Merge linux updates for buster 10.4

2 files changed, 17 insertions, 34 deletions

diff --git a/data/CVE/list b/data/CVE/list
index 0855e9a59b..54dbe231c9 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -174,11 +174,13 @@ CVE-2020-12660
 	RESERVED
 CVE-2020-12659 (An issue was discovered in the Linux kernel before 5.6.7. xdp_umem_reg ...)
 	- linux 5.6.7-1
+	[buster] - linux 4.19.118-1
 	NOTE: https://git.kernel.org/linus/99e3a236dd43d06c65af0a2ef9cb44306aef6e02 (5.7-rc2)
 CVE-2020-12658
 	RESERVED
 CVE-2020-12657 (An issue was discovered in the Linux kernel before 5.6.5. There is a u ...)
 	- linux 5.6.7-1
+	[buster] - linux 4.19.118-1
 	NOTE: https://git.kernel.org/linus/2f95fa5c955d0a9987ffdc3a095e2f4e62c5f2a9 (5.7-rc1)
 CVE-2020-12656 (gss_mech_free in net/sunrpc/auth_gss/gss_mech_switch.c in the rpcsec_g ...)
 	- linux <unfixed>
@@ -189,9 +191,11 @@ CVE-2020-12655 (An issue was discovered in xfs_agf_verify in fs/xfs/libxfs/xfs_a
 	NOTE: https://git.kernel.org/linus/d0c7feaf87678371c2c09b3709400be416b2dc62 (5.7-rc1)
 CVE-2020-12654 (An issue was found in Linux kernel before 5.5.4. mwifiex_ret_wmm_get_s ...)
 	- linux 5.5.13-1
+	[buster] - linux 4.19.118-1
 	NOTE: https://git.kernel.org/linus/3a9b153c5591548612c3955c9600a98150c81875 (5.6-rc1)
 CVE-2020-12653 (An issue was found in Linux kernel before 5.5.4. The mwifiex_cmd_appen ...)
 	- linux 5.5.13-1
+	[buster] - linux 4.19.118-1
 	NOTE: https://git.kernel.org/linus/b70261a288ea4d2f4ac7cd04be08a9f0f2de4f4d (5.6-rc1)
 CVE-2020-12652 (The __mptctl_ioctl function in drivers/message/fusion/mptctl.c in the  ...)
 	- linux 5.4.19-1
@@ -593,6 +597,7 @@ CVE-2020-12466
 	RESERVED
 CVE-2020-12465 (An array overflow was discovered in mt76_add_fragment in drivers/net/w ...)
 	- linux 5.5.13-1
+	[buster] - linux 4.19.118-1
 	NOTE: https://git.kernel.org/linus/b102f0c522cf668c8382c56a4f771b37d011cda2 (5.6-rc6)
 CVE-2020-12464 (usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before ...)
 	- linux <unfixed>
@@ -3390,12 +3395,14 @@ CVE-2020-11670
 	RESERVED
 CVE-2020-11669 (An issue was discovered in the Linux kernel before 5.2 on the powerpc  ...)
 	- linux 5.2.6-1
+	[buster] - linux 4.19.118-1
 	[stretch] - linux <not-affected> (Vulnerability introduced later with support for KVM guests on POWER9)
 	[jessie] - linux <not-affected> (Vulnerability introduced later with support for KVM guests on POWER9)
 	NOTE: https://git.kernel.org/linus/53a712bae5dd919521a58d7bad773b949358add0
 	NOTE: https://www.openwall.com/lists/oss-security/2020/04/15/1
 CVE-2020-11668 (In the Linux kernel before 5.6.1, drivers/media/usb/gspca/xirlink_cit. ...)
 	- linux 5.5.17-1
+	[buster] - linux 4.19.118-1
 	NOTE: https://git.kernel.org/linus/a246b4d547708f33ff4d4b9a7a5dbac741dc89d8
 CVE-2020-11667
 	RESERVED
@@ -3572,9 +3579,11 @@ CVE-2020-11610 (An issue was discovered in xdLocalStorage through 2.0.5. The pos
 	NOT-FOR-US: xdLocalStorage
 CVE-2020-11609 (An issue was discovered in the stv06xx subsystem in the Linux kernel b ...)
 	- linux 5.5.17-1
+	[buster] - linux 4.19.118-1
 	NOTE: https://git.kernel.org/linus/485b06aadb933190f4bc44e006076bc27a23f205
 CVE-2020-11608 (An issue was discovered in the Linux kernel before 5.6.1. drivers/medi ...)
 	- linux 5.5.17-1
+	[buster] - linux 4.19.118-1
 	NOTE: https://git.kernel.org/linus/998912346c0da53a6dbb71fab3a138586b596b30
 CVE-2020-11607 (An issue was discovered on Samsung mobile devices with P(9.0) and Q(10 ...)
 	NOT-FOR-US: Samsung mobile devices
@@ -4101,6 +4110,7 @@ CVE-2020-11495
 	REJECTED
 CVE-2020-11494 (An issue was discovered in slc_bump in drivers/net/can/slcan.c in the  ...)
