UbuntuUpdates.org

Package "linux"

This package belongs to a PPA: Canonical Kernel Team

Name: linux

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Linux kernel buildinfo for version 3.13.0 on 32 bit x86 SMP
  • Linux kernel buildinfo for version 3.13.0 on 32 bit x86 SMP
  • Linux kernel version specific cloud tools for version 3.13.0
  • Linux kernel specific documentation for version 3.13.0

Latest version: 3.13.0-166.216
Release: trusty (14.04)
Level: base
Repository: main

Links

Save this URL for the latest version of "linux": https://www.ubuntuupdates.org/linux



Other versions of "linux" in Trusty

Repository Area Version
base main 3.13.0-24.46
security main 3.13.0-165.215
updates main 3.13.0-165.215
proposed main 3.13.0-166.216

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 3.13.0-166.216 2019-02-07 22:09:42 UTC

 linux (3.13.0-166.216) trusty; urgency=medium
 .
   * linux: 3.13.0-166.216 -proposed tracker (LP: #1814645)
 .
   * linux-buildinfo: pull out ABI information into its own package
     (LP: #1806380)
     - [Packaging] limit preparation to linux-libc-dev in headers
     - [Packaging] commonise debhelper invocation
     - [Packaging] ABI -- accumulate abi information at the end of the build
     - [Packaging] buildinfo -- add basic build information
     - [Packaging] buildinfo -- add firmware information to the flavour ABI
     - [Packaging] buildinfo -- add compiler information to the flavour ABI
     - [Packaging] buildinfo -- add buildinfo support to getabis
     - [Config] buildinfo -- add retpoline version markers
     - [Packaging] getabis -- handle all known package combinations
     - [Packaging] getabis -- support parsing a simple version
     - [Packaging] autoreconstruct -- base tag is always primary mainline version
 .
   * signing: only install a signed kernel (LP: #1764794)
     - [Debian] usbip tools packaging
     - [Debian] Don't fail if a symlink already exists
     - [Debian] perf -- build in the context of the full generated local headers
     - [Debian] basic hook support
     - [Debian] follow rename of DEB_BUILD_PROFILES
     - [Debian] standardise on stage1 for the bootstrap stage in line with debian
     - [Debian] set do_*_tools after stage1 or bootstrap is determined
     - [Debian] initscripts need installing when making the package
     - [Packaging] reconstruct -- automatically reconstruct against base tag
     - [Debian] add feature interlock with mainline builds
     - [Debian] Remove generated intermediate files on clean
     - [Packaging] prevent linux-*-tools-common from being produced from non linux
       packages
     - SAUCE: ubuntu: vbox -- elide the new symlinks and reconstruct on clean:
     - [Debian] Update to new signing key type and location
     - [Packaging] autoreconstruct -- generate extend-diff-ignore for links
     - [Packaging] reconstruct -- update when inserting final changes
     - [Packaging] update to Debian like control scripts
     - [Packaging] switch to triggers for postinst.d postrm.d handling
     - [Packaging] signing -- switch to raw-signing tarballs
     - [Packaging] signing -- switch to linux-image as signed when available
     - [Packaging] printenv -- add signing options
     - [Packaging] fix invocation of header postinst hooks
     - [Packaging] signing -- add support for signing Opal kernel binaries
     - [Debian] Use src_pkg_name when constructing udeb control files
     - [Debian] Dynamically determine linux udebs package name
     - [Packaging] handle both linux-lts* and linux-hwe* as backports
     - [Config] linux-source-* is in the primary linux namespace
     - [Packaging] lookup the upstream tag
     - [Packaging] switch up to debhelper 9
     - [Packaging] autopkgtest -- disable d-i when dropping flavours
     - [debian] support for ship_extras_package=false
     - [Debian] do_common_tools should always be on
     - [debian] do not force do_tools_common
     - [Packaging] skip cloud tools packaging when not building package
     - [debian] prep linux-libc-dev only if do_libc_dev_package=true
 .
   * Packaging resync (LP: #1786013)
     - [Packaging] update helper scripts
 .
   * kernel oops in bcache module (LP: #1793901)
     - SAUCE: bcache: never writeback a discard operation
 .
   * iptables connlimit allows more connections than the limit when using
     multiple CPUs (LP: #1811094)
     - netfilter: connlimit: improve packet-to-closed-connection logic
     - netfilter: nf_conncount: fix garbage collection confirm race
     - netfilter: nf_conncount: don't skip eviction when age is negative
 .
   * CVE-2019-6133
     - fork: record start_time late
 .
   * test_095_kernel_symbols_missing_proc_self_stack failed on P-LTS
     (LP: #1813001)
     - procfs: make /proc/*/{stack, syscall, personality} 0400

Source diff to previous version
1806380 linux-buildinfo: pull out ABI information into its own package
1764794 signing: only install a signed kernel
1786013 Packaging resync
1793901 kernel oops in bcache module
1811094 iptables connlimit allows more connections than the limit when using multiple CPUs
1813001 test_095_kernel_symbols_missing_proc_self_stack failed on P-LTS
CVE-2019-6133 In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization deci

Version: 3.13.0-165.215 2019-01-16 15:08:10 UTC

 linux (3.13.0-165.215) trusty; urgency=medium
 .
   * linux: 3.13.0-165.215 -proposed tracker (LP: #1811856)
 .
   * CVE-2018-17972
     - proc: restrict kernel stack dumps to root
 .
   * CVE-2018-18281
     - mremap: properly flush TLB before releasing the page
 .
   * 29d6d30f5c8aa58b04f40a58442df3bcaae5a1d5 in btrfs_kernel_fixes failed on T
     (LP: #1809868)
     - Btrfs: send, don't send rmdir for same target multiple times
 .
   * CVE-2018-9568
     - net: Set sk_prot_creator when cloning sockets to the right proto
 .
   * CVE-2018-1066
     - cifs: empty TargetInfo leads to crash on recovery

Source diff to previous version
1809868 29d6d30f5c8aa58b04f40a58442df3bcaae5a1d5 in btrfs_kernel_fixes failed on T
CVE-2018-17972 An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel through 4.18.11. It does not ensure that only root may i
CVE-2018-18281 Since Linux kernel version 3.2, the mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes en
CVE-2018-9568 In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no add
CVE-2018-1066 The Linux kernel before version 4.11 is vulnerable to a NULL pointer dereference in fs/cifs/cifsencrypt.c:setup_ntlmv2_rsp() that allows an attacker

Version: 3.13.0-164.214 2018-12-06 01:08:07 UTC

 linux (3.13.0-164.214) trusty; urgency=medium
 .
   * linux: 3.13.0-164.214 -proposed tracker (LP: #1806428)
 .
   * CVE-2018-12896
     - posix-timers: Sanitize overrun handling
 .
   * CVE-2018-16276
     - USB: yurex: fix out-of-bounds uaccess in read handler
 .
   * CVE-2018-10902
     - ALSA: rawmidi: Change resized buffers atomically
 .
   * CVE-2018-18386
     - n_tty: fix EXTPROC vs ICANON interaction with TIOCINQ (aka FIONREAD)
 .
   * CVE-2017-5753
     - x86/spectre_v1: Disable compiler optimizations over
       array_index_mask_nospec()
     - x86/speculation: Fix up array_index_nospec_mask() asm constraint
     - ALSA: opl3: Hardening for potential Spectre v1
     - ALSA: asihpi: Hardening for potential Spectre v1
     - ALSA: hdspm: Hardening for potential Spectre v1
     - ALSA: rme9652: Hardening for potential Spectre v1
     - ALSA: control: Hardening for potential Spectre v1
     - ALSA: seq: oss: Hardening for potential Spectre v1
     - ALSA: hda: Hardening for potential Spectre v1
     - net: atm: Fix potential Spectre v1
     - atm: zatm: Fix potential Spectre v1
     - perf/x86: Fix possible Spectre-v1 indexing for hw_perf_event cache_*
     - perf/x86: Fix possible Spectre-v1 indexing for x86_pmu::event_map()
     - kernel/sys.c: fix potential Spectre v1 issue
     - HID: hiddev: fix potential Spectre v1
     - atm: zatm: Fix potential Spectre v1
     - net: cxgb3_main: fix potential Spectre v1
     - netlink: Fix spectre v1 gadget in netlink_create()
     - net: socket: fix potential spectre v1 gadget in socketcall
     - libahci: Fix possible Spectre-v1 pmp indexing in ahci_led_store()
     - ext4: fix spectre gadget in ext4_mb_regular_allocator()
     - fs/quota: Fix spectre gadget in do_quotactl
     - misc: hmc6352: fix potential Spectre v1
     - tty: vt_ioctl: fix potential Spectre v1
 .
   * CVE-2018-18710
     - cdrom: fix improper type cast, which can leat to information leak.
 .
   * CVE-2018-18690
     - xfs: don't fail when converting shortform attr to long form during
       ATTR_REPLACE
 .
   * CVE-2018-14734
     - infiniband: fix a possible use-after-free bug
 .
   * CVE-2017-2647 // CVE-2017-2647 / CVE-2017-6951
     - keys: Guard against null match function in keyring_search_aux()

CVE-2018-12896 An issue was discovered in the Linux kernel through 4.17.3. An Integer Overflow in kernel/time/posix-timers.c in the POSIX timer code is caused by th
CVE-2018-16276 An issue was discovered in yurex_read in drivers/usb/misc/yurex.c in the Linux kernel before 4.17.7. Local attackers could use user access read/write
CVE-2018-10902 It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_
CVE-2018-18386 drivers/tty/n_tty.c in the Linux kernel before 4.14.11 allows local attackers (who are able to access pseudo terminals) to hang/block further usage o
CVE-2017-5753 Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker wi
CVE-2018-18710 An issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by lo
CVE-2018-18690 In the Linux kernel before 4.17, a local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational until the ne
CVE-2018-14734 drivers/infiniband/core/ucma.c in the Linux kernel through 4.17.11 allows ucma_leave_multicast to access a certain data structure after a cleanup ste
CVE-2017-2647 The KEYS subsystem in the Linux kernel before 3.18 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and s
CVE-2017-6951 The keyring_search_aux function in security/keys/keyring.c in the Linux kernel through 3.14.79 allows local users to cause a denial of service (NULL

Version: *DELETED* 2018-12-05 16:08:02 UTC
No changelog for deleted or moved packages.

Version: 3.13.0-163.213 2018-11-14 12:10:15 UTC

 linux (3.13.0-163.213) trusty; urgency=medium
 .
   * linux: 3.13.0-163.213 -proposed tracker (LP: #1802769)
 .
   * Bypass of mount visibility through userns + mount propagation (LP: #1789161)
     - mount: Retest MNT_LOCKED in do_umount
     - mount: Don't allow copying MNT_UNBINDABLE|MNT_LOCKED mounts
 .
   * dev test in ubuntu_stress_smoke_test cause kernel oops on T-3.13
     (LP: #1797546)
     - drm: fix NULL pointer access by wrong ioctl
 .
   * Packaging resync (LP: #1786013)
     - [Package] add support for specifying the primary makefile

1789161 Bypass of mount visibility through userns + mount propagation
1797546 dev test in ubuntu_stress_smoke_test cause kernel oops on T-3.13
1786013 Packaging resync



About   -   Send Feedback to @ubuntu_updates