Package "linux-cloud-tools-4.4.0-28-generic"
Name: |
linux-cloud-tools-4.4.0-28-generic
|
Description: |
Linux kernel version specific cloud tools for version 4.4.0-28
|
Latest version: |
4.4.0-28.47~14.04.1 |
Release: |
trusty (14.04) |
Level: |
base |
Repository: |
main |
Head package: |
linux-lts-xenial |
Links
Download "linux-cloud-tools-4.4.0-28-generic"
Other versions of "linux-cloud-tools-4.4.0-28-generic" in Trusty
No other version of this package is available
in the Trusty release.
Changelog
linux-lts-xenial (4.4.0-146.172~14.04.1) trusty; urgency=medium
.
* linux-lts-xenial: 4.4.0-146.172~14.04.1 -proposed tracker (LP: #1822833)
.
* Packaging resync (LP: #1786013)
- [Packaging] resync git-ubuntu-log
.
[ Ubuntu: 4.4.0-146.172 ]
.
* linux: 4.4.0-146.172 -proposed tracker (LP: #1822834)
* Packaging resync (LP: #1786013)
- [Packaging] update helper scripts
- [Packaging] resync retpoline extraction
* 3b080b2564287be91605bfd1d5ee985696e61d3c in ubuntu_btrfs_kernel_fixes
triggers system hang on i386 (LP: #1812845)
- btrfs: raid56: properly unmap parity page in finish_parity_scrub()
* Xenial update: 4.4.177 upstream stable release (LP: #1822271)
- ceph: avoid repeatedly adding inode to mdsc->snap_flush_list
- numa: change get_mempolicy() to use nr_node_ids instead of MAX_NUMNODES
- KEYS: allow reaching the keys quotas exactly
- mfd: ti_am335x_tscadc: Use PLATFORM_DEVID_AUTO while registering mfd cells
- mfd: twl-core: Fix section annotations on {,un}protect_pm_master
- mfd: db8500-prcmu: Fix some section annotations
- mfd: ab8500-core: Return zero in get_register_interruptible()
- mfd: qcom_rpm: write fw_version to CTRL_REG
- mfd: wm5110: Add missing ASRC rate register
- mfd: mc13xxx: Fix a missing check of a register-read failure
- net: hns: Fix use after free identified by SLUB debug
- MIPS: ath79: Enable OF serial ports in the default config
- scsi: qla4xxx: check return code of qla4xxx_copy_from_fwddb_param
- scsi: isci: initialize shost fully before calling scsi_add_host()
- MIPS: jazz: fix 64bit build
- isdn: i4l: isdn_tty: Fix some concurrency double-free bugs
- atm: he: fix sign-extension overflow on large shift
- leds: lp5523: fix a missing check of return value of lp55xx_read
- isdn: avm: Fix string plus integer warning from Clang
- RDMA/srp: Rework SCSI device reset handling
- KEYS: user: Align the payload buffer
- KEYS: always initialize keyring_index_key::desc_len
- batman-adv: fix uninit-value in batadv_interface_tx()
- net/packet: fix 4gb buffer limit due to overflow check
- team: avoid complex list operations in team_nl_cmd_options_set()
- sit: check if IPv6 enabled before calling ip6_err_gen_icmpv6_unreach()
- net/mlx4_en: Force CHECKSUM_NONE for short ethernet frames
- ARCv2: Enable unaligned access in early ASM code
- Revert "bridge: do not add port to router list when receives query with
source 0.0.0.0"
- libceph: handle an empty authorize reply
- drm/msm: Unblock writer if reader closes file
- ASoC: Intel: Haswell/Broadwell: fix setting for .dynamic field
- ALSA: compress: prevent potential divide by zero bugs
- thermal: int340x_thermal: Fix a NULL vs IS_ERR() check
- usb: dwc3: gadget: Fix the uninitialized link_state when udc starts
- usb: gadget: Potential NULL dereference on allocation error
- ASoC: dapm: change snprintf to scnprintf for possible overflow
- ASoC: imx-audmux: change snprintf to scnprintf for possible overflow
- ARC: fix __ffs return value to avoid build warnings
- mac80211: fix miscounting of ttl-dropped frames
- serial: fsl_lpuart: fix maximum acceptable baud rate with over-sampling
- scsi: csiostor: fix NULL pointer dereference in csio_vport_set_state()
- net: altera_tse: fix connect_local_phy error path
- ibmveth: Do not process frames after calling napi_reschedule
- mac80211: don't initiate TDLS connection if station is not associated to AP
- cfg80211: extend range deviation for DMG
- KVM: nSVM: clear events pending from svm_complete_interrupts() when exiting
to L1
- arm/arm64: KVM: Feed initialized memory to MMIO accesses
- KVM: arm/arm64: Fix MMIO emulation data handling
- powerpc: Always initialize input array when calling epapr_hypercall()
- mmc: spi: Fix card detection during probe
- x86/uaccess: Don't leak the AC flag into __put_user() value evaluation
- USB: serial: option: add Telit ME910 ECM composition
- USB: serial: cp210x: add ID for Ingenico 3070
- USB: serial: ftdi_sio: add ID for Hjelmslund Electronics USB485
- cpufreq: Use struct kobj_attribute instead of struct global_attr
- sockfs: getxattr: Fail with -EOPNOTSUPP for invalid attribute names
- ncpfs: fix build warning of strncpy
- isdn: isdn_tty: fix build warning of strncpy
- staging: lustre: fix buffer overflow of string buffer
- net-sysfs: Fix mem leak in netdev_register_kobject
- team: Free BPF filter when unregistering netdev
- bnxt_en: Drop oversize TX packets to prevent errors.
- net: nfc: Fix NULL dereference on nfc_llcp_build_tlv fails
- xen-netback: fix occasional leak of grant ref mappings under memory pressure
- net: Add __icmp_send helper.
- net: avoid use IPCB in cipso_v4_error
- net: phy: Micrel KSZ8061: link failure after cable connect
- x86/CPU/AMD: Set the CPB bit unconditionally on F17h
- applicom: Fix potential Spectre v1 vulnerabilities
- MIPS: irq: Allocate accurate order pages for irq stack
- hugetlbfs: fix races and page leaks during migration
- netlabel: fix out-of-bounds memory accesses
- net: dsa: mv88e6xxx: Fix u64 statistics
- ip6mr: Do not call __IP6_INC_STATS() from preemptible context
- media: uvcvideo: Fix 'type' check leading to overflow
- vti4: Fix a ipip packet processing bug in 'IPCOMP' virtual tunnel
- perf tools: Handle TOPOLOGY headers with no CPU
- IB/{hfi1, qib}: Fix WC.byte_len calculation for UD_SEND_WITH_IMM
- ipvs: Fix signed integer overflow when setsockopt timeout
- iommu/amd: Fix IOMMU page flush when detach device from a domain
- xtensa: SMP: fix ccount_timer_shutdown
- xtensa: SMP: fix secondary CPU initialization
- xtensa: smp_lx200_defconfi
|
Source diff to previous version |
1786013 |
Packaging resync |
1812845 |
3b080b2564287be91605bfd1d5ee985696e61d3c in ubuntu_btrfs_kernel_fixes triggers system hang on i386 |
1822271 |
Xenial update: 4.4.177 upstream stable release |
1807259 |
sky2 ethernet card doesn't work after returning from suspend |
1809843 |
sky2 ethernet card link not up after suspend |
1819881 |
[CONFIG] please enable highdpi font FONT_TER16x32 |
1821259 |
Hard lockup in 2 CPUs due to deadlock in cpu_stoppers |
1820419 |
linux-generic should depend on linux-base \u003e=4.1 |
|
linux-lts-xenial (4.4.0-144.170~14.04.1) trusty; urgency=medium
.
* linux-lts-xenial: 4.4.0-144.170~14.04.1 -proposed tracker (LP: #1819659)
.
* Packaging resync (LP: #1786013)
- [Packaging] resync getabis
- [Packaging] update update.conf
.
* Strip specific changes from update-from-*master (LP: #1817734)
- Packaging: Introduce copy-files and local-mangle
- Packaging: Make update-from-*master call copy-files
.
[ Ubuntu: 4.4.0-144.170 ]
.
* linux: 4.4.0-144.170 -proposed tracker (LP: #1819660)
* Packaging resync (LP: #1786013)
- [Packaging] resync getabis
- [Packaging] update helper scripts
- [Packaging] resync retpoline extraction
* C++ demangling support missing from perf (LP: #1396654)
- [Packaging] fix a mistype
* CVE-2019-9213
- mm: enforce min addr even if capable() in expand_downwards()
* CVE-2019-3460
- Bluetooth: Check L2CAP option sizes returned from l2cap_get_conf_opt
* Xenial update: 4.4.176 upstream stable release (LP: #1818815)
- net: fix IPv6 prefix route residue
- vsock: cope with memory allocation failure at socket creation time
- hwmon: (lm80) Fix missing unlock on error in set_fan_div()
- net: Fix for_each_netdev_feature on Big endian
- net: Add header for usage of fls64()
- tcp: tcp_v4_err() should be more careful
- net: Do not allocate page fragments that are not skb aligned
- tcp: clear icsk_backoff in tcp_write_queue_purge()
- vxlan: test dev->flags & IFF_UP before calling netif_rx()
- net: stmmac: Fix a race in EEE enable callback
- net: ipv4: use a dedicated counter for icmp_v4 redirect packets
- x86: livepatch: Treat R_X86_64_PLT32 as R_X86_64_PC32
- mfd: as3722: Handle interrupts on suspend
- mfd: as3722: Mark PM functions as __maybe_unused
- net/x25: do not hold the cpu too long in x25_new_lci()
- mISDN: fix a race in dev_expire_timer()
- ax25: fix possible use-after-free
- Linux 4.4.176
* sky2 ethernet card don't work after returning from suspension
(LP: #1798921) // Xenial update: 4.4.176 upstream stable release
(LP: #1818815)
- sky2: Increase D3 delay again
* Xenial update: 4.4.175 upstream stable release (LP: #1818813)
- drm/bufs: Fix Spectre v1 vulnerability
- staging: iio: adc: ad7280a: handle error from __ad7280_read32()
- ASoC: Intel: mrfld: fix uninitialized variable access
- scsi: lpfc: Correct LCB RJT handling
- ARM: 8808/1: kexec:offline panic_smp_self_stop CPU
- dlm: Don't swamp the CPU with callbacks queued during recovery
- x86/PCI: Fix Broadcom CNB20LE unintended sign extension (redux)
- powerpc/pseries: add of_node_put() in dlpar_detach_node()
- serial: fsl_lpuart: clear parity enable bit when disable parity
- ptp: check gettime64 return code in PTP_SYS_OFFSET ioctl
- staging:iio:ad2s90: Make probe handle spi_setup failure
- staging: iio: ad7780: update voltage on read
- ARM: OMAP2+: hwmod: Fix some section annotations
- modpost: validate symbol names also in find_elf_symbol
- perf tools: Add Hygon Dhyana support
- soc/tegra: Don't leak device tree node reference
- f2fs: move dir data flush to write checkpoint process
- f2fs: fix wrong return value of f2fs_acl_create
- sunvdc: Do not spin in an infinite loop when vio_ldc_send() returns EAGAIN
- nfsd4: fix crash on writing v4_end_grace before nfsd startup
- arm64: ftrace: don't adjust the LR value
- ARM: dts: mmp2: fix TWSI2
- x86/fpu: Add might_fault() to user_insn()
- media: DaVinci-VPBE: fix error handling in vpbe_initialize()
- smack: fix access permissions for keyring
- usb: hub: delay hub autosuspend if USB3 port is still link training
- timekeeping: Use proper seqcount initializer
- ARM: dts: Fix OMAP4430 SDP Ethernet startup
- mips: bpf: fix encoding bug for mm_srlv32_op
- iommu/arm-smmu-v3: Use explicit mb() when moving cons pointer
- sata_rcar: fix deferred probing
- clk: imx6sl: ensure MMDC CH0 handshake is bypassed
- cpuidle: big.LITTLE: fix refcount leak
- i2c-axxia: check for error conditions first
- udf: Fix BUG on corrupted inode
- ARM: pxa: avoid section mismatch warning
- ASoC: fsl: Fix SND_SOC_EUKREA_TLV320 build error on i.MX8M
- memstick: Prevent memstick host from getting runtime suspended during card
detection
- tty: serial: samsung: Properly set flags in autoCTS mode
- arm64: KVM: Skip MMIO insn after emulation
- powerpc/uaccess: fix warning/error with access_ok()
- mac80211: fix radiotap vendor presence bitmap handling
- xfrm6_tunnel: Fix spi check in __xfrm6_tunnel_alloc_spi
- Bluetooth: Fix unnecessary error message for HCI request completion
- cw1200: Fix concurrency use-after-free bugs in cw1200_hw_scan()
- drbd: narrow rcu_read_lock in drbd_sync_handshake
- drbd: disconnect, if the wrong UUIDs are attached on a connected peer
- drbd: skip spurious timeout (ping-timeo) when failing promote
- drbd: Avoid Clang warning about pointless switch statment
- video: clps711x-fb: release disp device node in probe()
- fbdev: fbmem: behave better with small rotated displays and many CPUs
- fbdev: fbcon: Fix unregister crash when more than one framebuffer
- KVM: x86: svm: report MSR_IA32_MCG_EXT_CTL as unsupported
- NFS: nfs_compare_mount_options always compare auth flavors.
