[Group.of.nepali.translators] [Bug 1655507] Re: CVE-2017-5330 - Ark: unintended execution of scripts and executable files

[Launchpad Bug Tracker]

This bug was fixed in the package ark - 4:16.04.3a-0ubuntu2.2

---
ark (4:16.04.3a-0ubuntu2.2) yakkety-security; urgency=medium

  * SECURITY UPDATE:unintended execution of scripts and executable files
  - debian/patches/no-exec-during-url-open.patch
  - Thanks to Fabian Vogt for reporting this issue, Elvis Angelaccio for 
fixing this issue.
  - CVE-2017-5330
  - fixes (LP: #1655507)

 -- Vishnu Vardhan Reddy Naini   Thu, 19 Jan
2017 03:10:04 +0530

** Changed in: ark (Ubuntu Yakkety)
   Status: In Progress => Fix Released

** Changed in: ark (Ubuntu Xenial)
   Status: Confirmed => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2017-5530

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1655507

Title:
  CVE-2017-5330 - Ark: unintended execution of scripts and executable
  files

Status in ark package in Ubuntu:
  Fix Released
Status in ark source package in Xenial:
  Fix Released
Status in ark source package in Yakkety:
  Fix Released
Status in ark source package in Zesty:
  Fix Released

Bug description:
  KDE Project Security Advisory
  =

  Title:  Ark: unintended execution of scripts and executable files
  Risk Rating:Important
  CVE:CVE-2017-5330
  Versions:   ark >= 15.12
  Author: Elvis Angelaccio 
  Date:   12 January 2017

  Overview
  

  Through a (possibly malicious) tar archive that contains an
  executable shell script or binary, it was possible to execute
  arbitrary code on target machines.
  KRun::runUrl() has a runExecutable argument which defaults to true.
  Ark was using this default value and was also not checking
  whether an extracted file was executable before passing it to the
  runUrl() function.

  Impact
  ==

  An attacker can send legitimate tar archives with executable scripts or
  binaries disguised as normal files (say, with README or LICENSE as filenames).
  The attacker then can trick a user to select those files and click
  the Open button in the Ark toolbar, which triggers the affected code.

  Workaround
  ==

  Don't use the File -> Open functionality of Ark.
  You can still open archives (Archive->Open) and extract them.

  Solution
  

  Update to Ark >= 16.12.1

  For older releases of Ark, apply the following patches:

  Applications/16.08 branch: 
https://commits.kde.org/ark/49ce94df19607e234525afda5ad4190ce35300c3
  Applications/16.04 branch: 
https://commits.kde.org/ark/6b6da3f2e6ac5ca12b46d208d532948c1dbb8776
  Applications/15.12 branch: 
https://commits.kde.org/ark/e2448360eca1b81eb59fffca9584b0fc5fbd8e5b

  Credits
  ===

  Thanks to Fabian Vogt for reporting this issue, Elvis Angelaccio for
  fixing this issue.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ark/+bug/1655507/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1655040] Re: i386 ftrace tests hang on ADT testing

[Launchpad Bug Tracker]

This bug was fixed in the package linux - 4.9.0-12.13

---
linux (4.9.0-12.13) zesty; urgency=low

  [ Tim Gardner ]