 	- linux 5.5.17-1
+	[buster] - linux 4.19.118-1
 	NOTE: https://lore.kernel.org/netdev/20200401100639.20199-1-rpalethorpe@suse.com/
 CVE-2020-11493
 	RESERVED
@@ -9258,6 +9268,7 @@ CVE-2020-9384 (** DISPUTED ** An Insecure Direct Object Reference (IDOR) vulnera
 	NOT-FOR-US: Subex
 CVE-2020-9383 (An issue was discovered in the Linux kernel through 5.5.6. set_fdc in  ...)
 	- linux 5.5.13-1
+	[buster] - linux 4.19.118-1
 	NOTE: https://git.kernel.org/linus/2e90ca68b0d2f5548804f22f0dd61145516171e3
 CVE-2020-9382 (An issue was discovered in the Widgets extension through 1.4.0 for Med ...)
 	NOT-FOR-US: Widgets extension for MediaWiki
@@ -10203,6 +10214,7 @@ CVE-2020-8993
 	RESERVED
 CVE-2020-8992 (ext4_protect_reserved_inode in fs/ext4/block_validity.c in the Linux k ...)
 	- linux 5.5.13-1
+	[buster] - linux 4.19.118-1
 	[stretch] - linux <not-affected> (Vulnerable code not present)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://patchwork.ozlabs.org/patch/1236118/
@@ -11011,12 +11023,15 @@ CVE-2019-20447 (Jobberbase 2.0 has SQL injection via the PATH_INFO to the jobs-i
 	NOT-FOR-US: Jobberbase CMS
 CVE-2020-8649 (There is a use-after-free vulnerability in the Linux kernel through 5. ...)
 	- linux 5.5.13-1
+	[buster] - linux 4.19.118-1
 	NOTE: https://git.kernel.org/linus/513dc792d6060d5ef572e43852683097a8420f56
 CVE-2020-8648 (There is a use-after-free vulnerability in the Linux kernel through 5. ...)
 	- linux 5.5.13-1
+	[buster] - linux 4.19.118-1
 	NOTE: https://git.kernel.org/linus/07e6124a1a46b4b5a9b3cacc0c306b50da87abf5
 CVE-2020-8647 (There is a use-after-free vulnerability in the Linux kernel through 5. ...)
 	- linux 5.5.13-1
+	[buster] - linux 4.19.118-1
 	NOTE: https://git.kernel.org/linus/513dc792d6060d5ef572e43852683097a8420f56
 CVE-2020-8640
 	RESERVED
@@ -30212,6 +30227,7 @@ CVE-2019-19047 (A memory leak in the mlx5_fw_fatal_reporter_dump() function in d
 	NOTE: https://git.kernel.org/linus/c7ed6d0183d5ea9bc31bcaeeba4070bd62546471
 CVE-2019-19046 (** DISPUTED ** A memory leak in the __ipmi_bmc_register() function in  ...)
 	- linux 5.4.19-1 (unimportant)
+	[buster] - linux 4.19.118-1
 	NOTE: Only a memory leak on the probe path
 CVE-2019-19045 (A memory leak in the mlx5_fpga_conn_create_cq() function in drivers/ne ...)
 	- linux 5.3.15-1
@@ -35771,6 +35787,7 @@ CVE-2020-0010 (In fpc_ta_get_build_info of fpc_ta_kpi.c, there is a possible out
 	NOT-FOR-US: FPC components for Android
 CVE-2020-0009 (In calc_vm_may_flags of ashmem.c, there is a possible arbitrary write  ...)
 	- linux 5.5.13-1
+	[buster] - linux 4.19.118-1
 	[jessie] - linux <ignored> (Driver is not enabled or supported)
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1949
 CVE-2020-0008 (In LowEnergyClient::MtuChangedCallback of low_energy_client.cc, there  ...)
diff --git a/data/next-point-update.txt b/data/next-point-update.txt
index 343c455912..c0e8d89547 100644
--- a/data/next-point-update.txt
+++ b/data/next-point-update.txt
@@ -72,40 +72,6 @@ CVE-2019-8842
 	[buster] - cups 2.2.10-6+deb10u3
 CVE-2020-1730
 	[buster] - libssh 0.8.7-1+deb10u1
-CVE-2020-0009
-	[buster] - linux 4.19.118-1
-CVE-2020-11494
-	[buster] - linux 4.19.118-1
-CVE-2020-11608
-	[buster] - linux 4.19.118-1
-CVE-2020-11609
-	[buster] - linux 4.19.118-1
-CVE-2020-11668
-	[buster] - linux 4.19.118-1
-CVE-2020-11669
-	[buster] - linux 4.19.118-1
-CVE-2020-12465
-	[buster] - linux 4.19.118-1
-CVE-2020-12653
-	[buster] - linux 4.19.118-1
-CVE-2020-12654
-	[buster] - linux 4.19.118-1
-CVE-2020-12657
-	[buster] - linux 4.19.118-1
-CVE-2020-12659
-	[buster] - linux 4.19.118-1
-CVE-2020-8647
-	[buster] - linux 4.19.118-1
-CVE-2020-8648
-	[buster] - linux 4.19.118-1
-CVE-2020-8649
-	[buster] - linux 4.19.118-1
-CVE-2020-8992
-	[buster] - linux 4.19.118-1
-CVE-2020-9383
-	[buster] - linux 4.19.118-1
-CVE-2019-19046
-	[buster] - linux 4.19.118-1
 CVE-2020-7610
 	[buster] - node-mongodb 3.1.13+~3.1.11-2+deb10u1
 CVE-2019-2391