From e0abdc3b7008e3b5c6f979ce8e077fa708eb0899 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Thu, 20 Jan 2022 18:10:29 +0100
Subject: Sync with advisory for whitespace changes

Signed-off-by: Salvatore Bonaccorso <carnil@debian.org>
---
 dsa-texts/5.10.92-1 | 68 +++++++++++++++++++++++++----------------------------
 1 file changed, 32 insertions(+), 36 deletions(-)

diff --git a/dsa-texts/5.10.92-1 b/dsa-texts/5.10.92-1
index 6d9e6550..b9b49cca 100644
--- a/dsa-texts/5.10.92-1
+++ b/dsa-texts/5.10.92-1
@@ -10,66 +10,62 @@ leaks.
 
 CVE-2021-4155
 
-        Kirill Tkhai discovered a data leak in the way the
-        XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for a size
-        increase of files with unaligned size. A local attacker can take
-        advantage of this flaw to leak data on the XFS filesystem.
+    Kirill Tkhai discovered a data leak in the way the XFS_IOC_ALLOCSP
+    IOCTL in the XFS filesystem allowed for a size increase of files
+    with unaligned size. A local attacker can take advantage of this
+    flaw to leak data on the XFS filesystem.
 
 CVE-2021-28711, CVE-2021-28712, CVE-2021-28713 (XSA-391)
 
-        Juergen Gross reported that malicious PV backends can cause a
-        denial of service to guests being serviced by those backends via
-        high frequency events, even if those backends are running in a
-        less privileged environment.
+    Juergen Gross reported that malicious PV backends can cause a denial
+    of service to guests being serviced by those backends via high
+    frequency events, even if those backends are running in a less
+    privileged environment.
 
 CVE-2021-28714, CVE-2021-28715 (XSA-392)
 
-        Juergen Gross discovered that Xen guests can force the Linux
-        netback driver to hog large amounts of kernel memory, resulting
-        in denial of service.
+    Juergen Gross discovered that Xen guests can force the Linux
+    netback driver to hog large amounts of kernel memory, resulting in
+    denial of service.
 
 CVE-2021-39685
 
-        Szymon Heidrich discovered a buffer overflow vulnerability in
-        the USB gadget subsystem, resulting in information disclosure,
-        denial of service or privilege escalation.
+    Szymon Heidrich discovered a buffer overflow vulnerability in the
+    USB gadget subsystem, resulting in information disclosure, denial of
+    service or privilege escalation.
 
 CVE-2021-45095
 
-        It was discovered that the Phone Network protocol (PhoNet)
-        driver has a reference count leak in the pep_sock_accept()
-        function.
+    It was discovered that the Phone Network protocol (PhoNet) driver
+    has a reference count leak in the pep_sock_accept() function.
 
 CVE-2021-45469
 
-        Wenqing Liu reported an out-of-bounds memory access in the f2fs
-        implementation if an inode has an invalid last xattr entry. An
-        attacker able to mount a specially crafted image can take
-        advantage of this flaw for denial of service.
+    Wenqing Liu reported an out-of-bounds memory access in the f2fs
+    implementation if an inode has an invalid last xattr entry. An
+    attacker able to mount a specially crafted image can take advantage
+    of this flaw for denial of service.
 
 CVE-2021-45480
 
-        A memory leak flaw was discovered in the __rds_conn_create()
-        function in the RDS (Reliable Datagram Sockets) protocol
-        subsystem.
+    A memory leak flaw was discovered in the __rds_conn_create()
+    function in the RDS (Reliable Datagram Sockets) protocol subsystem.
 
 CVE-2022-0185
 
-        William Liu, Jamie Hill-Daniel, Isaac Badipe, Alec Petridis,
-        Hrvoje Misetic and Philip Papurt discovered a heap-based buffer
-        overflow flaw in the legacy_parse_param function in the
-        Filesystem Context functionality, allowing an local user (with
-        CAP_SYS_ADMIN capability in the current namespace) to escalate
-        privileges.
+    William Liu, Jamie Hill-Daniel, Isaac Badipe, Alec Petridis, Hrvoje
+    Misetic and Philip Papurt discovered a heap-based buffer overflow
+    flaw in the legacy_parse_param function in the Filesystem Context
+    functionality, allowing an local user (with CAP_SYS_ADMIN capability
+    in the current namespace) to escalate privileges.
 
 CVE-2022-23222
 
-        'tr3e' discovered that the BPF verifier does not properly
-        restrict several *_OR_NULL pointer types allowing these types to
-        do pointer arithmetic. A local user with the ability to call
-        bpf(), can take advantage of this flaw to excalate privileges.
-        Unprivileged calls to bpf() are disabled by default in Debian,
-        mitigating this flaw.
+    'tr3e' discovered that the BPF verifier does not properly restrict
+    several *_OR_NULL pointer types allowing these types to do pointer
+    arithmetic. A local user with the ability to call bpf(), can take
+    advantage of this flaw to excalate privileges. Unprivileged calls to
+    bpf() are disabled by default in Debian, mitigating this flaw.
 
 For the stable distribution (bullseye), these problems have been fixed in
 version 5.10.92-1. This version includes changes which were aimed to
-- 
cgit v1.2.3