[Group.of.nepali.translators] [Bug 1744882] Re: Add SPEC_CTRL and IBRS changes
Marking the Kilo task wontfix as it has been EOL for a long time. ** Changed in: cloud-archive Status: Triaged => Fix Released ** Changed in: cloud-archive/kilo Status: Fix Committed => Won't Fix -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1744882 Title: Add SPEC_CTRL and IBRS changes Status in Ubuntu Cloud Archive: Fix Released Status in Ubuntu Cloud Archive kilo series: Won't Fix Status in Ubuntu Cloud Archive mitaka series: Fix Released Status in Ubuntu Cloud Archive ocata series: Fix Released Status in Ubuntu Cloud Archive pike series: Fix Released Status in qemu package in Ubuntu: Fix Released Status in qemu source package in Trusty: Fix Released Status in qemu source package in Xenial: Fix Released Status in qemu source package in Artful: Fix Released Status in qemu source package in Bionic: Fix Released Bug description: The merge of [1] landed the spectre related changes for SPEC_CTRL and IBRS to qemu 2.12 It is announced in [2] that there shall be a 2.11.1 with the backport that we intend to pick. The security team can use this merge at [1] to work on backwards security updates. For 18.04 (not yet released) the intention for now is to pick 2.11.1 once available. [1]: https://github.com/qemu/qemu/commit/5cad8ca516011695a37d5be905292722b5249da8 [2]: https://www.qemu.org/2018/01/04/spectre/ To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-archive/+bug/1744882/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1760918] Re: [SRU] Fixing UUID coerce function for unicode non uuid form
** Changed in: cloud-archive Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1760918 Title: [SRU] Fixing UUID coerce function for unicode non uuid form Status in Ubuntu Cloud Archive: Fix Released Status in Ubuntu Cloud Archive mitaka series: Won't Fix Status in Ubuntu Cloud Archive ocata series: Fix Released Status in Ubuntu Cloud Archive pike series: Fix Released Status in Ubuntu Cloud Archive queens series: Fix Released Status in oslo.versionedobjects: Fix Released Status in python-oslo.versionedobjects package in Ubuntu: Fix Released Status in python-oslo.versionedobjects source package in Xenial: Won't Fix Status in python-oslo.versionedobjects source package in Artful: Fix Released Status in python-oslo.versionedobjects source package in Bionic: Fix Released Bug description: [Impact] In Kilo, with ldap integrated, user_id can have non uuid format ( e.g. Gāo ) Then after upgrading kilo to mitaka ( in trusty env ) Gāo user can't create cinder volume with unicode error. Affected Xenial, UCA Mitaka ( this is modified after i re-testing all ) Please refer to error code like below [1] [Test Case] 1. deploy openstack env 2. source novarc ( as admin ) 3. keystone user-create --name test 4. openstack user set --password-prompt test 4. log into keystone node and install mysql-client 5. connect to mysql with keystone user 6. do below query - set foreign_key_checks = 0; - update local_user set user_id='Gāo' where user_id='UUID'; - update user set id='Gāo' where id='UUID'; - set foreign_key_checks = 1; 7. keystone user-role-add --user test --tenant admin --role Admin 8. source novarc ( as test ) 9. cinder create --name test 1 got unicode error on cinder-api node logs [Regression Potential] This patch make code handles unicode non uuid form user id. Basically this has little risk. but cinder-api service need to be restarted. [Others] [1] ### 2018-03-14 10:58:56.932 2198 ERROR cinder.api.middleware.fault File "/usr/lib/python2.7/dist-packages/taskflow/types/failure.py", line 343, in reraise 2018-03-14 10:58:56.932 2198 ERROR cinder.api.middleware.fault six.reraise(*self._exc_info) 2018-03-14 10:58:56.932 2198 ERROR cinder.api.middleware.fault File "/usr/lib/python2.7/dist-packages/taskflow/engines/action_engine/executor.py", line 82, in _execute_task 2018-03-14 10:58:56.932 2198 ERROR cinder.api.middleware.fault result = task.execute(**arguments) 2018-03-14 10:58:56.932 2198 ERROR cinder.api.middleware.fault File "/usr/lib/python2.7/dist-packages/cinder/volume/flows/api/create_volume.py", line 527, in execute 2018-03-14 10:58:56.932 2198 ERROR cinder.api.middleware.fault volume = objects.Volume(context=context, **volume_properties) 2018-03-14 10:58:56.932 2198 ERROR cinder.api.middleware.fault File "/usr/lib/python2.7/dist-packages/cinder/objects/volume.py", line 180, in __init__ 2018-03-14 10:58:56.932 2198 ERROR cinder.api.middleware.fault super(Volume, self).__init__(*args, **kwargs) 2018-03-14 10:58:56.932 2198 ERROR cinder.api.middleware.fault File "/usr/lib/python2.7/dist-packages/oslo_versionedobjects/base.py", line 304, in __init__ 2018-03-14 10:58:56.932 2198 ERROR cinder.api.middleware.fault setattr(self, key, kwargs[key]) 2018-03-14 10:58:56.932 2198 ERROR cinder.api.middleware.fault File "/usr/lib/python2.7/dist-packages/oslo_versionedobjects/base.py", line 72, in setter 2018-03-14 10:58:56.932 2198 ERROR cinder.api.middleware.fault field_value = field.coerce(self, name, value) 2018-03-14 10:58:56.932 2198 ERROR cinder.api.middleware.fault File "/usr/lib/python2.7/dist-packages/oslo_versionedobjects/fields.py", line 192, in coerce 2018-03-14 10:58:56.932 2198 ERROR cinder.api.middleware.fault return self._type.coerce(obj, attr, value) 2018-03-14 10:58:56.932 2198 ERROR cinder.api.middleware.fault File "/usr/lib/python2.7/dist-packages/oslo_versionedobjects/fields.py", line 325, in coerce 2018-03-14 10:58:56.932 2198 ERROR cinder.api.middleware.fault "for further details" % value, FutureWarning) 2018-03-14 10:58:56.932 2198 ERROR cinder.api.middleware.fault File "/usr/lib/python2.7/logging/__init__.py", line 1709, in _showwarning 2018-03-14 10:58:56.932 2198 ERROR cinder.api.middleware.fault s = warnings.formatwarning(message, category, filename, lineno, line) 2018-03-14 10:58:56.932 2198 ERROR cinder.api.middleware.fault File "/usr/lib/python2.7/warnings.py", line 38, in formatwarning 2018-03-14 10:58:56.932 2198 ERROR cinder.api.middleware.fault s = "%s:%s: %s: %s\n" % (filename, lineno, category.__name__, message) 2018-03-14 10:58:56.932 2198 ERROR cinder.api.middleware.fault UnicodeEncodeError: 'ascii' codec can't encode character u'\xe
[Group.of.nepali.translators] [Bug 1899506] Re: Xenial update: v4.4.238 upstream stable release
** Changed in: linux (Ubuntu Xenial) Status: In Progress => Fix Committed ** Changed in: linux (Ubuntu Xenial) Importance: Undecided => Medium ** Changed in: linux (Ubuntu) Status: Confirmed => Invalid -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1899506 Title: Xenial update: v4.4.238 upstream stable release Status in linux package in Ubuntu: Invalid Status in linux source package in Xenial: Fix Committed Bug description: SRU Justification Impact: The upstream process for stable tree updates is quite similar in scope to the Ubuntu SRU process, e.g., each patch has to demonstrably fix a bug, and each patch is vetted by upstream by originating either directly from a mainline/stable Linux tree or a minimally backported form of that patch. The following upstream stable patches should be included in the Ubuntu kernel: v4.4.238 upstream stable release from git://git.kernel.org/ af_key: pfkey_dump needs parameter validation KVM: fix memory leak in kvm_io_bus_unregister_dev() kprobes: fix kill kprobe which has been marked as gone ftrace: Setup correct FTRACE_FL_REGS flags for module RDMA/ucma: ucma_context reference leak in error path mtd: Fix comparison in map_word_andequal() hdlc_ppp: add range checks in ppp_cp_parse_cr() tipc: use skb_unshare() instead in tipc_buf_append() net: add __must_check to skb_put_padto() ip: fix tos reflection in ack and reset packets serial: 8250: Avoid error message on reprobe scsi: aacraid: fix illegal IO beyond last LBA m68k: q40: Fix info-leak in rtc_ioctl gma/gma500: fix a memory disclosure bug due to uninitialized bytes ASoC: kirkwood: fix IRQ error handling PM / devfreq: tegra30: Fix integer overflow on CPU's freq max out mtd: cfi_cmdset_0002: don't free cfi->cfiq in error path of cfi_amdstd_setup() mfd: mfd-core: Protect against NULL call-back function pointer tracing: Adding NULL checks for trace_array descriptor pointer bcache: fix a lost wake-up problem caused by mca_cannibalize_lock xfs: fix attr leaf header freemap.size underflow kernel/sys.c: avoid copying possible padding bytes in copy_to_user neigh_stat_seq_next() should increase position index rt_cpu_seq_next should increase position index seqlock: Require WRITE_ONCE surrounding raw_seqcount_barrier ACPI: EC: Reference count query handlers under lock tracing: Set kernel_stack's caller size properly ar5523: Add USB ID of SMCWUSBT-G2 wireless adapter Bluetooth: Fix refcount use-after-free issue mm: pagewalk: fix termination condition in walk_pte_range() Bluetooth: prefetch channel before killing sock skbuff: fix a data race in skb_queue_len() audit: CONFIG_CHANGE don't log internal bookkeeping as an event selinux: sel_avc_get_stat_idx should increase position index scsi: lpfc: Fix RQ buffer leakage when no IOCBs available drm/omap: fix possible object reference leak dmaengine: tegra-apb: Prevent race conditions on channel's freeing media: go7007: Fix URB type for interrupt handling Bluetooth: guard against controllers sending zero'd events drm/amdgpu: increase atombios cmd timeout Bluetooth: L2CAP: handle l2cap config request during open state media: tda10071: fix unsigned sign extension overflow tpm: ibmvtpm: Wait for buffer to be set before proceeding tracing: Use address-of operator on section symbols serial: 8250_omap: Fix sleeping function called from invalid context during probe SUNRPC: Fix a potential buffer overflow in 'svc_print_xprts()' ubifs: Fix out-of-bounds memory access caused by abnormal value of node_len ALSA: usb-audio: Fix case when USB MIDI interface has more than one extra endpoint descriptor mm/filemap.c: clear page error before actual read mm/mmap.c: initialize align_offset explicitly for vm_unmapped_area KVM: Remove CREATE_IRQCHIP/SET_PIT2 race bdev: Reduce time holding bd_mutex in sync in blkdev_close() drivers: char: tlclk.c: Avoid data race between init and interrupt handler dt-bindings: sound: wm8994: Correct required supplies based on actual implementaion atm: fix a memory leak of vcc->user_back phy: samsung: s5pv210-usb2: Add delay after reset Bluetooth: Handle Inquiry Cancel error after Inquiry Complete USB: EHCI: ehci-mv: fix error handling in mv_ehci_probe() tty: serial: samsung: Correct clock selection logic ALSA: hda: Fix potential race in unsol event handler fuse: don't check refcount after stealing page USB: EHCI: ehci-mv: fix less than zero comparison of an unsigned int e1000: Do not perform reset in reset_task if we are already down printk: handle blank console arguments passed in. vfio/pci: fix memory leaks of eventfd ctx perf kcore_copy: Fix module map when there are no modules load
[Group.of.nepali.translators] [Bug 1756209] Re: i386 implementation of memmove broken since glibc 2.21
** Changed in: glibc (Ubuntu Bionic) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1756209 Title: i386 implementation of memmove broken since glibc 2.21 Status in glibc package in Ubuntu: Fix Released Status in glibc source package in Xenial: New Status in glibc source package in Bionic: Fix Released Bug description: [Impact] * i386 memmove breaks when crossing the 2GB threshold. [Test Case] * Compile and run the reproducer as described at https://github.com/fingolfin/memmove-bug or observe string/test- memmove test passing during the build/autopkgtest on i386. [Regression Potential] * Can break memmove, but this is unlikely since memmove is the very function fixed by fixing signedness handling. [Original Bug Text] In glibc 2.21 they optimized i386 memcpy: https://sourceware.org/ml/libc-alpha/2015-02/msg00119.html The implementation contained a bug which causes memmove to break when crossing the 2GB threshold. This has been filed with glibc here (filed by someone else, but I have requested an update from them as well): https://sourceware.org/bugzilla/show_bug.cgi?id=22644 Unfortunately they have not yet taken action on this bug, however I want to bring it to your attention in the hope that it can be patched into all current Ubuntu releases as soon as possible. I hope this is not improper procedure. Both myself and another (see comment 1 in the glibc bug report) have tested the patch provided in the above glibc bug report and it does appear to fix the problem, however I don't know what the procedure is for getting it properly confirmed/tested and merged into Ubuntu. As requested in the guidelines: 1) We are using: Description:Ubuntu 16.04.4 LTS Release:16.04 2) libc6:i386: Installed: 2.23-0ubuntu10 However as stated above this has been present since libc6:i386 2.21 and affects Ubuntu 15.04 onward. (I have actually tested this as well. 15.04 conveniently used both glibc 2.19 and 2.21 so it was a good test platform when I was initially attempting to track down the problem.) 3) What we expected to happen: memmove should move data within the entire valid address space without segfaulting or corrupting memory. 4) What happened instead: When memmove attempts to move data crossing the 2GB threshold it either segfaults or causes memory corruption. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/glibc/+bug/1756209/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
