UbuntuUpdates.org

Latest Changelogs for all releases

All releases Bionic Focal Jammy Noble Oracular Xenial
Include all PPAs Exclude daily builds PPAs Exclude all PPAs
Include levels: securityupdatesproposedbackportsbase

Note: Only updates for "head" packages where the changelog is available are shown on this page (view all).

libarchive Oct 31st 12:07
Release: jammy Repo: universe Level: security New version: 3.6.0-1ubuntu1.3
Packages in group:  libarchive-tools

  libarchive (3.6.0-1ubuntu1.3) jammy-security; urgency=medium

  * SECURITY UPDATE: code execution via negative copy length
    - debian/patches/CVE-2024-20696.patch: protect
      copy_from_lzss_window_to_unp() in
      libarchive/archive_read_support_format_rar.c.
    - CVE-2024-20696

 -- Marc Deslauriers <email address hidden> Tue, 29 Oct 2024 10:03:06 +0100

CVE-2024-20696 Windows libarchive Remote Code Execution Vulnerability

libarchive Oct 31st 12:07
Release: jammy Repo: main Level: security New version: 3.6.0-1ubuntu1.3
Packages in group:  libarchive13 libarchive-dev

  libarchive (3.6.0-1ubuntu1.3) jammy-security; urgency=medium

  * SECURITY UPDATE: code execution via negative copy length
    - debian/patches/CVE-2024-20696.patch: protect
      copy_from_lzss_window_to_unp() in
      libarchive/archive_read_support_format_rar.c.
    - CVE-2024-20696

 -- Marc Deslauriers <email address hidden> Tue, 29 Oct 2024 10:03:06 +0100

CVE-2024-20696 Windows libarchive Remote Code Execution Vulnerability

libarchive Oct 31st 12:06
Release: focal Repo: universe Level: security New version: 3.4.0-2ubuntu1.4
Packages in group:  libarchive-tools

  libarchive (3.4.0-2ubuntu1.4) focal-security; urgency=medium

  * SECURITY UPDATE: code execution via negative copy length
    - debian/patches/CVE-2024-20696.patch: protect
      copy_from_lzss_window_to_unp() in
      libarchive/archive_read_support_format_rar.c.
    - CVE-2024-20696

 -- Marc Deslauriers <email address hidden> Tue, 29 Oct 2024 10:06:37 +0100

CVE-2024-20696 Windows libarchive Remote Code Execution Vulnerability

firefox Oct 31st 12:06
Release: focal Repo: universe Level: security New version: 132.0+build1-0ubuntu0.20.04.1
Packages in group:  firefox-geckodriver firefox-mozsymbols

  firefox (132.0+build1-0ubuntu0.20.04.1) focal; urgency=medium

  * New upstream release (132.0+build1)

 -- Sebastien Bacher <email address hidden> Wed, 30 Oct 2024 09:20:31 +0100


libarchive Oct 31st 12:06
Release: focal Repo: main Level: security New version: 3.4.0-2ubuntu1.4
Packages in group:  libarchive13 libarchive-dev

  libarchive (3.4.0-2ubuntu1.4) focal-security; urgency=medium

  * SECURITY UPDATE: code execution via negative copy length
    - debian/patches/CVE-2024-20696.patch: protect
      copy_from_lzss_window_to_unp() in
      libarchive/archive_read_support_format_rar.c.
    - CVE-2024-20696

 -- Marc Deslauriers <email address hidden> Tue, 29 Oct 2024 10:06:37 +0100

CVE-2024-20696 Windows libarchive Remote Code Execution Vulnerability

firefox Oct 31st 12:06
Release: focal Repo: main Level: security New version: 132.0+build1-0ubuntu0.20.04.1
Packages in group:  firefox-dbg firefox-dev firefox-locale-af firefox-locale-an firefox-locale-ar firefox-locale-as firefox-locale-ast firefox-locale-az firefox-locale-be firefox-locale-bg firefox-locale-bn (... see all)

  firefox (132.0+build1-0ubuntu0.20.04.1) focal; urgency=medium

  * New upstream release (132.0+build1)

 -- Sebastien Bacher <email address hidden> Wed, 30 Oct 2024 09:20:31 +0100


linux-bluefield Oct 31st 09:06
Release: focal Repo: main Level: updates New version: 5.4.0-1095.102
Packages in group:  linux-bluefield-headers-5.4.0-1007 linux-bluefield-headers-5.4.0-1011 linux-bluefield-headers-5.4.0-1012 linux-bluefield-headers-5.4.0-1013 linux-bluefield-headers-5.4.0-1016 linux-bluefield-headers-5.4.0-1019 linux-bluefield-headers-5.4.0-1020 linux-bluefield-headers-5.4.0-1021 linux-bluefield-headers-5.4.0-1022 linux-bluefield-headers-5.4.0-1023 linux-bluefield-headers-5.4.0-1025 (... see all)

  linux-bluefield (5.4.0-1095.102) focal; urgency=medium

  * focal/linux-bluefield: 5.4.0-1095.102 -proposed tracker (LP: #2082893)

  [ Ubuntu: 5.4.0-200.220 ]

  * focal/linux: 5.4.0-200.220 -proposed tracker (LP: #2082937)
  * Packaging resync (LP: #1786013)
    - [Packaging] debian.master/dkms-versions -- update from kernel-versions
      (main/2024.09.30)
  * CVE-2024-26800
    - tls: rx: coalesce exit paths in tls_decrypt_sg()
    - tls: separate no-async decryption request handling from async
    - tls: fix use-after-free on failed backlog decryption
  * CVE-2024-26641
    - ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv()
  * CVE-2021-47212
    - net/mlx5: Update error handler for UCTX and UMEM
  * wbt:wbt_* trace event NULL pointer dereference with GENHD_FL_HIDDEN disks
    (LP: #2081085)
    - bdi: use bdi_dev_name() to get device name
  * Focal update: v5.4.284 upstream stable release (LP: #2081278)
    - drm: panel-orientation-quirks: Add quirk for OrangePi Neo
    - i2c: Fix conditional for substituting empty ACPI functions
    - net: usb: qmi_wwan: add MeiG Smart SRM825L
    - drm/amdgpu: Fix uninitialized variable warning in amdgpu_afmt_acr
    - drm/amdgpu: fix overflowed array index read warning
    - drm/amd/display: Check gpio_id before used as array index
    - drm/amd/display: Stop amdgpu_dm initialize when stream nums greater than 6
    - drm/amd/display: Check num_valid_sets before accessing reader_wm_sets[]
    - drm/amd/display: Fix Coverity INTEGER_OVERFLOW within
      dal_gpio_service_create
    - drm/amdgpu: fix ucode out-of-bounds read warning
    - drm/amdgpu: fix mc_data out-of-bounds read warning
    - drm/amdkfd: Reconcile the definition and use of oem_id in struct
      kfd_topology_device
    - apparmor: fix possible NULL pointer dereference
    - ionic: fix potential irq name truncation
    - usbip: Don't submit special requests twice
    - usb: typec: ucsi: Fix null pointer dereference in trace
    - smack: tcp: ipv4, fix incorrect labeling
    - wifi: cfg80211: make hash table duplicates more survivable
    - drm/amd/display: Skip wbscl_set_scaler_filter if filter is null
    - media: uvcvideo: Enforce alignment of frame and interval
    - block: initialize integrity buffer to zero before writing it to media
    - net: set SOCK_RCU_FREE before inserting socket into hashtable
    - virtio_net: Fix napi_skb_cache_put warning
    - udf: Limit file size to 4TB
    - i2c: Use IS_REACHABLE() for substituting empty ACPI functions
    - sch/netem: fix use after free in netem_dequeue
    - ASoC: dapm: Fix UAF for snd_soc_pcm_runtime object
    - ALSA: hda/conexant: Add pincfg quirk to enable top speakers on Sirius
      devices
    - ata: libata: Fix memory leak for error path in ata_host_alloc()
    - irqchip/gic-v2m: Fix refcount leak in gicv2m_of_init()
    - mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K
    - mmc: sdhci-of-aspeed: fix module autoloading
    - fuse: update stats for pages

(See more...)
1786013 Packaging resync
2081085 wbt:wbt_* trace event NULL pointer dereference with GENHD_FL_HIDDEN disks
2081278 Focal update: v5.4.284 upstream stable release
2080595 Focal update: v5.4.283 upstream stable release
2078388 Focal update: v5.4.282 upstream stable release
More...

fabric-manager-535 Oct 31st 05:06
Release: jammy Repo: multiverse Level: security New version: 535.216.01-0ubuntu0.22.04.1
Packages in group:  cuda-drivers-fabricmanager-535 nvidia-fabricmanager-535 nvidia-fabricmanager-dev-535

  fabric-manager-535 (535.216.01-0ubuntu0.22.04.1) jammy; urgency=medium

  * New upstream release (LP: #2084013)

 -- Kuba Pawlak <email address hidden> Wed, 09 Oct 2024 18:00:54 +0200


libnvidia-nscq-535 Oct 31st 05:06
Release: jammy Repo: multiverse Level: security New version: 535.216.01-0ubuntu0.22.04.1
Packages in group: 

  libnvidia-nscq-535 (535.216.01-0ubuntu0.22.04.1) jammy; urgency=medium

  * New upstream release (LP: #2084013)

 -- Kuba Pawlak <email address hidden> Wed, 09 Oct 2024 17:13:51 +0200


linux-restricted-signatures Oct 31st 02:07
Release: noble Repo: restricted Level: security New version: 6.8.0-48.48+1
Packages in group:  linux-modules-nvidia-535-open-6.8.0-35-generic linux-modules-nvidia-535-open-6.8.0-36-generic linux-modules-nvidia-535-open-6.8.0-38-generic linux-modules-nvidia-535-open-6.8.0-39-generic linux-modules-nvidia-535-open-6.8.0-40-generic linux-modules-nvidia-535-open-6.8.0-41-generic linux-modules-nvidia-535-open-6.8.0-44-generic linux-modules-nvidia-535-open-6.8.0-45-generic linux-modules-nvidia-535-open-6.8.0-47-generic linux-modules-nvidia-535-open-6.8.0-48-generic linux-modules-nvidia-535-server-open-6.8.0-35-generic (... see all)

  linux-restricted-signatures (6.8.0-48.48+1) noble; urgency=medium

  * Packaging resync (LP: #1786013)
    - [Packaging] debian/dkms-versions -- update from kernel-versions
      (adhoc/2024.09.30)

 -- Andy Whitcroft <email address hidden> Thu, 24 Oct 2024 23:54:50 +0100

1786013 Packaging resync

linux-restricted-modules Oct 31st 02:07
Release: noble Repo: restricted Level: security New version: 6.8.0-48.48+1
Packages in group:  linux-modules-nvidia-470-6.8.0-35-generic linux-modules-nvidia-470-6.8.0-36-generic linux-modules-nvidia-470-6.8.0-38-generic linux-modules-nvidia-470-6.8.0-39-generic linux-modules-nvidia-470-6.8.0-40-generic linux-modules-nvidia-470-6.8.0-41-generic linux-modules-nvidia-470-6.8.0-44-generic linux-modules-nvidia-470-6.8.0-45-generic linux-modules-nvidia-470-6.8.0-47-generic linux-modules-nvidia-470-6.8.0-48-generic linux-modules-nvidia-470-generic (... see all)

  linux-restricted-modules (6.8.0-48.48+1) noble; urgency=medium

  * Packaging resync (LP: #1786013)
    - [Packaging] debian/dkms-versions -- update from kernel-versions
      (adhoc/2024.09.30)

 -- Andy Whitcroft <email address hidden> Thu, 24 Oct 2024 23:54:50 +0100

1786013 Packaging resync

linux-riscv Oct 31st 02:07
Release: noble Repo: main Level: security New version: 6.8.0-48.48.1
Packages in group:  linux-riscv-headers-6.8.0-35 linux-riscv-headers-6.8.0-36 linux-riscv-headers-6.8.0-38 linux-riscv-headers-6.8.0-39 linux-riscv-headers-6.8.0-40 linux-riscv-headers-6.8.0-41 linux-riscv-headers-6.8.0-44 linux-riscv-headers-6.8.0-47 linux-riscv-headers-6.8.0-48

  linux-riscv (6.8.0-48.48.1) noble; urgency=medium

  * noble/linux-riscv: 6.8.0-48.48.1 -proposed tracker (LP: #2082434)

  * Enable Microchip PIC64GX Curiosity Kit (LP: #2074082)
    - dt-bindings: clock: mpfs: add more MSSPLL output definitions
    - dt-bindings: can: mpfs: add missing required clock
    - clk: microchip: mpfs: split MSSPLL in two
    - clk: microchip: mpfs: setup for using other mss pll outputs
    - clk: microchip: mpfs: add missing MSSPLL outputs
    - clk: microchip: mpfs: convert MSSPLL outputs to clk_divider
    - riscv: dts: microchip: add missing CAN bus clocks
    - SAUCE: dt-bindings: can: mpfs: add PIC64GX CAN compatibility
    - SAUCE: dt-bindings: usb: add PIC64GX compatibility to mpfs-musb driver
    - SAUCE: dt-bindings: mbox: add PIC64GX mailbox compatibility to MPFS mailbox
    - SAUCE: dt-bindings: spi: add PIC64GX SPI/QSPI compatibility to MPFS SPI/QSPI
      bindings
    - SAUCE: dt-bindings: gpio: mpfs-gpio: Add PIC64GX GPIO compatibility
    - SAUCE: dt-bindings: cache: sifive,ccache0: add a PIC64GX compatible
    - SAUCE: dt-bindings: clock: mpfs-ccc: Add PIC64GX compatibility
    - SAUCE: dt-bindings: clock: mpfs-clkcfg: Add PIC64GX compatibility
    - SAUCE: dt-bindings: dma: sifive pdma: Add PIC64GX to compatibles
    - SAUCE: dt-bindings: i2c: microchip: corei2c: Add PIC64GX as compatible with
      driver
    - SAUCE: dt-bindings: mmc: cdns: document Microchip PIC64GX MMC/SDHCI
      controller
    - SAUCE: dt-bindings: net: cdns,macb: Add PIC64GX compatibility
    - SAUCE: dt-bindings: rtc: mfps-rtc: Add PIC64GX compatibility
    - SAUCE: dt-bindings: soc: microchip: mpfs-sys-controller: Add PIC64GX
      compatibility
    - SAUCE: dt-bindings: riscv: microchip: document the PIC64GX curiosity kit
    - SAUCE: dt-bindings: mmc: cdns,sdhci: ref sdhci-common.yaml
    - SAUCE: dt-bindings: timer: sifive,clint: add PIC64GX compatibility
    - SAUCE: dt-bindings: interrupt-controller: sifive,plic: Add PIC64GX
      compatibility
    - SAUCE: riscv: dts: microchip: add PIC64GX Curiosity Kit dts

  [ Ubuntu: 6.8.0-48.48 ]

  * noble/linux: 6.8.0-48.48 -proposed tracker (LP: #2082437)
  * [SRU][Noble] Bad EPP defaults cause performance regressions on select Intel
    CPUs (LP: #2077470)
    - x86/cpu/vfm: Update arch/x86/include/asm/intel-family.h
    - cpufreq: intel_pstate: Allow model specific EPPs
    - cpufreq: intel_pstate: Update default EPPs for Meteor Lake
    - cpufreq: intel_pstate: Switch to new Intel CPU model defines
    - cpufreq: intel_pstate: Update Meteor Lake EPPs
    - cpufreq: intel_pstate: Use Meteor Lake EPPs for Arrow Lake
    - cpufreq: intel_pstate: Update Balance performance EPP for Emerald Rapids
  * power: Enable intel_rapl driver (LP: #2078834)
    - powercap: intel_rapl: Add support for ArrowLake-H platform
  * x86/vmware: Add TDX hypercall support (LP: #2077729)
    - x86/vmware: Introduce VMware hypercall API
    - x86/vmware: Add TDX hypercall support
  * Guest crashes post

(See more...)
2074082 Enable Microchip PIC64GX Curiosity Kit
2077470 [SRU][Noble] Bad EPP defaults cause performance regressions on select Intel CPUs
2078834 power: Enable intel_rapl driver
2077729 x86/vmware: Add TDX hypercall support
2076866 Guest crashes post migration with migrate_misplaced_folio+0x4cc/0x5d0
More...

linux-signed Oct 31st 02:07
Release: noble Repo: main Level: security New version: 6.8.0-48.48
Packages in group:  linux-image-6.8.0-35-generic linux-image-6.8.0-36-generic linux-image-6.8.0-38-generic linux-image-6.8.0-39-generic linux-image-6.8.0-40-generic linux-image-6.8.0-41-generic linux-image-6.8.0-44-generic linux-image-6.8.0-45-generic linux-image-6.8.0-47-generic linux-image-6.8.0-48-generic linux-image-uc-6.8.0-35-generic (... see all)

  linux-signed (6.8.0-48.48) noble; urgency=medium

  * Main version: 6.8.0-48.48

  * Packaging resync (LP: #1786013)
    - [Packaging] debian/tracking-bug -- resync from main package

 -- Stefan Bader <email address hidden> Fri, 27 Sep 2024 14:26:06 +0200

1786013 Packaging resync

linux-meta Oct 31st 02:07
Release: noble Repo: main Level: security New version: 6.8.0-48.48
Packages in group:  linux-cloud-tools-generic linux-cloud-tools-generic-hwe-24.04 linux-cloud-tools-generic-hwe-24.04-edge linux-cloud-tools-virtual linux-cloud-tools-virtual-hwe-24.04 linux-cloud-tools-virtual-hwe-24.04-edge linux-crashdump linux-generic linux-generic-hwe-24.04 linux-generic-hwe-24.04-edge linux-headers-generic (... see all)

  linux-meta (6.8.0-48.48) noble; urgency=medium

  * Main version: 6.8.0-48.48

 -- Stefan Bader <email address hidden> Fri, 27 Sep 2024 14:28:31 +0200


linux Oct 31st 02:07
Release: noble Repo: main Level: security New version: 6.8.0-48.48
Packages in group:  linux-buildinfo-6.8.0-35-generic linux-buildinfo-6.8.0-36-generic linux-buildinfo-6.8.0-38-generic linux-buildinfo-6.8.0-39-generic linux-buildinfo-6.8.0-40-generic linux-buildinfo-6.8.0-41-generic linux-buildinfo-6.8.0-44-generic linux-buildinfo-6.8.0-45-generic linux-buildinfo-6.8.0-47-generic linux-buildinfo-6.8.0-48-generic linux-cloud-tools-6.8.0-35 (... see all)

  linux (6.8.0-48.48) noble; urgency=medium

  * noble/linux: 6.8.0-48.48 -proposed tracker (LP: #2082437)

  * [SRU][Noble] Bad EPP defaults cause performance regressions on select Intel
    CPUs (LP: #2077470)
    - x86/cpu/vfm: Update arch/x86/include/asm/intel-family.h
    - cpufreq: intel_pstate: Allow model specific EPPs
    - cpufreq: intel_pstate: Update default EPPs for Meteor Lake
    - cpufreq: intel_pstate: Switch to new Intel CPU model defines
    - cpufreq: intel_pstate: Update Meteor Lake EPPs
    - cpufreq: intel_pstate: Use Meteor Lake EPPs for Arrow Lake
    - cpufreq: intel_pstate: Update Balance performance EPP for Emerald Rapids

  * power: Enable intel_rapl driver (LP: #2078834)
    - powercap: intel_rapl: Add support for ArrowLake-H platform

  * x86/vmware: Add TDX hypercall support (LP: #2077729)
    - x86/vmware: Introduce VMware hypercall API
    - x86/vmware: Add TDX hypercall support

  * Guest crashes post migration with migrate_misplaced_folio+0x4cc/0x5d0
    (LP: #2076866)
    - mm/mempolicy: use numa_node_id() instead of cpu_to_node()
    - mm/numa_balancing: allow migrate on protnone reference with
      MPOL_PREFERRED_MANY policy
    - mm: convert folio_estimated_sharers() to folio_likely_mapped_shared()
    - mm: factor out the numa mapping rebuilding into a new helper
    - mm: support multi-size THP numa balancing
    - mm/migrate: make migrate_misplaced_folio() return 0 on success
    - mm/migrate: move NUMA hinting fault folio isolation + checks under PTL
    - mm: fix possible OOB in numa_rebuild_large_mapping()

  * Add 'mm: hold PTL from the first PTE while reclaiming a large folio' to fix
    L2 Guest hang during LTP Test (LP: #2076147)
    - mm: hold PTL from the first PTE while reclaiming a large folio

  * KOP L2 guest fails to boot with 1 core - SMT8 topology (LP: #2070329)
    - KVM: PPC: Book3S HV nestedv2: Add DPDES support in helper library for Guest
      state buffer
    - KVM: PPC: Book3S HV nestedv2: Fix doorbell emulation

  * L2 Guest migration: continuously dumping while running NFS guest migration
    (LP: #2076406)
    - KVM: PPC: Book3S HV: Fix the set_one_reg for MMCR3
    - KVM: PPC: Book3S HV: Fix the get_one_reg of SDAR
    - KVM: PPC: Book3S HV: Add one-reg interface for DEXCR register
    - KVM: PPC: Book3S HV nestedv2: Keep nested guest DEXCR in sync
    - KVM: PPC: Book3S HV: Add one-reg interface for HASHKEYR register
    - KVM: PPC: Book3S HV nestedv2: Keep nested guest HASHKEYR in sync
    - KVM: PPC: Book3S HV: Add one-reg interface for HASHPKEYR register
    - KVM: PPC: Book3S HV nestedv2: Keep nested guest HASHPKEYR in sync

  * perf build disables tracepoint support (LP: #2076190)
    - [Packaging] perf: reenable libtraceevent

  * Please backport the more restrictive XSAVES deactivation for Zen1/2 arch
    (LP: #2077321)
    - x86/CPU/AMD: Improve the erratum 1386 workaround

  * Fix alsa scarlett2 driver in 6.8 (LP: #2076402)
    - ALSA: scarlett2: Move initialisation

(See more...)
2077470 [SRU][Noble] Bad EPP defaults cause performance regressions on select Intel CPUs
2078834 power: Enable intel_rapl driver
2077729 x86/vmware: Add TDX hypercall support
2076866 Guest crashes post migration with migrate_misplaced_folio+0x4cc/0x5d0
2076147 Add 'mm: hold PTL from the first PTE while reclaiming a large folio' to fix L2 Guest hang during LTP Test
More...



About   -   Send Feedback to @ubuntu_updates