[Group.of.nepali.translators] [Bug 1953660] Re: xenial/linux-oracle: 4.15.0-1085.93~16.04.1 -proposed tracker
All tasks have been completed and the bug is being set to Fix Released
** Changed in: kernel-sru-workflow
Status: In Progress => Fix Released
** Tags removed: kernel-release-tracking-bug-live
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1953660
Title:
xenial/linux-oracle: 4.15.0-1085.93~16.04.1 -proposed tracker
Status in Kernel SRU Workflow:
Fix Released
Status in Kernel SRU Workflow automated-testing series:
Invalid
Status in Kernel SRU Workflow boot-testing series:
Fix Released
Status in Kernel SRU Workflow certification-testing series:
Invalid
Status in Kernel SRU Workflow prepare-package series:
Fix Released
Status in Kernel SRU Workflow prepare-package-meta series:
Fix Released
Status in Kernel SRU Workflow prepare-package-signed series:
Fix Released
Status in Kernel SRU Workflow promote-signing-to-proposed series:
Invalid
Status in Kernel SRU Workflow promote-to-proposed series:
Fix Released
Status in Kernel SRU Workflow promote-to-security series:
Invalid
Status in Kernel SRU Workflow promote-to-updates series:
Fix Released
Status in Kernel SRU Workflow regression-testing series:
Fix Released
Status in Kernel SRU Workflow security-signoff series:
Invalid
Status in Kernel SRU Workflow sru-review series:
Fix Released
Status in Kernel SRU Workflow verification-testing series:
Fix Released
Status in linux-oracle source package in Xenial:
New
Bug description:
This bug will contain status and test results related to a kernel
source (or snap) as stated in the title.
For an explanation of the tasks and the associated workflow see:
https://wiki.ubuntu.com/Kernel/kernel-sru-workflow
-- swm properties --
boot-testing-requested: true
built:
route-entry: 1
delta:
promote-to-proposed:
- meta
- main
- signed
promote-to-updates:
- signed
- main
- meta
sru-review:
- main
- signed
- meta
issue: KSRU-658
kernel-stable-master-bug: 1953661
packages:
main: linux-oracle
meta: linux-meta-oracle
signed: linux-signed-oracle
phase: Complete
phase-changed: Friday, 07. January 2022 03:31 UTC
proposed-announcement-sent: true
proposed-testing-requested: true
reason: {}
synthetic:
:promote-to-as-proposed: Invalid
variant: debs
versions:
main: 4.15.0-1085.93~16.04.1
meta: 4.15.0.1085.73
signed: 4.15.0-1085.93~16.04.1
source: 4.15.0-1085.93~16.04.1
To manage notifications about this bug go to:
https://bugs.launchpad.net/kernel-sru-workflow/+bug/1953660/+subscriptions
___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1953660] Re: xenial/linux-oracle: 4.15.0-1085.93~16.04.1 -proposed tracker
All failures have been hinted accordingly.
** Changed in: kernel-sru-workflow/regression-testing
Status: Incomplete => Fix Released
** Changed in: kernel-sru-workflow/regression-testing
Assignee: Canonical Kernel Team (canonical-kernel-team) => Po-Hsu Lin
(cypressyew)
** Tags added: regression-testing-passed
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1953660
Title:
xenial/linux-oracle: 4.15.0-1085.93~16.04.1 -proposed tracker
Status in Kernel SRU Workflow:
In Progress
Status in Kernel SRU Workflow automated-testing series:
Invalid
Status in Kernel SRU Workflow boot-testing series:
Fix Released
Status in Kernel SRU Workflow certification-testing series:
Invalid
Status in Kernel SRU Workflow prepare-package series:
Fix Released
Status in Kernel SRU Workflow prepare-package-meta series:
Fix Released
Status in Kernel SRU Workflow prepare-package-signed series:
Fix Released
Status in Kernel SRU Workflow promote-signing-to-proposed series:
Invalid
Status in Kernel SRU Workflow promote-to-proposed series:
Fix Released
Status in Kernel SRU Workflow promote-to-security series:
Invalid
Status in Kernel SRU Workflow promote-to-updates series:
Fix Released
Status in Kernel SRU Workflow regression-testing series:
Fix Released
Status in Kernel SRU Workflow security-signoff series:
Invalid
Status in Kernel SRU Workflow sru-review series:
Fix Released
Status in Kernel SRU Workflow verification-testing series:
Fix Released
Status in linux-oracle source package in Xenial:
New
Bug description:
This bug will contain status and test results related to a kernel
source (or snap) as stated in the title.
For an explanation of the tasks and the associated workflow see:
https://wiki.ubuntu.com/Kernel/kernel-sru-workflow
-- swm properties --
boot-testing-requested: true
built:
route-entry: 1
delta:
promote-to-proposed:
- meta
- main
- signed
promote-to-updates:
- signed
- main
- meta
sru-review:
- main
- signed
- meta
issue: KSRU-658
kernel-stable-master-bug: 1953661
packages:
main: linux-oracle
meta: linux-meta-oracle
signed: linux-signed-oracle
phase: Complete
phase-changed: Friday, 07. January 2022 03:31 UTC
proposed-announcement-sent: true
proposed-testing-requested: true
reason: {}
synthetic:
:promote-to-as-proposed: Invalid
variant: debs
versions:
main: 4.15.0-1085.93~16.04.1
meta: 4.15.0.1085.73
signed: 4.15.0-1085.93~16.04.1
source: 4.15.0-1085.93~16.04.1
To manage notifications about this bug go to:
https://bugs.launchpad.net/kernel-sru-workflow/+bug/1953660/+subscriptions
___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1951954] Re: ua refresh "Unexpected error(s) occurred"
This bug was fixed in the package ubuntu-advantage-tools - 27.5~22.04.1 --- ubuntu-advantage-tools (27.5~22.04.1) jammy; urgency=medium * d/control: - Update homepage URL * d/tools.postinst: - Refactor to use valid_services * d/tools.postrm: - Use a wildcard to remove ua related gpg files * New upstream release 27.5 (LP: #1956456) - aws: add support for the IPv6 metadata endpoint - cis: update URL for the documentation - cli: + add endpoint to simulate the status using a specific contract token + fix return code when attaching an already attached machine (GH: #1867) + fix security-status to consider all possible origins to show updates + include cloud build.info in the collect-logs tarball + only show services which exist in the contracts server in ua status - docs: fix typos and wrong/outdated information - livepatch: always use the full path in livepatch calls (LP: #1951954) - logs: + improve rules to redact sensitive information from all log files + redact sensitive information from older unredacted log files + log errors from external software execution, for debugging purposes - usg: + support the presentedAs affordance from the contract server, showing services in the CLI with the appropriate names + replace the CIS entitlement by USG on Focal and onwards -- Renan Rodrigo Tue, 04 Jan 2022 17:30:26 -0300 ** Changed in: ubuntu-advantage-tools (Ubuntu) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1951954 Title: ua refresh "Unexpected error(s) occurred" Status in ubuntu-advantage-tools package in Ubuntu: Fix Released Status in ubuntu-advantage-tools source package in Xenial: Fix Committed Status in ubuntu-advantage-tools source package in Bionic: Fix Committed Status in ubuntu-advantage-tools source package in Focal: Fix Committed Status in ubuntu-advantage-tools source package in Hirsute: Fix Committed Status in ubuntu-advantage-tools source package in Impish: Fix Committed Bug description: [Impact] If /snap/bin is not present in the PATH, UA will fail when trying to run it. This is fixed by specifying the full path (/snap/bin/canonical-livepatch) to every call from UA side. [Test Case] To reproduce the bug, run `sudo env PATH="/usr/bin" ua refresh` on an attached bionic machine. Then, install the 27.5 version from the staging PPA (https://launchpad.net/~ua-client/+archive/ubuntu/staging) Repeating the same command as above runs without an error. [Regression Potential] It could only cause problems if canonical-livepatch is in a different place than /snap/bin, and it should not happen in any installation. [Original Description] root@somehost:~# ua refresh Unexpected error(s) occurred. For more details, see the log: /var/log/ubuntu-advantage.log To file a bug run: ubuntu-bug ubuntu-advantage-tools ProblemType: Bug DistroRelease: Ubuntu 18.04 Package: ubuntu-advantage-tools 27.4.1~18.04.1 ProcVersionSignature: Ubuntu 4.15.0-143.147-generic 4.15.18 Uname: Linux 4.15.0-143-generic x86_64 NonfreeKernelModules: lkp_Ubuntu_4_15_0_143_147_generic_82 lkp_Ubuntu_4_15_0_143_147_generic_81 lkp_Ubuntu_4_15_0_143_147_generic_80 lkp_Ubuntu_4_15_0_143_147_generic_79 ApportVersion: 2.20.9-0ubuntu7.27 Architecture: amd64 Date: Tue Nov 23 12:56:54 2021 InstallationDate: Installed on 2015-08-06 (2300 days ago) InstallationMedia: Ubuntu-Server 14.04.2 LTS "Trusty Tahr" - Release amd64 (20150218.1) ProcEnviron: LANGUAGE=en_GB:en TERM=screen PATH=(custom, no user) LANG=en_GB.UTF-8 SHELL=/bin/bash SourcePackage: ubuntu-advantage-tools UpgradeStatus: Upgraded to bionic on 2020-06-17 (524 days ago) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1951954/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1956456] Re: [SRU] ubuntu-advantage-tools (27.4.2 -> 27.5) Xenial, Bionic, Focal, Hirsute, Impish
This bug was fixed in the package ubuntu-advantage-tools - 27.5~22.04.1 --- ubuntu-advantage-tools (27.5~22.04.1) jammy; urgency=medium * d/control: - Update homepage URL * d/tools.postinst: - Refactor to use valid_services * d/tools.postrm: - Use a wildcard to remove ua related gpg files * New upstream release 27.5 (LP: #1956456) - aws: add support for the IPv6 metadata endpoint - cis: update URL for the documentation - cli: + add endpoint to simulate the status using a specific contract token + fix return code when attaching an already attached machine (GH: #1867) + fix security-status to consider all possible origins to show updates + include cloud build.info in the collect-logs tarball + only show services which exist in the contracts server in ua status - docs: fix typos and wrong/outdated information - livepatch: always use the full path in livepatch calls (LP: #1951954) - logs: + improve rules to redact sensitive information from all log files + redact sensitive information from older unredacted log files + log errors from external software execution, for debugging purposes - usg: + support the presentedAs affordance from the contract server, showing services in the CLI with the appropriate names + replace the CIS entitlement by USG on Focal and onwards -- Renan Rodrigo Tue, 04 Jan 2022 17:30:26 -0300 ** Changed in: ubuntu-advantage-tools (Ubuntu) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1956456 Title: [SRU] ubuntu-advantage-tools (27.4.2 -> 27.5) Xenial, Bionic, Focal, Hirsute, Impish Status in ubuntu-advantage-tools package in Ubuntu: Fix Released Status in ubuntu-advantage-tools source package in Xenial: Fix Committed Status in ubuntu-advantage-tools source package in Bionic: Fix Committed Status in ubuntu-advantage-tools source package in Focal: Fix Committed Status in ubuntu-advantage-tools source package in Hirsute: Fix Committed Status in ubuntu-advantage-tools source package in Impish: Fix Committed Bug description: [Impact] This release brings changes to match the Contract Server new affordance, presentedAs, to present a resource via CLI with the appropriate name based on the contract definition. The main use for this functionality is to show CIS as USG on series where the latter is available, enabling user access to this new service. Furthermore, these are the additional functionalities/bug fixes contained: * Improvement on redaction of sensitive information in log files * Support for getting AWS metadata through IPv6 * Ability to do a preflight query for contract/entitlements for a token without attaching * Fix the return codes when attaching an already attached machine - (GH: #1867) * Change the calls to livepatch to use the full path - (LP: #1951954) See the changelog entry below for a full list of changes and bugs. [Test Case] The following development and SRU process was followed: https://wiki.ubuntu.com/UbuntuAdvantageToolsUpdates The ubuntu-advantage-tools team will be in charge of attaching the artifacts and console output of the appropriate run to the bug. ubuntu-advantage-tools team members will not mark ‘verification-done’ until this has happened. [Regression Potential] Most of the changes are adding new things and the integration tests make sure that the existing functionality is preserved. Redacting the logs is still a work in progress, and to avoid problems we will only make the logs world readable in the future, when all cases where sensitive information can be logged are verified. In postinst, we changed a dictionary iteration to the equivalent function implementation. Tests show that the return value is exactly the same, but we may be inadvertently adding a bug there. In postrm, we are using a wildcard to remove gpg keys that matches the naming schema we have for files. There is a risk if someone names an unrelated apt gpg key with the ua prefix - it will end up being removed as well. [Discussion] This is the first version of the CIS/USG migration, and we do expect the security team to come with more requests/fixes on this in the future. However, we did agree to do that iteratively over SRUs. The Xenial and Bionic series should see only UI text changes, preserving exactly the same functionality as before. From Focal on, it is expected that USG will replace CIS. Being a superset of CIS, USG enables people interested in CIS to use the functionality without problems, and security will have documentation up to guide on that. For the migration path, users on Focal which have already enabled CIS will see USG instead, while
[Group.of.nepali.translators] [Bug 1956575] Re: [Regression] Focal kernel 5.4.0-92.103 fails to boot when Secure Encrypted Virtualization(SEV) is enabled
4.4 doesn't have the offending commit so marking it as invalid. ** Changed in: linux (Ubuntu Xenial) Status: New => Invalid -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1956575 Title: [Regression] Focal kernel 5.4.0-92.103 fails to boot when Secure Encrypted Virtualization(SEV) is enabled Status in linux package in Ubuntu: Confirmed Status in linux source package in Xenial: Invalid Status in linux source package in Bionic: New Status in linux source package in Focal: In Progress Status in linux source package in Hirsute: Invalid Bug description: [Impact] The latest Focal kernel (linux-image-5.4.0-92-generic) fails to boot when SEV is enabled. The kernel panics with the following backtrace : [1.531125] ledtrig-cpu: registered to indicate activity on CPUs [1.531760] EFI Variables Facility v0.08 2004-May-17 [1.532575] general protection fault: [#1] SMP NOPTI [1.533116] CPU: 11 PID: 1 Comm: swapper/0 Not tainted 5.4.157-debug6 #15 [1.533788] Hardware name: Scaleway SCW-ENT1-L, BIOS 0.0.0 02/06/2015 [1.534429] RIP: 0010:efi_mokvar_sysfs_init+0x9d/0x184 [1.534949] Code: 00 48 85 c0 0f 85 b3 00 00 00 48 c7 c7 b0 db e2 a1 41 bd f4 ff ff ff e8 98 90 16 ff e9 e6 00 00 00 48 85 d2 0f 85 a5 00 00 00 <80> 3b 00 0f 84 b5 00 00 00 48 85 db 0f 84 ac 00 00 00 48 8b 3d 85 [1.535120] RSP: 0018:b96e4001bdf8 EFLAGS: 00010202 [1.535120] RAX: b6262a23e510e179 RBX: b625e392251db281 RCX: [1.535120] RDX: b96e400cd000 RSI: 978437e5dc38 RDI: a2121860 [1.535120] RBP: b96e4001be10 R08: R09: 0228 [1.538947] R10: 0001 R11: R12: 978437e555a0 [1.538947] R13: R14: R15: [1.538947] FS: () GS:97843f6c() knlGS: [1.538947] CS: 0010 DS: ES: CR0: 80050033 [1.538947] CR2: CR3: 00080011a060a001 CR4: 00360ee0 [1.538947] Call Trace: [1.538947] ? efi_rci2_sysfs_init+0x29a/0x29a [1.538947] do_one_initcall+0x4a/0x200 [1.538947] kernel_init_freeable+0x1c0/0x263 [1.538947] ? rest_init+0xb0/0xb0 [1.538947] kernel_init+0xe/0x110 [1.538947] ret_from_fork+0x22/0x40 [1.538947] Modules linked in: [1.545871] ---[ end trace 815dc8177e65da02 ]--- [1.546328] RIP: 0010:efi_mokvar_sysfs_init+0x9d/0x184 [1.546872] Code: 00 48 85 c0 0f 85 b3 00 00 00 48 c7 c7 b0 db e2 a1 41 bd f4 ff ff ff e8 98 90 16 ff e9 e6 00 00 00 48 85 d2 0f 85 a5 00 00 00 <80> 3b 00 0f 84 b5 00 00 00 48 85 db 0f 84 ac 00 00 00 48 8b 3d 85 [1.548703] RSP: 0018:b96e4001bdf8 EFLAGS: 00010202 [1.549218] RAX: b6262a23e510e179 RBX: b625e392251db281 RCX: [1.549916] RDX: b96e400cd000 RSI: 978437e5dc38 RDI: a2121860 [1.550617] RBP: b96e4001be10 R08: R09: 0228 [1.551337] R10: 0001 R11: R12: 978437e555a0 [1.552036] R13: R14: R15: [1.552737] FS: () GS:97843f6c() knlGS: [1.553529] CS: 0010 DS: ES: CR0: 80050033 [1.554093] CR2: CR3: 00080011a060a001 CR4: 00360ee0 [1.554818] Kernel panic - not syncing: Attempted to kill init! exitcode=0x000b [1.555335] Kernel Offset: 0x1fa0 from 0x8100 (relocation range: 0x8000-0xbfff) [1.555335] ---[ end Kernel panic - not syncing: Attempted to kill init! exitcode=0x000b ]--- - The previous kernel (linux-image-5.4.0-91-generic) boots correctly with SEV. Bisection of the kernels b/w 5.4.0-91 and 5.4.0-92 identified the following commit as the source of regresssion : # git bisect good 7ca05228f713c24eb55574b36e32d9b54c5a1b76 is the first bad commit commit 7ca05228f713c24eb55574b36e32d9b54c5a1b76 Author: Lenny Szubowicz Date: Fri Sep 4 21:31:05 2020 -0400 efi: Support for MOK variable config table BugLink: https://bugs.launchpad.net/bugs/1928679 ... Since the panic happens in very early stages of boot, no trace of the panic is present in the log files and apparently it is not possible to collect a kernel crash dump, the crashkernel has not been enabled yet. [Test case] The kernel need to boot properly with SEV enabled. [Potential regression] The fix is very specific and restricted and should cause regressions, however it touches ioremap that is widely used. To manage notifications about this bug go to: https://bugs.launchpad.net/ubu
[Group.of.nepali.translators] [Bug 1956575] Re: [Regression] Focal kernel 5.4.0-92.103 fails to boot when Secure Encrypted Virtualization(SEV) is enabled
The 5.11 hirsute kernel already contains the fix, so I'm marking it as invalid: https://git.launchpad.net/~ubuntu- kernel/ubuntu/+source/linux/+git/hirsute/commit/?id=929ece70ad54afc1ca090ea1914b79def67137c1 ** Description changed: + [Impact] + The latest Focal kernel (linux-image-5.4.0-92-generic) fails to boot when SEV is enabled. The kernel panics with the following backtrace : [1.531125] ledtrig-cpu: registered to indicate activity on CPUs [1.531760] EFI Variables Facility v0.08 2004-May-17 [1.532575] general protection fault: [#1] SMP NOPTI [1.533116] CPU: 11 PID: 1 Comm: swapper/0 Not tainted 5.4.157-debug6 #15 [1.533788] Hardware name: Scaleway SCW-ENT1-L, BIOS 0.0.0 02/06/2015 [1.534429] RIP: 0010:efi_mokvar_sysfs_init+0x9d/0x184 [1.534949] Code: 00 48 85 c0 0f 85 b3 00 00 00 48 c7 c7 b0 db e2 a1 41 bd f4 ff ff ff e8 98 90 16 ff e9 e6 00 00 00 48 85 d2 0f 85 a5 00 00 00 <80> 3b 00 0f 84 b5 00 00 00 48 85 db 0f 84 ac 00 00 00 48 8b 3d 85 [1.535120] RSP: 0018:b96e4001bdf8 EFLAGS: 00010202 [1.535120] RAX: b6262a23e510e179 RBX: b625e392251db281 RCX: [1.535120] RDX: b96e400cd000 RSI: 978437e5dc38 RDI: a2121860 [1.535120] RBP: b96e4001be10 R08: R09: 0228 [1.538947] R10: 0001 R11: R12: 978437e555a0 [1.538947] R13: R14: R15: [1.538947] FS: () GS:97843f6c() knlGS: [1.538947] CS: 0010 DS: ES: CR0: 80050033 [1.538947] CR2: CR3: 00080011a060a001 CR4: 00360ee0 [1.538947] Call Trace: [1.538947] ? efi_rci2_sysfs_init+0x29a/0x29a [1.538947] do_one_initcall+0x4a/0x200 [1.538947] kernel_init_freeable+0x1c0/0x263 [1.538947] ? rest_init+0xb0/0xb0 [1.538947] kernel_init+0xe/0x110 [1.538947] ret_from_fork+0x22/0x40 [1.538947] Modules linked in: [1.545871] ---[ end trace 815dc8177e65da02 ]--- [1.546328] RIP: 0010:efi_mokvar_sysfs_init+0x9d/0x184 [1.546872] Code: 00 48 85 c0 0f 85 b3 00 00 00 48 c7 c7 b0 db e2 a1 41 bd f4 ff ff ff e8 98 90 16 ff e9 e6 00 00 00 48 85 d2 0f 85 a5 00 00 00 <80> 3b 00 0f 84 b5 00 00 00 48 85 db 0f 84 ac 00 00 00 48 8b 3d 85 [1.548703] RSP: 0018:b96e4001bdf8 EFLAGS: 00010202 [1.549218] RAX: b6262a23e510e179 RBX: b625e392251db281 RCX: [1.549916] RDX: b96e400cd000 RSI: 978437e5dc38 RDI: a2121860 [1.550617] RBP: b96e4001be10 R08: R09: 0228 [1.551337] R10: 0001 R11: R12: 978437e555a0 [1.552036] R13: R14: R15: [1.552737] FS: () GS:97843f6c() knlGS: [1.553529] CS: 0010 DS: ES: CR0: 80050033 [1.554093] CR2: CR3: 00080011a060a001 CR4: 00360ee0 [1.554818] Kernel panic - not syncing: Attempted to kill init! exitcode=0x000b [1.555335] Kernel Offset: 0x1fa0 from 0x8100 (relocation range: 0x8000-0xbfff) [1.555335] ---[ end Kernel panic - not syncing: Attempted to kill init! exitcode=0x000b ]--- - The previous kernel (linux-image-5.4.0-91-generic) boots correctly with SEV. Bisection of the kernels b/w 5.4.0-91 and 5.4.0-92 identified the following commit as the source of regresssion : # git bisect good 7ca05228f713c24eb55574b36e32d9b54c5a1b76 is the first bad commit commit 7ca05228f713c24eb55574b36e32d9b54c5a1b76 Author: Lenny Szubowicz Date: Fri Sep 4 21:31:05 2020 -0400 - efi: Support for MOK variable config table - - BugLink: https://bugs.launchpad.net/bugs/1928679 - + efi: Support for MOK variable config table + + BugLink: https://bugs.launchpad.net/bugs/1928679 + ... Since the panic happens in very early stages of boot, no trace of the panic is present in the log files and apparently it is not possible to collect a kernel crash dump, the crashkernel has not been enabled yet. + + [Test case] + + The kernel need to boot properly with SEV enabled. + + [Potential regression] + + The fix is very specific and restricted and should cause regressions, + however it touches ioremap that is widely used. ** Changed in: linux (Ubuntu Focal) Status: Confirmed => In Progress ** Changed in: linux (Ubuntu Hirsute) Status: New => Invalid ** Changed in: linux (Ubuntu Focal) Importance: Undecided => High -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1956575 Titl
[Group.of.nepali.translators] [Bug 1832182] Re: systemd unable to detect running apache if invoked via "apache2ctl graceful"
This bug was fixed in the package apache2 - 2.4.41-4ubuntu3.9 --- apache2 (2.4.41-4ubuntu3.9) focal-security; urgency=medium * SECURITY UPDATE: DoS or SSRF via forward proxy - debian/patches/CVE-2021-44224-1.patch: enforce that fully qualified uri-paths not to be forward-proxied have an http(s) scheme, and that the ones to be forward proxied have a hostname in include/http_protocol.h, modules/http/http_request.c, modules/http2/h2_request.c, modules/proxy/mod_proxy.c, modules/proxy/proxy_util.c, server/protocol.c. - debian/patches/CVE-2021-44224-2.patch: don't prevent forwarding URIs w/ no hostname in modules/proxy/mod_proxy.c, modules/proxy/proxy_util.c. - CVE-2021-44224 * SECURITY UPDATE: overflow in mod_lua multipart parser - debian/patches/CVE-2021-44790.patch: improve error handling in modules/lua/lua_request.c. - CVE-2021-44790 -- Marc Deslauriers Wed, 05 Jan 2022 09:49:56 -0500 ** Changed in: apache2 (Ubuntu Focal) Status: Triaged => Fix Released ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-44224 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-44790 ** Changed in: apache2 (Ubuntu Bionic) Status: Triaged => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1832182 Title: systemd unable to detect running apache if invoked via "apache2ctl graceful" Status in apache2 package in Ubuntu: Triaged Status in apache2 source package in Xenial: Won't Fix Status in apache2 source package in Bionic: Fix Released Status in apache2 source package in Focal: Fix Released Status in apache2 source package in Groovy: Won't Fix Status in apache2 source package in Hirsute: Triaged Status in apache2 source package in Impish: Triaged Status in apache2 source package in Jammy: Triaged Status in apache2 package in Debian: New Bug description: [Impact] Unattended upgrade will attempt to gracefully reload the Apache2 httpd service, but it reloads apache directly, not via systemd, so systemctl will mis-report the true status. This can cause unexpected and unnecessary server outages when e.g. upgrading from one LTS to another. [Test Case] root@server:/usr/local/sbin# apache2ctl stop root@server:/usr/local/sbin# apache2ctl graceful httpd not running, trying to start root@server:/usr/local/sbin# systemctl status apache2.service ? apache2.service - The Apache HTTP Server Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled) Drop-In: /lib/systemd/system/apache2.service.d +-apache2-systemd.conf Active: inactive (dead) since Mon 2019-06-10 01:04:13 MDT; 17s ago Process: 27370 ExecStop=/usr/sbin/apachectl stop (code=exited, status=0/SUCCESS) Process: 11462 ExecReload=/usr/sbin/apachectl graceful (code=exited, status=0/SUCCESS) Main PID: 1849 (code=exited, status=0/SUCCESS) Jun 08 19:11:24 server apachectl[1408]: AH00112: Warning: DocumentRoot [/srv/apache2/www/... Jun 08 19:11:24 server apachectl[1408]: AH00112: Warning: DocumentRoot [/srv/apache2/www/... Jun 08 19:11:24 server apachectl[1408]: AH00112: Warning: DocumentRoot [/srv/apache2/www/... Jun 08 19:11:24 server apachectl[1408]: AH00112: Warning: DocumentRoot [/srv/apache2/www/... Jun 08 19:11:24 server apachectl[1408]: AH00112: Warning: DocumentRoot [/srv/apache2/www/... Jun 08 19:11:24 server apachectl[1408]: AH00112: Warning: DocumentRoot [/srv/apache2/www/... Jun 08 19:11:24 server systemd[1]: Started The Apache HTTP Server. Jun 09 06:25:04 server systemd[1]: Reloading The Apache HTTP Server. Jun 09 06:25:04 server systemd[1]: Reloaded The Apache HTTP Server. Jun 10 01:04:13 server apachectl[27370]: httpd (no pid file) not running Output after customizing the apache2ctl script and restarting it: root@server:/usr/local/sbin# apache2ctl_custom graceful Invoking 'systemctl start apache2'. Use 'systemctl status apache2' for more info. root@server:/usr/local/sbin# systemctl status apache2.service ? apache2.service - The Apache HTTP Server Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled) Drop-In: /lib/systemd/system/apache2.service.d +-apache2-systemd.conf Active: active (running) since Mon 2019-06-10 01:04:50 MDT; 4s ago Process: 27370 ExecStop=/usr/sbin/apachectl stop (code=exited, status=0/SUCCESS) Process: 11462 ExecReload=/usr/sbin/apachectl graceful (code=exited, status=0/SUCCESS) Process: 27432 ExecStart=/usr/sbin/apachectl start (code=exited, status=0/SUCCESS) Main PID: 27444 (apache2) Tasks: 6 (limit: 2318) CGroup: /system.slice/apache2.service +-27444 /usr/sbin/apache2 -k start +-
