[Bug 1864669] Re: overlayfs regression - internal getxattr operations without sepolicy checking
Ubuntu 19.10 (Eoan Ermine) has reached end of life, so this bug will not be fixed for that specific release. ** Changed in: linux-aws (Ubuntu Eoan) Status: Fix Committed => Won't Fix -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1864669 Title: overlayfs regression - internal getxattr operations without sepolicy checking To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-aws/+bug/1864669/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1864669] Re: overlayfs regression - internal getxattr operations without sepolicy checking
This bug was fixed in the package linux-aws - 4.15.0-1080.84
---
linux-aws (4.15.0-1080.84) bionic; urgency=medium
* bionic/linux-aws: 4.15.0-1080.84 -proposed tracker (LP: #1890686)
* Bionic update: upstream stable patchset 2020-07-17 (LP: #1887990)
- [Config] aws: updateconfigs for EFI_CUSTOM_SSDT_OVERLAYS
* Bionic update: upstream stable patchset 2020-07-24 (LP: #1888907)
- [Config] aws: updateconfigs for BLK_DEV_SR_VENDOR
* Packaging resync (LP: #1786013)
- [Packaging] update helper scripts
- [Packaging] update update.conf
* overlayfs regression - internal getxattr operations without sepolicy
checking (LP: #1864669)
- SAUCE: overlayfs: internal getxattr operations without sepolicy checking
[ Ubuntu: 4.15.0-114.115 ]
* bionic/linux: 4.15.0-114.115 -proposed tracker (LP: #1891052)
* ipsec: policy priority management is broken (LP: #1890796)
- xfrm: policy: match with both mark and mask on user interfaces
[ Ubuntu: 4.15.0-113.114 ]
* bionic/linux: 4.15.0-113.114 -proposed tracker (LP: #1890705)
* Packaging resync (LP: #1786013)
- update dkms package versions
* Reapply "usb: handle warm-reset port requests on hub resume" (LP: #1859873)
- usb: handle warm-reset port requests on hub resume
* Bionic update: upstream stable patchset 2020-07-29 (LP: #1889474)
- gpio: arizona: handle pm_runtime_get_sync failure case
- gpio: arizona: put pm_runtime in case of failure
- pinctrl: amd: fix npins for uart0 in kerncz_groups
- mac80211: allow rx of mesh eapol frames with default rx key
- scsi: scsi_transport_spi: Fix function pointer check
- xtensa: fix __sync_fetch_and_{and,or}_4 declarations
- xtensa: update *pos in cpuinfo_op.next
- drivers/net/wan/lapbether: Fixed the value of hard_header_len
- net: sky2: initialize return of gm_phy_read
- drm/nouveau/i2c/g94-: increase NV_PMGR_DP_AUXCTL_TRANSACTREQ timeout
- irqdomain/treewide: Keep firmware node unconditionally allocated
- SUNRPC reverting d03727b248d0 ("NFSv4 fix CLOSE not waiting for direct IO
compeletion")
- spi: spi-fsl-dspi: Exit the ISR with IRQ_NONE when it's not ours
- IB/umem: fix reference count leak in ib_umem_odp_get()
- uprobes: Change handle_swbp() to send SIGTRAP with si_code=SI_KERNEL, to
fix
GDB regression
- ALSA: info: Drop WARN_ON() from buffer NULL sanity check
- ASoC: rt5670: Correct RT5670_LDO_SEL_MASK
- btrfs: fix double free on ulist after backref resolution failure
- btrfs: fix mount failure caused by race with umount
- btrfs: fix page leaks after failure to lock page for delalloc
- bnxt_en: Fix race when modifying pause settings.
- hippi: Fix a size used in a 'pci_free_consistent()' in an error handling
path
- ax88172a: fix ax88172a_unbind() failures
- net: dp83640: fix SIOCSHWTSTAMP to update the struct with actual
configuration
- drm: sun4i: hdmi: Fix inverted HPD result
- net: smc91x: Fix possible memory leak in smc_drv_probe()
- bonding: check error value of register_netdevice() immediately
- mlxsw: destroy workqueue when trap_register in mlxsw_emad_init
- ipvs: fix the connection sync failed in some cases
- i2c: rcar: always clear ICSAR to avoid side effects
- bonding: check return value of register_netdevice() in bond_newlink()
- serial: exar: Fix GPIO configuration for Sealevel cards based on XR17V35X
- scripts/decode_stacktrace: strip basepath from all paths
- HID: i2c-hid: add Mediacom FlexBook edge13 to descriptor override
- HID: apple: Disable Fn-key key-re-mapping on clone keyboards
- dmaengine: tegra210-adma: Fix runtime PM imbalance on error
- Input: add `SW_MACHINE_COVER`
- spi: mediatek: use correct SPI_CFG2_REG MACRO
- regmap: dev_get_regmap_match(): fix string comparison
- hwmon: (aspeed-pwm-tacho) Avoid possible buffer overflow
- dmaengine: ioat setting ioat timeout as module parameter
- Input: synaptics - enable InterTouch for ThinkPad X1E 1st gen
- usb: gadget: udc: gr_udc: fix memleak on error handling path in
gr_ep_init()
- arm64: Use test_tsk_thread_flag() for checking TIF_SINGLESTEP
- x86: math-emu: Fix up 'cmp' insn for clang ias
- binder: Don't use mmput() from shrinker function.
- usb: xhci-mtk: fix the failure of bandwidth allocation
- usb: xhci: Fix ASM2142/ASM3142 DMA addressing
- Revert "cifs: Fix the target file was deleted when rename failed."
- staging: wlan-ng: properly check endpoint types
- staging: comedi: addi_apci_1032: check INSN_CONFIG_DIGITAL_TRIG shift
- staging: comedi: ni_6527: fix INSN_CONFIG_DIGITAL_TRIG support
- staging: comedi: addi_apci_1500: check INSN_CONFIG_DIGITAL_TRIG shift
- staging: comedi: addi_apci_1564: check INSN_CONFIG_DIGITAL_TRIG shift
- serial: 8250: fix null-ptr-deref in serial8250_start_tx()
- serial: 8250_mtk: Fix high-speed baud rates clam
[Bug 1864669] Re: overlayfs regression - internal getxattr operations without sepolicy checking
This bug was fixed in the package linux-aws - 5.4.0-1022.22 --- linux-aws (5.4.0-1022.22) focal; urgency=medium * focal/linux-aws: 5.4.0-1022.22 -proposed tracker (LP: #1890734) * Focal update: v5.4.51 upstream stable release (LP: #1886995) - [Config] aws: updateconfigs for EFI_CUSTOM_SSDT_OVERLAYS * Focal update: v5.4.53 upstream stable release (LP: #1888560) - [Config] aws: updateconfigs for BLK_DEV_SR_VENDOR * Focal update: v5.4.52 upstream stable release (LP: #1887853) - [Packaging] aws: module intel-rapl-perf rename * Packaging resync (LP: #1786013) - [Packaging] update variants - [Packaging] update update.conf * add pvtime support for arm64 guests (LP: #1889282) - arm/arm64: smccc/psci: add arm_smccc_1_1_get_conduit() - arm64: errata: use arm_smccc_1_1_get_conduit() - arm: spectre-v2: use arm_smccc_1_1_get_conduit() - firmware/psci: use common SMCCC_CONDUIT_* - firmware: arm_sdei: use common SMCCC_CONDUIT_* - KVM: arm64: Document PV-time interface - KVM: arm/arm64: Factor out hypercall handling from PSCI code - KVM: arm64: Implement PV_TIME_FEATURES call - KVM: Implement kvm_put_guest() - KVM: arm64: Support stolen time reporting via shared structure - KVM: Allow kvm_device_ops to be const - KVM: arm64: Provide VCPU attributes for stolen time - arm/arm64: Provide a wrapper for SMCCC 1.1 calls - arm/arm64: Make use of the SMCCC 1.1 wrapper - arm64: Retrieve stolen time as paravirtualized guest * overlayfs regression - internal getxattr operations without sepolicy checking (LP: #1864669) - SAUCE: overlayfs: internal getxattr operations without sepolicy checking [ Ubuntu: 5.4.0-44.48 ] * focal/linux: 5.4.0-44.48 -proposed tracker (LP: #1891049) * Packaging resync (LP: #1786013) - [Packaging] update helper scripts * ipsec: policy priority management is broken (LP: #1890796) - xfrm: policy: match with both mark and mask on user interfaces [ Ubuntu: 5.4.0-43.47 ] * focal/linux: 5.4.0-43.47 -proposed tracker (LP: #1890746) * Packaging resync (LP: #1786013) - update dkms package versions * Devlink - add RoCE disable kernel support (LP: #1877270) - devlink: Add new "enable_roce" generic device param - net/mlx5: Document flow_steering_mode devlink param - net/mlx5: Handle "enable_roce" devlink param - IB/mlx5: Rename profile and init methods - IB/mlx5: Load profile according to RoCE enablement state - net/mlx5: Remove unneeded variable in mlx5_unload_one - net/mlx5: Add devlink reload - IB/mlx5: Do reverse sequence during device removal * msg_zerocopy.sh in net from ubuntu_kernel_selftests failed (LP: #1812620) - selftests/net: relax cpu affinity requirement in msg_zerocopy test * Enlarge hisi_sec2 capability (LP: #1890222) - Revert "UBUNTU: [Config] Disable hisi_sec2 temporarily" - crypto: hisilicon - update SEC driver module parameter * Fix missing HDMI/DP Audio on an HP Desktop (LP: #1890441) - ALSA: hda/hdmi: Add quirk to force connectivity * Fix IOMMU error on AMD Radeon Pro W5700 (LP: #1890306) - PCI: Mark AMD Navi10 GPU rev 0x00 ATS as broken * ASoC:amd:renoir: the dmic can't record sound after suspend and resume (LP: #1890220) - SAUCE: ASoC: amd: renoir: restore two more registers during resume * No sound, Dummy output on Acer Swift 3 SF314-57G with Ice Lake core-i7 CPU (LP: #1877757) - ASoC: SOF: Intel: hda: fix generic hda codec support * Fix right speaker of HP laptop (LP: #1889375) - SAUCE: hda/realtek: Fix right speaker of HP laptop * blk_update_request error when mount nvme partition (LP: #1872383) - SAUCE: nvme-pci: prevent SK hynix PC400 from using Write Zeroes command * soc/amd/renoir: detect dmic from acpi table (LP: #1887734) - ASoC: amd: add logic to check dmic hardware runtime - ASoC: amd: add ACPI dependency check - ASoC: amd: fixed kernel warnings * soc/amd/renoir: change the module name to make it work with ucm3 (LP: #1888166) - AsoC: amd: add missing snd- module prefix to the acp3x-rn driver kernel module - SAUCE: remove a kernel module since its name is changed * Focal update: v5.4.55 upstream stable release (LP: #1890343) - AX.25: Fix out-of-bounds read in ax25_connect() - AX.25: Prevent out-of-bounds read in ax25_sendmsg() - dev: Defer free of skbs in flush_backlog - drivers/net/wan/x25_asy: Fix to make it work - ip6_gre: fix null-ptr-deref in ip6gre_init_net() - net-sysfs: add a newline when printing 'tx_timeout' by sysfs - net: udp: Fix wrong clean up for IS_UDPLITE macro - qrtr: orphan socket in qrtr_release() - rtnetlink: Fix memory(net_device) leak when ->newlink fails - rxrpc: Fix sendmsg() returning EPIPE due to recvmsg() returning ENODATA - tcp: allow at most one TLP probe per flight - AX.25: Prevent integer overflows in connect and sendmsg -
[Bug 1864669] Re: overlayfs regression - internal getxattr operations without sepolicy checking
** Changed in: linux-aws (Ubuntu Focal) Status: In Progress => Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1864669 Title: overlayfs regression - internal getxattr operations without sepolicy checking To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-aws/+bug/1864669/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1864669] Re: overlayfs regression - internal getxattr operations without sepolicy checking
** Changed in: linux-aws (Ubuntu Bionic) Status: In Progress => Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1864669 Title: overlayfs regression - internal getxattr operations without sepolicy checking To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-aws/+bug/1864669/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1864669] Re: overlayfs regression - internal getxattr operations without sepolicy checking
** Changed in: linux-aws (Ubuntu Eoan) Status: In Progress => Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1864669 Title: overlayfs regression - internal getxattr operations without sepolicy checking To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-aws/+bug/1864669/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1864669] Re: overlayfs regression - internal getxattr operations without sepolicy checking
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: linux-aws (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1864669 Title: overlayfs regression - internal getxattr operations without sepolicy checking To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-aws/+bug/1864669/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1864669] Re: overlayfs regression - internal getxattr operations without sepolicy checking
** Summary changed: - [linux-azure] overlayfs regression - internal getxattr operations without sepolicy checking + overlayfs regression - internal getxattr operations without sepolicy checking -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1864669 Title: overlayfs regression - internal getxattr operations without sepolicy checking To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-aws/+bug/1864669/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
