Pre-merge already linux changes for upcoming point releases

3 files changed, 20 insertions, 40 deletions

diff --git a/data/CVE/list b/data/CVE/list
index 5c3a57eb77..32257c249a 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1624,6 +1624,7 @@ CVE-2022-1012
 	RESERVED
 CVE-2022-1011 (A flaw use after free in the Linux kernel FUSE filesystem was found in ...)
 	- linux <unfixed>
+	[bullseye] - linux 5.10.106-1
 	NOTE: https://git.kernel.org/linus/0c4bcfdecb1ac0967619ee7ff44871d93c08c909 (5.17-rc8)
 CVE-2022-1010
 	RESERVED
@@ -1678,6 +1679,7 @@ CVE-2022-0996 (A vulnerability was found in the 389 Directory Server that allows
 	TODO: check details
 CVE-2022-0995 (An out-of-bounds (OOB) memory write flaw was found in the Linux kernel ...)
 	- linux <unfixed>
+	[bullseye] - linux 5.10.106-1
 	[buster] - linux <not-affected> (Vulnerable code not present)
 	[stretch] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2063786
@@ -7913,6 +7915,8 @@ CVE-2022-24959 (An issue was discovered in the Linux kernel before 5.16.5. There
 	NOTE: https://git.kernel.org/linus/29eb31542787e1019208a2e1047bb7c76c069536 (5.17-rc2)
 CVE-2022-24958 (drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 m ...)
 	- linux 5.16.14-1
+	[bullseye] - linux 5.10.106-1
+	[buster] - linux 4.19.235-1
 	NOTE: Fixed by: https://git.kernel.org/linus/89f3594d0de58e8a57d92d497dea9fee3d4b9cda (5.17-rc1)
 	NOTE: Fixed by: https://git.kernel.org/linus/501e38a5531efbd77d5c73c0ba838a889bfc1d74 (5.17-rc1)
 CVE-2022-24957
@@ -11105,6 +11109,8 @@ CVE-2022-23961
 	RESERVED
 CVE-2022-23960 (Certain Arm Cortex and Neoverse processors through 2022-03-08 do not p ...)
 	- linux 5.16.14-1
+	[bullseye] - linux 5.10.106-1
+	[buster] - linux 4.19.235-1
 	NOTE: https://www.vusec.net/projects/bhi-spectre-bhb/
 	NOTE: https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/spectre-bhb
 	NOTE: https://xenbits.xen.org/xsa/advisory-398.html
@@ -14474,24 +14480,37 @@ CVE-2022-23043 (Zenario CMS 9.2 allows an authenticated admin user to bypass the
 	NOT-FOR-US: Zenario CMS
 CVE-2022-23042 (Linux PV device frontends vulnerable to attacks by backends T[his CNA  ...)
 	- linux 5.16.14-1
+	[bullseye] - linux 5.10.106-1
+	[buster] - linux 4.19.235-1
 	NOTE: https://xenbits.xen.org/xsa/advisory-396.html
 CVE-2022-23041 (Linux PV device frontends vulnerable to attacks by backends T[his CNA  ...)
 	- linux 5.16.14-1
+	[bullseye] - linux 5.10.106-1
+	[buster] - linux 4.19.235-1
 	NOTE: https://xenbits.xen.org/xsa/advisory-396.html
 CVE-2022-23040 (Linux PV device frontends vulnerable to attacks by backends T[his CNA  ...)
 	- linux 5.16.14-1
+	[bullseye] - linux 5.10.106-1
+	[buster] - linux 4.19.235-1
 	NOTE: https://xenbits.xen.org/xsa/advisory-396.html
 CVE-2022-23039 (Linux PV device frontends vulnerable to attacks by backends T[his CNA  ...)
 	- linux 5.16.14-1
+	[bullseye] - linux 5.10.106-1
+	[buster] - linux 4.19.235-1
 	NOTE: https://xenbits.xen.org/xsa/advisory-396.html
 CVE-2022-23038 (Linux PV device frontends vulnerable to attacks by backends T[his CNA  ...)
 	- linux 5.16.14-1
+	[bullseye] - linux 5.10.106-1
 	NOTE: https://xenbits.xen.org/xsa/advisory-396.html
 CVE-2022-23037 (Linux PV device frontends vulnerable to attacks by backends T[his CNA  ...)
