Package "linux-xilinx-zynqmp"
Name: |
linux-xilinx-zynqmp
|
Description: |
This package is just an umbrella for a group of other packages,
it has no description. Description samples from packages in group:
- Header files related to Linux kernel version 5.4.0
- Header files related to Linux kernel version 5.4.0
- Header files related to Linux kernel version 5.4.0
- Header files related to Linux kernel version 5.4.0
|
Latest version: |
5.4.0-1048.52 |
Release: |
focal (20.04) |
Level: |
security |
Repository: |
main |
Links
Other versions of "linux-xilinx-zynqmp" in Focal
Packages in group
Deleted packages are displayed in grey.
Changelog
linux-xilinx-zynqmp (5.4.0-1048.52) focal; urgency=medium
* focal/linux-xilinx-zynqmp: 5.4.0-1048.52 -proposed tracker (LP: #2072106)
[ Ubuntu: 5.4.0-190.210 ]
* focal/linux: 5.4.0-190.210 -proposed tracker (LP: #2072108)
* CVE-2024-36016
- tty: n_gsm: fix possible out-of-bounds in gsm0_receive()
* CVE-2022-48655
- firmware: arm_scmi: Harden accesses to the reset domains
* CVE-2024-26907
- RDMA/mlx5: Fix fortify source warning while accessing Eth segment
* CVE-2024-26585
- tls: fix race between tx work scheduling and socket close
* CVE-2024-26584
- net: tls: handle backlogging of crypto requests
* CVE-2024-26583
- net/tls: Replace TLS_RX_SYNC_RUNNING with RCU
- net/tls: Fix use-after-free after the TLS device goes down and up
- tls: splice_read: fix record type check
- tls splice: remove inappropriate flags checking for MSG_PEEK
- tls: splice_read: fix accessing pre-processed records
- tls: Fix context leak on tls_device_down
- net/tls: Check for errors in tls_device_init
- net/tls: Remove the context from the list in tls_device_down
- net/tls: pass context to tls_device_decrypted()
- net/tls: Perform immediate device ctx cleanup when possible
- net/tls: Multi-threaded calls to TX tls_dev_del
- net: tls: avoid discarding data on record close
- tls: rx: don't store the record type in socket context
- tls: rx: don't store the decryption status in socket context
- tls: rx: don't issue wake ups when data is decrypted
- tls: rx: refactor decrypt_skb_update()
- tls: hw: rx: use return value of tls_device_decrypted() to carry status
- tls: rx: drop unnecessary arguments from tls_setup_from_iter()
- tls: rx: don't report text length from the bowels of decrypt
- tls: rx: wrap decryption arguments in a structure
- tls: rx: factor out writing ContentType to cmsg
- tls: rx: don't track the async count
- tls: rx: assume crypto always calls our callback
- tls: rx: use async as an in-out argument
- tls: decrement decrypt_pending if no async completion will be called
- net: tls: fix async vs NIC crypto offload
- tls: rx: simplify async wait
- tls: extract context alloc/initialization out of tls_set_sw_offload
- net: tls: factor out tls_*crypt_async_wait()
- tls: fix race between async notify and socket close
-- Guoqing Jiang <email address hidden> Wed, 17 Jul 2024 12:30:26 +0800
|
Source diff to previous version |
CVE-2024-36016 |
In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: fix possible out-of-bounds in gsm0_receive() Assuming the following |
CVE-2022-48655 |
In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scmi: Harden accesses to the reset domains Accessing reset domain |
CVE-2024-26907 |
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix fortify source warning while accessing Eth segment ------------ |
CVE-2024-26585 |
In the Linux kernel, the following vulnerability has been resolved: tls: fix race between tx work scheduling and socket close Similarly to previous |
CVE-2024-26584 |
In the Linux kernel, the following vulnerability has been resolved: net: tls: handle backlogging of crypto requests Since we're setting the CRYPTO_ |
CVE-2024-26583 |
In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify and socket close The submitting thread (one |
|
linux-xilinx-zynqmp (5.4.0-1047.51) focal; urgency=medium
* focal/linux-xilinx-zynqmp: 5.4.0-1047.51 -proposed tracker (LP: #2068452)
[ Ubuntu: 5.4.0-189.209 ]
* focal/linux: 5.4.0-189.209 -proposed tracker (LP: #2068454)
* Focal update: v5.4.275 upstream stable release (LP: #2067865)
- batman-adv: Avoid infinite loop trying to resize local TT
- Bluetooth: Fix memory leak in hci_req_sync_complete()
- nouveau: fix function cast warning
- net: openvswitch: fix unwanted error log on timeout policy probing
- u64_stats: fix u64_stats_init() for lockdep when used repeatedly in one file
- geneve: fix header validation in geneve[6]_xmit_skb
- ipv6: fib: hide unused 'pn' variable
- ipv4/route: avoid unused-but-set-variable warning
- ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr
- net/mlx5: Properly link new fs rules into the tree
- net: ena: Fix potential sign extension issue
- btrfs: qgroup: correctly model root qgroup rsv in convert
- drm/client: Fully protect modes[] with dev->mode_config.mutex
- vhost: Add smp_rmb() in vhost_vq_avail_empty()
- selftests: timers: Fix abs() warning in posix_timers test
- x86/apic: Force native_apic_mem_read() to use the MOV instruction
- btrfs: record delayed inode root in transaction
- selftests/ftrace: Limit length in subsystem-enable tests
- kprobes: Fix possible use-after-free issue on kprobe registration
- Revert "tracing/trigger: Fix to return error if failed to alloc snapshot"
- netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get()
- tun: limit printing rate when illegal packet received by tun dev
- RDMA/rxe: Fix the problem "mutex_destroy missing"
- RDMA/mlx5: Fix port number for counter query in multi-port configuration
- drm: nv04: Fix out of bounds access
- clk: Remove prepare_lock hold assertion in __clk_release()
- clk: Mark 'all_lists' as const
- clk: remove extra empty line
- clk: Print an info line before disabling unused clocks
- clk: Initialize struct clk_core kref earlier
- clk: Get runtime PM before walking tree during disable_unused
- x86/cpufeatures: Fix dependencies for GFNI, VAES, and VPCLMULQDQ
- comedi: vmk80xx: fix incomplete endpoint checking
- serial/pmac_zilog: Remove flawed mitigation for rx irq flood
- USB: serial: option: add Fibocom FM135-GL variants
- USB: serial: option: add support for Fibocom FM650/FG650
- USB: serial: option: add Lonsung U8300/U9300 product
- USB: serial: option: support Quectel EM060K sub-models
- USB: serial: option: add Rolling RW101-GL and RW135-GL support
- USB: serial: option: add Telit FN920C04 rmnet compositions
- usb: dwc2: host: Fix dereference issue in DDMA completion flow.
- speakup: Avoid crash on very long word
- fs: sysfs: Fix reference leak in sysfs_break_active_protection()
- nouveau: fix instmem race condition around ptr stores
- nilfs2: fix OOB in nilfs_set_de_type
- KVM: async_pf: Cleanup kvm_setup_async_pf()
- arm64: dts: rockchip: fix alphabetical ordering RK3399 puma
- arm64: dts: rockchip: enable internal pull-up on PCIE_WAKE# for RK3399 Puma
- arm64: dts: mediatek: mt7622: fix IR nodename
- arm64: dts: mediatek: mt7622: fix ethernet controller "compatible"
- arm64: dts: mediatek: mt7622: drop "reset-names" from thermal block
- arm64: dts: mt2712: add ethernet device node
- arm64: dts: mediatek: mt2712: fix validation errors
- ARC: [plat-hsdk]: Remove misplaced interrupt-cells property
- vxlan: drop packets from invalid src-address
- mlxsw: core: Unregister EMAD trap using FORWARD action
- NFC: trf7970a: disable all regulators on removal
- net: usb: ax88179_178a: stop lying about skb->truesize
- net: gtp: Fix Use-After-Free in gtp_dellink
- ipvs: Fix checksumming on GSO of SCTP packets
- net: openvswitch: Fix Use-After-Free in ovs_ct_exit
- mlxsw: spectrum_acl_tcam: Fix race during rehash delayed work
- mlxsw: spectrum_acl_tcam: Fix possible use-after-free during activity update
- mlxsw: spectrum_acl_tcam: Fix possible use-after-free during rehash
- mlxsw: spectrum_acl_tcam: Rate limit error message
- mlxsw: spectrum_acl_tcam: Fix memory leak during rehash
- mlxsw: spectrum_acl_tcam: Fix warning during rehash
- mlxsw: spectrum_acl_tcam: Fix incorrect list API usage
- mlxsw: spectrum_acl_tcam: Fix memory leak when canceling rehash work
- i40e: Do not use WQ_MEM_RECLAIM flag for workqueue
- iavf: Fix TC config comparison with existing adapter TC config
- af_unix: Suppress false-positive lockdep splat for spin_lock() in
__unix_gc().
- serial: core: Provide port lock wrappers
- serial: mxs-auart: add spinlock around changing cts state
- Revert "crypto: api - Disallow identical driver names"
- net/mlx5e: Fix a race in command alloc flow
- tracing: Show size of requested perf buffer
- tracing: Increase PERF_MAX_TRACE_SIZE to handle Sentinel1 and docker
together
- Bluetooth: Fix type of len in {l2cap,sco}_sock_getsockopt_old()
- Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0bda:0x4853
- btrfs: fix information leak in btrfs_ioctl_logical_to_ino()
- arm64: dts: rockchip: enable internal pull-up for Q7_THRM# on RK3399 Puma
- drm/amdgpu: Fix leak when GPU memory allocation fails
- irqchip/gic-v3-its: Prevent double free on error
- ethernet: Add helper for assigning packet type when dest address does not
match device address
- net: b44: set pause params only when interface is up
- stackdepot: respect __GFP_NOLOCKDEP allocation flag
- mtd: diskonchip: work around ubsan link failure
- tcp: Clean up kernel listener's reqsk in inet_twsk_purge()
- tcp: Fix NEW_SYN_RECV handling in inet_twsk_purge()
- dmaengine: owl: fix register access functions
- idma64: D
|
Source diff to previous version |
2067865 |
Focal update: v5.4.275 upstream stable release |
2067857 |
Focal update: v5.4.274 upstream stable release |
2064561 |
Focal update: v5.4.273 upstream stable release |
2064555 |
Focal update: v5.4.272 upstream stable release |
CVE-2024-26586 |
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix stack corruption When tc filters are first added |
CVE-2024-26923 |
In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix garbage collector racing against connect() Garbage collector does |
CVE-2024-23307 |
Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (md, raid, raid5 modules) allows Forced Integer Overflow |
CVE-2024-26889 |
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_core: Fix possible buffer overflow struct hci_dev_info has a fix |
CVE-2024-26828 |
In the Linux kernel, the following vulnerability has been resolved: cifs: fix underflow in parse_server_interfaces() In this loop, we step through |
CVE-2024-24861 |
A race condition was found in the Linux kernel's media/xc4000 device driver in xc4000 xc4000_get_frequency() function. This can result in return valu |
CVE-2023-6270 |
A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel. The aoecmd_cfg_pkts() function improperly updates the refcnt on `struct n |
CVE-2024-26642 |
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: disallow anonymous set with timeout flag Anonymous sets a |
CVE-2024-26926 |
In the Linux kernel, the following vulnerability has been resolved: binder: check offset alignment in binder_get_object() Commit 6d98eb95b450 ("bin |
CVE-2024-26922 |
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: validate the parameters of bo mapping operations more clearly Verif |
CVE-2024-26925 |
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path The co |
CVE-2024-26643 |
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout |
CVE-2024-2201 |
Native Branch History Injection |
|
linux-xilinx-zynqmp (5.4.0-1046.50) focal; urgency=medium
* focal/linux-xilinx-zynqmp: 5.4.0-1046.50 -proposed tracker (LP: #2068289)
[ Ubuntu: 5.4.0-187.207 ]
* focal/linux: 5.4.0-187.207 -proposed tracker (LP: #2068291)
* CVE-2024-26925
- netfilter: Cleanup nft_net->module_list from nf_tables_exit_net()
- netfilter: nf_tables: release batch on table validation from abort path
- netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path
* CVE-2024-26643
- netfilter: nf_tables: mark set as dead when unbinding anonymous set with
timeout
* CVE-2024-2201
- x86/cpufeatures: Add new word for scattered features
- x86/cpufeatures: Add CPUID_LNX_5 to track recently added Linux-defined word
- x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file
- x86/bhi: Add support for clearing branch history at syscall entry
- x86/bhi: Define SPEC_CTRL_BHI_DIS_S
- x86/bhi: Enumerate Branch History Injection (BHI) bug
- x86/bhi: Add BHI mitigation knob
- x86/bhi: Mitigate KVM by default
- [Config] updateconfigs for CONFIG_BHI_{AUTO|ON|OFF}
- x86/bugs: Fix BHI documentation
- x86/bugs: Cache the value of MSR_IA32_ARCH_CAPABILITIES
- x86/bugs: Rename various 'ia32_cap' variables to 'x86_arch_cap_msr'
- x86/bugs: Fix BHI handling of RRSBA
- x86/bugs: Clarify that syscall hardening isn't a BHI mitigation
- x86/bugs: Fix BHI retpoline check
-- Portia Stephens <email address hidden> Fri, 14 Jun 2024 08:41:35 +1000
|
Source diff to previous version |
CVE-2024-26925 |
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path The co |
CVE-2024-26643 |
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout |
CVE-2024-2201 |
Native Branch History Injection |
|
linux-xilinx-zynqmp (5.4.0-1045.49) focal; urgency=medium
* focal/linux-xilinx-zynqmp: 5.4.0-1045.49 -proposed tracker (LP: #2063809)
[ Ubuntu: 5.4.0-186.206 ]
* focal/linux: 5.4.0-186.206 -proposed tracker (LP: #2063812)
* Mount CIFS fails with Permission denied (LP: #2061986)
- cifs: fix ntlmssp auth when there is no key exchange
* USB stick can't be detected (LP: #2040948)
- usb: Disable USB3 LPM at shutdown
* CVE-2024-26733
- net: dev: Convert sa_data to flexible array in struct sockaddr
- arp: Prevent overflow in arp_req_get().
- stddef: Introduce DECLARE_FLEX_ARRAY() helper
* CVE-2024-26712
- powerpc/kasan: Fix addr error caused by page alignment
* CVE-2023-52530
- wifi: mac80211: fix potential key use-after-free
* CVE-2021-47063
- drm: bridge/panel: Cleanup connector on bridge detach
* [Ubuntu 22.04.4/linux-image-6.5.0-26-generic] Kernel output "UBSAN: array-
index-out-of-bounds in /build/linux-hwe-6.5-34pCLi/linux-
hwe-6.5-6.5.0/drivers/net/hyperv/netvsc.c:1445:41" multiple times,
especially during boot. (LP: #2058477)
- hv: hyperv.h: Replace one-element array with flexible-array member
* CVE-2024-26614
- tcp: make sure init the accept_queue's spinlocks once
- ipv6: init the accept_queue's spinlocks in inet6_create
* Focal update: v5.4.271 upstream stable release (LP: #2060216)
- netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter
- net: ip_tunnel: prevent perpetual headroom growth
- tun: Fix xdp_rxq_info's queue_index when detaching
- ipv6: fix potential "struct net" leak in inet6_rtm_getaddr()
- lan78xx: enable auto speed configuration for LAN7850 if no EEPROM is
detected
- net: usb: dm9601: fix wrong return value in dm9601_mdio_read
- Bluetooth: Avoid potential use-after-free in hci_error_reset
- Bluetooth: hci_event: Fix handling of HCI_EV_IO_CAPA_REQUEST
- Bluetooth: Enforce validation on max value of connection interval
- netfilter: nf_tables: allow NFPROTO_INET in nft_(match/target)_validate()
- rtnetlink: fix error logic of IFLA_BRIDGE_FLAGS writing back
- efi/capsule-loader: fix incorrect allocation size
- power: supply: bq27xxx-i2c: Do not free non existing IRQ
- ALSA: Drop leftover snd-rtctimer stuff from Makefile
- afs: Fix endless loop in directory parsing
- gtp: fix use-after-free and null-ptr-deref in gtp_newlink()
- wifi: nl80211: reject iftype change with mesh ID change
- btrfs: dev-replace: properly validate device names
- dmaengine: fsl-qdma: fix SoC may hang on 16 byte unaligned read
- dmaengine: fsl-qdma: init irq after reg initialization
- mmc: core: Fix eMMC initialization with 1-bit bus connection
- x86/cpu/intel: Detect TME keyid bits before setting MTRR mask registers
- cachefiles: fix memory leak in cachefiles_add_cache()
- fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super
- gpio: 74x164: Enable output pins after registers are reset
- Linux 5.4.271
* Focal update: v5.4.270 upstream stable release (LP: #2060019)
- KVM: arm64: vgic-its: Test for valid IRQ in its_sync_lpi_pending_table()
- KVM: arm64: vgic-its: Test for valid IRQ in MOVALL handler
- net/sched: Retire CBQ qdisc
- [Config] updateconfigs for NET_SCH_CBQ
- net/sched: Retire ATM qdisc
- [Config] updateconfigs for NET_SCH_ATM
- net/sched: Retire dsmark qdisc
- [Config] updateconfigs for NET_SCH_DSMARK
- sched/rt: sysctl_sched_rr_timeslice show default timeslice after reset
- memcg: add refcnt for pcpu stock to avoid UAF problem in drain_all_stock()
- nilfs2: replace WARN_ONs for invalid DAT metadata block requests
- userfaultfd: fix mmap_changing checking in mfill_atomic_hugetlb
- sched/rt: Fix sysctl_sched_rr_timeslice intial value
- sched/rt: Disallow writing invalid values to sched_rt_period_us
- scsi: target: core: Add TMF to tmr_list handling
- dmaengine: shdma: increase size of 'dev_id'
- dmaengine: fsl-qdma: increase size of 'irq_name'
- wifi: cfg80211: fix missing interfaces when dumping
- wifi: mac80211: fix race condition on enabling fast-xmit
- fbdev: savage: Error out if pixclock equals zero
- fbdev: sis: Error out if pixclock equals zero
- ahci: asm1166: correct count of reported ports
- ahci: add 43-bit DMA address quirk for ASMedia ASM1061 controllers
- ext4: avoid allocating blocks from corrupted group in
ext4_mb_try_best_found()
- ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal()
- regulator: pwm-regulator: Add validity checks in continuous .get_voltage
- nvmet-tcp: fix nvme tcp ida memory leak
- ASoC: sunxi: sun4i-spdif: Add support for Allwinner H616
- netfilter: conntrack: check SCTP_CID_SHUTDOWN_ACK for vtag setting in
sctp_new
- nvmet-fc: abort command when there is no binding
- hwmon: (coretemp) Enlarge per package core count limit
- scsi: lpfc: Use unsigned type for num_sge
- firewire: core: send bus reset promptly on gap count error
- virtio-blk: Ensure no requests in virtqueues before deleting vqs.