  * Release Tracking Bug
- LP: #1655122

  * Zesty update to v4.9.2 stable release (LP: #1655114)
- ssb: Fix error routine when fallback SPROM fails
- ath10k: fix soft lockup during firmware crash/hw-restart
- rtlwifi: Fix enter/exit power_save
- perf/x86: Fix exclusion of BTS and LBR for Goldmont
- perf annotate: Don't throw error for zero length symbols
- perf/x86/intel/cstate: Prevent hotplug callback leak
- rtl8xxxu: Work around issue with 8192eu and 8723bu devices not 
reconnecting
- cfg80211/mac80211: fix BSS leaks when abandoning assoc attempts
- ath9k: fix ath9k_hw_gpio_get() to return 0 or 1 on success
- ath9k: Really fix LED polarity for some Mini PCI AR9220 MB92 cards.
- ath9k: do not return early to fix rcu unlocking
- Revert "mmc: sdhci: Reset cmd and data circuits after tuning failure"
- mmc: sdhci: Fix recovery from tuning timeout
- regulator: stw481x-vmmc: fix ages old enable error
- mmc: sd: Meet alignment requirements for raw_ssr DMA
- timekeeping_Force_unsigned_clocksource_to_nanoseconds_conversion
- gpio: stmpe: fix interrupt handling bug
- gpio: chardev: Return error for seek operations
- arm64: tegra: Add VDD_GPU regulator to Jetson TX1
- clk: bcm2835: Avoid overwriting the div info when disabling a pll_div clk
- thermal: hwmon: Properly report critical temperature in sysfs
- docs: sphinx-extensions: make rstFlatTable work with docutils 0.13
- hv: acquire vmbus_connection.channel_mutex in vmbus_free_channels()
- staging/lustre/osc: Revert erroneous list_for_each_entry_safe use
- staging: lustre: ldlm: pl_recalc time handling is wrong
- staging: comedi: ni_mio_common: fix M Series ni_ai_insn_read() data mask
- staging: comedi: ni_mio_common: fix E series ni_ai_insn_read() data
- ACPI / video: Add force_native quirk for Dell XPS 17 L702X
- ACPI / video: Add force_native quirk for HP Pavilion dv6
- drm/amdgpu/si: load the proper firmware on 0x87 oland boards
- drm/amdgpu: add additional pci revision to dpm workaround
- drm/amdgpu: Store CRTC relative amdgpu_crtc->cursor_x/y values
- drm/amdgpu: Also call cursor_move_locked when the cursor size changes
- drm/amd/amdgpu: enable GUI idle INT after enabling CGCG
- drm/nouveau/gr: fallback to legacy paths during firmware lookup
- drm/nouveau/kms: lvds panel strap moved again on maxwell
- drm/nouveau/bios: require checksum to match for fast acpi shadow method
- drm/nouveau/ltc: protect clearing of comptags with mutex
- drm/nouveau/ttm: wait for bo fence to signal before unmapping vmas
- drm/nouveau/i2c/gk110b,gm10x: use the correct implementation
- drm/nouveau/fifo/gf100-: protect channel preempt with subdev mutex
- drm/radeon: Also call cursor_move_locked when the cursor size changes
- drm/radeon: Hide the HW cursor while it's out of bounds
- drm/radeon: add additional pci revision to dpm workaround
- drm/radeon/si: load the proper firmware on 0x87 oland boards
- drm/gma500: Add compat ioctl
- drm/amd/powerplay: bypass fan table setup if no fan connected
- drm/amdgpu: fix enable_cp_power_gating in gfx_v8.0.
- drm/amdgpu: fix init save/restore list in gfx_v8.0
- drivers/gpu/drm/ast: Fix infinite loop if read fails
- mei: request async autosuspend at the end of enumeration
- mei: me: add lewisburg device ids
- block: protect iterate_bdevs() against concurrent close
- vt: fix Scroll Lock LED trigger name
- stm class: Fix device leak in open error path
- scsi: megaraid_sas: For SRIOV enabled firmware, ensure VF driver waits for
  30secs before reset
- scsi: megaraid_sas: Do not set MPI2_TYPE_CUDA for JBOD FP path for FW 
which
  does not support JBOD sequence map
- iscsi-target: Return error if unable to add network portal
- scsi: zfcp: fix use-after-"free" in FC ingress path after TMF
- scsi: zfcp: do not trace pure benign residual HBA responses at default 
level
- scsi: zfcp: fix rport unblock race with LUN recovery
- scsi: avoid a permanent stop of the scsi device's request queue
- ARC: mm: arc700: Don't assume 2 colours for aliasing VIPT dcache
- firmware: fix usermode helper fallback loading
- s390/vmlogrdr: fix IUCV buffer allocation
- s390/kexec: use node 0 when re-adding crash kernel memory
- arm64: KVM: pmu: Reset PMSELR_EL0.SEL to a sane value before entering the
  guest
- latent_entropy: fix ARM build error on earlier gcc
- sc16is7xx: Drop bogus use of IRQF_ONESHOT
- md/raid5: limit request size according to implementation limits
- scsi: aacraid: remove wildcard for series 9 controllers
- KVM: PPC: Book3S HV: Save/restore XER in checkpointed register state
- KVM: PPC: Book3S HV: Don't lose hardware R/C 

[Group.of.nepali.translators] [Bug 1656801] Re: ntp: changing the default config from server to pool broke the dhcp hook

[Mathew Hodson]

** Also affects: ntp (Debian) via
   http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=809344
   Importance: Unknown
   Status: Unknown

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1656801

Title:
  ntp: changing the default config from server to pool broke the dhcp
  hook

Status in ntp package in Ubuntu:
  Fix Released
Status in ntp source package in Xenial:
  Triaged
Status in ntp package in Debian:
  Unknown

Bug description:
  In 1:4.2.8p3+dfsg-1, the default config was changed to
  "Use pool instead of server".  This needs a corresponding
  update to /etc/dhcp/dhclient-exit-hooks.d/ntp, since the
  DHCP specified servers now get added to the default pool
  config instead of replacing them.

  This affects Xenial only as the Yakkety build includes the upstream
  fix (1:4.2.8p7+dfsg-1).

  Original Debian busg https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=809344 
  & https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806676

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1656801/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1657594] Re: USN-3174-1: partially applies to MariaDB too

[Mathew Hodson]

** No longer affects: mariadb-5.5 (Ubuntu)

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1657594

Title:
  USN-3174-1: partially applies to MariaDB too

Status in mariadb-10.0 package in Ubuntu:
  New
Status in mariadb-10.1 package in Ubuntu:
  New
Status in mariadb-5.5 source package in Trusty:
  New
Status in mariadb-10.0 source package in Xenial:
  New
Status in mariadb-10.0 source package in Yakkety:
  New
Status in mariadb-10.0 source package in Zesty:
  New
Status in mariadb-10.1 source package in Zesty:
  New

Bug description:
  https://www.ubuntu.com/usn/usn-3174-1/

  The security notice above also affect MariaDB and the latest release
  includes fixes.

  I will produce a security release soon and attach more information to this 
bug report for:
   - mariadb.5.5 in Trusty
   - mariadb-10.0 in Xenial and Yakkety (zesty can sync from Debian)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mariadb-10.0/+bug/1657594/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1630924] Re: Kdump through NMI SMP and single core not working on Ubuntu16.10

[Joseph Salisbury]

** No longer affects: linux (Ubuntu Vivid)

** Also affects: linux (Ubuntu Zesty)
   Importance: Medium
   Status: Confirmed

** Also affects: linux (Ubuntu Vivid)
   Importance: Undecided
   Status: New

** Changed in: linux (Ubuntu Vivid)
   Status: New => In Progress

** Changed in: linux (Ubuntu Xenial)
   Status: Confirmed => In Progress

** Changed in: linux (Ubuntu Yakkety)
   Status: Confirmed => In Progress

** Changed in: linux (Ubuntu Zesty)
   Status: Confirmed => In Progress

** Changed in: linux (Ubuntu Vivid)
   Importance: Undecided => Medium

** Changed in: linux (Ubuntu Vivid)
 Assignee: (unassigned) => Joseph Salisbury (jsalisbury)

** Changed in: linux (Ubuntu Xenial)
 Assignee: (unassigned) => Joseph Salisbury (jsalisbury)

** Changed in: linux (Ubuntu Yakkety)
 Assignee: (unassigned) => Joseph Salisbury (jsalisbury)

** Changed in: linux (Ubuntu Zesty)
 Assignee: (unassigned) => Joseph Salisbury (jsalisbury)

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1630924

Title:
  Kdump through NMI SMP and single core not working on Ubuntu16.10

Status in linux package in Ubuntu:
  In Progress
Status in linux source package in Vivid:
  In Progress
Status in linux source package in Xenial:
  In Progress
Status in linux source package in Yakkety:
  In Progress
Status in linux source package in Zesty:
  In Progress

Bug description:
  During some tests I've encountered an issue with kdump through NMI SMP
  and single core. After kdump configuration, when I trigger the crash
  through an NMI call from the host, the VM will panic, however it will
  not write the vmcore dump files and neither reboot.

  REPRO STEPS:

  1. configure kdump
   - crashkernel=512M-:384M  /boot/grub/grub.cfg
   - USE_KDUMP=1 /etc/default/kdump-tools

  2. after configuration reboot the VM

  3. check kdump status
   - cat /sys/kernel/kexec_*
   - service kdump-tools status

  4. configure NMI
   - sysctl -w kernel.unknown_nmi_panic=1

  5. trigger a crash from host
   - Debug-VM -Name $vmName -InjectNonMaskableInterrupt -ComputerName $hvServer 
-Force

  This case also applies to:
  -Ubuntu 16.10 generation 2(kernel version: 4.8.0-17-generic)
  -Ubuntu 16.04.1(kernel: 4.4.0-38-generic)
  -Ubuntu 14.04.5(kernel: 3.19.0-69-generic)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1630924/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1647485] Re: NVMe symlinks broken by devices with spaces in model or serial strings

[Launchpad Bug Tracker]

This bug was fixed in the package systemd - 229-4ubuntu16

---
systemd (229-4ubuntu16) xenial; urgency=medium

  * d/p/0001-libudev-util-change-util_replace_whitespace-to-retur.patch,
d/p/0002-udev-event-add-replace_whitespace-param-to-udev_even.patch,
d/p/0003-udev-rules-perform-whitespace-replacement-for-symlin.patch:
Cherry-pick upstream fixes from Dan Streetman  to
fix by-id symlinks for devices whose IDs contain whitespace.
LP: #1647485.

 -- Steve Langasek   Wed, 18 Jan 2017
13:37:19 -0800

** Changed in: systemd (Ubuntu Xenial)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1647485

Title:
  NVMe symlinks broken by devices with spaces in model or serial strings

Status in systemd:
  New
Status in systemd package in Ubuntu:
  Fix Committed
Status in systemd source package in Trusty:
  Confirmed
Status in systemd source package in Xenial:
  Fix Released
Status in systemd source package in Yakkety:
  Fix Committed
Status in systemd source package in Zesty:
  Fix Committed
Status in systemd package in Debian:
  New

Bug description:
  [Impact]

  After including the patch from bug 1642903, NVMe devices that include spaces 
in their model or serial strings result in incorrect symlinks, e.g. if the 
model string is "XYZ Corp NVMe drive" then instead of creating:
  /dev/disk/by-id/nvme-XYZ Corp NVMe drive_SERIAL -> ../../nvme0n1
  it creates:
  /dev/disk/by-id/nvme-XYZ -> ../../nvme0n1
  /dev/Corp -> nvme0n1
  /dev/NVMe -> nvme0n1
  /dev/drive_SERIAL -> nvme0n1

  This is because of the way udev handles the SYMLINK value strings; by
  default, it does not do any whitespace replacement.  To enable
  whitespace replacement of a symlink value, the rule must also include
  OPTIONS+="string_escape=replace".  This is done for 'md' and 'dm'
  devices in their rules.  However, there are no rules that actually
  want to specify multiple symlinks, and defaulting to not replacing
  whitespace makes no sense; instead, the default should be to replace
  all whitespace in each symlink value, unless the rule explicitly
  specifies OPTIONS+="string_escape=none".

  [Test Case]

  This assumes using udev with the patch from bug 1642903.

  Without this patch, when using a NVMe drive that contains spaces in
  its model and/or serial strings, check the /dev/disk/by-id/ directory.
  It should contain a partially-correct symlink to the NVMe drive, with
  the name up to the first space.  All following space-separated parts
  of the mode/serial string should have symlinks in the /dev/ directory.
  This is the incorrect behavior.

  With this patch, check the /dev/disk/by-id/ directory.  It should
  contain a fully-correct symlink to the NVMe drive, and no part of the
  drive's model/serial number string should be a link in the /dev
  directory.

  An example of the correct/incorrect naming is in the Impact section.

  There should be no other changes to any of the symlinks under /dev
  before and after this patch.  Typical locations for symlinks are
  /dev/, /dev/disk/by-name/, /dev/disk/by-id/, /dev/disk/by-uuid/,
  /dev/disk/by-label/

  [Regression Potential]

  Errors in udev rules can lead to an unbootable or otherwise completely
  broken system if they unintentionally break or clobber existing
  /dev/disks/ symlinks.

  [Other Info]

  This is also tracked with upstream systemd (udev) bug 4833:
  https://github.com/systemd/systemd/issues/4833

  Also note, this can be worked around in individual rules ONLY (i.e.
  not fixed for all rules) by appending OPTIONS+="string_escape=replace"
  to each of the NVMe rules with SYMLINK+="..." assignment, e.g.:

  KERNEL=="nvme*[0-9]n*[0-9]", ENV{DEVTYPE}=="disk", ATTRS{model}=="?*",
  ENV{ID_SERIAL_SHORT}=="?*",
  ENV{ID_SERIAL}="$attr{model}_$env{ID_SERIAL_SHORT}", SYMLINK+="disk
  /by-id/nvme-$env{ID_SERIAL}", OPTIONS+="string_escape=replace"

  Related bugs:
   * bug 1642903: introduce disk/by-id (model_serial) symlinks for NVMe drives
   * bug 1651602: NVMe driver regression for non-smp/1-cpu systems
   * bug 1649635: export nvme drive model/serial strings via sysfs (trusty)

To manage notifications about this bug go to:
https://bugs.launchpad.net/systemd/+bug/1647485/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1658009] Re: Docker can't start s390x images on Ubuntu and gets "oci runtime error: unrecognized architecture"

[Launchpad Bug Tracker]

This bug was fixed in the package runc - 1.0.0~rc1-0ubuntu2~16.04.1.1

---
runc (1.0.0~rc1-0ubuntu2~16.04.1.1) xenial; urgency=medium

  * Cherrypick seccomp update from -rc2 to resolve failure to execute on
ppc64el and s390x. LP: #1658009

 -- Dimitri John Ledkov   Fri, 20 Jan 2017 11:09:00
+

** Changed in: runc (Ubuntu Xenial)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1658009

Title:
  Docker can't start s390x images on Ubuntu and gets "oci runtime error:
  unrecognized architecture"

Status in Ubuntu on IBM z Systems:
  Fix Committed
Status in runc package in Ubuntu:
  Fix Committed
Status in runc source package in Xenial:
  Fix Released
Status in runc source package in Yakkety:
  Fix Released
Status in runc source package in Zesty:
  Fix Committed

Bug description:
  [Impact]

   * Regression in updates
   * Cannot start a docker container on s390x/ppc64el

  [Test Case]

   * $ sudo docker run -t s390x/ubuntu
  Should start a container without an error on s390x

   * $ sudo docker run -t ppc64le/ubuntu
  Should start a container without an error on ppc64el

  [Regression Potential]

   * Minimal, the fix is a cherrypick of vendorised update of seccomp
  sub-library which now includes architecture defines to/from native
  arch and s390x/ppc64el.

  [Other Info]

  Starting different s390x Docker images on Ubuntu 16.04.1 (and 16.10)
  fails:

  
  Problem description:
  # docker run s390x/ubuntu
  Unable to find image 's390x/ubuntu:latest' locally
  latest: Pulling from s390x/ubuntu
  b43bc799d4e2: Pull complete
  afbd2b8f99bf: Pull complete
  0e3aee0ec255: Pull complete
  eb19a6534950: Pull complete
  29583cd8abac: Pull complete
  Digest: 
sha256:73e317083b0e7f6f477500b97f658519448aa7a54842a077ae8465235d6b8598
  Status: Downloaded newer image for s390x/ubuntu:latest
  docker: Error response from daemon: oci runtime error: unrecognized 
architecture.
  # docker run s390x/busybox
  ...
  ..
  docker: Error response from daemon: oci runtime error: unrecognized 
architecture.

  
  System description:

  # uname -a
  Linux s8330034 4.4.0-36-generic #55-Ubuntu SMP Thu Aug 11 18:05:09 UTC 
2016 s390x s390x s390x GNU/Linux
  # docker info
  Containers: 2
   Running: 0
   Paused: 0
   Stopped: 2
  Images: 2
  Server Version: 1.12.3
  Storage Driver: aufs
   Root Dir: /var/lib/docker/aufs
   Backing Filesystem: extfs
   Dirs: 10
   Dirperm1 Supported: true
  Logging Driver: json-file
  Cgroup Driver: cgroupfs
  Plugins:
   Volume: local
   Network: overlay bridge null host
  Swarm: inactive
  Runtimes: runc
  Default Runtime: runc
  Security Options: apparmor seccomp
  Kernel Version: 4.4.0-36-generic
  Operating System: Ubuntu 16.04.1 LTS
  OSType: linux
  Architecture: s390x
  CPUs: 1
  Total Memory: 860.4 MiB
  Name: s8330034
  ID: XWPX:2EKT:TD5Q:FXT4:DG6G:ZEWQ:KKOH:4DR7:7VAZ:MJPE:ME5X:UJ4G
  Docker Root Dir: /var/lib/docker
  Debug Mode (client): false
  Debug Mode (server): false
  Registry: https://index.docker.io/v1/
  WARNING: No swap limit support
  Insecure Registries:
   127.0.0.0/8

  # docker version
  Client:
   Version:  1.12.3
   API version:  1.24
   Go version:   go1.6.2
   Git commit:   6b644ec
   Built:Mon, 19 Dec 2016 09:20:48 +1300
   OS/Arch:  linux/s390x

  Server:
   Version:  1.12.3
   API version:  1.24
   Go version:   go1.6.2
   Git commit:   6b644ec
   Built:Mon, 19 Dec 2016 09:20:48 +1300
   OS/Arch:  linux/s390x

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-z-systems/+bug/1658009/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1658009] Re: Docker can't start s390x images on Ubuntu and gets "oci runtime error: unrecognized architecture"

[Launchpad Bug Tracker]

This bug was fixed in the package runc - 1.0.0~rc1-0ubuntu2~16.10.1.1

---
runc (1.0.0~rc1-0ubuntu2~16.10.1.1) yakkety; urgency=medium

  * Cherrypick seccomp update from -rc2 to resolve failure to execute on
ppc64el and s390x. LP: #1658009

 -- Dimitri John Ledkov   Fri, 20 Jan 2017 11:06:50
+

** Changed in: runc (Ubuntu Yakkety)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1658009

Title:
  Docker can't start s390x images on Ubuntu and gets "oci runtime error:
  unrecognized architecture"

Status in Ubuntu on IBM z Systems:
  Fix Committed
Status in runc package in Ubuntu:
  Fix Committed
Status in runc source package in Xenial:
  Fix Released
Status in runc source package in Yakkety:
  Fix Released
Status in runc source package in Zesty:
  Fix Committed

Bug description:
  [Impact]

   * Regression in updates
   * Cannot start a docker container on s390x/ppc64el

  [Test Case]

   * $ sudo docker run -t s390x/ubuntu
  Should start a container without an error on s390x

   * $ sudo docker run -t ppc64le/ubuntu
  Should start a container without an error on ppc64el

  [Regression Potential]

   * Minimal, the fix is a cherrypick of vendorised update of seccomp
  sub-library which now includes architecture defines to/from native
  arch and s390x/ppc64el.

  [Other Info]

  Starting different s390x Docker images on Ubuntu 16.04.1 (and 16.10)
  fails:

  
  Problem description:
  # docker run s390x/ubuntu
  Unable to find image 's390x/ubuntu:latest' locally
  latest: Pulling from s390x/ubuntu
  b43bc799d4e2: Pull complete
  afbd2b8f99bf: Pull complete
  0e3aee0ec255: Pull complete
  eb19a6534950: Pull complete
  29583cd8abac: Pull complete
  Digest: 
sha256:73e317083b0e7f6f477500b97f658519448aa7a54842a077ae8465235d6b8598
  Status: Downloaded newer image for s390x/ubuntu:latest
  docker: Error response from daemon: oci runtime error: unrecognized 
architecture.
  # docker run s390x/busybox
  ...
  ..
  docker: Error response from daemon: oci runtime error: unrecognized 
architecture.

  
  System description:

  # uname -a
  Linux s8330034 4.4.0-36-generic #55-Ubuntu SMP Thu Aug 11 18:05:09 UTC 
2016 s390x s390x s390x GNU/Linux
  # docker info
  Containers: 2
   Running: 0
   Paused: 0
   Stopped: 2
  Images: 2
  Server Version: 1.12.3
  Storage Driver: aufs
   Root Dir: /var/lib/docker/aufs
   Backing Filesystem: extfs
   Dirs: 10
   Dirperm1 Supported: true
  Logging Driver: json-file
  Cgroup Driver: cgroupfs
  Plugins:
   Volume: local
   Network: overlay bridge null host
  Swarm: inactive
  Runtimes: runc
  Default Runtime: runc
  Security Options: apparmor seccomp
  Kernel Version: 4.4.0-36-generic
  Operating System: Ubuntu 16.04.1 LTS
  OSType: linux
  Architecture: s390x
  CPUs: 1
  Total Memory: 860.4 MiB
  Name: s8330034
  ID: XWPX:2EKT:TD5Q:FXT4:DG6G:ZEWQ:KKOH:4DR7:7VAZ:MJPE:ME5X:UJ4G
  Docker Root Dir: /var/lib/docker
  Debug Mode (client): false
  Debug Mode (server): false
  Registry: https://index.docker.io/v1/
  WARNING: No swap limit support
  Insecure Registries:
   127.0.0.0/8

  # docker version
  Client:
   Version:  1.12.3
   API version:  1.24
   Go version:   go1.6.2
   Git commit:   6b644ec
   Built:Mon, 19 Dec 2016 09:20:48 +1300
   OS/Arch:  linux/s390x

  Server:
   Version:  1.12.3
   API version:  1.24
   Go version:   go1.6.2
   Git commit:   6b644ec
   Built:Mon, 19 Dec 2016 09:20:48 +1300
   OS/Arch:  linux/s390x

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-z-systems/+bug/1658009/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1657674] Re: Add support for RT5660 codec based sound cards on Baytrail

[Luis Henriques]

** Also affects: linux (Ubuntu Xenial)
   Importance: Undecided
   Status: New

** Changed in: linux (Ubuntu Xenial)
   Status: New => Fix Committed

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1657674

Title:
  Add support for RT5660 codec based sound cards on Baytrail

Status in HWE Next:
  In Progress
Status in linux package in Ubuntu:
  In Progress
Status in linux source package in Xenial:
  Fix Committed

Bug description:
  Support RT5660 (ALC3277) codec based sound cards on Ubuntu Xenial
  kernel

  This bug is used for tracking purposes, please do not triage.

To manage notifications about this bug go to:
https://bugs.launchpad.net/hwe-next/+bug/1657674/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1657682] Re: Support latest Redpine WLAN/BT RS9113 driver

[Luis Henriques]

** Also affects: linux (Ubuntu Xenial)
   Importance: Undecided
   Status: New

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1657682

Title:
  Support latest Redpine WLAN/BT RS9113 driver

Status in HWE Next:
  In Progress
Status in linux package in Ubuntu:
  In Progress
Status in linux source package in Xenial:
  New

Bug description:
  Support latest Redpine WLAN/BT RS9113 driver in Ubuntu Xenial kernel.

  This is the latest version of the driver provided by Redpine. For now,
  this driver is enabled only on x86, x86_64 architectures.

  This bug is used for tracking purposes, please do not triage.

To manage notifications about this bug go to:
https://bugs.launchpad.net/hwe-next/+bug/1657682/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1655507] Re: CVE-2017-5330 - Ark: unintended execution of scripts and executable files

[Rik Mills]

** Changed in: ark (Ubuntu Zesty)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1655507

Title:
  CVE-2017-5330 - Ark: unintended execution of scripts and executable
  files

Status in ark package in Ubuntu:
  Fix Released
Status in ark source package in Xenial:
  Confirmed
Status in ark source package in Yakkety:
  Confirmed
Status in ark source package in Zesty:
  Fix Released

Bug description:
  KDE Project Security Advisory
  =

  Title:  Ark: unintended execution of scripts and executable files
  Risk Rating:Important
  CVE:CVE-2017-5330
  Versions:   ark >= 15.12
  Author: Elvis Angelaccio 
  Date:   12 January 2017

  Overview
  

  Through a (possibly malicious) tar archive that contains an
  executable shell script or binary, it was possible to execute
  arbitrary code on target machines.
  KRun::runUrl() has a runExecutable argument which defaults to true.
  Ark was using this default value and was also not checking
  whether an extracted file was executable before passing it to the
  runUrl() function.

  Impact
  ==

  An attacker can send legitimate tar archives with executable scripts or
  binaries disguised as normal files (say, with README or LICENSE as filenames).
  The attacker then can trick a user to select those files and click
  the Open button in the Ark toolbar, which triggers the affected code.

  Workaround
  ==

  Don't use the File -> Open functionality of Ark.
  You can still open archives (Archive->Open) and extract them.

  Solution
  

  Update to Ark >= 16.12.1

  For older releases of Ark, apply the following patches:

  Applications/16.08 branch: 
https://commits.kde.org/ark/49ce94df19607e234525afda5ad4190ce35300c3
  Applications/16.04 branch: 
https://commits.kde.org/ark/6b6da3f2e6ac5ca12b46d208d532948c1dbb8776
  Applications/15.12 branch: 
https://commits.kde.org/ark/e2448360eca1b81eb59fffca9584b0fc5fbd8e5b

  Credits
  ===

  Thanks to Fabian Vogt for reporting this issue, Elvis Angelaccio for
  fixing this issue.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ark/+bug/1655507/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1658091] [NEW] Xenial update to v4.4.44 stable release

[Tim Gardner]

Public bug reported:

SRU Justification

Impact:
   The upstream process for stable tree updates is quite similar
   in scope to the Ubuntu SRU process, e.g., each patch has to
   demonstrably fix a bug, and each patch is vetted by upstream
   by originating either directly from a mainline/stable Linux tree or
   a minimally backported form of that patch. The v4.4.44 upstream stable
   patch set is now available. It should be included in the Ubuntu
   kernel as well.

   git://git.kernel.org/

TEST CASE: TBD

   The following patches from the v4.4.44 stable release shall be
applied:

Input: xpad - use correct product id for x360w controllers
Input: i8042 - add Pegatron touchpad to noloop table
selftests: do not require bash to run netsocktests testcase
selftests: do not require bash for the generated test
mm: fix devm_memremap_pages crash, use mem_hotplug_{begin, done}
ocfs2: fix crash caused by stale lvb with fsdlm plugin
mm/hugetlb.c: fix reservation race when freeing surplus pages
KVM: x86: fix emulation of "MOV SS, null selector"
KVM: eventfd: fix NULL deref irqbypass consumer
jump_labels: API for flushing deferred jump label updates
KVM: x86: flush pending lapic jump label updates on module unload
KVM: x86: add Align16 instruction flag
KVM: x86: add asm_safe wrapper
KVM: x86: emulate FXSAVE and FXRSTOR
KVM: x86: Introduce segmented_write_std
nl80211: fix sched scan netlink socket owner destruction
USB: serial: kl5kusb105: fix line-state error handling
USB: serial: ch341: fix initial modem-control state
USB: serial: ch341: fix open error handling
USB: serial: ch341: fix control-message error handling
USB: serial: ch341: fix open and resume after B0
Input: elants_i2c - avoid divide by 0 errors on bad touchscreen data
i2c: print correct device invalid address
i2c: fix kernel memory disclosure in dev interface
xhci: fix deadlock at host remove by running watchdog correctly
vme: Fix wrong pointer utilization in ca91cx42_slave_get
mnt: Protect the mountpoint hashtable with mount_lock
tty/serial: atmel_serial: BUG: stop DMA from transmitting in stop_tx
sysrq: attach sysrq handler correctly for 32-bit kernel
sysctl: Drop reference added by grab_header in proc_sys_readdir
drm/radeon: drop verde dpm quirks
USB: serial: ch341: fix resume after reset
USB: serial: ch341: fix modem-control and B0 handling
x86/cpu: Fix bootup crashes by sanitizing the argument of the 'clearcpuid=' 
command-line option
btrfs: fix locking when we put back a delayed ref that's too new
btrfs: fix error handling when run_delayed_extent_op fails
pinctrl: meson: fix gpio request disabling other modes
pNFS: Fix race in pnfs_wait_on_layoutreturn
NFS: Fix a performance regression in readdir
NFSv4.1: nfs4_fl_prepare_ds must be careful about reporting success.
cpufreq: powernv: Disable preemption while checking CPU throttling state
block: cfq_cpd_alloc() should use @gfp
ACPI / APEI: Fix NMI notification handling
blk-mq: Always schedule hctx->next_cpu
bus: vexpress-config: fix device reference leak
powerpc/ibmebus: Fix further device reference leaks
powerpc/ibmebus: Fix device reference leaks in sysfs interface
pinctrl: sh-pfc: Do not unconditionally support PIN_CONFIG_BIAS_DISABLE
Linux 4.4.44

** Affects: linux (Ubuntu)
 Importance: Undecided
 Status: New

** Affects: linux (Ubuntu Xenial)
 Importance: Undecided
 Status: New


** Tags: kernel-stable-tracking-bug

** Tags added: kernel-stable-tracking-bug

** Also affects: linux (Ubuntu Xenial)
   Importance: Undecided
   Status: New

** Description changed:

+ SRU Justification
  
- SRU Justification
+ Impact:
+    The upstream process for stable tree updates is quite similar
+    in scope to the Ubuntu SRU process, e.g., each patch has to
+    demonstrably fix a bug, and each patch is vetted by upstream
+    by originating either directly from a mainline/stable Linux tree or
+    a minimally backported form of that patch. The v4.4.44 upstream stable
+    patch set is now available. It should be included in the Ubuntu
+    kernel as well.
  
- Impact:
-The upstream process for stable tree updates is quite similar
-in scope to the Ubuntu SRU process, e.g., each patch has to
-demonstrably fix a bug, and each patch is vetted by upstream
-by originating either directly from a mainline/stable Linux tree or
-a minimally backported form of that patch. The v4.4.44 upstream stable
-patch set is now available. It should be included in the Ubuntu
-kernel as well.
+    git://git.kernel.org/
  
-git://git.kernel.org/
+ TEST CASE: TBD
  
- TEST CASE: TBD
+    The following patches from the v4.4.44 stable release shall be
+ applied:
  
-The following patches from the v4.4.44 stable release shall be
- applied:
+ Input: xpad - use correct product id for x360w controllers
+ Input: i8042 - add Pegatron touchpad to 

[Group.of.nepali.translators] [Bug 1657433] Re: linux-snapdragon: 4.4.0-1046.50 -proposed tracker

[Taihsiang Ho]

Hardware Certification have completed testing this -proposed kernel. No
regressions were observed, results are available here:
http://people.canonical.com/~hwcert/sru-testing/snapdragon/4.4.0-1046.50
/snapdragon-xenial-proposed-frozen.html

** Tags added: certification-testing-passed

** Changed in: kernel-sru-workflow/certification-testing
   Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1657433

Title:
  linux-snapdragon: 4.4.0-1046.50 -proposed tracker

Status in Kernel SRU Workflow:
  In Progress
Status in Kernel SRU Workflow automated-testing series:
  Confirmed
Status in Kernel SRU Workflow certification-testing series:
  Fix Released
Status in Kernel SRU Workflow prepare-package series:
  Fix Released
Status in Kernel SRU Workflow prepare-package-meta series:
  Fix Released
Status in Kernel SRU Workflow promote-to-proposed series:
  Fix Released
Status in Kernel SRU Workflow promote-to-security series:
  New
Status in Kernel SRU Workflow promote-to-updates series:
  New
Status in Kernel SRU Workflow regression-testing series:
  Confirmed
Status in Kernel SRU Workflow security-signoff series:
  Fix Released
Status in Kernel SRU Workflow upload-to-ppa series:
  New
Status in Kernel SRU Workflow verification-testing series:
  Confirmed
Status in linux-snapdragon package in Ubuntu:
  Invalid
Status in linux-snapdragon source package in Xenial:
  Confirmed

Bug description:
  This bug is for tracking the  upload package.
  This bug will contain status and testing results related to that
  upload.

