scsi: scsi_debug: Fix type in min_t to avoid stack OOB
     - scsi: scsi_debug: Sanity check block descriptor length in
       resp_mode_select()
     - rcu: Mark accesses to rcu_state.n_force_qs
     - [armhf] bus: ti-sysc: Fix variable set but not used warning for
       reinit_modules
     - Revert "xsk: Do not sleep in poll() when need_wakeup set"
     - xen/blkfront: harden blkfront against event channel storms
       (CVE-2021-28711)
     - xen/netfront: harden netfront against event channel storms
       (CVE-2021-28712)
     - xen/console: harden hvc_xen against event channel storms (CVE-2021-28713)
     - xen/netback: fix rx queue stall detection (CVE-2021-28714)
     - xen/netback: don't queue unlimited number of packages (CVE-2021-28715)
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.89
     - net: usb: lan78xx: add Allied Telesis AT29M2-AF
     - ext4: prevent partial update of the extent blocks
     - ext4: check for out-of-order index extents in ext4_valid_extent_entries()
     - ext4: check for inconsistent extents between index and leaf block
     - HID: holtek: fix mouse probing
     - [arm64] dts: allwinner: orangepi-zero-plus: fix PHY mode
     - [arm64] spi: change clk_disable_unprepare to clk_unprepare
     - [amd64] IB/qib: Fix memory leak in qib_user_sdma_queue_pkts()
     - [arm64] RDMA/hns: Replace kfree() with kvfree()
     - netfilter: fix regression in looped (broad|multi)cast's MAC handling
     - qlcnic: potential dereference null pointer of rx_queue->page_ring
     - net: accept UFOv6 packages in virtio_net_hdr_to_skb
     - net: skip virtio_net_hdr_set_proto if protocol already set
     - igb: fix deadlock caused by taking RTNL in RPM resume path
     - ipmi: Fix UAF when uninstall ipmi_si and ipmi_msghandler module
     - bonding: fix ad_actor_system option setting to default
     - [amd64] fjes: Check for error irq
     - [armhf] drivers: net: smc911x: Check for error irq
     - sfc: Check null pointer of rx_queue->page_ring
     - sfc: falcon: Check null pointer of rx_queue->page_ring
     - Input: elantech - fix stack out of bound access in
       elantech_change_report_id()
     - [arm*] pinctrl: bcm2835: Change init order for gpio hogs
     - hwmon: (lm90) Fix usage of CONFIG2 register in detect function
     - hwmon: (lm90) Add basic support for TI TMP461
     - hwmon: (lm90) Introduce flag indicating extended temperature support
     - hwmon: (lm90) Drop critical attribute support for MAX6654
     - ALSA: jack: Check the return value of kstrdup()
     - ALSA: drivers: opl3: Fix incorrect use of vp->state
     - ALSA: hda/realtek: Amp init fixup for HP ZBook 15 G6
     - ALSA: hda/realtek: Add new alc285-hp-amp-init model
     - ALSA: hda/realtek: Fix quirk for Clevo NJ51CU
     - Input: atmel_mxt_ts - fix double free in mxt_read_info_block
     - ipmi: bail out if init_srcu_struct fails
     - ipmi: ssif: initialize ssif_info->client early
     - ipmi: fix initialization when workqueue allocation fails
     - [arm64] tee: handle lookup of shm with reference count 0
     - [x86] pkey: Fix undefined behaviour with PKRU_WD_BIT
     - [x86] platform/x86: intel_pmc_core: fix memleak on registration failure
     - [x86] KVM: VMX: Wake vCPU when delivering posted IRQ even if vCPU == this
       vCPU
     - [armhf] pinctrl: stm32: consider the GPIO offset to expose all the GPIO
       lines
     - [arm64,armhf] mmc: sdhci-tegra: Fix switch to HS400ES mode
     - mmc: core: Disable card detect during shutdown
     - [arm64,armhf] mmc: mmci: stm32: clear DLYB_CR after sending tuning command
     - [armel,armhf] 9169/1: entry: fix Thumb2 bug in iWMMXt exception handling
     - mac80211: fix locking in ieee80211_start_ap error path
     - mm/hwpoison: clear MF_COUNT_INCREASED before retrying get_any_page()
     - [arm64] tee: optee: Fix incorrect page free bug
     - f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr()
       (CVE-2021-45469)
     - ceph: fix up non-directory creation in SGID directories
     - usb: gadget: u_ether: fix race in setting MAC address in setup phase
     - [x86] KVM: VMX: Fix stale docs for kvm-intel.emulate_invalid_guest_state
     - mm: mempolicy: fix THP allocations escaping mempolicy restrictions
     - [arm64] Input: elants_i2c - do not check Remark ID on eKTH3900/eKTH5312
     - Input: goodix - add id->model mapping for the "9111" model
     - ASoC: rt5682: fix the wrong jack type detected
     - hwmom: (lm90) Fix citical alarm status for MAX6680/MAX6681
     - hwmon: (lm90) Do not report 'busy' status bit as alarm
     - ax25: NPD bug when detaching AX25 device
     - hamradio: defer ax25 kfree after unregister_netdev
     - hamradio: improve the incomplete fix to avoid NPD
     - phonet/pep: refuse to enable an unbound pipe
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.90
     - Input: i8042 - add deferred probe support
     - Input: i8042 - enable deferred probe quirk for ASUS UM325UA
     - tomoyo: Check exceeded quota early in tomoyo_domain_quota_is_ok().
     - tomoyo: use hwight16() in tomoyo_domain_quota_is_ok()
     - [x86] platform/x86: apple-gmux: use resource_size() with res
     - memblock: fix memblock_phys_alloc() section mismatch error
     - selinux: initialize proto variable in selinux_ip_postroute_compat()
     - scsi: lpfc: Terminate string in lpfc_debugfs_nvmeio_trc_write()
     - net/mlx5: DR, Fix NULL vs IS_ERR checking in dr_domain_init_resources
     - net/mlx5e: Wrap the tx reporter dump callback to extract the sq
     - net/mlx5e: Fix ICOSQ recovery flow for XSK
     - udp: using datalen to cap ipv6 udp max gso segments
     - sctp: use call_rcu to free endpoint
     - net/smc: fix using of uninitialized completions
     - net: usb: pegasus: Do not drop long Ethernet frames
     - net/smc: improved fix wait on already cleared link
     - net/smc: don't send CDC/LLC message if link not ready
     - net/smc: fix kernel panic caused by race of smc_sock
     - igc: Fix TX timestamp support for non-MSI-X platforms
     - net/mlx5e: Fix wrong features assignment in case of error
     - [armhf] net/ncsi: check for error return from call to nla_put_u32
     - i2c: validate user data in compat ioctl
     - nfc: uapi: use kernel size_t to fix user-space builds
     - uapi: fix linux/nfc.h userspace compilation errors
     - drm/amdgpu: When the VCN(1.0) block is suspended, powergating is
       explicitly enabled
     - drm/amdgpu: add support for IP discovery gc_info table v2
     - xhci: Fresco FL1100 controller should not have BROKEN_MSI quirk set.
     - usb: gadget: f_fs: Clear ffs_eventfd in ffs_data_clear.
     - [arm*] binder: fix async_free_space accounting for empty parcels
     - [x86] scsi: vmw_pvscsi: Set residual data length conditionally
     - Input: appletouch - initialize work before device registration
     - Input: spaceball - fix parsing of movement data packets
     - net: fix use-after-free in tw_timer_handler
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.91
     - f2fs: quota: fix potential deadlock
     - tracing: Fix check for trace_percpu_buffer validity in get_trace_buf()
     - tracing: Tag trace_percpu_buffer as a percpu pointer
     - ieee802154: atusb: fix uninit value in atusb_set_extended_addr
     - i40e: Fix to not show opcode msg on unsuccessful VF MAC change
     - iavf: Fix limit of total number of queues to active queues of VF
     - RDMA/core: Don't infoleak GRH fields
     - netrom: fix copying in user data in nr_setsockopt
     - RDMA/uverbs: Check for null return of kmalloc_array
     - mac80211: initialize variable have_higher_than_11mbit
     - sfc: The RX page_ring is optional
     - i40e: fix use-after-free in i40e_sync_filters_subtask()
     - i40e: Fix for displaying message regarding NVM version
     - i40e: Fix incorrect netdev's real number of RX/TX queues
     - ipv4: Check attribute length for RTA_GATEWAY in multipath route
     - ipv4: Check attribute length for RTA_FLOW in multipath route
     - ipv6: Check attribute length for RTA_GATEWAY in multipath route
     - ipv6: Check attribute length for RTA_GATEWAY when deleting multipath route
     - lwtunnel: Validate RTA_ENCAP_TYPE attribute length
     - batman-adv: mcast: don't send link-local multicast to mcast routers
     - sch_qfq: prevent shift-out-of-bounds in qfq_init_qdisc
     - net: ena: Fix undefined state when tx request id is out of bounds
     - net: ena: Fix error handling when calculating max IO queues number
     - xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate
       (CVE-2021-4155)
     - power: supply: core: Break capacity loop
     - rndis_host: support Hytera digital radios
     - phonet: refcount leak in pep_sock_accep (CVE-2021-45095)
     - ipv6: Continue processing multipath route even if gateway attribute is
       invalid
     - ipv6: Do cleanup if attribute validation fails in multipath route
     - scsi: libiscsi: Fix UAF in iscsi_conn_get_param()/iscsi_conn_teardown()
     - ip6_vti: initialize __ip6_tnl_parm struct in vti6_siocdevprivate
     - net: udp: fix alignment problem in udp4_seq_show()
     - [amd64,arm64] atlantic: Fix buff_ring OOB in aq_ring_rx_clean
     - mISDN: change function names to avoid conflicts
     - drm/amd/display: Added power down for DCN10
     - ipv6: raw: check passed optlen before reading
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.92
     - md: revert io stats accounting
     - workqueue: Fix unbind_workers() VS wq_worker_running() race
     - bpf: Fix out of bounds access from invalid *_or_null type verification
       (CVE-2022-23222)
     - Bluetooth: btusb: fix memory leak in btusb_mtk_submit_wmt_recv_urb()
     - Bluetooth: btusb: Add two more Bluetooth parts for WCN6855
     - Bluetooth: btusb: Add support for Foxconn MT7922A
     - Bluetooth: btusb: Add support for Foxconn QCA 0xe0d0
     - Bluetooth: bfusb: fix division by zero in send path
     - [armhf] dts: exynos: Fix BCM4330 Bluetooth reset polarity in I9100
     - USB: core: Fix bug in resuming hub's handling of wakeup requests
     - USB: Fix "slab-out-of-bounds Write" bug in usb_hcd_poll_rh_status
     - ath11k: Fix buffer overflow when scanning with extraie
     - mmc: sdhci-pci: Add PCI ID for Intel ADL
     - veth: Do not record rx queue hint in veth_xmit
     - [x86] mfd: intel-lpss: Fix too early PM enablement in the ACPI ->probe()
     - can: gs_usb: fix use of uninitialized variable, detach device on reception
       of invalid USB data
     - can: isotp: convert struct tpcon::{idx,len} to unsigned int
     - can: gs_usb: gs_can_start_xmit(): zero-initialize hf->{flags,reserved}
     - random: fix data race on crng_node_pool
     - random: fix data race on crng init time
     - random: fix crash on multiple early calls to add_bootloader_randomness()
     - media: Revert "media: uvcvideo: Set unique vdev name based in type"
     - [x86] drm/i915: Avoid bitwise vs logical OR warning in
       snb_wm_latency_quirk()
 .
   [ Salvatore Bonaccorso ]
   * [arm64] drivers/net/ethernet/google: Enable GVE as module (Closes: #996974)
   * Refresh "Export symbols needed by Android drivers"
   * [rt] Update to 5.10.87-rt59
   * Bump ABI to 11
   * [rt] Update to 5.10.90-rt60
   * vfs: fs_context: fix up param length parsing in legacy_parse_param
     (CVE-2022-0185)
 .
   [ Andrew Balmos ]
   * net/can: Enable CONFIG_CAN_MCP251X as module
 .
   [ Cyril Brulebois ]
   * arm64: dts: Add support for Raspberry Pi Compute Module 4 IO Board,
     producing a DTB that's almost entirely identical to what a v5.16-rc8
     build produces, with lots of thanks to Uwe Kleine-König for the heavy
     lifting!
linux-signed-arm64 (5.10.92+1~bpo10+1) buster-backports; urgency=medium
 .
   * Sign kernel from linux 5.10.92-1~bpo10+1
 .
   * Rebuild for buster-backports:
     - Change ABI number to 0.bpo.11

