[ubuntu/trusty-security] linux-meta-lts-xenial 4.4.0.143.126 (Accepted)
linux-meta-lts-xenial (4.4.0.143.126) trusty; urgency=medium * linux-signed-generic-lts-xenial 4.4.0-143 depends on linux-generic instead of linux-generic-lts-xenial (LP: #1820526) - [Packaging] Fix signed-meta dependencies linux-meta-lts-xenial (4.4.0.143.125) trusty; urgency=medium * SRU Request: nvidia-*: nvidia-* kernel module failed to build [error: too many arguments to function ‘get_user_pages’] (LP: #1573508) - Add breaks for nvidia and virtualbox * virtualbox dkms modules fail to build with linux 4.4.0-143.169 [error: too many arguments to function ‘get_user_pages’] (LP: #1818049) - Add breaks for nvidia and virtualbox linux-meta-lts-xenial (4.4.0.143.124) trusty; urgency=medium * signing: only install a signed kernel (LP: #1764794) - switch to signed-only binary packages - convert linux-signed* into transitional packages linux-meta-lts-xenial (4.4.0.143.123) trusty; urgency=medium * Bump ABI 4.4.0-143 Date: 2019-03-19 12:29:12.616952+00:00 Changed-By: Stefan Bader Signed-By: Łukasz Zemczak https://launchpad.net/ubuntu/+source/linux-meta-lts-xenial/4.4.0.143.126 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/trusty-changes
[ubuntu/trusty-updates] linux-meta-lts-xenial 4.4.0.143.126 (Accepted)
linux-meta-lts-xenial (4.4.0.143.126) trusty; urgency=medium * linux-signed-generic-lts-xenial 4.4.0-143 depends on linux-generic instead of linux-generic-lts-xenial (LP: #1820526) - [Packaging] Fix signed-meta dependencies linux-meta-lts-xenial (4.4.0.143.125) trusty; urgency=medium * SRU Request: nvidia-*: nvidia-* kernel module failed to build [error: too many arguments to function ‘get_user_pages’] (LP: #1573508) - Add breaks for nvidia and virtualbox * virtualbox dkms modules fail to build with linux 4.4.0-143.169 [error: too many arguments to function ‘get_user_pages’] (LP: #1818049) - Add breaks for nvidia and virtualbox linux-meta-lts-xenial (4.4.0.143.124) trusty; urgency=medium * signing: only install a signed kernel (LP: #1764794) - switch to signed-only binary packages - convert linux-signed* into transitional packages linux-meta-lts-xenial (4.4.0.143.123) trusty; urgency=medium * Bump ABI 4.4.0-143 Date: 2019-03-19 12:29:12.616952+00:00 Changed-By: Stefan Bader Signed-By: Łukasz Zemczak https://launchpad.net/ubuntu/+source/linux-meta-lts-xenial/4.4.0.143.126 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/trusty-changes
[ubuntu/trusty-proposed] linux-signed-azure 4.15.0-1041.45~14.04.1 (Accepted)
linux-signed-azure (4.15.0-1041.45~14.04.1) trusty; urgency=medium * Master version: 4.15.0-1041.45~14.04.1 Date: 2019-03-18 15:30:09.426656+00:00 Changed-By: Khaled El Mously Signed-By: Łukasz Zemczak https://launchpad.net/ubuntu/+source/linux-signed-azure/4.15.0-1041.45~14.04.1 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/trusty-changes
[ubuntu/trusty-proposed] linux-meta-azure 4.15.0.1041.28 (Accepted)
linux-meta-azure (4.15.0.1041.28) trusty; urgency=medium * Bump ABI 4.15.0-1041 Date: 2019-03-20 15:32:11.585298+00:00 Changed-By: Kleber Sacilotto de Souza Signed-By: Łukasz Zemczak https://launchpad.net/ubuntu/+source/linux-meta-azure/4.15.0.1041.28 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/trusty-changes
[ubuntu/trusty-proposed] linux-azure_4.15.0-1041.45~14.04.1_amd64.tar.gz - (Accepted)
linux-azure (4.15.0-1041.45~14.04.1) trusty; urgency=medium
* linux-azure: 4.15.0-1041.45~14.04.1 -proposed tracker (LP: #1819711)
* Disable ZFS (LP: #1817740)
- Packaging: Really disable ZFS
* Strip specific changes from update-from-*master (LP: #1817734)
- Packaging: Introduce copy-files and local-mangle
- Packaging: Make update-from-*master call copy-files
[ Ubuntu: 4.15.0-1041.45 ]
* linux-azure: 4.15.0-1041.45 -proposed tracker (LP: #1819713)
* Packaging resync (LP: #1786013)
- [Packaging] update helper scripts
* Add CONFIG_NO_HZ_FULL=y to linux-azure kernels (LP: #1818138)
- [Config] linux-azure: CONFIG_NO_HZ_FULL=y
* linux: 4.15.0-47.50 -proposed tracker (LP: #1819716)
* Packaging resync (LP: #1786013)
- [Packaging] resync getabis
- [Packaging] update helper scripts
- [Packaging] resync retpoline extraction
* C++ demangling support missing from perf (LP: #1396654)
- [Packaging] fix a mistype
* arm-smmu-v3 arm-smmu-v3.3.auto: CMD_SYNC timeout (LP: #1818162)
- iommu/arm-smmu-v3: Fix unexpected CMD_SYNC timeout
* Crash in nvme_irq_check() when using threaded interrupts (LP: #1818747)
- nvme-pci: fix out of bounds access in nvme_cqe_pending
* CVE-2019-9213
- mm: enforce min addr even if capable() in expand_downwards()
* CVE-2019-3460
- Bluetooth: Check L2CAP option sizes returned from l2cap_get_conf_opt
* amdgpu with mst WARNING on blanking (LP: #1814308)
- drm/amd/display: Don't use dc_link in link_encoder
- drm/amd/display: Move wait for hpd ready out from edp power control.