 	- linux 5.16.14-1
+	[bullseye] - linux 5.10.106-1
+	[buster] - linux 4.19.235-1
 	NOTE: https://xenbits.xen.org/xsa/advisory-396.html
 CVE-2022-23036 (Linux PV device frontends vulnerable to attacks by backends T[his CNA  ...)
 	- linux 5.16.14-1
+	[bullseye] - linux 5.10.106-1
+	[buster] - linux 4.19.235-1
 	NOTE: https://xenbits.xen.org/xsa/advisory-396.html
 CVE-2022-23035 (Insufficient cleanup of passed-through device IRQs The management of I ...)
 	- xen 4.16.0+51-g0941d6cb-1
@@ -19440,6 +19459,7 @@ CVE-2021-4150 (A use-after-free flaw was found in the add_partition in block/par
 	NOTE: https://git.kernel.org/linus/9fbfabfda25d8774c5a08634fdd2da000a924890 (5.15-rc7)
 CVE-2021-4149 (A vulnerability was found in btrfs_alloc_tree_b in fs/btrfs/extent-tre ...)
 	- linux 5.14.16-1
+	[buster] - linux 4.19.235-1
 	NOTE: https://git.kernel.org/linus/19ea40dddf1833db868533958ca066f368862211 (5.15-rc6)
 CVE-2021-4148 (A vulnerability was found in the Linux kernel's block_invalidatepage i ...)
 	- linux 5.14.16-1
diff --git a/data/next-oldstable-point-update.txt b/data/next-oldstable-point-update.txt
index 9d5b63cbe0..ef8f26d693 100644
--- a/data/next-oldstable-point-update.txt
+++ b/data/next-oldstable-point-update.txt
@@ -216,24 +216,6 @@ CVE-2021-40985
 	[buster] - htmldoc 1.9.3-1+deb10u3
 CVE-2022-23308
 	[buster] - libxml2 2.9.4+dfsg1-7+deb10u3
-CVE-2021-4149
-	[buster] - linux 4.19.235-1
-CVE-2022-23036
-	[buster] - linux 4.19.235-1
-CVE-2022-23037
-	[buster] - linux 4.19.235-1
-CVE-2022-23039
-	[buster] - linux 4.19.235-1
-CVE-2022-23040
-	[buster] - linux 4.19.235-1
-CVE-2022-23041
-	[buster] - linux 4.19.235-1
-CVE-2022-23042
-	[buster] - linux 4.19.235-1
-CVE-2022-23960
-	[buster] - linux 4.19.235-1
-CVE-2022-24958
-	[buster] - linux 4.19.235-1
 CVE-2020-10001
 	[buster] - cups 2.2.10-6+deb10u5
 CVE-2021-46709
diff --git a/data/next-point-update.txt b/data/next-point-update.txt
index 62a70f1e48..c69984f44a 100644
--- a/data/next-point-update.txt
+++ b/data/next-point-update.txt
@@ -134,28 +134,6 @@ CVE-2022-25640
 	[bullseye] - wolfssl 4.6.0+p1-0+deb11u1
 CVE-2022-23308
 	[bullseye] - libxml2 2.9.10+dfsg-6.7+deb11u1
-CVE-2022-0995
-	[bullseye] - linux 5.10.106-1
-CVE-2022-1011
-	[bullseye] - linux 5.10.106-1
-CVE-2022-23036
-	[bullseye] - linux 5.10.106-1
-CVE-2022-23037
-	[bullseye] - linux 5.10.106-1
-CVE-2022-23038
-	[bullseye] - linux 5.10.106-1
-CVE-2022-23039
-	[bullseye] - linux 5.10.106-1
-CVE-2022-23040
-	[bullseye] - linux 5.10.106-1
-CVE-2022-23041
-	[bullseye] - linux 5.10.106-1
-CVE-2022-23042
-	[bullseye] - linux 5.10.106-1
-CVE-2022-23960
-	[bullseye] - linux 5.10.106-1
-CVE-2022-24958
-	[bullseye] - linux 5.10.106-1
 CVE-2021-0561
 	[bullseye] - flac 1.3.3-2+deb11u1
 CVE-2021-45005