- s390/qeth: Fix potential loss of L3-IP@ in case of network issues
- pmdomain: renesas: r8a77980-sysc: CR7 must be always on
- tcp: factor out __tcp_close() helper
- tcp: return EPOLLOUT from tcp_poll only when notsent_bytes is half the limit
- tcp: add annotations around sk->sk_shutdown accesses
- pinctrl: pinctrl-rockchip: Fix a bunch of kerneldoc misdemeanours
- pinctrl: rockchip: Fix refcount leak in rockchip_pinctrl_parse_groups
- spi: mt7621: Fix an error message in mt7621_spi_probe()
- net: bridge: clear bridge's private skb space on xmit
- selftests/bpf: Avoid running unprivileged tests with alignment requirements
- Revert "drm/sun4i: dsi: Change the start delay calculation"
- drm/amdgpu: Check for valid number of registers to
|
Source diff to previous version |
2061986 |
Mount CIFS fails with Permission denied |
2058477 |
[Ubuntu 22.04.4/linux-image-6.5.0-26-generic] Kernel output \ |
2060216 |
Focal update: v5.4.271 upstream stable release |
2060019 |
Focal update: v5.4.270 upstream stable release |
CVE-2024-26733 |
In the Linux kernel, the following vulnerability has been resolved: arp: Prevent overflow in arp_req_get(). syzkaller reported an overflown write i |
CVE-2024-26712 |
In the Linux kernel, the following vulnerability has been resolved: powerpc/kasan: Fix addr error caused by page alignment In kasan_init_region, wh |
CVE-2023-52530 |
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix potential key use-after-free When ieee80211_key_link() is c |
CVE-2021-47063 |
In the Linux kernel, the following vulnerability has been resolved: drm: bridge/panel: Cleanup connector on bridge detach If we don't call drm_conn |
CVE-2024-26614 |
In the Linux kernel, the following vulnerability has been resolved: tcp: make sure init the accept_queue's spinlocks once When I run syz's reproduc |
CVE-2023-47233 |
The brcm80211 component in the Linux kernel through 6.5.10 has a brcmf_cfg80211_detach use-after-free in the device unplugging (disconnect the USB by |
CVE-2021-47070 |
In the Linux kernel, the following vulnerability has been resolved: uio_hv_generic: Fix another memory leak in error handling paths Memory allocate |
CVE-2024-26622 |
In the Linux kernel, the following vulnerability has been resolved: tomoyo: fix UAF write bug in tomoyo_write_control() Since tomoyo_write_control( |
|
linux-xilinx-zynqmp (5.4.0-1044.48) focal; urgency=medium
* focal/linux-xilinx-zynqmp: 5.4.0-1044.48 -proposed tracker (LP: #2063683)
[ Ubuntu: 5.4.0-182.202 ]
* focal/linux: 5.4.0-182.202 -proposed tracker (LP: #2063685)
* CVE-2023-52530
- wifi: mac80211: fix potential key use-after-free
* CVE-2024-26622
- tomoyo: fix UAF write bug in tomoyo_write_control()
* CVE-2024-26614
- tcp: make sure init the accept_queue's spinlocks once
- ipv6: init the accept_queue's spinlocks in inet6_create
* CVE-2023-47233
- wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach
-- Portia Stephens <email address hidden> Tue, 07 May 2024 10:22:39 +1000
|
CVE-2023-52530 |
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix potential key use-after-free When ieee80211_key_link() is c |
CVE-2024-26622 |
In the Linux kernel, the following vulnerability has been resolved: tomoyo: fix UAF write bug in tomoyo_write_control() Since tomoyo_write_control( |
CVE-2024-26614 |
In the Linux kernel, the following vulnerability has been resolved: tcp: make sure init the accept_queue's spinlocks once When I run syz's reproduc |
CVE-2023-47233 |
The brcm80211 component in the Linux kernel through 6.5.10 has a brcmf_cfg80211_detach use-after-free in the device unplugging (disconnect the USB by |
|
About
-
Send Feedback to @ubuntu_updates