- hwmon: (lm80) fix a missing check of the status of SMBus read
- hwmon: (lm80) fix a missing check of bus read in lm80 probe
- seq_buf: Make seq_buf_puts() null-terminate the buffer
- crypto: ux500 - Use proper enum in cryp_set_dma_transfer
- crypto: ux500 - Use proper enum in hash_set_dma_transfer
- cifs: check ntwrk_buf_start for NULL before dereferencing it
- um: Avoid marking pages with "changed pro
|
Source diff to previous version |
1786013 |
Packaging resync |
1817734 |
Strip specific changes from update-from-*master |
1818815 |
Xenial update: 4.4.176 upstream stable release |
1798921 |
sky2 ethernet card don't work after returning from suspension |
1818813 |
Xenial update: 4.4.175 upstream stable release |
1818806 |
Xenial update: 4.4.174 upstream stable release |
1818803 |
Xenial update: 4.4.173 upstream stable release |
1818797 |
Xenial update: 4.4.172 upstream stable release |
1818237 |
Xenial update: 4.4.171 upstream stable release |
1752072 |
[Packaging] Allow overlay of config annotations |
1816756 |
squashfs hardening |
1816806 |
Update ENA driver to version 2.0.3K |
1814095 |
bnxt_en_po: TX timed out triggering Netdev Watchdog Timer |
1817628 |
Regular D-state processes impacting LXD containers |
1817784 |
libsas disks can have non-unique by-path names |
1817918 |
Hard lockups due to unrestricted lapic timer delay |
CVE-2019-9213 |
In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to |
CVE-2019-3460 |
Heap data infoleak in multiple locations including functionl2cap_parse_conf_rsp |
CVE-2018-9517 |
In pppol2tp_connect, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execut |
CVE-2019-3459 |
Heap address infoleak in use of l2cap_get_conf_opt |
CVE-2019-7222 |
KVM: x86: work around leak of uninitialized stack contents |
CVE-2019-7221 |
KVM: nVMX: use-after-free of the hrtimer for emulation of the preemption timer |
CVE-2019-6974 |
In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading |
|
linux-lts-xenial (4.4.0-143.169~14.04.2) trusty; urgency=medium
.
* linux-lts-xenial: 4.4.0-143.169~14.04.2 -proposed tracker (LP: #1814649)
.
* Packaging resync (LP: #1786013)
- [Packaging] update helper scripts
.
* signing: only install a signed kernel (LP: #1764794)
- [Config] linux-headers common package is in the linux namespace
.
* linux-buildinfo: pull out ABI information into its own package
(LP: #1806380)
- [Packaging] drop redundant = from define statements
- [Config] resync flavour-control.stub
.
[ Ubuntu: 4.4.0-143.169 ]
.
* linux: 4.4.0-143.169 -proposed tracker (LP: #1814647)
* x86/kvm: Backport fixup and missing commits (LP: #1811646)
- KVM: x86: avoid vmalloc(0) in the KVM_SET_CPUID
- kvm: nVMX: VMCLEAR an active shadow VMCS after last use
- X86/nVMX: Properly set spec_ctrl and pred_cmd before merging MSRs
- KVM/VMX: Optimize vmx_vcpu_run() and svm_vcpu_run() by marking the RDMSR
path as unlikely()
- kvm: x86: IA32_ARCH_CAPABILITIES is always supported
- KVM: SVM: Add MSR-based feature support for serializing LFENCE
- KVM: X86: Allow userspace to define the microcode version
- KVM: x86: SVM: Call x86_spec_ctrl_set_guest/host() with interrupts disabled
- KVM: VMX: fixes for vmentry_l1d_flush module parameter
- kvm: svm: Ensure an IBPB on all affected CPUs when freeing a vmcb
- kvm: vmx: Scrub hardware GPRs at VM-exit
- SAUCE: [Fix] x86/KVM/VMX: Add L1D flush logic
- SAUCE: KVM: Move code fragments, cleanup and re-indent
* linux-buildinfo: pull out ABI information into its own package
(LP: #1806380)
- [Packaging] limit preparation to linux-libc-dev in headers
- [Packaging] commonise debhelper invocation
- [Packaging] ABI -- accumulate abi information at the end of the build
- [Packaging] buildinfo -- add basic build information
- [Packaging] buildinfo -- add firmware information to the flavour ABI
- [Packaging] buildinfo -- add compiler information to the flavour ABI
- [Packaging] buildinfo -- add buildinfo support to getabis
- [Config] buildinfo -- add retpoline version markers
- [Packaging] getabis -- handle all known package combinations
- [Packaging] getabis -- support parsing a simple version
* signing: only install a signed kernel (LP: #1764794)
- [Packaging] update to Debian like control scripts
- [Packaging] switch to triggers for postinst.d postrm.d handling
- [Packaging] signing -- switch to raw-signing tarballs
- [Packaging] signing -- switch to linux-image as signed when available
- [Packaging] printenv -- add signing options
- [Packaging] fix invocation of header postinst hooks
- [Packaging] signing -- add support for signing Opal kernel binaries
- [Debian] Use src_pkg_name when constructing udeb control files
- [Debian] Dynamically determine linux udebs package name
- [Packaging] handle both linux-lts* and linux-hwe* as backports
- [Config] linux-source-* is in the primary linux namespace
- [Packaging] lookup the upstream tag
- [Packaging] zfs/spl -- enhance provides information
- [Packaging] switch up to debhelper 9
- [Packaging] autopkgtest -- disable d-i when dropping flavours
- [debian] support for ship_extras_package=false
- [Debian] do_common_tools should always be on
- [debian] do not force do_tools_common
- [Packaging] Add linux-tools-host package for VM host tools
- [Packaging] signing should be conditional
- [Packaging] skip cloud tools packaging when not building package
- [Packaging] add acpidbg
- [debian] prep linux-libc-dev only if do_libc_dev_package=true
- [Packaging] Only install cloud init files when do_tools_common=true
* Redpine: Driver crash with network-manager 1.10 and above (LP: #1813869)
- SAUCE: Redpine: enhancement for MAC spoofing to avoid kernel crash
* Guests using IBRS incur a large performance penalty (LP: #1764956)
- SAUCE: Restore the IBRS host state on VMEXIT
* Xenial update: 4.4.170 upstream stable release (LP: #1811647)
- USB: hso: Fix OOB memory access in hso_probe/hso_get_config_data
- xhci: Don't prevent USB2 bus suspend in state check intended for USB3 only
- USB: serial: option: add GosunCn ZTE WeLink ME3630
- USB: serial: option: add HP lt4132
- USB: serial: option: add Simcom SIM7500/SIM7600 (MBIM mode)
- USB: serial: option: add Fibocom NL668 series
- USB: serial: option: add Telit LN940 series
- mmc: core: Reset HPI enabled state during re-init and in case of errors
- mmc: omap_hsmmc: fix DMA API warning
- gpio: max7301: fix driver for use with CONFIG_VMAP_STACK
- Drivers: hv: vmbus: Return -EINVAL for the sys files for unopened channels
- x86/mtrr: Don't copy uninitialized gentry fields back to userspace
- drm/ioctl: Fix Spectre v1 vulnerabilities
- ip6mr: Fix potential Spectre v1 vulnerability
- ipv4: Fix potential Spectre v1 vulnerability
- ax25: fix a use-after-free in ax25_fillin_cb()
- ibmveth: fix DMA unmap error in ibmveth_xmit_start error path
- ieee802154: lowpan_header_create check must check daddr
- ipv6: explicitly initialize udp6_addr in udp_sock_create6()
- isdn: fix kernel-infoleak in capi_unlocked_ioctl
- netrom: fix locking in nr_find_socket()
- packet: validate address length
- packet: validate address length if non-zero
- sctp: initialize sin6_flowinfo for ipv6 addrs in sctp_inet6addr_event
- vhost: make sure used idx is seen before log in vhost_add_used_n()
- VSOCK: Send reset control packet when socket is partially bound
- xen/netfront: tolerate frags with no data
- gro_cell: add napi_disable in gro_cells_destroy
- sock: Make sock->sk_stamp thread-safe
- ALSA: rme9652: Fix potential Spectre v1 vulnerability
- ALSA: emu1
|
Source diff to previous version |
1786013 |
Packaging resync |
1764794 |
signing: only install a signed kernel |
1806380 |
linux-buildinfo: pull out ABI information into its own package |
1811646 |
x86/kvm: Backport fixup and missing commits |
1813869 |
Redpine: Driver crash with network-manager 1.10 and above |
1764956 |
Guests using IBRS incur a large performance penalty |
1811647 |
Xenial update: 4.4.170 upstream stable release |
1811252 |
Xenial update: 4.4.169 upstream stable release |
1811080 |
Xenial update: 4.4.168 upstream stable release |
1793901 |
kernel oops in bcache module |
1813873 |
Userspace break as a result of missing patch backport |
1811803 |
Crash on \ |
CVE-2019-6133 |
In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization deci |
|
linux-lts-xenial (4.4.0-143.169~14.04.1) trusty; urgency=medium
.
* linux-lts-xenial: 4.4.0-143.169~14.04.1 -proposed tracker (LP: #1814649)
.
* linux-buildinfo: pull out ABI information into its own package
(LP: #1806380)
- [Packaging] drop redundant = from define statements
- [Config] resync flavour-control.stub
.
[ Ubuntu: 4.4.0-143.169 ]
.
* linux: 4.4.0-143.169 -proposed tracker (LP: #1814647)
* x86/kvm: Backport fixup and missing commits (LP: #1811646)
- KVM: x86: avoid vmalloc(0) in the KVM_SET_CPUID
- kvm: nVMX: VMCLEAR an active shadow VMCS after last use
- X86/nVMX: Properly set spec_ctrl and pred_cmd before merging MSRs
- KVM/VMX: Optimize vmx_vcpu_run() and svm_vcpu_run() by marking the RDMSR
path as unlikely()
- kvm: x86: IA32_ARCH_CAPABILITIES is always supported
- KVM: SVM: Add MSR-based feature support for serializing LFENCE
- KVM: X86: Allow userspace to define the microcode version
- KVM: x86: SVM: Call x86_spec_ctrl_set_guest/host() with interrupts disabled
- KVM: VMX: fixes for vmentry_l1d_flush module parameter
- kvm: svm: Ensure an IBPB on all affected CPUs when freeing a vmcb
- kvm: vmx: Scrub hardware GPRs at VM-exit
- SAUCE: [Fix] x86/KVM/VMX: Add L1D flush logic
- SAUCE: KVM: Move code fragments, cleanup and re-indent
* linux-buildinfo: pull out ABI information into its own package
(LP: #1806380)
- [Packaging] limit preparation to linux-libc-dev in headers
- [Packaging] commonise debhelper invocation
- [Packaging] ABI -- accumulate abi information at the end of the build
- [Packaging] buildinfo -- add basic build information
- [Packaging] buildinfo -- add firmware information to the flavour ABI
- [Packaging] buildinfo -- add compiler information to the flavour ABI
- [Packaging] buildinfo -- add buildinfo support to getabis
- [Config] buildinfo -- add retpoline version markers
- [Packaging] getabis -- handle all known package combinations
- [Packaging] getabis -- support parsing a simple version
* signing: only install a signed kernel (LP: #1764794)
- [Packaging] update to Debian like control scripts
- [Packaging] switch to triggers for postinst.d postrm.d handling
- [Packaging] signing -- switch to raw-signing tarballs
- [Packaging] signing -- switch to linux-image as signed when available
- [Packaging] printenv -- add signing options
- [Packaging] fix invocation of header postinst hooks
- [Packaging] signing -- add support for signing Opal kernel binaries
- [Debian] Use src_pkg_name when constructing udeb control files
- [Debian] Dynamically determine linux udebs package name
- [Packaging] handle both linux-lts* and linux-hwe* as backports
- [Config] linux-source-* is in the primary linux namespace
- [Packaging] lookup the upstream tag
- [Packaging] zfs/spl -- enhance provides information
- [Packaging] switch up to debhelper 9
- [Packaging] autopkgtest -- disable d-i when dropping flavours
- [debian] support for ship_extras_package=false
- [Debian] do_common_tools should always be on
- [debian] do not force do_tools_common
- [Packaging] Add linux-tools-host package for VM host tools
- [Packaging] signing should be conditional
- [Packaging] skip cloud tools packaging when not building package
- [Packaging] add acpidbg
- [debian] prep linux-libc-dev only if do_libc_dev_package=true
- [Packaging] Only install cloud init files when do_tools_common=true
* Redpine: Driver crash with network-manager 1.10 and above (LP: #1813869)
- SAUCE: Redpine: enhancement for MAC spoofing to avoid kernel crash
* Guests using IBRS incur a large performance penalty (LP: #1764956)
- SAUCE: Restore the IBRS host state on VMEXIT
* Xenial update: 4.4.170 upstream stable release (LP: #1811647)
- USB: hso: Fix OOB memory access in hso_probe/hso_get_config_data
- xhci: Don't prevent USB2 bus suspend in state check intended for USB3 only
- USB: serial: option: add GosunCn ZTE WeLink ME3630
- USB: serial: option: add HP lt4132
- USB: serial: option: add Simcom SIM7500/SIM7600 (MBIM mode)
- USB: serial: option: add Fibocom NL668 series
- USB: serial: option: add Telit LN940 series
- mmc: core: Reset HPI enabled state during re-init and in case of errors
- mmc: omap_hsmmc: fix DMA API warning
- gpio: max7301: fix driver for use with CONFIG_VMAP_STACK
- Drivers: hv: vmbus: Return -EINVAL for the sys files for unopened channels
- x86/mtrr: Don't copy uninitialized gentry fields back to userspace
- drm/ioctl: Fix Spectre v1 vulnerabilities
- ip6mr: Fix potential Spectre v1 vulnerability
- ipv4: Fix potential Spectre v1 vulnerability
- ax25: fix a use-after-free in ax25_fillin_cb()
- ibmveth: fix DMA unmap error in ibmveth_xmit_start error path
- ieee802154: lowpan_header_create check must check daddr
- ipv6: explicitly initialize udp6_addr in udp_sock_create6()
- isdn: fix kernel-infoleak in capi_unlocked_ioctl
- netrom: fix locking in nr_find_socket()
- packet: validate address length
- packet: validate address length if non-zero
- sctp: initialize sin6_flowinfo for ipv6 addrs in sctp_inet6addr_event
- vhost: make sure used idx is seen before log in vhost_add_used_n()
- VSOCK: Send reset control packet when socket is partially bound
- xen/netfront: tolerate frags with no data
- gro_cell: add napi_disable in gro_cells_destroy
- sock: Make sock->sk_stamp thread-safe
- ALSA: rme9652: Fix potential Spectre v1 vulnerability
- ALSA: emu10k1: Fix potential Spectre v1 vulnerabilities
- ALSA: pcm: Fix potential Spectre v1 vulnerability
- ALSA: emux: Fix potential Spectre v1 vulnerabilities
- ALSA: hda: add mute LED support for HP Elit
|
Source diff to previous version |
1806380 |
linux-buildinfo: pull out ABI information into its own package |
1811646 |
x86/kvm: Backport fixup and missing commits |
1764794 |
signing: only install a signed kernel |
1813869 |
Redpine: Driver crash with network-manager 1.10 and above |
1764956 |
Guests using IBRS incur a large performance penalty |
1811647 |
Xenial update: 4.4.170 upstream stable release |
1811252 |
Xenial update: 4.4.169 upstream stable release |
1811080 |
Xenial update: 4.4.168 upstream stable release |
1793901 |
kernel oops in bcache module |
1813873 |
Userspace break as a result of missing patch backport |
1811803 |
Crash on \ |
CVE-2019-6133 |
In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization deci |
|
linux-lts-xenial (4.4.0-142.168~14.04.1) trusty; urgency=medium
.
* linux-lts-xenial: 4.4.0-142.168~14.04.1 -proposed tracker (LP: #1811848)
.
* Xenial update: 4.4.164 upstream stable release (LP: #1810947)
- [Config] Remove CONFIG{,_ARCH_USE}_QUEUED_SPINLOCKS
.
* Packaging resync (LP: #1786013)
- [Packaging] update update.conf
.
[ Ubuntu: 4.4.0-142.168 ]
.
* linux: 4.4.0-142.168 -proposed tracker (LP: #1811846)
* Packaging resync (LP: #1786013)
- [Packaging] update helper scripts
* iptables connlimit allows more connections than the limit when using
multiple CPUs (LP: #1811094)
- netfilter: xt_connlimit: don't store address in the conn nodes
- SAUCE: netfilter: xt_connlimit: remove the 'addr' parameter in add_hlist()
- netfilter: nf_conncount: expose connection list interface
- netfilter: nf_conncount: Fix garbage collection with zones
- netfilter: nf_conncount: fix garbage collection confirm race
- netfilter: nf_conncount: don't skip eviction when age is negative
* CVE-2017-5715
- SAUCE: x86/speculation: Cleanup IBPB runtime control handling
- SAUCE: x86/speculation: Cleanup IBRS runtime control handling
- SAUCE: x86/speculation: Use x86_spec_ctrl_base in entry/exit code
- SAUCE: x86/speculation: Move RSB_CTXSW hunk
* Xenial update: 4.4.167 upstream stable release (LP: #1811077)
- media: em28xx: Fix use-after-free when disconnecting
- Revert "wlcore: Add missing PM call for
wlcore_cmd_wait_for_event_or_timeout()"
- rapidio/rionet: do not free skb before reading its length
- s390/qeth: fix length check in SNMP processing
- usbnet: ipheth: fix potential recvmsg bug and recvmsg bug 2
- kvm: mmu: Fix race in emulated page table writes
- xtensa: enable coprocessors that are being flushed
- xtensa: fix coprocessor context offset definitions
- Btrfs: ensure path name is null terminated at btrfs_control_ioctl
- ALSA: wss: Fix invalid snd_free_pages() at error path
- ALSA: ac97: Fix incorrect bit shift at AC97-SPSA control write
- ALSA: control: Fix race between adding and removing a user element
- ALSA: sparc: Fix invalid snd_free_pages() at error path
- ext2: fix potential use after free
- dmaengine: at_hdmac: fix memory leak in at_dma_xlate()
- dmaengine: at_hdmac: fix module unloading
- btrfs: release metadata before running delayed refs
- USB: usb-storage: Add new IDs to ums-realtek
- usb: core: quirks: add RESET_RESUME quirk for Cherry G230 Stream series
- misc: mic/scif: fix copy-paste error in scif_create_remote_lookup
- Kbuild: suppress packed-not-aligned warning for default setting only
- exec: avoid gcc-8 warning for get_task_comm
- disable stringop truncation warnings for now
- kobject: Replace strncpy with memcpy
- unifdef: use memcpy instead of strncpy
- kernfs: Replace strncpy with memcpy
- ip_tunnel: Fix name string concatenate in __ip_tunnel_create()
- drm: gma500: fix logic error
- scsi: bfa: convert to strlcpy/strlcat
- staging: rts5208: fix gcc-8 logic error warning
- kdb: use memmove instead of overlapping memcpy
- iser: set sector for ambiguous mr status errors
- uprobes: Fix handle_swbp() vs. unregister() + register() race once more
- MIPS: ralink: Fix mt7620 nd_sd pinmux
- mips: fix mips_get_syscall_arg o32 check
- drm/ast: Fix incorrect free on ioregs
- scsi: scsi_devinfo: cleanly zero-pad devinfo strings
- ALSA: trident: Suppress gcc string warning
- scsi: csiostor: Avoid content leaks and casts
- kgdboc: Fix restrict error
- kgdboc: Fix warning with module build
- leds: call led_pwm_set() in leds-pwm to enforce default LED_OFF
- leds: turn off the LED and wait for completion on unregistering LED class
device
- leds: leds-gpio: Fix return value check in create_gpio_led()
- Input: xpad - quirk all PDP Xbox One gamepads
- Input: matrix_keypad - check for errors from of_get_named_gpio()
- Input: elan_i2c - add ELAN0620 to the ACPI table
- Input: elan_i2c - add ACPI ID for Lenovo IdeaPad 330-15ARR
- Input: elan_i2c - add support for ELAN0621 touchpad
- btrfs: Always try all copies when reading extent buffers
- Btrfs: fix use-after-free when dumping free space
- ARC: change defconfig defaults to ARCv2
- arc: [devboards] Add support of NFSv3 ACL
- mm: cleancache: fix corruption on missed inode invalidation
- usb: gadget: dummy: fix nonsensical comparisons
- iommu/vt-d: Fix NULL pointer dereference in prq_event_thread()
- iommu/ipmmu-vmsa: Fix crash on early domain free
- can: rcar_can: Fix erroneous registration
- batman-adv: Expand merged fragment buffer for full packet
- bnx2x: Assign unique DMAE channel number for FW DMAE transactions.
- qed: Fix PTT leak in qed_drain()
- qed: Fix reading wrong value in loop condition
- net/mlx4_core: Zero out lkey field in SW2HW_MPT fw command
- net/mlx4_core: Fix uninitialized variable compilation warning
- net/mlx4: Fix UBSAN warning of signed integer overflow
- net: faraday: ftmac100: remove netif_running(netdev) check before disabling
interrupts
- iommu/vt-d: Use memunmap to free memremap
- net: amd: add missing of_node_put()
- usb: quirk: add no-LPM quirk on SanDisk Ultra Flair device
- usb: appledisplay: Add 27" Apple Cinema Display
- USB: check usb_get_extra_descriptor for proper size
- ALSA: usb-audio: Fix UAF decrement if card has no live interfaces in card.c
- ALSA: hda: Add support for AMD Stoney Ridge
- ALSA: pcm: Fix starvation on down_write_nonblock()
- ALSA: pcm: Call snd_pcm_unlink() conditionally at closing
- ALSA: pcm: Fix interval evaluation with openmin/max
- virtio/s390: avoid race on vcdev->config
- virtio/s3
|
1810947 |
Xenial update: 4.4.164 upstream stable release |
1786013 |
Packaging resync |
1811094 |
iptables connlimit allows more connections than the limit when using multiple CPUs |
1811077 |
Xenial update: 4.4.167 upstream stable release |
1809699 |
cpu-hotplug test in ubuntu_kernel_selftest always return 0 on Xenial |
1810328 |
iommu - need to effectively disable iommu if \ |
1791758 |
ldisc crash on reopened tty |
1810967 |
Xenial update: 4.4.166 upstream stable release |
1810958 |
Xenial update: 4.4.165 upstream stable release |
1810807 |
Xenial update: 4.4.163 upstream stable release |
1807393 |
nvme - Polling on timeout |
1802421 |
Xenial: data corruption when using i40e with iommu |
1806818 |
Fix Intel I210 doesn't work when ethernet cable gets plugged |
CVE-2017-5715 |
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an at |
CVE-2018-19407 |
The vcpu_scan_ioapic function in arch/x86/kvm/x86.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer |
CVE-2000-1134 |
Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka |
CVE-2007-3852 |
The init script (sysstat.in) in sysstat 5.1.2 up to 7.1.6 creates /tmp/sysstat.run insecurely, which allows local users to execute arbitrary code. |
CVE-2008-0525 |
PatchLink Update client for Unix, as used by Novell ZENworks Patch Management Update Agent for Linux/Unix/Mac (LUM) 6.2094 through 6.4102 and other p |
CVE-2009-0416 |
The SSL certificate setup program (genSslCert.sh) in Standards Based Linux Instrumentation for Manageability (SBLIM) sblim-sfcb 1.3.2 allows local us |
CVE-2011-4834 |
The GetInstalledPackages function in the configuration tool in HP Application Lifestyle Management (ALM) 11 on AIX, HP-UX, and Solaris allows local u |
CVE-2015-1838 |
modules/serverdensity_device.py in SaltStack before 2014.7.4 does not properly handle files in /tmp. |
CVE-2015-7442 |
consoleinst.sh in IBM Installation Manager before 1.7.4.4 and 1.8.x before 1.8.4 and Packaging Utility before 1.7.4.4 and 1.8.x before 1.8.4 allows l |
CVE-2016-7489 |
Teradata Virtual Machine Community Edition v15.10's perl script /opt/teradata/gsctools/bin/t2a.pl creates files in /tmp in an insecure manner, this m |
|
About
-
Send Feedback to @ubuntu_updates