[Bug 1806672] Re: linux-azure: 4.15.0-1036.38~16.04.1 -proposed tracker

[Launchpad Bug Tracker]

This bug was fixed in the package linux-azure - 4.15.0-1036.38~16.04.1

---------------
linux-azure (4.15.0-1036.38~16.04.1) xenial; urgency=medium

  * linux-azure: 4.15.0-1036.38~16.04.1 -proposed tracker (LP: #1806672)

  * Packaging resync (LP: #1786013)
    - [Packaging] update update.conf

  [ Ubuntu: 4.15.0-1036.38 ]

  * linux-azure: 4.15.0-1036.38 -proposed tracker (LP: #1806665)
  * linux-buildinfo: pull out ABI information into its own package
    (LP: #1806380)
    - [Config] buildinfo -- add retpoline version markers
  * Packaging resync (LP: #1786013)
    - [Packaging] update update.conf
  * linux: 4.15.0-43.46 -proposed tracker (LP: #1806659)
  * System randomly hangs during suspend when mei_wdt is loaded (LP: #1803942)
    - SAUCE: base/dd: limit release function changes to vfio driver only
  * Workaround CSS timeout on AMD SNPS 3.0 xHC (LP: #1806838)
    - xhci: Allow more than 32 quirks
    - xhci: workaround CSS timeout on AMD SNPS 3.0 xHC
  * linux-buildinfo: pull out ABI information into its own package
    (LP: #1806380)
    - [Packaging] limit preparation to linux-libc-dev in headers
    - [Packaging] commonise debhelper invocation
    - [Packaging] ABI -- accumulate abi information at the end of the build
    - [Packaging] buildinfo -- add basic build information
    - [Packaging] buildinfo -- add firmware information to the flavour ABI
    - [Packaging] buildinfo -- add compiler information to the flavour ABI
    - [Packaging] buildinfo -- add buildinfo support to getabis
    - [Config] buildinfo -- add retpoline version markers
  * linux packages should own /usr/lib/linux/triggers (LP: #1770256)
    - [Packaging] own /usr/lib/linux/triggers
  * CVE-2018-12896
    - posix-timers: Sanitize overrun handling
  * CVE-2018-16276
    - USB: yurex: fix out-of-bounds uaccess in read handler
  * CVE-2018-10902
    - ALSA: rawmidi: Change resized buffers atomically
  * CVE-2018-18710
    - cdrom: fix improper type cast, which can leat to information leak.
  * CVE-2018-18690
    - xfs: don't fail when converting shortform attr to long form during
      ATTR_REPLACE
  * CVE-2018-14734
    - infiniband: fix a possible use-after-free bug
  * CVE-2018-18445
    - bpf: 32-bit RSH verification must truncate input before the ALU op
  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts

 -- Marcelo Henrique Cerri <marcelo.ce...@canonical.com>  Fri, 07 Dec
2018 00:54:13 -0200

** Changed in: linux-azure (Ubuntu Xenial)
       Status: Confirmed => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-10902

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-12896

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-14734

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-16276

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-18445

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-18690

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-18710

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1806672

Title:
  linux-azure: 4.15.0-1036.38~16.04.1 -proposed tracker

To manage notifications about this bug go to:
https://bugs.launchpad.net/kernel-sru-workflow/+bug/1806672/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs