[Group.of.nepali.translators] [Bug 1655507] Re: CVE-2017-5330 - Ark: unintended execution of scripts and executable files
This bug was fixed in the package ark - 4:16.04.3a-0ubuntu2.2 --- ark (4:16.04.3a-0ubuntu2.2) yakkety-security; urgency=medium * SECURITY UPDATE:unintended execution of scripts and executable files - debian/patches/no-exec-during-url-open.patch - Thanks to Fabian Vogt for reporting this issue, Elvis Angelaccio for fixing this issue. - CVE-2017-5330 - fixes (LP: #1655507) -- Vishnu Vardhan Reddy NainiThu, 19 Jan 2017 03:10:04 +0530 ** Changed in: ark (Ubuntu Yakkety) Status: In Progress => Fix Released ** Changed in: ark (Ubuntu Xenial) Status: Confirmed => Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2017-5530 -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1655507 Title: CVE-2017-5330 - Ark: unintended execution of scripts and executable files Status in ark package in Ubuntu: Fix Released Status in ark source package in Xenial: Fix Released Status in ark source package in Yakkety: Fix Released Status in ark source package in Zesty: Fix Released Bug description: KDE Project Security Advisory = Title: Ark: unintended execution of scripts and executable files Risk Rating:Important CVE:CVE-2017-5330 Versions: ark >= 15.12 Author: Elvis Angelaccio Date: 12 January 2017 Overview Through a (possibly malicious) tar archive that contains an executable shell script or binary, it was possible to execute arbitrary code on target machines. KRun::runUrl() has a runExecutable argument which defaults to true. Ark was using this default value and was also not checking whether an extracted file was executable before passing it to the runUrl() function. Impact == An attacker can send legitimate tar archives with executable scripts or binaries disguised as normal files (say, with README or LICENSE as filenames). The attacker then can trick a user to select those files and click the Open button in the Ark toolbar, which triggers the affected code. Workaround == Don't use the File -> Open functionality of Ark. You can still open archives (Archive->Open) and extract them. Solution Update to Ark >= 16.12.1 For older releases of Ark, apply the following patches: Applications/16.08 branch: https://commits.kde.org/ark/49ce94df19607e234525afda5ad4190ce35300c3 Applications/16.04 branch: https://commits.kde.org/ark/6b6da3f2e6ac5ca12b46d208d532948c1dbb8776 Applications/15.12 branch: https://commits.kde.org/ark/e2448360eca1b81eb59fffca9584b0fc5fbd8e5b Credits === Thanks to Fabian Vogt for reporting this issue, Elvis Angelaccio for fixing this issue. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ark/+bug/1655507/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1655040] Re: i386 ftrace tests hang on ADT testing
This bug was fixed in the package linux - 4.9.0-12.13 --- linux (4.9.0-12.13) zesty; urgency=low [ Tim Gardner ] * Release Tracking Bug - LP: #1655122 * Zesty update to v4.9.2 stable release (LP: #1655114) - ssb: Fix error routine when fallback SPROM fails - ath10k: fix soft lockup during firmware crash/hw-restart - rtlwifi: Fix enter/exit power_save - perf/x86: Fix exclusion of BTS and LBR for Goldmont - perf annotate: Don't throw error for zero length symbols - perf/x86/intel/cstate: Prevent hotplug callback leak - rtl8xxxu: Work around issue with 8192eu and 8723bu devices not reconnecting - cfg80211/mac80211: fix BSS leaks when abandoning assoc attempts - ath9k: fix ath9k_hw_gpio_get() to return 0 or 1 on success - ath9k: Really fix LED polarity for some Mini PCI AR9220 MB92 cards. - ath9k: do not return early to fix rcu unlocking - Revert "mmc: sdhci: Reset cmd and data circuits after tuning failure" - mmc: sdhci: Fix recovery from tuning timeout - regulator: stw481x-vmmc: fix ages old enable error - mmc: sd: Meet alignment requirements for raw_ssr DMA - timekeeping_Force_unsigned_clocksource_to_nanoseconds_conversion - gpio: stmpe: fix interrupt handling bug - gpio: chardev: Return error for seek operations - arm64: tegra: Add VDD_GPU regulator to Jetson TX1 - clk: bcm2835: Avoid overwriting the div info when disabling a pll_div clk - thermal: hwmon: Properly report critical temperature in sysfs - docs: sphinx-extensions: make rstFlatTable work with docutils 0.13 - hv: acquire vmbus_connection.channel_mutex in vmbus_free_channels() - staging/lustre/osc: Revert erroneous list_for_each_entry_safe use - staging: lustre: ldlm: pl_recalc time handling is wrong - staging: comedi: ni_mio_common: fix M Series ni_ai_insn_read() data mask - staging: comedi: ni_mio_common: fix E series ni_ai_insn_read() data - ACPI / video: Add force_native quirk for Dell XPS 17 L702X - ACPI / video: Add force_native quirk for HP Pavilion dv6 - drm/amdgpu/si: load the proper firmware on 0x87 oland boards - drm/amdgpu: add additional pci revision to dpm workaround - drm/amdgpu: Store CRTC relative amdgpu_crtc->cursor_x/y values - drm/amdgpu: Also call cursor_move_locked when the cursor size changes - drm/amd/amdgpu: enable GUI idle INT after enabling CGCG - drm/nouveau/gr: fallback to legacy paths during firmware lookup - drm/nouveau/kms: lvds panel strap moved again on maxwell - drm/nouveau/bios: require checksum to match for fast acpi shadow method - drm/nouveau/ltc: protect clearing of comptags with mutex - drm/nouveau/ttm: wait for bo fence to signal before unmapping vmas - drm/nouveau/i2c/gk110b,gm10x: use the correct implementation - drm/nouveau/fifo/gf100-: protect channel preempt with subdev mutex - drm/radeon: Also call cursor_move_locked when the cursor size changes - drm/radeon: Hide the HW cursor while it's out of bounds - drm/radeon: add additional pci revision to dpm workaround - drm/radeon/si: load the proper firmware on 0x87 oland boards - drm/gma500: Add compat ioctl - drm/amd/powerplay: bypass fan table setup if no fan connected - drm/amdgpu: fix enable_cp_power_gating in gfx_v8.0. - drm/amdgpu: fix init save/restore list in gfx_v8.0 - drivers/gpu/drm/ast: Fix infinite loop if read fails - mei: request async autosuspend at the end of enumeration - mei: me: add lewisburg device ids - block: protect iterate_bdevs() against concurrent close - vt: fix Scroll Lock LED trigger name - stm class: Fix device leak in open error path - scsi: megaraid_sas: For SRIOV enabled firmware, ensure VF driver waits for 30secs before reset - scsi: megaraid_sas: Do not set MPI2_TYPE_CUDA for JBOD FP path for FW which does not support JBOD sequence map - iscsi-target: Return error if unable to add network portal - scsi: zfcp: fix use-after-"free" in FC ingress path after TMF - scsi: zfcp: do not trace pure benign residual HBA responses at default level - scsi: zfcp: fix rport unblock race with LUN recovery - scsi: avoid a permanent stop of the scsi device's request queue - ARC: mm: arc700: Don't assume 2 colours for aliasing VIPT dcache - firmware: fix usermode helper fallback loading - s390/vmlogrdr: fix IUCV buffer allocation - s390/kexec: use node 0 when re-adding crash kernel memory - arm64: KVM: pmu: Reset PMSELR_EL0.SEL to a sane value before entering the guest - latent_entropy: fix ARM build error on earlier gcc - sc16is7xx: Drop bogus use of IRQF_ONESHOT - md/raid5: limit request size according to implementation limits - scsi: aacraid: remove wildcard for series 9 controllers - KVM: PPC: Book3S HV: Save/restore XER in checkpointed register state - KVM: PPC: Book3S HV: Don't lose hardware R/C
[Group.of.nepali.translators] [Bug 1656801] Re: ntp: changing the default config from server to pool broke the dhcp hook
** Also affects: ntp (Debian) via http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=809344 Importance: Unknown Status: Unknown -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1656801 Title: ntp: changing the default config from server to pool broke the dhcp hook Status in ntp package in Ubuntu: Fix Released Status in ntp source package in Xenial: Triaged Status in ntp package in Debian: Unknown Bug description: In 1:4.2.8p3+dfsg-1, the default config was changed to "Use pool instead of server". This needs a corresponding update to /etc/dhcp/dhclient-exit-hooks.d/ntp, since the DHCP specified servers now get added to the default pool config instead of replacing them. This affects Xenial only as the Yakkety build includes the upstream fix (1:4.2.8p7+dfsg-1). Original Debian busg https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=809344 & https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806676 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1656801/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1657594] Re: USN-3174-1: partially applies to MariaDB too
** No longer affects: mariadb-5.5 (Ubuntu) -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1657594 Title: USN-3174-1: partially applies to MariaDB too Status in mariadb-10.0 package in Ubuntu: New Status in mariadb-10.1 package in Ubuntu: New Status in mariadb-5.5 source package in Trusty: New Status in mariadb-10.0 source package in Xenial: New Status in mariadb-10.0 source package in Yakkety: New Status in mariadb-10.0 source package in Zesty: New Status in mariadb-10.1 source package in Zesty: New Bug description: https://www.ubuntu.com/usn/usn-3174-1/ The security notice above also affect MariaDB and the latest release includes fixes. I will produce a security release soon and attach more information to this bug report for: - mariadb.5.5 in Trusty - mariadb-10.0 in Xenial and Yakkety (zesty can sync from Debian) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/mariadb-10.0/+bug/1657594/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1630924] Re: Kdump through NMI SMP and single core not working on Ubuntu16.10
** No longer affects: linux (Ubuntu Vivid) ** Also affects: linux (Ubuntu Zesty) Importance: Medium Status: Confirmed ** Also affects: linux (Ubuntu Vivid) Importance: Undecided Status: New ** Changed in: linux (Ubuntu Vivid) Status: New => In Progress ** Changed in: linux (Ubuntu Xenial) Status: Confirmed => In Progress ** Changed in: linux (Ubuntu Yakkety) Status: Confirmed => In Progress ** Changed in: linux (Ubuntu Zesty) Status: Confirmed => In Progress ** Changed in: linux (Ubuntu Vivid) Importance: Undecided => Medium ** Changed in: linux (Ubuntu Vivid) Assignee: (unassigned) => Joseph Salisbury (jsalisbury) ** Changed in: linux (Ubuntu Xenial) Assignee: (unassigned) => Joseph Salisbury (jsalisbury) ** Changed in: linux (Ubuntu Yakkety) Assignee: (unassigned) => Joseph Salisbury (jsalisbury) ** Changed in: linux (Ubuntu Zesty) Assignee: (unassigned) => Joseph Salisbury (jsalisbury) -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1630924 Title: Kdump through NMI SMP and single core not working on Ubuntu16.10 Status in linux package in Ubuntu: In Progress Status in linux source package in Vivid: In Progress Status in linux source package in Xenial: In Progress Status in linux source package in Yakkety: In Progress Status in linux source package in Zesty: In Progress Bug description: During some tests I've encountered an issue with kdump through NMI SMP and single core. After kdump configuration, when I trigger the crash through an NMI call from the host, the VM will panic, however it will not write the vmcore dump files and neither reboot. REPRO STEPS: 1. configure kdump - crashkernel=512M-:384M /boot/grub/grub.cfg - USE_KDUMP=1 /etc/default/kdump-tools 2. after configuration reboot the VM 3. check kdump status - cat /sys/kernel/kexec_* - service kdump-tools status 4. configure NMI - sysctl -w kernel.unknown_nmi_panic=1 5. trigger a crash from host - Debug-VM -Name $vmName -InjectNonMaskableInterrupt -ComputerName $hvServer -Force This case also applies to: -Ubuntu 16.10 generation 2(kernel version: 4.8.0-17-generic) -Ubuntu 16.04.1(kernel: 4.4.0-38-generic) -Ubuntu 14.04.5(kernel: 3.19.0-69-generic) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1630924/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1647485] Re: NVMe symlinks broken by devices with spaces in model or serial strings
This bug was fixed in the package systemd - 229-4ubuntu16 --- systemd (229-4ubuntu16) xenial; urgency=medium * d/p/0001-libudev-util-change-util_replace_whitespace-to-retur.patch, d/p/0002-udev-event-add-replace_whitespace-param-to-udev_even.patch, d/p/0003-udev-rules-perform-whitespace-replacement-for-symlin.patch: Cherry-pick upstream fixes from Dan Streetmanto fix by-id symlinks for devices whose IDs contain whitespace. LP: #1647485. -- Steve Langasek Wed, 18 Jan 2017 13:37:19 -0800 ** Changed in: systemd (Ubuntu Xenial) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1647485 Title: NVMe symlinks broken by devices with spaces in model or serial strings Status in systemd: New Status in systemd package in Ubuntu: Fix Committed Status in systemd source package in Trusty: Confirmed Status in systemd source package in Xenial: Fix Released Status in systemd source package in Yakkety: Fix Committed Status in systemd source package in Zesty: Fix Committed Status in systemd package in Debian: New Bug description: [Impact] After including the patch from bug 1642903, NVMe devices that include spaces in their model or serial strings result in incorrect symlinks, e.g. if the model string is "XYZ Corp NVMe drive" then instead of creating: /dev/disk/by-id/nvme-XYZ Corp NVMe drive_SERIAL -> ../../nvme0n1 it creates: /dev/disk/by-id/nvme-XYZ -> ../../nvme0n1 /dev/Corp -> nvme0n1 /dev/NVMe -> nvme0n1 /dev/drive_SERIAL -> nvme0n1 This is because of the way udev handles the SYMLINK value strings; by default, it does not do any whitespace replacement. To enable whitespace replacement of a symlink value, the rule must also include OPTIONS+="string_escape=replace". This is done for 'md' and 'dm' devices in their rules. However, there are no rules that actually want to specify multiple symlinks, and defaulting to not replacing whitespace makes no sense; instead, the default should be to replace all whitespace in each symlink value, unless the rule explicitly specifies OPTIONS+="string_escape=none". [Test Case] This assumes using udev with the patch from bug 1642903. Without this patch, when using a NVMe drive that contains spaces in its model and/or serial strings, check the /dev/disk/by-id/ directory. It should contain a partially-correct symlink to the NVMe drive, with the name up to the first space. All following space-separated parts of the mode/serial string should have symlinks in the /dev/ directory. This is the incorrect behavior. With this patch, check the /dev/disk/by-id/ directory. It should contain a fully-correct symlink to the NVMe drive, and no part of the drive's model/serial number string should be a link in the /dev directory. An example of the correct/incorrect naming is in the Impact section. There should be no other changes to any of the symlinks under /dev before and after this patch. Typical locations for symlinks are /dev/, /dev/disk/by-name/, /dev/disk/by-id/, /dev/disk/by-uuid/, /dev/disk/by-label/ [Regression Potential] Errors in udev rules can lead to an unbootable or otherwise completely broken system if they unintentionally break or clobber existing /dev/disks/ symlinks. [Other Info] This is also tracked with upstream systemd (udev) bug 4833: https://github.com/systemd/systemd/issues/4833 Also note, this can be worked around in individual rules ONLY (i.e. not fixed for all rules) by appending OPTIONS+="string_escape=replace" to each of the NVMe rules with SYMLINK+="..." assignment, e.g.: KERNEL=="nvme*[0-9]n*[0-9]", ENV{DEVTYPE}=="disk", ATTRS{model}=="?*", ENV{ID_SERIAL_SHORT}=="?*", ENV{ID_SERIAL}="$attr{model}_$env{ID_SERIAL_SHORT}", SYMLINK+="disk /by-id/nvme-$env{ID_SERIAL}", OPTIONS+="string_escape=replace" Related bugs: * bug 1642903: introduce disk/by-id (model_serial) symlinks for NVMe drives * bug 1651602: NVMe driver regression for non-smp/1-cpu systems * bug 1649635: export nvme drive model/serial strings via sysfs (trusty) To manage notifications about this bug go to: https://bugs.launchpad.net/systemd/+bug/1647485/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1658009] Re: Docker can't start s390x images on Ubuntu and gets "oci runtime error: unrecognized architecture"
This bug was fixed in the package runc - 1.0.0~rc1-0ubuntu2~16.04.1.1 --- runc (1.0.0~rc1-0ubuntu2~16.04.1.1) xenial; urgency=medium * Cherrypick seccomp update from -rc2 to resolve failure to execute on ppc64el and s390x. LP: #1658009 -- Dimitri John LedkovFri, 20 Jan 2017 11:09:00 + ** Changed in: runc (Ubuntu Xenial) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1658009 Title: Docker can't start s390x images on Ubuntu and gets "oci runtime error: unrecognized architecture" Status in Ubuntu on IBM z Systems: Fix Committed Status in runc package in Ubuntu: Fix Committed Status in runc source package in Xenial: Fix Released Status in runc source package in Yakkety: Fix Released Status in runc source package in Zesty: Fix Committed Bug description: [Impact] * Regression in updates * Cannot start a docker container on s390x/ppc64el [Test Case] * $ sudo docker run -t s390x/ubuntu Should start a container without an error on s390x * $ sudo docker run -t ppc64le/ubuntu Should start a container without an error on ppc64el [Regression Potential] * Minimal, the fix is a cherrypick of vendorised update of seccomp sub-library which now includes architecture defines to/from native arch and s390x/ppc64el. [Other Info] Starting different s390x Docker images on Ubuntu 16.04.1 (and 16.10) fails: Problem description: # docker run s390x/ubuntu Unable to find image 's390x/ubuntu:latest' locally latest: Pulling from s390x/ubuntu b43bc799d4e2: Pull complete afbd2b8f99bf: Pull complete 0e3aee0ec255: Pull complete eb19a6534950: Pull complete 29583cd8abac: Pull complete Digest: sha256:73e317083b0e7f6f477500b97f658519448aa7a54842a077ae8465235d6b8598 Status: Downloaded newer image for s390x/ubuntu:latest docker: Error response from daemon: oci runtime error: unrecognized architecture. # docker run s390x/busybox ... .. docker: Error response from daemon: oci runtime error: unrecognized architecture. System description: # uname -a Linux s8330034 4.4.0-36-generic #55-Ubuntu SMP Thu Aug 11 18:05:09 UTC 2016 s390x s390x s390x GNU/Linux # docker info Containers: 2 Running: 0 Paused: 0 Stopped: 2 Images: 2 Server Version: 1.12.3 Storage Driver: aufs Root Dir: /var/lib/docker/aufs Backing Filesystem: extfs Dirs: 10 Dirperm1 Supported: true Logging Driver: json-file Cgroup Driver: cgroupfs Plugins: Volume: local Network: overlay bridge null host Swarm: inactive Runtimes: runc Default Runtime: runc Security Options: apparmor seccomp Kernel Version: 4.4.0-36-generic Operating System: Ubuntu 16.04.1 LTS OSType: linux Architecture: s390x CPUs: 1 Total Memory: 860.4 MiB Name: s8330034 ID: XWPX:2EKT:TD5Q:FXT4:DG6G:ZEWQ:KKOH:4DR7:7VAZ:MJPE:ME5X:UJ4G Docker Root Dir: /var/lib/docker Debug Mode (client): false Debug Mode (server): false Registry: https://index.docker.io/v1/ WARNING: No swap limit support Insecure Registries: 127.0.0.0/8 # docker version Client: Version: 1.12.3 API version: 1.24 Go version: go1.6.2 Git commit: 6b644ec Built:Mon, 19 Dec 2016 09:20:48 +1300 OS/Arch: linux/s390x Server: Version: 1.12.3 API version: 1.24 Go version: go1.6.2 Git commit: 6b644ec Built:Mon, 19 Dec 2016 09:20:48 +1300 OS/Arch: linux/s390x To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1658009/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1658009] Re: Docker can't start s390x images on Ubuntu and gets "oci runtime error: unrecognized architecture"
This bug was fixed in the package runc - 1.0.0~rc1-0ubuntu2~16.10.1.1 --- runc (1.0.0~rc1-0ubuntu2~16.10.1.1) yakkety; urgency=medium * Cherrypick seccomp update from -rc2 to resolve failure to execute on ppc64el and s390x. LP: #1658009 -- Dimitri John LedkovFri, 20 Jan 2017 11:06:50 + ** Changed in: runc (Ubuntu Yakkety) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1658009 Title: Docker can't start s390x images on Ubuntu and gets "oci runtime error: unrecognized architecture" Status in Ubuntu on IBM z Systems: Fix Committed Status in runc package in Ubuntu: Fix Committed Status in runc source package in Xenial: Fix Released Status in runc source package in Yakkety: Fix Released Status in runc source package in Zesty: Fix Committed Bug description: [Impact] * Regression in updates * Cannot start a docker container on s390x/ppc64el [Test Case] * $ sudo docker run -t s390x/ubuntu Should start a container without an error on s390x * $ sudo docker run -t ppc64le/ubuntu Should start a container without an error on ppc64el [Regression Potential] * Minimal, the fix is a cherrypick of vendorised update of seccomp sub-library which now includes architecture defines to/from native arch and s390x/ppc64el. [Other Info] Starting different s390x Docker images on Ubuntu 16.04.1 (and 16.10) fails: Problem description: # docker run s390x/ubuntu Unable to find image 's390x/ubuntu:latest' locally latest: Pulling from s390x/ubuntu b43bc799d4e2: Pull complete afbd2b8f99bf: Pull complete 0e3aee0ec255: Pull complete eb19a6534950: Pull complete 29583cd8abac: Pull complete Digest: sha256:73e317083b0e7f6f477500b97f658519448aa7a54842a077ae8465235d6b8598 Status: Downloaded newer image for s390x/ubuntu:latest docker: Error response from daemon: oci runtime error: unrecognized architecture. # docker run s390x/busybox ... .. docker: Error response from daemon: oci runtime error: unrecognized architecture. System description: # uname -a Linux s8330034 4.4.0-36-generic #55-Ubuntu SMP Thu Aug 11 18:05:09 UTC 2016 s390x s390x s390x GNU/Linux # docker info Containers: 2 Running: 0 Paused: 0 Stopped: 2 Images: 2 Server Version: 1.12.3 Storage Driver: aufs Root Dir: /var/lib/docker/aufs Backing Filesystem: extfs Dirs: 10 Dirperm1 Supported: true Logging Driver: json-file Cgroup Driver: cgroupfs Plugins: Volume: local Network: overlay bridge null host Swarm: inactive Runtimes: runc Default Runtime: runc Security Options: apparmor seccomp Kernel Version: 4.4.0-36-generic Operating System: Ubuntu 16.04.1 LTS OSType: linux Architecture: s390x CPUs: 1 Total Memory: 860.4 MiB Name: s8330034 ID: XWPX:2EKT:TD5Q:FXT4:DG6G:ZEWQ:KKOH:4DR7:7VAZ:MJPE:ME5X:UJ4G Docker Root Dir: /var/lib/docker Debug Mode (client): false Debug Mode (server): false Registry: https://index.docker.io/v1/ WARNING: No swap limit support Insecure Registries: 127.0.0.0/8 # docker version Client: Version: 1.12.3 API version: 1.24 Go version: go1.6.2 Git commit: 6b644ec Built:Mon, 19 Dec 2016 09:20:48 +1300 OS/Arch: linux/s390x Server: Version: 1.12.3 API version: 1.24 Go version: go1.6.2 Git commit: 6b644ec Built:Mon, 19 Dec 2016 09:20:48 +1300 OS/Arch: linux/s390x To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1658009/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1657674] Re: Add support for RT5660 codec based sound cards on Baytrail
** Also affects: linux (Ubuntu Xenial) Importance: Undecided Status: New ** Changed in: linux (Ubuntu Xenial) Status: New => Fix Committed -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1657674 Title: Add support for RT5660 codec based sound cards on Baytrail Status in HWE Next: In Progress Status in linux package in Ubuntu: In Progress Status in linux source package in Xenial: Fix Committed Bug description: Support RT5660 (ALC3277) codec based sound cards on Ubuntu Xenial kernel This bug is used for tracking purposes, please do not triage. To manage notifications about this bug go to: https://bugs.launchpad.net/hwe-next/+bug/1657674/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1657682] Re: Support latest Redpine WLAN/BT RS9113 driver
** Also affects: linux (Ubuntu Xenial) Importance: Undecided Status: New -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1657682 Title: Support latest Redpine WLAN/BT RS9113 driver Status in HWE Next: In Progress Status in linux package in Ubuntu: In Progress Status in linux source package in Xenial: New Bug description: Support latest Redpine WLAN/BT RS9113 driver in Ubuntu Xenial kernel. This is the latest version of the driver provided by Redpine. For now, this driver is enabled only on x86, x86_64 architectures. This bug is used for tracking purposes, please do not triage. To manage notifications about this bug go to: https://bugs.launchpad.net/hwe-next/+bug/1657682/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1655507] Re: CVE-2017-5330 - Ark: unintended execution of scripts and executable files
** Changed in: ark (Ubuntu Zesty) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1655507 Title: CVE-2017-5330 - Ark: unintended execution of scripts and executable files Status in ark package in Ubuntu: Fix Released Status in ark source package in Xenial: Confirmed Status in ark source package in Yakkety: Confirmed Status in ark source package in Zesty: Fix Released Bug description: KDE Project Security Advisory = Title: Ark: unintended execution of scripts and executable files Risk Rating:Important CVE:CVE-2017-5330 Versions: ark >= 15.12 Author: Elvis AngelaccioDate: 12 January 2017 Overview Through a (possibly malicious) tar archive that contains an executable shell script or binary, it was possible to execute arbitrary code on target machines. KRun::runUrl() has a runExecutable argument which defaults to true. Ark was using this default value and was also not checking whether an extracted file was executable before passing it to the runUrl() function. Impact == An attacker can send legitimate tar archives with executable scripts or binaries disguised as normal files (say, with README or LICENSE as filenames). The attacker then can trick a user to select those files and click the Open button in the Ark toolbar, which triggers the affected code. Workaround == Don't use the File -> Open functionality of Ark. You can still open archives (Archive->Open) and extract them. Solution Update to Ark >= 16.12.1 For older releases of Ark, apply the following patches: Applications/16.08 branch: https://commits.kde.org/ark/49ce94df19607e234525afda5ad4190ce35300c3 Applications/16.04 branch: https://commits.kde.org/ark/6b6da3f2e6ac5ca12b46d208d532948c1dbb8776 Applications/15.12 branch: https://commits.kde.org/ark/e2448360eca1b81eb59fffca9584b0fc5fbd8e5b Credits === Thanks to Fabian Vogt for reporting this issue, Elvis Angelaccio for fixing this issue. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ark/+bug/1655507/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1658091] [NEW] Xenial update to v4.4.44 stable release
Public bug reported: SRU Justification Impact: The upstream process for stable tree updates is quite similar in scope to the Ubuntu SRU process, e.g., each patch has to demonstrably fix a bug, and each patch is vetted by upstream by originating either directly from a mainline/stable Linux tree or a minimally backported form of that patch. The v4.4.44 upstream stable patch set is now available. It should be included in the Ubuntu kernel as well. git://git.kernel.org/ TEST CASE: TBD The following patches from the v4.4.44 stable release shall be applied: Input: xpad - use correct product id for x360w controllers Input: i8042 - add Pegatron touchpad to noloop table selftests: do not require bash to run netsocktests testcase selftests: do not require bash for the generated test mm: fix devm_memremap_pages crash, use mem_hotplug_{begin, done} ocfs2: fix crash caused by stale lvb with fsdlm plugin mm/hugetlb.c: fix reservation race when freeing surplus pages KVM: x86: fix emulation of "MOV SS, null selector" KVM: eventfd: fix NULL deref irqbypass consumer jump_labels: API for flushing deferred jump label updates KVM: x86: flush pending lapic jump label updates on module unload KVM: x86: add Align16 instruction flag KVM: x86: add asm_safe wrapper KVM: x86: emulate FXSAVE and FXRSTOR KVM: x86: Introduce segmented_write_std nl80211: fix sched scan netlink socket owner destruction USB: serial: kl5kusb105: fix line-state error handling USB: serial: ch341: fix initial modem-control state USB: serial: ch341: fix open error handling USB: serial: ch341: fix control-message error handling USB: serial: ch341: fix open and resume after B0 Input: elants_i2c - avoid divide by 0 errors on bad touchscreen data i2c: print correct device invalid address i2c: fix kernel memory disclosure in dev interface xhci: fix deadlock at host remove by running watchdog correctly vme: Fix wrong pointer utilization in ca91cx42_slave_get mnt: Protect the mountpoint hashtable with mount_lock tty/serial: atmel_serial: BUG: stop DMA from transmitting in stop_tx sysrq: attach sysrq handler correctly for 32-bit kernel sysctl: Drop reference added by grab_header in proc_sys_readdir drm/radeon: drop verde dpm quirks USB: serial: ch341: fix resume after reset USB: serial: ch341: fix modem-control and B0 handling x86/cpu: Fix bootup crashes by sanitizing the argument of the 'clearcpuid=' command-line option btrfs: fix locking when we put back a delayed ref that's too new btrfs: fix error handling when run_delayed_extent_op fails pinctrl: meson: fix gpio request disabling other modes pNFS: Fix race in pnfs_wait_on_layoutreturn NFS: Fix a performance regression in readdir NFSv4.1: nfs4_fl_prepare_ds must be careful about reporting success. cpufreq: powernv: Disable preemption while checking CPU throttling state block: cfq_cpd_alloc() should use @gfp ACPI / APEI: Fix NMI notification handling blk-mq: Always schedule hctx->next_cpu bus: vexpress-config: fix device reference leak powerpc/ibmebus: Fix further device reference leaks powerpc/ibmebus: Fix device reference leaks in sysfs interface pinctrl: sh-pfc: Do not unconditionally support PIN_CONFIG_BIAS_DISABLE Linux 4.4.44 ** Affects: linux (Ubuntu) Importance: Undecided Status: New ** Affects: linux (Ubuntu Xenial) Importance: Undecided Status: New ** Tags: kernel-stable-tracking-bug ** Tags added: kernel-stable-tracking-bug ** Also affects: linux (Ubuntu Xenial) Importance: Undecided Status: New ** Description changed: + SRU Justification - SRU Justification + Impact: + The upstream process for stable tree updates is quite similar + in scope to the Ubuntu SRU process, e.g., each patch has to + demonstrably fix a bug, and each patch is vetted by upstream + by originating either directly from a mainline/stable Linux tree or + a minimally backported form of that patch. The v4.4.44 upstream stable + patch set is now available. It should be included in the Ubuntu + kernel as well. - Impact: -The upstream process for stable tree updates is quite similar -in scope to the Ubuntu SRU process, e.g., each patch has to -demonstrably fix a bug, and each patch is vetted by upstream -by originating either directly from a mainline/stable Linux tree or -a minimally backported form of that patch. The v4.4.44 upstream stable -patch set is now available. It should be included in the Ubuntu -kernel as well. + git://git.kernel.org/ -git://git.kernel.org/ + TEST CASE: TBD - TEST CASE: TBD + The following patches from the v4.4.44 stable release shall be + applied: -The following patches from the v4.4.44 stable release shall be - applied: + Input: xpad - use correct product id for x360w controllers + Input: i8042 - add Pegatron touchpad to
[Group.of.nepali.translators] [Bug 1657433] Re: linux-snapdragon: 4.4.0-1046.50 -proposed tracker
Hardware Certification have completed testing this -proposed kernel. No regressions were observed, results are available here: http://people.canonical.com/~hwcert/sru-testing/snapdragon/4.4.0-1046.50 /snapdragon-xenial-proposed-frozen.html ** Tags added: certification-testing-passed ** Changed in: kernel-sru-workflow/certification-testing Status: In Progress => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1657433 Title: linux-snapdragon: 4.4.0-1046.50 -proposed tracker Status in Kernel SRU Workflow: In Progress Status in Kernel SRU Workflow automated-testing series: Confirmed Status in Kernel SRU Workflow certification-testing series: Fix Released Status in Kernel SRU Workflow prepare-package series: Fix Released Status in Kernel SRU Workflow prepare-package-meta series: Fix Released Status in Kernel SRU Workflow promote-to-proposed series: Fix Released Status in Kernel SRU Workflow promote-to-security series: New Status in Kernel SRU Workflow promote-to-updates series: New Status in Kernel SRU Workflow regression-testing series: Confirmed Status in Kernel SRU Workflow security-signoff series: Fix Released Status in Kernel SRU Workflow upload-to-ppa series: New Status in Kernel SRU Workflow verification-testing series: Confirmed Status in linux-snapdragon package in Ubuntu: Invalid Status in linux-snapdragon source package in Xenial: Confirmed Bug description: This bug is for tracking the upload package. This bug will contain status and testing results related to that upload. For an explanation of the tasks and the associated workflow see: https://wiki.ubuntu.com/Kernel/kernel-sru-workflow -- swm properties -- boot-testing-requested: true derivative-trackers-created: true kernel-stable-master-bug: 1657430 phase: Promoted to proposed proposed-announcement-sent: true proposed-testing-requested: true To manage notifications about this bug go to: https://bugs.launchpad.net/kernel-sru-workflow/+bug/1657433/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1624054] Re: Please backport Yakkety version to Xenial
Nope, backports to -updates happen from a stable release, so xenial will get 1.0.21 at this point. ** Also affects: vulkan (Ubuntu Xenial) Importance: Undecided Status: New ** Changed in: vulkan (Ubuntu Xenial) Status: New => In Progress ** Changed in: vulkan (Ubuntu Xenial) Assignee: (unassigned) => Timo Aaltonen (tjaalton) ** Changed in: vulkan (Ubuntu) Status: Confirmed => Invalid -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1624054 Title: Please backport Yakkety version to Xenial Status in One Hundred Papercuts: Confirmed Status in vulkan package in Ubuntu: Invalid Status in vulkan source package in Xenial: In Progress Bug description: Since the Nvidia 367 drivers are in the process of being backported to Ubuntu 16.04 via https://launchpad.net/ubuntu/+source/nvidia-graphics- drivers-367/367.44-0ubuntu0.16.04.2 it should also be fitting that the Vulkan packages be backported either from 16.10 or https://launchpad.net/~graphics-drivers/+archive/ubuntu/ppa to coincide with the newer Nvidia driver support. To manage notifications about this bug go to: https://bugs.launchpad.net/hundredpapercuts/+bug/1624054/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1658009] Re: Docker can't start s390x images on Ubuntu and gets "oci runtime error: unrecognized architecture"
Regression is in runc rc1 vs r2, out of date libseccomp vedorised golang dependency which (artificially) limited execution on s390x. This is resolved in zesty-proposed, investigating why it has not migrated to zesty-release yet. Following that will investigate to cherry-pick runc fix-up or expedite rc2 backport SRU. ** Package changed: docker.io (Ubuntu Xenial) => runc (Ubuntu Xenial) -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1658009 Title: Docker can't start s390x images on Ubuntu and gets "oci runtime error: unrecognized architecture" Status in Ubuntu on IBM z Systems: Confirmed Status in runc package in Ubuntu: Triaged Status in runc source package in Xenial: Fix Committed Status in runc source package in Yakkety: Triaged Status in runc source package in Zesty: Triaged Bug description: Starting different s390x Docker images on Ubuntu 16.04.1 (and 16.10) fails: Problem description: # docker run s390x/ubuntu Unable to find image 's390x/ubuntu:latest' locally latest: Pulling from s390x/ubuntu b43bc799d4e2: Pull complete afbd2b8f99bf: Pull complete 0e3aee0ec255: Pull complete eb19a6534950: Pull complete 29583cd8abac: Pull complete Digest: sha256:73e317083b0e7f6f477500b97f658519448aa7a54842a077ae8465235d6b8598 Status: Downloaded newer image for s390x/ubuntu:latest docker: Error response from daemon: oci runtime error: unrecognized architecture. # docker run s390x/busybox ... .. docker: Error response from daemon: oci runtime error: unrecognized architecture. System description: # uname -a Linux s8330034 4.4.0-36-generic #55-Ubuntu SMP Thu Aug 11 18:05:09 UTC 2016 s390x s390x s390x GNU/Linux # docker info Containers: 2 Running: 0 Paused: 0 Stopped: 2 Images: 2 Server Version: 1.12.3 Storage Driver: aufs Root Dir: /var/lib/docker/aufs Backing Filesystem: extfs Dirs: 10 Dirperm1 Supported: true Logging Driver: json-file Cgroup Driver: cgroupfs Plugins: Volume: local Network: overlay bridge null host Swarm: inactive Runtimes: runc Default Runtime: runc Security Options: apparmor seccomp Kernel Version: 4.4.0-36-generic Operating System: Ubuntu 16.04.1 LTS OSType: linux Architecture: s390x CPUs: 1 Total Memory: 860.4 MiB Name: s8330034 ID: XWPX:2EKT:TD5Q:FXT4:DG6G:ZEWQ:KKOH:4DR7:7VAZ:MJPE:ME5X:UJ4G Docker Root Dir: /var/lib/docker Debug Mode (client): false Debug Mode (server): false Registry: https://index.docker.io/v1/ WARNING: No swap limit support Insecure Registries: 127.0.0.0/8 # docker version Client: Version: 1.12.3 API version: 1.24 Go version: go1.6.2 Git commit: 6b644ec Built:Mon, 19 Dec 2016 09:20:48 +1300 OS/Arch: linux/s390x Server: Version: 1.12.3 API version: 1.24 Go version: go1.6.2 Git commit: 6b644ec Built:Mon, 19 Dec 2016 09:20:48 +1300 OS/Arch: linux/s390x To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1658009/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp