Univention Bugzilla – Bug 54607
linux: Multiple issues (5.0)
Last modified: 2022-03-30 12:41:42 CEST
New Debian linux 4.19.235-1 fixes: This update addresses the following issues: * Improper lock operation in btrfs (CVE-2021-4149) * Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn't check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042 (CVE-2022-23036) * Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn't check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042 (CVE-2022-23037) * Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn't check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042 (CVE-2022-23039) * Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn't check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042 (CVE-2022-23040) * Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn't check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042 (CVE-2022-23041) * Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn't check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042 (CVE-2022-23042) * cpu: arm64: Spectre-BHB (CVE-2022-23960) * use-after-free in dev->buf release in drivers/usb/gadget/legacy/inode.c (CVE-2022-24958)
--- mirror/ftp/pool/main/l/linux-latest/linux-latest_105+deb10u14.dsc +++ apt/ucs_5.0-0-errata5.0-1/source/linux-latest_105+deb10u15.dsc @@ -1,3 +1,7 @@ +105+deb10u15 [Sat, 19 Mar 2022 07:54:21 +0100] Salvatore Bonaccorso <carnil@debian.org>: + + * Update to 4.19.0-20 + 105+deb10u14 [Mon, 07 Mar 2022 22:42:37 +0100] Ben Hutchings <benh@debian.org>: * Update to 4.19.0-19 <http://piuparts.knut.univention.de/5.0-1/#5180100225278690480>
--- mirror/ftp/pool/main/l/linux-signed-amd64/linux-signed-amd64_4.19.232+1.dsc +++ apt/ucs_5.0-0-errata5.0-1/source/linux-signed-amd64_4.19.235+1.dsc @@ -1,6 +1,115 @@ -4.19.232+1 [Mon, 07 Mar 2022 22:13:16 +0100] Salvatore Bonaccorso <carnil@debian.org>: +4.19.235+1 [Thu, 17 Mar 2022 20:48:39 +0100] Salvatore Bonaccorso <carnil@debian.org>: - * Sign kernel from linux 4.19.232-1 + * Sign kernel from linux 4.19.235-1 + + * New upstream stable update: + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.233 + - mac80211_hwsim: report NOACK frames in tx_status + - mac80211_hwsim: initialize ieee80211_tx_info at hw_scan_work + - [arm*] i2c: bcm2835: Avoid clock stretching timeouts + - [x86] ASoC: rt5682: do not block workqueue if card is unbound + - Input: clear BTN_RIGHT/MIDDLE on buttonpads + - cifs: fix double free race when mount fails in cifs_get_root() + - net: usb: cdc_mbim: avoid altsetting toggling for Telit FN990 + - usb: gadget: don't release an existing dev->buf (CVE-2022-24958) + - usb: gadget: clear related members when goto fail (CVE-2022-24958) + - ata: pata_hpt37x: fix PCI clock detection + - [x86] ALSA: intel_hdmi: Fix reference to PCM buffer address + - ASoC: ops: Shift tested values in snd_soc_put_volsw() by +min + - xfrm: fix MTU regression + - netfilter: fix use-after-free in __nf_register_net_hook() + - xfrm: fix the if_id check in changelink + - xfrm: enforce validity of offload input flags + - netfilter: nf_queue: don't assume sk is full socket + - netfilter: nf_queue: fix possible use-after-free + - batman-adv: Request iflink once in batadv-on-batadv check + - batman-adv: Request iflink once in batadv_get_real_netdevice + - batman-adv: Don't expect inter-netns unique iflink indices + - net: dcb: flush lingering app table entries for unregistered devices + - net/smc: fix unexpected SMC_CLC_DECL_ERR_REGRMB error generated by client + - net/smc: fix unexpected SMC_CLC_DECL_ERR_REGRMB error cause by server + - block: Fix fsync always failed if once failed + - PCI: pciehp: Fix infinite loop in IRQ handler upon power fault + - xen/netfront: destroy queues before real_num_tx_queues is zeroed + - mac80211: fix forwarded mesh frames AC & queue selection + - [arm64,armhf] net: stmmac: fix return value of __setup handler + - net: arcnet: com20020: Fix null-ptr-deref in com20020pci_probe() + - efivars: Respect "block" flag in efivar_entry_set_safe() + - can: gs_usb: change active_channels's type from atomic_t to u8 + - [armel,armhf] 9182/1: mmu: fix returns from early_param() and __setup() + functions + - net: chelsio: cxgb3: check the return value of pci_find_capability() + - nl80211: Handle nla_memdup failures in handle_nan_filter + - Input: elan_i2c - move regulator_[en|dis]able() out of + elan_[en|dis]able_power() + - Input: elan_i2c - fix regulator enable count imbalance after + suspend/resume + - HID: add mapping for KEY_ALL_APPLICATIONS + - memfd: fix F_SEAL_WRITE after shmem huge page allocated + - tracing/histogram: Fix sorting on old "cpu" value + - btrfs: add missing run of delayed items after unlink during log replay + - net: dcb: disable softirqs in dcbnl_flush_dev() + - hamradio: fix macro redefine warning + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.234 + - [arm*] Provide a wrapper for SMCCC 1.1 calls + - [arm64,armhf] smccc/psci: add arm_smccc_1_1_get_conduit() + - [armhf] report Spectre v2 status through sysfs + - [armel,armhf] early traps initialisation + - [armel,armhf] use LOADADDR() to get load address of sections + - [armel,armhf] Spectre-BHB workaround + - [armel,armhf] include unprivileged BPF status in Spectre V2 reporting + - [armel,armhf] fix build error when BPF_SYSCALL is disabled + - [armel,armhf] fix co-processor register typo + - [armel,armhf] Do not use NOCROSSREFS directive with ld.lld + - [armhf] fix build warning in proc-v7-bugs.c + - xen/xenbus: don't let xenbus_grant_ring() remove grants in error case + (CVE-2022-23040, XSA-396) + - xen/grant-table: add gnttab_try_end_foreign_access() (CVE-2022-23036, + CVE-2022-23038, XSA-396) + - xen/blkfront: don't use gnttab_query_foreign_access() for mapped status + (CVE-2022-23036, XSA-396) + - xen/netfront: don't use gnttab_query_foreign_access() for mapped status + (CVE-2022-23037, XSA-396) + - xen/scsifront: don't use gnttab_query_foreign_access() for mapped status + (CVE-2022-23038, XSA-396) + - xen/gntalloc: don't use gnttab_query_foreign_access() (CVE-2022-23039, + XSA-396) + - xen: remove gnttab_query_foreign_access() + - xen/9p: use alloc/free_pages_exact() (CVE-2022-23041, XSA-396) + - xen/pvcalls: use alloc/free_pages_exact() (CVE-2022-23041, XSA-396) + - xen/gnttab: fix gnttab_end_foreign_access() without page specified + (CVE-2022-23041, XSA-396) + - xen/netfront: react properly to failing gnttab_end_foreign_access_ref() + (CVE-2022-23042, XSA-396) + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.235 + - net: qlogic: check the return value of dma_alloc_coherent() in + qed_vf_hw_prepare() + - qed: return status of qed_iov_get_link + - ax25: Fix NULL pointer dereference in ax25_kill_by_device + - net/mlx5: Fix size field in bufferx_reg struct + - NFC: port100: fix use-after-free in port100_send_complete + - net: phy: DP83822: clear MISR2 register to disable interrupts + - sctp: fix kernel-infoleak for SCTP sockets + - net-sysfs: add check for netdevice being present to speed_show + - Revert "xen-netback: remove 'hotplug-status' once it has served its + purpose" + - Revert "xen-netback: Check for hotplug-status existence before watching" + - tracing: Ensure trace buffer is at least 4096 bytes large + - [arm64] net: macb: Fix lost RX packet wakeup race in NAPI receive + - virtio: unexport virtio_finalize_features + - virtio: acknowledge all features before access + - [armel,armhf] fix Thumb2 regression with Spectre BHB + - ext4: add check to prevent attempting to resize an fs with sparse_super2 + - btrfs: unlock newly allocated extent buffer after error (CVE-2021-4149) + + [ Salvatore Bonaccorso ] + * [rt] Add new signing key for Daniel Wagner + * [rt] Update to 4.19.233-rt105 + * Bump ABI to 20 + * sctp: fix the processing for INIT chunk (CVE-2021-3772) + * sctp: fix the processing for INIT_ACK chunk (CVE-2021-3772) + +4.19.232-1 [Mon, 07 Mar 2022 22:13:16 +0100] Salvatore Bonaccorso <carnil@debian.org>: * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.209 <http://piuparts.knut.univention.de/5.0-1/#5180100225278690480>
--- mirror/ftp/pool/main/l/linux/linux_4.19.232-1.dsc +++ apt/ucs_5.0-0-errata5.0-1/source/linux_4.19.235-1.dsc @@ -1,3 +1,112 @@ +4.19.235-1 [Thu, 17 Mar 2022 20:48:39 +0100] Salvatore Bonaccorso <carnil@debian.org>: + + * New upstream stable update: + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.233 + - mac80211_hwsim: report NOACK frames in tx_status + - mac80211_hwsim: initialize ieee80211_tx_info at hw_scan_work + - [arm*] i2c: bcm2835: Avoid clock stretching timeouts + - [x86] ASoC: rt5682: do not block workqueue if card is unbound + - Input: clear BTN_RIGHT/MIDDLE on buttonpads + - cifs: fix double free race when mount fails in cifs_get_root() + - net: usb: cdc_mbim: avoid altsetting toggling for Telit FN990 + - usb: gadget: don't release an existing dev->buf (CVE-2022-24958) + - usb: gadget: clear related members when goto fail (CVE-2022-24958) + - ata: pata_hpt37x: fix PCI clock detection + - [x86] ALSA: intel_hdmi: Fix reference to PCM buffer address + - ASoC: ops: Shift tested values in snd_soc_put_volsw() by +min + - xfrm: fix MTU regression + - netfilter: fix use-after-free in __nf_register_net_hook() + - xfrm: fix the if_id check in changelink + - xfrm: enforce validity of offload input flags + - netfilter: nf_queue: don't assume sk is full socket + - netfilter: nf_queue: fix possible use-after-free + - batman-adv: Request iflink once in batadv-on-batadv check + - batman-adv: Request iflink once in batadv_get_real_netdevice + - batman-adv: Don't expect inter-netns unique iflink indices + - net: dcb: flush lingering app table entries for unregistered devices + - net/smc: fix unexpected SMC_CLC_DECL_ERR_REGRMB error generated by client + - net/smc: fix unexpected SMC_CLC_DECL_ERR_REGRMB error cause by server + - block: Fix fsync always failed if once failed + - PCI: pciehp: Fix infinite loop in IRQ handler upon power fault + - xen/netfront: destroy queues before real_num_tx_queues is zeroed + - mac80211: fix forwarded mesh frames AC & queue selection + - [arm64,armhf] net: stmmac: fix return value of __setup handler + - net: arcnet: com20020: Fix null-ptr-deref in com20020pci_probe() + - efivars: Respect "block" flag in efivar_entry_set_safe() + - can: gs_usb: change active_channels's type from atomic_t to u8 + - [armel,armhf] 9182/1: mmu: fix returns from early_param() and __setup() + functions + - net: chelsio: cxgb3: check the return value of pci_find_capability() + - nl80211: Handle nla_memdup failures in handle_nan_filter + - Input: elan_i2c - move regulator_[en|dis]able() out of + elan_[en|dis]able_power() + - Input: elan_i2c - fix regulator enable count imbalance after + suspend/resume + - HID: add mapping for KEY_ALL_APPLICATIONS + - memfd: fix F_SEAL_WRITE after shmem huge page allocated + - tracing/histogram: Fix sorting on old "cpu" value + - btrfs: add missing run of delayed items after unlink during log replay + - net: dcb: disable softirqs in dcbnl_flush_dev() + - hamradio: fix macro redefine warning + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.234 + - [arm*] Provide a wrapper for SMCCC 1.1 calls + - [arm64,armhf] smccc/psci: add arm_smccc_1_1_get_conduit() + - [armhf] report Spectre v2 status through sysfs + - [armel,armhf] early traps initialisation + - [armel,armhf] use LOADADDR() to get load address of sections + - [armel,armhf] Spectre-BHB workaround + - [armel,armhf] include unprivileged BPF status in Spectre V2 reporting + - [armel,armhf] fix build error when BPF_SYSCALL is disabled + - [armel,armhf] fix co-processor register typo + - [armel,armhf] Do not use NOCROSSREFS directive with ld.lld + - [armhf] fix build warning in proc-v7-bugs.c + - xen/xenbus: don't let xenbus_grant_ring() remove grants in error case + (CVE-2022-23040, XSA-396) + - xen/grant-table: add gnttab_try_end_foreign_access() (CVE-2022-23036, + CVE-2022-23038, XSA-396) + - xen/blkfront: don't use gnttab_query_foreign_access() for mapped status + (CVE-2022-23036, XSA-396) + - xen/netfront: don't use gnttab_query_foreign_access() for mapped status + (CVE-2022-23037, XSA-396) + - xen/scsifront: don't use gnttab_query_foreign_access() for mapped status + (CVE-2022-23038, XSA-396) + - xen/gntalloc: don't use gnttab_query_foreign_access() (CVE-2022-23039, + XSA-396) + - xen: remove gnttab_query_foreign_access() + - xen/9p: use alloc/free_pages_exact() (CVE-2022-23041, XSA-396) + - xen/pvcalls: use alloc/free_pages_exact() (CVE-2022-23041, XSA-396) + - xen/gnttab: fix gnttab_end_foreign_access() without page specified + (CVE-2022-23041, XSA-396) + - xen/netfront: react properly to failing gnttab_end_foreign_access_ref() + (CVE-2022-23042, XSA-396) + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.235 + - net: qlogic: check the return value of dma_alloc_coherent() in + qed_vf_hw_prepare() + - qed: return status of qed_iov_get_link + - ax25: Fix NULL pointer dereference in ax25_kill_by_device + - net/mlx5: Fix size field in bufferx_reg struct + - NFC: port100: fix use-after-free in port100_send_complete + - net: phy: DP83822: clear MISR2 register to disable interrupts + - sctp: fix kernel-infoleak for SCTP sockets + - net-sysfs: add check for netdevice being present to speed_show + - Revert "xen-netback: remove 'hotplug-status' once it has served its + purpose" + - Revert "xen-netback: Check for hotplug-status existence before watching" + - tracing: Ensure trace buffer is at least 4096 bytes large + - [arm64] net: macb: Fix lost RX packet wakeup race in NAPI receive + - virtio: unexport virtio_finalize_features + - virtio: acknowledge all features before access + - [armel,armhf] fix Thumb2 regression with Spectre BHB + - ext4: add check to prevent attempting to resize an fs with sparse_super2 + - btrfs: unlock newly allocated extent buffer after error (CVE-2021-4149) + + [ Salvatore Bonaccorso ] + * [rt] Add new signing key for Daniel Wagner + * [rt] Update to 4.19.233-rt105 + * Bump ABI to 20 + * sctp: fix the processing for INIT chunk (CVE-2021-3772) + * sctp: fix the processing for INIT_ACK chunk (CVE-2021-3772) + 4.19.232-1 [Mon, 07 Mar 2022 22:13:16 +0100] Salvatore Bonaccorso <carnil@debian.org>: * New upstream stable update: <http://piuparts.knut.univention.de/5.0-1/#5180100225278690480>
OK: yaml OK: announce_errata OK: patch ~OK: piuparts OK apt install -t apt univention-kernel-image OK amd64 @ kvm + SeaBIOS OK amd64 @ kvm + OVMF + SB OK: uname -a OK: dmesg -H OK ./linux-dmesg-norm -a OK: Rebuild latest ISO with new D-I [5.0-1] dee4bf39fd Bug #54607: linux 4.19.235-1 doc/errata/staging/linux.yaml | 1 - 1 file changed, 1 deletion(-) [5.0-1] a166b8e427 Bug #54607: linux 4.19.235-1 doc/errata/staging/linux.yaml | 167 +++++------------------------------------- 1 file changed, 17 insertions(+), 150 deletions(-) [5.0-1] c6d7380ea4 Bug #54607: linux 4.19.235-1 doc/errata/staging/linux.yaml | 174 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 174 insertions(+)
<https://errata.software-univention.de/#/?erratum=5.0x277> <https://errata.software-univention.de/#/?erratum=5.0x278> <https://errata.software-univention.de/#/?erratum=5.0x279>