linux-signed-i386 (5.10.106+1) bullseye; urgency=medium
 .
   * Sign kernel from linux 5.10.106-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.104
     - mac80211_hwsim: report NOACK frames in tx_status
     - mac80211_hwsim: initialize ieee80211_tx_info at hw_scan_work
     - [arm*] i2c: bcm2835: Avoid clock stretching timeouts
     - ASoC: rt5682: do not block workqueue if card is unbound
     - regulator: core: fix false positive in regulator_late_cleanup()
     - Input: clear BTN_RIGHT/MIDDLE on buttonpads
     - [arm64] KVM: arm64: vgic: Read HW interrupt pending state from the HW
     - tipc: fix a bit overflow in tipc_crypto_key_rcv()
     - cifs: fix double free race when mount fails in cifs_get_root()
     - net: usb: cdc_mbim: avoid altsetting toggling for Telit FN990
     - usb: gadget: don't release an existing dev->buf (CVE-2022-24958)
     - usb: gadget: clear related members when goto fail (CVE-2022-24958)
     - exfat: reuse exfat_inode_info variable instead of calling EXFAT_I()
     - exfat: fix i_blocks for files truncated over 4 GiB
     - tracing: Add test for user space strings when filtering on string pointers
     - [armhf] serial: stm32: prevent TDR register overwrite when sending x_char
     - ata: pata_hpt37x: fix PCI clock detection
     - drm/amdgpu: check vm ready by amdgpu_vm->evicting flag
     - tracing: Add ustring operation to filtering string pointers
     - [x86] ALSA: intel_hdmi: Fix reference to PCM buffer address
     - ASoC: ops: Shift tested values in snd_soc_put_volsw() by +min
     - [amd64] iommu/amd: Recover from event log overflow
     - [x86] drm/i915: s/JSP2/ICP2/ PCH
     - xen/netfront: destroy queues before real_num_tx_queues is zeroed
     - mm: Consider __GFP_NOWARN flag for oversized kvmalloc() calls
     - xfrm: fix MTU regression
     - netfilter: fix use-after-free in __nf_register_net_hook()
     - bpf, sockmap: Do not ignore orig_len parameter
     - xfrm: fix the if_id check in changelink
     - xfrm: enforce validity of offload input flags
     - e1000e: Correct NVM checksum verification flow
     - net: fix up skbs delta_truesize in UDP GRO frag_list
     - netfilter: nf_queue: don't assume sk is full socket
     - netfilter: nf_queue: fix possible use-after-free
     - netfilter: nf_queue: handle socket prefetch
     - batman-adv: Request iflink once in batadv-on-batadv check
     - batman-adv: Request iflink once in batadv_get_real_netdevice
     - batman-adv: Don't expect inter-netns unique iflink indices
     - net: ipv6: ensure we call ipv6_mc_down() at most once
     - net: dcb: flush lingering app table entries for unregistered devices
     - net/smc: fix connection leak
     - net/smc: fix unexpected SMC_CLC_DECL_ERR_REGRMB error generated by client
     - net/smc: fix unexpected SMC_CLC_DECL_ERR_REGRMB error cause by server
     - rcu/nocb: Fix missed nocb_timer requeue
     - ice: Fix race conditions between virtchnl handling and VF ndo ops
     - ice: fix concurrent reset and removal of VFs
     - sched/topology: Make sched_init_numa() use a set for the deduplicating
       sort
     - sched/topology: Fix sched_domain_topology_level alloc in sched_init_numa()
     - mac80211: fix forwarded mesh frames AC & queue selection
     - net: stmmac: fix return value of __setup handler
     - mac80211: treat some SAE auth steps as final
     - iavf: Fix missing check for running netdev
     - net: arcnet: com20020: Fix null-ptr-deref in com20020pci_probe()
     - ixgbe: xsk: change !netif_carrier_ok() handling in ixgbe_xmit_zc()
     - efivars: Respect "block" flag in efivar_entry_set_safe()
     - can: gs_usb: change active_channels's type from atomic_t to u8
     - igc: igc_read_phy_reg_gpy: drop premature return
     - [armel,armhf] 9182/1: mmu: fix returns from early_param() and __setup()
       functions
     - [arm64,armhf] pinctrl: sunxi: Use unique lockdep classes for IRQs
     - igc: igc_write_phy_reg_gpy: drop premature return
     - memfd: fix F_SEAL_WRITE after shmem huge page allocated
     - [armhf] dts: switch timer config to common devkit8000 devicetree
     - [armhf] dts: Use 32KiHz oscillator on devkit8000
     - [arm64] soc: fsl: guts: Revert commit 3c0d64e867ed
     - [arm64] soc: fsl: guts: Add a missing memory allocation failure check
     - [armhf] tegra: Move panels to AUX bus
     - net: chelsio: cxgb3: check the return value of pci_find_capability()
     - iavf: Refactor iavf state machine tracking
     - nl80211: Handle nla_memdup failures in handle_nan_filter
     - drm/amdgpu: fix suspend/resume hang regression
     - net: dcb: disable softirqs in dcbnl_flush_dev()
     - Input: elan_i2c - move regulator_[en|dis]able() out of
       elan_[en|dis]able_power()
     - Input: elan_i2c - fix regulator enable count imbalance after
       suspend/resume
     - HID: add mapping for KEY_DICTATE
     - HID: add mapping for KEY_ALL_APPLICATIONS
     - tracing/histogram: Fix sorting on old "cpu" value
     - tracing: Fix return value of __setup handlers
     - btrfs: fix lost prealloc extents beyond eof after full fsync
     - btrfs: qgroup: fix deadlock between rescan worker and remove qgroup
     - btrfs: add missing run of delayed items after unlink during log replay
     - Revert "xfrm: xfrm_state_mtu should return at least 1280 for ipv6"
     - hamradio: fix macro redefine warning
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.105
     - [x86] bugs: Unconditionally allow spectre_v2=retpoline,amd
     - [armhf] report Spectre v2 status through sysfs
     - [armel,armhf] early traps initialisation
     - [armel,armhf] use LOADADDR() to get load address of sections
     - [armel,armhf] Spectre-BHB workaround
     - [armel,armhf] include unprivileged BPF status in Spectre V2 reporting
     - [arm64] cputype: Add CPU implementor & types for the Apple M1 cores
     - [arm64] Add Neoverse-N2, Cortex-A710 CPU part definition
     - [arm64] Add Cortex-X2 CPU part definition
     - [arm64] Add Cortex-A510 CPU part definition
     - [arm64] Add HWCAP for self-synchronising virtual counter
     - [arm64] add ID_AA64ISAR2_EL1 sys register
     - [arm64] cpufeature: add HWCAP for FEAT_AFP
     - [arm64] cpufeature: add HWCAP for FEAT_RPRES
     - [arm64] entry.S: Add ventry overflow sanity checks
     - [arm64] spectre: Rename spectre_v4_patch_fw_mitigation_conduit
     - [arm64] entry: Make the trampoline cleanup optional
     - [arm64] entry: Free up another register on kpti's tramp_exit path
     - [arm64] entry: Move the trampoline data page before the text page
     - [arm64] entry: Allow tramp_alias to access symbols after the 4K boundary
     - [arm64] entry: Don't assume tramp_vectors is the start of the vectors
     - [arm64] entry: Move trampoline macros out of ifdef'd section
     - [arm64] entry: Make the kpti trampoline's kpti sequence optional
     - [arm64] entry: Allow the trampoline text to occupy multiple pages
     - [arm64] entry: Add non-kpti __bp_harden_el1_vectors for mitigations
     - [arm64] entry: Add vectors that have the bhb mitigation sequences
     - [arm64] entry: Add macro for reading symbol addresses from the trampoline
     - [arm64] Add percpu vectors for EL1
     - [arm64] proton-pack: Report Spectre-BHB vulnerabilities as part of
       Spectre-v2
     - [arm64] KVM: arm64: Allow indirect vectors to be used without SPECTRE_V3A
     - [arm64] Mitigate spectre style branch history side channels
     - [arm64] KVM: arm64: Allow SMCCC_ARCH_WORKAROUND_3 to be discovered and
       migrated
     - [arm64] Use the clearbhb instruction in mitigations
     - [arm64] proton-pack: Include unprivileged eBPF status in Spectre v2
       mitigation reporting
     - [armel,armhf] fix co-processor register typo
     - [armel,armhf] Do not use NOCROSSREFS directive with ld.lld
     - [armhf] fix build warning in proc-v7-bugs.c
     - xen/xenbus: don't let xenbus_grant_ring() remove grants in error case
       (CVE-2022-23040, XSA-396)
     - xen/grant-table: add gnttab_try_end_foreign_access() (CVE-2022-23036,
       CVE-2022-23038, XSA-396)
     - xen/blkfront: don't use gnttab_query_foreign_access() for mapped status
       (CVE-2022-23036, XSA-396)
     - xen/netfront: don't use gnttab_query_foreign_access() for mapped status
       (CVE-2022-23037, XSA-396)
     - xen/scsifront: don't use gnttab_query_foreign_access() for mapped status
       (CVE-2022-23038, XSA-396)
     - xen/gntalloc: don't use gnttab_query_foreign_access() (CVE-2022-23039,
       XSA-396)
     - xen: remove gnttab_query_foreign_access()
     - xen/9p: use alloc/free_pages_exact() (CVE-2022-23041, XSA-396)
     - xen/pvcalls: use alloc/free_pages_exact() (CVE-2022-23041, XSA-396)
     - xen/gnttab: fix gnttab_end_foreign_access() without page specified
       (CVE-2022-23041, XSA-396)
     - xen/netfront: react properly to failing gnttab_end_foreign_access_ref()
       (CVE-2022-23042, XSA-396)
     - Revert "ACPI: PM: s2idle: Cancel wakeup before dispatching EC GPE"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.106
     - [arm64] clk: qcom: gdsc: Add support to update GDSC transition delay
     - [arm64] dts: armada-3720-turris-mox: Add missing ethernet0 alias
     - tipc: fix kernel panic when enabling bearer
     - mISDN: Remove obsolete PIPELINE_DEBUG debugging information
     - mISDN: Fix memory leak in dsp_pipeline_build()
     - virtio-blk: Don't use MAX_DISCARD_SEGMENTS if max_discard_seg is zero
     - isdn: hfcpci: check the return value of dma_set_mask() in setup_hw()
     - net: qlogic: check the return value of dma_alloc_coherent() in
       qed_vf_hw_prepare()
     - esp: Fix BEET mode inter address family tunneling on GSO
     - qed: return status of qed_iov_get_link
     - i40e: stop disabling VFs due to PF error responses
     - ice: stop disabling VFs due to PF error responses
     - ice: Align macro names to the specification
     - ice: Remove unnecessary checker loop
     - ice: Rename a couple of variables
     - ice: Fix curr_link_speed advertised speed
     - tipc: fix incorrect order of state message data sanity check
     - [armhf] net: ethernet: ti: cpts: Handle error for clk_enable
     - ax25: Fix NULL pointer dereference in ax25_kill_by_device
     - net/mlx5: Fix size field in bufferx_reg struct
     - net/mlx5: Fix a race on command flush flow
     - net/mlx5e: Lag, Only handle events from highest priority multipath entry
     - NFC: port100: fix use-after-free in port100_send_complete
     - net: phy: DP83822: clear MISR2 register to disable interrupts
     - sctp: fix kernel-infoleak for SCTP sockets
     - [arm64] net: bcmgenet: Don't claim WOL when its not available
     - [arm64,armhf] spi: rockchip: Fix error in getting num-cs property
     - [arm64,armhf] spi: rockchip: terminate dma transmission when slave abort
     - net-sysfs: add check for netdevice being present to speed_show
     - [armhf] hwmon: (pmbus) Clear pmbus fault/warning bits after read
     - gpio: Return EPROBE_DEFER if gc->to_irq is NULL
     - Revert "xen-netback: remove 'hotplug-status' once it has served its
       purpose"
     - Revert "xen-netback: Check for hotplug-status existence before watching"
     - ipv6: prevent a possible race condition with lifetimes
     - tracing: Ensure trace buffer is at least 4096 bytes large
     - fuse: fix pipe buffer lifetime for direct_io
     - staging: rtl8723bs: Fix access-point mode deadlock
     - [arm64] net: macb: Fix lost RX packet wakeup race in NAPI receive
     - [arm64] mmc: meson: Fix usage of meson_mmc_post_req()
     - [arm64] dts: marvell: armada-37xx: Remap IO space to bus address 0x0
     - virtio: unexport virtio_finalize_features
     - virtio: acknowledge all features before access
     - watch_queue, pipe: Free watchqueue state after clearing pipe ring
       (CVE-2022-0995)
     - watch_queue: Fix to release page in ->release() (CVE-2022-0995)
     - watch_queue: Fix to always request a pow-of-2 pipe ring size
       (CVE-2022-0995)
     - watch_queue: Fix the alloc bitmap size to reflect notes allocated
       (CVE-2022-0995)
     - watch_queue: Free the alloc bitmap when the watch_queue is torn down
       (CVE-2022-0995)
     - watch_queue: Fix lack of barrier/sync/lock between post and read
       (CVE-2022-0995)
     - watch_queue: Make comment about setting ->defunct more accurate
       (CVE-2022-0995)
     - [x86] boot: Fix memremap of setup_indirect structures
     - [x86] boot: Add setup_indirect support in early_memremap_is_setup_data()
     - [x86] traps: Mark do_int3() NOKPROBE_SYMBOL
     - ext4: add check to prevent attempting to resize an fs with sparse_super2
     - [armel,armhf] fix Thumb2 regression with Spectre BHB
     - watch_queue: Fix filter limit check ((CVE-2022-0995)
 .
   [ Salvatore Bonaccorso ]
   * Bump ABI to 13
   * [rt] Update to 5.10.104-rt63
   * [rt] Update to 5.10.106-rt64
   * sctp: fix the processing for INIT chunk (CVE-2021-3772)
   * tcp: make tcp_read_sock() more robust
   * io_uring: return back safer resurrect
   * [arm64] kvm: Fix copy-and-paste error in bhb templates for v5.10 stable
linux-signed-i386 (5.10.103+1) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.103-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.93
     - kbuild: Add $(KBUILD_HOSTLDFLAGS) to 'has_libelf' test
     - devtmpfs regression fix: reconfigure on each mount
     - orangefs: Fix the size of a memory allocation in orangefs_bufmap_alloc()
     - perf: Protect perf_guest_cbs with RCU
     - [x86] KVM: Register Processor Trace interrupt hook iff PT enabled in guest
     - [s390x] KVM: Clarify SIGP orders versus STOP/RESTART
     - 9p: only copy valid iattrs in 9P2000.L setattr implementation
     - [x86] video: vga16fb: Only probe for EGA and VGA 16 color graphic cards
     - media: uvcvideo: fix division by zero at stream start
     - rtlwifi: rtl8192cu: Fix WARNING when calling local_irq_restore() with
       interrupts enabled
     - firmware: qemu_fw_cfg: fix sysfs information leak
     - firmware: qemu_fw_cfg: fix NULL-pointer deref on duplicate entries
     - firmware: qemu_fw_cfg: fix kobject leak in probe error path
     - [x86] KVM: remove PMU FIXED_CTR3 from msrs_to_save_all
     - ALSA: hda/realtek: Add speaker fixup for some Yoga 15ITL5 devices
     - ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Master after
       reboot from Windows
     - ALSA: hda: ALC287: Add Lenovo IdeaPad Slim 9i 14ITL5 speaker quirk
     - ALSA: hda/realtek: Add quirk for Legion Y9000X 2020
     - ALSA: hda/realtek: Re-order quirk entries for Lenovo
     - [powerpc*] pseries: Get entry and uaccess flush required bits from
       H_GET_CPU_CHARACTERISTICS
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.94
     - [x86] KVM: VMX: switch blocked_vcpu_on_cpu_lock to raw spinlock
     - HID: uhid: Fix worker destroying device without any protection
     - HID: wacom: Reset expected and received contact counts at the same time
     - HID: wacom: Ignore the confidence flag when a touch is removed
     - HID: wacom: Avoid using stale array indicies to read contact count
     - f2fs: fix to do sanity check in is_alive()
     - nfc: llcp: fix NULL error pointer dereference on sendmsg() after failed
       bind()
     - [armhf] mtd: rawnand: gpmi: Add ERR007117 protection for nfc_apply_timings
     - [armhf] mtd: rawnand: gpmi: Remove explicit default gpmi clock setting for
       i.MX6
     - mtd: Fixed breaking list in __mtd_del_partition.
     - [x86] gpu: Reserve stolen memory for first integrated Intel GPU
     - rtc: cmos: take rtc_lock while reading from CMOS
     - media: v4l2-ioctl.c: readbuffers depends on V4L2_CAP_READWRITE
     - media: flexcop-usb: fix control-message timeouts
     - media: mceusb: fix control-message timeouts
     - media: em28xx: fix control-message timeouts
     - media: cpia2: fix control-message timeouts
     - media: s2255: fix control-message timeouts
     - media: dib0700: fix undefined behavior in tuner shutdown
     - media: redrat3: fix control-message timeouts
     - media: pvrusb2: fix control-message timeouts
     - media: stk1160: fix control-message timeouts
     - [armhf] media: cec-pin: fix interrupt en/disable handling
     - [x86] can: softing_cs: softingcs_probe(): fix memleak on registration
       failure
     - iio: adc: ti-adc081c: Partial revert of removal of ACPI IDs
     - [arm64,armhf] gpu: host1x: Add back arm_iommu_detach_device()
     - dma_fence_array: Fix PENDING_ERROR leak in dma_fence_array_signaled()
     - PCI: Add function 1 DMA alias quirk for Marvell 88SE9125 SATA controller
     - mm_zone: add function to check if managed dma zone exists
     - [arm64] dma/pool: create dma atomic pool only if dma zone has managed
       pages
     - mm/page_alloc.c: do not warn allocation failure on zone DMA if no managed
       pages
     - shmem: fix a race between shmem_unused_huge_shrink and shmem_evict_inode
     - drm/ttm: Put BO in its memory manager's lru list
     - Bluetooth: L2CAP: Fix not initializing sk_peer_pid
     - [armhf] drm/bridge: display-connector: fix an uninitialized pointer in
       probe()
     - drm: fix null-ptr-deref in drm_dev_init_release()
     - [arm64,armhf] drm/rockchip: dsi: Fix unbalanced clock on probe error
     - [arm64,armhf] drm/rockchip: dsi: Hold pm-runtime across bind/unbind
     - [arm64,armhf] drm/rockchip: dsi: Disable PLL clock on bind error
     - [arm64,armhf] drm/rockchip: dsi: Reconfigure hardware on resume()
     - Bluetooth: cmtp: fix possible panic when cmtp_init_sockets() fails
     - [arm*] clk: bcm-2835: Pick the closest clock rate
     - [arm*] clk: bcm-2835: Remove rounding up the dividers
     - [arm*] drm/vc4: hdmi: Set a default HSM rate
     - [arm64] wcn36xx: ensure pairing of init_scan/finish_scan and
       start_scan/end_scan
     - [arm64] wcn36xx: Indicate beacon not connection loss on MISSED_BEACON_IND
     - [arm64] wcn36xx: Fix DMA channel enable/disable cycle
     - [arm64] wcn36xx: Release DMA channel descriptor allocations
     - [arm64] wcn36xx: Put DXE block into reset before freeing memory
     - [arm64] wcn36xx: populate band before determining rate on RX
     - [arm64] wcn36xx: fix RX BD rate mapping for 5GHz legacy rates
     - ath11k: Send PPDU_STATS_CFG with proper pdev mask to firmware
     - media: videobuf2: Fix the size printk format
     - [armhf] media: aspeed: fix mode-detect always time out at 2nd run
     - media: em28xx: fix memory leak in em28xx_init_dev
     - [armhf] media: aspeed: Update signal status immediately to ensure sane hw
       state
     - fs: dlm: use sk->sk_socket instead of con->sock
     - fs: dlm: don't call kernel_getpeername() in error_report()
     - Bluetooth: stop proccessing malicious adv data
     - ath11k: Fix ETSI regd with weather radar overlap
     - ath11k: clear the keys properly via DISABLE_KEY
     - ath11k: reset RSN/WPA present state for open BSS
     - [arm64] tee: fix put order in teedev_close_context()
     - [x86] drm/vboxvideo: fix a NULL vs IS_ERR() check
     - media: dmxdev: fix UAF when dvb_register_device() fails
     - [arm64] crypto: qce - fix uaf on qce_ahash_register_one
     - [arm64] crypto: qce - fix uaf on qce_skcipher_register_one
     - [armhf] dts: stm32: fix dtbs_check warning on ili9341 dts binding on
       stm32f429 disco
     - [x86] crypto: qat - fix spelling mistake: "messge" -> "message"
     - [x86] crypto: qat - remove unnecessary collision prevention step in PFVF
     - [x86] crypto: qat - make pfvf send message direction agnostic
     - [x86] crypto: qat - fix undetected PFVF timeout in ACK loop
     - ath11k: Use host CE parameters for CE interrupts configuration
     - [armhf] media: imx-pxp: Initialize the spinlock prior to using it
     - [armhf] media: coda: fix CODA960 JPEG encoder buffer overflow
     - [arm64] media: venus: pm_helpers: Control core power domain manually
     - [arm64] media: venus: core, venc, vdec: Fix probe dependency error
     - [arm64] media: venus: core: Fix a potential NULL pointer dereference in an
       error handling path
     - [arm64] media: venus: core: Fix a resource leak in the error handling path
       of 'venus_probe()'
     - [armhf] thermal/drivers/imx: Implement runtime PM support
     - netfilter: bridge: add support for pppoe filtering
     - cgroup: Trace event cgroup id fields should be u64
     - ACPI: EC: Rework flushing of EC work while suspended to idle
     - drm/amdgpu: Fix a NULL pointer dereference in
       amdgpu_connector_lcd_native_mode()
     - drm/radeon/radeon_kms: Fix a NULL pointer dereference in
       radeon_driver_open_kms()
     - [arm*] serial: amba-pl011: do not request memory region twice
     - floppy: Fix hang in watchdog when disk is ejected
     - [x86] staging: rtl8192e: return error code from rtllib_softmac_init()
     - [x86] staging: rtl8192e: rtllib_module: fix error handle case in
       alloc_rtllib()
     - sched/fair: Fix detection of per-CPU kthreads waking a task
     - sched/fair: Fix per-CPU kthread and wakee stacking for asym CPU capacity
     - bpf: Adjust BTF log size limit.
     - bpf: Disallow BPF_LOG_KERNEL log level for bpf(BPF_BTF_LOAD)
     - bpf: Remove config check to enable bpf support for branch records
     - [arm64] lib: Annotate {clear, copy}_page() as position-independent
     - [arm64] clear_page() shouldn't use DC ZVA when DCZID_EL0.DZP == 1
     - media: dib8000: Fix a memleak in dib8000_init()
     - media: saa7146: mxb: Fix a NULL pointer dereference in mxb_attach()
     - media: si2157: Fix "warm" tuner state detection
     - wireless: iwlwifi: Fix a double free in iwl_txq_dyn_alloc_dma
     - sched/rt: Try to restart rt period timer when rt runtime exceeded
     - rcu/exp: Mark current CPU as exp-QS in IPI loop second pass
     - mwifiex: Fix possible ABBA deadlock
     - xfrm: fix a small bug in xfrm_sa_len()
     - [x86] uaccess: Move variable into switch case statement
     - [armhf] crypto: stm32 - Fix last sparse warning in
       stm32_cryp_check_ctr_counter
     - [armhf] crypto: stm32/cryp - fix CTR counter carry
     - [armhf] crypto: stm32/cryp - fix xts and race condition in crypto_engine
       requests
     - [armhf] crypto: stm32/cryp - check early input data
     - [armhf] crypto: stm32/cryp - fix double pm exit
     - [armhf] crypto: stm32/cryp - fix lrw chaining mode
     - [armhf] crypto: stm32/cryp - fix bugs and crash in tests
     - [armhf] crypto: stm32 - Revert broken pm_runtime_resume_and_get changes
     - ath11k: Fix deleting uninitialized kernel timer during fragment cache
       flush
     - media: dw2102: Fix use after free
     - media: msi001: fix possible null-ptr-deref in msi001_probe()
     - [armhf] media: coda/imx-vdoa: Handle dma_set_coherent_mask error codes
     - ath11k: Fix a NULL pointer dereference in ath11k_mac_op_hw_scan()
     - [arm64] dts: qcom: c630: Fix soundcard setup
     - [arm64] drm/msm/dpu: fix safe status debugfs file
     - [arm64,armhf] drm/tegra: vic: Fix DMA API misuse
     - xfrm: interface with if_id 0 should return error
     - xfrm: state and policy should fail if XFRMA_IF_ID 0
     - [armel,armhf] 9159/1: decompressor: Avoid UNPREDICTABLE NOP encoding
     - usb: ftdi-elan: fix memory leak on device disconnect
     - iwlwifi: mvm: fix 32-bit build in FTM
     - iwlwifi: mvm: test roc running status bits before removing the sta
     - [armhf] mmc: meson-mx-sdio: add IRQ check
     - selinux: fix potential memleak in selinux_add_opt()
     - Bluetooth: L2CAP: Fix using wrong mode
     - bpftool: Enable line buffering for stdout
     - software node: fix wrong node passed to find nargs_prop
     - Bluetooth: hci_qca: Stop IBS timer during BT OFF
     - [x86] mce/inject: Avoid out-of-bounds write when setting flags
     - ACPI: scan: Create platform device for BCM4752 and LNV4752 ACPI nodes
     - [x86] pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in
       __nonstatic_find_io_region()
     - [x86] pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in
       nonstatic_find_mem_region()
     - netfilter: ipt_CLUSTERIP: fix refcount leak in clusterip_tg_check()
     - bpf: Don't promote bogus looking registers after null check.
     - bpf: Fix SO_RCVBUF/SO_SNDBUF handling in _bpf_setsockopt().
     - netfilter: nft_set_pipapo: allocate pcpu scratch maps on clone
     - ppp: ensure minimum packet size in ppp_write()
     - Bluetooth: hci_bcm: Check for error irq
     - Bluetooth: hci_qca: Fix NULL vs IS_ERR_OR_NULL check in qca_serdev_probe
     - [arm64] usb: dwc3: qcom: Fix NULL vs IS_ERR checking in dwc3_qcom_probe
     - HID: hid-uclogic-params: Invalid parameter check in uclogic_params_init
     - HID: hid-uclogic-params: Invalid parameter check in
       uclogic_params_get_str_desc
     - HID: hid-uclogic-params: Invalid parameter check in
       uclogic_params_huion_init
     - HID: hid-uclogic-params: Invalid parameter check in
       uclogic_params_frame_init_v1_buttonpad
     - debugfs: lockdown: Allow reading debugfs files that are not world readable
     - net/mlx5e: Fix page DMA map/unmap attributes
     - net/mlx5e: Don't block routes with nexthop objects in SW
     - Revert "net/mlx5e: Block offload of outer header csum for UDP tunnels"
     - net/mlx5: Set command entry semaphore up once got index free
     - lib/mpi: Add the return value check of kcalloc()
     - Bluetooth: L2CAP: uninitialized variables in l2cap_sock_setsockopt()
     - [arm64,armhf] spi: spi-meson-spifc: Add missing pm_runtime_disable() in
       meson_spifc_probe
     - ax25: uninitialized variable in ax25_setsockopt()
     - netrom: fix api breakage in nr_setsockopt()
     - regmap: Call regmap_debugfs_exit() prior to _init()
     - tpm: add request_locality before write TPM_INT_ENABLE
     - tpm_tis: Fix an error handling path in 'tpm_tis_core_init()'
     - can: softing: softing_startstop(): fix set but not used variable warning
     - pcmcia: fix setting of kthread task states
     - iwlwifi: mvm: Use div_s64 instead of do_div in iwl_mvm_ftm_rtt_smoothing()
     - net: mcs7830: handle usb read errors properly
     - ext4: avoid trim error on fs with small groups
     - ALSA: jack: Add missing rwsem around snd_ctl_remove() calls
     - ALSA: PCM: Add missing rwsem around snd_ctl_remove() calls
     - ALSA: hda: Add missing rwsem around snd_ctl_remove() calls
     - RDMA/bnxt_re: Scan the whole bitmap when checking if "disabling RCFW with
       pending cmd-bit"
     - [arm64] RDMA/hns: Validate the pkey index
     - scsi: pm80xx: Update WARN_ON check in pm8001_mpi_build_cmd()
     - [arm64] clk: imx8mn: Fix imx8mn_clko1_sels
     - [powerpc*] prom_init: Fix improper check of prom_getprop()
     - dt-bindings: thermal: Fix definition of cooling-maps contribution property
     - [powerpc*] 64s: Convert some cpu_setup() and cpu_restore() functions to C
     - [powerpc*] perf: MMCR0 control for PMU registers under PMCC=00
     - [powerpc*] perf: move perf irq/nmi handling details into traps.c
     - [powerpc*] irq: Add helper to set regs->softe
     - [powerpc*] perf: Fix PMU callbacks to clear pending PMI before resetting
       an overflown PMC
     - clocksource: Reduce clocksource-skew threshold
     - clocksource: Avoid accidental unstable marking of clocksources
     - ALSA: oss: fix compile error when OSS_DEBUG is enabled
     - ALSA: usb-audio: Drop superfluous '0' in Presonus Studio 1810c's ID
     - [arm*] binder: fix handling of error during copy
     - [arm64,armhf] iommu/io-pgtable-arm: Fix table descriptor paddr formatting
     - scsi: ufs: Fix race conditions related to driver data
     - RDMA/qedr: Fix reporting max_{send/recv}_wr attrs
     - PCI/MSI: Fix pci_irq_vector()/pci_irq_get_affinity()
     - RDMA/core: Let ib_find_gid() continue search even after empty entry
     - RDMA/cma: Let cma_resolve_ib_dev() continue search even after empty entry
     - [x86] ASoC: rt5663: Handle device_property_read_u32_array error codes
     - [amd64] iommu/amd: Remove iommu_init_ga()
     - [amd64] iommu/amd: Restore GA log/tail pointer on host resume
     - [x86] ASoC: Intel: catpt: Test dmaengine_submit() result before moving on
     - iommu/iova: Fix race between FQ timeout and teardown
     - scsi: block: pm: Always set request queue runtime active in
       blk_post_runtime_resume()
     - [powerpc*] xive: Add missing null check after calling kmalloc
     - RDMA/cxgb4: Set queue pair state when being queried
     - of: base: Fix phandle argument length mismatch error message
     - [armhf] dts: omap3-n900: Fix lp5523 for multi color
     - Bluetooth: Fix debugfs entry leak in hci_register_dev()
     - fs: dlm: filter user dlm messages for kernel locks
     - [arm64,armhf] drm/lima: fix warning when CONFIG_DEBUG_SG=y &
       CONFIG_DMA_API_DEBUG=y
     - ar5523: Fix null-ptr-deref with unexpected WDCMSG_TARGET_START reply
     - [arm64,armhf] drm/bridge: dw-hdmi: handle ELD when
       DRM_BRIDGE_ATTACH_NO_CONNECTOR
     - drm/nouveau/pmu/gm200-: avoid touching PMU outside of DEVINIT/PREOS/ACR
     - batman-adv: allow netlink usage in unprivileged containers
     - ath11k: Fix crash caused by uninitialized TX ring
     - usb: gadget: f_fs: Use stream_open() for endpoint files
     - drm: panel-orientation-quirks: Add quirk for the Lenovo Yoga Book X91F/L
     - HID: apple: Do not reset quirks when the Fn key is not found
     - media: b2c2: Add missing check in flexcop_pci_isr:
     - drm/amdgpu/display: set vblank_disable_immediate for DC
     - [arm64,armhf] tty: serial: imx: disable UCR4_OREN in .stop_rx() instead of
       .shutdown()
     - gpiolib: acpi: Do not set the IRQ type if the IRQ is already in use
     - [armhf] HSI: core: Fix return freed object in hsi_new_client
     - crypto: jitter - consider 32 LSB for APT
     - rsi: Fix use-after-free in rsi_rx_done_handler()
     - rsi: Fix out-of-bounds read in rsi_read_pkt()
     - ath11k: Avoid NULL ptr access during mgmt tx cleanup
     - [arm64] media: venus: avoid calling core_clk_setrate() concurrently during
       concurrent video sessions
     - [x86] ACPI / x86: Drop PWM2 device on Lenovo Yoga Book from always present
       table
     - ACPI: Change acpi_device_always_present() into
       acpi_device_override_status()
     - [x86] ACPI / x86: Allow specifying acpi_device_override_status() quirks by
       path
     - [x86] ACPI / x86: Add not-present quirk for the PCI0.SDHB.BRC1 device on
       the GPD win
     - floppy: Add max size check for user space request
     - [x86] mm: Flush global TLB when switching to trampoline page-table
     - media: saa7146: hexium_orion: Fix a NULL pointer dereference in
       hexium_attach()
     - media: m920x: don't use stack on USB reads
     - [x86] thunderbolt: Runtime PM activate both ends of the device link
     - iwlwifi: mvm: synchronize with FW after multicast commands
     - iwlwifi: mvm: avoid clearing a just saved session protection id
     - ath11k: avoid deadlock by change ieee80211_queue_work for regd_update_work
     - ath10k: Fix tx hanging
     - net-sysfs: update the queue counts in the unregistration path
     - net: phy: prefer 1000baseT over 1000baseKX
     - [armhf] gpio: aspeed: Convert aspeed_gpio.lock to raw_spinlock
     - ath11k: Avoid false DEADLOCK warning reported by lockdep
     - [x86] mce: Allow instrumentation during task work queueing
     - [x86] mce: Mark mce_panic() noinstr
     - [x86] mce: Mark mce_end() noinstr
     - [x86] mce: Mark mce_read_aux() noinstr
     - net: bonding: debug: avoid printing debug logs when bond is not notifying
       peers
     - bpf: Do not WARN in bpf_warn_invalid_xdp_action()
     - HID: quirks: Allow inverting the absolute X/Y values
     - media: igorplugusb: receiver overflow should be reported
     - media: saa7146: hexium_gemini: Fix a NULL pointer dereference in
       hexium_attach()
     - mmc: core: Fixup storing of OCR for MMC_QUIRK_NONSTD_SDIO
     - audit: ensure userspace is penalized the same as the kernel when under
       pressure
     - [arm64] dts: ls1028a-qds: move rtc node to the correct i2c bus
     - PM: runtime: Add safety net to supplier device release
     - cpufreq: Fix initialization of min and max frequency QoS requests
     - usb: hub: Add delay for SuperSpeed hub resume to let links transit to U0
     - ath9k: Fix out-of-bound memcpy in ath9k_hif_usb_rx_stream
     - rtw88: 8822c: update rx settings to prevent potential hw deadlock
     - iwlwifi: fix leaks/bad data after failed firmware load
     - iwlwifi: remove module loading failure message
     - iwlwifi: mvm: Fix calculation of frame length
     - iwlwifi: pcie: make sure prph_info is set when treating wakeup IRQ
     - ath11k: Fix napi related hang
     - Bluetooth: vhci: Set HCI_QUIRK_VALID_LE_STATES
     - xfrm: rate limit SA mapping change message to user space
     - [armhf] drm/etnaviv: consider completed fence seqno in hang check
     - jffs2: GC deadlock reading a page that is used in jffs2_write_begin()
     - ACPICA: actypes.h: Expand the ACPI_ACCESS_ definitions
     - ACPICA: Utilities: Avoid deleting the same object twice in a row
     - ACPICA: Executer: Fix the REFCLASS_REFOF case in acpi_ex_opcode_1A_0T_1R()
     - ACPICA: Fix wrong interpretation of PCC address
     - ACPICA: Hardware: Do not flush CPU cache when entering S4 and S5
     - drm/amdgpu: fixup bad vram size on gmc v8
     - ACPI: battery: Add the ThinkPad "Not Charging" quirk
     - btrfs: remove BUG_ON() in find_parent_nodes()
     - btrfs: remove BUG_ON(!eie) in find_parent_nodes
     - net: mdio: Demote probed message to debug print
     - mac80211: allow non-standard VHT MCS-10/11
     - dm btree: add a defensive bounds check to insert_at()
     - dm space map common: add bounds check to sm_ll_lookup_bitmap()
     - net: phy: marvell: configure RGMII delays for 88E1118
     - [arm64] regulator: qcom_smd: Align probe function with rpmh-regulator
     - [arm64,armhf] serial: pl010: Drop CR register reset on set_termios
     - serial: core: Keep mctrl register state and cached copy in sync
     - random: do not throw away excess input to crng_fast_load
     - [powerpc*] powernv: add missing of_node_put
     - [powerpc*] btext: add missing of_node_put
     - [powerpc*] watchdog: Fix missed watchdog reset due to memory ordering race
     - [x86] i2c: i801: Don't silently correct invalid transfer size
     - [powerpc*] smp: Move setup_profiling_timer() under CONFIG_PROFILING
     - [powerpc*] i2c: mpc: Correct I2C reset procedure
     - [arm64] clk: meson: gxbb: Fix the SDM_EN bit for MPLL0 on GXBB
     - [powerpc*] KVM: PPC: Book3S: Suppress warnings when allocating too big
       memory slots
     - [powerpc*] KVM: PPC: Book3S: Suppress failed alloc warning in
       H_COPY_TOFROM_GUEST
     - w1: Misuse of get_user()/put_user() reported by sparse
     - nvmem: core: set size for sysfs bin file
     - dm: fix alloc_dax error handling in alloc_dev
     - scsi: lpfc: Trigger SLI4 firmware dump before doing driver cleanup
     - ALSA: seq: Set upper limit of processed events
     - [powerpc*] handle kdump appropriately with crash_kexec_post_notifiers
       option
     - [powerpc*] fadump: Fix inaccurate CPU state info in vmcore generated with
       panic
     - udf: Fix error handling in udf_new_inode()
     - [mips64el,mipsel] OCTEON: add put_device() after of_find_device_by_node()
     - [arm64,armhf] irqchip/gic-v4: Disable redistributors' view of the VPE
       table at boot time
     - [x86] i2c: designware-pci: Fix to change data types of hcnt and lcnt
       parameters
     - scsi: sr: Don't use GFP_DMA
     - [arm64] rpmsg: core: Clean up resources on announce_create failure.
     - [armhf] crypto: stm32/crc32 - Fix kernel BUG triggered in probe()
     - [arm64] crypto: caam - replace this_cpu_ptr with raw_cpu_ptr
     - ubifs: Error path in ubifs_remount_rw() seems to wrongly free write
       buffers
     - tpm: fix NPE on probe for missing device
     - xen/gntdev: fix unmap notification order
     - fuse: Pass correct lend value to filemap_write_and_wait_range()
     - serial: Fix incorrect rs485 polarity on uart open
     - cputime, cpuacct: Include guest time in user time in cpuacct.stat
     - tracing/kprobes: 'nmissed' not showed correctly for kretprobe
     - iwlwifi: mvm: Increase the scan timeout guard to 30 seconds
     - [s390x] mm: fix 2KB pgtable release race
     - device property: Fix fwnode_graph_devcon_match() fwnode leak
     - [armhf] drm/etnaviv: limit submit sizes
     - drm/nouveau/kms/nv04: use vzalloc for nv04_display
     - [arm64,armhf] drm/bridge: analogix_dp: Make PSR-exit block less
     - [powerpc*] 64s/radix: Fix huge vmap false positive
     - [arm64] PCI: xgene: Fix IB window setup
     - PCI: pciehp: Use down_read/write_nested(reset_lock) to fix lockdep errors
     - [arm*] PCI: pci-bridge-emul: Make expansion ROM Base Address register
       read-only
     - [arm*] PCI: pci-bridge-emul: Properly mark reserved PCIe bits in PCI
       config space
     - [arm*] PCI: pci-bridge-emul: Fix definitions of reserved bits
     - [arm*] PCI: pci-bridge-emul: Correctly set PCIe capabilities
     - [arm*] PCI: pci-bridge-emul: Set PCI_STATUS_CAP_LIST for PCIe device
     - xfrm: fix policy lookup for ipv6 gre packets
     - btrfs: fix deadlock between quota enable and other quota operations
     - btrfs: check the root node for uptodate before returning it
     - btrfs: respect the max size in the header when activating swap file
     - ext4: make sure to reset inode lockdep class when quota enabling fails
     - ext4: make sure quota gets properly shutdown on error
     - ext4: fix a possible ABBA deadlock due to busy PA
     - ext4: initialize err_blk before calling __ext4_get_inode_loc
     - ext4: fix fast commit may miss tracking range for FALLOC_FL_ZERO_RANGE
     - ext4: set csum seed in tmp inode while migrating to extents
     - ext4: Fix BUG_ON in ext4_bread when write quota data
     - ext4: use ext4_ext_remove_space() for fast commit replay delete range
     - ext4: fast commit may miss tracking unwritten range during ftruncate
     - ext4: destroy ext4_fc_dentry_cachep kmemcache on module removal
     - ext4: fix null-ptr-deref in '__ext4_journal_ensure_credits'
     - ext4: don't use the orphan list when migrating an inode
     - drm/radeon: fix error handling in radeon_driver_open_kms
     - of: base: Improve argument length mismatch error
     - firmware: Update Kconfig help text for Google firmware
     - [arm*] drm/vc4: hdmi: Make sure the device is powered with CEC
     - Documentation: dmaengine: Correctly describe dmatest with channel unset
     - Documentation: ACPI: Fix data node reference documentation
     - Documentation: refer to config RANDOMIZE_BASE for kernel address-space
       randomization
     - Documentation: fix firewire.rst ABI file path error
     - Bluetooth: hci_sync: Fix not setting adv set duration
     - scsi: core: Show SCMD_LAST in text form
     - [arm64] RDMA/hns: Modify the mapping attribute of doorbell to device
     - RDMA/rxe: Fix a typo in opcode name
     - [armhf] dmaengine: stm32-mdma: fix STM32_MDMA_CTBR_TSEL_MASK
     - Revert "net/mlx5: Add retry mechanism to the command entry index
       allocation"
     - block: Fix fsync always failed if once failed
     - bpftool: Remove inclusion of utilities.mak from Makefiles
     - xdp: check prog type before updating BPF link
     - ipv4: update fib_info_cnt under spinlock protection
     - ipv4: avoid quadratic behavior in netns dismantle
     - [arm64] net/fsl: xgmac_mdio: Add workaround for erratum A-009885
     - [arm64] net/fsl: xgmac_mdio: Fix incorrect iounmap when removing module
     - f2fs: compress: fix potential deadlock of compress file
     - f2fs: fix to reserve space for IO align feature
     - af_unix: annote lockless accesses to unix_tot_inflight & gc_in_progress
     - clk: Emit a stern warning with writable debugfs enabled
     - net/smc: Fix hung_task when removing SMC-R devices
     - virtio_ring: mark ring unused on error
     - taskstats: Cleanup the use of task->exit_code
     - inet: frags: annotate races around fqdir->dead and fqdir->high_thresh
     - netns: add schedule point in ops_exit_list()
     - xfrm: Don't accidentally set RTO_ONLINK in decode_session4()
     - gre: Don't accidentally set RTO_ONLINK in gre_fill_metadata_dst()
     - libcxgb: Don't accidentally set RTO_ONLINK in cxgb_find_route()
     - perf script: Fix hex dump character output
     - perf probe: Fix ppc64 'perf probe add events failed' case
     - devlink: Remove misleading internal_flags from health reporter dump
     - net: bonding: fix bond_xmit_broadcast return value error bug
     - net_sched: restore "mpu xxx" handling
     - [arm64] bcmgenet: add WOL IRQ check
     - net: sfp: fix high power modules without diagnostic monitoring
     - [arm64] net: mscc: ocelot: fix using match before it is set
     - dt-bindings: display: meson-dw-hdmi: add missing sound-name-prefix
       property
     - dt-bindings: display: meson-vpu: Add missing amlogic,canvas property
     - dt-bindings: watchdog: Require samsung,syscon-phandle for Exynos7
     - mm/hmm.c: allow VM_MIXEDMAP to work with hmm_range_fault
     - mtd: nand: bbt: Fix corner case in bad block table handling
     - ath10k: Fix the MTU size on QCA9377 SDIO
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.95
     - bnx2x: Utilize firmware 7.13.21.0
     - bnx2x: Invalidate fastpath HSI version for VFs
     - rcu: Tighten rcu_advance_cbs_nowake() checks
     - [x86] KVM: x86/mmu: Fix write-protection of PTs mapped by the TDP MMU
     - select: Fix indefinitely sleeping task in poll_schedule_timeout()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.96
     - Bluetooth: refactor malicious adv data check
     - [arm64] media: venus: core: Drop second v4l2 device unregister
     - net: sfp: ignore disabled SFP node
     - net: stmmac: skip only stmmac_ptp_register when resume from suspend
     - [s390x] module: fix loading modules with a lot of relocations
     - [s390x] hypfs: include z/VM guests with access control group set
     - bpf: Guard against accessing NULL pt_regs in bpf_get_task_stack()
     - [s390x] scsi: zfcp: Fix failed recovery on gone remote port with non-NPIV
       FCP devices
     - udf: Restore i_lenAlloc when inode expansion fails (CVE-2022-0617)
     - udf: Fix NULL ptr deref when converting from inline format (CVE-2022-0617)
     - efi: runtime: avoid EFIv2 runtime services on Apple x86 machines
     - tracing: Don't inc err_log entry count if entry allocation fails
     - ceph: properly put ceph_string reference after async create attempt
     - ceph: set pool_ns in new inode layout for async creates
     - fsnotify: fix fsnotify hooks in pseudo filesystems
     - Revert "KVM: SVM: avoid infinite loop on NPF from bad address"
     - [x86] perf/x86/intel/uncore: Fix CAS_COUNT_WRITE issue for ICX
     - [armhf] drm/etnaviv: relax submit size limits
     - [x86] KVM: x86: Update vCPU's runtime CPUID on write to MSR_IA32_XSS
     - [arm64] errata: Fix exec handling in erratum 1418040 workaround
     - netfilter: nft_payload: do not update layer 4 checksum when mangling
       fragments
     - serial: 8250: of: Fix mapped region size when using reg-offset property
     - [armhf] serial: stm32: fix software flow control transfer
     - tty: n_gsm: fix SW flow control encoding/handling
     - tty: Add support for Brainboxes UC cards.
     - usb-storage: Add unusual-devs entry for VL817 USB-SATA bridge
     - [arm64,armhf] usb: xhci-plat: fix crash when suspend if remote wake enable
     - [arm64,armhf] usb: common: ulpi: Fix crash in ulpi_match()
     - usb: gadget: f_sourcesink: Fix isoc transfer for USB_SPEED_SUPER_PLUS
     - USB: core: Fix hang in usb_kill_urb by adding memory barriers
     - usb: typec: tcpm: Do not disconnect while receiving VBUS off
     - jbd2: export jbd2_journal_[grab|put]_journal_head
     - ocfs2: fix a deadlock when commit trans
     - sched/membarrier: Fix membarrier-rseq fence command missing from query
       bitmask
     - [x86] MCE/AMD: Allow thresholding interface updates after init
     - i40e: Increase delay to 1 s after global EMP reset
     - i40e: Fix issue when maximum queues is exceeded
     - i40e: Fix queues reservation for XDP
     - i40e: Fix for failed to init adminq while VF reset
     - i40e: fix unsigned stat widths
     - scsi: bnx2fc: Flush destroy_work queue before calling
       bnx2fc_interface_put()
     - ipv6_tunnel: Rate limit warning messages
     - net: fix information leakage in /proc/net/ptype
     - hwmon: (lm90) Mark alert as broken for MAX6646/6647/6649
     - hwmon: (lm90) Mark alert as broken for MAX6680
     - ping: fix the sk_bound_dev_if match in ping_lookup
     - ipv4: avoid using shared IP generator for connected sockets
     - hwmon: (lm90) Reduce maximum conversion rate for G781
     - NFSv4: nfs_atomic_open() can race when looking up a non-regular file
     - net-procfs: show net devices bound packet types
     - [arm64] drm/msm: Fix wrong size calculation
     - [arm64] drm/msm/dsi: Fix missing put_device() call in dsi_get_phy
     - [arm64] drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable
     - ipv6: annotate accesses to fn->fn_sernum
     - NFS: Ensure the server has an up to date ctime before hardlinking
     - NFS: Ensure the server has an up to date ctime before renaming
     - [powerpc*] powerpc64/bpf: Limit 'ldbrx' to processors compliant with ISA
       v2.06
     - netfilter: conntrack: don't increment invalid counter on NF_REPEAT
     - kernel: delete repeated words in comments
     - perf: Fix perf_event_read_local() time
     - sched/pelt: Relax the sync of util_sum with util_avg
     - net: phy: broadcom: hook up soft_reset for BCM54616S
     - phylib: fix potential use-after-free
     - rxrpc: Adjust retransmission backoff
     - [arm64] efi/libstub: arm64: Fix image check alignment at entry
     - hwmon: (lm90) Mark alert as broken for MAX6654
     - [powerpc*] perf: Fix power_pmu_disable to call clear_pmi_irq_pending only
       if PMI is pending
     - net: ipv4: Move ip_options_fragment() out of loop
     - net: ipv4: Fix the warning for dereference
     - ipv4: fix ip option filtering for locally generated fragments
     - [x86] video: hyperv_fb: Fix validation of screen resolution
     - [arm64] drm/msm/hdmi: Fix missing put_device() call in msm_hdmi_get_phy
     - [arm64] drm/msm/dpu: invalid parameter check in dpu_setup_dspp_pcc
     - [armhf] net: cpsw: Properly initialise struct page_pool_params
     - [arm64] net: hns3: handle empty unknown interrupt for VF
     - Revert "ipv6: Honor all IPv6 PIO Valid Lifetime values"
     - net: bridge: vlan: fix single net device option dumping
     - ipv4: raw: lock the socket in raw_bind()
     - ipv4: tcp: send zero IPID in SYNACK messages
     - ipv4: remove sparse error in ip_neigh_gw4()
     - net: bridge: vlan: fix memory leak in __allowed_ingress
     - dt-bindings: can: tcan4x5x: fix mram-cfg RX FIFO config
     - fsnotify: invalidate dcache before IN_DELETE event
     - block: Fix wrong offset in bio_truncate()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.97
     - PCI: pciehp: Fix infinite loop in IRQ handler upon power fault
     - [x86] KVM: x86: Forcibly leave nested virt when SMM state is toggled
     - psi: Fix uaf issue when psi trigger is destroyed while being polled
     - [x86] mce: Add Xeon Sapphire Rapids to list of CPUs that support PPIN
     - [x86] cpu: Add Xeon Icelake-D to list of CPUs that support PPIN
     - [arm*] drm/vc4: hdmi: Make sure the device is powered with CEC
     - cgroup-v1: Require capabilities to set release_agent (CVE-2022-0492)
     - net/mlx5e: Fix handling of wrong devices during bond netevent
     - net/mlx5: Use del_timer_sync in fw reset flow of halting poll
     - net/mlx5: E-Switch, Fix uninitialized variable modact
     - ipheth: fix EOVERFLOW in ipheth_rcvbulk_callback
     - [amd64,arm64] net: amd-xgbe: ensure to reset the tx_timer_active flag
     - [amd64,arm64] net: amd-xgbe: Fix skb data length underflow
     - fanotify: Fix stale file descriptor in copy_event_to_user()
     - net: sched: fix use-after-free in tc_new_tfilter()
     - rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink()
     - cpuset: Fix the bug that subpart_cpus updated wrongly in update_cpumask()
     - af_packet: fix data-race in packet_setsockopt / packet_setsockopt
     - tcp: add missing tcp_skb_can_collapse() test in tcp_shift_skb_data()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.98
     - [arm*] Revert "drm/vc4: hdmi: Make sure the device is powered with CEC"
     - [arm*] Revert "drm/vc4: hdmi: Make sure the device is powered with CEC"
       again
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.99
     - selinux: fix double free of cond_list on error paths
     - audit: improve audit queue handling when "audit=1" on cmdline
     - ASoC: ops: Reject out of bounds values in snd_soc_put_volsw()
     - ASoC: ops: Reject out of bounds values in snd_soc_put_volsw_sx()
     - ASoC: ops: Reject out of bounds values in snd_soc_put_xr_sx()
     - ALSA: usb-audio: Correct quirk for VF0770
     - ALSA: hda: Fix UAF of leds class devs at unbinding
     - ALSA: hda: realtek: Fix race at concurrent COEF updates
     - ALSA: hda/realtek: Add quirk for ASUS GU603
     - ALSA: hda/realtek: Add missing fixup-model entry for Gigabyte X570 ALC1220
       quirks
     - ALSA: hda/realtek: Fix silent output on Gigabyte X570S Aorus Master (newer
       chipset)
     - ALSA: hda/realtek: Fix silent output on Gigabyte X570 Aorus Xtreme after
       reboot from Windows
     - btrfs: fix deadlock between quota disable and qgroup rescan worker
     - drm/nouveau: fix off by one in BIOS boundary checking
     - mm/pgtable: define pte_index so that preprocessor could recognize it
     - block: bio-integrity: Advance seed correctly for larger interval sizes
     - dma-buf: heaps: Fix potential spectre v1 gadget
     - [amd64] IB/hfi1: Fix AIP early init panic
     - memcg: charge fs_context and legacy_fs_context
     - RDMA/cma: Use correct address when leaving multicast group
     - RDMA/ucma: Protect mc during concurrent multicast leaves
     - [amd64] IB/rdmavt: Validate remote_addr during loopback atomic tests
     - RDMA/mlx4: Don't continue event handler after memory allocation failure
     - [amd64] iommu/vt-d: Fix potential memory leak in
       intel_setup_irq_remapping()
     - [amd64] iommu/amd: Fix loop timeout issue in iommu_ga_log_enable()
     - [arm64,armhf] spi: meson-spicc: add IRQ check in meson_spicc_probe
     - net: ieee802154: hwsim: Ensure proper channel selection at probe time
     - net: ieee802154: Return meaningful error codes from the netlink helpers
     - net: macsec: Fix offload support for NETDEV_UNREGISTER event
     - net: macsec: Verify that send_sci is on when setting Tx sci explicitly
     - net: stmmac: dump gmac4 DMA registers correctly
     - net: stmmac: ensure PTP time register reads are consistent
     - [x86] drm/i915/overlay: Prevent divide by zero bugs in scaling
     - [x86] pinctrl: intel: Fix a glitch when updating IRQ flags on a
       preconfigured line
     - [x86] pinctrl: intel: fix unexpected interrupt
     - [arm*] pinctrl: bcm2835: Fix a few error paths
     - scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe
     - nfsd: nfsd4_setclientid_confirm mistakenly expires confirmed client.
     - [amd64,arm64] gve: fix the wrong AdminQ buffer queue index check
     - bpf: Use VM_MAP instead of VM_ALLOC for ringbuf
     - rtc: cmos: Evaluate century appropriate
     - Revert "fbcon: Disable accelerated scrolling"
     - fbcon: Add option to enable legacy hardware acceleration
     - perf stat: Fix display of grouped aliased events
     - [x86] perf/x86/intel/pt: Fix crash with stop filters in single-range mode
     - [x86] perf: Default set FREEZE_ON_SMI for all
     - [arm64] EDAC/xgene: Fix deferred probing
     - ext4: prevent used blocks from being allocated during fast commit replay
     - ext4: modify the logic of ext4_mb_new_blocks_simple
     - ext4: fix error handling in ext4_restore_inline_data()
     - ext4: fix error handling in ext4_fc_record_modified_inode()
     - ext4: fix incorrect type issue during replay_del_range
     - cgroup/cpuset: Fix "suspicious RCU usage" lockdep warning
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.100
     - moxart: fix potential use-after-free on remove path (CVE-2022-0487)
     - crypto: api - Move cryptomgr soft dependency into algapi
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.101
     - integrity: check the return value of audit_log_start()
     - [arm64] mmc: sdhci-of-esdhc: Check for error num after setting mask
     - can: isotp: fix potential CAN frame reception race in isotp_rcv()
     - net: phy: marvell: Fix RGMII Tx/Rx delays setting in 88e1121-compatible
       PHYs
     - net: phy: marvell: Fix MDI-x polarity setting in 88e1118-compatible PHYs
     - NFS: Fix initialisation of nfs_client cl_flags field
     - NFSD: Clamp WRITE offsets
     - NFSD: Fix offset type in I/O trace points
     - drm/amdgpu: Set a suitable dev_info.gart_page_size (Closes: #990279)
     - NFS: change nfs_access_get_cached to only report the mask
     - NFSv4 only print the label when its queried
     - nfs: nfs4clinet: check the return value of kstrdup()
     - NFSv4.1: Fix uninitialised variable in devicenotify
     - NFSv4 remove zero number of fs_locations entries error check
     - NFSv4 expose nfs_parse_server_name function
     - NFSv4 handle port presence in fs_location server string
     - [x86] perf: Avoid warning for Arch LBR without XSAVE
     - drm: panel-orientation-quirks: Add quirk for the 1Netbook OneXPlayer
     - net: sched: Clarify error message when qdisc kind is unknown
     - [powerpc*] fixmap: Fix VM debug warning on unmap
     - scsi: target: iscsi: Make sure the np under each tpg is unique
     - scsi: qedf: Add stag_work to all the vports
     - scsi: qedf: Fix refcount issue when LOGO is received during TMF
     - scsi: pm8001: Fix bogus FW crash for maxcpus=1
     - scsi: ufs: Treat link loss as fatal error
     - scsi: myrs: Fix crash in error case
     - PM: hibernate: Remove register_nosave_region_late()
     - [arm*] usb: dwc2: gadget: don't try to disable ep0 in dwc2_hsotg_suspend
     - perf: Always wake the parent event
     - nvme-pci: add the IGNORE_DEV_SUBNQN quirk for Intel P4500/P4600 SSDs
     - [arm64,armhf] net: stmmac: dwmac-sun8i: use return val of
       readl_poll_timeout()
     - KVM: eventfd: Fix false positive RCU usage warning
     - [x86] KVM: nVMX: eVMCS: Filter out VM_EXIT_SAVE_VMX_PREEMPTION_TIMER
     - [x86] KVM: nVMX: Also filter MSR_IA32_VMX_TRUE_PINBASED_CTLS when eVMCS
     - [x86] KVM: SVM: Don't kill SEV guest if SMAP erratum triggers in usermode
     - [x86] KVM: VMX: Set vmcs.PENDING_DBG.BS on #DB in STI/MOVSS blocking
       shadow
     - nvme-tcp: fix bogus request completion when failing to send AER
     - [arm64] ACPI/IORT: Check node revision for PMCG resources
     - PM: s2idle: ACPI: Fix wakeup interrupts handling
     - [arm64,armhf] drm/rockchip: vop: Correct RK3399 VOP register fields
     - [armhf] ARM: dts: Fix timer regression for beagleboard revision c
     - usb: f_fs: Fix use-after-free for epfile
     - [arm*] drm/vc4: hdmi: Allow DBLCLK modes even if horz timing is odd.
     - netfilter: ctnetlink: disable helper autoassign
     - ixgbevf: Require large buffers for build_skb on 82599VF
     - [arm64,armhf] drm/panel: simple: Assign data from panel_dpi_probe()
       correctly
     - ACPI: PM: s2idle: Cancel wakeup before dispatching EC GPE
     - bonding: pair enable_port with slave_arr_updates
     - [arm64,armhf] net: dsa: mv88e6xxx: don't use devres for mdiobus
     - [armhf] net: dsa: bcm_sf2: don't use devres for mdiobus
     - [arm64] net: dsa: felix: don't use devres for mdiobus
     - ipmr,ip6mr: acquire RTNL before calling ip[6]mr_free_table() on failure
       path
     - nfp: flower: fix ida_idx not being released
     - net: do not keep the dst cache when uncloning an skb dst and its metadata
     - net: fix a memleak when uncloning an skb dst and its metadata
     - veth: fix races around rq->rx_notify_masked
     - [armhf] net: mdio: aspeed: Add missing MODULE_DEVICE_TABLE
     - tipc: rate limit warning for received illegal binding update
     - [amd64,arm64] net: amd-xgbe: disable interrupts during pci removal
     - [arm64] dpaa2-eth: unregister the netdev before disconnecting from the PHY
     - ice: fix an error code in ice_cfg_phy_fec()
     - ice: fix IPIP and SIT TSO offload
     - [arm64] net: mscc: ocelot: fix mutex lock error during ethtool stats read
     - [arm64,armhf] net: dsa: mv88e6xxx: fix use-after-free in
       mv88e6xxx_mdios_unregister
     - vt_ioctl: fix array_index_nospec in vt_setactivate
     - vt_ioctl: add array_index_nospec to VT_ACTIVATE
     - n_tty: wake up poll(POLLRDNORM) on receiving data
     - eeprom: ee1004: limit i2c reads to I2C_SMBUS_BLOCK_MAX
     - [arm*] usb: dwc2: drd: fix soft connect when gadget is unconfigured
     - [arm*] Revert "usb: dwc2: drd: fix soft connect when gadget is
       unconfigured"
     - net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
     - [arm64,armhf] usb: ulpi: Move of_node_put to ulpi_dev_release
     - [arm64,armhf] usb: ulpi: Call of_node_put correctly
     - [arm64,armhf] usb: dwc3: gadget: Prevent core from processing stale TRBs
     - usb: gadget: f_uac2: Define specific wTerminalType
     - USB: serial: ftdi_sio: add support for Brainboxes US-159/235/320
     - USB: serial: option: add ZTE MF286D modem
     - USB: serial: ch341: add support for GW Instek USB2.0-Serial devices
     - USB: serial: cp210x: add NCR Retail IO box id
     - USB: serial: cp210x: add CPI Bulk Coin Recycler id
     - speakup-dectlk: Restore pitch setting
     - [x86] hwmon: (dell-smm) Speed up setting of fan speed
     - can: isotp: fix error path in isotp_sendmsg() to unlock wait queue
     - scsi: lpfc: Remove NVMe support if kernel has NVME_FC disabled
     - scsi: lpfc: Reduce log messages seen after firmware download
     - perf: Fix list corruption in perf_cgroup_switch()
     - iommu: Fix potential use-after-free during probe
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.102
     - drm/nouveau/pmu/gm200-: use alternate falcon reset sequence
     - mm: memcg: synchronize objcg lists with a dedicated spinlock
     - rcu: Do not report strict GPs for outgoing CPUs
     - fget: clarify and improve __fget_files() implementation
     - fs/proc: task_mmu.c: don't read mapcount for migration entry
     - can: isotp: prevent race between isotp_bind() and isotp_setsockopt()
     - can: isotp: add SF_BROADCAST support for functional addressing
     - scsi: lpfc: Fix mailbox command failure during driver initialization
     - HID:Add support for UGTABLET WP5540
     - [x86] Revert "svm: Add warning message for AVIC IPI invalid target"
     - mmc: block: fix read single on recovery logic
     - mm: don't try to NUMA-migrate COW pages that have other uses
     - [amd64] PCI: hv: Fix NUMA node assignment when kernel boots with custom
       NUMA topology
     - btrfs: send: in case of IO error log it
     - net: ieee802154: at86rf230: Stop leaking skb's
     - ax25: improve the incomplete fix to avoid UAF and NPD bugs
     - vfs: make freeze_super abort when sync_filesystem returns error
     - quota: make dquot_quota_sync return errors from ->sync_fs
     - scsi: pm8001: Fix use-after-free for aborted TMF sas_task
     - scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task
     - nvme: fix a possible use-after-free in controller reset during load
     - nvme-tcp: fix possible use-after-free in transport error_recovery work
     - nvme-rdma: fix possible use-after-free in transport error_recovery work
     - drm/amdgpu: fix logic inversion in check
     - [amd64] x86/Xen: streamline (and fix) PV CPU enumeration
     - Revert "module, async: async_synchronize_full() on module init iff async
       is used"
     - random: wake up /dev/random writers after zap
     - iwlwifi: fix use-after-free
     - drm/radeon: Fix backlight control on iMac 12,1
     - [x86] drm/i915/opregion: check port number bounds for SWSCI display power
       state
     - vsock: remove vsock from connected table when connect is interrupted by a
       signal
     - [x86] drm/i915/gvt: Make DRM_I915_GVT depend on X86
     - iwlwifi: pcie: fix locking when "HW not ready"
     - iwlwifi: pcie: gen2: fix locking when "HW not ready"
     - netfilter: nft_synproxy: unregister hooks on init error path
     - ipv6: per-netns exclusive flowlabel checks
     - net: dsa: lantiq_gswip: fix use after free in gswip_remove()
     - ping: fix the dif and sdif check in ping_lookup
     - bonding: force carrier update when releasing slave
     - drop_monitor: fix data-race in dropmon_net_event / trace_napi_poll_hit
     - net_sched: add __rcu annotation to netdev->qdisc
     - bonding: fix data-races around agg_select_timer
     - libsubcmd: Fix use-after-free for realloc(..., 0)
     - [arm64] dpaa2-eth: Initialize mutex used in one step timestamping path
     - ALSA: hda/realtek: Add quirk for Legion Y9000X 2019
     - ALSA: hda/realtek: Fix deadlock by COEF mutex
     - ALSA: hda: Fix regression on forced probe mask option
     - ALSA: hda: Fix missing codec probe on Shenker Dock 15
     - ASoC: ops: Fix stereo change notifications in snd_soc_put_volsw()
     - ASoC: ops: Fix stereo change notifications in snd_soc_put_volsw_range()
     - [powerpc*[ lib/sstep: fix 'ptesync' build error
     - [armhf] mtd: rawnand: gpmi: don't leak PM reference in error path
     - [x86] KVM: SVM: Never reject emulation due to SMAP errata for !SEV guests
       (CVE-2020-36310)
     - block/wbt: fix negative inflight counter when remove scsi device
     - NFS: LOOKUP_DIRECTORY is also ok with symlinks
     - NFS: Do not report writeback errors in nfs_getattr()
     - tty: n_tty: do not look ahead for EOL character past the end of the buffer
     - [x86] Drivers: hv: vmbus: Fix memory leak in vmbus_add_channel_kobj
     - [x86] KVM: x86/pmu: Refactoring find_arch_event() to pmc_perf_hw_id()
     - [x86] KVM: x86/pmu: Don't truncate the PerfEvtSeln MSR when creating a
       perf event
     - [x86] KVM: x86/pmu: Use AMD64_RAW_EVENT_MASK for PERF_TYPE_RAW
     - NFS: Don't set NFS_INO_INVALID_XATTR if there is no xattr cache
     - [armhf] OMAP2+: hwmod: Add of_node_put() before break
     - [armhf] OMAP2+: adjust the location of put_device() call in
       omapdss_init_of
     - netfilter: conntrack: don't refresh sctp entries in closed state
     - kconfig: let 'shell' return enough output for deep path names
     - ata: libata-core: Disable TRIM on M88V29
     - [armhf] soc: aspeed: lpc-ctrl: Block error printing on probe defer cases
     - xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create
     - [arm64,armhf] drm/rockchip: dw_hdmi: Do not leave clock enabled in error
       case
     - tracing: Fix tp_printk option related with tp_printk_stop_on_boot
     - net: usb: qmi_wwan: Add support for Dell DW5829e
     - [arm64] net: macb: Align the dma and coherent dma masks
     - kconfig: fix failing to generate auto.conf
     - scsi: lpfc: Fix pt2pt NVMe PRLI reject LOGO loop
     - EDAC: Fix calculation of returned address and next offset in
       edac_align_ptr()
     - net: sched: limit TC_ACT_REPEAT loops
     - [armhf] dmaengine: stm32-dmamux: Fix PM disable depth imbalance in
       stm32_dmamux_probe
     - copy_process(): Move fd_install() out of sighand->siglock critical section
     - [arm*] i2c: brcmstb: fix support for DSL and CM variants
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.103
     - cgroup/cpuset: Fix a race between cpuset_attach() and cpu hotplug
     - btrfs: tree-checker: check item_size for inode_item
     - btrfs: tree-checker: check item_size for dev_item
     - vhost/vsock: don't check owner in vhost_vsock_stop() while releasing
     - [x86] KVM: x86/mmu: make apf token non-zero to fix bug
     - drm/amdgpu: disable MMHUB PG for Picasso
     - [x86] drm/i915: Correctly populate use_sagv_wm for all pipes
     - sr9700: sanity check for packet length
     - USB: zaurus: support another broken Zaurus
     - CDC-NCM: avoid overflow in sanity checking
     - netfilter: nf_tables_offload: incorrect flow offload action array size
       (CVE-2022-25636)
     - [x86] fpu: Correct pkru/xstate inconsistency
     - [arm64] tee: export teedev_open() and teedev_close_context()
     - [arm64] optee: use driver internal tee_context for some rpc
     - ping: remove pr_err from ping_lookup
     - perf data: Fix double free in perf_session__delete()
     - bnx2x: fix driver load from initrd
     - bnxt_en: Fix active FEC reporting to ethtool
     - hwmon: Handle failure to register sensor with thermal zone correctly
     - bpf: Do not try bpf_msg_push_data with len 0
     - bpf: Add schedule points in batch ops
     - io_uring: add a schedule point in io_add_buffers()
     - net: __pskb_pull_tail() & pskb_carve_frag_list() drop_monitor friends
     - tipc: Fix end of loop tests for list_for_each_entry()
     - gso: do not skip outer ip header in case of ipip and net_failover
     - openvswitch: Fix setting ipv6 fields causing hw csum failure
     - drm/edid: Always set RGB444
     - net/mlx5e: Fix wrong return value on ioctl EEPROM query failure
     - net/sched: act_ct: Fix flow table lookup after ct clear or switching zones
     - net: Force inlining of checksum functions in net/checksum.h
     - nfp: flower: Fix a potential leak in nfp_tunnel_add_shared_mac()
     - netfilter: nf_tables: fix memory leak during stateful obj update
     - net/smc: Use a mutex for locking "struct smc_pnettable"
     - udp_tunnel: Fix end of loop test in udp_tunnel_nic_unregister()
     - net/mlx5: Fix possible deadlock on rule deletion
     - net/mlx5: Fix wrong limitation of metadata match on ecpf
     - net/mlx5e: kTLS, Use CHECKSUM_UNNECESSARY for device-offloaded packets
     - regmap-irq: Update interrupt clear register for proper reset
     - configfs: fix a race in configfs_{,un}register_subsystem()
     - RDMA/ib_srp: Fix a deadlock
     - tracing: Have traceon and traceoff trigger honor the instance
     - iio: adc: ad7124: fix mask used for setting AIN_BUFP & AIN_BUFM bits
     - iio: imu: st_lsm6dsx: wait for settling time in st_lsm6dsx_read_oneshot
     - iio: Fix error handling for PM
     - ata: pata_hpt37x: disable primary channel on HPT371
     - Revert "USB: serial: ch341: add new Product ID for CH341A"
     - usb: gadget: rndis: add spinlock for rndis response list
     - tracefs: Set the group ownership in apply_options() not parse_options()
     - USB: serial: option: add support for DW5829e
     - USB: serial: option: add Telit LE910R1 compositions
     - [arm*] usb: dwc2: drd: fix soft connect when gadget is unconfigured
     - [arm64] usb: dwc3: pci: Fix Bay Trail phy GPIO mappings
     - [arm64,armhf] usb: dwc3: gadget: Let the interrupt handler disable bottom
       halves.
     - xhci: re-initialize the HC during resume if HCE was set
     - xhci: Prevent futile URB re-submissions due to incorrect return value.
     - driver core: Free DMA range map when device is released
     - RDMA/cma: Do not change route.addr.src_addr outside state checks
     - [x86] thermal: int340x: fix memory leak in int3400_notify()
     - tty: n_gsm: fix encoding of control signal octet bit DV
     - tty: n_gsm: fix proper link termination after failed open
     - tty: n_gsm: fix NULL pointer access due to DLCI release
     - tty: n_gsm: fix wrong tty control line for flow control
     - tty: n_gsm: fix deadlock in gsmtty_open()
     - memblock: use kfree() to release kmalloced memblock regions
 .
   [ Salvatore Bonaccorso ]
   * Refresh "Makefile: Do not check for libelf when building OOT module"
   * Bump ABI to 12
   * Refresh "firmware: Remove redundant log messages from drivers"
   * [rt] Refresh "locking/rtmutex: add sleeping lock implementation"
   * [rt] Refresh "cpuset: Convert callback_lock to raw_spinlock_t"
   * [rt] Update to 5.10.100-rt62
   * Mitigate Spectre v2-type Branch History Buffer attacks (CVE-2022-0001,
     CVE-2022-0002)
     - [x86] bugs: Unconditionally allow spectre_v2=retpoline,amd
     - [x86] speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE
     - [x86] speculation: Add eIBRS + Retpoline options
     - Documentation/hw-vuln: Update spectre doc
     - [x86] speculation: Include unprivileged eBPF status in Spectre v2
       mitigation reporting
     - [x86] speculation: Use generic retpoline by default on AMD
     - [x86] speculation: Update link to AMD speculation whitepaper
     - [x86] speculation: Warn about Spectre v2 LFENCE mitigation
     - [x86] speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT
linux-signed-i386 (5.10.103+1~bpo10+1) buster-backports; urgency=high
 .
   * Sign kernel from linux 5.10.103-1~bpo10+1
 .
   * Rebuild for buster-backports:
     - Change ABI number to 0.bpo.12
linux-signed-i386 (5.10.92+2) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.92-2
 .
   * lib/iov_iter: initialize "flags" in new pipe_buffer
   * [x86] mwifiex: Fix skb_over_panic in mwifiex_usb_recv() (CVE-2021-43976)
   * [x86] drm/i915: Flush TLBs before releasing backing store (CVE-2022-0330)
   * [x86] drm/vmwgfx: Fix stale file descriptors on failed usercopy
     (CVE-2022-22942)
   * NFSv4: Handle case where the lookup of a directory fails (CVE-2022-24448)
   * yam: fix a memory leak in yam_siocdevprivate() (CVE-2022-24959)
   * tipc: improve size validations for received domain records (CVE-2022-0435)
   * [s390x] KVM: s390: Return error on SIDA memop on normal guest
     (CVE-2022-0516)
   * USB: gadget: validate interface OS descriptor requests (CVE-2022-25258)
   * usb: gadget: rndis: check size of RNDIS_MSG_SET command (CVE-2022-25375)
linux-signed-i386 (5.10.92+1) bullseye-security; urgency=high
 .
   * Sign kernel from linux 5.10.92-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.85
     - usb: gadget: uvc: fix multiple opens
     - gcc-plugins: simplify GCC plugin-dev capability test
     - gcc-plugins: fix gcc 11 indigestion with plugins...
     - HID: quirks: Add quirk for the Microsoft Surface 3 type-cover
     - HID: add hid_is_usb() function to make it simpler for USB detection
     - HID: bigbenff: prevent null pointer dereference
     - HID: wacom: fix problems when device is not a valid USB device
     - HID: check for valid USB device for many HID drivers
     - [amd64] nft_set_pipapo: Fix bucket load in AVX2 lookup routine for six
       8-bit groups
     - [amd64] IB/hfi1: Insure use of smp_processor_id() is preempt disabled
     - [amd64] IB/hfi1: Fix early init panic
     - [amd64] IB/hfi1: Fix leak of rcvhdrtail_dummy_kvaddr
     - can: kvaser_usb: get CAN clock frequency from device
     - [x86] can: sja1000: fix use after free in ems_pcmcia_add_card()
     - drm/amdgpu: move iommu_resume before ip init/resume
     - drm/amdgpu: init iommu after amdkfd device init
     - nfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done
     - vrf: don't run conntrack on vrf with !dflt qdisc
     - bpf, x86: Fix "no previous prototype" warning
     - bpf: Fix the off-by-two error in range markings
     - ice: ignore dropped packets during init
     - bonding: make tx_rebalance_counter an atomic
     - nfp: Fix memory leak in nfp_cpp_area_cache_add()
     - seg6: fix the iif in the IPv6 socket control block
     - udp: using datalen to cap max gso segments
     - netfilter: conntrack: annotate data-races around ct->timeout
     - iavf: restore MSI state on reset
     - iavf: Fix reporting when setting descriptor count
     - [amd64] IB/hfi1: Correct guard on eager buffer deallocation
     - devlink: fix netns refcount leak in devlink_nl_cmd_reload()
     - net/sched: fq_pie: prevent dismantle issue
     - [x86] KVM: x86: Wait for IPIs to be delivered when handling Hyper-V TLB
       flush hypercall
     - mm: bdi: initialize bdi_min_ratio when bdi is unregistered
     - ALSA: hda/realtek - Add headset Mic support for Lenovo ALC897 platform
     - ALSA: hda/realtek: Fix quirk for TongFang PHxTxX1
     - ALSA: pcm: oss: Fix negative period/buffer sizes
     - ALSA: pcm: oss: Limit the period size to 16MB
     - ALSA: pcm: oss: Handle missing errors in snd_pcm_oss_change_params*()
     - scsi: qla2xxx: Format log strings only if needed
     - btrfs: clear extent buffer uptodate when we fail to write it
     - btrfs: replace the BUG_ON in btrfs_del_root_ref with proper error handling
     - md: fix update super 1.0 on rdev size change
     - nfsd: fix use-after-free due to delegation race (Closes: #988044)
     - nfsd: Fix nsfd startup race (again)
     - tracefs: Have new files inherit the ownership of their parent
     - [arm64] clk: qcom: regmap-mux: fix parent clock lookup
     - drm/syncobj: Deal with signalled fences in drm_syncobj_find_fence.
     - [i386] can: pch_can: pch_can_rx_normal: fix use after free
     - libata: add horkage for ASMedia 1092
     - wait: add wake_up_pollfree()
     - binder: use wake_up_pollfree()
     - signalfd: use wake_up_pollfree()
     - aio: keep poll requests on waitqueue until completed
     - aio: fix use-after-free due to missing POLLFREE handling
     - [arm64,armhf] net: mvpp2: fix XDP rx queues registering
     - tracefs: Set all files to the same group ownership as the mount option
     - block: fix ioprio_get(IOPRIO_WHO_PGRP) vs setuid(2)
     - scsi: pm80xx: Do not call scsi_remove_host() in pm8001_alloc()
     - scsi: scsi_debug: Fix buffer size of REPORT ZONES command
     - qede: validate non LSO skb length
     - PM: runtime: Fix pm_runtime_active() kerneldoc comment
     - ASoC: rt5682: Fix crash due to out of scope stack vars
     - [arm64] RDMA/hns: Do not halt commands during reset until later
     - [arm64] RDMA/hns: Do not destroy QP resources in the hw resetting phase
     - i40e: Fix failed opcode appearing if handling messages from VF
     - i40e: Fix pre-set max number of queues for VF
     - i40e: Fix NULL pointer dereference in i40e_dbg_dump_desc
     - [arm64] Revert "PCI: aardvark: Fix support for PCI_ROM_ADDRESS1 on
       emulated bridge"
     - Documentation/locking/locktypes: Update migrate_disable() bits.
     - dt-bindings: net: Reintroduce PHY no lane swap binding
     - net: cdc_ncm: Allow for dwNtbOutMaxSize to be unset or zero
     - [arm64,armhf] net: fec: only clear interrupt of handling queue in
       fec_enet_rx_queue()
     - net, neigh: clear whole pneigh_entry at alloc time
     - net/qla3xxx: fix an error code in ql_adapter_up()
     - USB: gadget: detect too-big endpoint 0 requests (CVE-2021-39685)
     - USB: gadget: zero allocate endpoint 0 buffers (CVE-2021-39685)
     - usb: core: config: fix validation of wMaxPacketValue entries
     - xhci: Remove CONFIG_USB_DEFAULT_PERSIST to prevent xHCI from runtime
       suspending
     - usb: core: config: using bit mask instead of individual bits
     - xhci: avoid race between disable slot command and host runtime suspend
     - iio: gyro: adxrs290: fix data signedness
     - iio: trigger: Fix reference counting
     - iio: stk3310: Don't return error code in interrupt handler
     - iio: mma8452: Fix trigger reference couting
     - iio: ltr501: Don't return error code in trigger handler
     - iio: kxsd9: Don't return error code in trigger handler
     - iio: itg3200: Call iio_trigger_notify_done() on error
     - iio: adc: axp20x_adc: fix charging current reporting on AXP22x
     - iio: ad7768-1: Call iio_trigger_notify_done() on error
     - iio: accel: kxcjk-1013: Fix possible memory leak in probe and remove
     - [armhf] irqchip/aspeed-scu: Replace update_bits with write_bits.
     - [armhf] irqchip/armada-370-xp: Fix return value of
       armada_370_xp_msi_alloc()
     - [armhf] irqchip/armada-370-xp: Fix support for Multi-MSI interrupts
     - [arm64,armhf] irqchip/irq-gic-v3-its.c: Force synchronisation when issuing
       INVALL
     - kbuild: simplify GCC_PLUGINS enablement in dummy-tools/gcc
     - doc: gcc-plugins: update gcc-plugins.rst
     - MAINTAINERS: adjust GCC PLUGINS after gcc-plugin.sh removal
     - Documentation/Kbuild: Remove references to gcc-plugin.sh
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.86
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.87
     - nfc: fix segfault in nfc_genl_dump_devices_done
     - [arm64] drm/msm/dsi: set default num_data_lanes
     - [arm64] KVM: arm64: Save PSTATE early on exit
     - [arm64] Revert "tty: serial: fsl_lpuart: drop earlycon entry for i.MX8QXP"
     - net/mlx4_en: Update reported link modes for 1/10G
     - ALSA: hda: Add Intel DG2 PCI ID and HDMI codec vid
     - ALSA: hda/hdmi: fix HDA codec entry table order for ADL-P
     - [arm64,armhf] i2c: rk3x: Handle a spurious start completion interrupt flag
     - net: netlink: af_netlink: Prevent empty skb by adding a check on len.
     - [x86] KVM: x86: Ignore sparse banks size for an "all CPUs", non-sparse IPI
       req
     - bpf: Fix integer overflow in argument calculation for bpf_map_area_alloc
     - fuse: make sure reclaim doesn't write the inode
     - [x86] hwmon: (dell-smm) Fix warning on /proc/i8k creation error
     - ethtool: do not perform operations on net devices being unregistered
     - [armel,armhf] memblock: free_unused_memmap: use pageblock units instead of
       MAX_ORDER
     - [armel,armhf] memblock: align freed memory map on pageblock boundaries
       with SPARSEMEM
     - memblock: ensure there is no overflow in memblock_overlaps_region()
     - [armel,armhf] arm: extend pfn_valid to take into account freed memory map
       alignment
     - [armel,armhf] arm: ioremap: don't abuse pfn_valid() to check if pfn is in
       RAM
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.88
     - KVM: downgrade two BUG_ONs to WARN_ON_ONCE
     - mac80211: fix regression in SSN handling of addba tx
     - mac80211: mark TX-during-stop for TX in in_reconfig
     - mac80211: send ADDBA requests using the tid/queue of the aggregation
       session
     - mac80211: validate extended element ID is present
     - bpf: Fix signed bounds propagation after mov32
     - bpf: Make 32->64 bounds propagation slightly more robust
     - virtio_ring: Fix querying of maximum DMA mapping size for virtio device
     - dm btree remove: fix use after free in rebalance_children()
     - audit: improve robustness of the audit queue handling
     - [arm64] dts: imx8mp-evk: Improve the Ethernet PHY description
     - [arm64] dts: rockchip: fix rk3308-roc-cc vcc-sd supply
     - [arm64] dts: rockchip: fix rk3399-leez-p710 vcc3v3-lan supply
     - mac80211: track only QoS data frames for admission control
     - ceph: fix duplicate increment of opened_inodes metric
     - ceph: initialize pathlen variable in reconnect_caps_cb
     - [armhf] socfpga: dts: fix qspi node compatible
     - clk: Don't parent clks until the parent is fully registered
     - [armhf] soc: imx: Register SoC device only on i.MX boards
     - virtio/vsock: fix the transport to work with VMADDR_CID_ANY
     - [s390x] kexec_file: fix error handling when applying relocations
     - sch_cake: do not call cake_destroy() from cake_init()
     - inet_diag: fix kernel-infoleak for UDP sockets
     - [arm64] net: hns3: fix use-after-free bug in hclgevf_send_mbx_msg
     - net/sched: sch_ets: don't remove idle classes from the round-robin list
     - drm/ast: potential dereference of null pointer
     - mac80211: agg-tx: don't schedule_and_wake_txq() under sta->lock
     - mac80211: fix lookup when adding AddBA extension element
     - flow_offload: return EOPNOTSUPP for the unsupported mpls action type
     - rds: memory leak in __rds_conn_create() (CVE-2021-45480)
     - [arm64,armhf] soc/tegra: fuse: Fix bitwise vs. logical OR warning
     - igb: Fix removal of unicast MAC filters of VFs
     - igbvf: fix double free in `igbvf_probe`
     - igc: Fix typo in i225 LTR functions
     - ixgbe: Document how to enable NBASE-T support
     - ixgbe: set X550 MDIO speed before talking to PHY
     - netdevsim: Zero-initialize memory for new map's value in function
       nsim_bpf_map_alloc (CVE-2021-4135)
     - net/packet: rx_owner_map depends on pg_vec
     - sfc_ef100: potential dereference of null pointer
     - net: Fix double 0x prefix print in SKB dump
     - net/smc: Prevent smc_release() from long blocking
     - sit: do not call ipip6_dev_free() from sit_init_net()
     - USB: gadget: bRequestType is a bitfield, not a enum
     - Revert "usb: early: convert to readl_poll_timeout_atomic()"
     - [x86] KVM: x86: Drop guest CPUID check for host initiated writes to
       MSR_IA32_PERF_CAPABILITIES
     - [x86] tty: n_hdlc: make n_hdlc_tty_wakeup() asynchronous
     - USB: NO_LPM quirk Lenovo USB-C to Ethernet Adapher(RTL8153-04)
     - [arm*] usb: dwc2: fix STM ID/VBUS detection startup delay in
       dwc2_driver_probe
     - PCI/MSI: Clear PCI_MSIX_FLAGS_MASKALL on error
     - PCI/MSI: Mask MSI-X vectors only on success
     - usb: xhci: Extend support for runtime power management for AMD's Yellow
       carp.
     - USB: serial: cp210x: fix CP2105 GPIO registration
     - USB: serial: option: add Telit FN990 compositions
     - btrfs: fix memory leak in __add_inode_ref()
     - btrfs: fix double free of anon_dev after failure to create subvolume
     - zonefs: add MODULE_ALIAS_FS
     - iocost: Fix divide-by-zero on donation from low hweight cgroup
     - [x86] serial: 8250_fintek: Fix garbled text for console
     - timekeeping: Really make sure wall_to_monotonic isn't positive
     - libata: if T_LENGTH is zero, dma direction should be DMA_NONE
     - drm/amdgpu: correct register access for RLC_JUMP_TABLE_RESTORE
     - Input: touchscreen - avoid bitwise vs logical OR warning
     - xsk: Do not sleep in poll() when need_wakeup set
     - media: mxl111sf: change mutex_init() location
     - fuse: annotate lock in fuse_reverse_inval_entry()
     - ovl: fix warning in ovl_create_real()
     - scsi: scsi_debug: Don't call kcalloc() if size arg is zero
     - scsi: scsi_debug: Fix type in min_t to avoid stack OOB
     - scsi: scsi_debug: Sanity check block descriptor length in
       resp_mode_select()
     - rcu: Mark accesses to rcu_state.n_force_qs
     - [armhf] bus: ti-sysc: Fix variable set but not used warning for
       reinit_modules
     - Revert "xsk: Do not sleep in poll() when need_wakeup set"
     - xen/blkfront: harden blkfront against event channel storms
       (CVE-2021-28711)
     - xen/netfront: harden netfront against event channel storms
       (CVE-2021-28712)
     - xen/console: harden hvc_xen against event channel storms (CVE-2021-28713)
     - xen/netback: fix rx queue stall detection (CVE-2021-28714)
     - xen/netback: don't queue unlimited number of packages (CVE-2021-28715)
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.89
     - net: usb: lan78xx: add Allied Telesis AT29M2-AF
     - ext4: prevent partial update of the extent blocks
     - ext4: check for out-of-order index extents in ext4_valid_extent_entries()
     - ext4: check for inconsistent extents between index and leaf block
     - HID: holtek: fix mouse probing
     - [arm64] dts: allwinner: orangepi-zero-plus: fix PHY mode
     - [arm64] spi: change clk_disable_unprepare to clk_unprepare
     - [amd64] IB/qib: Fix memory leak in qib_user_sdma_queue_pkts()
     - [arm64] RDMA/hns: Replace kfree() with kvfree()
     - netfilter: fix regression in looped (broad|multi)cast's MAC handling
     - qlcnic: potential dereference null pointer of rx_queue->page_ring
     - net: accept UFOv6 packages in virtio_net_hdr_to_skb
     - net: skip virtio_net_hdr_set_proto if protocol already set
     - igb: fix deadlock caused by taking RTNL in RPM resume path
     - ipmi: Fix UAF when uninstall ipmi_si and ipmi_msghandler module
     - bonding: fix ad_actor_system option setting to default
     - [amd64] fjes: Check for error irq
     - [armhf] drivers: net: smc911x: Check for error irq
     - sfc: Check null pointer of rx_queue->page_ring
     - sfc: falcon: Check null pointer of rx_queue->page_ring
     - Input: elantech - fix stack out of bound access in
       elantech_change_report_id()
     - [arm*] pinctrl: bcm2835: Change init order for gpio hogs
     - hwmon: (lm90) Fix usage of CONFIG2 register in detect function
     - hwmon: (lm90) Add basic support for TI TMP461
     - hwmon: (lm90) Introduce flag indicating extended temperature support
     - hwmon: (lm90) Drop critical attribute support for MAX6654
     - ALSA: jack: Check the return value of kstrdup()
     - ALSA: drivers: opl3: Fix incorrect use of vp->state
     - ALSA: hda/realtek: Amp init fixup for HP ZBook 15 G6
     - ALSA: hda/realtek: Add new alc285-hp-amp-init model
     - ALSA: hda/realtek: Fix quirk for Clevo NJ51CU
     - Input: atmel_mxt_ts - fix double free in mxt_read_info_block
     - ipmi: bail out if init_srcu_struct fails
     - ipmi: ssif: initialize ssif_info->client early
     - ipmi: fix initialization when workqueue allocation fails
     - [arm64] tee: handle lookup of shm with reference count 0
     - [x86] pkey: Fix undefined behaviour with PKRU_WD_BIT
     - [x86] platform/x86: intel_pmc_core: fix memleak on registration failure
     - [x86] KVM: VMX: Wake vCPU when delivering posted IRQ even if vCPU == this
       vCPU
     - [armhf] pinctrl: stm32: consider the GPIO offset to expose all the GPIO
       lines
     - [arm64,armhf] mmc: sdhci-tegra: Fix switch to HS400ES mode
     - mmc: core: Disable card detect during shutdown
     - [arm64,armhf] mmc: mmci: stm32: clear DLYB_CR after sending tuning command
     - [armel,armhf] 9169/1: entry: fix Thumb2 bug in iWMMXt exception handling
     - mac80211: fix locking in ieee80211_start_ap error path
     - mm/hwpoison: clear MF_COUNT_INCREASED before retrying get_any_page()
     - [arm64] tee: optee: Fix incorrect page free bug
     - f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr()
       (CVE-2021-45469)
     - ceph: fix up non-directory creation in SGID directories
     - usb: gadget: u_ether: fix race in setting MAC address in setup phase
     - [x86] KVM: VMX: Fix stale docs for kvm-intel.emulate_invalid_guest_state
     - mm: mempolicy: fix THP allocations escaping mempolicy restrictions
     - [arm64] Input: elants_i2c - do not check Remark ID on eKTH3900/eKTH5312
     - Input: goodix - add id->model mapping for the "9111" model
     - ASoC: rt5682: fix the wrong jack type detected
     - hwmom: (lm90) Fix citical alarm status for MAX6680/MAX6681
     - hwmon: (lm90) Do not report 'busy' status bit as alarm
     - ax25: NPD bug when detaching AX25 device
     - hamradio: defer ax25 kfree after unregister_netdev
     - hamradio: improve the incomplete fix to avoid NPD
     - phonet/pep: refuse to enable an unbound pipe
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.90
     - Input: i8042 - add deferred probe support
     - Input: i8042 - enable deferred probe quirk for ASUS UM325UA
     - tomoyo: Check exceeded quota early in tomoyo_domain_quota_is_ok().
     - tomoyo: use hwight16() in tomoyo_domain_quota_is_ok()
     - [x86] platform/x86: apple-gmux: use resource_size() with res
     - memblock: fix memblock_phys_alloc() section mismatch error
     - selinux: initialize proto variable in selinux_ip_postroute_compat()
     - scsi: lpfc: Terminate string in lpfc_debugfs_nvmeio_trc_write()
     - net/mlx5: DR, Fix NULL vs IS_ERR checking in dr_domain_init_resources
     - net/mlx5e: Wrap the tx reporter dump callback to extract the sq
     - net/mlx5e: Fix ICOSQ recovery flow for XSK
     - udp: using datalen to cap ipv6 udp max gso segments
     - sctp: use call_rcu to free endpoint
     - net/smc: fix using of uninitialized completions
     - net: usb: pegasus: Do not drop long Ethernet frames
     - net/smc: improved fix wait on already cleared link
     - net/smc: don't send CDC/LLC message if link not ready
     - net/smc: fix kernel panic caused by race of smc_sock
     - igc: Fix TX timestamp support for non-MSI-X platforms
     - net/mlx5e: Fix wrong features assignment in case of error
     - [armhf] net/ncsi: check for error return from call to nla_put_u32
     - i2c: validate user data in compat ioctl
     - nfc: uapi: use kernel size_t to fix user-space builds
     - uapi: fix linux/nfc.h userspace compilation errors
     - drm/amdgpu: When the VCN(1.0) block is suspended, powergating is
       explicitly enabled
     - drm/amdgpu: add support for IP discovery gc_info table v2
     - xhci: Fresco FL1100 controller should not have BROKEN_MSI quirk set.
     - usb: gadget: f_fs: Clear ffs_eventfd in ffs_data_clear.
     - [arm*] binder: fix async_free_space accounting for empty parcels
     - [x86] scsi: vmw_pvscsi: Set residual data length conditionally
     - Input: appletouch - initialize work before device registration
     - Input: spaceball - fix parsing of movement data packets
     - net: fix use-after-free in tw_timer_handler
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.91
     - f2fs: quota: fix potential deadlock
     - tracing: Fix check for trace_percpu_buffer validity in get_trace_buf()
     - tracing: Tag trace_percpu_buffer as a percpu pointer
     - ieee802154: atusb: fix uninit value in atusb_set_extended_addr
     - i40e: Fix to not show opcode msg on unsuccessful VF MAC change
     - iavf: Fix limit of total number of queues to active queues of VF
     - RDMA/core: Don't infoleak GRH fields
     - netrom: fix copying in user data in nr_setsockopt
     - RDMA/uverbs: Check for null return of kmalloc_array
     - mac80211: initialize variable have_higher_than_11mbit
     - sfc: The RX page_ring is optional
     - i40e: fix use-after-free in i40e_sync_filters_subtask()
     - i40e: Fix for displaying message regarding NVM version
     - i40e: Fix incorrect netdev's real number of RX/TX queues
     - ipv4: Check attribute length for RTA_GATEWAY in multipath route
     - ipv4: Check attribute length for RTA_FLOW in multipath route
     - ipv6: Check attribute length for RTA_GATEWAY in multipath route
     - ipv6: Check attribute length for RTA_GATEWAY when deleting multipath route
     - lwtunnel: Validate RTA_ENCAP_TYPE attribute length
     - batman-adv: mcast: don't send link-local multicast to mcast routers
     - sch_qfq: prevent shift-out-of-bounds in qfq_init_qdisc
     - net: ena: Fix undefined state when tx request id is out of bounds
     - net: ena: Fix error handling when calculating max IO queues number
     - xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate
       (CVE-2021-4155)
     - power: supply: core: Break capacity loop
     - rndis_host: support Hytera digital radios
     - phonet: refcount leak in pep_sock_accep (CVE-2021-45095)
     - ipv6: Continue processing multipath route even if gateway attribute is
       invalid
     - ipv6: Do cleanup if attribute validation fails in multipath route
     - scsi: libiscsi: Fix UAF in iscsi_conn_get_param()/iscsi_conn_teardown()
     - ip6_vti: initialize __ip6_tnl_parm struct in vti6_siocdevprivate
     - net: udp: fix alignment problem in udp4_seq_show()
     - [amd64,arm64] atlantic: Fix buff_ring OOB in aq_ring_rx_clean
     - mISDN: change function names to avoid conflicts
     - drm/amd/display: Added power down for DCN10
     - ipv6: raw: check passed optlen before reading
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.92
     - md: revert io stats accounting
     - workqueue: Fix unbind_workers() VS wq_worker_running() race
     - bpf: Fix out of bounds access from invalid *_or_null type verification
       (CVE-2022-23222)
     - Bluetooth: btusb: fix memory leak in btusb_mtk_submit_wmt_recv_urb()
     - Bluetooth: btusb: Add two more Bluetooth parts for WCN6855
     - Bluetooth: btusb: Add support for Foxconn MT7922A
     - Bluetooth: btusb: Add support for Foxconn QCA 0xe0d0
     - Bluetooth: bfusb: fix division by zero in send path
     - [armhf] dts: exynos: Fix BCM4330 Bluetooth reset polarity in I9100
     - USB: core: Fix bug in resuming hub's handling of wakeup requests
     - USB: Fix "slab-out-of-bounds Write" bug in usb_hcd_poll_rh_status
     - ath11k: Fix buffer overflow when scanning with extraie
     - mmc: sdhci-pci: Add PCI ID for Intel ADL
     - veth: Do not record rx queue hint in veth_xmit
     - [x86] mfd: intel-lpss: Fix too early PM enablement in the ACPI ->probe()
     - can: gs_usb: fix use of uninitialized variable, detach device on reception
       of invalid USB data
     - can: isotp: convert struct tpcon::{idx,len} to unsigned int
     - can: gs_usb: gs_can_start_xmit(): zero-initialize hf->{flags,reserved}
     - random: fix data race on crng_node_pool
     - random: fix data race on crng init time
     - random: fix crash on multiple early calls to add_bootloader_randomness()
     - media: Revert "media: uvcvideo: Set unique vdev name based in type"
     - [x86] drm/i915: Avoid bitwise vs logical OR warning in
       snb_wm_latency_quirk()
 .
   [ Salvatore Bonaccorso ]
   * [arm64] drivers/net/ethernet/google: Enable GVE as module (Closes: #996974)
   * Refresh "Export symbols needed by Android drivers"
   * [rt] Update to 5.10.87-rt59
   * Bump ABI to 11
   * [rt] Update to 5.10.90-rt60
   * vfs: fs_context: fix up param length parsing in legacy_parse_param
     (CVE-2022-0185)
 .
   [ Andrew Balmos ]
   * net/can: Enable CONFIG_CAN_MCP251X as module
 .
   [ Cyril Brulebois ]
   * arm64: dts: Add support for Raspberry Pi Compute Module 4 IO Board,
     producing a DTB that's almost entirely identical to what a v5.16-rc8
     build produces, with lots of thanks to Uwe Kleine-König for the heavy
     lifting!
linux-signed-i386 (5.10.92+1~bpo10+1) buster-backports; urgency=medium
 .
   * Sign kernel from linux 5.10.92-1~bpo10+1
 .
   * Rebuild for buster-backports:
     - Change ABI number to 0.bpo.11