- drm/amd/display: eDP sequence BL off first then DP blank.
- drm/amd/display: Fix unused variable compilation error
- drm/amd/display: Fix warning about misaligned code
- drm/amd/display: Fix MST dp_blank REG_WAIT timeout
* tun/tap: unable to manage carrier state from userland (LP: #1806392)
- tun: implement carrier change
* CVE-2019-8980
- exec: Fix mem leak in kernel_read_file
* raw_skew in timer from the ubuntu_kernel_selftests failed on Bionic
(LP: #1811194)
- selftest: timers: Tweak raw_skew to SKIP when ADJ_OFFSET/other clock
adjustments are in progress
* [Packaging] Allow overlay of config annotations (LP: #1752072)
- [Packaging] config-check: Add an include directive
* CVE-2019-7308
- bpf: move {prev_,}insn_idx into verifier env
- bpf: move tmp variable into ax register in interpreter
- bpf: enable access to ax register also from verifier rewrite
- bpf: restrict map value pointer arithmetic for unprivileged
- bpf: restrict stack pointer arithmetic for unprivileged
- bpf: restrict unknown scalars of mixed signed bounds for unprivileged
- bpf: fix check_map_access smin_value test when pointer contains offset
- bpf: prevent out of bounds speculation on pointer arithmetic
- bpf: fix sanitation of alu op with pointer / scalar type from different
paths
- bpf: add various test cases to selftests
* CVE-2017-5753
- bpf: properly enforce index mask to prevent out-of-bounds speculation
- bpf: fix inner map masking to prevent oob under speculation
* BPF: kernel pointer leak to unprivileged userspace (LP: #1815259)
- bpf/verifier: disallow pointer subtraction
* squashfs hardening (LP: #1816756)
- squashfs: more metadata hardening
- squashfs metadata 2: electric boogaloo
- squashfs: more metadata hardening
- Squashfs: Compute expected length from inode size rather than block length
* efi/arm/arm64: Allow SetVirtualAddressMap() to be omitted (LP: #1814982)
- efi/arm/arm64: Allow SetVirtualAddressMap() to be omitted
* Update ENA driver to version 2.0.3K (LP: #1816806)
- net: ena: update driver version from 2.0.2 to 2.0.3
- net: ena: fix race between link up and device initalization
- net: ena: fix crash during failed resume from hibernation
* ipset kernel error: 4.15.0-43-generic (LP: #1811394)
- netfilter: ipset: Fix wraparound in hash:*net* types
* Silent "Unknown key" message when pressing keyboard backlight hotkey
(LP: #1817063)
- platform/x86: dell-wmi: Ignore new keyboard backlight change event
* CVE-2018-18021
- arm64: KVM: Tighten guest core register access from userspace
- KVM: arm/arm64: Introduce vcpu_el1_is_32bit
- arm64: KVM: Sanitize PSTATE.M when being set from userspace
* CVE-2018-14678
- x86/entry/64: Remove %ebx handling from error_entry/exit
* CVE-2018-19824
- ALSA: usb-audio: Fix UAF decrement if card has no live interfaces in
card.c
* CVE-2019-3459
- Bluetooth: Verify that l2cap_get_conf_opt provides large enough buffer
* Bionic update: upstream stable patchset 2019-02-08 (LP: #1815234)
- fork: unconditionally clear stack on fork
- spi: spi-s3c64xx: Fix system resume support
- Input: elan_i2c - add ACPI ID for lenovo ideapad 330
- Input: i8042 - add Lenovo LaVie Z to the i8042 reset list
- Input: elan_i2c
[ubuntu/trusty-proposed] linux-azure 4.15.0-1041.45~14.04.1 (Accepted)
linux-azure (4.15.0-1041.45~14.04.1) trusty; urgency=medium
* linux-azure: 4.15.0-1041.45~14.04.1 -proposed tracker (LP: #1819711)
* Disable ZFS (LP: #1817740)
- Packaging: Really disable ZFS
* Strip specific changes from update-from-*master (LP: #1817734)
- Packaging: Introduce copy-files and local-mangle
- Packaging: Make update-from-*master call copy-files
[ Ubuntu: 4.15.0-1041.45 ]
* linux-azure: 4.15.0-1041.45 -proposed tracker (LP: #1819713)
* Packaging resync (LP: #1786013)
- [Packaging] update helper scripts
* Add CONFIG_NO_HZ_FULL=y to linux-azure kernels (LP: #1818138)
- [Config] linux-azure: CONFIG_NO_HZ_FULL=y
* linux: 4.15.0-47.50 -proposed tracker (LP: #1819716)
* Packaging resync (LP: #1786013)
- [Packaging] resync getabis
- [Packaging] update helper scripts
- [Packaging] resync retpoline extraction
* C++ demangling support missing from perf (LP: #1396654)
- [Packaging] fix a mistype
* arm-smmu-v3 arm-smmu-v3.3.auto: CMD_SYNC timeout (LP: #1818162)
- iommu/arm-smmu-v3: Fix unexpected CMD_SYNC timeout
* Crash in nvme_irq_check() when using threaded interrupts (LP: #1818747)
- nvme-pci: fix out of bounds access in nvme_cqe_pending
* CVE-2019-9213
- mm: enforce min addr even if capable() in expand_downwards()
* CVE-2019-3460
- Bluetooth: Check L2CAP option sizes returned from l2cap_get_conf_opt
* amdgpu with mst WARNING on blanking (LP: #1814308)
- drm/amd/display: Don't use dc_link in link_encoder
- drm/amd/display: Move wait for hpd ready out from edp power control.
- drm/amd/display: eDP sequence BL off first then DP blank.
- drm/amd/display: Fix unused variable compilation error
- drm/amd/display: Fix warning about misaligned code
- drm/amd/display: Fix MST dp_blank REG_WAIT timeout
* tun/tap: unable to manage carrier state from userland (LP: #1806392)
- tun: implement carrier change
* CVE-2019-8980
- exec: Fix mem leak in kernel_read_file
* raw_skew in timer from the ubuntu_kernel_selftests failed on Bionic
(LP: #1811194)
- selftest: timers: Tweak raw_skew to SKIP when ADJ_OFFSET/other clock
adjustments are in progress
* [Packaging] Allow overlay of config annotations (LP: #1752072)
- [Packaging] config-check: Add an include directive
* CVE-2019-7308
- bpf: move {prev_,}insn_idx into verifier env
- bpf: move tmp variable into ax register in interpreter
- bpf: enable access to ax register also from verifier rewrite
- bpf: restrict map value pointer arithmetic for unprivileged
- bpf: restrict stack pointer arithmetic for unprivileged
- bpf: restrict unknown scalars of mixed signed bounds for unprivileged
- bpf: fix check_map_access smin_value test when pointer contains offset
- bpf: prevent out of bounds speculation on pointer arithmetic
- bpf: fix sanitation of alu op with pointer / scalar type from different
paths
- bpf: add various test cases to selftests
* CVE-2017-5753
- bpf: properly enforce index mask to prevent out-of-bounds speculation
- bpf: fix inner map masking to prevent oob under speculation
* BPF: kernel pointer leak to unprivileged userspace (LP: #1815259)
- bpf/verifier: disallow pointer subtraction
* squashfs hardening (LP: #1816756)
- squashfs: more metadata hardening
- squashfs metadata 2: electric boogaloo
- squashfs: more metadata hardening
- Squashfs: Compute expected length from inode size rather than block length
* efi/arm/arm64: Allow SetVirtualAddressMap() to be omitted (LP: #1814982)
- efi/arm/arm64: Allow SetVirtualAddressMap() to be omitted
* Update ENA driver to version 2.0.3K (LP: #1816806)
- net: ena: update driver version from 2.0.2 to 2.0.3
- net: ena: fix race between link up and device initalization
- net: ena: fix crash during failed resume from hibernation
* ipset kernel error: 4.15.0-43-generic (LP: #1811394)
- netfilter: ipset: Fix wraparound in hash:*net* types
* Silent "Unknown key" message when pressing keyboard backlight hotkey
(LP: #1817063)
- platform/x86: dell-wmi: Ignore new keyboard backlight change event
* CVE-2018-18021
- arm64: KVM: Tighten guest core register access from userspace
- KVM: arm/arm64: Introduce vcpu_el1_is_32bit
- arm64: KVM: Sanitize PSTATE.M when being set from userspace
* CVE-2018-14678
- x86/entry/64: Remove %ebx handling from error_entry/exit
* CVE-2018-19824
- ALSA: usb-audio: Fix UAF decrement if card has no live interfaces in
card.c
* CVE-2019-3459
- Bluetooth: Verify that l2cap_get_conf_opt provides large enough buffer
* Bionic update: upstream stable patchset 2019-02-08 (LP: #1815234)
- fork: unconditionally clear stack on fork
- spi: spi-s3c64xx: Fix system resume support
- Input: elan_i2c - add ACPI ID for lenovo ideapad 330
- Input: i8042 - add Lenovo LaVie Z to the i8042 reset list
- Input: elan_i2c
