Skip to content

Bump idna from 3.4 to 3.7 in /drivers/gpu/drm/ci/xfails #41

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 10,000 commits into
base: develop
Choose a base branch
from
Open

Bump idna from 3.4 to 3.7 in /drivers/gpu/drm/ci/xfails #41

wants to merge 10,000 commits into from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github May 12, 2025
edited
Loading

Bumps idna from 3.4 to 3.7.

Release notes

Sourced from idna's releases.

v3.7

What's Changed

  • Fix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]

Thanks to Guido Vranken for reporting the issue.

Full Changelog: kjd/idna@v3.6...v3.7

Changelog

Sourced from idna's changelog.

3.7 (2024-04-11) ++++++++++++++++

  • Fix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]

Thanks to Guido Vranken for reporting the issue.

3.6 (2023-11-25) ++++++++++++++++

  • Fix regression to include tests in source distribution.

3.5 (2023-11-24) ++++++++++++++++

  • Update to Unicode 15.1.0
  • String codec name is now "idna2008" as overriding the system codec "idna" was not working.
  • Fix typing error for codec encoding
  • "setup.cfg" has been added for this release due to some downstream lack of adherence to PEP 517. Should be removed in a future release so please prepare accordingly.
  • Removed reliance on a symlink for the "idna-data" tool to comport with PEP 517 and the Python Packaging User Guide for sdist archives.
  • Added security reporting protocol for project

Thanks Jon Ribbens, Diogo Teles Sant'Anna, Wu Tingfeng for contributions to this release.

Commits
  • 1d365e1 Release v3.7
  • c1b3154 Merge pull request #172 from kjd/optimize-contextj
  • 0394ec7 Merge branch 'master' into optimize-contextj
  • cd58a23 Merge pull request #152 from elliotwutingfeng/dev
  • 5beb28b More efficient resolution of joiner contexts
  • 1b12148 Update ossf/scorecard-action to v2.3.1
  • d516b87 Update Github actions/checkout to v4
  • c095c75 Merge branch 'master' into dev
  • 60a0a4c Fix typo in GitHub Actions workflow key
  • 5918a0e Merge branch 'master' into dev
  • Additional commits viewable in compare view

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

Andrea Righi and others added 30 commits April 16, 2025 12:48
@mrphilcox
UBUNTU: [Packaging] update Ubuntu.md
d4aaa15 
BugLink: https://bugs.launchpad.net/bugs/1786013
Signed-off-by: Andrea Righi <[email protected]>
@mrphilcox
UBUNTU: Start new release
eac1f96 
Ignore: yes
Signed-off-by: Andrea Righi <[email protected]>
@mrphilcox
UBUNTU: link-to-tracker: update tracking bug
bd6d6e1 
BugLink: https://bugs.launchpad.net/bugs/1966490
Properties: no-test-build
Signed-off-by: Andrea Righi <[email protected]>
@mrphilcox
UBUNTU: [Config] update configs after rebase
ebccc3e 
Signed-off-by: Andrea Righi <[email protected]>
@mrphilcox
UBUNTU: Ubuntu-oracle-5.15.0-1002.4
ce96729 
Signed-off-by: Andrea Righi <[email protected]>
@piso77 @mrphilcox
UBUNTU: Start new release
00b4f72 
Ignore: yes
Signed-off-by: Paolo Pisati <[email protected]>
@piso77 @mrphilcox
UBUNTU: link-to-tracker: update tracking bug
89451a3 
BugLink: https://bugs.launchpad.net/bugs/1969501
Properties: no-test-build
Signed-off-by: Paolo Pisati <[email protected]>
@piso77 @mrphilcox
UBUNTU: Ubuntu-oracle-5.15.0-1003.5
e867ca6 
Signed-off-by: Paolo Pisati <[email protected]>
@piso77 @mrphilcox
UBUNTU: [Packaging] switch to kinetic 5.18.0
2ade25a 
Signed-off-by: Paolo Pisati <[email protected]>
@piso77 @mrphilcox
UBUNTU: Start new release
c263b9d 
Ignore: yes
Signed-off-by: Paolo Pisati <[email protected]>
@piso77 @mrphilcox
UBUNTU: link-to-tracker: update tracking bug
377d3c1 
BugLink: https://bugs.launchpad.net/bugs/1975978
Properties: no-test-build
Signed-off-by: Paolo Pisati <[email protected]>
@piso77 @mrphilcox
UBUNTU: [Config] updateconfigs and annotations following 5.18.0-6.6 r…
3ce2e24 
…ebase

Signed-off-by: Paolo Pisati <[email protected]>
@piso77 @mrphilcox
UBUNTU: Ubuntu-oracle-5.18.0-1001.1
19733c5 
Signed-off-by: Paolo Pisati <[email protected]>
@piso77 @mrphilcox
UBUNTU: [Packaging] switch to kinetic 5.19.0
c683c94 
Signed-off-by: Paolo Pisati <[email protected]>
@piso77 @mrphilcox
UBUNTU: Start new release
3294176 
Ignore: yes
Signed-off-by: Paolo Pisati <[email protected]>
@piso77 @mrphilcox
UBUNTU: link-to-tracker: update tracking bug
02f1fc3 
BugLink: https://bugs.launchpad.net/bugs/1980075
Properties: no-test-build
Signed-off-by: Paolo Pisati <[email protected]>
@piso77 @mrphilcox
UBUNTU: [Config] updateconfigs and annotations following 5.19.0-7.7 r…
394da8f 
…ebase

Signed-off-by: Paolo Pisati <[email protected]>
@piso77 @mrphilcox
UBUNTU: Ubuntu-oracle-5.19.0-1001.1
b9ad402 
Signed-off-by: Paolo Pisati <[email protected]>
@piso77 @mrphilcox
UBUNTU: Start new release
73de8d8 
Ignore: yes
Signed-off-by: Paolo Pisati <[email protected]>
@piso77 @mrphilcox
UBUNTU: link-to-tracker: update tracking bug
cf8832d 
BugLink: https://bugs.launchpad.net/bugs/1982816
Properties: no-test-build
Signed-off-by: Paolo Pisati <[email protected]>
@piso77 @mrphilcox
UBUNTU: [Config] updateconfigs following Ubuntu-5.19.0-12.12 rebase
e543463 
Signed-off-by: Paolo Pisati <[email protected]>
@piso77 @mrphilcox
UBUNTU: Ubuntu-oracle-5.19.0-1002.2
a65134a 
Signed-off-by: Paolo Pisati <[email protected]>
@piso77 @mrphilcox
UBUNTU: Start new release
f6d1ad8 
Ignore: yes
Signed-off-by: Paolo Pisati <[email protected]>
@piso77 @mrphilcox
UBUNTU: link-to-tracker: update tracking bug
b01b2cd 
BugLink: https://bugs.launchpad.net/bugs/1983082
Properties: no-test-build
Signed-off-by: Paolo Pisati <[email protected]>
@piso77 @mrphilcox
UBUNTU: Ubuntu-oracle-5.19.0-1003.3
bc32e96 
Signed-off-by: Paolo Pisati <[email protected]>
@piso77 @mrphilcox
UBUNTU: Start new release
4125735 
Ignore: yes
Signed-off-by: Paolo Pisati <[email protected]>
@piso77 @mrphilcox
UBUNTU: link-to-tracker: update tracking bug
abec544 
BugLink: https://bugs.launchpad.net/bugs/1983447
Properties: no-test-build
Signed-off-by: Paolo Pisati <[email protected]>
@piso77 @mrphilcox
UBUNTU: [Config] updateconfigs following Ubuntu-5.19.0-15.15 rebase
42b2ccd 
Signed-off-by: Paolo Pisati <[email protected]>
@piso77 @mrphilcox
UBUNTU: Ubuntu-oracle-5.19.0-1004.4
4cb79e5 
Signed-off-by: Paolo Pisati <[email protected]>
@piso77 @mrphilcox
UBUNTU: Start new release
78535e6 
Ignore: yes
Signed-off-by: Paolo Pisati <[email protected]>
mrphilcox and others added 17 commits April 16, 2025 12:49
@mrphilcox
UBUNTU: link-to-tracker: update tracking bug
3e91a13 
BugLink: https://bugs.launchpad.net/bugs/2102479
Properties: no-test-build
Signed-off-by: Philip Cox <[email protected]>
@mrphilcox
UBUNTU: Ubuntu-oracle-6.8.0-1023.24
4a892ba 
Signed-off-by: Philip Cox <[email protected]>
@mrphilcox
UBUNTU: Start new release
6cb4834 
Ignore: yes
Signed-off-by: Philip Cox <[email protected]>
@mrphilcox
UBUNTU: [Packaging]: wdat_wdt.ko is moved from
e8c42b3 
"linux-modules-extra-*-generic" to "linux-modules-*-generic"

BugLink: https://bugs.launchpad.net/bugs/2098554

Linux supports the virtual watchdog timer through the "wdat_wdt" module.
In Ubuntu 24.04 LTS on amd64, this module is in the
"linux-modules-extra-*-generic" series of packages. These are depended
on by
the "linux-image-generic" package, but not by the "linux-image-virtual"
package. The latter is what is included in Ubuntu Official Cloud Images.

Installing "linux-image-virtual" on amd64 should get the "wdat_wdt"
module
because it's necessary to fully support a common hypervisor. And to be
consistent, we should do the same for other architectures too.

Signed-off-by: Mehmet Basaran<[email protected]>
Acked-by: Stefan Bader <[email protected]>
Acked-by: Agathe Porte <[email protected]>
Signed-off-by: Stefan Bader <[email protected]>
(copied from master)
Signed-off-by: Philip Cox <[email protected]>
@mrphilcox
UBUNTU: link-to-tracker: update tracking bug
c4eabba 
BugLink: https://bugs.launchpad.net/bugs/2102518
Properties: no-test-build
Signed-off-by: Philip Cox <[email protected]>
@mrphilcox
UBUNTU: Ubuntu-oracle-6.8.0-1024.25
9ba9e5e 
Signed-off-by: Philip Cox <[email protected]>
@mrphilcox
UBUNTU: Start new release
d06baf0 
Ignore: yes
Signed-off-by: Philip Cox <[email protected]>
@mrphilcox
UBUNTU: link-to-tracker: update tracking bug
9f237bd 
BugLink: https://bugs.launchpad.net/bugs/2107065
Properties: no-test-build
Signed-off-by: Philip Cox <[email protected]>
@mrphilcox
UBUNTU: Ubuntu-oracle-6.8.0-1025.26
0ff8a45 
Signed-off-by: Philip Cox <[email protected]>
@jwk404
@@DELPHIX_PATCHSET_START@@
6996486 
This is a placeholder commit to separate the Ubuntu kernel source and
our patches. Used by kernel_merge_with_upstream() in the linux-pkg repo.
@pzakha
DLPX-71852 iSCSI: journal flooded with "Unable to locate Target IQN" …
415b304 
…messages (#2)
@pzakha
DLPX-72065 Aborted iSCSI command never completes after LUN reset (#4)
d670bf3
@pcd1193182
DLPX-83697 iscsi target login should wait until tx/rx threads have pr…
d18d47d 
…operly started (#14)
DLPX-83701 Make function mnt_add_count() traceable (#16)
7d6979d
@palash-gandhi
Extract PKG_ABI from mutated string
2b84334
@sebroy
Reintroduce fix from DLPX-87344 to build only with amd64 annotations
02fe199
@dependabot
Bump idna from 3.4 to 3.7 in /drivers/gpu/drm/ci/xfails
ed03ab5 
Bumps [idna](https://github.com/kjd/idna) from 3.4 to 3.7.
- [Release notes](https://github.com/kjd/idna/releases)
- [Changelog](https://github.com/kjd/idna/blob/master/HISTORY.rst)
- [Commits](kjd/idna@v3.4...v3.7)

---
updated-dependencies:
- dependency-name: idna
  dependency-version: '3.7'
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels May 12, 2025
@delphix-devops-bot delphix-devops-bot force-pushed the develop branch 2 times, most recently from 1c51841 to abfed48 Compare July 1, 2025 18:10
delphix-devops-bot pushed a commit that referenced this pull request Oct 2, 2025
@yangge1116-cpu @smb49
mm/hugetlb: fix kernel NULL pointer dereference when replacing free h…
69d34a9 
…ugetlb folios

BugLink: https://bugs.launchpad.net/bugs/2115678

commit 113ed54ad276c352ee5ce109bdcf0df118a43bda upstream.

A kernel crash was observed when replacing free hugetlb folios:

BUG: kernel NULL pointer dereference, address: 0000000000000028
PGD 0 P4D 0
Oops: Oops: 0000 [#1] SMP NOPTI
CPU: 28 UID: 0 PID: 29639 Comm: test_cma.sh Tainted 6.15.0-rc6-zp #41 PREEMPT(voluntary)
RIP: 0010:alloc_and_dissolve_hugetlb_folio+0x1d/0x1f0
RSP: 0018:ffffc9000b30fa90 EFLAGS: 00010286
RAX: 0000000000000000 RBX: 0000000000342cca RCX: ffffea0043000000
RDX: ffffc9000b30fb08 RSI: ffffea0043000000 RDI: 0000000000000000
RBP: ffffc9000b30fb20 R08: 0000000000001000 R09: 0000000000000000
R10: ffff88886f92eb00 R11: 0000000000000000 R12: ffffea0043000000
R13: 0000000000000000 R14: 00000000010c0200 R15: 0000000000000004
FS:  00007fcda5f14740(0000) GS:ffff8888ec1d8000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000028 CR3: 0000000391402000 CR4: 0000000000350ef0
Call Trace:
<TASK>
 replace_free_hugepage_folios+0xb6/0x100
 alloc_contig_range_noprof+0x18a/0x590
 ? srso_return_thunk+0x5/0x5f
 ? down_read+0x12/0xa0
 ? srso_return_thunk+0x5/0x5f
 cma_range_alloc.constprop.0+0x131/0x290
 __cma_alloc+0xcf/0x2c0
 cma_alloc_write+0x43/0xb0
 simple_attr_write_xsigned.constprop.0.isra.0+0xb2/0x110
 debugfs_attr_write+0x46/0x70
 full_proxy_write+0x62/0xa0
 vfs_write+0xf8/0x420
 ? srso_return_thunk+0x5/0x5f
 ? filp_flush+0x86/0xa0
 ? srso_return_thunk+0x5/0x5f
 ? filp_close+0x1f/0x30
 ? srso_return_thunk+0x5/0x5f
 ? do_dup2+0xaf/0x160
 ? srso_return_thunk+0x5/0x5f
 ksys_write+0x65/0xe0
 do_syscall_64+0x64/0x170
 entry_SYSCALL_64_after_hwframe+0x76/0x7e

There is a potential race between __update_and_free_hugetlb_folio() and
replace_free_hugepage_folios():

CPU1                              CPU2
__update_and_free_hugetlb_folio   replace_free_hugepage_folios
                                    folio_test_hugetlb(folio)
                                    -- It's still hugetlb folio.

  __folio_clear_hugetlb(folio)
  hugetlb_free_folio(folio)
                                    h = folio_hstate(folio)
                                    -- Here, h is NULL pointer

When the above race condition occurs, folio_hstate(folio) returns NULL,
and subsequent access to this NULL pointer will cause the system to crash.
To resolve this issue, execute folio_hstate(folio) under the protection
of the hugetlb_lock lock, ensuring that folio_hstate(folio) does not
return NULL.

Link: https://lkml.kernel.org/r/[email protected]
Fixes: 04f13d2 ("mm: replace free hugepage folios after migration")
Signed-off-by: Ge Yang <[email protected]>
Reviewed-by: Muchun Song <[email protected]>
Reviewed-by: Oscar Salvador <[email protected]>
Cc: Baolin Wang <[email protected]>
Cc: Barry Song <[email protected]>
Cc: David Hildenbrand <[email protected]>
Cc: <[email protected]>
Signed-off-by: Andrew Morton <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>
CVE-2025-38050
Signed-off-by: Manuel Diewald <[email protected]>
Signed-off-by: Mehmet Basaran <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.