lxml (4.6.3+dfsg-0.1+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Cleaner: Prevent "@import" from re-occurring in the CSS after
     replacements, e.g. "@@importimport" (CVE-2021-43818) (Closes: #1001885)
   * Cleaner: Remove SVG image data URLs since they can embed script content
     (CVE-2021-43818) (Closes: #1001885)

mariadb-10.5 (1:10.5.15-0+deb11u1) bullseye; urgency=medium
 .
   [ Otto Kekäläinen ]
   * New upstream version 10.5.15. Includes security fixes for
     - CVE-2021-46661
     - CVE-2021-46663
     - CVE-2021-46664
     - CVE-2021-46665
     - CVE-2021-46668
   * New upstream version 10.5.14. Includes security fixes for
     - CVE-2021-46659
     - CVE-2022-24048
     - CVE-2022-24050
     - CVE-2022-24051
     - CVE-2022-24052
   * Drop more MIPS and CTE patches applied now upstream
   * New upstream version 10.5.13. Includes security fixes for:
     - CVE-2021-35604
     - CVE-2021-46662
     - CVE-2021-46667
   * Drop MIPS and libatomic patches applied now upstream
   * Salsa-CI: Use new MySQL.com signing key
   * Notable upstream functional changes in 10.5.14:
     - New default value for innodb_change_buffering is 'none' instead of old
       value 'all' (MDEV-27734). This change should improve crash safety but
       might cause performance regressions on systems that use old spinning disks
       (HDD) where seek latency is higher.
     - New default minimum value for innodb_buffer_pool_size is 20 MB (from 2 MB)
   * Upstream release 10.5.13 included fixes for
     - MDEV-26712: Memory leak in row events (Closes: #1001467)
     - MDEV-23328: Server hang due to Galera lock conflict (Closes: #1003839)
 .
   [ Bas Couwenberg ]
   * Don't require debian.cnf to be executable in logrotate (Closes: #994284)
mariadb-10.5 (1:10.5.13-0+deb11u1) bullseye; urgency=medium
 .
   [ Otto Kekäläinen ]
   * New upstream version 10.5.13. Includes security fixes for:
     - CVE-2021-35604
   * Drop MIPS and libatomic patches applied now upstream
 .
   [ Bas Couwenberg ]
   * Don't require debian.cnf to be executable in logrotate (Closes: #994284)
mariadb-10.5 (1:10.5.12-1) unstable; urgency=medium
 .
   * New upstream version 10.5.12. Includes security fixes for:
     - CVE-2021-2389
     - CVE-2021-2372
   * Drop patches applied upstream in MariaDB S3 plugin

mediawiki (1:1.35.4-1+deb11u2) bullseye-security; urgency=high
 .
   * Cherry-pick upstream patches fixing CVE-2021-44858, CVE-2021-44857,
     CVE-2021-45038.
mediawiki (1:1.35.4-1) unstable; urgency=medium
 .
   * New upstream version 1.35.4, fixing CVE-2021-41798, CVE-2021-41799,
     CVE-2021-41800, CVE-2021-41801.

minetest (5.3.0+repack-2.1+deb11u1) bullseye-security; urgency=high
 .
   * Fix CVE-2022-24300 and CVE-2022-24301:
     Several vulnerabilities have been discovered in Minetest. These issues may
     allow attackers to manipulate game mods by adding or modifying meta fields
     of the same item stack and grant them an unfair advantage over other
     players. These flaws could also be abused for a denial of service attack.
     (Closes: #1004223)

modsecurity-apache (2.9.3-3+deb11u1) bullseye-security; urgency=high
 .
   * Added json_depth_limit.patch
     Fixes CVE--2021-42717

mpich (3.4.1-5~deb11u1) bullseye; urgency=medium
 .
   * Team upload.
   * Rebuild for bullseye.
 .
 mpich (3.4.1-5) unstable; urgency=medium
 .
   * Team upload.
   * libmpich12: Add Breaks: libmpich1.0-dev (<< 3) which provided libmpich-dev
     causing the old package using the ancient alternatives scheme to be kept
     installed on some upgrade paths.
   * mpich: Add Breaks+Replaces: libmpich1.0-dev (<< 3) since some files got
     moved around.  (Closes: #992065)

mujs (1.1.0-1+deb11u1) bullseye; urgency=high
 .
   * Clear jump list after patching jump addresses (CVE-2021-45005)

mutter (3.38.6-2~deb11u2) bullseye; urgency=medium
 .
   * d/patches: Update to commit 3.38.6-9-g0b26ad635 from gnome-3-38 branch
     (Closes: #1002651)
     - d/p/wayland-subsurface-Check-for-parent-actor-before-unparent.patch,
       d/p/wayland-subsurface-Handle-node-unlinking-on-parent-destro.patch,
       d/p/window-actor-wayland-Remove-subsurface-actors-on-dispose.patch:
       Fix a crash involving Wayland subsurfaces, which can be triggered by
       Firefox in Wayland mode (fix backported from 41~beta and 40.5)
     - d/p/wayland-data-offer-Accept-final-preferrence-of-drop-desti.patch:
       Fix protocol error during Alt + drag-and-drop from Firefox in
       Wayland mode, which would result in Firefox being terminated
       (fix backported from 41.1 and 40.6)
     - d/p/surface-actor-Fix-unobscurred_fraction-calculation.patch:
       When an app/game using VSync is full-screen in a multi-monitor setup,
       use the refresh rate of the correct monitor (LP: #1788535)
       (fix backported from 41.3)
     - d/p/xwayland-Fix-condition-for-queuing-a-window-to-META_QUEUE.patch:
       Avoid flooding Xwayland clients (X11 apps under Wayland) with window
       management events, which can cause performance problems
       (fix backported from 41.1 and 40.6)
     - d/p/wayland-surface-Switch-order-for-calculating-surface-dama.patch,
       d/p/wayland-surface-Use-correct-default-viewport-for-surface-.patch,
       d/p/wayland-surface-Do-not-uncoditionally-process-surface-dam.patch:
       Fix visible glitches for Wayland clients that use the wp_viewporter
       protocol in combination with wl_surface_damage(), such as the
       GStreamer waylandsink element (fix backported from 41.3)

nbd (1:3.21-1+deb11u1) bullseye-security; urgency=medium
 .
   * Cherry-pick fixes for CVE-2022-26495 and CVE-2022-26496 from git
     master; Closes: #1006915.
   * Fix parsing of nbdtab in nbd-client; Closes: #1003863.

node-cached-path-relative (1.0.2-1+deb11u1) bullseye; urgency=medium
 .
   * Team upload
   * Fix prototype pollution (Closes: CVE-2021-23518)

node-fetch (2.6.1-5+deb11u1) bullseye; urgency=medium
 .
   * Team upload
   * Don't forward secure headers to 3th party (Closes: CVE-2022-0235)

node-follow-redirects (1.13.1-1+deb11u1) bullseye; urgency=medium
 .
   * Team upload
   * Drop Cookie header across domains (Closes: CVE-2022-0155)
   * Drop confidential headers across schemes (Closes: CVE-2022-0536)

node-markdown-it (10.0.0+dfsg-2+deb11u1) bullseye; urgency=medium
 .
   * Fix ReDoS (Closes: CVE-2022-21670)

node-nth-check (2.0.0-1+deb11u1) bullseye; urgency=medium
 .
   * Team upload
   * Replace regex with hand-rolled parser (Closes: CVE-2021-3803)

node-prismjs (1.23.0+dfsg-1+deb11u2) bullseye; urgency=medium
 .
   * Command Line: Escape markup in command line output
     (Closes: CVE-2022-23647)
   * Fix also minified files (Really closes: CVE-2021-3801)

node-trim-newlines (3.0.0-1+deb11u1) bullseye; urgency=medium
 .
   * Team upload
   * Fix Regex Denial of Service (Closes: CVE-2021-33623)

nss (2:3.61-1+deb11u2) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Check for missing signedData field (CVE-2022-22747)

nvidia-cuda-toolkit (11.2.2-3+deb11u1) bullseye; urgency=medium
 .
   * cuda-gdb: Disable non-functional python support causing segmentation
     faults.  (Closes: #997031)
   * Use a snapshot of openjdk-8-jre (8u312-b07-1).
   * Do not ship a spurious CMakeLists.txt below /usr/include/cuda.
   * Bump Standards-Version to 4.6.0 (no changes needed).
   * Update Lintian overrides.
   * Record upstream versions to detect non-monotonic cases.
   * Semi-automatically update version-prefixes in non-monotonic cases.
   * Add (tesla-)510 driver as alternate dependency.
   * Add superficial autopkgtest checking the usability of the STL headers in
     host code compiled with nvcc (cf. #1006962).
     Mark as flaky to avoid regressions.
   * Upload to bullseye.
nvidia-cuda-toolkit (11.2.2-3+deb11u1~bpo10+1) buster-backports; urgency=medium
 .
   * Rebuild for buster-backports.
 .
 nvidia-cuda-toolkit (11.2.2-3+deb11u1) bullseye; urgency=medium
 .
   * cuda-gdb: Disable non-functional python support causing segmentation
     faults.  (Closes: #997031)
   * Use a snapshot of openjdk-8-jre (8u312-b07-1).
   * Do not ship a spurious CMakeLists.txt below /usr/include/cuda.
   * Bump Standards-Version to 4.6.0 (no changes needed).
   * Update Lintian overrides.
   * Record upstream versions to detect non-monotonic cases.
   * Semi-automatically update version-prefixes in non-monotonic cases.
   * Add (tesla-)510 driver as alternate dependency.
   * Add superficial autopkgtest checking the usability of the STL headers in
     host code compiled with nvcc (cf. #1006962).
     Mark as flaky to avoid regressions.
   * Upload to bullseye.
 .
 nvidia-cuda-toolkit (11.2.2-3) unstable; urgency=medium
 .
   * Use a snapshot of openjdk-8-jre (8u292-b10-3).
   * Tighten library dependencies.
   * Add (tesla-)470 driver as alternate dependency.
   * Update watch file.

nvidia-graphics-drivers-tesla-450 (450.172.01-2~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-graphics-drivers-tesla-450 (450.172.01-2) unstable; urgency=medium
 .
   * Add xorg-video-abi-25 (Xorg Xserver 21) as alternative dependency.
     (Closes: #1005932)
   * Backport pde_data changes from 470.103.01 to fix kernel module build for
     Linux 5.17.
   * dkms.conf: Use a BUILD_EXCLUSIVE equivalent hack to skip building for -rt
     kernels, not supported upstream (510.54-1).
   * Declare Testsuite: autopkgtest-pkg-dkms (510.54-1).
 .
 nvidia-graphics-drivers-tesla-450 (450.172.01-1) unstable; urgency=medium
 .
   * New upstream Tesla release 450.172.01 (2022-01-31).
     * Fixed CVE‑2022‑21813, CVE‑2022‑21814.  (Closes: #1004851)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5312
     - Fixed a bug that caused nvidia-drm.ko to crash when loading with
       DRM-KMS enabled (modeset=1) on Linux v5.14.
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * nvidia-tesla-450-kernel-support: Provide
     /etc/modprobe.d/nvidia-options.conf as a template taking into account the
     module renaming. This is a slave alternative of the nvidia alternative
     (470.86-1).  (Closes: #999670)
 .
 nvidia-graphics-drivers-tesla-450 (450.156.00-1) unstable; urgency=medium
 .
   * New upstream Tesla release 450.156.00 (2021-10-26).
     - Fixed a bug that could cause the /proc/driver/nvidia/suspend power
       management interface to fail to preserve and restore video memory
       allocations when the NVreg_TemporaryFilePath module parameter for
       nvidia.ko specified an invalid path.
 .
   [ Andreas Beckmann ]
   * bug-script: Show the nvidia and glx alternatives (470.82.00-1).
   * nvidia-tesla-450-alternative: libnvidia-cfg.so.1 on its own is not
     sufficient to activate a nvidia alternative (470.82.00-1).
     (Closes: #996595)
   * Fix bashisms in upstream scripts (470.82.00-1).
   * Drop the unusable leftover non-GLVND libegl1-nvidia-tesla-450 package
     (470.82.00-1).
   * nvidia-tesla-450-alternative: Drop unused non-GLVND slave links
     (470.82.00-1).
   * Update lintian overrides.
 .
 nvidia-graphics-drivers-tesla-450 (450.142.00-2) unstable; urgency=medium
 .
   * Backport drm_device_has_pdev and set_current_state changes from 470.63.01
     to fix kernel module build for Linux 5.14.
   * Generate tight dependencies on libnvidia*-glcore/libnvidia*-eglcore
     (470.57.02-3).
   * Bump Standards-Version to 4.6.0. No changes needed.
nvidia-graphics-drivers-tesla-450 (450.172.01-1) unstable; urgency=medium
 .
   * New upstream Tesla release 450.172.01 (2022-01-31).
     * Fixed CVE‑2022‑21813, CVE‑2022‑21814.  (Closes: #1004851)
       https://nvidia.custhelp.com/app/answers/detail/a_id/5312
     - Fixed a bug that caused nvidia-drm.ko to crash when loading with
       DRM-KMS enabled (modeset=1) on Linux v5.14.
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * nvidia-tesla-450-kernel-support: Provide
     /etc/modprobe.d/nvidia-options.conf as a template taking into account the
     module renaming. This is a slave alternative of the nvidia alternative
     (470.86-1).  (Closes: #999670)
nvidia-graphics-drivers-tesla-450 (450.156.00-1) unstable; urgency=medium
 .
   * New upstream Tesla release 450.156.00 (2021-10-26).
     - Fixed a bug that could cause the /proc/driver/nvidia/suspend power
       management interface to fail to preserve and restore video memory
       allocations when the NVreg_TemporaryFilePath module parameter for
       nvidia.ko specified an invalid path.
 .
   [ Andreas Beckmann ]
   * bug-script: Show the nvidia and glx alternatives (470.82.00-1).
   * nvidia-tesla-450-alternative: libnvidia-cfg.so.1 on its own is not
     sufficient to activate a nvidia alternative (470.82.00-1).
   * Fix bashisms in upstream scripts (470.82.00-1).
   * Drop the unusable leftover non-GLVND libegl1-nvidia package
     (470.82.00-1).
   * nvidia-alternative: Drop unused non-GLVND slave links
     (470.82.00-1).
   * Update lintian overrides.
nvidia-graphics-drivers-tesla-450 (450.142.00-2) unstable; urgency=medium
 .
   * Backport drm_device_has_pdev and set_current_state changes from 470.63.01
     to fix kernel module build for Linux 5.14.
   * Generate tight dependencies on libnvidia*-glcore/libnvidia*-eglcore
     (470.57.02-3).
   * Bump Standards-Version to 4.6.0. No changes needed.

nvidia-modprobe (470.103.01-1~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-modprobe (470.103.01-1) unstable; urgency=medium
 .
   * New upstream release.
 .
 nvidia-modprobe (470.94-1) unstable; urgency=medium
 .
   * New upstream release.
 .
 nvidia-modprobe (470.82.00-1) unstable; urgency=medium
 .
   * New upstream release.
   * Bump Standards-Version to 4.6.0. No changes needed.
   * Update Lintian overrides.
 .
 nvidia-modprobe (470.57.02-1) unstable; urgency=medium
 .
   * New upstream release.
   * Upload to unstable.
 .
 nvidia-modprobe (470.42.01-1) experimental; urgency=medium
 .
   * New upstream release.
 .
 nvidia-modprobe (465.24.02-1) experimental; urgency=medium
 .
   * New upstream release. (Closes: #987744)
   * Upload to experimental.
nvidia-modprobe (470.94-1) unstable; urgency=medium
 .
   * New upstream release.
nvidia-modprobe (470.94-1~bpo11+1) bullseye-backports; urgency=medium
 .
   * Rebuild for bullseye-backports.
 .
 nvidia-modprobe (470.94-1) unstable; urgency=medium
 .
   * New upstream release.
 .
 nvidia-modprobe (470.82.00-1) unstable; urgency=medium
 .
   * New upstream release.
   * Bump Standards-Version to 4.6.0. No changes needed.
   * Update Lintian overrides.
 .
 nvidia-modprobe (470.57.02-1) unstable; urgency=medium
 .
   * New upstream release.
   * Upload to unstable.
 .
 nvidia-modprobe (470.42.01-1) experimental; urgency=medium
 .
   * New upstream release.
 .
 nvidia-modprobe (465.24.02-1) experimental; urgency=medium
 .
   * New upstream release. (Closes: #987744)
   * Upload to experimental.
nvidia-modprobe (470.82.00-1) unstable; urgency=medium
 .
   * New upstream release.
   * Bump Standards-Version to 4.6.0. No changes needed.
   * Update Lintian overrides.
nvidia-modprobe (470.57.02-1) unstable; urgency=medium
 .
   * New upstream release.
   * Upload to unstable.
nvidia-modprobe (470.42.01-1) experimental; urgency=medium
 .
   * New upstream release.
nvidia-modprobe (465.24.02-1) experimental; urgency=medium
 .
   * New upstream release. (Closes: #987744)

openboard (1.5.4+dfsg1-2+deb11u1) bullseye; urgency=medium
 .
   * debian/openboard-common.install:
     + Install OpenBoard.png icon to /usr/share/pixmaps/.
   * debian/openboard.desktop:
     + Use OpenBoard.png icon from /usr/share/pixmaps/. (Closes: #989658).

openjdk-11 (11.0.14+9-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye
openjdk-11 (11.0.14+9-1~deb10u1) buster-security; urgency=medium
 .
   * Rebuild for buster
openjdk-11 (11.0.13+8-1) unstable; urgency=medium
 .
   * OpenJDK 11.0.13+8 build (release).
   * Security fixes
     - JDK-8163326, CVE-2021-35550: Update the default enabled cipher suites preference
     - JDK-8254967, CVE-2021-35565: com.sun.net.HttpsServer spins on TLS session close
     - JDK-8263314: Enhance XML Dsig modes
     - JDK-8265167, CVE-2021-35556: Richer Text Editors
     - JDK-8265574: Improve handling of sheets
     - JDK-8265580, CVE-2021-35559: Enhanced style for RTF kit
     - JDK-8265776: Improve Stream handling for SSL
     - JDK-8266097, CVE-2021-35561: Better hashing support
     - JDK-8266103: Better specified spec values
     - JDK-8266109: More Resilient Classloading
     - JDK-8266115: More Manifest Jar Loading
     - JDK-8266137, CVE-2021-35564: Improve Keystore integrity
     - JDK-8266689, CVE-2021-35567: More Constrained Delegation
     - JDK-8267086: ArrayIndexOutOfBoundsException in java.security.KeyFactory.generatePublic
     - JDK-8267712: Better LDAP reference processing
     - JDK-8267729, CVE-2021-35578: Improve TLS client handshaking
     - JDK-8267735, CVE-2021-35586: Better BMP support
     - JDK-8268193: Improve requests of certificates
     - JDK-8268199: Correct certificate requests
     - JDK-8268205: Enhance DTLS client handshake
     - JDK-8268506: More Manifest Digests
     - JDK-8269618, CVE-2021-35603: Better session identification
     - JDK-8269624: Enhance method selection support
     - JDK-8270398: Enhance canonicalization
     - JDK-8270404: Better canonicalization
   * Remove patches applied upstream.
openjdk-11 (11.0.13+8-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye
openjdk-11 (11.0.13+8-1~deb10u1) buster-security; urgency=medium
 .
   * Rebuild for buster-security

openjdk-17 (17.0.2+8-1~deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye
openjdk-17 (17.0.1+12-1+deb11u2) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye
openjdk-17 (17.0.1+12-1+deb11u1) bullseye-security; urgency=medium
 .
   * Rebuild for bullseye
openjdk-17 (17.0.1+12-1) unstable; urgency=medium
 .
   * OpenJDK 17.0.1+12 (release).
   * Remove patches applied upstream.
openjdk-17 (17+35-1) unstable; urgency=medium
 .
   * Fix JDK-8272472, ftbfs with glibc 2.24.
openjdk-17 (17~35ea-1) unstable; urgency=medium
 .
   * OpenJDK 17 snapshot, build 35 (first release candidate).
openjdk-17 (17~33ea-1) unstable; urgency=high
 .
   * OpenJDK 17 snapshot, build 33.
openjdk-17 (17~31ea-1) unstable; urgency=medium
 .
   * OpenJDK 17 snapshot, build 31.
   * Encode the early-access status into the package version. LP: #1934895.
openjdk-17 (17~29-1) unstable; urgency=medium
 .
   * OpenJDK 17 snapshot, build 29.
   * Update watch file.
   * Prepare to build with jtreg6, where available.
openjdk-17 (17~27-1) unstable; urgency=medium
 .
   * OpenJDK 17 snapshot, build 27.
   * Only build using lto with GCC 11.
   * Build using GCC 11 in recent distributions.
   * Update VCS attributes.
   * Disable runnning the tests, requires not yet packaged jtreg6.
   * Remove rimd, removed upstream.
openjdk-17 (17~24-1) unstable; urgency=medium
 .
   * OpenJDK 17 snapshot, build 24.
   * Drop the work around for JDK 8211105.
   * Remove jaotc (the experimental JIT compiler), removed upstream.
   * Add an (unapplied) patch to replace OASIS header files with ones
     imported from NSPR and NSS. See #985765.  Not reviewed, not applying.

openssl (1.1.1n-0+deb11u1) bullseye; urgency=medium
 .
   * New upstream version.
openssl (1.1.1n-0+deb10u1) buster; urgency=medium
 .
   * New upstream version.
     - Add new symbols.
openssl (1.1.1m-1) unstable; urgency=medium
 .
   * New upstream version.
     - Fix builds on kfreebsd (Closes: #993501).
   * Add arc, patch by Vineet Gupta (Closes: #989442).
openssl (1.1.1m-0+deb11u1) bullseye; urgency=medium
 .
   * New upstream version.
     - Fix armv8 pointer authentication (Closes: #989604).
openssl (1.1.1l-1) unstable; urgency=medium
 .
   * New upstream version.
     - CVE-2021-3711 (SM2 Decryption Buffer Overflow).
     - CVE-2021-3712 (Read buffer overruns processing ASN.1 strings).
openssl (1.1.1k-1+deb11u2) bullseye-security; urgency=medium
 .
   * CVE-2022-0778 (Infinite loop in BN_mod_sqrt() reachable when parsing
     certificates).
   * CVE-2021-4160 (Carry propagation bug in the MIPS32 and MIPS64 squaring
     procedure.)

openvswitch (2.15.0+ds1-2+deb11u1) bullseye; urgency=medium
 .
   * CVE-2021-36980: use-after-free in decode_NXAST_RAW_ENCAPAdd. Add upstream
     patch (Closes: #991308).
 .
   [ Felix Moessbauer ]
   * fix ABI incompatibility that crashes OVS when enabling LLDP
     (Closes: #992406).

ostree (2020.8-2+deb11u1) bullseye; urgency=medium
 .
   * d/gbp.conf, d/control: Branch for Debian 11 updates
   * Backport various bug fixes from newer libostree releases.
     Each of these fixes an issue that was reported against Flatpak when
     using the libostree from Debian 11, either via bullseye or
     buster-backports.
     - d/p/Fall-back-if-copy_file_range-fails-with-EINVAL.patch:
       Add patch to fall back if copy_file_range fails with EINVAL.
       This fixes an incompatibility with eCryptFS, in particular when
       using Flatpak in an eCryptFS home directory. (Closes: #1004467)
     - d/p/libotutil-Avoid-infinite-recursion-during-error-unwinding.patch:
       Avoid infinite recursion when recovering from certain errors, in
       particular the one that was a symptom of #1004467.
     - d/p/Fix-marking-static-delta-commits-as-partial.patch:
       Mark commits as partial before downloading, to avoid Flatpak and other
       ostree users getting into a state where a failed download cannot be
       resumed.
     - d/p/lib-Fix-a-bad-call-to-g_file_get_child.patch:
       Fix an assertion failure when using a backport or local build of
       GLib >= 2.71
     - d/p/Fix-translation-of-file-URIs-into-paths.patch:
       Fix the ability to fetch OSTree content from paths containing
       non-URI characters (such as backslashes) or non-ASCII

pdb2pqr (2.1.1+dfsg-7+deb11u1) bullseye; urgency=medium
 .
   * Team upload.
   * Fix ImportError in propka due to changed relative import handling in
     Python 3.8. The patch fixing #937262 has changed the way relative imports
     are called, but the used construction does not work since Python 3.8.
     Undoing changes in the patch fixed the ImportError in propka.

php-crypt-gpg (1.6.4-2+deb11u1) bullseye; urgency=high
 .
   * Backport fix for CVE-2022-24953: Crypt_GPG <1.6.7 does not prevent
     additional options in GPG calls, which presents a risk for certain
     environments and GPG versions. (Closes: #1005921)
   * d/gbp.conf, d/salsa-ci.yml: Target Bullseye release.

php-laravel-framework (6.20.14+dfsg-2+deb11u1) bullseye; urgency=high
 .
   * Fix security issue: XSS vulnerability in the Blade templating engine
     (CVE-2021-43808, Closes: #1001333)
   * Fix security issue: Failure to block the upload of executable PHP content
     (CVE-2021-43617, Closes: #1002728)

php7.4 (7.4.28-1+deb11u1) bullseye-security; urgency=high
 .
   * New upstream version 7.4.28
    + CVE-2021-21708: UAF due to php_filter_float() failing for ints
   * New upstream version 7.4.26
    + CVE-2021-21707: special character is breaking the path in xml
      function
php7.4 (7.4.26-1) unstable; urgency=medium
 .
   * New upstream version 7.4.26

phpliteadmin (1.9.8.2-1+deb11u1) bullseye; urgency=medium
 .
   * Fix CVE-2021-46709, an XSS issue with the newRows GET parameter.

pillow (8.1.2+dfsg-0.3+deb11u1) bullseye-security; urgency=medium
 .
   * CVE-2022-22815 CVE-2022-22816 CVE-2022-22817

policykit-1 (0.105-31+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Local Privilege Escalation in polkit's pkexec (CVE-2021-4034)

prips (1.1.1-3+deb11u1) bullseye; urgency=medium
 .
   * Add two patches from the 1.2.0 upstream version:
     - stop-at-last-address: stop at 255.255.255.255 instead of wrapping
       over to 0.0.0.0 and going on forever. Closes: #1001923
     - fix-different-cidr: fix the CIDR (-c) output when the addresses
       differ in their very first bit. Closes: #1001924

prosody (0.11.9-2+deb11u2) bullseye-security; urgency=medium
 .
   * CVE-2022-0217 fix memory leak (Closes: #1004173)
prosody (0.11.9-2+deb11u1) bullseye-security; urgency=high
 .
   * fix for https://prosody.im/security/advisory_20220113/
     CVE-2022-0217

pypy3 (7.3.5+dfsg-2+deb11u1) bullseye; urgency=medium
 .
   * Patch: Remove extraneous #endif from import.h (Closes: #1001519)

python-django (2:2.2.26-1~deb11u1) bullseye; urgency=medium
 .
   * New upstream security release:
 .
     - CVE-2021-45115: Denial-of-service possibility in
       UserAttributeSimilarityValidator
 .
       UserAttributeSimilarityValidator incurred significant overhead evaluating
       submitted password that were artificially large in relative to the
       comparison values. On the assumption that access to user registration was
       unrestricted this provided a potential vector for a denial-of-service
       attack.
 .
       In order to mitigate this issue, relatively long values are now ignored
       by UserAttributeSimilarityValidator.
 .
     - CVE-2021-45116: Potential information disclosure in dictsort template
       filter
 .
       Due to leveraging the Django Template Language's variable resolution
       logic, the dictsort template filter was potentially vulnerable to
       information disclosure or unintended method calls, if passed a
       suitably crafted key.
 .
       In order to avoid this possibility, dictsort now works with a
       restricted resolution logic, that will not call methods, nor allow
       indexing on dictionaries.
 .
     - CVE-2021-45452: Potential directory-traversal via Storage.save()
 .
       Storage.save() allowed directory-traversal if directly passed suitably
       crafted file names.
 .
     See <https://www.djangoproject.com/weblog/2022/jan/04/security-releases/>
     for more information. (Closes: #1003113)
 .
   * Fix a traceback around the handling of RequestSite/get_current_site() due
     to a circular import by backporting commit 78163d1a from upstream. Thanks
     to Raphaël Hertzog for the report. (Closes: #1003478)

python-nbxmpp (2.0.2-1+deb11u1) bullseye-security; urgency=medium
 .
   * CVE-2021-41055 (Gajim crashes on message correction in MUC when
     message id == replace id)

python-pip (20.3.4-4+deb11u1) bullseye; urgency=medium
 .
   * Use native map() to avoid a zipimport race in pip list --outdated.
     (Closes: #1006150)

redis (5:6.0.16-1+deb11u2) bullseye-security; urgency=high
 .
   * CVE-2022-0543: Prevent a Debian-specific Lua sandbox escape vulnerability.
 .
     This vulnerability existed because the Lua library in Debian is provided as
     a dynamic library. A "package" variable was automatically populated that
     in turn permitted access to arbitrary Lua functionality. As this extended
     to, for example, the "execute" function from the "os" module, an attacker
     with the ability to execute arbitrary Lua code could potentially execute
     arbitrary shell commands.
 .
     Thanks to Reginaldo Silva <https://www.ubercomp.com> for discovering and
     reporting this issue. (Closes: #1005787)
redis (5:6.0.16-1+deb11u1) bullseye-security; urgency=high
 .
   * New upstream security release:
 .
     - CVE-2021-32762: Integer to heap buffer overflow issue in redis-cli and
       redis-sentinel parsing large multi-bulk replies on some older and less
       common platforms.
 .
     - CVE-2021-32687: Integer to heap buffer overflow with intsets, when
       set-max-intset-entries is manually configured to a non-default, very
       large value.
 .
     - CVE-2021-32675: Denial Of Service when processing RESP request payloads
       with a large number of elements on many connections.
 .
     - CVE-2021-32672: Random heap reading issue with Lua Debugger.
 .
     - CVE-2021-32628: Integer to heap buffer overflow handling ziplist-encoded
       data types, when configuring a large, non-default value for
       hash-max-ziplist-entries, hash-max-ziplist-value,
       zset-max-ziplist-entries or zset-max-ziplist-value.
 .
     - CVE-2021-32627: Integer to heap buffer overflow issue with streams, when
       configuring a non-default, large value for proto-max-bulk-len and
       client-query-buffer-limit.
 .
     - CVE-2021-32626: Specially crafted Lua scripts may result with Heap
       buffer overflow.
 .
     - CVE-2021-41099: Integer to heap buffer overflow handling certain string
       commands and network payloads, when proto-max-bulk-len is manually
       configured to a non-default, very large value.
redis (5:6.0.16-1) unstable; urgency=medium
 .
   * New upstream security release:
 .
     - CVE-2021-32762: Integer to heap buffer overflow issue in redis-cli and
       redis-sentinel parsing large multi-bulk replies on some older and less
       common platforms.
 .
     - CVE-2021-32687: Integer to heap buffer overflow with intsets, when
       set-max-intset-entries is manually configured to a non-default, very
       large value.
 .
     - CVE-2021-32675: Denial Of Service when processing RESP request payloads
       with a large number of elements on many connections.
 .
     - CVE-2021-32672: Random heap reading issue with Lua Debugger.
 .
     - CVE-2021-32628: Integer to heap buffer overflow handling ziplist-encoded
       data types, when configuring a large, non-default value for
       hash-max-ziplist-entries, hash-max-ziplist-value,
       zset-max-ziplist-entries or zset-max-ziplist-value.
 .
     - CVE-2021-32627: Integer to heap buffer overflow issue with streams, when
       configuring a non-default, large value for proto-max-bulk-len and
       client-query-buffer-limit.
 .
     - CVE-2021-32626: Specially crafted Lua scripts may result with Heap
       buffer overflow.
 .
     - CVE-2021-41099: Integer to heap buffer overflow handling certain string
       commands and network payloads, when proto-max-bulk-len is manually
       configured to a non-default, very large value.
 .
   * Refresh patches.
   * Bump Standards-Version to 4.6.0.
redis (5:6.0.16-1~bpo11+1) bullseye-backports; urgency=medium
 .
   * Rebuild for bullseye-backports.
 .
 redis (5:6.0.16-1) unstable; urgency=medium
 .
   * New upstream security release:
 .
     - CVE-2021-32762: Integer to heap buffer overflow issue in redis-cli and
       redis-sentinel parsing large multi-bulk replies on some older and less
       common platforms.
 .
     - CVE-2021-32687: Integer to heap buffer overflow with intsets, when
       set-max-intset-entries is manually configured to a non-default, very
       large value.
 .
     - CVE-2021-32675: Denial Of Service when processing RESP request payloads
       with a large number of elements on many connections.
 .
     - CVE-2021-32672: Random heap reading issue with Lua Debugger.
 .
     - CVE-2021-32628: Integer to heap buffer overflow handling ziplist-encoded
       data types, when configuring a large, non-default value for
       hash-max-ziplist-entries, hash-max-ziplist-value,
       zset-max-ziplist-entries or zset-max-ziplist-value.
 .
     - CVE-2021-32627: Integer to heap buffer overflow issue with streams, when
       configuring a non-default, large value for proto-max-bulk-len and
       client-query-buffer-limit.
 .
     - CVE-2021-32626: Specially crafted Lua scripts may result with Heap
       buffer overflow.
 .
     - CVE-2021-41099: Integer to heap buffer overflow handling certain string
       commands and network payloads, when proto-max-bulk-len is manually
       configured to a non-default, very large value.
 .
   * Refresh patches.
   * Bump Standards-Version to 4.6.0.
redis (5:6.0.16-1~bpo10+1) buster-backports-sloppy; urgency=medium
 .
   * Rebuild for bullseye-backports-sloppy.
 .
 redis (5:6.0.16-1) unstable; urgency=medium
 .
   * New upstream security release:
 .
     - CVE-2021-32762: Integer to heap buffer overflow issue in redis-cli and
       redis-sentinel parsing large multi-bulk replies on some older and less
       common platforms.
 .
     - CVE-2021-32687: Integer to heap buffer overflow with intsets, when
       set-max-intset-entries is manually configured to a non-default, very
       large value.
 .
     - CVE-2021-32675: Denial Of Service when processing RESP request payloads
       with a large number of elements on many connections.
 .
     - CVE-2021-32672: Random heap reading issue with Lua Debugger.
 .
     - CVE-2021-32628: Integer to heap buffer overflow handling ziplist-encoded
       data types, when configuring a large, non-default value for
       hash-max-ziplist-entries, hash-max-ziplist-value,
       zset-max-ziplist-entries or zset-max-ziplist-value.
 .
     - CVE-2021-32627: Integer to heap buffer overflow issue with streams, when
       configuring a non-default, large value for proto-max-bulk-len and
       client-query-buffer-limit.
 .
     - CVE-2021-32626: Specially crafted Lua scripts may result with Heap
       buffer overflow.
 .
     - CVE-2021-41099: Integer to heap buffer overflow handling certain string
       commands and network payloads, when proto-max-bulk-len is manually
       configured to a non-default, very large value.
 .
   * Refresh patches.
   * Bump Standards-Version to 4.6.0.
 .
 redis (5:6.0.15-1) unstable; urgency=medium
 .
   * New upstream security release.
     - CVE-2021-32761: Integer overflow issues with BITFIELD command
       on 32-bit systems.
   * Bump Standards-Version to 4.5.1.
 .
 redis (5:6.0.14-1) unstable; urgency=medium
 .
   * CVE-2021-32625: Fix a vulnerability in the STRALGO LCS command.
     (Closes: #989351)
 .
 redis (5:6.0.13-1) unstable; urgency=medium
 .
   * New upstream security release:
     - CVE-2021-29477: Vulnerability in the STRALGO LCS command.
     - CVE-2021-29478: Vulnerability in the COPY command for large intsets.
     (Closes: #988045)
   * Refresh patches.
 .
 redis (5:6.0.12-1) unstable; urgency=medium
 .
   * New upstream release.
 .
 redis (5:6.0.11-1) unstable; urgency=medium
 .
   * New upstream release, incorporating security issues. (Closes: #983446)
     - Refresh patches.
 .
 redis (5:6.0.10-4) unstable; urgency=medium
 .
   * New upstream release
     - Fix cluster access to unaligned memory on ARM architectures with hard
       alignment requirements such as armhf and arm64. (Closes: #982504)
   * wrap-and-sort -sa.
 .
 redis (5:6.0.9-4) unstable; urgency=medium
 .
   * Send systemd readiness notification when we are ready to accept connections
     in order to fix systemd integration when Redis is used with replicaof.
     Thanks to Guillem Jover for the report and patch. (Closes: #981226)
 .
 redis (5:6.0.9-3) unstable; urgency=medium
 .
   * Also remove the /etc/redis directory in purge.
   * Allow /etc/redis to be rewritten. Thanks to Yossi Gottlieb for the patch.
     (Closes: #981000)
 .
 redis (5:6.0.9-2) unstable; urgency=medium
 .
   * Enable systemd Type=notify support. Thanks to Michael Prokop for all his
     help in integration. (Closes: #977852)
   * Bump Standards-Version to 4.5.1.
 .
 redis (5:6.0.9-1) unstable; urgency=medium
 .
   * New upstream release.
     - Update patches.
 .
 redis (5:6.0.8-2) unstable; urgency=medium
 .
   * Apply a patch from Yossi Gottlieb to fix a crash when reporting RDB/AOF
     file errors. (Closes: #972683)
   * Refresh patches.
 .
 redis (5:6.0.8-1) unstable; urgency=medium
 .
   * New upstream release.
 .
 redis (5:6.0.7-1) unstable; urgency=medium
 .
   * New upstream release.
   * Refresh patches.
   * Set some Forwarded headers.
 .
 redis (5:6.0.6-1) unstable; urgency=medium
 .
   * New upstream release.
     <https://raw.githubusercontent.com/antirez/redis/6.0/00-RELEASENOTES>
   * Refresh patches.
 .
 redis (5:6.0.5-1) unstable; urgency=medium
 .
   * New upstream release.
     <https://raw.githubusercontent.com/antirez/redis/6.0/00-RELEASENOTES>
 .
 redis (5:6.0.4-1) unstable; urgency=medium
 .
   * New upstream release.
     <https://raw.githubusercontent.com/antirez/redis/6.0/00-RELEASENOTES>
 .
 redis (5:6.0.3-1) unstable; urgency=medium
 .
   * New upstream release.
     <https://raw.githubusercontent.com/antirez/redis/6.0/00-RELEASENOTES>
 .
 redis (5:6.0.1-2) unstable; urgency=medium
 .
   * Upload to unstable.
 .
 redis (5:6.0.1-1) experimental; urgency=medium
 .
   * New upstream "General Availability" release.
     <https://raw.githubusercontent.com/antirez/redis/6.0/00-RELEASENOTES>
 .
 redis (5:6.0.0-2) unstable; urgency=medium
 .
   * Mark 0004-redis-check-rdb as being flaky for now.
   * Wrap long changelog line.
   * Correct spelling mistake in autopkgtest comment.
 .
 redis (5:6.0.0-1) unstable; urgency=medium
 .
   * New upstream "GA" release.
     <https://raw.githubusercontent.com/antirez/redis/6.0/00-RELEASENOTES>
     - Drop 0002-Mark-extern-definition-of-SDS_NOINIT-in-sds.h.patch; merged
       upstream.
   * Upload to unstable.
     - Update debian/gbp.conf.
 .
 redis (5:6.0~rc4-1) experimental; urgency=medium
 .
   * New upstream beta release.
     <https://raw.githubusercontent.com/antirez/redis/6.0/00-RELEASENOTES>
   * Use the newly-package liblzf-dev package over the local version.
     (Closes: #958321)
   * Refresh patches.
 .
 redis (5:6.0~rc3-1) experimental; urgency=medium
 .
   * New upstream beta release.
     <https://raw.githubusercontent.com/antirez/redis/6.0/00-RELEASENOTES>
 .
 redis (5:6.0~rc2-1) experimental; urgency=medium
 .
   * New upstream beta release.
     <https://raw.githubusercontent.com/antirez/redis/6.0/00-RELEASENOTES>
   * Refresh patches.
 .
 redis (5:6.0~rc1-3) experimental; urgency=medium
 .
   * Install openssl in the testsuite; required for generating test
     certificates.
   * Correct a typo in a previous changelog entry.
 .
 redis (5:6.0~rc1-2) experimental; urgency=medium
 .
   * Add support for TLS added in Redis 6.x. Thanks to Jason Perrin for the
     patch. (Closes: #951255)
   * Add a comment regarding why we export a MAKEFLAGS variable in debian/rules.
   * Bump Standards-Version to 4.5.0.
 .
 redis (5:6.0~rc1-1) experimental; urgency=medium
 .
   * New upstream RC1 release.
     <http://antirez.com/news/131>
   * Refresh patches.
   * Disable using the system hiredis for now, awaiting a a new upstream
     release.
 .
 redis (5:5.0.7-7) unstable; urgency=medium
 .
   * Add a sleep to ensure that the redis server has started before running the
     autopkgtests.
 .
 redis (5:5.0.7-6) unstable; urgency=medium
 .
   * No change sourceful upload to permit migration to testing.
 .
 redis (5:5.0.7-5) unstable; urgency=medium
 .
   * Ensure that the redis daemon is running prior to running the autopkgtests.
 .
 redis (5:5.0.7-4) unstable; urgency=medium
 .
   * Use the newly-package liblzf-dev package over the local version.
     (Closes: #958321)
   * Don't duplicate long description of the redis-server package in the
     metapackage.
 .
 redis (5:5.0.7-3) unstable; urgency=medium
 .
   * Fix FTBFS with GCC 10. (Closes: #957751)
   * Refresh all patches.
 .
 redis (5:5.0.7-2) unstable; urgency=medium
 .
   [ Christian Göttsche ]
   * Update systemd service to reflect new names, etc.
   * Create directories in postinst with correct SELinux context.
 .
   [ Chris Lamb ]
   * Bump Standards-Version to 4.5.0.
 .
   [ David Prévot ]
   * Update long description to remove duplicate information.
 .
 redis (5:5.0.7-1) unstable; urgency=medium
 .
   * New upstream bugfix release.
     <https://groups.google.com/forum/#!topic/redis-db/LYBeXlUKU6c>
   * Bump Standards-Version to 4.4.1.
   * Run wrap-and-sort -sa.
 .
 redis (5:5.0.6-1) unstable; urgency=medium
 .
   * New upstream release.
     <https://groups.google.com/forum/#!topic/redis-db/qTRdgyEbyYU>
   * Specify "Rules-Requires-Root: no">.
 .
 redis (5:5.0.5-2) unstable; urgency=medium
 .
   * Sourceful upload to unstable to ensure testing migration.
   * Bump Standards-Version to 4.4.0.
   * Don't build release tags in gitlab-ci.yml.
 .
 redis (5:5.0.5-1) unstable; urgency=medium
 .
   * New upstream release.
     <https://groups.google.com/forum/#!topic/redis-db/jSAtf64lIW4>
 .
 redis (5:5.0.4-1) unstable; urgency=medium
 .
   * New upstream release.
     <https://groups.google.com/forum/#!topic/redis-db/aXusvS8da8g>

roundcube (1.4.13+dfsg.1-1~deb11u1) bullseye-security; urgency=high
 .
   * New security upstream release, with fix for CVE-2021-46144: XSS
     vulnerability via HTML messages with malicious CSS content
     (closes: #1003027).
   * Prepend '<!-- html ignored -->' to the test vector of the above.
   * Refresh d/patches.
roundcube (1.4.13+dfsg.1-1~deb11u1~bpo10+1) buster-backports; urgency=medium
 .
   * Rebuild for buster-backports.
 .
 roundcube (1.4.13+dfsg.1-1~deb11u1) bullseye-security; urgency=high
 .
   * New security upstream release, with fix for CVE-2021-46144: XSS
     vulnerability via HTML messages with malicious CSS content
     (closes: #1003027).
   * Prepend '<!-- html ignored -->' to the test vector of the above.
   * Refresh d/patches.

ruby2.7 (2.7.4-1+deb11u1) bullseye-security; urgency=high
 .
   * Add length limit option for methods that parses
     date strings. (Fixes: CVE-2021-41817)
   * When parsing cookies, only decode the values.
     (Fixes: CVE-2021-41819)
   * Add patch to fix integer overflow.
     (Fixes: CVE-2021-41816) (Closes: #1002995)

rust-cbindgen (0.20.0-1~deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Backport to bullseye.
rust-cbindgen (0.20.0-1~deb10u2) buster; urgency=medium
 .
   * Non-maintainer upload.
   * Fix file timestamps from orig tarball by using a supported debhelper
     target in buster (execute_after_dh_* is not supported in dh 12.1).
   * debian/copyright: rename license paragraph to please lintian.
rust-cbindgen (0.20.0-1~deb10u1) buster; urgency=medium
 .
   * Non-maintainer upload.
   * Backport to buster.
   * Vendor dependencies, they are not available in buster.
   * Only build the cbindgen binary.
   * Lower dh-cargo build-dep.
rust-cbindgen (0.19.0-1) experimental; urgency=medium
 .
   * Package cbindgen 0.19.0 from crates.io using debcargo 2.4.4-alpha.0
rust-cbindgen (0.18.0-1) experimental; urgency=medium
 .
   * Package cbindgen 0.18.0 from crates.io using debcargo 2.4.4-alpha.0

s390-dasd (0.0.74~deb11u1) bullseye; urgency=medium
 .
   * Rebuild for bullseye.
s390-dasd (0.0.74~deb10u1) buster; urgency=medium
 .
   * Rebuild for buster.

samba (2:4.13.13+dfsg-1~deb11u3) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Add patches for CVE-2022-0336 (Closes: #1004694)
     - CVE-2022-0336: pytest: Add a test for an SPN conflict with a re-added
       SPN.
     - CVE-2022-0336: s4/dsdb/samldb: Don't return early when an SPN is
       re-added to an object.
   * Add patches for CVE-2021-44142 (Closes: #1004693)
     - CVE-2021-44142: libadouble: add defines for icon lengths.
     - CVE-2021-44142: smbd: add Netatalk xattr used by vfs_fruit to the list
       of private Samba xattrs.
     - CVE-2021-44142: libadouble: harden ad_unpack_xattrs()
     - CVE-2021-44142: libadouble: add basic cmocka tests.
     - CVE-2021-44142: libadouble: harden parsing code.
   * Add patches to address "The CVE-2020-25717 username map [script] advice
     has undesired side effects for the local nt token" (Closes: #1001068)
     - CVE-2020-25727: idmap_nss: verify that the name of the sid belongs to
       the configured domain
     - CVE-2020-25717: tests/krb5: Add method to automatically obtain server
       credentials
     - CVE-2020-25717: nsswitch/nsstest.c: Lower 'non existent uid' to make
       room for new accounts
     - CVE-2020-25717: selftest: turn ad_member_no_nss_wb into
       ad_member_idmap_nss
     - CVE-2020-25717: tests/krb5: Add a test for idmap_nss mapping users to
       SIDs
     - CVE-2020-25717: s3:auth: Fallback to a SID/UID based mapping if the
       named based lookup fails

schleuder (3.6.0-3+deb11u1) bullseye; urgency=medium
 .
   * debian/patches:
     - Pull in upstream patch to migrate boolean values to integers, if the
       ActiveRecord SQLite3 connection adapter is in use. Since ActiveRecord >=
       6.0, the relevant code relies on boolean serialization to use 1 and 0,
       but does not natively recognize 't' and 'f' as booleans were previously
       serialized. This change made existing mailing lists fail, if people were
       upgrading buster to bullseye. (Closes: #100262)

snapd (2.49-1+deb11u1) bullseye-security; urgency=high
 .
   * SECURITY UPDATE: local privilege escalation
     - 0015-cve-2021-44730-44731-4120.patch: Add validations of the
       location of the snap-confine binary within snapd.
     - 0015-cve-2021-44730-44731-4120: Fix race condition in snap-confine
       when preparing a private mount namespace for a snap.
     - 0016-cve-2021-2021-44730-44731-4120-auto-remove.patch: automatic
       remove vulnerable inactive core/snapd snaps
     - CVE-2021-44730
     - CVE-2021-44731
   * SECURITY UPDATE: data injection from malicious snaps
     - 0015-cve-2021-44730-44731-4120: Add validations of snap content
       interface and layout paths in snapd
     - CVE-2021-4120
     - LP: #1949368

sogo (5.0.1-4+deb11u1) bullseye-security; urgency=high
 .
   * [CVE-2021-33054] fixes validation of SAML message signatures
     (closes: #989479)
   * Switch gbp debian branch to bullseye.

sphinx-bootstrap-theme (0.7.1-1+deb11u1) bullseye; urgency=medium
 .
   * Fix search functionality
     Add a combined backport of 2 upstream commits that remove 1 extra spaces
     off of a few lines.

spip (3.2.11-3+deb11u3) bullseye-security; urgency=high
 .
   * Backport security fix from 3.2.14
     - arbitrary PHP code execution
spip (3.2.11-3+deb11u2) bullseye; urgency=medium
 .
   * Document CVE fixed previously
   * Backport security fixes (XSS) from 3.2.13
spip (3.2.11-3+deb11u1) bullseye-security; urgency=high
 .
   * Set up branch debian/bullseye
   * Backport security fixes from 3.2.12
     - SQL injections, remote code execution, XSS
   * Don’t ship vcs-control-file

strongswan (5.9.1-1+deb11u2) bullseye-security; urgency=medium
 .
   * gbp: revert upstream branch name change
   * eap-authenticator: Enforce failure if MSK generation fails
     - Fix incorrect handling of Early EAP-Success Messages (CVE-2021-45079)

symfony (4.4.19+dfsg-2+deb11u1) bullseye; urgency=medium
 .
   * Prevent CSV injection via formulas [CVE-2021-41270]

systemd (247.3-7) bullseye; urgency=medium
 .
   * Switch debian-branch to debian/bullseye
   * udevadm-trigger: do not return immediately on EACCES.
     Fixes a regression when using systemd-networkd in an unprivileged LXD
     container. (Closes: #997006)
   * Revert multipath symlink race fix.
     Revert upstream commits which caused a regression in udev resulting in
     long delays when processing partitions with the same label.
     (Closes: #993738)
   * shared/rm-rf: loop over nested directories instead of recursing.
     Fixes uncontrolled recursion in systemd-tmpfiles.
     (CVE-2021-3997, Closes: #1003467)
   * Demote systemd-timesyncd from Depends to Recommends.
     This avoids a dependency cycle between systemd and systemd-timesyncd and
     thus makes dist upgrades more predictable and robust.
     It also allows minimal, systemd based containers where no NTP client is
     strictly necessary.
     To ensure that systemd-timesyncd is installed in a default installation
     created by d-i, bump its priority to standard.
     (Closes: #986651, #993947)
   * autopktest: Fix timedated test dependencies.
     Add an explicit systemd-timesyncd dependency as it is required by the
     timedated test.
   * machine: enter target PID namespace when adding a live mount.
     Fixes failure to bind mount a directory into a container using
     machinectl. (Closes: #993248)

sysvinit (2.96-7+deb11u1) bullseye; urgency=medium
 .
   [ Tomas Pospisek ]
   * Clarify that when called with a `time` shutdown will not exit. That's
     important to know for programs or scripts that call `shutdown
     ... time` because they will never proceed after having called it
     (unless they fork exec or similar of course). Point in case:
     unattended-upgrades gets caught by this.
 .
   [ mirabilos ]
   * convert to a DEP 3 patch instead
 .
   [ Mark Hindley ]
   * Backport upstream patch to fix parsing of shutdown +0 (Closes:
     #1001795).

tang (8-3+deb11u1) bullseye-security; urgency=high
 .
   * Fix data leak [CVE-2021-4076]

tasksel (3.68+deb11u1) bullseye; urgency=medium
 .
   * Team upload.
 .
   * Install CUPS for all *-desktop tasks, now that task-print-service is no
     longer existing. See #993668

tryton-proteus (5.0.8-1+deb11u1) bullseye-security; urgency=high
 .
   * This release contains fixes for XML parsing vulnerabilities:
     https://discuss.tryton.org/t/security-release-for-issue11219-and-issue11244/5059
     https://bugs.tryton.org/issue11219 (CVE-2022-26661)
     https://bugs.tryton.org/issue11244 (CVE-2022-26662)

tryton-server (5.0.33-2+deb11u1) bullseye-security; urgency=high
 .
   * This release contains fixes for XML parsing vulnerabilities:
     https://discuss.tryton.org/t/security-release-for-issue11219-and-issue11244/5059
     https://bugs.tryton.org/issue11219 (CVE-2022-26661)
     https://bugs.tryton.org/issue11244 (CVE-2022-26662)

uriparser (0.9.4+dfsg-1+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * UriNormalize.c: Fix .hostText copying in uriMakeOwnerEngine
     (CVE-2021-46141)
   * UriParse.c: Adjust uriFreeUriMembers* to fixed uriMakeOwner* behavior
     (CVE-2021-46141)
   * UriNormalize.c: Fix handling of empty segments in uriPreventLeakage
     (CVE-2021-46142)

usb.ids (2022.02.15-0+deb11u1) bullseye; urgency=medium
 .
   * Upload to bullseye.
usb.ids (2021.12.24-1) unstable; urgency=medium
 .
   * New upstream version.
   * Bump Standards-Version to 4.6.0 (no changes).
usb.ids (2021.07.19-1) unstable; urgency=medium
 .
   * New upstream version.
usb.ids (2021.07.01-1) unstable; urgency=medium
 .
   * New upstream version.

usbview (2.0-21-g6fe2f4f-2+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Fix authorization for inactive or arbitrary other users (CVE-2022-23220)
   * Pass on the command line parameters to GTK only if not invoked via pkexec
usbview (2.0-21-g6fe2f4f-2+deb10u1) buster-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Fix authorization for inactive or arbitrary other users (CVE-2022-23220)
   * Pass on the command line parameters to GTK only if not invoked via pkexec

util-linux (2.36.1-8+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * include/strutils: Add ul_strtou64() function
   * libmount: fix UID check for FUSE umount [CVE-2021-3995]
   * libmount: fix (deleted) suffix issue [CVE-2021-3996]

varnish (6.5.1-1+deb11u2) bullseye-security; urgency=medium
 .
   * Apply upstream patch to fix: VSV00008 Varnish HTTP/1 Request Smuggling
     Vulnerability (CVE-2022-23959).  (Closes: #1004433)
varnish (6.5.1-1+deb11u1) bullseye-security; urgency=medium
 .
   * Apply upstream patches to fix VSV00007: Varnish HTTP/2 Request
     Smuggling Attack (CVE-2021-36740).  (Closes: #991040)

webkit2gtk (2.34.6-1~deb11u1) bullseye-security; urgency=high
 .
   * Rebuild for bullseye-security.
webkit2gtk (2.34.6-1~deb10u1) buster-security; urgency=high
 .
   * Rebuild for buster-security.
   * debian/patches/force-single-process.patch:
     + Force the single-process mode in Evolution and Geary
   * debian/control:
     + Remove Breaks for Evolution < 3.34.1.
     + Remove build dependency on libwpebackend-fdo-1.0-dev,
       libmanette-0.2-dev and liblcms2-dev.
     + Switch build dependency from libenchant-2-dev to libenchant-dev.
     + Switch build dependencies on libgl-dev and libgles-dev with
       libgl1-mesa-dev and libgles2-mesa-dev.
   * Downgrade xdg-desktop-portal-gtk from a recommendation to a
     suggestion (See #989307)
   * debian/rules:
     + Build with -DENABLE_GAMEPAD=OFF -DUSE_LCMS=OFF.
   * Set the debhelper compatibility level back to 10. This fixes a dh_dwz
     error ".debug_info section not present"
     - Add debian/compat file.
     - Update build dependency on debhelper.
webkit2gtk (2.34.5-1) unstable; urgency=high
 .
   * New upstream release.
     + Fixes CVE-2022-22589, CVE-2022-22590 and CVE-2022-22592.
webkit2gtk (2.34.4-1) unstable; urgency=high
 .
   * New upstream release.
   * Set the debhelper compatibility level to 12:
     - Get rid of debian/compat.
     - Add build dependency on debhelper-compat.
   * debian/rules:
     - Stop using --builddirectory=build, .gir files no longer seem to
       contain references to the build directory (see the 2.27.90-1 entry
       for more details).
   * debian/copyright:
     + Update copyright years.
webkit2gtk (2.34.4-1~deb11u1) bullseye-security; urgency=high
 .
   * Rebuild for bullseye-security.
     - Fixes CVE-2021-30934, CVE-2021-30936, CVE-2021-30951,
       CVE-2021-30952, CVE-2021-30953, CVE-2021-30954, CVE-2021-30984.
webkit2gtk (2.34.4-1~deb10u1) buster-security; urgency=high
 .
   * Rebuild for buster-security.
     - Fixes CVE-2021-30934, CVE-2021-30936, CVE-2021-30951,
       CVE-2021-30952, CVE-2021-30953, CVE-2021-30954, CVE-2021-30984.
   * debian/patches/force-single-process.patch:
     + Force the single-process mode in Evolution and Geary
   * debian/control:
     + Remove Breaks for Evolution < 3.34.1.
     + Remove build dependency on libwpebackend-fdo-1.0-dev,
       libmanette-0.2-dev and liblcms2-dev.
     + Switch build dependency from libenchant-2-dev to libenchant-dev.
     + Switch build dependencies on libgl-dev and libgles-dev with
       libgl1-mesa-dev and libgles2-mesa-dev.
   * Downgrade xdg-desktop-portal-gtk from a recommendation to a
     suggestion (See #989307)
   * debian/rules:
     + Build with -DENABLE_GAMEPAD=OFF -DUSE_LCMS=OFF.
   * Set the debhelper compatibility level back to 10. This fixes a dh_dwz
     error ".debug_info section not present"
     - Add debian/compat file.
     - Update build dependency on debhelper.
webkit2gtk (2.34.3-1) unstable; urgency=high
 .
   [ Alberto Garcia ]
   * New upstream release.
   * The WebKitGTK security advisory WSA-2021-0007 lists the following
     security fixes in the latest versions of WebKitGTK:
     + CVE-2021-30809, CVE-2021-30836 (fixed in 2.32.4).
     + CVE-2021-30818, CVE-2021-30823, CVE-2021-30884, CVE-2021-30888,
       CVE-2021-30889, CVE-2021-30897 (fixed in 2.34.0).
     + CVE-2021-30887, CVE-2021-30890 (fixed in 2.34.3).
 .
   [ Sebastien Bacher ]
   * debian/rules:
     + Explicitly disable lto since when it's on the build is failing, that
       doesn't impact Debian by default but is an issue on Ubuntu.
       (Closes: #1000598)
     + Don't recommend xdg-desktop-portal-gtk on Ubuntu i386, it's a partial
       architecture and the binary doesn't exist (Closes: #1000599).
webkit2gtk (2.34.3-1~deb11u1) bullseye-security; urgency=high
 .
   * Rebuild for bullseye-security.
     + Fixes CVE-2021-30887, CVE-2021-30890.
webkit2gtk (2.34.3-1~deb10u1) buster-security; urgency=high
 .
   * Rebuild for buster-security.
     + Fixes CVE-2021-30887, CVE-2021-30890.
   * debian/patches/force-single-process.patch:
     + Force the single-process mode in Evolution and Geary
   * debian/control:
     + Remove Breaks for Evolution < 3.34.1.
     + Remove build dependency on libwpebackend-fdo-1.0-dev,
       libmanette-0.2-dev and liblcms2-dev.
     + Switch build dependency from libenchant-2-dev to libenchant-dev.
     + Switch build dependencies on libgl-dev and libgles-dev with
       libgl1-mesa-dev and libgles2-mesa-dev.
   * Downgrade xdg-desktop-portal-gtk from a recommendation to a
     suggestion (See #989307)
   * debian/rules:
     + Build with -DENABLE_GAMEPAD=OFF -DUSE_LCMS=OFF.
webkit2gtk (2.34.2-1) unstable; urgency=medium
 .
   * New upstream release.
webkit2gtk (2.34.2-1~bpo11+1) bullseye-backports; urgency=medium
 .
   * Rebuild for bullseye-backports.
webkit2gtk (2.34.1-1) unstable; urgency=high
 .
   [ Alberto Garcia ]
   * New upstream release.
   * debian/rules:
     + Build with -O1 in sh3 and sh4 (Closes: #995717).
   * debian/copyright:
     + Update copyright information of all files.
   * debian/libwebkit2gtk-4.0-37.symbols:
     + Update symbols.
   * debian/libwebkit2gtk-4.0-37.lintian-overrides:
     + Override library-not-linked-against-libc.
   * debian/source/lintian-overrides:
     + Update source-is-missing overrides.
   * debian/control:
     + Update Standards-Version to 4.6.0.1 (no changes).
 .
   [ Sebastien Bacher ]
   * debian/control, debian/rules:
     + handle gstreamer1.0-plugins-bad with the same Ubuntu override than
       libav, it's also in universe (Closes: #995166).

weechat (3.0-1+deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * CVE-2021-40516: A crafted WebSocket frame could result in a crash
     in the Relay plugin. (Closes: #993803)

wolfssl (4.6.0+p1-0+deb11u1) bullseye; urgency=medium
 .
   * Stable update to address the following vulnerabilities. The updated
     version was released by upstream:
     - PR 3676: CVE-2021-3336
     - PR 3990: CVE-2021-37155 (OCSP Match Issue)
     - PR 4211: CVE-2021-38597
     - PR 4629: CVE-2021-44718
     - PR 4813: CVE-2022-25638
     - PR 4831: CVE-2022-25640
   * Drop 58f9b6ec01f0caf89e9e4d37a8816b310005aaf1.patch, which was previously
     cherry-picked from upstream.
   * Upstream updated some certificates in the test suite.

wordpress (5.7.5+dfsg1-0+deb11u1) bullseye-security; urgency=high
 .
   * Upstream security release Closes: #1003243
      - CVE-2022-21662 - Stored XSS through authenticated users
      - CVE-2022-21663 - Authenticated Object Injection in Multisites
      - CVE-2022-21661 - WordPress: SQL Injection through WP_Query
      - CVE-2022-21664 - SQL injection due to improper sanitization
        in WP_Meta_Query
   * WordPress 5.7.4 just had a removal of an old CA certificate
     which isn't used in Debian installations

wpewebkit (2.34.6-1~deb11u1) bullseye-security; urgency=high
 .
   * Rebuild for bullseye-security.
wpewebkit (2.34.5-1) unstable; urgency=high
 .
   * New upstream release.
wpewebkit (2.34.4-1) unstable; urgency=high
 .
   * New upstream release.
   * Set the debhelper compatibility level to 12:
     - Get rid of debian/compat.
     - Add build dependency on debhelper-compat.
   * debian/copyright:
     + Update copyright years.
wpewebkit (2.34.4-1~deb11u1) bullseye-security; urgency=high
 .
   * Rebuild for bullseye-security.
     - Fixes CVE-2021-30934, CVE-2021-30936, CVE-2021-30951,
       CVE-2021-30952, CVE-2021-30953, CVE-2021-30954, CVE-2021-30984.
wpewebkit (2.34.3-1) unstable; urgency=high
 .
   * New upstream release.
wpewebkit (2.34.3-1~deb11u1) bullseye-security; urgency=high
 .
   * Rebuild for bullseye-security.
     + Fixes CVE-2021-30887, CVE-2021-30890.
wpewebkit (2.34.2-1) unstable; urgency=medium
 .
   * New upstream release.
   * debian/patches/fix-ftbfs-m68k.patch:
     + Update patch.
wpewebkit (2.34.1-1) unstable; urgency=high
 .
   * New upstream release.
   * debian/gbp.conf:
     + Update upstream branch name.
   * Update copyright information of all files.
   * Refresh all patches.
   * debian/rules:
     + Build with -O1 in sh3 and sh4 (see #995717).
     + Build with -DUSE_SOUP2=ON.
   * debian/control:
     + Add build dependency on liblcms2-dev (see #880697).
     + Update Standards-Version to 4.6.0.1 (no changes).
   * debian/libwpewebkit-1.0-3.symbols:
     + Update symbols.
   * debian/libwpewebkit-1.0-3.lintian-overrides:
     + Override library-not-linked-against-libc.
   * debian/source/lintian-overrides:
     + Update source-is-missing overrides.

xorg-server (2:1.20.11-1+deb11u1) bullseye-security; urgency=high
 .
   * Team upload.
   * record: Fix out of bounds access in SwapCreateRegister() [CVE-2021-4011]
   * xfixes: Fix out of bounds access in *ProcXFixesCreatePointerBarrier() [CVE-2021-4009]
   * Xext: Fix out of bounds access in SProcScreenSaverSuspend() [CVE-2021-4010]
   * render: Fix out of bounds access in SProcRenderCompositeGlyphs() [CVE-2021-4008]

xserver-xorg-video-intel (2:2.99.917+git20200714-1+deb11u1) bullseye; urgency=medium
 .
   [ Julien Cristau ]
   * Fix SIGILL crash on non-SSE2 CPUs (closes: #979276)

xterm (366-1+deb11u1) bullseye; urgency=medium
 .
   * Cherry-pick sixel graphics fixes from xterm 370d and 370f.
     - Check for out-of-bounds condition while drawing sixels, and quit
       that operation (report by Nick Black (CVE-2022-24130),
       Closes: #1004689).

zsh (5.8-6+deb11u1) bullseye-security; urgency=high
 .
   * [452b3045] Cherry-pick zsh 5.8.1 fixes for CVE-2021-45444 for 5.8.
   * [c8a1b7a1] Install new Etc/CVE-2021-45444-VCS_Info-workaround.patch
     into zsh-doc. It is not relevant for Debian's package but gives hints
     about CVE-2021-45444 mitigations on other platforms which aren't
     updated yet.
   * [201dacfc] Update cherry-pick-CVE-2021-45444_2.patch to use a file
     name without blanks as actually used in the final 5.8.1 release.

zziplib (0.13.62-3.3+deb11u1) bullseye; urgency=high
 .
   * Non-maintainer upload by the LTS Team.
   * CVE-2020-18442
     Because of mishandling a return value, an attacker might cause a
     denial of service due to an infinite loop.
=======================================
Sat, 18 Dec 2021 - Debian 11.2 released
=======================================
=========================================================================
[Date: Sat, 18 Dec 2021 09:54:47 -0000] [ftpmaster: Archive Administrator]
Removed the following packages from stable:

libwebkit2gtk-4.0-37-gtk2 | 2.32.4-1~deb11u1 | all

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by webkit2gtk - based on source metadata)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 18 Dec 2021 09:55:15 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from stable:

btrfs-modules-5.10.0-8-s390x-di |  5.10.46-5 | s390x
cdrom-core-modules-5.10.0-8-s390x-di |  5.10.46-5 | s390x
crc-modules-5.10.0-8-s390x-di |  5.10.46-5 | s390x
crypto-dm-modules-5.10.0-8-s390x-di |  5.10.46-5 | s390x
crypto-modules-5.10.0-8-s390x-di |  5.10.46-5 | s390x
dasd-extra-modules-5.10.0-8-s390x-di |  5.10.46-5 | s390x
dasd-modules-5.10.0-8-s390x-di |  5.10.46-5 | s390x
ext4-modules-5.10.0-8-s390x-di |  5.10.46-5 | s390x
f2fs-modules-5.10.0-8-s390x-di |  5.10.46-5 | s390x
fat-modules-5.10.0-8-s390x-di |  5.10.46-5 | s390x
fuse-modules-5.10.0-8-s390x-di |  5.10.46-5 | s390x
isofs-modules-5.10.0-8-s390x-di |  5.10.46-5 | s390x
kernel-image-5.10.0-8-s390x-di |  5.10.46-5 | s390x
linux-headers-5.10.0-8-s390x |  5.10.46-5 | s390x
linux-image-5.10.0-8-s390x |  5.10.46-5 | s390x
linux-image-5.10.0-8-s390x-dbg |  5.10.46-5 | s390x
loop-modules-5.10.0-8-s390x-di |  5.10.46-5 | s390x
md-modules-5.10.0-8-s390x-di |  5.10.46-5 | s390x
mtd-core-modules-5.10.0-8-s390x-di |  5.10.46-5 | s390x
multipath-modules-5.10.0-8-s390x-di |  5.10.46-5 | s390x
nbd-modules-5.10.0-8-s390x-di |  5.10.46-5 | s390x
nic-modules-5.10.0-8-s390x-di |  5.10.46-5 | s390x
scsi-core-modules-5.10.0-8-s390x-di |  5.10.46-5 | s390x
scsi-modules-5.10.0-8-s390x-di |  5.10.46-5 | s390x
udf-modules-5.10.0-8-s390x-di |  5.10.46-5 | s390x
xfs-modules-5.10.0-8-s390x-di |  5.10.46-5 | s390x

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 18 Dec 2021 09:55:22 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from stable:

affs-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
ata-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
btrfs-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
cdrom-core-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
crc-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
crypto-dm-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
crypto-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
event-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
ext4-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
f2fs-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
fat-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
fb-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
fuse-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
i2c-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
input-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
isofs-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
jfs-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
kernel-image-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
linux-headers-5.10.0-8-4kc-malta |  5.10.46-5 | mipsel
linux-image-5.10.0-8-4kc-malta |  5.10.46-5 | mipsel
linux-image-5.10.0-8-4kc-malta-dbg |  5.10.46-5 | mipsel
loop-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
md-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
minix-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
mmc-core-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
mmc-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
mouse-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
mtd-core-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
multipath-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
nbd-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
nic-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
nic-shared-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
nic-usb-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
nic-wireless-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
pata-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
ppp-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
sata-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
scsi-core-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
scsi-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
scsi-nic-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
sound-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
squashfs-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
udf-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
usb-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
usb-serial-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
usb-storage-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel
xfs-modules-5.10.0-8-4kc-malta-di |  5.10.46-5 | mipsel

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 18 Dec 2021 09:55:30 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from stable:

ata-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
btrfs-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
cdrom-core-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
crc-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
crypto-dm-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
crypto-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
event-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
ext4-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
f2fs-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
fancontrol-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
fat-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
fb-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
firewire-core-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
fuse-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
hypervisor-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
i2c-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
input-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
isofs-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
jfs-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
kernel-image-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
linux-headers-5.10.0-8-powerpc64le |  5.10.46-5 | ppc64el
linux-image-5.10.0-8-powerpc64le |  5.10.46-5 | ppc64el
linux-image-5.10.0-8-powerpc64le-dbg |  5.10.46-5 | ppc64el
loop-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
md-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
mouse-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
mtd-core-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
multipath-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
nbd-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
nic-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
nic-shared-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
nic-usb-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
nic-wireless-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
ppp-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
sata-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
scsi-core-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
scsi-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
scsi-nic-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
serial-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
squashfs-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
udf-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
uinput-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
usb-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
usb-serial-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
usb-storage-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el
xfs-modules-5.10.0-8-powerpc64le-di |  5.10.46-5 | ppc64el

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 18 Dec 2021 09:55:38 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from stable:

linux-headers-5.10.0-8-amd64 |  5.10.46-5 | amd64
linux-headers-5.10.0-8-cloud-amd64 |  5.10.46-5 | amd64
linux-headers-5.10.0-8-rt-amd64 |  5.10.46-5 | amd64
linux-image-5.10.0-8-amd64-dbg |  5.10.46-5 | amd64
linux-image-5.10.0-8-amd64-unsigned |  5.10.46-5 | amd64
linux-image-5.10.0-8-cloud-amd64-dbg |  5.10.46-5 | amd64
linux-image-5.10.0-8-cloud-amd64-unsigned |  5.10.46-5 | amd64
linux-image-5.10.0-8-rt-amd64-dbg |  5.10.46-5 | amd64
linux-image-5.10.0-8-rt-amd64-unsigned |  5.10.46-5 | amd64

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 18 Dec 2021 09:55:46 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from stable:

linux-headers-5.10.0-8-arm64 |  5.10.46-5 | arm64
linux-headers-5.10.0-8-cloud-arm64 |  5.10.46-5 | arm64
linux-headers-5.10.0-8-rt-arm64 |  5.10.46-5 | arm64
linux-image-5.10.0-8-arm64-dbg |  5.10.46-5 | arm64
linux-image-5.10.0-8-arm64-unsigned |  5.10.46-5 | arm64
linux-image-5.10.0-8-cloud-arm64-dbg |  5.10.46-5 | arm64
linux-image-5.10.0-8-cloud-arm64-unsigned |  5.10.46-5 | arm64
linux-image-5.10.0-8-rt-arm64-dbg |  5.10.46-5 | arm64
linux-image-5.10.0-8-rt-arm64-unsigned |  5.10.46-5 | arm64

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 18 Dec 2021 09:55:54 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from stable:

btrfs-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
cdrom-core-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
crc-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
crypto-dm-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
crypto-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
event-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
ext4-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
f2fs-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
fat-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
fb-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
fuse-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
input-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
ipv6-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
isofs-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
jffs2-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
jfs-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
kernel-image-5.10.0-8-marvell-di |  5.10.46-5 | armel
leds-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
linux-headers-5.10.0-8-marvell |  5.10.46-5 | armel
linux-headers-5.10.0-8-rpi |  5.10.46-5 | armel
linux-image-5.10.0-8-marvell |  5.10.46-5 | armel
linux-image-5.10.0-8-marvell-dbg |  5.10.46-5 | armel
linux-image-5.10.0-8-rpi |  5.10.46-5 | armel
linux-image-5.10.0-8-rpi-dbg |  5.10.46-5 | armel
loop-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
md-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
minix-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
mmc-core-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
mmc-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
mouse-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
mtd-core-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
mtd-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
multipath-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
nbd-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
nic-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
nic-shared-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
nic-usb-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
ppp-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
sata-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
scsi-core-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
squashfs-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
udf-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
uinput-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
usb-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
usb-serial-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel
usb-storage-modules-5.10.0-8-marvell-di |  5.10.46-5 | armel

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 18 Dec 2021 09:56:03 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from stable:

ata-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
btrfs-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
cdrom-core-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
crc-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
crypto-dm-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
crypto-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
efi-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
event-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
ext4-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
f2fs-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
fat-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
fb-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
fuse-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
i2c-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
input-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
isofs-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
jfs-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
kernel-image-5.10.0-8-armmp-di |  5.10.46-5 | armhf
leds-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
linux-headers-5.10.0-8-armmp |  5.10.46-5 | armhf
linux-headers-5.10.0-8-armmp-lpae |  5.10.46-5 | armhf
linux-headers-5.10.0-8-rt-armmp |  5.10.46-5 | armhf
linux-image-5.10.0-8-armmp |  5.10.46-5 | armhf
linux-image-5.10.0-8-armmp-dbg |  5.10.46-5 | armhf
linux-image-5.10.0-8-armmp-lpae |  5.10.46-5 | armhf
linux-image-5.10.0-8-armmp-lpae-dbg |  5.10.46-5 | armhf
linux-image-5.10.0-8-rt-armmp |  5.10.46-5 | armhf
linux-image-5.10.0-8-rt-armmp-dbg |  5.10.46-5 | armhf
loop-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
md-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
mmc-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
mtd-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
multipath-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
nbd-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
nic-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
nic-shared-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
nic-usb-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
nic-wireless-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
pata-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
ppp-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
sata-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
scsi-core-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
scsi-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
scsi-nic-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
squashfs-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
udf-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
uinput-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
usb-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
usb-serial-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf
usb-storage-modules-5.10.0-8-armmp-di |  5.10.46-5 | armhf

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 18 Dec 2021 09:56:15 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from stable:

linux-headers-5.10.0-8-686 |  5.10.46-5 | i386
linux-headers-5.10.0-8-686-pae |  5.10.46-5 | i386
linux-headers-5.10.0-8-rt-686-pae |  5.10.46-5 | i386
linux-image-5.10.0-8-686-dbg |  5.10.46-5 | i386
linux-image-5.10.0-8-686-pae-dbg |  5.10.46-5 | i386
linux-image-5.10.0-8-686-pae-unsigned |  5.10.46-5 | i386
linux-image-5.10.0-8-686-unsigned |  5.10.46-5 | i386
linux-image-5.10.0-8-rt-686-pae-dbg |  5.10.46-5 | i386
linux-image-5.10.0-8-rt-686-pae-unsigned |  5.10.46-5 | i386

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 18 Dec 2021 09:56:23 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from stable:

affs-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
ata-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
btrfs-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
cdrom-core-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
crc-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
crypto-dm-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
crypto-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
event-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
ext4-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
f2fs-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
fat-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
fb-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
fuse-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
i2c-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
input-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
isofs-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
jfs-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
kernel-image-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
loop-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
md-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
minix-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
mmc-core-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
mmc-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
mouse-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
mtd-core-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
multipath-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
nbd-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
nic-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
nic-shared-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
nic-usb-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
nic-wireless-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
pata-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
ppp-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
sata-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
scsi-core-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
scsi-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
scsi-nic-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
sound-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
squashfs-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
udf-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
usb-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
usb-serial-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
usb-storage-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el
xfs-modules-5.10.0-8-5kc-malta-di |  5.10.46-5 | mips64el

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 18 Dec 2021 09:56:32 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from stable:

affs-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
affs-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
ata-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
btrfs-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
btrfs-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
cdrom-core-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
cdrom-core-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
crc-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
crc-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
crypto-dm-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
crypto-dm-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
crypto-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
crypto-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
event-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
event-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
ext4-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
ext4-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
f2fs-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
f2fs-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
fat-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
fat-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
fb-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
firewire-core-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
fuse-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
fuse-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
input-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
input-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
isofs-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
isofs-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
jfs-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
jfs-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
kernel-image-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
kernel-image-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
linux-headers-5.10.0-8-5kc-malta |  5.10.46-5 | mips64el, mipsel
linux-headers-5.10.0-8-loongson-3 |  5.10.46-5 | mips64el, mipsel
linux-headers-5.10.0-8-octeon |  5.10.46-5 | mips64el, mipsel
linux-image-5.10.0-8-5kc-malta |  5.10.46-5 | mips64el, mipsel
linux-image-5.10.0-8-5kc-malta-dbg |  5.10.46-5 | mips64el, mipsel
linux-image-5.10.0-8-loongson-3 |  5.10.46-5 | mips64el, mipsel
linux-image-5.10.0-8-loongson-3-dbg |  5.10.46-5 | mips64el, mipsel
linux-image-5.10.0-8-octeon |  5.10.46-5 | mips64el, mipsel
linux-image-5.10.0-8-octeon-dbg |  5.10.46-5 | mips64el, mipsel
loop-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
loop-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
md-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
md-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
minix-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
minix-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
mtd-core-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
multipath-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
multipath-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
nbd-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
nbd-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
nfs-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
nic-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
nic-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
nic-shared-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
nic-shared-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
nic-usb-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
nic-usb-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
nic-wireless-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
nic-wireless-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
pata-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
pata-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
ppp-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
ppp-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
rtc-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
sata-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
sata-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
scsi-core-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
scsi-core-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
scsi-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
scsi-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
scsi-nic-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
scsi-nic-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
sound-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
sound-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
speakup-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
squashfs-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
squashfs-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
udf-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
udf-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
usb-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
usb-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
usb-serial-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
usb-serial-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
usb-storage-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
usb-storage-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel
xfs-modules-5.10.0-8-loongson-3-di |  5.10.46-5 | mips64el, mipsel
xfs-modules-5.10.0-8-octeon-di |  5.10.46-5 | mips64el, mipsel

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 18 Dec 2021 09:56:41 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from stable:

acpi-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
ata-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
btrfs-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
cdrom-core-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
crc-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
crypto-dm-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
crypto-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
efi-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
event-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
ext4-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
f2fs-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
fat-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
fb-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
firewire-core-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
fuse-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
i2c-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
input-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
isofs-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
jfs-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
kernel-image-5.10.0-8-amd64-di |  5.10.46-5 | amd64
linux-image-5.10.0-8-amd64 |  5.10.46-5 | amd64
linux-image-5.10.0-8-cloud-amd64 |  5.10.46-5 | amd64
linux-image-5.10.0-8-rt-amd64 |  5.10.46-5 | amd64
loop-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
md-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
mmc-core-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
mmc-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
mouse-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
mtd-core-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
multipath-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
nbd-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
nic-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
nic-pcmcia-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
nic-shared-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
nic-usb-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
nic-wireless-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
pata-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
pcmcia-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
pcmcia-storage-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
ppp-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
rfkill-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
sata-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
scsi-core-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
scsi-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
scsi-nic-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
serial-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
sound-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
speakup-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
squashfs-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
udf-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
uinput-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
usb-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
usb-serial-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
usb-storage-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64
xfs-modules-5.10.0-8-amd64-di |  5.10.46-5 | amd64

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux-signed-amd64)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 18 Dec 2021 09:57:08 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from stable:

ata-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
btrfs-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
cdrom-core-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
crc-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
crypto-dm-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
crypto-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
efi-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
event-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
ext4-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
f2fs-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
fat-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
fb-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
fuse-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
i2c-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
input-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
isofs-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
jfs-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
kernel-image-5.10.0-8-arm64-di |  5.10.46-5 | arm64
leds-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
linux-image-5.10.0-8-arm64 |  5.10.46-5 | arm64
linux-image-5.10.0-8-cloud-arm64 |  5.10.46-5 | arm64
linux-image-5.10.0-8-rt-arm64 |  5.10.46-5 | arm64
loop-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
md-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
mmc-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
mtd-core-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
multipath-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
nbd-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
nic-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
nic-shared-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
nic-usb-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
nic-wireless-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
ppp-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
sata-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
scsi-core-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
scsi-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
scsi-nic-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
squashfs-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
udf-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
uinput-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
usb-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
usb-serial-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
usb-storage-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64
xfs-modules-5.10.0-8-arm64-di |  5.10.46-5 | arm64

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux-signed-arm64)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 18 Dec 2021 09:57:17 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from stable:

acpi-modules-5.10.0-8-686-di |  5.10.46-5 | i386
acpi-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
ata-modules-5.10.0-8-686-di |  5.10.46-5 | i386
ata-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
btrfs-modules-5.10.0-8-686-di |  5.10.46-5 | i386
btrfs-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
cdrom-core-modules-5.10.0-8-686-di |  5.10.46-5 | i386
cdrom-core-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
crc-modules-5.10.0-8-686-di |  5.10.46-5 | i386
crc-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
crypto-dm-modules-5.10.0-8-686-di |  5.10.46-5 | i386
crypto-dm-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
crypto-modules-5.10.0-8-686-di |  5.10.46-5 | i386
crypto-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
efi-modules-5.10.0-8-686-di |  5.10.46-5 | i386
efi-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
event-modules-5.10.0-8-686-di |  5.10.46-5 | i386
event-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
ext4-modules-5.10.0-8-686-di |  5.10.46-5 | i386
ext4-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
f2fs-modules-5.10.0-8-686-di |  5.10.46-5 | i386
f2fs-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
fat-modules-5.10.0-8-686-di |  5.10.46-5 | i386
fat-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
fb-modules-5.10.0-8-686-di |  5.10.46-5 | i386
fb-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
firewire-core-modules-5.10.0-8-686-di |  5.10.46-5 | i386
firewire-core-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
fuse-modules-5.10.0-8-686-di |  5.10.46-5 | i386
fuse-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
i2c-modules-5.10.0-8-686-di |  5.10.46-5 | i386
i2c-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
input-modules-5.10.0-8-686-di |  5.10.46-5 | i386
input-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
isofs-modules-5.10.0-8-686-di |  5.10.46-5 | i386
isofs-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
jfs-modules-5.10.0-8-686-di |  5.10.46-5 | i386
jfs-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
kernel-image-5.10.0-8-686-di |  5.10.46-5 | i386
kernel-image-5.10.0-8-686-pae-di |  5.10.46-5 | i386
linux-image-5.10.0-8-686 |  5.10.46-5 | i386
linux-image-5.10.0-8-686-pae |  5.10.46-5 | i386
linux-image-5.10.0-8-rt-686-pae |  5.10.46-5 | i386
loop-modules-5.10.0-8-686-di |  5.10.46-5 | i386
loop-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
md-modules-5.10.0-8-686-di |  5.10.46-5 | i386
md-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
mmc-core-modules-5.10.0-8-686-di |  5.10.46-5 | i386
mmc-core-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
mmc-modules-5.10.0-8-686-di |  5.10.46-5 | i386
mmc-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
mouse-modules-5.10.0-8-686-di |  5.10.46-5 | i386
mouse-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
mtd-core-modules-5.10.0-8-686-di |  5.10.46-5 | i386
mtd-core-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
multipath-modules-5.10.0-8-686-di |  5.10.46-5 | i386
multipath-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
nbd-modules-5.10.0-8-686-di |  5.10.46-5 | i386
nbd-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
nic-modules-5.10.0-8-686-di |  5.10.46-5 | i386
nic-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
nic-pcmcia-modules-5.10.0-8-686-di |  5.10.46-5 | i386
nic-pcmcia-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
nic-shared-modules-5.10.0-8-686-di |  5.10.46-5 | i386
nic-shared-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
nic-usb-modules-5.10.0-8-686-di |  5.10.46-5 | i386
nic-usb-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
nic-wireless-modules-5.10.0-8-686-di |  5.10.46-5 | i386
nic-wireless-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
pata-modules-5.10.0-8-686-di |  5.10.46-5 | i386
pata-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
pcmcia-modules-5.10.0-8-686-di |  5.10.46-5 | i386
pcmcia-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
pcmcia-storage-modules-5.10.0-8-686-di |  5.10.46-5 | i386
pcmcia-storage-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
ppp-modules-5.10.0-8-686-di |  5.10.46-5 | i386
ppp-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
rfkill-modules-5.10.0-8-686-di |  5.10.46-5 | i386
rfkill-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
sata-modules-5.10.0-8-686-di |  5.10.46-5 | i386
sata-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
scsi-core-modules-5.10.0-8-686-di |  5.10.46-5 | i386
scsi-core-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
scsi-modules-5.10.0-8-686-di |  5.10.46-5 | i386
scsi-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
scsi-nic-modules-5.10.0-8-686-di |  5.10.46-5 | i386
scsi-nic-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
serial-modules-5.10.0-8-686-di |  5.10.46-5 | i386
serial-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
sound-modules-5.10.0-8-686-di |  5.10.46-5 | i386
sound-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
speakup-modules-5.10.0-8-686-di |  5.10.46-5 | i386
speakup-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
squashfs-modules-5.10.0-8-686-di |  5.10.46-5 | i386
squashfs-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
udf-modules-5.10.0-8-686-di |  5.10.46-5 | i386
udf-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
uinput-modules-5.10.0-8-686-di |  5.10.46-5 | i386
uinput-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
usb-modules-5.10.0-8-686-di |  5.10.46-5 | i386
usb-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
usb-serial-modules-5.10.0-8-686-di |  5.10.46-5 | i386
usb-serial-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
usb-storage-modules-5.10.0-8-686-di |  5.10.46-5 | i386
usb-storage-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386
xfs-modules-5.10.0-8-686-di |  5.10.46-5 | i386
xfs-modules-5.10.0-8-686-pae-di |  5.10.46-5 | i386

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux-signed-i386)
----------------------------------------------
=========================================================================
=========================================================================
[Date: Sat, 18 Dec 2021 09:57:33 -0000] [ftpmaster: Mark Hymers]
Removed the following packages from stable:

linux-headers-5.10.0-8-common |  5.10.46-5 | all
linux-headers-5.10.0-8-common-rt |  5.10.46-5 | all
linux-support-5.10.0-8 |  5.10.46-5 | all

------------------- Reason -------------------
[auto-cruft] NBS (no longer built by linux - based on source metadata)
----------------------------------------------
=========================================================================

apache-log4j2 (2.16.0-1~deb11u1) bullseye-security; urgency=high
 .
   * Team upload.
   * Backport version 2.16.0 to Bullseye and fix CVE-2021-45046.
     (Closes: #1001729)
apache-log4j2 (2.16.0-1~deb10u1) buster-security; urgency=high
 .
   * Team upload.
   * Backport version 2.16.0 to Buster and fix CVE-2021-45046.
     (Closes: #1001729)
apache-log4j2 (2.15.0-1) unstable; urgency=high
 .
   * Team upload.
   * New upstream version 2.15.0.
     - Fix CVE-2021-44228:
       Chen Zhaojun of Alibaba Cloud Security Team discovered that JNDI features
       used in configuration, log messages, and parameters do not protect
       against attacker controlled LDAP and other JNDI related endpoints. An
       attacker who can control log messages or log message parameters can
       execute arbitrary code loaded from LDAP servers when message lookup
       substitution is enabled. From version 2.15.0, this behavior has been
       disabled by default. (Closes: #1001478)
   * Update debian/watch to track the latest releases.
   * Declare compliance with Debian Policy 4.6.0.
apache-log4j2 (2.15.0-1~deb11u1) bullseye-security; urgency=high
 .
   * Team upload.
   * Backport version 2.15.0 to Bullseye and fix CVE-2021-44228.
     (Closes: #1001478)
apache-log4j2 (2.15.0-1~deb10u1) buster-security; urgency=high
 .
   * Team upload.
   * Backport version 2.15.0 to Buster and fix CVE-2021-44228.
     (Closes: #1001478)
   * Fix CVE-2020-9488:
     Improper validation of certificate with host mismatch in Apache Log4j SMTP
     appender. This could allow an SMTPS connection to be intercepted by a
     man-in-the-middle attack which could leak any log messages sent through
     that appender.
     (Closes: #959450)

apache2 (2.4.51-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream version 2.4.51 (Closes: CVE-2021-41773, CVE-2021-42013)
   * Refresh patches
apache2 (2.4.51-1~bpo10+2) buster-backports; urgency=medium
 .
   * Rebuild for buster-backports
apache2 (2.4.51-1~bpo10+1) buster-backports-sloppy; urgency=medium
 .
   * Rebuild for buster-backports-sloppy
apache2 (2.4.50-1) unstable; urgency=high
 .
   * New upstream version 2.4.50 (Closes: CVE-2021-41773, CVE-2021-41524)
   * Remove patches already merged upstream
apache2 (2.4.50-1~deb11u1) bullseye-security; urgency=medium
 .
   [ Ondřej Surý ]
   * New upstream version 2.4.50 (Closes: CVE-2021-41524, CVE-2021-41773)
 .
   [ Yadd ]
   * Refresh patches and drop CVE-2021-40438-improvement,
     correctly-count-active-child-processes and spelling-errors patches
apache2 (2.4.49-4) unstable; urgency=medium
 .
   [ Ondřej Surý ]
   * Add upstream patch to fix crash in 2.4.49
apache2 (2.4.49-3) unstable; urgency=medium
 .
   [ Yadd ]
   * Re-export upstream signing key without extra signatures.
   * Drop transition for old debug package migration.
 .
   [ Moritz Muehlenhoff ]
   * Fix CVE-2021-40438 regression
apache2 (2.4.49-2) unstable; urgency=medium
 .
   [ Michiel Hazelhof ]
   * Fix multi instance issue (Closes: #868861)
 .
   [ Philippe Ombredanne ]
   * Fix GPL version typo in copyright file
apache2 (2.4.49-1) unstable; urgency=medium
 .
   * Update upstream GPG keys
   * New upstream version 2.4.49
   * Refresh patches
apache2 (2.4.49-1~deb11u3) bullseye-security; urgency=medium
 .
   [ Ondřej Surý ]
   * Add upstream patch to fix crash in 2.4.49
apache2 (2.4.49-1~deb11u2) bullseye-security; urgency=medium
 .
   [ Yadd ]
   * Re-export upstream signing key without extra signatures.
 .
   [ Moritz Muehlenhoff ]
   * Fix CVE-2021-40438 regression
apache2 (2.4.49-1~deb11u1) bullseye-security; urgency=high
 .
   * Update upstream GPG keys
   * New upstream version 2.4.49 (Closes: CVE-2021-34798, CVE-2021-36160,
     CVE-2021-39275, CVE-2021-40438)
   * Refresh patches
apache2 (2.4.49-1~bpo10+1) buster-backports-sloppy; urgency=medium
 .
   * Rebuild for buster-backports-sloppy
apache2 (2.4.48-4) unstable; urgency=medium
 .
   * Fix mod_proxy HTTP2 request line injection (Closes: CVE-2021-33193)

authheaders (0.13.1-1) bullseye; urgency=medium
 .
   * New upstream bugfix release
   * Update debian/watch to track 0.13 for stable updates

base-files (11.1+deb11u2) bullseye; urgency=medium
 .
   * Change /etc/debian_version to 11.2, for Debian 11.2 point release.

bind9 (1:9.16.22-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream version 9.16.22
    + CVE-2021-25219: The "lame-ttl" option is now forcibly set to 0. This
      effectively disables the lame server cache, as it could previously be
      abused by an attacker to significantly degrade resolver performance.
bind9 (1:9.16.22-1~deb11u1~bpo10+1) buster-backports; urgency=medium
 .
   * Rebuild for buster-backports.
   * Cherry-pick upstream fix to build with Sphinx < 2.0.0
     (only necessary for buster)
 .
 bind9 (1:9.16.22-1~deb11u1) bullseye-security; urgency=high
 .
   * New upstream version 9.16.22
    + CVE-2021-25219: The "lame-ttl" option is now forcibly set to 0. This
      effectively disables the lame server cache, as it could previously be
      abused by an attacker to significantly degrade resolver performance.
bind9 (1:9.16.21-1) unstable; urgency=medium
 .
   * New upstream version 9.16.21

bpftrace (0.11.3-5+deb11u1) bullseye; urgency=medium
 .
   * d/patches: add patch to fix array indexing (Closes: #1001449).

brltty (6.3+dfsg-1+deb11u1) bullseye; urgency=medium
 .
   [ Gregory Nowak ]
   * brltty.init: Make it wait for $local_fs, like the systemd service does.
     (Closes: Bug#994729)

btrbk (0.27.1-1.1+deb11u2) bullseye; urgency=high
 .
   * Non-maintainer upload by the LTS Team.
   * regression fix for CVE-2021-38173
     (Closes: #996260, #996266)

calibre (5.12.0+dfsg-1+deb11u1) bullseye; urgency=medium
 .
   * Avoid to use embedded assignment syntax (Closes: #998744)

chrony (4.0-8+deb11u1) bullseye; urgency=medium
 .
   * debian/patches/:
     - Add fix-seccomp-filter-for-BINDTODEVICE-socket-option.patch to be able
     to bind a socket to a network device with a name longer than 3 characters
     when the system call filter is enabled. (Closes: #995207)

cmake (3.18.4-2+deb11u1) bullseye; urgency=medium
 .
   * Team upload.
   * Add PostgreSQL 13 to known versions (Closes: #990623)

containerd (1.4.12~ds1-1~deb11u1) bullseye; urgency=medium
 .
   * New upstream version 1.4.12~ds1
     + 1.4.12
       * Mitigate CVE-2021-41190: Handle ambiguous OCI manifest parsing
       * Update pull to try next mirror for non-404 errors
       * Update pull to handle of non-https urls in descriptors
     + 1.4.11
       * CVE-2021-41103: Fix insufficiently restricted permissions on container
         root and plugin directories
     + 1.4.10
       * Support "clone3" in default seccomp profile
       * Fix panic in metadata content writer on copy error
     + 1.4.9
       * Update pull authorization logic on redirect
       * Fix user agent used for fetching registry authentication tokens
     + 1.4.8
       * CVE-2021-32760: Archive package allows chmod of file outside of unpack
         target directory
     + 1.4.7
       * Fix invalid validation error checking
       * Fix error on image pull resume
   * Refresh patches
     + Drop CVE-2021-32760 patch
     + Drop CVE-2021-41103 patch
     + Refresh 0005-backport-github.com-containerd-containerd-remotes.patch
       with latest 1.5 release branch
   * Backport RPi1/RPi0 workaround (Closes: #998909)
containerd (1.4.5~ds1-2+deb11u1) bullseye-security; urgency=high
 .
   * CVE-2021-41103: Insufficiently restricted permissions on container
     root and plugin directories

curl (7.74.0-1.3+deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Also remove -ffile-prefix-map from curl-config. (Closes: #990128)

datatables.js (1.10.21+dfsg-2+deb11u1) bullseye; urgency=medium
 .
   * Team upload.
   * Fix: If an array was passed to the HTML escape entities function it would
     not have its contents escaped (Closes: #995229, CVE-2021-23445)

debian-edu-config (2.11.56+deb11u2) bullseye; urgency=medium
 .
   [ Mike Gabriel ]
   * share/debian-edu-config/tools/pxe-addfirmware: Fix TFTP server path
     (/var/lib/tftpboot-> /srv/tftp). (Closes: #995610).
 .
   [ Wolfgang Schweer ]
   * Add real support for LTSP chroot setup and maintenance. (Closes: #996103).
     - Adjust existing scripts and manual page for improved LTSP chroot setup:
       + sbin/debian-edu-ltsp-install: Add LTSP diskless client chroot creation,
         use uniform locations for X2Go thin clients and diskless workstations,
         ensure sitesummary-client setup and configuration inside chroots, care
         for proper mount and umount operation, add xrdp-sesman to the list of
         masked services for LTSP clients, make sure all kernels are updated,
         adjust the ltsp.conf file content to match the changes, replace last
         edit date with version number, adjust usage information accordingly.
       + share/debian-edu-config/tools/run-at-firstboot: Care for the changed
         'debian-edu-ltsp-install' default options to make sure combined server
         installations have a generated SquashFS image file just like before.
       + share/man/man8/debian-edu-ltsp-install.8: Update to reflect the changes.
     - Provide maintenance related scripts and manual pages:
       + sbin/debian-edu-ltsp-chroot: Tool to make LTSP chroot maintenance easy.
       + sbin/debian-edu-ltsp-initrd: Wrapper script for 'ltsp initrd' command.
         It makes sure that a use case specific initrd (/srv/tftp/ltsp/ltsp.img)
         is generated and moved to the right location.
       + sbin/debian-edu-ltsp-ipxe: Wrapper script for 'ltsp ipxe' command. It
         cares for a Debian Edu specific /srv/tftp/ltsp/ltsp.ipxe content.
       + share/debian-edu-config/tools/ltsp-addfirmware: Install firmware in LTSP
         chroots in case clients won't work otherwise. (Adjusted tool from Buster
         re-added to the binary package.)
       + share/man/man8/debian-edu-ltsp-chroot.8
       + share/man/man8/debian-edu-ltsp-initrd.8
       + share/man/man8/debian-edu-ltsp-ipxe.8
   * Adjust Makefile to reflect the changes.

debian-edu-doc (2.11.26+deb11u1) bullseye; urgency=medium
 .
   * Update Debian Edu Bullseye manual from the wiki; this makes sure that:
     - all LTSP setup and maintenance related changes are in the manual.
     - the Debian Edu Bullseye manual source file is the same like the one in the
       master branch / Debian unstable.
   * Update Bullseye and Buster manual translations (PO files) from the master
     branch / Debian unstable.
   * Update related PO addendum files from the master branch to make sure that
     all translators are credited correctly in the generated manuals.
 .
   [ Translation updates ]
   * Bullseye manual:
     - Chinese (Simplified): Ma Yong, Cube Kassaki and Jingxuan
     - Dutch: Frans Spiesschaert
     - German: Wolfgang Schweer
     - Norwegian Bokmål: Petter Reinholdtsen
     - Polish: Stanisław Stefan Krukowski
     - Portuguese (Brazil): Barbara Tostes and Fred Maranhão
     - Portuguese (Portugal): José Vieira
     - Portuguese: José Vieira
     - Romanian: Guilherme Fernandes Neto
     - Spanish: Eulalio Barbero Espinosa
     - Swedish: Luna Jernberg
   * Buster manual:
     - Chinese (Simplified): Cube Kassaki and Ma Yong
     - Norwegian Bokmål: Petter Reinholdtsen
     - Polish: Stanisław Stefan Krukowski
     - Portuguese (Brazil): Barbara Tostes and Fred Maranhão
     - Spanish: Eulalio Barbero Espinosa
     - Swedish: Luna Jernberg

debian-installer (20210731+deb11u2) bullseye; urgency=medium
 .
   * Bump Linux kernel ABI to 5.10.0-10.

debian-installer-netboot-images (20210731+deb11u2) bullseye; urgency=medium
 .
   * Update to 20210731+deb11u2, from bullseye-proposed-updates.

distro-info-data (0.51+deb11u1) bullseye; urgency=medium
 .
   * Update data to 0.52:
     - Extend Ubuntu 14.04 and 16.04 ESM out to 10 years in total.
     - Add Ubuntu 22.04 LTS, Jammy Jellyfish.

docker.io (20.10.5+dfsg1-1+deb11u1) bullseye; urgency=medium
 .
   * Backport patches for CVE-2021-41089 CVE-2021-41091 CVE-2021-41092
     + CVE-2021-41089: Create parent directories inside a chroot during docker
       cp to prevent a specially crafted container from changing permissions of
       existing files in the host’s filesystem.
     + CVE-2021-41091: Lock down file permissions to prevent unprivileged users
       from discovering and executing programs in /var/lib/docker.
     + CVE-2021-41092: Ensure default auth config has address field set, to
       prevent credentials being sent to the default registry. (Closes: #998292)
   * Backport "clone3" syscall workaround in default seccomp policy
     (Closes: #995191)

edk2 (2020.11-2+deb11u1) bullseye; urgency=medium
 .
   * Address Boot Guard TOCTOU vulnerability (CVE-2019-11098) (Closes: #991495)

ffmpeg (7:4.3.3-0+deb11u1) bullseye-security; urgency=medium
 .
   * New upstream version 4.3.3
     - Fixes various security issues:
       CVE-2020-20446
       CVE-2020-20450
       CVE-2020-20453
       CVE-2020-22037
       CVE-2020-22042
       CVE-2021-38114
       CVE-2021-38171
       CVE-2021-38291
   * debian/patches: Refresh patches
ffmpeg (7:4.3.2-2) experimental; urgency=medium
 .
   * debian/:
     - Build with zimg (Closes: #966059)
     - Disable librvsg on hppa and sh4 (Closes: #983344)
ffmpeg (7:4.3.2-1) experimental; urgency=medium
 .
   * New upstream release
   * debian/control: Add libgl-dev as alternative Build-Depends
   * debian/patches: Remove patches integrated upstream

firefox-esr (78.15.0esr-1~deb11u1) bullseye-security; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2021-44, also known as CVE-2021-38496, CVE-2021-38500.
firefox-esr (78.14.0esr-1) unstable; urgency=medium
 .
   * New upstream release.
   * Fixes for mfsa2021-39, also known as CVE-2021-38493.
 .
   * debian/import-tar.py, debian/repack.py: Fixed for python 3.9.

flatpak (1.10.5-0+deb11u1) bullseye-security; urgency=medium
 .
   * New upstream stable release 1.10.4
     - Don't allow VFS manipulation which could be used to trick portals
       into allowing unintended access to host
       (Closes: #995935, CVE-2021-41133, GHSA-67h7-w3jq-vh4q)
     - Fix parental controls check when installing system-wide as non-root
     - OCI now uses the pax tar format, which handles large files better
       than GNU tar
     - tests: Fix test-sideload.sh if ostree is built with curl backend
       (this change is unnecessary but harmless in the configuration used
       in Debian)
   * New upstream stable release 1.10.5
     - Fix regressions in 1.12.0 with extra data or --allow=multiarch.
       This only partially prevents use of VFS-manipulating syscalls if a
       newer kernel is used with an older libseccomp, but that's the best
       we will be able to achieve without new features in libseccomp and/or
       bubblewrap.
   * d/control: Build-depend on libseccomp 2.5.0.
     This ensures that we can block creation of new user namespaces via
     clone3(), which should be enough to prevent CVE-2021-41133 on
     at least Debian 11 kernels (Linux 5.10). It also allows blocking most
     of the syscalls we want to block; we cannot guarantee to be able to
     block mount_setattr(), which was only added in libseccomp 2.5.2, but
     that syscall was new in Linux 5.12.
   * d/p/Fix-handling-of-syscalls-only-allowed-by-devel.patch:
     Fix error handling for syscalls that are only allowed with --devel
flatpak (1.10.5-0+deb11u1~bpo10+1) buster-backports; urgency=medium
 .
   * Rebuild for buster-backports.
     - Revert "debian/control: Add libmalcontent-0-dev to the
       build-dependencies". It wasn't available in buster.
     - Revert "Add Suggests on malcontent-gui".
     - Downgrade dbus from Depends to Recommends.
       It only needed to be a Depends for the libmalcontent integration,
       but it is necessary for system-wide installations (without --user),
       so a Recommends still seems appropriate.
   * Note that this backport requires libseccomp2 (>= 2.5.0) from
     buster-backports. This is necessary in order to prevent clone3()
     when using backported bullseye kernels.
 .
 flatpak (1.10.5-0+deb11u1) bullseye-security; urgency=medium
 .
   * New upstream stable release 1.10.4
     - Don't allow VFS manipulation which could be used to trick portals
       into allowing unintended access to host
       (Closes: #995935, CVE-2021-41133, GHSA-67h7-w3jq-vh4q)
     - Fix parental controls check when installing system-wide as non-root
     - OCI now uses the pax tar format, which handles large files better
       than GNU tar
     - tests: Fix test-sideload.sh if ostree is built with curl backend
       (this change is unnecessary but harmless in the configuration used
       in Debian)
   * New upstream stable release 1.10.5
     - Fix regressions in 1.12.0 with extra data or --allow=multiarch.
       This only partially prevents use of VFS-manipulating syscalls if a
       newer kernel is used with an older libseccomp, but that's the best
       we will be able to achieve without new features in libseccomp and/or
       bubblewrap.
   * d/control: Build-depend on libseccomp 2.5.0.
     This ensures that we can block creation of new user namespaces via
     clone3(), which should be enough to prevent CVE-2021-41133 on
     at least Debian 11 kernels (Linux 5.10). It also allows blocking most
     of the syscalls we want to block; we cannot guarantee to be able to
     block mount_setattr(), which was only added in libseccomp 2.5.2, but
     that syscall was new in Linux 5.12.
   * d/p/Fix-handling-of-syscalls-only-allowed-by-devel.patch:
     Fix error handling for syscalls that are only allowed with --devel

freeipmi (1.6.6-4+deb11u1) bullseye; urgency=medium
 .
   * Fix .pc files path in -dev packages. Thanks to наб (Closes: #996325)

gdal (3.2.2+dfsg-2+deb11u1) bullseye; urgency=medium
 .
   * Update branch in gbp.conf & Vcs-Git URL.
   * Add upstream patches to fix BAG 2.0 Extract support in LVBAG driver.
     (closes: #1000437)

gerbv (2.7.0-2+deb11u1) bullseye; urgency=medium
 .
   * Build for bullseye
   * [e983451] Rebuild patch queue from patch-queue branch
     Added patch:
     security/Fix-TALOS-2021-1402.patch
     Fixing CVE-2021-40391
   * [7d33020] d/gbp.conf: Adjust to branch debian/bullseye

gmp (2:6.2.1+dfsg-1+deb11u1) bullseye; urgency=medium
 .
   * [ba91bc2] Add .gitlab-ci.yml
   * [a848ad6] Avoid bit size overflows. CVE-2021-43618

golang-1.15 (1.15.15-1~deb11u2) bullseye; urgency=medium
 .
   * Backport patch for CVE-2021-38297
     When invoking functions from WASM modules, built using GOARCH=wasm GOOS=js,
     passing very large arguments can cause portions of the module to be
     overwritten with data from the arguments.
   * Backport patch for CVE-2021-41771
     debug/macho: invalid dynamic symbol table command can cause panic
   * Backport patch for CVE-2021-44716
     net/http: limit growth of header canonicalization cache
   * Backport patch for CVE-2021-44717
     syscall: don’t close fd 0 on ForkExec error
golang-1.15 (1.15.15-1~deb11u1) bullseye; urgency=medium
 .
   [ Anthony Fok ]
   * Fix Lintian warning tab-in-license-text
     debian/copyright (starting at line 381)
 .
   [ Shengjing Zhu ]
   * Rebuild 1.15.15 for bullseye
     + Include fix for CVE-2021-36221 (Closes: #991961)
       net/http: panic due to racy read of persistConn after handler panic
   * Backport patch for CVE-2021-39293
     archive/zip: overflow in preallocation check can cause OOM panic

grass (7.8.5-1+deb11u1) bullseye; urgency=medium
 .
   * Update branch in gbp.conf & Vcs-Git URL.
   * Add upstream patch to fix parsing GDAL formats with colon in description.
     (closes: #999828)

horizon (3:18.6.2-5+deb11u1) bullseye; urgency=medium
 .
   * Compile translations at build time.

htmldoc (1.9.11-4+deb11u1) bullseye; urgency=medium
 .
   * Add patch from upstream to fix CVEs:
     CVE-2021-40985, CVE-2021-43579.

im-config (0.46-1+deb11u1) bullseye; urgency=medium
 .
   * Team upload
 .
   [ Gunnar Hjalmarsson ]
   * Replace "fcitx" with "fcitx5" in IM_CONFIG_PREFERRED_RULE variable
     (closes: #990742)
 .
   [ Shengjing Zhu ]
   * Change IM_MODULE env for fcitx5 to "fcitx" (closes: #977203,
     LP: #1928360)

isync (1.3.0-2.2+deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Fix multiple buffer overflows (CVE-2021-3657)

jqueryui (1.12.1+dfsg-8+deb11u1) bullseye; urgency=medium
 .
   * Team upload
   * Make sure altField is treated as a CSS selector (Closes: CVE-2021-41182)
   * Make sure text option are text, shorten HTML strings
     (Closes: CVE-2021-41183)
   * Make sure `of` is treated as a CSS selector (Closes: CVE-2021-41184)

jwm (2.3.7-5+deb11u1) bullseye; urgency=medium
 .
   * d/p/03-fix-keyboard-move-segfault.patch: Backport upstream commit to fix
     SEGFAULT (closes: #977878)

keepalived (1:2.1.5-0.2+deb11u1) bullseye; urgency=medium
 .
   * Fix shipped too broad DBus policy. CVE-2021-44225.

keystone (2:18.0.0-3+deb11u1) bullseye; urgency=medium
 .
   * Tune keystone-uwsgi.ini for performance.
   * CVE-2021-38155 / OSSA-2021-003: Account name and UUID oracles in account
     locking. Applied upstream patch: Hide AccountLocked exception from end
     users (Closes: #992070).

kodi (2:19.1+dfsg2-2+deb11u1) bullseye; urgency=medium
 .
   * Branch out bullseye
   * Fix buffer overflow in PLS playlists (Closes: CVE-2021-42917)

ldb (2:2.2.3-2~deb11u1) bullseye-security; urgency=high
 .
   * Upload to bullseye-security
ldb (2:2.2.3-1) unstable; urgency=high
 .
   * New upstream version 2.2.3
ldb (2:2.2.3-1~deb11u1) bullseye-security; urgency=high
 .
   * Upload to bullseye-security
ldb (2:2.2.2-2) unstable; urgency=high
 .
   * Upload to unstable
ldb (2:2.2.2-2~deb11u1) bullseye-security; urgency=high
 .
   * Upload to bullseye-security
ldb (2:2.2.2-1) experimental; urgency=medium
 .
   [ Mathieu Parent ]
   * Acknowledge NMU
   * New upstream version 2.2.2, includes:
     - CVE-2020-27840: Heap corruption via crafted DN strings.
     - CVE-2021-20277: Out of bounds read in AD DC LDAP server.
 .
   [ Debian Janitor ]
   * Update standards version to 4.5.1, no changes needed.
   * Avoid explicitly specifying -Wl,--as-needed linker flag.

libayatana-indicator (0.8.4-1+deb11u2) bullseye; urgency=medium
 .
   * debian/patches:
     + Add 0002_src-indicator-ng.c-Make-sure-old-menu-item-name-is-n.patch.
       Prevent regular crashes in indicator applets. (Closes: #992499).
libayatana-indicator (0.8.4-1+deb11u1) bullseye; urgency=medium
 .
   [ Martin Wimpress ]
   * debian/patches:
     + Add 0001_scale-icons-when-loading-from-filename.patch (LP: #1733301)
 .
   [ Mike Gabriel ]
   * debian/patches:
     + Fix file path in 0001_scale-icons-when-loading-from-filename.patch.

libdatetime-timezone-perl (1:2.47-1+2021e) bullseye; urgency=medium
 .
   * Update to Olson database version 2021e.
     This update includes contemporary changes for Palestine.
 .
 libdatetime-timezone-perl (1:2.47-1+2021d) bullseye; urgency=medium
 .
   * Update to Olson database version 2021d.
     This update includes fixes for the zone links for Atlantic/Jan_Mayen and
     America/Virgin (2021c), and contemporary changes for Fiji (2021d).
libdatetime-timezone-perl (1:2.47-1+2021d) bullseye; urgency=medium
 .
   * Update to Olson database version 2021d.
     This update includes fixes for the zone links for Atlantic/Jan_Mayen and
     America/Virgin (2021c), and contemporary changes for Fiji (2021d).

libencode-perl (3.08-1+deb11u2) bullseye; urgency=medium
 .
   * Fix memory leak.
     Add patch rt_139622_memory-leak.patch, taken from upstream releases 3.13,
     3.14, 3.15 to fix a memory leak in Encode.xs.
     Cf. https://rt.cpan.org/Ticket/Display.html?id=139622
     (Closes: #995804)

libreoffice (1:7.0.4-4+deb11u1) bullseye-security; urgency=high
 .
   * backport fixes from libreoffice-7-0 branch:
     - xmlsecurity-replace-XSecParser-implementation.diff
     - xmlsecurity-improve-handling-of-multiple-X509Data-elements.diff:
     (fixes CVE-2021-25633 "Double Certificate Attack")
     - xmlsecurity-XSecParser-confused-about-multiple-timestamps.diff,
       xmlsecurity-ignore-elements-in-ds:Object-that-arent-signed.diff:
     (fixes CVE-2021-25634 "Timestamp Manipulation with Signature Wrapping")
     - default-to-CertificateValidity::INVALID.diff:
     (fixes CVE-2021-25635 "Content Manipulation with Certificate Validation
      Attack")
libreoffice (1:7.0.4-4+deb11u1~bpo10+1) buster-backports; urgency=medium
 .
   * Rebuild for buster-backports.
 .
   * debian/source/include-binaries:
     - include tarballs/libmwaw-0.3.16.tar.xz
     - include tarballs/mdds-1.6.0.tar.bz2
     - include tarballs/liborcus-0.16.1.tar.bz2
     - include tarballs/xmlsec1-1.2.30.tar.gz
     - include tarballs/libnumbertext-1.0.6.tar.xz
   * debian/rules:
     - revert clang (>= 1:11) build-dep for buster-backports; doesn't exist in
       buster and we resort back to gcc
 .
 libreoffice (1:7.0.4-4+deb11u1) bullseye-security; urgency=high
 .
   * backport fixes from libreoffice-7-0 branch:
     - xmlsecurity-replace-XSecParser-implementation.diff
     - xmlsecurity-improve-handling-of-multiple-X509Data-elements.diff:
     (fixes CVE-2021-25633 "Double Certificate Attack")
     - xmlsecurity-XSecParser-confused-about-multiple-timestamps.diff,
       xmlsecurity-ignore-elements-in-ds:Object-that-arent-signed.diff:
     (fixes CVE-2021-25634 "Timestamp Manipulation with Signature Wrapping")
     - default-to-CertificateValidity::INVALID.diff:
     (fixes CVE-2021-25635 "Content Manipulation with Certificate Validation
      Attack")
 .
 libreoffice (1:7.0.4-4) unstable; urgency=medium
 .
   * debian/patches/apparmor-updates.diff: allow one more digit in temp
     files (closes: #982274)
   * debian/control.in, debian/libreoffice-common.{maintscript,postinst.in}:
     apply patch from Adreas Beckmann to fix upgrade buster->bullseye
     - libreoffice-core: Copy some Conflicts from libreoffice-common for smoother
       upgrades from buster. Dpkg will otherwise ignore Conflicts that are
       encountered later against a package that is already deconfigured.
     - libreoffice-common: Do not use dir_to_symlink for
       /usr/lib/libreoffice/share/registry, the Breaks/Conflicts cascade does not
       work reliable here to ensure all packages previously shipping files there
       are either removed or upgraded first, but not just deconfigured. Fix up
       the symlink in postinst instead.  (Closes: #985297)
 .
 libreoffice (1:7.0.4-3) unstable; urgency=medium
 .
   * debian/tests/control.in: *really* add libreoffice-writer dependency
     to uicheck-sc test
 .
 libreoffice (1:7.0.4-2) unstable; urgency=medium
 .
   * debian/test/control: make uicheck-sc depend on libreoffice-writer, too
     (the openDialogs/uno.Show:License Dialog test opens a new "Writer/Web"
     document...)
 .
 libreoffice (1:7.0.4-1) unstable; urgency=medium
 .
   * LibreOffice 7.0.4 final release (identical to rc2)
 .
   * debian/patches/pdfium-m68k.diff: fix pdfium build on m68k
 .
   * debian/rules, debian/control*in: s/noinsttests/noinsttest/, thanks
     lintian
   * debian/rules:
     - revert clang (>= 1:11) build-dep for buster-backports; doesn't exist in
       buster and we resort back to gcc
     - don't rm LICENSE.html, it is used by
       Help -> License Information -> Show License
   * debian/control.mediawiki.in: remove Homepage: (closes: #978713)
   * debian/*.mime: stop quoting %s (closes: #950319)

libseccomp (2.5.1-1+deb11u1) bullseye; urgency=medium
 .
   * Add support for syscalls up to Linux 5.15.

libxml-security-java (2.0.10-2+deb11u1) bullseye-security; urgency=high
 .
   * Team upload.
   * Fix CVE-2021-40690:
     Apache Santuario - XML Security for Java is vulnerable to an issue where
     the "secureValidation" property is not passed correctly when creating a
     KeyInfo from a KeyInfoReference element. This allows an attacker to abuse
     an XPath Transform to extract any local .xml files in a RetrievalMethod
     element.
libxml-security-java (2.0.10-2+deb10u1) buster-security; urgency=high
 .
   * Team upload.
   * Fix CVE-2021-40690:
     Apache Santuario - XML Security for Java is vulnerable to an issue where
     the "secureValidation" property is not passed correctly when creating a
     KeyInfo from a KeyInfoReference element. This allows an attacker to abuse
     an XPath Transform to extract any local .xml files in a RetrievalMethod
     element.

libxstream-java (1.4.15-3+deb11u1) bullseye-security; urgency=high
 .
   * Team upload.
   * Enable the security whitelist by default to prevent RCE vulnerabilities.
     XStream no longer uses a blacklist because it cannot be secured for general
     purpose.

linux (5.10.84-1) bullseye; urgency=medium
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.71
     - tty: Fix out-of-bound vmalloc access in imageblit
     - cpufreq: schedutil: Use kobject release() method to free sugov_tunables
     - scsi: qla2xxx: Changes to support kdump kernel for NVMe BFS
     - cpufreq: schedutil: Destroy mutex before kobject_put() frees the memory
     - ALSA: hda/realtek: Quirks to enable speaker output for Lenovo Legion 7i
       15IMHG05, Yoga 7i 14ITL5/15ITL5, and 13s Gen2 laptops.
     - [amd64,arm64] ACPI: NFIT: Use fallback node id when numa info in NFIT
       table is incorrect
     - fs-verity: fix signed integer overflow with i_size near S64_MAX
     - hwmon: (tmp421) handle I2C errors
     - hwmon: (w83793) Fix NULL pointer dereference by removing unnecessary
       structure field
     - hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary
       structure field
     - hwmon: (w83791d) Fix NULL pointer dereference by removing unnecessary
       structure field
     - [arm64,armhf] gpio: pca953x: do not ignore i2c errors
     - scsi: ufs: Fix illegal offset in UPIU event trace
     - mac80211: fix use-after-free in CCMP/GCMP RX
     - [x86] kvmclock: Move this_cpu_pvti into kvmclock.h
     - [x86] KVM: x86: Fix stack-out-of-bounds memory access from
       ioapic_write_indirect()
     - [x86] KVM: x86: nSVM: don't copy virt_ext from vmcb12
     - [x86] KVM: nVMX: Filter out all unsupported controls when eVMCS was
       activated
     - KVM: rseq: Update rseq when processing NOTIFY_RESUME on xfer to KVM guest
     - RDMA/cma: Do not change route.addr.src_addr.ss_family
     - drm/amd/display: Pass PCI deviceid into DC
     - drm/amdgpu: correct initial cp_hqd_quantum for gfx9
     - ipvs: check that ip_vs_conn_tab_bits is between 8 and 20
     - bpf: Handle return value of BPF_PROG_TYPE_STRUCT_OPS prog
     - IB/cma: Do not send IGMP leaves for sendonly Multicast groups
     - RDMA/cma: Fix listener leak in rdma_cma_listen_on_all() failure
     - mac80211: Fix ieee80211_amsdu_aggregate frag_tail bug
     - mac80211: limit injected vht mcs/nss in ieee80211_parse_tx_radiotap
     - mac80211: mesh: fix potentially unaligned access
     - mac80211-hwsim: fix late beacon hrtimer handling
     - sctp: break out if skb_header_pointer returns NULL in sctp_rcv_ootb
     - hwmon: (tmp421) report /PVLD condition as fault
     - hwmon: (tmp421) fix rounding for negative values
     - [arm64] net: enetc: fix the incorrect clearing of IF_MODE bits
     - net: ipv4: Fix rtnexthop len when RTA_FLOW is present
     - smsc95xx: fix stalled rx after link change
     - [x86] drm/i915/request: fix early tracepoints
     - [arm64,armhf] dsa: mv88e6xxx: 6161: Use chip wide MAX MTU
     - [arm64,armhf] dsa: mv88e6xxx: Fix MTU definition
     - [arm64,armhf] dsa: mv88e6xxx: Include tagger overhead when setting MTU for
       DSA and CPU ports
     - e100: fix length calculation in e100_get_regs_len
     - e100: fix buffer overrun in e100_get_regs
     - [arm64] RDMA/hns: Fix inaccurate prints
     - bpf: Exempt CAP_BPF from checks against bpf_jit_limit
     - Revert "block, bfq: honor already-setup queue merges"
     - scsi: csiostor: Add module softdep on cxgb4
     - ixgbe: Fix NULL pointer dereference in ixgbe_xdp_setup
     - [arm64] net: hns3: do not allow call hns3_nic_net_open repeatedly
     - [arm64] net: hns3: keep MAC pause mode when multiple TCs are enabled
     - [arm64] net: hns3: fix mixed flag HCLGE_FLAG_MQPRIO_ENABLE and
       HCLGE_FLAG_DCB_ENABLE
     - [arm64] net: hns3: fix show wrong state when add existing uc mac address
     - [arm64] net: hns3: fix prototype warning
     - [arm64] net: hns3: reconstruct function hns3_self_test
     - [arm64] net: hns3: fix always enable rx vlan filter problem after selftest
     - [arm64,armhf] net: phy: bcm7xxx: Fixed indirect MMD operations
     - net: sched: flower: protect fl_walk() with rcu
     - af_unix: fix races in sk_peer_pid and sk_peer_cred accesses
     - [x86] perf/x86/intel: Update event constraints for ICX
     - nvme: add command id quirk for apple controllers
     - elf: don't use MAP_FIXED_NOREPLACE for elf interpreter mappings
     - debugfs: debugfs_create_file_size(): use IS_ERR to check for error
     - ext4: fix loff_t overflow in ext4_max_bitmap_size()
     - ext4: limit the number of blocks in one ADD_RANGE TLV (Closes: #995425)
     - ext4: fix reserved space counter leakage
     - ext4: add error checking to ext4_ext_replay_set_iblocks()
     - ext4: fix potential infinite loop in ext4_dx_readdir()
     - HID: u2fzero: ignore incomplete packets without data
     - net: udp: annotate data race around udp_sk(sk)->corkflag
     - ASoC: dapm: use component prefix when checking widget names
     - usb: hso: remove the bailout parameter
     - [x86] crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()
       (CVE-2021-3744, CVE-2021-3764)
     - HID: betop: fix slab-out-of-bounds Write in betop_probe
     - netfilter: ipset: Fix oversized kvmalloc() calls
     - mm: don't allow oversized kvmalloc() calls
     - HID: usbhid: free raw_report buffers in usbhid_stop
     - [x86] KVM: x86: Handle SRCU initialization failure during page track init
     - netfilter: conntrack: serialize hash resizes and cleanups
     - netfilter: nf_tables: Fix oversized kvmalloc() calls
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.72
     - [arm64,armhf] spi: rockchip: handle zero length transfers without timing
       out
     - nfsd: back channel stuck in SEQ4_STATUS_CB_PATH_DOWN
     - btrfs: replace BUG_ON() in btrfs_csum_one_bio() with proper error handling
     - btrfs: fix mount failure due to past and transient device flush error
     - net: mdio: introduce a shutdown method to mdio device drivers
     - xen-netback: correct success/error reporting for the SKB-with-fraglist
       case
     - scsi: sd: Free scsi_disk device via put_device()
     - [arm*] usb: dwc2: check return value after calling platform_get_resource()
     - nvme-fc: update hardware queues before using them
     - nvme-fc: avoid race between time out and tear down
     - [arm64] thermal/drivers/tsens: Fix wrong check for tzd in irq handlers
     - scsi: ses: Retry failed Send/Receive Diagnostic commands
     - [arm64,armhf] irqchip/gic: Work around broken Renesas integration
     - smb3: correct smb3 ACL security descriptor
     - KVM: do not shrink halt_poll_ns below grow_start
     - [x86] kvm: Add AMD PMU MSRs to msrs_to_save_all[]
     - [x86] KVM: nSVM: restore int_vector in svm_clear_vintr
     - [x86] perf/x86: Reset destroy callback on event init failure
     - libata: Add ATA_HORKAGE_NO_NCQ_ON_ATI for Samsung 860 and 870 SSD.
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.73
     - [arm64,armhf] usb: chipidea: ci_hdrc_imx: Also search for 'phys' phandle
     - USB: cdc-acm: fix racy tty buffer accesses
     - USB: cdc-acm: fix break reporting
     - usb: typec: tcpm: handle SRC_STARTUP state if cc changes
     - drm/nouveau/kms/tu102-: delay enabling cursor until after assign_windows
     - xen/privcmd: fix error handling in mmap-resource processing
     - [arm64] mmc: meson-gx: do not use memcpy_to/fromio for dram-access-quirk
     - ovl: fix missing negative dentry check in ovl_rename() (CVE-2021-20321)
     - ovl: fix IOCB_DIRECT if underlying fs doesn't support direct IO
     - nfsd: fix error handling of register_pernet_subsys() in init_nfsd()
     - nfsd4: Handle the NFSv4 READDIR 'dircount' hint being zero
     - SUNRPC: fix sign error causing rpcsec_gss drops
     - xen/balloon: fix cancelled balloon action
     - [armhf] dts: omap3430-sdp: Fix NAND device node
     - [armhf] bus: ti-sysc: Add break in switch statement in sysc_init_soc()
     - [arm64] soc: qcom: mdt_loader: Drop PT_LOAD check on hash segment
     - [armhf] dts: imx: Add missing pinctrl-names for panel on M53Menlo
     - [armhf] dts: imx: Fix USB host power regulator polarity on M53Menlo
     - [amd64] PCI: hv: Fix sleep while in non-sleep context when removing child
       devices from the bus
     - iwlwifi: pcie: add configuration of a Wi-Fi adapter on Dell XPS 15
     - [armel,armhf] bpf, arm: Fix register clobbering in div/mod implementation
     - [armhf] soc: ti: omap-prm: Fix external abort for am335x pruss
     - bpf: Fix integer overflow in prealloc_elems_and_freelist()
       (CVE-2021-41864)
     - net/mlx5e: IPSEC RX, enable checksum complete
     - net/mlx5: E-Switch, Fix double allocation of acl flow counter
     - phy: mdio: fix memory leak
     - net_sched: fix NULL deref in fifo_set_limit()
     - [i386] ptp_pch: Load module automatically if ID matches
     - [armhf] imx6: disable the GIC CPU interface before calling stby-poweroff
       sequence
     - net: bridge: use nla_total_size_64bit() in br_get_linkxstats_size()
     - net: bridge: fix under estimation in br_get_linkxstats_size()
     - net/sched: sch_taprio: properly cancel timer from taprio_destroy()
     - net: sfp: Fix typo in state machine debug string
     - netlink: annotate data races around nlk->bound
     - perf jevents: Tidy error handling
     - [armhf] bus: ti-sysc: Use CLKDM_NOAUTO for dra7 dcan1 for errata i893
     - [arm64,armhf] drm/sun4i: dw-hdmi: Fix HDMI PHY clock setup
     - drm/nouveau: avoid a use-after-free when BO init fails
     - drm/nouveau/kms/nv50-: fix file release memory leak
     - drm/nouveau/debugfs: fix file release memory leak
     - [amd64] gve: Correct available tx qpl check
     - [amd64] gve: Avoid freeing NULL pointer
     - rtnetlink: fix if_nlmsg_stats_size() under estimation
     - [amd64] gve: fix gve_get_stats()
     - [amd64] gve: report 64bit tx_bytes counter from gve_handle_report_stats()
     - i40e: fix endless loop under rtnl
     - i40e: Fix freeing of uninitialized misc IRQ vector
     - net: prefer socket bound to interface when not in VRF
     - [powerpc*] iommu: Report the correct most efficient DMA mask for PCI
       devices
     - i2c: acpi: fix resource leak in reconfiguration device addition
     - [s390x] bpf, s390: Fix potential memory leak about jit_data
     - [powerpc*] bpf: Fix BPF_SUB when imm == 0x80000000
     - [powerpc*] pseries/eeh: Fix the kdump kernel crash during eeh_pseries_init
     - [i386] x86/platform/olpc: Correct ifdef symbol to intended
       CONFIG_OLPC_XO15_SCI
     - [x86] entry: Correct reference to intended CONFIG_64_BIT
     - [x86] hpet: Use another crystalball to evaluate HPET usability
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.74
     - ext4: check and update i_disksize properly
     - ext4: correct the error path of ext4_write_inline_data_end()
     - [x86] ASoC: Intel: sof_sdw: tag SoundWire BEs as non-atomic
     - HID: apple: Fix logical maximum and usage maximum of Magic Keyboard JIS
     - netfilter: ip6_tables: zero-initialize fragment offset
     - HID: wacom: Add new Intuos BT (CTL-4100WL/CTL-6100WL) device IDs
     - [x86] ASoC: SOF: loader: release_firmware() on load failure to avoid
       batching
     - netfilter: nf_nat_masquerade: make async masq_inet6_event handling generic
     - netfilter: nf_nat_masquerade: defer conntrack walk to work queue
     - mac80211: Drop frames from invalid MAC address in ad-hoc mode
     - net: prevent user from passing illegal stab size
     - mac80211: check return value of rhashtable_init
     - [x86] vboxfs: fix broken legacy mount signature checking
     - drm/amdgpu: fix gart.bo pin_count leak
     - scsi: ses: Fix unsigned comparison with less than zero
     - scsi: virtio_scsi: Fix spelling mistake "Unsupport" -> "Unsupported"
     - perf/core: fix userpage->time_enabled of inactive events
     - sched: Always inline is_percpu_thread()
     - [armhf] hwmon: (pmbus/ibm-cffps) max_power_out swap changes
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.75
     - ALSA: usb-audio: Add quirk for VF0770
     - ALSA: pcm: Workaround for a wrong offset in SYNC_PTR compat ioctl
     - ALSA: seq: Fix a potential UAF by wrong private_free call order
     - ALSA: hda/realtek: Enable 4-speaker output for Dell Precision 5560 laptop
     - ALSA: hda - Enable headphone mic on Dell Latitude laptops with ALC3254
     - ALSA: hda/realtek: Complete partial device name to avoid ambiguity
     - ALSA: hda/realtek: Add quirk for Clevo X170KM-G
     - ALSA: hda/realtek - ALC236 headset MIC recording issue
     - ALSA: hda/realtek: Add quirk for TongFang PHxTxX1
     - ALSA: hda/realtek: Fix for quirk to enable speaker output on the Lenovo
       13s Gen2
     - ALSA: hda/realtek: Fix the mic type detection issue for ASUS G551JW
     - [s390x] fix strrchr() implementation
     - [arm64] hugetlb: fix CMA gigantic page order for non-4K PAGE_SIZE
     - drm/msm: Avoid potential overflow in timeout_to_jiffies()
     - btrfs: unlock newly allocated extent buffer after error
     - btrfs: deal with errors when replaying dir entry during log replay
     - btrfs: deal with errors when adding inode reference during log replay
     - btrfs: check for error when looking up inode during dir entry replay
     - btrfs: update refs for any root except tree log roots
     - btrfs: fix abort logic in btrfs_replace_file_extents
     - [x86] resctrl: Free the ctrlval arrays when domain_setup_mon_state() fails
     - [x86] mei: me: add Ice Lake-N device id.
     - xhci: guard accesses to ep_state in xhci_endpoint_reset()
     - xhci: Fix command ring pointer corruption while aborting a command
     - xhci: Enable trust tx length quirk for Fresco FL11 USB controller
     - cb710: avoid NULL pointer subtraction
     - [arm64,x86] efi/cper: use stack buffer for error record decoding
     - efi: Change down_interruptible() in virt_efi_reset_system() to
       down_trylock()
     - [armhf] usb: musb: dsps: Fix the probe error path (Closes: 1000900)
     - Input: xpad - add support for another USB ID of Nacon GC-100
     - USB: serial: qcserial: add EM9191 QDL support
     - USB: serial: option: add Quectel EC200S-CN module support
     - USB: serial: option: add Telit LE910Cx composition 0x1204
     - USB: serial: option: add prod. id for Quectel EG91
     - virtio: write back F_VERSION_1 before validate
     - nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells
     - [powerpc*] xive: Discard disabled interrupts in get_irqchip_state()
     - driver core: Reject pointless SYNC_STATE_ONLY device links
     - iio: adc: ad7192: Add IRQ flag
     - iio: adc: ad7780: Fix IRQ flag
     - iio: adc: ad7793: Fix IRQ flag
     - iio: adc128s052: Fix the error handling path of 'adc128_probe()'
     - iio: adc: max1027: Fix wrong shift with 12-bit devices
     - iio: light: opt3001: Fixed timeout error when 0 lux
     - iio: adc: max1027: Fix the number of max1X31 channels
     - iio: dac: ti-dac5571: fix an error code in probe()
     - [arm64] tee: optee: Fix missing devices unregister during optee_remove
     - [armel,armhf] dts: bcm2711-rpi-4-b: Fix usb's unit address
     - [armel,armhf] dts: bcm2711-rpi-4-b: fix sd_io_1v8_reg regulator states
     - [armel,armhf] dts: bcm2711-rpi-4-b: Fix pcie0's unit address formatting
     - nvme-pci: Fix abort command id
     - sctp: account stream padding length for reconf chunk
     - [arm64,armhf] gpio: pca953x: Improve bias setting
     - net/mlx5e: Fix memory leak in mlx5_core_destroy_cq() error path
     - net/mlx5e: Mutually exclude RX-FCS and RX-port-timestamp
     - net: stmmac: fix get_hw_feature() on old hardware
     - ethernet: s2io: fix setting mac address during resume
     - nfc: fix error handling of nfc_proto_register()
     - NFC: digital: fix possible memory leak in digital_tg_listen_mdaa()
     - NFC: digital: fix possible memory leak in digital_in_send_sdd_req()
     - [i386] pata_legacy: fix a couple uninitialized variable bugs
     - ata: ahci_platform: fix null-ptr-deref in
       ahci_platform_enable_regulators()
     - drm/edid: In connector_bad_edid() cap num_of_ext by num_blocks read
     - [arm64] drm/msm: Fix null pointer dereference on pointer edp
     - [arm64] drm/msm/mdp5: fix cursor-related warnings
     - [arm64] drm/msm/a6xx: Track current ctx by seqno
     - [arm64] drm/msm/dsi: Fix an error code in msm_dsi_modeset_init()
     - [arm64] drm/msm/dsi: fix off by one in dsi_bus_clk_enable error handling
     - [arm64] acpi/arm64: fix next_platform_timer() section mismatch error
     - [x86] platform/x86: intel_scu_ipc: Fix busy loop expiry time
     - mqprio: Correct stats in mqprio_dump_class_stats().
     - qed: Fix missing error code in qed_slowpath_start()
     - nfp: flow_offload: move flow_indr_dev_register from app init to app start
     - [arm64] net: mscc: ocelot: warn when a PTP IRQ is raised for an unknown
       skb
     - [arm64,armhf] net: dsa: mv88e6xxx: don't use PHY_DETECT on internal PHY's
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.76
     - xhci: add quirk for host controllers that don't update endpoint DCS
     - io_uring: fix splice_fd_in checks backport typo
     - [armhf] dts: vexpress-v2p-ca9: Fix the SMB unit-address
     - block: decode QUEUE_FLAG_HCTX_ACTIVE in debugfs output
     - [x86] xen/x86: prevent PVH type from getting clobbered
     - NFSD: Keep existing listeners on portlist error
     - netfilter: xt_IDLETIMER: fix panic that occurs when timer_type has garbage
       value
     - ice: fix getting UDP tunnel entry
     - netfilter: ip6t_rt: fix rt0_hdr parsing in rt_mt6
     - netfilter: ipvs: make global sysctl readonly in non-init netns
     - tcp: md5: Fix overlap between vrf and non-vrf keys
     - ipv6: When forwarding count rx stats on the orig netdev
     - [powerpc*] smp: do not decrement idle task preempt count in CPU offline
     - [arm64] net: hns3: reset DWRR of unused tc to zero
     - [arm64] net: hns3: add limit ets dwrr bandwidth cannot be 0
     - [arm64] net: hns3: schedule the polling again when allocation fails
     - [arm64] net: hns3: fix vf reset workqueue cannot exit
     - [arm64] net: hns3: disable sriov before unload hclge layer
     - net: stmmac: Fix E2E delay mechanism
     - e1000e: Fix packet loss on Tiger Lake and later
     - ice: Add missing E810 device ids
     - [arm64] net: enetc: fix ethtool counter name for PM0_TERR
     - can: peak_usb: pcan_usb_fd_decode_status(): fix back to ERROR_ACTIVE state
       notification
     - can: peak_pci: peak_pci_remove(): fix UAF
     - can: isotp: isotp_sendmsg(): fix return error on FC timeout on TX path
     - can: isotp: isotp_sendmsg(): add result check for
       wait_event_interruptible()
     - can: j1939: j1939_tp_rxtimer(): fix errant alert in j1939_tp_rxtimer
     - can: j1939: j1939_netdev_start(): fix UAF for rx_kref of j1939_priv
     - can: j1939: j1939_xtp_rx_dat_one(): cancel session if receive TP.DT with
       error length
     - can: j1939: j1939_xtp_rx_rts_session_new(): abort TP less than 9 bytes
     - ceph: skip existing superblocks that are blocklisted or shut down when
       mounting
     - ceph: fix handling of "meta" errors
     - ocfs2: fix data corruption after conversion from inline format
     - ocfs2: mount fails with buffer overflow in strlen
     - userfaultfd: fix a race between writeprotect and exit_mmap()
     - vfs: check fd has read access in kernel_read_file_from_fd()
     - ALSA: usb-audio: Provide quirk for Sennheiser GSP670 Headset
     - ALSA: hda/realtek: Add quirk for Clevo PC50HS
     - ASoC: DAPM: Fix missing kctl change notifications
     - audit: fix possible null-pointer dereference in audit_filter_rules
     - [powerpc*] powerpc64/idle: Fix SP offsets when saving GPRs
     - [powerpc*] KVM: PPC: Book3S HV: Fix stack handling in
       idle_kvm_start_guest()
     - [powerpc*] KVM: PPC: Book3S HV: Make idle_kvm_start_guest() return 0 if it
       went to guest (CVE-2021-43056)
     - [powerpc*] idle: Don't corrupt back chain when going idle
     - mm, slub: fix mismatch between reconstructed freelist depth and cnt
     - mm, slub: fix potential memoryleak in kmem_cache_open()
     - mm, slub: fix incorrect memcg slab count for bulk free
     - [x86] KVM: nVMX: promptly process interrupts delivered while in guest mode
     - nfc: nci: fix the UAF of rf_conn_info object (CVE-2021-3760)
     - isdn: cpai: check ctr->cnr to avoid array index out of bound
       (CVE-2021-43389)
     - [arm64] net: hns3: fix the max tx size according to user manual
     - ALSA: hda: intel: Allow repeatedly probing on codec configuration errors
     - btrfs: deal with errors when checking if a dir entry exists during log
       replay
     - net: stmmac: add support for dwmac 3.40a
     - isdn: mISDN: Fix sleeping function called from invalid context
     - [x86] platform/x86: intel_scu_ipc: Update timeout value in comment
     - ALSA: hda: avoid write to STATESTS if controller is in reset
     - [x86] perf/x86/msr: Add Sapphire Rapids CPU support
     - scsi: iscsi: Fix set_param() handling
     - scsi: qla2xxx: Fix a memory leak in an error path of qla2x00_process_els()
     - sched/scs: Reset the shadow stack when idle_task_exit
     - [arm64] net: hns3: fix for miscalculation of rx unused desc
     - scsi: core: Fix shost->cmd_per_lun calculation in scsi_add_host_with_dma()
     - can: isotp: isotp_sendmsg(): fix TX buffer concurrent access in
       isotp_sendmsg()
     - [s390x] pci: fix zpci_zdev_put() on reserve
     - net: mdiobus: Fix memory leak in __mdiobus_register
     - tracing: Have all levels of checks prevent recursion
     - e1000e: Separate TGP board type from SPT
     - [armhf] pinctrl: stm32: use valid pin identifier in stm32_pinctrl_resume()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.77
     - [armel,armhf] 9139/1: kprobes: fix arch_init_kprobes() prototype
     - io_uring: don't take uring_lock during iowq cancel
     - [powerpc*] bpf: Fix BPF_MOD when imm == 1
     - [arm64] Avoid premature usercopy failure
     - ext4: fix possible UAF when remounting r/o a mmp-protected file system
     - usbnet: sanity check for maxpacket
     - usbnet: fix error return code in usbnet_probe()
     - pinctrl: amd: disable and mask interrupts on probe
     - ata: sata_mv: Fix the error handling of mv_chip_id()
     - tipc: fix size validations for the MSG_CRYPTO type (CVE-2021-43267)
     - nfc: port100: fix using -ERRNO as command type mask
     - Revert "net: mdiobus: Fix memory leak in __mdiobus_register"
     - mmc: vub300: fix control-message timeouts
     - mmc: cqhci: clear HALT state after CQE enable
     - [armhf] mmc: dw_mmc: exynos: fix the finding clock sample value
     - mmc: sdhci: Map more voltage level to SDHCI_POWER_330
     - [arm64,armhf] mmc: sdhci-esdhc-imx: clear the buffer_read_ready to reset
       standard tuning circuit
     - ocfs2: fix race between searching chunks and release journal_head from
       buffer_head
     - nvme-tcp: fix H2CData PDU send accounting (again)
     - cfg80211: scan: fix RCU in cfg80211_add_nontrans_list()
     - cfg80211: fix management registrations locking
     - net: lan78xx: fix division by zero in send path
     - mm, thp: bail out early in collapse_file for writeback page
     - drm/ttm: fix memleak in ttm_transfered_destroy
     - drm/amdgpu: fix out of bounds write (CVE-2021-42327)
     - cgroup: Fix memory leak caused by missing cgroup_bpf_offline
     - tcp_bpf: Fix one concurrency problem in the tcp_bpf_send_verdict function
     - bpf: Fix potential race in tail call compatibility check
     - bpf: Fix error usage of map_fd and fdget() in generic_map_update_batch()
     - [amd64] IB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt
       fields
     - [amd64] IB/hfi1: Fix abba locking issue with sc_disable()
     - nvmet-tcp: fix data digest pointer calculation
     - nvme-tcp: fix data digest pointer calculation
     - nvme-tcp: fix possible req->offset corruption
     - RDMA/mlx5: Set user priority for DCT
     - [arm64] dts: allwinner: h5: NanoPI Neo 2: Fix ethernet node
     - regmap: Fix possible double-free in regcache_rbtree_exit()
     - net: batman-adv: fix error handling
     - net-sysfs: initialize uid and gid before calling net_ns_get_ownership
     - cfg80211: correct bridge/4addr mode check
     - net: Prevent infinite while loop in skb_tx_hash()
     - RDMA/sa_query: Use strscpy_pad instead of memcpy to copy a string
     - net: ethernet: microchip: lan743x: Fix driver crash when lan743x_pm_resume
       fails
     - net: ethernet: microchip: lan743x: Fix dma allocation failure by using
       dma_set_mask_and_coherent
     - phy: phy_ethtool_ksettings_get: Lock the phy for consistency
     - phy: phy_ethtool_ksettings_set: Move after phy_start_aneg
     - phy: phy_start_aneg: Add an unlocked version
     - phy: phy_ethtool_ksettings_set: Lock the PHY while changing settings
     - sctp: use init_tag from inithdr for ABORT chunk (CVE-2021-3772)
     - sctp: fix the processing for INIT_ACK chunk (CVE-2021-3772)
     - sctp: fix the processing for COOKIE_ECHO chunk (CVE-2021-3772)
     - sctp: add vtag check in sctp_sf_violation (CVE-2021-3772)
     - sctp: add vtag check in sctp_sf_do_8_5_1_E_sa (CVE-2021-3772)
     - sctp: add vtag check in sctp_sf_ootb (CVE-2021-3772)
     - lan743x: fix endianness when accessing descriptors
     - [s390x] KVM: clear kicked_mask before sleeping again
     - [s390x] KVM: preserve deliverable_mask in __airqs_kick_single_vcpu
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.78
     - scsi: core: Put LLD module refcnt after SCSI device is released
     - Revert "io_uring: reinforce cancel on flush during exit"
     - sfc: Fix reading non-legacy supported link modes
     - vrf: Revert "Reset skb conntrack connection..."
     - net: ethernet: microchip: lan743x: Fix skb allocation failure
     - media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt()
       (CVE-2021-42739)
     - Revert "xhci: Set HCD flag to defer primary roothub registration"
     - Revert "usb: core: hcd: Add support for deferring roothub registration"
     - mm: khugepaged: skip huge page collapse for special files
     - Revert "drm/ttm: fix memleak in ttm_transfered_destroy"
     - [arm*] 9120/1: Revert "amba: make use of -1 IRQs warn"
     - [arm64] Revert "wcn36xx: Disable bmps when encryption is disabled"
     - ALSA: usb-audio: Add Schiit Hel device to mixer map quirk table
     - ALSA: usb-audio: Add Audient iD14 to mixer map quirk table
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.79
     - [x86] Revert "x86/kvm: fix vcpu-id indexed array sizes"
     - [arm64,armhf] usb: musb: Balance list entry in musb_gadget_queue
     - usb-storage: Add compatibility quirk flags for iODD 2531/2541
     - [arm*] binder: don't detect sender/target during buffer cleanup
     - printk/console: Allow to disable console output by using console="" or
       console=null
     - staging: rtl8712: fix use-after-free in rtl8712_dl_fw
     - isofs: Fix out of bound access for corrupted isofs image
     - [x86] comedi: dt9812: fix DMA buffers on stack
     - [x86] comedi: ni_usb6501: fix NULL-deref in command paths
     - [x86] comedi: vmk80xx: fix transfer-buffer overflows
     - [x86] comedi: vmk80xx: fix bulk-buffer overflow
     - [x86] comedi: vmk80xx: fix bulk and interrupt message timeouts
     - staging: r8712u: fix control-message timeout
     - [x86] staging: rtl8192u: fix control-message timeouts
     - rsi: fix control-message timeout
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.80
     - xhci: Fix USB 3.1 enumeration issues by increasing roothub power-on-good
       delay
     - usb: xhci: Enable runtime-pm by default on AMD Yellow Carp platform
     - [arm*] binder: use euid from cred instead of using task
     - [arm*] binder: use cred instead of task for selinux checks
     - [arm*] binder: use cred instead of task for getsecid
     - Input: iforce - fix control-message timeout
     - Input: elantench - fix misreporting trackpoint coordinates
       (Closes: #989285)
     - libata: fix read log timeout value
     - ocfs2: fix data corruption on truncate
     - scsi: core: Remove command size deduction from scsi_setup_scsi_cmnd()
     - scsi: qla2xxx: Fix kernel crash when accessing port_speed sysfs file
     - scsi: qla2xxx: Fix use after free in eh_abort path
     - [arm64,armhf] mmc: dw_mmc: Dont wait for DRTO on Write RSP error
     - exfat: fix incorrect loading of i_blocks for large files
     - tpm: Check for integer overflow in tpm2_map_response_body()
     - media: ite-cir: IR receiver stop working after receive overflow
       (Closes: #996672)
     - media: ir-kbd-i2c: improve responsiveness of hauppauge zilog receivers
       (Closes: #994050)
     - media: v4l2-ioctl: Fix check_ext_ctrls
     - ALSA: hda/realtek: Fix mic mute LED for the HP Spectre x360 14
     - ALSA: hda/realtek: Add a quirk for HP OMEN 15 mute LED
     - ALSA: hda/realtek: Add quirk for Clevo PC70HS
     - ALSA: hda/realtek: Headset fixup for Clevo NH77HJQ
     - ALSA: hda/realtek: Add a quirk for Acer Spin SP513-54N
     - ALSA: hda/realtek: Add quirk for ASUS UX550VE
     - ALSA: hda/realtek: Add quirk for HP EliteBook 840 G7 mute LED
     - ALSA: ua101: fix division by zero at probe
     - ALSA: 6fire: fix control and bulk message timeouts
     - ALSA: line6: fix control and interrupt message timeouts
     - ALSA: usb-audio: Line6 HX-Stomp XL USB_ID for 48k-fixed quirk
     - ALSA: usb-audio: Add registration quirk for JBL Quantum 400
     - ALSA: hda: Free card instance properly at probe errors
     - ALSA: synth: missing check for possible NULL after the call to kstrdup
     - ALSA: timer: Fix use-after-free problem
     - ALSA: timer: Unconditionally unlink slave instances, too
     - ext4: fix lazy initialization next schedule time computation in more
       granular unit
     - ext4: ensure enough credits in ext4_ext_shift_path_extents
     - ext4: refresh the ext4_ext_path struct after dropping i_data_sem.
     - fuse: fix page stealing
     - [x86] cpu: Fix migration safety with X86_BUG_NULL_SEL
     - [x86] irq: Ensure PI wakeup handler is unregistered before module unload
     - ASoC: soc-core: fix null-ptr-deref in snd_soc_del_component_unlocked()
     - ALSA: hda/realtek: Fixes HP Spectre x360 15-eb1xxx speakers
     - [arm64] cavium: Return negative value when pci_alloc_irq_vectors() fails
     - scsi: qla2xxx: Return -ENOMEM if kzalloc() fails
     - scsi: qla2xxx: Fix unmap of already freed sgl
     - mISDN: Fix return values of the probe function
     - [arm64] cavium: Fix return values of the probe function
     - sfc: Export fibre-specific supported link modes
     - sfc: Don't use netif_info before net_device setup
     - [armhf] reset: socfpga: add empty driver allowing consumers to probe
     - drm: panel-orientation-quirks: Add quirk for Aya Neo 2021
     - bpf: Define bpf_jit_alloc_exec_limit for arm64 JIT
     - bpf: Prevent increasing bpf_jit_limit above max
     - xen/netfront: stop tx queues during live migration
     - nvmet-tcp: fix a memory leak when releasing a queue
     - [armhf] spi: spl022: fix Microwire full duplex mode
     - net: multicast: calculate csum of looped-back and forwarded packets
     - [armhf] watchdog: Fix OMAP watchdog early handling
     - drm: panel-orientation-quirks: Add quirk for GPD Win3
     - block: schedule queue restart after BLK_STS_ZONE_RESOURCE
     - nvmet-tcp: fix header digest verification
     - r8169: Add device 10ec:8162 to driver r8169
     - [x86] vmxnet3: do not stop tx queues after netif_device_detach()
     - nfp: bpf: relax prog rejection for mtu check through max_pkt_offset
     - net/smc: Fix smc_link->llc_testlink_time overflow
     - net/smc: Correct spelling mistake to TCPF_SYN_RECV
     - rds: stop using dmapool
     - btrfs: clear MISSING device status bit in btrfs_close_one_device
     - btrfs: fix lost error handling when replaying directory deletes
     - btrfs: call btrfs_check_rw_degradable only if there is a missing device
     - [x86] KVM: VMX: Unregister posted interrupt wakeup handler on hardware
       unsetup
     - selinux: fix race condition when computing ocontext SIDs
     - [armhf] regulator: s5m8767: do not use reset value as DVS voltage if GPIO
       DVS is disabled
     - [amd64] EDAC/sb_edac: Fix top-of-high-memory value for Broadwell/Haswell
     - [x86] mwifiex: fix division by zero in fw download path
     - ath6kl: fix division by zero in send path
     - ath6kl: fix control-message timeout
     - ath10k: fix control-message timeout
     - ath10k: fix division by zero in send path
     - PCI: Mark Atheros QCA6174 to avoid bus reset
     - rtl8187: fix control-message timeouts
     - [arm64] wcn36xx: Fix HT40 capability for 2Ghz band
     - [arm64] wcn36xx: Fix tx_status mechanism
     - [arm64] wcn36xx: Fix (QoS) null data frame bitrate/modulation
     - PM: sleep: Do not let "syscore" devices runtime-suspend during system
       transitions
     - mwifiex: Read a PCI register after writing the TX ring write pointer
     - mwifiex: Try waking the firmware until we get an interrupt
     - libata: fix checking of DMA state
     - [arm64] wcn36xx: handle connection loss indication
     - rsi: fix occasional initialisation failure with BT coex
     - rsi: fix key enabled check causing unwanted encryption for vap_id > 0
     - rsi: fix rate mask set leading to P2P failure
     - rsi: Fix module dev_oper_mode parameter description
     - [x86] perf/x86/intel/uncore: Support extra IMC channel on Ice Lake server
     - [x86] perf/x86/intel/uncore: Fix Intel ICX IIO event constraints
     - RDMA/qedr: Fix NULL deref for query_qp on the GSI QP
     - signal: Remove the bogus sigkill_pending in ptrace_stop
     - [mips*] signal/mips: Update (_save|_restore)_fp_context to fail with
       -EFAULT
     - [arm64] soc: fsl: dpio: replace smp_processor_id with raw_smp_processor_id
     - [arm64] soc: fsl: dpio: use the combined functions to protect critical
       zone
     - [x86] power: supply: max17042_battery: Prevent int underflow in
       set_soc_threshold
     - [x86] power: supply: max17042_battery: use VFSOC for capacity when no rsns
     - [arm64] KVM: arm64: Extract ESR_ELx.EC only
     - [x86] KVM: nVMX: Query current VMCS when determining if MSR bitmaps are in
       use
     - can: j1939: j1939_tp_cmd_recv(): ignore abort message in the BAM transport
     - can: j1939: j1939_can_recv(): ignore messages with invalid source address
     - ring-buffer: Protect ring_buffer_reset() from reentrancy
     - serial: core: Fix initializing and restoring termios speed
     - ifb: fix building without CONFIG_NET_CLS_ACT
     - ALSA: mixer: oss: Fix racy access to slots
     - ALSA: mixer: fix deadlock in snd_mixer_oss_set_volume
     - xen/balloon: add late_initcall_sync() for initial ballooning done
     - ovl: fix use after free in struct ovl_aio_req
     - [arm*] PCI: pci-bridge-emul: Fix emulation of W1C bits
     - [arm64] PCI: aardvark: Do not clear status bits of masked interrupts
     - [arm64] PCI: aardvark: Fix checking for link up via LTSSM state
     - [arm64] PCI: aardvark: Do not unmask unused interrupts
     - [arm64] PCI: aardvark: Fix reporting Data Link Layer Link Active
     - [arm64] PCI: aardvark: Fix configuring Reference clock
     - [arm64] PCI: aardvark: Fix return value of MSI domain .alloc() method
     - [arm64] PCI: aardvark: Read all 16-bits from PCIE_MSI_PAYLOAD_REG
     - [arm64] PCI: aardvark: Fix support for bus mastering and PCI_COMMAND on
       emulated bridge
     - [arm64] PCI: aardvark: Fix support for PCI_BRIDGE_CTL_BUS_RESET on
       emulated bridge
     - [arm64] PCI: aardvark: Set PCI Bridge Class Code to PCI Bridge
     - [arm64] PCI: aardvark: Fix support for PCI_ROM_ADDRESS1 on emulated bridge
     - quota: check block number when reading the block in quota file
     - quota: correct error number in free_dqentry()
     - pinctrl: core: fix possible memory leak in pinctrl_enable()
     - iio: dac: ad5446: Fix ad5622_write() return value
     - iio: ad5770r: make devicetree property reading consistent
     - USB: serial: keyspan: fix memleak on probe errors
     - serial: 8250: fix racy uartclk update
     - USB: iowarrior: fix control-message timeouts
     - [arm64,armhf] USB: chipidea: fix interrupt deadlock
     - [x86] power: supply: max17042_battery: Clear status bits in interrupt
       handler
     - dma-buf: WARN on dmabuf release with pending attachments
     - drm: panel-orientation-quirks: Update the Lenovo Ideapad D330 quirk (v2)
     - drm: panel-orientation-quirks: Add quirk for KD Kurio Smart C15200 2-in-1
     - drm: panel-orientation-quirks: Add quirk for the Samsung Galaxy Book 10.6
     - Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg()
       (CVE-2021-3640)
     - Bluetooth: fix use-after-free error in lock_sock_nested()
     - drm/panel-orientation-quirks: add Valve Steam Deck
     - [x86] platform/x86: wmi: do not fail if disabling fails
     - locking/lockdep: Avoid RCU-induced noinstr fail
     - net: sched: update default qdisc visibility after Tx queue cnt changes
     - rcu-tasks: Move RTGS_WAIT_CBS to beginning of rcu_tasks_kthread() loop
     - ath11k: Align bss_chan_info structure with firmware
     - [x86] Increase exception stack sizes
     - mwifiex: Run SET_BSS_MODE when changing from P2P to STATION vif-type
     - mwifiex: Properly initialize private structure on interface type changes
     - fscrypt: allow 256-bit master keys with AES-256-XTS
     - drm/amdgpu: Fix MMIO access page fault
     - ath11k: Avoid reg rules update during firmware recovery
     - ath11k: add handler for scan event WMI_SCAN_EVENT_DEQUEUED
     - ath11k: Change DMA_FROM_DEVICE to DMA_TO_DEVICE when map reinjected
       packets
     - ath10k: high latency fixes for beacon buffer
     - media: netup_unidvb: handle interrupt properly according to the firmware
     - media: uvcvideo: Set capability in s_param
     - media: uvcvideo: Return -EIO for control errors
     - media: uvcvideo: Set unique vdev name based in type
     - [armhf] media: imx: set a media_device bus_info string
     - media: mceusb: return without resubmitting URB in case of -EPROTO error.
     - rtw88: fix RX clock gate setting while fifo dump
     - brcmfmac: Add DMI nvram filename quirk for Cyberbook T116 tablet
     - ipmi: Disable some operations during a panic
     - fs/proc/uptime.c: Fix idle time reporting in /proc/uptime
     - ACPICA: Avoid evaluating methods too early during system resume
     - media: usb: dvd-usb: fix uninit-value bug in dibusb_read_eeprom_byte()
     - net-sysfs: try not to restart the syscall if it will fail eventually
     - tracefs: Have tracefs directories not set OTH permission bits by default
     - ath: dfs_pattern_detector: Fix possible null-pointer dereference in
       channel_detector_create()
     - iov_iter: Fix iov_iter_get_pages{,_alloc} page fault return value
     - ACPI: battery: Accept charges over the design capacity as full
     - net: phy: micrel: make *-skew-ps check more lenient
     - [arm64] drm/msm: prevent NULL dereference in msm_gpu_crashstate_capture()
     - block: bump max plugged deferred size from 16 to 32
     - md: update superblock after changing rdev flags in state_store
     - memstick: r592: Fix a UAF bug when removing the driver
     - lib/xz: Avoid overlapping memcpy() with invalid input with in-place
       decompression
     - lib/xz: Validate the value before assigning it to an enum variable
     - workqueue: make sysfs of unbound kworker cpumask more clever
     - mwl8k: Fix use-after-free in mwl8k_fw_state_machine()
     - block: remove inaccurate requeue check
     - nvmet: fix use-after-free when a port is removed
     - nvmet-rdma: fix use-after-free when a port is removed
     - nvmet-tcp: fix use-after-free when a port is removed
     - nvme: drop scan_lock and always kick requeue list when removing namespaces
     - PM: hibernate: Get block device exclusively in swsusp_check()
     - iwlwifi: mvm: disable RX-diversity in powersave
     - gre/sit: Don't generate link-local addr if addr_gen_mode is
       IN6_ADDR_GEN_MODE_NONE
     - gfs2: Cancel remote delete work asynchronously
     - gfs2: Fix glock_hash_walk bugs
     - vrf: run conntrack only in context of lower/physdev for locally generated
       packets
     - net: annotate data-race in neigh_output()
     - ACPI: AC: Quirk GK45 to skip reading _PSR
     - btrfs: reflink: initialize return value to 0 in btrfs_extent_same()
     - btrfs: do not take the uuid_mutex in btrfs_rm_device
     - [arm64] wcn36xx: Correct band/freq reporting on RX
     - [x86] hyperv: Protect set_hv_tscchange_cb() against getting preempted
     - drm/amd/display: dcn20_resource_construct reduce scope of FPU enabled
     - task_stack: Fix end_of_stack() for architectures with upwards-growing
       stack
     - erofs: don't trigger WARN() when decompression fails
     - netfilter: conntrack: set on IPS_ASSURED if flows enters internal stream
       state
     - Bluetooth: fix init and cleanup of sco_conn.timeout_work
     - rcu: Fix existing exp request check in sync_sched_exp_online_cleanup()
     - objtool: Add xen_start_kernel() to noreturn list
     - [x86] xen: Mark cpu_bringup_and_idle() as dead_end_function
     - objtool: Fix static_call list generation
     - virtio-gpu: fix possible memory allocation failure
     - lockdep: Let lock_is_held_type() detect recursive read as read
     - net: net_namespace: Fix undefined member in key_remove_domain()
     - cgroup: Make rebind_subsystems() disable v2 controllers all at once
     - [arm64] wcn36xx: Fix Antenna Diversity Switching
     - Bluetooth: btmtkuart: fix a memleak in mtk_hci_wmt_sync
     - [arm64] crypto: caam - disable pkc for non-E SoCs
     - rxrpc: Fix _usecs_to_jiffies() by using usecs_to_jiffies()
     - ath11k: fix some sleeping in atomic bugs
     - ath11k: Avoid race during regd updates
     - ath11k: fix packet drops due to incorrect 6 GHz freq value in rx status
     - ath11k: Fix memory leak in ath11k_qmi_driver_event_work
     - ath10k: Fix missing frame timestamp for beacon/probe-resp
     - ath10k: sdio: Add missing BH locking around napi_schdule()
     - drm/ttm: stop calling tt_swapin in vm_access
     - [arm64] mm: update max_pfn after memory hotplug
     - drm/amdgpu: fix warning for overflow check
     - media: em28xx: add missing em28xx_close_extension
     - media: dvb-usb: fix ununit-value in az6027_rc_query
     - media: v4l2-ioctl: S_CTRL output the right value
     - media: si470x: Avoid card name truncation
     - [x86] media: tm6000: Avoid card name truncation
     - media: cx23885: Fix snd_card_free call on null card pointer
     - kprobes: Do not use local variable when creating debugfs file
     - cpuidle: Fix kobject memory leaks in error paths
     - media: em28xx: Don't use ops->suspend if it is NULL
     - ath9k: Fix potential interrupt storm on queue reset
     - PM: EM: Fix inefficient states detection
     - [amd64] EDAC/amd64: Handle three rank interleaving mode
     - rcu: Always inline rcu_dynticks_task*_{enter,exit}()
     - netfilter: nft_dynset: relax superfluous check on set updates
     - [x86] crypto: qat - detect PFVF collision after ACK
     - [x86] crypto: qat - disregard spurious PFVF interrupts
     - b43legacy: fix a lower bounds test
     - b43: fix a lower bounds test
     - [amd64] gve: Recover from queue stall due to missed IRQ
     - [armhf] mmc: sdhci-omap: Fix NULL pointer exception if regulator is not
       configured
     - [armhf] mmc: sdhci-omap: Fix context restore
     - memstick: jmb38x_ms: use appropriate free function in
       jmb38x_ms_alloc_host()
     - net, neigh: Fix NTF_EXT_LEARNED in combination with NTF_USE
     - hwmon: Fix possible memleak in __hwmon_device_register()
     - ath10k: fix max antenna gain unit
     - kernel/sched: Fix sched_fork() access an invalid sched_task_group
     - tcp: switch orphan_count to bare per-cpu counters
     - [arm64] drm/msm: potential error pointer dereference in init()
     - [arm64] drm/msm: uninitialized variable in msm_gem_import()
     - net: stream: don't purge sk_error_queue in sk_stream_kill_queues()
     - [x86] platform/x86: thinkpad_acpi: Fix bitwise vs. logical warning
     - mt76: mt76x02: fix endianness warnings in mt76x02_mac.c
     - rsi: stop thread firstly in rsi_91x_init() error handling
     - mwifiex: Send DELBA requests according to spec
     - [arm64] net: enetc: unmap DMA in enetc_send_cmd()
     - phy: micrel: ksz8041nl: do not use power down mode
     - nvme-rdma: fix error code in nvme_rdma_setup_ctrl
     - PM: hibernate: fix sparse warnings
     - [arm64] drm/msm: Fix potential NULL dereference in DPU SSPP
     - bpftool: Avoid leaking the JSON writer prepared for program metadata
     - [s390x] gmap: don't unconditionally call pte_unmap_unlock() in
       __gmap_zap()
     - [s390x] KVM: pv: avoid double free of sida page
     - [s390x] KVM: pv: avoid stalls for kvm_s390_pv_init_vm
     - tpm: fix Atmel TPM crash caused by too frequent queries
     - tpm_tis_spi: Add missing SPI ID
     - tcp: don't free a FIN sk_buff in tcp_remove_empty_skb()
     - [s390x] KVM: Fix handle_sske page fault handling
     - libertas_tf: Fix possible memory leak in probe and disconnect
     - libertas: Fix possible memory leak in probe and disconnect
     - [arm64] wcn36xx: add proper DMA memory barriers in rx path
     - [arm64] wcn36xx: Fix discarded frames due to wrong sequence number
     - drm/amdgpu/gmc6: fix DMA mask from 44 to 40 bits
     - [amd64,arm64] net: amd-xgbe: Toggle PLL settings during rate change
     - net: phylink: avoid mvneta warning when setting pause parameters
     - crypto: pcrypt - Delay write to padata->info
     - udp6: allow SO_MARK ctrl msg to affect routing
     - cgroup: Fix rootcg cpu.stat guest double counting
     - bpf: Fix propagation of bounds from 64-bit min/max into 32-bit and
       var_off.
     - bpf: Fix propagation of signed bounds from 64-bit min/max into 32-bit.
     - iio: st_sensors: Call st_sensors_power_enable() from bus drivers
     - iio: st_sensors: disable regulators after device unregistration
     - RDMA/bnxt_re: Fix query SRQ failure
     - [arm64] dts: meson-g12a: Fix the pwm regulator supply properties
     - [armhf] bus: ti-sysc: Fix timekeeping_suspended warning on resume
     - scsi: dc395: Fix error case unwinding
     - JFS: fix memleak in jfs_mount
     - ALSA: hda: Reduce udelay() at SKL+ position reporting
     - ALSA: hda: Release controller display power during shutdown/reboot
     - ALSA: hda: Fix hang during shutdown due to link reset
     - ALSA: hda: Use position buffer for SKL+ again
     - soundwire: debugfs: use controller id and link_id for debugfs
     - scsi: pm80xx: Fix misleading log statement in pm8001_mpi_get_nvmd_resp()
     - driver core: Fix possible memory leak in device_link_add()
     - [x86] ASoC: SOF: topology: do not power down primary core during topology
       removal
     - [arm64,armhf] soc/tegra: Fix an error handling path in
       tegra_powergate_power_up()
     - [powerpc*] Refactor is_kvm_guest() declaration to new header
     - [powerpc*] Rename is_kvm_guest() to check_kvm_guest()
     - [powerpc*] Reintroduce is_kvm_guest() as a fast-path check
     - [powerpc*] Fix is_kvm_guest() / kvm_para_available()
     - [powerpc*] fix unbalanced node refcount in check_kvm_guest()
     - serial: 8250_dw: Drop wrong use of ACPI_PTR()
     - scsi: csiostor: Uninitialized data in csio_ln_vnp_read_cbfn()
     - RDMA/mlx4: Return missed an error if device doesn't support steering
     - iio: adis: do not disabe IRQs in 'adis_init()'
     - scsi: ufs: Refactor ufshcd_setup_clocks() to remove skip_ref_clk
     - [arm64,armhf] serial: imx: fix detach/attach of serial console
     - [arm*] usb: dwc2: drd: fix dwc2_force_mode call in dwc2_ovr_init
     - [arm*] usb: dwc2: drd: fix dwc2_drd_role_sw_set when clock could be
       disabled
     - [arm*] usb: dwc2: drd: reset current session before setting the new one
     - [arm64] firmware: qcom_scm: Fix error retval in
       __qcom_scm_is_call_available()
     - [arm64] phy: qcom-qusb2: Fix a memory leak on probe
     - [armhf] phy: ti: gmii-sel: check of_get_address() for failure
     - [arm64] serial: xilinx_uartps: Fix race condition causing stuck TX
     - HID: u2fzero: clarify error check and length calculations
     - HID: u2fzero: properly handle timeouts in usb_submit_urb
     - virtio_ring: check desc == NULL when using indirect with packed
     - [mips*] cm: Convert to bitfield API to fix out-of-bounds access
     - apparmor: fix error check
     - rpmsg: Fix rpmsg_create_ept return when RPMSG config is not defined
     - nfsd: don't alloc under spinlock in rpc_parse_scope_id
     - NFS: Fix dentry verifier races
     - pnfs/flexfiles: Fix misplaced barrier in nfs4_ff_layout_prepare_ds
     - drm/plane-helper: fix uninitialized variable reference
     - [arm64] PCI: aardvark: Don't spam about PIO Response Status
     - [arm64] PCI: aardvark: Fix preserving PCI_EXP_RTCTL_CRSSVE flag on
       emulated bridge
     - opp: Fix return in _opp_add_static_v2()
     - NFS: Fix deadlocks in nfs_scan_commit_list()
     - fs: orangefs: fix error return code of orangefs_revalidate_lookup()
     - [arm64] mtd: spi-nor: hisi-sfc: Remove excessive clk_disable_unprepare()
     - mtd: core: don't remove debugfs directory if device is in use
     - [armhf] remoteproc: Fix a memory leak in an error handling path in
       'rproc_handle_vdev()'
     - NFS: Fix up commit deadlocks
     - NFS: Fix an Oops in pnfs_mark_request_commit()
     - Fix user namespace leak
     - [arm64] soc: fsl: dpaa2-console: free buffer before returning from
       dpaa2_console_read
     - netfilter: nfnetlink_queue: fix OOB when mac header was cleared
     - [x86] watchdog: f71808e_wdt: fix inaccurate report in WDIOC_GETTIMEOUT
     - scsi: qla2xxx: Changes to support FCP2 Target
     - scsi: qla2xxx: Relogin during fabric disturbance
     - scsi: qla2xxx: Fix gnl list corruption
     - scsi: qla2xxx: Turn off target reset during issue_lip
     - NFSv4: Fix a regression in nfs_set_open_stateid_locked()
     - xen-pciback: Fix return in pm_ctrl_init()
     - [armhf] net: davinci_emac: Fix interrupt pacing disable
     - ethtool: fix ethtool msg len calculation for pause stats
     - net: vlan: fix a UAF in vlan_dev_real_dev()
     - ice: Fix replacing VF hardware MAC to existing MAC filter
     - ice: Fix not stopping Tx queues for VFs
     - [x86] ACPI: PMIC: Fix intel_pmic_regs_handler() read accesses
     - net: phy: fix duplex out of sync problem while changing settings
     - bonding: Fix a use-after-free problem when bond_sysfs_slave_add() failed
     - mfd: core: Add missing of_node_put for loop iteration
     - mm/zsmalloc.c: close race window between zs_pool_dec_isolated() and
       zs_unregister_migration()
     - zram: off by one in read_block_state()
     - llc: fix out-of-bound array index in llc_sk_dev_hash()
     - nfc: pn533: Fix double free when pn533_fill_fragment_skbs() fails
     - [arm64] pgtable: make __pte_to_phys/__phys_to_pte_val inline functions
     - bpf, sockmap: Remove unhash handler for BPF sockmap usage
     - bpf: sockmap, strparser, and tls are reusing qdisc_skb_cb and colliding
     - [amd64] gve: Fix off by one in gve_tx_timeout()
     - seq_file: fix passing wrong private data
     - net/sched: sch_taprio: fix undefined behavior in ktime_mono_to_any
     - [arm64] net: hns3: fix kernel crash when unload VF while it is being reset
     - [arm64] net: hns3: allow configure ETS bandwidth of all TCs
     - net: stmmac: allow a tc-taprio base-time of zero
     - vsock: prevent unnecessary refcnt inc for nonblocking connect
     - net/smc: fix sk_refcnt underflow on linkdown and fallback
     - cxgb4: fix eeprom len when diagnostics not implemented
     - [armel,armhf] 9155/1: fix early early_iounmap()
     - [armhf] 9156/1: drop cc-option fallbacks for architecture selection
     - [x86] mce: Add errata workaround for Skylake SKX37
     - posix-cpu-timers: Clear task::posix_cputimers_work in copy_process()
     - f2fs: should use GFP_NOFS for directory inodes
     - net, neigh: Enable state migration between NUD_PERMANENT and NTF_USE
     - 9p/net: fix missing error check in p9_check_errors
     - memcg: prohibit unconditional exceeding the limit of dying tasks
     - [powerpc*] lib: Add helper to check if offset is within conditional branch
       range
     - [powerpc*] bpf: Validate branch ranges
     - [powerpc*] security: Add a helper to query stf_barrier type
     - [powerpc*] bpf: Emit stf barrier instruction sequences for BPF_NOSPEC
     - mm, oom: pagefault_out_of_memory: don't force global OOM for dying tasks
     - mm, oom: do not trigger out_of_memory from the #PF
     - video: backlight: Drop maximum brightness override for brightness zero
     - [s390x] cio: check the subchannel validity for dev_busid
     - [s390x] tape: fix timer initialization in tape_std_assign()
     - [s390x] ap: Fix hanging ioctl caused by orphaned replies
     - [s390x] cio: make ccw_device_dma_* more robust
     - [powerpc*] powernv/prd: Unregister OPAL_MSG_PRD2 notifier during module
       unload
     - [arm64,armhf] drm/sun4i: Fix macros in sun8i_csc.h
     - PCI: Add PCI_EXP_DEVCTL_PAYLOAD_* macros
     - [arm64] PCI: aardvark: Fix PCIe Max Payload Size setting
     - SUNRPC: Partial revert of commit 6f9f17287e78
     - ath10k: fix invalid dma_addr_t token assignment
     - arch/cc: Introduce a function to check for confidential computing features
     - [arm64,armhf] soc/tegra: pmc: Fix imbalanced clock disabling in error code
       path
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.81
     - block: Add a helper to validate the block size
     - loop: Use blk_validate_block_size() to validate block size
     - bootconfig: init: Fix memblock leak in xbc_make_cmdline()
     - net: stmmac: add clocks management for gmac driver
     - net: stmmac: fix missing unlock on error in stmmac_suspend()
     - net: stmmac: fix system hang if change mac address after interface ifdown
     - net: stmmac: fix issue where clk is being unprepared twice
     - [arm64,armhf] net: stmmac: dwmac-rk: fix unbalanced pm_runtime_enable
       warnings
     - [x86] iopl: Fake iopl(3) CLI/STI usage
     - PCI/MSI: Destroy sysfs before freeing entries
     - PCI/MSI: Deal with devices lying about their MSI mask capability
     - PCI: Add MSI masking quirk for Nvidia ION AHCI
     - erofs: remove the occupied parameter from z_erofs_pagevec_enqueue()
     - erofs: fix unsafe pagevec reuse of hooked pclusters
     - scripts/lld-version.sh: Rewrite based on upstream ld-version.sh
     - perf/core: Avoid put_page() when GUP fails
     - thermal: Fix NULL pointer dereferences in of_thermal_ functions
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.82
     - [arm64] zynqmp: Do not duplicate flash partition label property
     - [arm64] zynqmp: Fix serial compatible string
     - scsi: lpfc: Fix list_add() corruption in lpfc_drain_txq()
     - [armhf] bus: ti-sysc: Add quirk handling for reinit on context lost
     - [armhf] bus: ti-sysc: Use context lost quirk for otg
     - [armhf] usb: musb: tusb6010: check return value after calling
       platform_get_resource()
     - [x86] usb: typec: tipd: Remove WARN_ON in tps6598x_block_read
     - staging: rtl8723bs: remove possible deadlock when disconnect (v2)
     - [x86] ASoC: SOF: Intel: hda-dai: fix potential locking issue
     - [armhf] clk: imx: imx6ul: Move csi_sel mux to correct base register
     - [x86] ASoC: nau8824: Add DMI quirk mechanism for active-high jack-detect
     - scsi: advansys: Fix kernel pointer leak
     - ALSA: intel-dsp-config: add quirk for APL/GLK/TGL devices based on ES8336
       codec
     - firmware_loader: fix pre-allocated buf built-in firmware use
     - tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc
     - scsi: scsi_debug: Fix out-of-bound read in resp_readcap16()
     - scsi: scsi_debug: Fix out-of-bound read in resp_report_tgtpgs()
     - scsi: target: Fix ordered tag handling
     - scsi: target: Fix alua_tg_pt_gps_count tracking
     - iio: imu: st_lsm6dsx: Avoid potential array overflow in
       st_lsm6dsx_set_odr()
     - [i386] ALSA: gus: fix null pointer dereference on pointer block
     - maple: fix wrong return value of maple_bus_init().
     - f2fs: fix up f2fs_lookup tracepoints
     - f2fs: fix to use WHINT_MODE
     - f2fs: compress: disallow disabling compress on non-empty compressed file
     - f2fs: fix incorrect return value in f2fs_sanity_check_ckpt()
     - [armhf] clk/ast2600: Fix soc revision for AHB
     - [arm64] clk: qcom: gcc-msm8996: Drop (again) gcc_aggre1_pnoc_ahb_clk
     - sched/core: Mitigate race cpus_share_cache()/update_top_cache_domain()
     - [x86] perf/x86/vlbr: Add c->flags to vlbr event constraints
     - blkcg: Remove extra blkcg_bio_issue_init
     - perf bpf: Avoid memory leak from perf_env__insert_btf()
     - perf bench futex: Fix memory leak of perf_cpu_map__new()
     - perf tests: Remove bash construct from record+zstd_comp_decomp.sh
     - drm/nouveau: hdmigv100.c: fix corrupted HDMI Vendor InfoFrame
     - net-zerocopy: Copy straggler unaligned data for TCP Rx. zerocopy.
     - net-zerocopy: Refactor skb frag fast-forward op.
     - tcp: Fix uninitialized access in skb frags array for Rx 0cp.
     - tracing: Add length protection to histogram string copies
     - bnxt_en: reject indirect blk offload when hw-tc-offload is off
     - tipc: only accept encrypted MSG_CRYPTO msgs
     - net: reduce indentation level in sk_clone_lock()
     - sock: fix /proc/net/sockstat underflow in sk_clone_lock()
     - net/smc: Make sure the link_id is unique
     - iavf: Fix return of set the new channel count
     - iavf: check for null in iavf_fix_features
     - iavf: free q_vectors before queues in iavf_disable_vf
     - iavf: Fix failure to exit out from last all-multicast mode
     - iavf: prevent accidental free of filter structure
     - iavf: validate pointers
     - iavf: Fix for the false positive ASQ/ARQ errors while issuing VF reset
     - iavf: Fix for setting queues to 0
     - [x86] platform/x86: hp_accel: Fix an error handling path in
       'lis3lv02d_probe()'
     - net/mlx5e: nullify cq->dbg pointer in mlx5_debug_cq_remove()
     - net/mlx5: Lag, update tracker when state change event received
     - net/mlx5: E-Switch, Change mode lock from mutex to rw semaphore
     - net/mlx5: E-Switch, return error if encap isn't supported
     - scsi: core: sysfs: Fix hang when device state is set via sysfs
     - net: sched: act_mirred: drop dst for the direction from egress to ingress
     - [arm64] net: dpaa2-eth: fix use-after-free in dpaa2_eth_remove
     - net: virtio_net_hdr_to_skb: count transport header in UFO
     - i40e: Fix correct max_pkt_size on VF RX queue
     - i40e: Fix NULL ptr dereference on VSI filter sync
     - i40e: Fix changing previously set num_queue_pairs for PFs
     - i40e: Fix ping is lost after configuring ADq on VF
     - i40e: Fix warning message and call stack during rmmod i40e driver
     - i40e: Fix creation of first queue by omitting it if is not power of two
     - i40e: Fix display error code in dmesg
     - e100: fix device suspend/resume (Closes: #995927)
     - [powerpc*] KVM: PPC: Book3S HV: Use GLOBAL_TOC for
       kvmppc_h_set_dabr/xdabr()
     - [x86] perf/x86/intel/uncore: Fix filter_tid mask for CHA events on Skylake
       Server
     - [x86] perf/x86/intel/uncore: Fix IIO event constraints for Skylake Server
     - [s390x] kexec: fix return code handling
     - [arm64,armhf] net: stmmac: dwmac-rk: Fix ethernet on rk3399 based devices
     - tun: fix bonding active backup with arp monitoring
     - tipc: check for null after calling kmemdup
     - ipc: WARN if trying to remove ipc object which is absent
     - [x86] hyperv: Fix NULL deref in set_hv_tscchange_cb() if Hyper-V setup
       fails
     - scsi: qla2xxx: Fix mailbox direction flags in qla2xxx_get_adapter_id()
     - [s390x] kexec: fix memory leak of ipl report buffer
     - block: Check ADMIN before NICE for IOPRIO_CLASS_RT
     - [x86] KVM: nVMX: don't use vcpu->arch.efer when checking host state on
       nested state load
     - udf: Fix crash after seekdir
     - [armhf] net: stmmac: socfpga: add runtime suspend/resume callback for
       stratix10 platform
     - btrfs: fix memory ordering between normal and ordered work functions
     - cfg80211: call cfg80211_stop_ap when switch from P2P_GO type
     - drm/udl: fix control-message timeout
     - drm/nouveau: Add a dedicated mutex for the clients list (CVE-2020-27820)
     - drm/nouveau: use drm_dev_unplug() during device removal (CVE-2020-27820)
     - drm/nouveau: clean up all clients on device removal (CVE-2020-27820)
     - [x86] drm/i915/dp: Ensure sink rate values are always valid
     - drm/amdgpu: fix set scaling mode Full/Full aspect/Center not works on vga
       and dvi connectors
     - scsi: ufs: core: Fix task management completion
     - scsi: ufs: core: Fix task management completion timeout race
     - hugetlbfs: flush TLBs correctly after huge_pmd_unshare (CVE-2021-4002)
     - RDMA/netlink: Add __maybe_unused to static inline in C file
     - selinux: fix NULL-pointer dereference when hashtab allocation fails
     - ASoC: DAPM: Cover regression by kctl change notification fix
     - ice: Delete always true check of PF pointer
     - fs: export an inode_update_time helper
     - btrfs: update device path inode time instead of bd_inode
     - [x86] ALSA: hda: hdac_ext_stream: fix potential locking issues
     - ALSA: hda: hdac_stream: fix potential locking issue in
       snd_hdac_stream_assign()
     - Revert "perf: Rework perf_event_exit_event()"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.83
     - bpf: Fix toctou on read-only map's constant scalar tracking
       (CVE-2021-4001)
     - ACPI: Get acpi_device's parent from the parent field
     - USB: serial: option: add Telit LE910S1 0x9200 composition
     - USB: serial: option: add Fibocom FM101-GL variants
     - [arm*] usb: dwc2: gadget: Fix ISOC flow for elapsed frames
     - [arm*] usb: dwc2: hcd_queue: Fix use of floating point literal
     - [arm64,armhf] usb: dwc3: gadget: Ignore NoStream after End Transfer
     - [arm64,armhf] usb: dwc3: gadget: Check for L1/L2/U3 for Start Transfer
     - [arm64,armhf] usb: dwc3: gadget: Fix null pointer exception
     - net: nexthop: fix null pointer dereference when IPv6 is not enabled
     - [arm64,armhf] usb: chipidea: ci_hdrc_imx: fix potential error pointer
       dereference in probe
     - usb: typec: fusb302: Fix masking of comparator and bc_lvl interrupts
     - usb: hub: Fix usb enumeration issue due to address0 race
     - usb: hub: Fix locking issues with address0_mutex
     - [arm*] binder: fix test regression due to sender_euid change
     - ALSA: ctxfi: Fix out-of-range access
     - ALSA: hda/realtek: Add quirk for ASRock NUC Box 1100
     - ALSA: hda/realtek: Fix LED on HP ProBook 435 G7
     - media: cec: copy sequence field for the reply
     - HID: wacom: Use "Confidence" flag to prevent reporting invalid contacts
     - [x86] staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect()
     - fuse: release pipe buf after last use
     - xen: don't continue xenstore initialization in case of errors
     - xen: detect uninitialized xenbus in xenbus_init
     - [powerpc*] KVM: PPC: Book3S HV: Prevent POWER7/8 TLB flush flushing SLB
     - tracing/uprobe: Fix uprobe_perf_open probes iteration
     - tracing: Fix pid filtering when triggers are attached
     - [arm64,armhf] mmc: sdhci-esdhc-imx: disable CMDQ support
     - mmc: sdhci: Fix ADMA for PAGE_SIZE >= 64KiB
     - [armhf] mdio: aspeed: Fix "Link is Down" issue
     - [arm64] PCI: aardvark: Deduplicate code in advk_pcie_rd_conf()
     - [arm64] PCI: aardvark: Update comment about disabling link training
     - [arm64] PCI: aardvark: Implement re-issuing config requests on CRS
       response
     - [arm64] PCI: aardvark: Simplify initialization of rootcap on virtual
       bridge
     - [arm64] PCI: aardvark: Fix link training
     - proc/vmcore: fix clearing user buffer by properly using clear_user()
     - netfilter: ctnetlink: fix filtering with CTA_TUPLE_REPLY
     - netfilter: ctnetlink: do not erase error code with EINVAL
     - netfilter: ipvs: Fix reuse connection if RS weight is 0
     - netfilter: flowtable: fix IPv6 tunnel addr match
     - [x86] ASoC: topology: Add missing rwsem around snd_ctl_remove() calls
     - net: ieee802154: handle iftypes as u32
     - NFSv42: Don't fail clone() unless the OP_CLONE operation failed
     - [armhf] socfpga: Fix crash with CONFIG_FORTIRY_SOURCE
     - drm/nouveau/acr: fix a couple NULL vs IS_ERR() checks
     - scsi: mpt3sas: Fix kernel panic during drive powercycle test
     - [arm*] drm/vc4: fix error code in vc4_create_object()
     - iavf: Prevent changing static ITR values if adaptive moderation is on
     - ALSA: intel-dsp-config: add quirk for JSL devices based on ES8336 codec
     - [arm64,armhf] firmware: smccc: Fix check for ARCH_SOC_ID not implemented
     - ipv6: fix typos in __ip6_finish_output()
     - nfp: checking parameter process for rx-usecs/tx-usecs is invalid
     - net: stmmac: fix system hang caused by eee_ctrl_timer during
       suspend/resume
     - net: stmmac: retain PTP clock time during SIOCSHWTSTAMP ioctls
     - net: ipv6: add fib6_nh_release_dsts stub
     - net: nexthop: release IPv6 per-cpu dsts when replacing a nexthop group
     - ice: fix vsi->txq_map sizing
     - ice: avoid bpf_prog refcount underflow
     - scsi: core: sysfs: Fix setting device state to SDEV_RUNNING
     - scsi: scsi_debug: Zero clear zones at reset write pointer
     - erofs: fix deadlock when shrink erofs slab
     - net/smc: Ensure the active closing peer first closes clcsock
     - [arm64,armhf] net: marvell: mvpp2: increase MTU limit when XDP enabled
     - nvmet-tcp: fix incomplete data digest send
     - [armhf] net/ncsi : Add payload to be 32-bit aligned to fix dropped packets
     - PM: hibernate: use correct mode for swsusp_close()
     - drm/amd/display: Set plane update flags for all planes in reset
     - tcp_cubic: fix spurious Hystart ACK train detections for not-cwnd-limited
       flows
     - lan743x: fix deadlock in lan743x_phy_link_status_change()
     - net: phylink: Force link down and retrigger resolve on interface change
     - net: phylink: Force retrigger in case of latched link-fail indicator
     - net/smc: Fix NULL pointer dereferencing in smc_vlan_by_tcpsk()
     - net/smc: Fix loop in smc_listen
     - nvmet: use IOCB_NOWAIT only if the filesystem supports it
     - igb: fix netpoll exit with traffic
     - [mips*] loongson64: fix FTLB configuration
     - [mips*] use 3-level pgtable for 64KB page size on MIPS_VA_BITS_48
     - net/sched: sch_ets: don't peek at classes beyond 'nbands'
     - net: vlan: fix underflow for the real_dev refcnt
     - net/smc: Don't call clcsock shutdown twice when smc shutdown
     - [arm64] net: hns3: fix VF RSS failed problem after PF enable multi-TCs
     - [arm64] net: mscc: ocelot: don't downgrade timestamping RX filters in
       SIOCSHWTSTAMP
     - [arm64] net: mscc: ocelot: correctly report the timestamping RX filters in
       ethtool
     - tcp: correctly handle increased zerocopy args struct size
     - sched/scs: Reset task stack state in bringup_cpu()
     - f2fs: set SBI_NEED_FSCK flag when inconsistent node block found
     - ceph: properly handle statfs on multifs setups
     - smb3: do not error on fsync when readonly
     - [amd64] iommu/amd: Clarify AMD IOMMUv2 initialization messages
     - vhost/vsock: fix incorrect used length reported to the guest
     - tracing: Check pid filtering when creating events
     - xen: sync include/xen/interface/io/ring.h with Xen's newest version
     - xen/blkfront: read response from backend only once
     - xen/blkfront: don't take local copy of a request from the ring page
     - xen/blkfront: don't trust the backend response data blindly
     - xen/netfront: read response from backend only once
     - xen/netfront: don't read data from request on the ring page
     - xen/netfront: disentangle tx_skb_freelist
     - xen/netfront: don't trust the backend response data blindly
     - tty: hvc: replace BUG_ON() with negative return value
     - [s390x] mm: validate VMA in PGSTE manipulation functions
     - shm: extend forced shm destroy to support objects from several IPC nses
     - net: stmmac: platform: fix build warning when with !CONFIG_PM_SLEEP
     - drm/amdgpu/gfx9: switch to golden tsc registers for renoir+
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.84
     - NFSv42: Fix pagecache invalidation after COPY/CLONE
     - can: j1939: j1939_tp_cmd_recv(): check the dst address of TP.CM_BAM
     - ovl: simplify file splice
     - ovl: fix deadlock in splice write
     - gfs2: release iopen glock early in evict
     - gfs2: Fix length of holes reported at end-of-file
     - [powerpc*] pseries/ddw: Revert "Extend upper limit for huge DMA window for
       persistent memory"
     - mac80211: do not access the IV when it was stripped
     - net/smc: Transfer remaining wait queue entries during fallback
     - [amd64,arm64] atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait
       (CVE-2021-43975)
     - net: return correct error code
     - [x86] platform/x86: thinkpad_acpi: Add support for dual fan control
     - [x86] platform/x86: thinkpad_acpi: Fix WWAN device disabled issue after S3
       deep
     - [s390x] setup: avoid using memblock_enforce_memory_limit
     - btrfs: check-integrity: fix a warning on write caching disabled disk
     - thermal: core: Reset previous low and high trip during thermal zone init
     - scsi: iscsi: Unblock session then wake up error handler
     - drm/amd/amdgpu: fix potential memleak
     - ata: ahci: Add Green Sardine vendor ID as board_ahci_mobile
     - [arm64] ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array
       overflow in hns_dsaf_ge_srst_by_port()
     - ipv6: check return value of ipv6_skip_exthdr
     - net/smc: Avoid warning of possible recursive locking
     - ACPI: Add stubs for wakeup handler functions
     - vrf: Reset IPCB/IP6CB when processing outbound pkts in vrf dev xmit
     - kprobes: Limit max data_size of the kretprobe instances
     - rt2x00: do not mark device gone on EPROTO errors during start
     - ipmi: Move remove_work to dedicated workqueue
     - cpufreq: Fix get_cpu_device() failure in add_cpu_dev_symlink()
     - [s390x] pci: move pseudo-MMIO to prevent MIO overlap
     - fget: check that the fd still exists after getting a ref to it
     - ipv6: fix memory leak in fib6_rule_suppress
     - drm/amd/display: Allow DSC on supported MST branch devices
     - KVM: Disallow user memslot with size that exceeds "unsigned long"
     - [x86] KVM: nVMX: Flush current VPID (L1 vs. L2) for
       KVM_REQ_TLB_FLUSH_GUEST
     - [x86] KVM: x86: Use a stable condition around all VT-d PI paths
     - [arm64] KVM: arm64: Avoid setting the upper 32 bits of TCR_EL2 and
       CPTR_EL2 to 1
     - [x86] KVM: X86: Use vcpu->arch.walk_mmu for kvm_mmu_invlpg()
     - wireguard: allowedips: add missing __rcu annotation to satisfy sparse
     - wireguard: device: reset peer src endpoint when netns exits
     - wireguard: receive: use ring buffer for incoming handshakes
     - wireguard: receive: drop handshakes if queue lock is contended
     - wireguard: ratelimiter: use kvcalloc() instead of kvzalloc()
     - [armhf] i2c: stm32f7: flush TX FIFO upon transfer errors
     - [armhf] i2c: stm32f7: recover the bus on access timeout
     - [armhf] i2c: stm32f7: stop dma transfer in case of NACK
     - tcp: fix page frag corruption on page fault
     - net: qlogic: qlcnic: Fix a NULL pointer dereference in
       qlcnic_83xx_add_rings()
     - net: mpls: Fix notifications when deleting a device
     - siphash: use _unaligned version by default
     - [arm64] ftrace: add missing BTIs
     - net/mlx4_en: Fix an use-after-free bug in mlx4_en_try_alloc_resources()
     - rxrpc: Fix rxrpc_peer leak in rxrpc_look_up_bundle()
     - rxrpc: Fix rxrpc_local leak in rxrpc_lookup_peer()
     - ALSA: intel-dsp-config: add quirk for CML devices based on ES8336 codec
     - net: usb: lan78xx: lan78xx_phy_init(): use PHY_POLL instead of "0" if no
       IRQ is available
     - [arm64,armhf] net: marvell: mvpp2: Fix the computation of shared CPUs
     - [arm64] dpaa2-eth: destroy workqueue at the end of remove function
     - net: annotate data-races on txq->xmit_lock_owner
     - ipv4: convert fib_num_tclassid_users to atomic_t
     - net/smc: fix wrong list_del in smc_lgr_cleanup_early
     - net/rds: correct socket tunable error in rds_tcp_tune()
     - net/smc: Keep smc_close_final rc during active close
     - [arm64] drm/msm/a6xx: Allocate enough space for GMU registers
     - [arm64] drm/msm: Do hw_init() before capturing GPU state
     - [amd64,arm64] atlantic: Increase delay for fw transactions
     - [amd64,arm64] atlatnic: enable Nbase-t speeds with base-t
     - [amd64,arm64] atlantic: Fix to display FW bundle version instead of FW mac
       version.
     - [amd64,arm64] atlantic: Add missing DIDs and fix 115c.
     - [amd64,arm64] Remove Half duplex mode speed capabilities.
     - [amd64,arm64] atlantic: Fix statistics logic for production hardware
     - [amd64,arm64] atlantic: Remove warn trace message.
     - [x86] KVM: x86/pmu: Fix reserved bits for AMD PerfEvtSeln register
     - [x86] KVM: VMX: Set failure code in prepare_vmcs02()
     - [x86] entry: Use the correct fence macro after swapgs in kernel CR3
     - [x86] xen: Add xenpv_restore_regs_and_return_to_usermode()
     - sched/uclamp: Fix rq->uclamp_max not set on first enqueue
     - [x86] pv: Switch SWAPGS to ALTERNATIVE
     - [x86] entry: Add a fence for kernel entry SWAPGS in paranoid_entry()
     - vgacon: Propagate console boot parameters before calling `vc_resize'
     - xhci: Fix commad ring abort, write all 64 bits to CRCR register.
     - USB: NO_LPM quirk Lenovo Powered USB-C Travel Hub
     - usb: typec: tcpm: Wait in SNK_DEBOUNCED until disconnect
     - [x86] tsc: Add a timer to make sure TSC_adjust is always checked
     - [x86] tsc: Disable clocksource watchdog for TSC on qualified platorms
     - [x86] 64/mm: Map all kernel memory into trampoline_pgd
     - [arm64] tty: serial: msm_serial: Deactivate RX DMA for polling support
     - [arm*] serial: pl011: Add ACPI SBSA UART match id
     - [arm64,armhf] serial: tegra: Change lower tolerance baud rate limit for
       tegra20 and tegra30
     - serial: core: fix transmit-buffer reset and memleak
     - serial: 8250_pci: Fix ACCES entries in pci_serial_quirks array
     - serial: 8250_pci: rewrite pericom_do_set_divisor()
     - serial: 8250: Fix RTS modem control while in rs485 mode
     - iwlwifi: mvm: retry init flow if failed
     - ipmi: msghandler: Make symbol 'remove_work_wq' static
 .
   [ Salvatore Bonaccorso ]
   * integrity: Drop "MODSIGN: load blacklist from MOKx" as redundant after
     5.10.47.
   * Bump ABI to 10
   * Refresh "tools/perf: pmu-events: Fix reproducibility"
   * [rt] Update to 5.10.73-rt54
   * [rt] Refresh "tracing: Merge irqflags + preempt counter."
   * Refresh "Export symbols needed by Android drivers"
   * [rt] Refresh "printk: introduce kernel sync mode"
   * [rt] Refresh "printk: move console printing to kthreads"
   * [rt] Drop "rcutorture: Avoid problematic critical section nesting on RT"
   * [rt] Add new signing key for Luis Claudio R. Goncalves
   * [rt] Update to 5.10.83-rt58
 .
   [ Ben Hutchings ]
   * tools/perf: Fix warning introduced by "tools/perf: pmu-events: Fix
     reproducibility"

linux-signed-amd64 (5.10.84+1) bullseye; urgency=medium
 .
   * Sign kernel from linux 5.10.84-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.71
     - tty: Fix out-of-bound vmalloc access in imageblit
     - cpufreq: schedutil: Use kobject release() method to free sugov_tunables
     - scsi: qla2xxx: Changes to support kdump kernel for NVMe BFS
     - cpufreq: schedutil: Destroy mutex before kobject_put() frees the memory
     - ALSA: hda/realtek: Quirks to enable speaker output for Lenovo Legion 7i
       15IMHG05, Yoga 7i 14ITL5/15ITL5, and 13s Gen2 laptops.
     - [amd64,arm64] ACPI: NFIT: Use fallback node id when numa info in NFIT
       table is incorrect
     - fs-verity: fix signed integer overflow with i_size near S64_MAX
     - hwmon: (tmp421) handle I2C errors
     - hwmon: (w83793) Fix NULL pointer dereference by removing unnecessary
       structure field
     - hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary
       structure field
     - hwmon: (w83791d) Fix NULL pointer dereference by removing unnecessary
       structure field
     - [arm64,armhf] gpio: pca953x: do not ignore i2c errors
     - scsi: ufs: Fix illegal offset in UPIU event trace
     - mac80211: fix use-after-free in CCMP/GCMP RX
     - [x86] kvmclock: Move this_cpu_pvti into kvmclock.h
     - [x86] KVM: x86: Fix stack-out-of-bounds memory access from
       ioapic_write_indirect()
     - [x86] KVM: x86: nSVM: don't copy virt_ext from vmcb12
     - [x86] KVM: nVMX: Filter out all unsupported controls when eVMCS was
       activated
     - KVM: rseq: Update rseq when processing NOTIFY_RESUME on xfer to KVM guest
     - RDMA/cma: Do not change route.addr.src_addr.ss_family
     - drm/amd/display: Pass PCI deviceid into DC
     - drm/amdgpu: correct initial cp_hqd_quantum for gfx9
     - ipvs: check that ip_vs_conn_tab_bits is between 8 and 20
     - bpf: Handle return value of BPF_PROG_TYPE_STRUCT_OPS prog
     - IB/cma: Do not send IGMP leaves for sendonly Multicast groups
     - RDMA/cma: Fix listener leak in rdma_cma_listen_on_all() failure
     - mac80211: Fix ieee80211_amsdu_aggregate frag_tail bug
     - mac80211: limit injected vht mcs/nss in ieee80211_parse_tx_radiotap
     - mac80211: mesh: fix potentially unaligned access
     - mac80211-hwsim: fix late beacon hrtimer handling
     - sctp: break out if skb_header_pointer returns NULL in sctp_rcv_ootb
     - hwmon: (tmp421) report /PVLD condition as fault
     - hwmon: (tmp421) fix rounding for negative values
     - [arm64] net: enetc: fix the incorrect clearing of IF_MODE bits
     - net: ipv4: Fix rtnexthop len when RTA_FLOW is present
     - smsc95xx: fix stalled rx after link change
     - [x86] drm/i915/request: fix early tracepoints
     - [arm64,armhf] dsa: mv88e6xxx: 6161: Use chip wide MAX MTU
     - [arm64,armhf] dsa: mv88e6xxx: Fix MTU definition
     - [arm64,armhf] dsa: mv88e6xxx: Include tagger overhead when setting MTU for
       DSA and CPU ports
     - e100: fix length calculation in e100_get_regs_len
     - e100: fix buffer overrun in e100_get_regs
     - [arm64] RDMA/hns: Fix inaccurate prints
     - bpf: Exempt CAP_BPF from checks against bpf_jit_limit
     - Revert "block, bfq: honor already-setup queue merges"
     - scsi: csiostor: Add module softdep on cxgb4
     - ixgbe: Fix NULL pointer dereference in ixgbe_xdp_setup
     - [arm64] net: hns3: do not allow call hns3_nic_net_open repeatedly
     - [arm64] net: hns3: keep MAC pause mode when multiple TCs are enabled
     - [arm64] net: hns3: fix mixed flag HCLGE_FLAG_MQPRIO_ENABLE and
       HCLGE_FLAG_DCB_ENABLE
     - [arm64] net: hns3: fix show wrong state when add existing uc mac address
     - [arm64] net: hns3: fix prototype warning
     - [arm64] net: hns3: reconstruct function hns3_self_test
     - [arm64] net: hns3: fix always enable rx vlan filter problem after selftest
     - [arm64,armhf] net: phy: bcm7xxx: Fixed indirect MMD operations
     - net: sched: flower: protect fl_walk() with rcu
     - af_unix: fix races in sk_peer_pid and sk_peer_cred accesses
     - [x86] perf/x86/intel: Update event constraints for ICX
     - nvme: add command id quirk for apple controllers
     - elf: don't use MAP_FIXED_NOREPLACE for elf interpreter mappings
     - debugfs: debugfs_create_file_size(): use IS_ERR to check for error
     - ext4: fix loff_t overflow in ext4_max_bitmap_size()
     - ext4: limit the number of blocks in one ADD_RANGE TLV (Closes: #995425)
     - ext4: fix reserved space counter leakage
     - ext4: add error checking to ext4_ext_replay_set_iblocks()
     - ext4: fix potential infinite loop in ext4_dx_readdir()
     - HID: u2fzero: ignore incomplete packets without data
     - net: udp: annotate data race around udp_sk(sk)->corkflag
     - ASoC: dapm: use component prefix when checking widget names
     - usb: hso: remove the bailout parameter
     - [x86] crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()
       (CVE-2021-3744, CVE-2021-3764)
     - HID: betop: fix slab-out-of-bounds Write in betop_probe
     - netfilter: ipset: Fix oversized kvmalloc() calls
     - mm: don't allow oversized kvmalloc() calls
     - HID: usbhid: free raw_report buffers in usbhid_stop
     - [x86] KVM: x86: Handle SRCU initialization failure during page track init
     - netfilter: conntrack: serialize hash resizes and cleanups
     - netfilter: nf_tables: Fix oversized kvmalloc() calls
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.72
     - [arm64,armhf] spi: rockchip: handle zero length transfers without timing
       out
     - nfsd: back channel stuck in SEQ4_STATUS_CB_PATH_DOWN
     - btrfs: replace BUG_ON() in btrfs_csum_one_bio() with proper error handling
     - btrfs: fix mount failure due to past and transient device flush error
     - net: mdio: introduce a shutdown method to mdio device drivers
     - xen-netback: correct success/error reporting for the SKB-with-fraglist
       case
     - scsi: sd: Free scsi_disk device via put_device()
     - [arm*] usb: dwc2: check return value after calling platform_get_resource()
     - nvme-fc: update hardware queues before using them
     - nvme-fc: avoid race between time out and tear down
     - [arm64] thermal/drivers/tsens: Fix wrong check for tzd in irq handlers
     - scsi: ses: Retry failed Send/Receive Diagnostic commands
     - [arm64,armhf] irqchip/gic: Work around broken Renesas integration
     - smb3: correct smb3 ACL security descriptor
     - KVM: do not shrink halt_poll_ns below grow_start
     - [x86] kvm: Add AMD PMU MSRs to msrs_to_save_all[]
     - [x86] KVM: nSVM: restore int_vector in svm_clear_vintr
     - [x86] perf/x86: Reset destroy callback on event init failure
     - libata: Add ATA_HORKAGE_NO_NCQ_ON_ATI for Samsung 860 and 870 SSD.
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.73
     - [arm64,armhf] usb: chipidea: ci_hdrc_imx: Also search for 'phys' phandle
     - USB: cdc-acm: fix racy tty buffer accesses
     - USB: cdc-acm: fix break reporting
     - usb: typec: tcpm: handle SRC_STARTUP state if cc changes
     - drm/nouveau/kms/tu102-: delay enabling cursor until after assign_windows
     - xen/privcmd: fix error handling in mmap-resource processing
     - [arm64] mmc: meson-gx: do not use memcpy_to/fromio for dram-access-quirk
     - ovl: fix missing negative dentry check in ovl_rename() (CVE-2021-20321)
     - ovl: fix IOCB_DIRECT if underlying fs doesn't support direct IO
     - nfsd: fix error handling of register_pernet_subsys() in init_nfsd()
     - nfsd4: Handle the NFSv4 READDIR 'dircount' hint being zero
     - SUNRPC: fix sign error causing rpcsec_gss drops
     - xen/balloon: fix cancelled balloon action
     - [armhf] dts: omap3430-sdp: Fix NAND device node
     - [armhf] bus: ti-sysc: Add break in switch statement in sysc_init_soc()
     - [arm64] soc: qcom: mdt_loader: Drop PT_LOAD check on hash segment
     - [armhf] dts: imx: Add missing pinctrl-names for panel on M53Menlo
     - [armhf] dts: imx: Fix USB host power regulator polarity on M53Menlo
     - [amd64] PCI: hv: Fix sleep while in non-sleep context when removing child
       devices from the bus
     - iwlwifi: pcie: add configuration of a Wi-Fi adapter on Dell XPS 15
     - [armel,armhf] bpf, arm: Fix register clobbering in div/mod implementation
     - [armhf] soc: ti: omap-prm: Fix external abort for am335x pruss
     - bpf: Fix integer overflow in prealloc_elems_and_freelist()
       (CVE-2021-41864)
     - net/mlx5e: IPSEC RX, enable checksum complete
     - net/mlx5: E-Switch, Fix double allocation of acl flow counter
     - phy: mdio: fix memory leak
     - net_sched: fix NULL deref in fifo_set_limit()
     - [i386] ptp_pch: Load module automatically if ID matches
     - [armhf] imx6: disable the GIC CPU interface before calling stby-poweroff
       sequence
     - net: bridge: use nla_total_size_64bit() in br_get_linkxstats_size()
     - net: bridge: fix under estimation in br_get_linkxstats_size()
     - net/sched: sch_taprio: properly cancel timer from taprio_destroy()
     - net: sfp: Fix typo in state machine debug string
     - netlink: annotate data races around nlk->bound
     - perf jevents: Tidy error handling
     - [armhf] bus: ti-sysc: Use CLKDM_NOAUTO for dra7 dcan1 for errata i893
     - [arm64,armhf] drm/sun4i: dw-hdmi: Fix HDMI PHY clock setup
     - drm/nouveau: avoid a use-after-free when BO init fails
     - drm/nouveau/kms/nv50-: fix file release memory leak
     - drm/nouveau/debugfs: fix file release memory leak
     - [amd64] gve: Correct available tx qpl check
     - [amd64] gve: Avoid freeing NULL pointer
     - rtnetlink: fix if_nlmsg_stats_size() under estimation
     - [amd64] gve: fix gve_get_stats()
     - [amd64] gve: report 64bit tx_bytes counter from gve_handle_report_stats()
     - i40e: fix endless loop under rtnl
     - i40e: Fix freeing of uninitialized misc IRQ vector
     - net: prefer socket bound to interface when not in VRF
     - [powerpc*] iommu: Report the correct most efficient DMA mask for PCI
       devices
     - i2c: acpi: fix resource leak in reconfiguration device addition
     - [s390x] bpf, s390: Fix potential memory leak about jit_data
     - [powerpc*] bpf: Fix BPF_SUB when imm == 0x80000000
     - [powerpc*] pseries/eeh: Fix the kdump kernel crash during eeh_pseries_init
     - [i386] x86/platform/olpc: Correct ifdef symbol to intended
       CONFIG_OLPC_XO15_SCI
     - [x86] entry: Correct reference to intended CONFIG_64_BIT
     - [x86] hpet: Use another crystalball to evaluate HPET usability
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.74
     - ext4: check and update i_disksize properly
     - ext4: correct the error path of ext4_write_inline_data_end()
     - [x86] ASoC: Intel: sof_sdw: tag SoundWire BEs as non-atomic
     - HID: apple: Fix logical maximum and usage maximum of Magic Keyboard JIS
     - netfilter: ip6_tables: zero-initialize fragment offset
     - HID: wacom: Add new Intuos BT (CTL-4100WL/CTL-6100WL) device IDs
     - [x86] ASoC: SOF: loader: release_firmware() on load failure to avoid
       batching
     - netfilter: nf_nat_masquerade: make async masq_inet6_event handling generic
     - netfilter: nf_nat_masquerade: defer conntrack walk to work queue
     - mac80211: Drop frames from invalid MAC address in ad-hoc mode
     - net: prevent user from passing illegal stab size
     - mac80211: check return value of rhashtable_init
     - [x86] vboxfs: fix broken legacy mount signature checking
     - drm/amdgpu: fix gart.bo pin_count leak
     - scsi: ses: Fix unsigned comparison with less than zero
     - scsi: virtio_scsi: Fix spelling mistake "Unsupport" -> "Unsupported"
     - perf/core: fix userpage->time_enabled of inactive events
     - sched: Always inline is_percpu_thread()
     - [armhf] hwmon: (pmbus/ibm-cffps) max_power_out swap changes
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.75
     - ALSA: usb-audio: Add quirk for VF0770
     - ALSA: pcm: Workaround for a wrong offset in SYNC_PTR compat ioctl
     - ALSA: seq: Fix a potential UAF by wrong private_free call order
     - ALSA: hda/realtek: Enable 4-speaker output for Dell Precision 5560 laptop
     - ALSA: hda - Enable headphone mic on Dell Latitude laptops with ALC3254
     - ALSA: hda/realtek: Complete partial device name to avoid ambiguity
     - ALSA: hda/realtek: Add quirk for Clevo X170KM-G
     - ALSA: hda/realtek - ALC236 headset MIC recording issue
     - ALSA: hda/realtek: Add quirk for TongFang PHxTxX1
     - ALSA: hda/realtek: Fix for quirk to enable speaker output on the Lenovo
       13s Gen2
     - ALSA: hda/realtek: Fix the mic type detection issue for ASUS G551JW
     - [s390x] fix strrchr() implementation
     - [arm64] hugetlb: fix CMA gigantic page order for non-4K PAGE_SIZE
     - drm/msm: Avoid potential overflow in timeout_to_jiffies()
     - btrfs: unlock newly allocated extent buffer after error
     - btrfs: deal with errors when replaying dir entry during log replay
     - btrfs: deal with errors when adding inode reference during log replay
     - btrfs: check for error when looking up inode during dir entry replay
     - btrfs: update refs for any root except tree log roots
     - btrfs: fix abort logic in btrfs_replace_file_extents
     - [x86] resctrl: Free the ctrlval arrays when domain_setup_mon_state() fails
     - [x86] mei: me: add Ice Lake-N device id.
     - xhci: guard accesses to ep_state in xhci_endpoint_reset()
     - xhci: Fix command ring pointer corruption while aborting a command
     - xhci: Enable trust tx length quirk for Fresco FL11 USB controller
     - cb710: avoid NULL pointer subtraction
     - [arm64,x86] efi/cper: use stack buffer for error record decoding
     - efi: Change down_interruptible() in virt_efi_reset_system() to
       down_trylock()
     - [armhf] usb: musb: dsps: Fix the probe error path (Closes: 1000900)
     - Input: xpad - add support for another USB ID of Nacon GC-100
     - USB: serial: qcserial: add EM9191 QDL support
     - USB: serial: option: add Quectel EC200S-CN module support
     - USB: serial: option: add Telit LE910Cx composition 0x1204
     - USB: serial: option: add prod. id for Quectel EG91
     - virtio: write back F_VERSION_1 before validate
     - nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells
     - [powerpc*] xive: Discard disabled interrupts in get_irqchip_state()
     - driver core: Reject pointless SYNC_STATE_ONLY device links
     - iio: adc: ad7192: Add IRQ flag
     - iio: adc: ad7780: Fix IRQ flag
     - iio: adc: ad7793: Fix IRQ flag
     - iio: adc128s052: Fix the error handling path of 'adc128_probe()'
     - iio: adc: max1027: Fix wrong shift with 12-bit devices
     - iio: light: opt3001: Fixed timeout error when 0 lux
     - iio: adc: max1027: Fix the number of max1X31 channels
     - iio: dac: ti-dac5571: fix an error code in probe()
     - [arm64] tee: optee: Fix missing devices unregister during optee_remove
     - [armel,armhf] dts: bcm2711-rpi-4-b: Fix usb's unit address
     - [armel,armhf] dts: bcm2711-rpi-4-b: fix sd_io_1v8_reg regulator states
     - [armel,armhf] dts: bcm2711-rpi-4-b: Fix pcie0's unit address formatting
     - nvme-pci: Fix abort command id
     - sctp: account stream padding length for reconf chunk
     - [arm64,armhf] gpio: pca953x: Improve bias setting
     - net/mlx5e: Fix memory leak in mlx5_core_destroy_cq() error path
     - net/mlx5e: Mutually exclude RX-FCS and RX-port-timestamp
     - net: stmmac: fix get_hw_feature() on old hardware
     - ethernet: s2io: fix setting mac address during resume
     - nfc: fix error handling of nfc_proto_register()
     - NFC: digital: fix possible memory leak in digital_tg_listen_mdaa()
     - NFC: digital: fix possible memory leak in digital_in_send_sdd_req()
     - [i386] pata_legacy: fix a couple uninitialized variable bugs
     - ata: ahci_platform: fix null-ptr-deref in
       ahci_platform_enable_regulators()
     - drm/edid: In connector_bad_edid() cap num_of_ext by num_blocks read
     - [arm64] drm/msm: Fix null pointer dereference on pointer edp
     - [arm64] drm/msm/mdp5: fix cursor-related warnings
     - [arm64] drm/msm/a6xx: Track current ctx by seqno
     - [arm64] drm/msm/dsi: Fix an error code in msm_dsi_modeset_init()
     - [arm64] drm/msm/dsi: fix off by one in dsi_bus_clk_enable error handling
     - [arm64] acpi/arm64: fix next_platform_timer() section mismatch error
     - [x86] platform/x86: intel_scu_ipc: Fix busy loop expiry time
     - mqprio: Correct stats in mqprio_dump_class_stats().
     - qed: Fix missing error code in qed_slowpath_start()
     - nfp: flow_offload: move flow_indr_dev_register from app init to app start
     - [arm64] net: mscc: ocelot: warn when a PTP IRQ is raised for an unknown
       skb
     - [arm64,armhf] net: dsa: mv88e6xxx: don't use PHY_DETECT on internal PHY's
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.76
     - xhci: add quirk for host controllers that don't update endpoint DCS
     - io_uring: fix splice_fd_in checks backport typo
     - [armhf] dts: vexpress-v2p-ca9: Fix the SMB unit-address
     - block: decode QUEUE_FLAG_HCTX_ACTIVE in debugfs output
     - [x86] xen/x86: prevent PVH type from getting clobbered
     - NFSD: Keep existing listeners on portlist error
     - netfilter: xt_IDLETIMER: fix panic that occurs when timer_type has garbage
       value
     - ice: fix getting UDP tunnel entry
     - netfilter: ip6t_rt: fix rt0_hdr parsing in rt_mt6
     - netfilter: ipvs: make global sysctl readonly in non-init netns
     - tcp: md5: Fix overlap between vrf and non-vrf keys
     - ipv6: When forwarding count rx stats on the orig netdev
     - [powerpc*] smp: do not decrement idle task preempt count in CPU offline
     - [arm64] net: hns3: reset DWRR of unused tc to zero
     - [arm64] net: hns3: add limit ets dwrr bandwidth cannot be 0
     - [arm64] net: hns3: schedule the polling again when allocation fails
     - [arm64] net: hns3: fix vf reset workqueue cannot exit
     - [arm64] net: hns3: disable sriov before unload hclge layer
     - net: stmmac: Fix E2E delay mechanism
     - e1000e: Fix packet loss on Tiger Lake and later
     - ice: Add missing E810 device ids
     - [arm64] net: enetc: fix ethtool counter name for PM0_TERR
     - can: peak_usb: pcan_usb_fd_decode_status(): fix back to ERROR_ACTIVE state
       notification
     - can: peak_pci: peak_pci_remove(): fix UAF
     - can: isotp: isotp_sendmsg(): fix return error on FC timeout on TX path
     - can: isotp: isotp_sendmsg(): add result check for
       wait_event_interruptible()
     - can: j1939: j1939_tp_rxtimer(): fix errant alert in j1939_tp_rxtimer
     - can: j1939: j1939_netdev_start(): fix UAF for rx_kref of j1939_priv
     - can: j1939: j1939_xtp_rx_dat_one(): cancel session if receive TP.DT with
       error length
     - can: j1939: j1939_xtp_rx_rts_session_new(): abort TP less than 9 bytes
     - ceph: skip existing superblocks that are blocklisted or shut down when
       mounting
     - ceph: fix handling of "meta" errors
     - ocfs2: fix data corruption after conversion from inline format
     - ocfs2: mount fails with buffer overflow in strlen
     - userfaultfd: fix a race between writeprotect and exit_mmap()
     - vfs: check fd has read access in kernel_read_file_from_fd()
     - ALSA: usb-audio: Provide quirk for Sennheiser GSP670 Headset
     - ALSA: hda/realtek: Add quirk for Clevo PC50HS
     - ASoC: DAPM: Fix missing kctl change notifications
     - audit: fix possible null-pointer dereference in audit_filter_rules
     - [powerpc*] powerpc64/idle: Fix SP offsets when saving GPRs
     - [powerpc*] KVM: PPC: Book3S HV: Fix stack handling in
       idle_kvm_start_guest()
     - [powerpc*] KVM: PPC: Book3S HV: Make idle_kvm_start_guest() return 0 if it
       went to guest (CVE-2021-43056)
     - [powerpc*] idle: Don't corrupt back chain when going idle
     - mm, slub: fix mismatch between reconstructed freelist depth and cnt
     - mm, slub: fix potential memoryleak in kmem_cache_open()
     - mm, slub: fix incorrect memcg slab count for bulk free
     - [x86] KVM: nVMX: promptly process interrupts delivered while in guest mode
     - nfc: nci: fix the UAF of rf_conn_info object (CVE-2021-3760)
     - isdn: cpai: check ctr->cnr to avoid array index out of bound
       (CVE-2021-43389)
     - [arm64] net: hns3: fix the max tx size according to user manual
     - ALSA: hda: intel: Allow repeatedly probing on codec configuration errors
     - btrfs: deal with errors when checking if a dir entry exists during log
       replay
     - net: stmmac: add support for dwmac 3.40a
     - isdn: mISDN: Fix sleeping function called from invalid context
     - [x86] platform/x86: intel_scu_ipc: Update timeout value in comment
     - ALSA: hda: avoid write to STATESTS if controller is in reset
     - [x86] perf/x86/msr: Add Sapphire Rapids CPU support
     - scsi: iscsi: Fix set_param() handling
     - scsi: qla2xxx: Fix a memory leak in an error path of qla2x00_process_els()
     - sched/scs: Reset the shadow stack when idle_task_exit
     - [arm64] net: hns3: fix for miscalculation of rx unused desc
     - scsi: core: Fix shost->cmd_per_lun calculation in scsi_add_host_with_dma()
     - can: isotp: isotp_sendmsg(): fix TX buffer concurrent access in
       isotp_sendmsg()
     - [s390x] pci: fix zpci_zdev_put() on reserve
     - net: mdiobus: Fix memory leak in __mdiobus_register
     - tracing: Have all levels of checks prevent recursion
     - e1000e: Separate TGP board type from SPT
     - [armhf] pinctrl: stm32: use valid pin identifier in stm32_pinctrl_resume()
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.77
     - [armel,armhf] 9139/1: kprobes: fix arch_init_kprobes() prototype
     - io_uring: don't take uring_lock during iowq cancel
     - [powerpc*] bpf: Fix BPF_MOD when imm == 1
     - [arm64] Avoid premature usercopy failure
     - ext4: fix possible UAF when remounting r/o a mmp-protected file system
     - usbnet: sanity check for maxpacket
     - usbnet: fix error return code in usbnet_probe()
     - pinctrl: amd: disable and mask interrupts on probe
     - ata: sata_mv: Fix the error handling of mv_chip_id()
     - tipc: fix size validations for the MSG_CRYPTO type (CVE-2021-43267)
     - nfc: port100: fix using -ERRNO as command type mask
     - Revert "net: mdiobus: Fix memory leak in __mdiobus_register"
     - mmc: vub300: fix control-message timeouts
     - mmc: cqhci: clear HALT state after CQE enable
     - [armhf] mmc: dw_mmc: exynos: fix the finding clock sample value
     - mmc: sdhci: Map more voltage level to SDHCI_POWER_330
     - [arm64,armhf] mmc: sdhci-esdhc-imx: clear the buffer_read_ready to reset
       standard tuning circuit
     - ocfs2: fix race between searching chunks and release journal_head from
       buffer_head
     - nvme-tcp: fix H2CData PDU send accounting (again)
     - cfg80211: scan: fix RCU in cfg80211_add_nontrans_list()
     - cfg80211: fix management registrations locking
     - net: lan78xx: fix division by zero in send path
     - mm, thp: bail out early in collapse_file for writeback page
     - drm/ttm: fix memleak in ttm_transfered_destroy
     - drm/amdgpu: fix out of bounds write (CVE-2021-42327)
     - cgroup: Fix memory leak caused by missing cgroup_bpf_offline
     - tcp_bpf: Fix one concurrency problem in the tcp_bpf_send_verdict function
     - bpf: Fix potential race in tail call compatibility check
     - bpf: Fix error usage of map_fd and fdget() in generic_map_update_batch()
     - [amd64] IB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt
       fields
     - [amd64] IB/hfi1: Fix abba locking issue with sc_disable()
     - nvmet-tcp: fix data digest pointer calculation
     - nvme-tcp: fix data digest pointer calculation
     - nvme-tcp: fix possible req->offset corruption
     - RDMA/mlx5: Set user priority for DCT
     - [arm64] dts: allwinner: h5: NanoPI Neo 2: Fix ethernet node
     - regmap: Fix possible double-free in regcache_rbtree_exit()
     - net: batman-adv: fix error handling
     - net-sysfs: initialize uid and gid before calling net_ns_get_ownership
     - cfg80211: correct bridge/4addr mode check
     - net: Prevent infinite while loop in skb_tx_hash()
     - RDMA/sa_query: Use strscpy_pad instead of memcpy to copy a string
     - net: ethernet: microchip: lan743x: Fix driver crash when lan743x_pm_resume
       fails
     - net: ethernet: microchip: lan743x: Fix dma allocation failure by using
       dma_set_mask_and_coherent
     - phy: phy_ethtool_ksettings_get: Lock the phy for consistency
     - phy: phy_ethtool_ksettings_set: Move after phy_start_aneg
     - phy: phy_start_aneg: Add an unlocked version
     - phy: phy_ethtool_ksettings_set: Lock the PHY while changing settings
     - sctp: use init_tag from inithdr for ABORT chunk (CVE-2021-3772)
     - sctp: fix the processing for INIT_ACK chunk (CVE-2021-3772)
     - sctp: fix the processing for COOKIE_ECHO chunk (CVE-2021-3772)
     - sctp: add vtag check in sctp_sf_violation (CVE-2021-3772)
     - sctp: add vtag check in sctp_sf_do_8_5_1_E_sa (CVE-2021-3772)
     - sctp: add vtag check in sctp_sf_ootb (CVE-2021-3772)
     - lan743x: fix endianness when accessing descriptors
     - [s390x] KVM: clear kicked_mask before sleeping again
     - [s390x] KVM: preserve deliverable_mask in __airqs_kick_single_vcpu
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.78
     - scsi: core: Put LLD module refcnt after SCSI device is released
     - Revert "io_uring: reinforce cancel on flush during exit"
     - sfc: Fix reading non-legacy supported link modes
     - vrf: Revert "Reset skb conntrack connection..."
     - net: ethernet: microchip: lan743x: Fix skb allocation failure
     - media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt()
       (CVE-2021-42739)
     - Revert "xhci: Set HCD flag to defer primary roothub registration"
     - Revert "usb: core: hcd: Add support for deferring roothub registration"
     - mm: khugepaged: skip huge page collapse for special files
     - Revert "drm/ttm: fix memleak in ttm_transfered_destroy"
     - [arm*] 9120/1: Revert "amba: make use of -1 IRQs warn"
     - [arm64] Revert "wcn36xx: Disable bmps when encryption is disabled"
     - ALSA: usb-audio: Add Schiit Hel device to mixer map quirk table
     - ALSA: usb-audio: Add Audient iD14 to mixer map quirk table
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.79
     - [x86] Revert "x86/kvm: fix vcpu-id indexed array sizes"
     - [arm64,armhf] usb: musb: Balance list entry in musb_gadget_queue
     - usb-storage: Add compatibility quirk flags for iODD 2531/2541
     - [arm*] binder: don't detect sender/target during buffer cleanup
     - printk/console: Allow to disable console output by using console="" or
       console=null
     - staging: rtl8712: fix use-after-free in rtl8712_dl_fw
     - isofs: Fix out of bound access for corrupted isofs image
     - [x86] comedi: dt9812: fix DMA buffers on stack
     - [x86] comedi: ni_usb6501: fix NULL-deref in command paths
     - [x86] comedi: vmk80xx: fix transfer-buffer overflows
     - [x86] comedi: vmk80xx: fix bulk-buffer overflow
     - [x86] comedi: vmk80xx: fix bulk and interrupt message timeouts
     - staging: r8712u: fix control-message timeout
     - [x86] staging: rtl8192u: fix control-message timeouts
     - rsi: fix control-message timeout
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.80
     - xhci: Fix USB 3.1 enumeration issues by increasing roothub power-on-good
       delay
     - usb: xhci: Enable runtime-pm by default on AMD Yellow Carp platform
     - [arm*] binder: use euid from cred instead of using task
     - [arm*] binder: use cred instead of task for selinux checks
     - [arm*] binder: use cred instead of task for getsecid
     - Input: iforce - fix control-message timeout
     - Input: elantench - fix misreporting trackpoint coordinates
       (Closes: #989285)
     - libata: fix read log timeout value
     - ocfs2: fix data corruption on truncate
     - scsi: core: Remove command size deduction from scsi_setup_scsi_cmnd()
     - scsi: qla2xxx: Fix kernel crash when accessing port_speed sysfs file
     - scsi: qla2xxx: Fix use after free in eh_abort path
     - [arm64,armhf] mmc: dw_mmc: Dont wait for DRTO on Write RSP error
     - exfat: fix incorrect loading of i_blocks for large files
     - tpm: Check for integer overflow in tpm2_map_response_body()
     - media: ite-cir: IR receiver stop working after receive overflow
       (Closes: #996672)
     - media: ir-kbd-i2c: improve responsiveness of hauppauge zilog receivers
       (Closes: #994050)
     - media: v4l2-ioctl: Fix check_ext_ctrls
     - ALSA: hda/realtek: Fix mic mute LED for the HP Spectre x360 14
     - ALSA: hda/realtek: Add a quirk for HP OMEN 15 mute LED
     - ALSA: hda/realtek: Add quirk for Clevo PC70HS
     - ALSA: hda/realtek: Headset fixup for Clevo NH77HJQ
     - ALSA: hda/realtek: Add a quirk for Acer Spin SP513-54N
     - ALSA: hda/realtek: Add quirk for ASUS UX550VE
     - ALSA: hda/realtek: Add quirk for HP EliteBook 840 G7 mute LED
     - ALSA: ua101: fix division by zero at probe
     - ALSA: 6fire: fix control and bulk message timeouts
     - ALSA: line6: fix control and interrupt message timeouts
     - ALSA: usb-audio: Line6 HX-Stomp XL USB_ID for 48k-fixed quirk
     - ALSA: usb-audio: Add registration quirk for JBL Quantum 400
     - ALSA: hda: Free card instance properly at probe errors
     - ALSA: synth: missing check for possible NULL after the call to kstrdup
     - ALSA: timer: Fix use-after-free problem
     - ALSA: timer: Unconditionally unlink slave instances, too
     - ext4: fix lazy initialization next schedule time computation in more
       granular unit
     - ext4: ensure enough credits in ext4_ext_shift_path_extents
     - ext4: refresh the ext4_ext_path struct after dropping i_data_sem.
     - fuse: fix page stealing
     - [x86] cpu: Fix migration safety with X86_BUG_NULL_SEL
     - [x86] irq: Ensure PI wakeup handler is unregistered before module unload
     - ASoC: soc-core: fix null-ptr-deref in snd_soc_del_component_unlocked()
     - ALSA: hda/realtek: Fixes HP Spectre x360 15-eb1xxx speakers
     - [arm64] cavium: Return negative value when pci_alloc_irq_vectors() fails
     - scsi: qla2xxx: Return -ENOMEM if kzalloc() fails
     - scsi: qla2xxx: Fix unmap of already freed sgl
     - mISDN: Fix return values of the probe function
     - [arm64] cavium: Fix return values of the probe function
     - sfc: Export fibre-specific supported link modes
     - sfc: Don't use netif_info before net_device setup
     - [armhf] reset: socfpga: add empty driver allowing consumers to probe
     - drm: panel-orientation-quirks: Add quirk for Aya Neo 2021
     - bpf: Define bpf_jit_alloc_exec_limit for arm64 JIT
     - bpf: Prevent increasing bpf_jit_limit above max
     - xen/netfront: stop tx queues during live migration
     - nvmet-tcp: fix a memory leak when releasing a queue
     - [armhf] spi: spl022: fix Microwire full duplex mode
     - net: multicast: calculate csum of looped-back and forwarded packets
     - [armhf] watchdog: Fix OMAP watchdog early handling
     - drm: panel-orientation-quirks: Add quirk for GPD Win3
     - block: schedule queue restart after BLK_STS_ZONE_RESOURCE
     - nvmet-tcp: fix header digest verification
     - r8169: Add device 10ec:8162 to driver r8169
     - [x86] vmxnet3: do not stop tx queues after netif_device_detach()
     - nfp: bpf: relax prog rejection for mtu check through max_pkt_offset
     - net/smc: Fix smc_link->llc_testlink_time overflow
     - net/smc: Correct spelling mistake to TCPF_SYN_RECV
     - rds: stop using dmapool
     - btrfs: clear MISSING device status bit in btrfs_close_one_device
     - btrfs: fix lost error handling when replaying directory deletes
     - btrfs: call btrfs_check_rw_degradable only if there is a missing device
     - [x86] KVM: VMX: Unregister posted interrupt wakeup handler on hardware
       unsetup
     - selinux: fix race condition when computing ocontext SIDs
     - [armhf] regulator: s5m8767: do not use reset value as DVS voltage if GPIO
       DVS is disabled
     - [amd64] EDAC/sb_edac: Fix top-of-high-memory value for Broadwell/Haswell
     - [x86] mwifiex: fix division by zero in fw download path
     - ath6kl: fix division by zero in send path
     - ath6kl: fix control-message timeout
     - ath10k: fix control-message timeout
     - ath10k: fix division by zero in send path
     - PCI: Mark Atheros QCA6174 to avoid bus reset
     - rtl8187: fix control-message timeouts
     - [arm64] wcn36xx: Fix HT40 capability for 2Ghz band
     - [arm64] wcn36xx: Fix tx_status mechanism
     - [arm64] wcn36xx: Fix (QoS) null data frame bitrate/modulation
     - PM: sleep: Do not let "syscore" devices runtime-suspend during system
       transitions
     - mwifiex: Read a PCI register after writing the TX ring write pointer
     - mwifiex: Try waking the firmware until we get an interrupt
     - libata: fix checking of DMA state
     - [arm64] wcn36xx: handle connection loss indication
     - rsi: fix occasional initialisation failure with BT coex
     - rsi: fix key enabled check causing unwanted encryption for vap_id > 0
     - rsi: fix rate mask set leading to P2P failure
     - rsi: Fix module dev_oper_mode parameter description
     - [x86] perf/x86/intel/uncore: Support extra IMC channel on Ice Lake server
     - [x86] perf/x86/intel/uncore: Fix Intel ICX IIO event constraints
     - RDMA/qedr: Fix NULL deref for query_qp on the GSI QP
     - signal: Remove the bogus sigkill_pending in ptrace_stop
     - [mips*] signal/mips: Update (_save|_restore)_fp_context to fail with
       -EFAULT
     - [arm64] soc: fsl: dpio: replace smp_processor_id with raw_smp_processor_id
     - [arm64] soc: fsl: dpio: use the combined functions to protect critical
       zone
     - [x86] power: supply: max17042_battery: Prevent int underflow in
       set_soc_threshold
     - [x86] power: supply: max17042_battery: use VFSOC for capacity when no rsns
     - [arm64] KVM: arm64: Extract ESR_ELx.EC only
     - [x86] KVM: nVMX: Query current VMCS when determining if MSR bitmaps are in
       use
     - can: j1939: j1939_tp_cmd_recv(): ignore abort message in the BAM transport
     - can: j1939: j1939_can_recv(): ignore messages with invalid source address
     - ring-buffer: Protect ring_buffer_reset() from reentrancy
     - serial: core: Fix initializing and restoring termios speed
     - ifb: fix building without CONFIG_NET_CLS_ACT
     - ALSA: mixer: oss: Fix racy access to slots
     - ALSA: mixer: fix deadlock in snd_mixer_oss_set_volume
     - xen/balloon: add late_initcall_sync() for initial ballooning done
     - ovl: fix use after free in struct ovl_aio_req
     - [arm*] PCI: pci-bridge-emul: Fix emulation of W1C bits
     - [arm64] PCI: aardvark: Do not clear status bits of masked interrupts
     - [arm64] PCI: aardvark: Fix checking for link up via LTSSM state
     - [arm64] PCI: aardvark: Do not unmask unused interrupts
     - [arm64] PCI: aardvark: Fix reporting Data Link Layer Link Active
     - [arm64] PCI: aardvark: Fix configuring Reference clock
     - [arm64] PCI: aardvark: Fix return value of MSI domain .alloc() method
     - [arm64] PCI: aardvark: Read all 16-bits from PCIE_MSI_PAYLOAD_REG
     - [arm64] PCI: aardvark: Fix support for bus mastering and PCI_COMMAND on
       emulated bridge
     - [arm64] PCI: aardvark: Fix support for PCI_BRIDGE_CTL_BUS_RESET on
       emulated bridge
     - [arm64] PCI: aardvark: Set PCI Bridge Class Code to PCI Bridge
     - [arm64] PCI: aardvark: Fix support for PCI_ROM_ADDRESS1 on emulated bridge
     - quota: check block number when reading the block in quota file
     - quota: correct error number in free_dqentry()
     - pinctrl: core: fix possible memory leak in pinctrl_enable()
     - iio: dac: ad5446: Fix ad5622_write() return value
     - iio: ad5770r: make devicetree property reading consistent
     - USB: serial: keyspan: fix memleak on probe errors
     - serial: 8250: fix racy uartclk update
     - USB: iowarrior: fix control-message timeouts
     - [arm64,armhf] USB: chipidea: fix interrupt deadlock
     - [x86] power: supply: max17042_battery: Clear status bits in interrupt
       handler
     - dma-buf: WARN on dmabuf release with pending attachments
     - drm: panel-orientation-quirks: Update the Lenovo Ideapad D330 quirk (v2)
     - drm: panel-orientation-quirks: Add quirk for KD Kurio Smart C15200 2-in-1
     - drm: panel-orientation-quirks: Add quirk for the Samsung Galaxy Book 10.6
     - Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg()
       (CVE-2021-3640)
     - Bluetooth: fix use-after-free error in lock_sock_nested()
     - drm/panel-orientation-quirks: add Valve Steam Deck
     - [x86] platform/x86: wmi: do not fail if disabling fails
     - locking/lockdep: Avoid RCU-induced noinstr fail
     - net: sched: update default qdisc visibility after Tx queue cnt changes
     - rcu-tasks: Move RTGS_WAIT_CBS to beginning of rcu_tasks_kthread() loop
     - ath11k: Align bss_chan_info structure with firmware
     - [x86] Increase exception stack sizes
     - mwifiex: Run SET_BSS_MODE when changing from P2P to STATION vif-type
     - mwifiex: Properly initialize private structure on interface type changes
     - fscrypt: allow 256-bit master keys with AES-256-XTS
     - drm/amdgpu: Fix MMIO access page fault
     - ath11k: Avoid reg rules update during firmware recovery
     - ath11k: add handler for scan event WMI_SCAN_EVENT_DEQUEUED
     - ath11k: Change DMA_FROM_DEVICE to DMA_TO_DEVICE when map reinjected
       packets
     - ath10k: high latency fixes for beacon buffer
     - media: netup_unidvb: handle interrupt properly according to the firmware
     - media: uvcvideo: Set capability in s_param
     - media: uvcvideo: Return -EIO for control errors
     - media: uvcvideo: Set unique vdev name based in type
     - [armhf] media: imx: set a media_device bus_info string
     - media: mceusb: return without resubmitting URB in case of -EPROTO error.
     - rtw88: fix RX clock gate setting while fifo dump
     - brcmfmac: Add DMI nvram filename quirk for Cyberbook T116 tablet
     - ipmi: Disable some operations during a panic
     - fs/proc/uptime.c: Fix idle time reporting in /proc/uptime
     - ACPICA: Avoid evaluating methods too early during system resume
     - media: usb: dvd-usb: fix uninit-value bug in dibusb_read_eeprom_byte()
     - net-sysfs: try not to restart the syscall if it will fail eventually
     - tracefs: Have tracefs directories not set OTH permission bits by default
     - ath: dfs_pattern_detector: Fix possible null-pointer dereference in
       channel_detector_create()
     - iov_iter: Fix iov_iter_get_pages{,_alloc} page fault return value
     - ACPI: battery: Accept charges over the design capacity as full
     - net: phy: micrel: make *-skew-ps check more lenient
     - [arm64] drm/msm: prevent NULL dereference in msm_gpu_crashstate_capture()
     - block: bump max plugged deferred size from 16 to 32
     - md: update superblock after changing rdev flags in state_store
     - memstick: r592: Fix a UAF bug when removing the driver
     - lib/xz: Avoid overlapping memcpy() with invalid input with in-place
       decompression
     - lib/xz: Validate the value before assigning it to an enum variable
     - workqueue: make sysfs of unbound kworker cpumask more clever
     - mwl8k: Fix use-after-free in mwl8k_fw_state_machine()
     - block: remove inaccurate requeue check
     - nvmet: fix use-after-free when a port is removed
     - nvmet-rdma: fix use-after-free when a port is removed
     - nvmet-tcp: fix use-after-free when a port is removed
     - nvme: drop scan_lock and always kick requeue list when removing namespaces
     - PM: hibernate: Get block device exclusively in swsusp_check()
     - iwlwifi: mvm: disable RX-diversity in powersave
     - gre/sit: Don't generate link-local addr if addr_gen_mode is
       IN6_ADDR_GEN_MODE_NONE
     - gfs2: Cancel remote delete work asynchronously
     - gfs2: Fix glock_hash_walk bugs
     - vrf: run conntrack only in context of lower/physdev for locally generated
       packets
     - net: annotate data-race in neigh_output()
     - ACPI: AC: Quirk GK45 to skip reading _PSR
     - btrfs: reflink: initialize return value to 0 in btrfs_extent_same()
     - btrfs: do not take the uuid_mutex in btrfs_rm_device
     - [arm64] wcn36xx: Correct band/freq reporting on RX
     - [x86] hyperv: Protect set_hv_tscchange_cb() against getting preempted
     - drm/amd/display: dcn20_resource_construct reduce scope of FPU enabled
     - task_stack: Fix end_of_stack() for architectures with upwards-growing
       stack
     - erofs: don't trigger WARN() when decompression fails
     - netfilter: conntrack: set on IPS_ASSURED if flows enters internal stream
       state
     - Bluetooth: fix init and cleanup of sco_conn.timeout_work
     - rcu: Fix existing exp request check in sync_sched_exp_online_cleanup()
     - objtool: Add xen_start_kernel() to noreturn list
     - [x86] xen: Mark cpu_bringup_and_idle() as dead_end_function
     - objtool: Fix static_call list generation
     - virtio-gpu: fix possible memory allocation failure
     - lockdep: Let lock_is_held_type() detect recursive read as read
     - net: net_namespace: Fix undefined member in key_remove_domain()
     - cgroup: Make rebind_subsystems() disable v2 controllers all at once
     - [arm64] wcn36xx: Fix Antenna Diversity Switching
     - Bluetooth: btmtkuart: fix a memleak in mtk_hci_wmt_sync
     - [arm64] crypto: caam - disable pkc for non-E SoCs
     - rxrpc: Fix _usecs_to_jiffies() by using usecs_to_jiffies()
     - ath11k: fix some sleeping in atomic bugs
     - ath11k: Avoid race during regd updates
     - ath11k: fix packet drops due to incorrect 6 GHz freq value in rx status
     - ath11k: Fix memory leak in ath11k_qmi_driver_event_work
     - ath10k: Fix missing frame timestamp for beacon/probe-resp
     - ath10k: sdio: Add missing BH locking around napi_schdule()
     - drm/ttm: stop calling tt_swapin in vm_access
     - [arm64] mm: update max_pfn after memory hotplug
     - drm/amdgpu: fix warning for overflow check
     - media: em28xx: add missing em28xx_close_extension
     - media: dvb-usb: fix ununit-value in az6027_rc_query
     - media: v4l2-ioctl: S_CTRL output the right value
     - media: si470x: Avoid card name truncation
     - [x86] media: tm6000: Avoid card name truncation
     - media: cx23885: Fix snd_card_free call on null card pointer
     - kprobes: Do not use local variable when creating debugfs file
     - cpuidle: Fix kobject memory leaks in error paths
     - media: em28xx: Don't use ops->suspend if it is NULL
     - ath9k: Fix potential interrupt storm on queue reset
     - PM: EM: Fix inefficient states detection
     - [amd64] EDAC/amd64: Handle three rank interleaving mode
     - rcu: Always inline rcu_dynticks_task*_{enter,exit}()
     - netfilter: nft_dynset: relax superfluous check on set updates
     - [x86] crypto: qat - detect PFVF collision after ACK
     - [x86] crypto: qat - disregard spurious PFVF interrupts
     - b43legacy: fix a lower bounds test
     - b43: fix a lower bounds test
     - [amd64] gve: Recover from queue stall due to missed IRQ
     - [armhf] mmc: sdhci-omap: Fix NULL pointer exception if regulator is not
       configured
     - [armhf] mmc: sdhci-omap: Fix context restore
     - memstick: jmb38x_ms: use appropriate free function in
       jmb38x_ms_alloc_host()
     - net, neigh: Fix NTF_EXT_LEARNED in combination with NTF_USE
     - hwmon: Fix possible memleak in __hwmon_device_register()
     - ath10k: fix max antenna gain unit
     - kernel/sched: Fix sched_fork() access an invalid sched_task_group
     - tcp: switch orphan_count to bare per-cpu counters
     - [arm64] drm/msm: potential error pointer dereference in init()
     - [arm64] drm/msm: uninitialized variable in msm_gem_import()
     - net: stream: don't purge sk_error_queue in sk_stream_kill_queues()
     - [x86] platform/x86: thinkpad_acpi: Fix bitwise vs. logical warning
     - mt76: mt76x02: fix endianness warnings in mt76x02_mac.c
     - rsi: stop thread firstly in rsi_91x_init() error handling
     - mwifiex: Send DELBA requests according to spec
     - [arm64] net: enetc: unmap DMA in enetc_send_cmd()
     - phy: micrel: ksz8041nl: do not use power down mode
     - nvme-rdma: fix error code in nvme_rdma_setup_ctrl
     - PM: hibernate: fix sparse warnings
     - [arm64] drm/msm: Fix potential NULL dereference in DPU SSPP
     - bpftool: Avoid leaking the JSON writer prepared for program metadata
     - [s390x] gmap: don't unconditionally call pte_unmap_unlock() in
       __gmap_zap()
     - [s390x] KVM: pv: avoid double free of sida page
     - [s390x] KVM: pv: avoid stalls for kvm_s390_pv_init_vm
     - tpm: fix Atmel TPM crash caused by too frequent queries
     - tpm_tis_spi: Add missing SPI ID
     - tcp: don't free a FIN sk_buff in tcp_remove_empty_skb()
     - [s390x] KVM: Fix handle_sske page fault handling
     - libertas_tf: Fix possible memory leak in probe and disconnect
     - libertas: Fix possible memory leak in probe and disconnect
     - [arm64] wcn36xx: add proper DMA memory barriers in rx path
     - [arm64] wcn36xx: Fix discarded frames due to wrong sequence number
     - drm/amdgpu/gmc6: fix DMA mask from 44 to 40 bits
     - [amd64,arm64] net: amd-xgbe: Toggle PLL settings during rate change
     - net: phylink: avoid mvneta warning when setting pause parameters
     - crypto: pcrypt - Delay write to padata->info
     - udp6: allow SO_MARK ctrl msg to affect routing
     - cgroup: Fix rootcg cpu.stat guest double counting
     - bpf: Fix propagation of bounds from 64-bit min/max into 32-bit and
       var_off.
     - bpf: Fix propagation of signed bounds from 64-bit min/max into 32-bit.
     - iio: st_sensors: Call st_sensors_power_enable() from bus drivers
     - iio: st_sensors: disable regulators after device unregistration
     - RDMA/bnxt_re: Fix query SRQ failure
     - [arm64] dts: meson-g12a: Fix the pwm regulator supply properties
     - [armhf] bus: ti-sysc: Fix timekeeping_suspended warning on resume
     - scsi: dc395: Fix error case unwinding
     - JFS: fix memleak in jfs_mount
     - ALSA: hda: Reduce udelay() at SKL+ position reporting
     - ALSA: hda: Release controller display power during shutdown/reboot
     - ALSA: hda: Fix hang during shutdown due to link reset
     - ALSA: hda: Use position buffer for SKL+ again
     - soundwire: debugfs: use controller id and link_id for debugfs
     - scsi: pm80xx: Fix misleading log statement in pm8001_mpi_get_nvmd_resp()
     - driver core: Fix possible memory leak in device_link_add()
     - [x86] ASoC: SOF: topology: do not power down primary core during topology
       removal
     - [arm64,armhf] soc/tegra: Fix an error handling path in
       tegra_powergate_power_up()
     - [powerpc*] Refactor is_kvm_guest() declaration to new header
     - [powerpc*] Rename is_kvm_guest() to check_kvm_guest()
     - [powerpc*] Reintroduce is_kvm_guest() as a fast-path check
     - [powerpc*] Fix is_kvm_guest() / kvm_para_available()
     - [powerpc*] fix unbalanced node refcount in check_kvm_guest()
     - serial: 8250_dw: Drop wrong use of ACPI_PTR()
     - scsi: csiostor: Uninitialized data in csio_ln_vnp_read_cbfn()
     - RDMA/mlx4: Return missed an error if device doesn't support steering
     - iio: adis: do not disabe IRQs in 'adis_init()'
     - scsi: ufs: Refactor ufshcd_setup_clocks() to remove skip_ref_clk
     - [arm64,armhf] serial: imx: fix detach/attach of serial console
     - [arm*] usb: dwc2: drd: fix dwc2_force_mode call in dwc2_ovr_init
     - [arm*] usb: dwc2: drd: fix dwc2_drd_role_sw_set when clock could be
       disabled
     - [arm*] usb: dwc2: drd: reset current session before setting the new one
     - [arm64] firmware: qcom_scm: Fix error retval in
       __qcom_scm_is_call_available()
     - [arm64] phy: qcom-qusb2: Fix a memory leak on probe
     - [armhf] phy: ti: gmii-sel: check of_get_address() for failure
     - [arm64] serial: xilinx_uartps: Fix race condition causing stuck TX
     - HID: u2fzero: clarify error check and length calculations
     - HID: u2fzero: properly handle timeouts in usb_submit_urb
     - virtio_ring: check desc == NULL when using indirect with packed
     - [mips*] cm: Convert to bitfield API to fix out-of-bounds access
     - apparmor: fix error check
     - rpmsg: Fix rpmsg_create_ept return when RPMSG config is not defined
     - nfsd: don't alloc under spinlock in rpc_parse_scope_id
     - NFS: Fix dentry verifier races
     - pnfs/flexfiles: Fix misplaced barrier in nfs4_ff_layout_prepare_ds
     - drm/plane-helper: fix uninitialized variable reference
     - [arm64] PCI: aardvark: Don't spam about PIO Response Status
     - [arm64] PCI: aardvark: Fix preserving PCI_EXP_RTCTL_CRSSVE flag on
       emulated bridge
     - opp: Fix return in _opp_add_static_v2()
     - NFS: Fix deadlocks in nfs_scan_commit_list()
     - fs: orangefs: fix error return code of orangefs_revalidate_lookup()
     - [arm64] mtd: spi-nor: hisi-sfc: Remove excessive clk_disable_unprepare()
     - mtd: core: don't remove debugfs directory if device is in use
     - [armhf] remoteproc: Fix a memory leak in an error handling path in
       'rproc_handle_vdev()'
     - NFS: Fix up commit deadlocks
     - NFS: Fix an Oops in pnfs_mark_request_commit()
     - Fix user namespace leak
     - [arm64] soc: fsl: dpaa2-console: free buffer before returning from
       dpaa2_console_read
     - netfilter: nfnetlink_queue: fix OOB when mac header was cleared
     - [x86] watchdog: f71808e_wdt: fix inaccurate report in WDIOC_GETTIMEOUT
     - scsi: qla2xxx: Changes to support FCP2 Target
     - scsi: qla2xxx: Relogin during fabric disturbance
     - scsi: qla2xxx: Fix gnl list corruption
     - scsi: qla2xxx: Turn off target reset during issue_lip
     - NFSv4: Fix a regression in nfs_set_open_stateid_locked()
     - xen-pciback: Fix return in pm_ctrl_init()
     - [armhf] net: davinci_emac: Fix interrupt pacing disable
     - ethtool: fix ethtool msg len calculation for pause stats
     - net: vlan: fix a UAF in vlan_dev_real_dev()
     - ice: Fix replacing VF hardware MAC to existing MAC filter
     - ice: Fix not stopping Tx queues for VFs
     - [x86] ACPI: PMIC: Fix intel_pmic_regs_handler() read accesses
     - net: phy: fix duplex out of sync problem while changing settings
     - bonding: Fix a use-after-free problem when bond_sysfs_slave_add() failed
     - mfd: core: Add missing of_node_put for loop iteration
     - mm/zsmalloc.c: close race window between zs_pool_dec_isolated() and
       zs_unregister_migration()
     - zram: off by one in read_block_state()
     - llc: fix out-of-bound array index in llc_sk_dev_hash()
     - nfc: pn533: Fix double free when pn533_fill_fragment_skbs() fails
     - [arm64] pgtable: make __pte_to_phys/__phys_to_pte_val inline functions
     - bpf, sockmap: Remove unhash handler for BPF sockmap usage
     - bpf: sockmap, strparser, and tls are reusing qdisc_skb_cb and colliding
     - [amd64] gve: Fix off by one in gve_tx_timeout()
     - seq_file: fix passing wrong private data
     - net/sched: sch_taprio: fix undefined behavior in ktime_mono_to_any
     - [arm64] net: hns3: fix kernel crash when unload VF while it is being reset
     - [arm64] net: hns3: allow configure ETS bandwidth of all TCs
     - net: stmmac: allow a tc-taprio base-time of zero
     - vsock: prevent unnecessary refcnt inc for nonblocking connect
     - net/smc: fix sk_refcnt underflow on linkdown and fallback
     - cxgb4: fix eeprom len when diagnostics not implemented
     - [armel,armhf] 9155/1: fix early early_iounmap()
     - [armhf] 9156/1: drop cc-option fallbacks for architecture selection
     - [x86] mce: Add errata workaround for Skylake SKX37
     - posix-cpu-timers: Clear task::posix_cputimers_work in copy_process()
     - f2fs: should use GFP_NOFS for directory inodes
     - net, neigh: Enable state migration between NUD_PERMANENT and NTF_USE
     - 9p/net: fix missing error check in p9_check_errors
     - memcg: prohibit unconditional exceeding the limit of dying tasks
     - [powerpc*] lib: Add helper to check if offset is within conditional branch
       range
     - [powerpc*] bpf: Validate branch ranges
     - [powerpc*] security: Add a helper to query stf_barrier type
     - [powerpc*] bpf: Emit stf barrier instruction sequences for BPF_NOSPEC
     - mm, oom: pagefault_out_of_memory: don't force global OOM for dying tasks
     - mm, oom: do not trigger out_of_memory from the #PF
     - video: backlight: Drop maximum brightness override for brightness zero
     - [s390x] cio: check the subchannel validity for dev_busid
     - [s390x] tape: fix timer initialization in tape_std_assign()
     - [s390x] ap: Fix hanging ioctl caused by orphaned replies
     - [s390x] cio: make ccw_device_dma_* more robust
     - [powerpc*] powernv/prd: Unregister OPAL_MSG_PRD2 notifier during module
       unload
     - [arm64,armhf] drm/sun4i: Fix macros in sun8i_csc.h
     - PCI: Add PCI_EXP_DEVCTL_PAYLOAD_* macros
     - [arm64] PCI: aardvark: Fix PCIe Max Payload Size setting
     - SUNRPC: Partial revert of commit 6f9f17287e78
     - ath10k: fix invalid dma_addr_t token assignment
     - arch/cc: Introduce a function to check for confidential computing features
     - [arm64,armhf] soc/tegra: pmc: Fix imbalanced clock disabling in error code
       path
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.81
     - block: Add a helper to validate the block size
     - loop: Use blk_validate_block_size() to validate block size
     - bootconfig: init: Fix memblock leak in xbc_make_cmdline()
     - net: stmmac: add clocks management for gmac driver
     - net: stmmac: fix missing unlock on error in stmmac_suspend()
     - net: stmmac: fix system hang if change mac address after interface ifdown
     - net: stmmac: fix issue where clk is being unprepared twice
     - [arm64,armhf] net: stmmac: dwmac-rk: fix unbalanced pm_runtime_enable
       warnings
     - [x86] iopl: Fake iopl(3) CLI/STI usage
     - PCI/MSI: Destroy sysfs before freeing entries
     - PCI/MSI: Deal with devices lying about their MSI mask capability
     - PCI: Add MSI masking quirk for Nvidia ION AHCI
     - erofs: remove the occupied parameter from z_erofs_pagevec_enqueue()
     - erofs: fix unsafe pagevec reuse of hooked pclusters
     - scripts/lld-version.sh: Rewrite based on upstream ld-version.sh
     - perf/core: Avoid put_page() when GUP fails
     - thermal: Fix NULL pointer dereferences in of_thermal_ functions
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.82
     - [arm64] zynqmp: Do not duplicate flash partition label property
     - [arm64] zynqmp: Fix serial compatible string
     - scsi: lpfc: Fix list_add() corruption in lpfc_drain_txq()
     - [armhf] bus: ti-sysc: Add quirk handling for reinit on context lost
     - [armhf] bus: ti-sysc: Use context lost quirk for otg
     - [armhf] usb: musb: tusb6010: check return value after calling
       platform_get_resource()
     - [x86] usb: typec: tipd: Remove WARN_ON in tps6598x_block_read
     - staging: rtl8723bs: remove possible deadlock when disconnect (v2)
     - [x86] ASoC: SOF: Intel: hda-dai: fix potential locking issue
     - [armhf] clk: imx: imx6ul: Move csi_sel mux to correct base register
     - [x86] ASoC: nau8824: Add DMI quirk mechanism for active-high jack-detect
     - scsi: advansys: Fix kernel pointer leak
     - ALSA: intel-dsp-config: add quirk for APL/GLK/TGL devices based on ES8336
       codec
     - firmware_loader: fix pre-allocated buf built-in firmware use
     - tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc
     - scsi: scsi_debug: Fix out-of-bound read in resp_readcap16()
     - scsi: scsi_debug: Fix out-of-bound read in resp_report_tgtpgs()
     - scsi: target: Fix ordered tag handling
     - scsi: target: Fix alua_tg_pt_gps_count tracking
     - iio: imu: st_lsm6dsx: Avoid potential array overflow in
       st_lsm6dsx_set_odr()
     - [i386] ALSA: gus: fix null pointer dereference on pointer block
     - maple: fix wrong return value of maple_bus_init().
     - f2fs: fix up f2fs_lookup tracepoints
     - f2fs: fix to use WHINT_MODE
     - f2fs: compress: disallow disabling compress on non-empty compressed file
     - f2fs: fix incorrect return value in f2fs_sanity_check_ckpt()
     - [armhf] clk/ast2600: Fix soc revision for AHB
     - [arm64] clk: qcom: gcc-msm8996: Drop (again) gcc_aggre1_pnoc_ahb_clk
     - sched/core: Mitigate race cpus_share_cache()/update_top_cache_domain()
     - [x86] perf/x86/vlbr: Add c->flags to vlbr event constraints
     - blkcg: Remove extra blkcg_bio_issue_init
     - perf bpf: Avoid memory leak from perf_env__insert_btf()
     - perf bench futex: Fix memory leak of perf_cpu_map__new()
     - perf tests: Remove bash construct from record+zstd_comp_decomp.sh
     - drm/nouveau: hdmigv100.c: fix corrupted HDMI Vendor InfoFrame
     - net-zerocopy: Copy straggler unaligned data for TCP Rx. zerocopy.
     - net-zerocopy: Refactor skb frag fast-forward op.
     - tcp: Fix uninitialized access in skb frags array for Rx 0cp.
     - tracing: Add length protection to histogram string copies
     - bnxt_en: reject indirect blk offload when hw-tc-offload is off
     - tipc: only accept encrypted MSG_CRYPTO msgs
     - net: reduce indentation level in sk_clone_lock()
     - sock: fix /proc/net/sockstat underflow in sk_clone_lock()
     - net/smc: Make sure the link_id is unique
     - iavf: Fix return of set the new channel count
     - iavf: check for null in iavf_fix_features
     - iavf: free q_vectors before queues in iavf_disable_vf
     - iavf: Fix failure to exit out from last all-multicast mode
     - iavf: prevent accidental free of filter structure
     - iavf: validate pointers
     - iavf: Fix for the false positive ASQ/ARQ errors while issuing VF reset
     - iavf: Fix for setting queues to 0
     - [x86] platform/x86: hp_accel: Fix an error handling path in
       'lis3lv02d_probe()'
     - net/mlx5e: nullify cq->dbg pointer in mlx5_debug_cq_remove()
     - net/mlx5: Lag, update tracker when state change event received
     - net/mlx5: E-Switch, Change mode lock from mutex to rw semaphore
     - net/mlx5: E-Switch, return error if encap isn't supported
     - scsi: core: sysfs: Fix hang when device state is set via sysfs
     - net: sched: act_mirred: drop dst for the direction from egress to ingress
     - [arm64] net: dpaa2-eth: fix use-after-free in dpaa2_eth_remove
     - net: virtio_net_hdr_to_skb: count transport header in UFO
     - i40e: Fix correct max_pkt_size on VF RX queue
     - i40e: Fix NULL ptr dereference on VSI filter sync
     - i40e: Fix changing previously set num_queue_pairs for PFs
     - i40e: Fix ping is lost after configuring ADq on VF
     - i40e: Fix warning message and call stack during rmmod i40e driver
     - i40e: Fix creation of first queue by omitting it if is not power of two
     - i40e: Fix display error code in dmesg
     - e100: fix device suspend/resume (Closes: #995927)
     - [powerpc*] KVM: PPC: Book3S HV: Use GLOBAL_TOC for
       kvmppc_h_set_dabr/xdabr()
     - [x86] perf/x86/intel/uncore: Fix filter_tid mask for CHA events on Skylake
       Server
     - [x86] perf/x86/intel/uncore: Fix IIO event constraints for Skylake Server
     - [s390x] kexec: fix return code handling
     - [arm64,armhf] net: stmmac: dwmac-rk: Fix ethernet on rk3399 based devices
     - tun: fix bonding active backup with arp monitoring
     - tipc: check for null after calling kmemdup
     - ipc: WARN if trying to remove ipc object which is absent
     - [x86] hyperv: Fix NULL deref in set_hv_tscchange_cb() if Hyper-V setup
       fails
     - scsi: qla2xxx: Fix mailbox direction flags in qla2xxx_get_adapter_id()
     - [s390x] kexec: fix memory leak of ipl report buffer
     - block: Check ADMIN before NICE for IOPRIO_CLASS_RT
     - [x86] KVM: nVMX: don't use vcpu->arch.efer when checking host state on
       nested state load
     - udf: Fix crash after seekdir
     - [armhf] net: stmmac: socfpga: add runtime suspend/resume callback for
       stratix10 platform
     - btrfs: fix memory ordering between normal and ordered work functions
     - cfg80211: call cfg80211_stop_ap when switch from P2P_GO type
     - drm/udl: fix control-message timeout
     - drm/nouveau: Add a dedicated mutex for the clients list (CVE-2020-27820)
     - drm/nouveau: use drm_dev_unplug() during device removal (CVE-2020-27820)
     - drm/nouveau: clean up all clients on device removal (CVE-2020-27820)
     - [x86] drm/i915/dp: Ensure sink rate values are always valid
     - drm/amdgpu: fix set scaling mode Full/Full aspect/Center not works on vga
       and dvi connectors
     - scsi: ufs: core: Fix task management completion
     - scsi: ufs: core: Fix task management completion timeout race
     - hugetlbfs: flush TLBs correctly after huge_pmd_unshare (CVE-2021-4002)
     - RDMA/netlink: Add __maybe_unused to static inline in C file
     - selinux: fix NULL-pointer dereference when hashtab allocation fails
     - ASoC: DAPM: Cover regression by kctl change notification fix
     - ice: Delete always true check of PF pointer
     - fs: export an inode_update_time helper
     - btrfs: update device path inode time instead of bd_inode
     - [x86] ALSA: hda: hdac_ext_stream: fix potential locking issues
     - ALSA: hda: hdac_stream: fix potential locking issue in
       snd_hdac_stream_assign()
     - Revert "perf: Rework perf_event_exit_event()"
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.83
     - bpf: Fix toctou on read-only map's constant scalar tracking
       (CVE-2021-4001)
     - ACPI: Get acpi_device's parent from the parent field
     - USB: serial: option: add Telit LE910S1 0x9200 composition
     - USB: serial: option: add Fibocom FM101-GL variants
     - [arm*] usb: dwc2: gadget: Fix ISOC flow for elapsed frames
     - [arm*] usb: dwc2: hcd_queue: Fix use of floating point literal
     - [arm64,armhf] usb: dwc3: gadget: Ignore NoStream after End Transfer
     - [arm64,armhf] usb: dwc3: gadget: Check for L1/L2/U3 for Start Transfer
     - [arm64,armhf] usb: dwc3: gadget: Fix null pointer exception
     - net: nexthop: fix null pointer dereference when IPv6 is not enabled
     - [arm64,armhf] usb: chipidea: ci_hdrc_imx: fix potential error pointer
       dereference in probe
     - usb: typec: fusb302: Fix masking of comparator and bc_lvl interrupts
     - usb: hub: Fix usb enumeration issue due to address0 race
     - usb: hub: Fix locking issues with address0_mutex
     - [arm*] binder: fix test regression due to sender_euid change
     - ALSA: ctxfi: Fix out-of-range access
     - ALSA: hda/realtek: Add quirk for ASRock NUC Box 1100
     - ALSA: hda/realtek: Fix LED on HP ProBook 435 G7
     - media: cec: copy sequence field for the reply
     - HID: wacom: Use "Confidence" flag to prevent reporting invalid contacts
     - [x86] staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect()
     - fuse: release pipe buf after last use
     - xen: don't continue xenstore initialization in case of errors
     - xen: detect uninitialized xenbus in xenbus_init
     - [powerpc*] KVM: PPC: Book3S HV: Prevent POWER7/8 TLB flush flushing SLB
     - tracing/uprobe: Fix uprobe_perf_open probes iteration
     - tracing: Fix pid filtering when triggers are attached
     - [arm64,armhf] mmc: sdhci-esdhc-imx: disable CMDQ support
     - mmc: sdhci: Fix ADMA for PAGE_SIZE >= 64KiB
     - [armhf] mdio: aspeed: Fix "Link is Down" issue
     - [arm64] PCI: aardvark: Deduplicate code in advk_pcie_rd_conf()
     - [arm64] PCI: aardvark: Update comment about disabling link training
     - [arm64] PCI: aardvark: Implement re-issuing config requests on CRS
       response
     - [arm64] PCI: aardvark: Simplify initialization of rootcap on virtual
       bridge
     - [arm64] PCI: aardvark: Fix link training
     - proc/vmcore: fix clearing user buffer by properly using clear_user()
     - netfilter: ctnetlink: fix filtering with CTA_TUPLE_REPLY
     - netfilter: ctnetlink: do not erase error code with EINVAL
     - netfilter: ipvs: Fix reuse connection if RS weight is 0
     - netfilter: flowtable: fix IPv6 tunnel addr match
     - [x86] ASoC: topology: Add missing rwsem around snd_ctl_remove() calls
     - net: ieee802154: handle iftypes as u32
     - NFSv42: Don't fail clone() unless the OP_CLONE operation failed
     - [armhf] socfpga: Fix crash with CONFIG_FORTIRY_SOURCE
     - drm/nouveau/acr: fix a couple NULL vs IS_ERR() checks
     - scsi: mpt3sas: Fix kernel panic during drive powercycle test
     - [arm*] drm/vc4: fix error code in vc4_create_object()
     - iavf: Prevent changing static ITR values if adaptive moderation is on
     - ALSA: intel-dsp-config: add quirk for JSL devices based on ES8336 codec
     - [arm64,armhf] firmware: smccc: Fix check for ARCH_SOC_ID not implemented
     - ipv6: fix typos in __ip6_finish_output()
     - nfp: checking parameter process for rx-usecs/tx-usecs is invalid
     - net: stmmac: fix system hang caused by eee_ctrl_timer during
       suspend/resume
     - net: stmmac: retain PTP clock time during SIOCSHWTSTAMP ioctls
     - net: ipv6: add fib6_nh_release_dsts stub
     - net: nexthop: release IPv6 per-cpu dsts when replacing a nexthop group
     - ice: fix vsi->txq_map sizing
     - ice: avoid bpf_prog refcount underflow
     - scsi: core: sysfs: Fix setting device state to SDEV_RUNNING
     - scsi: scsi_debug: Zero clear zones at reset write pointer
     - erofs: fix deadlock when shrink erofs slab
     - net/smc: Ensure the active closing peer first closes clcsock
     - [arm64,armhf] net: marvell: mvpp2: increase MTU limit when XDP enabled
     - nvmet-tcp: fix incomplete data digest send
     - [armhf] net/ncsi : Add payload to be 32-bit aligned to fix dropped packets
     - PM: hibernate: use correct mode for swsusp_close()
     - drm/amd/display: Set plane update flags for all planes in reset
     - tcp_cubic: fix spurious Hystart ACK train detections for not-cwnd-limited
       flows
     - lan743x: fix deadlock in lan743x_phy_link_status_change()
     - net: phylink: Force link down and retrigger resolve on interface change
     - net: phylink: Force retrigger in case of latched link-fail indicator
     - net/smc: Fix NULL pointer dereferencing in smc_vlan_by_tcpsk()
     - net/smc: Fix loop in smc_listen
     - nvmet: use IOCB_NOWAIT only if the filesystem supports it
     - igb: fix netpoll exit with traffic
     - [mips*] loongson64: fix FTLB configuration
     - [mips*] use 3-level pgtable for 64KB page size on MIPS_VA_BITS_48
     - net/sched: sch_ets: don't peek at classes beyond 'nbands'
     - net: vlan: fix underflow for the real_dev refcnt
     - net/smc: Don't call clcsock shutdown twice when smc shutdown
     - [arm64] net: hns3: fix VF RSS failed problem after PF enable multi-TCs
     - [arm64] net: mscc: ocelot: don't downgrade timestamping RX filters in
       SIOCSHWTSTAMP
     - [arm64] net: mscc: ocelot: correctly report the timestamping RX filters in
       ethtool
     - tcp: correctly handle increased zerocopy args struct size
     - sched/scs: Reset task stack state in bringup_cpu()
     - f2fs: set SBI_NEED_FSCK flag when inconsistent node block found
     - ceph: properly handle statfs on multifs setups
     - smb3: do not error on fsync when readonly
     - [amd64] iommu/amd: Clarify AMD IOMMUv2 initialization messages
     - vhost/vsock: fix incorrect used length reported to the guest
     - tracing: Check pid filtering when creating events
     - xen: sync include/xen/interface/io/ring.h with Xen's newest version
     - xen/blkfront: read response from backend only once
     - xen/blkfront: don't take local copy of a request from the ring page
     - xen/blkfront: don't trust the backend response data blindly
     - xen/netfront: read response from backend only once
     - xen/netfront: don't read data from request on the ring page
     - xen/netfront: disentangle tx_skb_freelist
     - xen/netfront: don't trust the backend response data blindly
     - tty: hvc: replace BUG_ON() with negative return value
     - [s390x] mm: validate VMA in PGSTE manipulation functions
     - shm: extend forced shm destroy to support objects from several IPC nses
     - net: stmmac: platform: fix build warning when with !CONFIG_PM_SLEEP
     - drm/amdgpu/gfx9: switch to golden tsc registers for renoir+
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.84
     - NFSv42: Fix pagecache invalidation after COPY/CLONE
     - can: j1939: j1939_tp_cmd_recv(): check the dst address of TP.CM_BAM
     - ovl: simplify file splice
     - ovl: fix deadlock in splice write
     - gfs2: release iopen glock early in evict
     - gfs2: Fix length of holes reported at end-of-file
     - [powerpc*] pseries/ddw: Revert "Extend upper limit for huge DMA window for
       persistent memory"
     - mac80211: do not access the IV when it was stripped
     - net/smc: Transfer remaining wait queue entries during fallback
     - [amd64,arm64] atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait
       (CVE-2021-43975)
     - net: return correct error code
     - [x86] platform/x86: thinkpad_acpi: Add support for dual fan control
     - [x86] platform/x86: thinkpad_acpi: Fix WWAN device disabled issue after S3
       deep
     - [s390x] setup: avoid using memblock_enforce_memory_limit
     - btrfs: check-integrity: fix a warning on write caching disabled disk
     - thermal: core: Reset previous low and high trip during thermal zone init
     - scsi: iscsi: Unblock session then wake up error handler
     - drm/amd/amdgpu: fix potential memleak
     - ata: ahci: Add Green Sardine vendor ID as board_ahci_mobile
     - [arm64] ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array
       overflow in hns_dsaf_ge_srst_by_port()
     - ipv6: check return value of ipv6_skip_exthdr
     - net/smc: Avoid warning of possible recursive locking
     - ACPI: Add stubs for wakeup handler functions
     - vrf: Reset IPCB/IP6CB when processing outbound pkts in vrf dev xmit
     - kprobes: Limit max data_size of the kretprobe instances
     - rt2x00: do not mark device gone on EPROTO errors during start
     - ipmi: Move remove_work to dedicated workqueue
     - cpufreq: Fix get_cpu_device() failure in add_cpu_dev_symlink()
     - [s390x] pci: move pseudo-MMIO to prevent MIO overlap
     - fget: check that the fd still exists after getting a ref to it
     - ipv6: fix memory leak in fib6_rule_suppress
     - drm/amd/display: Allow DSC on supported MST branch devices
     - KVM: Disallow user memslot with size that exceeds "unsigned long"
     - [x86] KVM: nVMX: Flush current VPID (L1 vs. L2) for
       KVM_REQ_TLB_FLUSH_GUEST
     - [x86] KVM: x86: Use a stable condition around all VT-d PI paths
     - [arm64] KVM: arm64: Avoid setting the upper 32 bits of TCR_EL2 and
       CPTR_EL2 to 1
     - [x86] KVM: X86: Use vcpu->arch.walk_mmu for kvm_mmu_invlpg()
     - wireguard: allowedips: add missing __rcu annotation to satisfy sparse
     - wireguard: device: reset peer src endpoint when netns exits
     - wireguard: receive: use ring buffer for incoming handshakes
     - wireguard: receive: drop handshakes if queue lock is contended
     - wireguard: ratelimiter: use kvcalloc() instead of kvzalloc()
     - [armhf] i2c: stm32f7: flush TX FIFO upon transfer errors
     - [armhf] i2c: stm32f7: recover the bus on access timeout
     - [armhf] i2c: stm32f7: stop dma transfer in case of NACK
     - tcp: fix page frag corruption on page fault
     - net: qlogic: qlcnic: Fix a NULL pointer dereference in
       qlcnic_83xx_add_rings()
     - net: mpls: Fix notifications when deleting a device
     - siphash: use _unaligned version by default
     - [arm64] ftrace: add missing BTIs
     - net/mlx4_en: Fix an use-after-free bug in mlx4_en_try_alloc_resources()
     - rxrpc: Fix rxrpc_peer leak in rxrpc_look_up_bundle()
     - rxrpc: Fix rxrpc_local leak in rxrpc_lookup_peer()
     - ALSA: intel-dsp-config: add quirk for CML devices based on ES8336 codec
     - net: usb: lan78xx: lan78xx_phy_init(): use PHY_POLL instead of "0" if no
       IRQ is available
     - [arm64,armhf] net: marvell: mvpp2: Fix the computation of shared CPUs
     - [arm64] dpaa2-eth: destroy workqueue at the end of remove function
     - net: annotate data-races on txq->xmit_lock_owner
     - ipv4: convert fib_num_tclassid_users to atomic_t
     - net/smc: fix wrong list_del in smc_lgr_cleanup_early
     - net/rds: correct socket tunable error in rds_tcp_tune()
     - net/smc: Keep smc_close_final rc during active close
     - [arm64] drm/msm/a6xx: Allocate enough space for GMU registers
     - [arm64] drm/msm: Do hw_init() before capturing GPU state
     - [amd64,arm64] atlantic: Increase delay for fw transactions
     - [amd64,arm64] atlatnic: enable Nbase-t speeds with base-t
     - [amd64,arm64] atlantic: Fix to display FW bundle version instead of FW mac
       version.
     - [amd64,arm64] atlantic: Add missing DIDs and fix 115c.
     - [amd64,arm64] Remove Half duplex mode speed capabilities.
     - [amd64,arm64] atlantic: Fix statistics logic for production hardware
     - [amd64,arm64] atlantic: Remove warn trace message.
     - [x86] KVM: x86/pmu: Fix reserved bits for AMD PerfEvtSeln register
     - [x86] KVM: VMX: Set failure code in prepare_vmcs02()
     - [x86] entry: Use the correct fence macro after swapgs in kernel CR3
     - [x86] xen: Add xenpv_restore_regs_and_return_to_usermode()
     - sched/uclamp: Fix rq->uclamp_max not set on first enqueue
     - [x86] pv: Switch SWAPGS to ALTERNATIVE
     - [x86] entry: Add a fence for kernel entry SWAPGS in paranoid_entry()
     - vgacon: Propagate console boot parameters before calling `vc_resize'
     - xhci: Fix commad ring abort, write all 64 bits to CRCR register.
     - USB: NO_LPM quirk Lenovo Powered USB-C Travel Hub
     - usb: typec: tcpm: Wait in SNK_DEBOUNCED until disconnect
     - [x86] tsc: Add a timer to make sure TSC_adjust is always checked
     - [x86] tsc: Disable clocksource watchdog for TSC on qualified platorms
     - [x86] 64/mm: Map all kernel memory into trampoline_pgd
     - [arm64] tty: serial: msm_serial: Deactivate RX DMA for polling support
     - [arm*] serial: pl011: Add ACPI SBSA UART match id
     - [arm64,armhf] serial: tegra: Change lower tolerance baud rate limit for
       tegra20 and tegra30
     - serial: core: fix transmit-buffer reset and memleak
     - serial: 8250_pci: Fix ACCES entries in pci_serial_quirks array
     - serial: 8250_pci: rewrite pericom_do_set_divisor()
     - serial: 8250: Fix RTS modem control while in rs485 mode
     - iwlwifi: mvm: retry init flow if failed
     - ipmi: msghandler: Make symbol 'remove_work_wq' static
 .
   [ Salvatore Bonaccorso ]
   * integrity: Drop "MODSIGN: load blacklist from MOKx" as redundant after
     5.10.47.
   * Bump ABI to 10
   * Refresh "tools/perf: pmu-events: Fix reproducibility"
   * [rt] Update to 5.10.73-rt54
   * [rt] Refresh "tracing: Merge irqflags + preempt counter."
   * Refresh "Export symbols needed by Android drivers"
   * [rt] Refresh "printk: introduce kernel sync mode"
   * [rt] Refresh "printk: move console printing to kthreads"
   * [rt] Drop "rcutorture: Avoid problematic critical section nesting on RT"
   * [rt] Add new signing key for Luis Claudio R. Goncalves
   * [rt] Update to 5.10.83-rt58
 .
   [ Ben Hutchings ]
   * tools/perf: Fix warning introduced by "tools/perf: pmu-events: Fix
     reproducibility"

linux-signed-arm64 (5.10.84+1) bullseye; urgency=medium
 .
   * Sign kernel from linux 5.10.84-1
 .
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.71
     - tty: Fix out-of-bound vmalloc access in imageblit
     - cpufreq: schedutil: Use kobject release() method to free sugov_tunables
     - scsi: qla2xxx: Changes to support kdump kernel for NVMe BFS
     - cpufreq: schedutil: Destroy mutex before kobject_put() frees the memory
     - ALSA: hda/realtek: Quirks to enable speaker output for Lenovo Legion 7i
       15IMHG05, Yoga 7i 14ITL5/15ITL5, and 13s Gen2 laptops.
     - [amd64,arm64] ACPI: NFIT: Use fallback node id when numa info in NFIT
       table is incorrect
     - fs-verity: fix signed integer overflow with i_size near S64_MAX
     - hwmon: (tmp421) handle I2C errors
     - hwmon: (w83793) Fix NULL pointer dereference by removing unnecessary
       structure field
     - hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary
       structure field
     - hwmon: (w83791d) Fix NULL pointer dereference by removing unnecessary
       structure field
     - [arm64,armhf] gpio: pca953x: do not ignore i2c errors
     - scsi: ufs: Fix illegal offset in UPIU event trace
     - mac80211: fix use-after-free in CCMP/GCMP RX
     - [x86] kvmclock: Move this_cpu_pvti into kvmclock.h
     - [x86] KVM: x86: Fix stack-out-of-bounds memory access from
       ioapic_write_indirect()
     - [x86] KVM: x86: nSVM: don't copy virt_ext from vmcb12
     - [x86] KVM: nVMX: Filter out all unsupported controls when eVMCS was
       activated
     - KVM: rseq: Update rseq when processing NOTIFY_RESUME on xfer to KVM guest
     - RDMA/cma: Do not change route.addr.src_addr.ss_family
     - drm/amd/display: Pass PCI deviceid into DC
     - drm/amdgpu: correct initial cp_hqd_quantum for gfx9
     - ipvs: check that ip_vs_conn_tab_bits is between 8 and 20
     - bpf: Handle return value of BPF_PROG_TYPE_STRUCT_OPS prog
     - IB/cma: Do not send IGMP leaves for sendonly Multicast groups
     - RDMA/cma: Fix listener leak in rdma_cma_listen_on_all() failure
     - mac80211: Fix ieee80211_amsdu_aggregate frag_tail bug
     - mac80211: limit injected vht mcs/nss in ieee80211_parse_tx_radiotap
     - mac80211: mesh: fix potentially unaligned access
     - mac80211-hwsim: fix late beacon hrtimer handling
     - sctp: break out if skb_header_pointer returns NULL in sctp_rcv_ootb
     - hwmon: (tmp421) report /PVLD condition as fault
     - hwmon: (tmp421) fix rounding for negative values
     - [arm64] net: enetc: fix the incorrect clearing of IF_MODE bits
     - net: ipv4: Fix rtnexthop len when RTA_FLOW is present
     - smsc95xx: fix stalled rx after link change
     - [x86] drm/i915/request: fix early tracepoints
     - [arm64,armhf] dsa: mv88e6xxx: 6161: Use chip wide MAX MTU
     - [arm64,armhf] dsa: mv88e6xxx: Fix MTU definition
     - [arm64,armhf] dsa: mv88e6xxx: Include tagger overhead when setting MTU for
       DSA and CPU ports
     - e100: fix length calculation in e100_get_regs_len
     - e100: fix buffer overrun in e100_get_regs
     - [arm64] RDMA/hns: Fix inaccurate prints
     - bpf: Exempt CAP_BPF from checks against bpf_jit_limit
     - Revert "block, bfq: honor already-setup queue merges"
     - scsi: csiostor: Add module softdep on cxgb4
     - ixgbe: Fix NULL pointer dereference in ixgbe_xdp_setup
     - [arm64] net: hns3: do not allow call hns3_nic_net_open repeatedly
     - [arm64] net: hns3: keep MAC pause mode when multiple TCs are enabled
     - [arm64] net: hns3: fix mixed flag HCLGE_FLAG_MQPRIO_ENABLE and
       HCLGE_FLAG_DCB_ENABLE
     - [arm64] net: hns3: fix show wrong state when add existing uc mac address
     - [arm64] net: hns3: fix prototype warning
     - [arm64] net: hns3: reconstruct function hns3_self_test
     - [arm64] net: hns3: fix always enable rx vlan filter problem after selftest
     - [arm64,armhf] net: phy: bcm7xxx: Fixed indirect MMD operations
     - net: sched: flower: protect fl_walk() with rcu
     - af_unix: fix races in sk_peer_pid and sk_peer_cred accesses
     - [x86] perf/x86/intel: Update event constraints for ICX
     - nvme: add command id quirk for apple controllers
     - elf: don't use MAP_FIXED_NOREPLACE for elf interpreter mappings
     - debugfs: debugfs_create_file_size(): use IS_ERR to check for error
     - ext4: fix loff_t overflow in ext4_max_bitmap_size()
     - ext4: limit the number of blocks in one ADD_RANGE TLV (Closes: #995425)
     - ext4: fix reserved space counter leakage
     - ext4: add error checking to ext4_ext_replay_set_iblocks()
     - ext4: fix potential infinite loop in ext4_dx_readdir()
     - HID: u2fzero: ignore incomplete packets without data
     - net: udp: annotate data race around udp_sk(sk)->corkflag
     - ASoC: dapm: use component prefix when checking widget names
     - usb: hso: remove the bailout parameter
     - [x86] crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()
       (CVE-2021-3744, CVE-2021-3764)
     - HID: betop: fix slab-out-of-bounds Write in betop_probe
     - netfilter: ipset: Fix oversized kvmalloc() calls
     - mm: don't allow oversized kvmalloc() calls
     - HID: usbhid: free raw_report buffers in usbhid_stop
     - [x86] KVM: x86: Handle SRCU initialization failure during page track init
     - netfilter: conntrack: serialize hash resizes and cleanups
     - netfilter: nf_tables: Fix oversized kvmalloc() calls
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.72
     - [arm64,armhf] spi: rockchip: handle zero length transfers without timing
       out
     - nfsd: back channel stuck in SEQ4_STATUS_CB_PATH_DOWN
     - btrfs: replace BUG_ON() in btrfs_csum_one_bio() with proper error handling
     - btrfs: fix mount failure due to past and transient device flush error
     - net: mdio: introduce a shutdown method to mdio device drivers
     - xen-netback: correct success/error reporting for the SKB-with-fraglist
       case
     - scsi: sd: Free scsi_disk device via put_device()
     - [arm*] usb: dwc2: check return value after calling platform_get_resource()
     - nvme-fc: update hardware queues before using them
     - nvme-fc: avoid race between time out and tear down
     - [arm64] thermal/drivers/tsens: Fix wrong check for tzd in irq handlers
     - scsi: ses: Retry failed Send/Receive Diagnostic commands
     - [arm64,armhf] irqchip/gic: Work around broken Renesas integration
     - smb3: correct smb3 ACL security descriptor
     - KVM: do not shrink halt_poll_ns below grow_start
     - [x86] kvm: Add AMD PMU MSRs to msrs_to_save_all[]
     - [x86] KVM: nSVM: restore int_vector in svm_clear_vintr
     - [x86] perf/x86: Reset destroy callback on event init failure
     - libata: Add ATA_HORKAGE_NO_NCQ_ON_ATI for Samsung 860 and 870 SSD.
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.73
     - [arm64,armhf] usb: chipidea: ci_hdrc_imx: Also search for 'phys' phandle
     - USB: cdc-acm: fix racy tty buffer accesses
     - USB: cdc-acm: fix break reporting
     - usb: typec: tcpm: handle SRC_STARTUP state if cc changes
     - drm/nouveau/kms/tu102-: delay enabling cursor until after assign_windows
     - xen/privcmd: fix error handling in mmap-resource processing
     - [arm64] mmc: meson-gx: do not use memcpy_to/fromio for dram-access-quirk
     - ovl: fix missing negative dentry check in ovl_rename() (CVE-2021-20321)
     - ovl: fix IOCB_DIRECT if underlying fs doesn't support direct IO
     - nfsd: fix error handling of register_pernet_subsys() in init_nfsd()
     - nfsd4: Handle the NFSv4 READDIR 'dircount' hint being zero
     - SUNRPC: fix sign error causing rpcsec_gss drops
     - xen/balloon: fix cancelled balloon action
     - [armhf] dts: omap3430-sdp: Fix NAND device node
     - [armhf] bus: ti-sysc: Add break in switch statement in sysc_init_soc()
     - [arm64] soc: qcom: mdt_loader: Drop PT_LOAD check on hash segment
     - [armhf] dts: imx: Add missing pinctrl-names for panel on M53Menlo
     - [armhf] dts: imx: Fix USB host power regulator polarity on M53Menlo
     - [amd64] PCI: hv: Fix sleep while in non-sleep context when removing child
       devices from the bus
     - iwlwifi: pcie: add configuration of a Wi-Fi adapter on Dell XPS 15
     - [armel,armhf] bpf, arm: Fix register clobbering in div/mod implementation
     - [armhf] soc: ti: omap-prm: Fix external abort for am335x pruss
     - bpf: Fix integer overflow in prealloc_elems_and_freelist()
       (CVE-2021-41864)
     - net/mlx5e: IPSEC RX, enable checksum complete
     - net/mlx5: E-Switch, Fix double allocation of acl flow counter
     - phy: mdio: fix memory leak
     - net_sched: fix NULL deref in fifo_set_limit()
     - [i386] ptp_pch: Load module automaticall