  For an explanation of the tasks and the associated workflow see: 
https://wiki.ubuntu.com/Kernel/kernel-sru-workflow
  -- swm properties --
  boot-testing-requested: true
  derivative-trackers-created: true
  kernel-stable-master-bug: 1657430
  phase: Promoted to proposed
  proposed-announcement-sent: true
  proposed-testing-requested: true

To manage notifications about this bug go to:
https://bugs.launchpad.net/kernel-sru-workflow/+bug/1657433/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1624054] Re: Please backport Yakkety version to Xenial

[Timo Aaltonen]

Nope, backports to -updates happen from a stable release, so xenial will
get 1.0.21 at this point.

** Also affects: vulkan (Ubuntu Xenial)
   Importance: Undecided
   Status: New

** Changed in: vulkan (Ubuntu Xenial)
   Status: New => In Progress

** Changed in: vulkan (Ubuntu Xenial)
 Assignee: (unassigned) => Timo Aaltonen (tjaalton)

** Changed in: vulkan (Ubuntu)
   Status: Confirmed => Invalid

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1624054

Title:
  Please backport Yakkety version to Xenial

Status in One Hundred Papercuts:
  Confirmed
Status in vulkan package in Ubuntu:
  Invalid
Status in vulkan source package in Xenial:
  In Progress

Bug description:
  Since the Nvidia 367 drivers are in the process of being backported to
  Ubuntu 16.04 via https://launchpad.net/ubuntu/+source/nvidia-graphics-
  drivers-367/367.44-0ubuntu0.16.04.2 it should also be fitting that the
  Vulkan packages be backported either from 16.10 or
  https://launchpad.net/~graphics-drivers/+archive/ubuntu/ppa to
  coincide with the newer Nvidia driver support.

To manage notifications about this bug go to:
https://bugs.launchpad.net/hundredpapercuts/+bug/1624054/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1658009] Re: Docker can't start s390x images on Ubuntu and gets "oci runtime error: unrecognized architecture"

[Dimitri John Ledkov]

Regression is in runc rc1 vs r2, out of date libseccomp vedorised golang
dependency which (artificially) limited execution on s390x.

This is resolved in zesty-proposed, investigating why it has not
migrated to zesty-release yet.

Following that will investigate to cherry-pick runc fix-up or expedite
rc2 backport SRU.

** Package changed: docker.io (Ubuntu Xenial) => runc (Ubuntu Xenial)

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1658009

Title:
  Docker can't start s390x images on Ubuntu and gets "oci runtime error:
  unrecognized architecture"

Status in Ubuntu on IBM z Systems:
  Confirmed
Status in runc package in Ubuntu:
  Triaged
Status in runc source package in Xenial:
  Fix Committed
Status in runc source package in Yakkety:
  Triaged
Status in runc source package in Zesty:
  Triaged

Bug description:
  Starting different s390x Docker images on Ubuntu 16.04.1 (and 16.10)
  fails:

  
  Problem description:
  # docker run s390x/ubuntu
  Unable to find image 's390x/ubuntu:latest' locally
  latest: Pulling from s390x/ubuntu
  b43bc799d4e2: Pull complete 
  afbd2b8f99bf: Pull complete 
  0e3aee0ec255: Pull complete 
  eb19a6534950: Pull complete 
  29583cd8abac: Pull complete 
  Digest: 
sha256:73e317083b0e7f6f477500b97f658519448aa7a54842a077ae8465235d6b8598
  Status: Downloaded newer image for s390x/ubuntu:latest
  docker: Error response from daemon: oci runtime error: unrecognized 
architecture.
  # docker run s390x/busybox
  ...
  ..
  docker: Error response from daemon: oci runtime error: unrecognized 
architecture.

  
  System description:

  # uname -a
  Linux s8330034 4.4.0-36-generic #55-Ubuntu SMP Thu Aug 11 18:05:09 UTC 
2016 s390x s390x s390x GNU/Linux
  # docker info
  Containers: 2
   Running: 0
   Paused: 0
   Stopped: 2
  Images: 2
  Server Version: 1.12.3
  Storage Driver: aufs
   Root Dir: /var/lib/docker/aufs
   Backing Filesystem: extfs
   Dirs: 10
   Dirperm1 Supported: true
  Logging Driver: json-file
  Cgroup Driver: cgroupfs
  Plugins:
   Volume: local
   Network: overlay bridge null host
  Swarm: inactive
  Runtimes: runc
  Default Runtime: runc
  Security Options: apparmor seccomp
  Kernel Version: 4.4.0-36-generic
  Operating System: Ubuntu 16.04.1 LTS
  OSType: linux
  Architecture: s390x
  CPUs: 1
  Total Memory: 860.4 MiB
  Name: s8330034
  ID: XWPX:2EKT:TD5Q:FXT4:DG6G:ZEWQ:KKOH:4DR7:7VAZ:MJPE:ME5X:UJ4G
  Docker Root Dir: /var/lib/docker
  Debug Mode (client): false
  Debug Mode (server): false
  Registry: https://index.docker.io/v1/
  WARNING: No swap limit support
  Insecure Registries:
   127.0.0.0/8
  
  # docker version
  Client:
   Version:  1.12.3
   API version:  1.24
   Go version:   go1.6.2
   Git commit:   6b644ec
   Built:Mon, 19 Dec 2016 09:20:48 +1300
   OS/Arch:  linux/s390x

  Server:
   Version:  1.12.3
   API version:  1.24
   Go version:   go1.6.2
   Git commit:   6b644ec
   Built:Mon, 19 Dec 2016 09:20:48 +1300
   OS/Arch:  linux/s390x

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-z-systems/+bug/1658009/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp