UbuntuUpdates.org

Package "linux-lts-zesty"

This package belongs to a PPA: Canonical Kernel Team




Name: linux-lts-zesty

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

Latest version: *DELETED*
Release: xenial (16.04)
Level: base
Repository: main

Links

Save this URL for the latest version of "linux-lts-zesty": https://www.ubuntuupdates.org/linux-lts-zesty



Other versions of "linux-lts-zesty" in Xenial

No other version of this package is available in the Xenial release.

Changelog

Version: *DELETED* 2017-03-02 16:09:05 UTC
No changelog for deleted or moved packages.

Version: 4.10.0-9.11~16.04.1 2017-02-20 18:09:20 UTC

 linux-lts-zesty (4.10.0-9.11~16.04.1) xenial; urgency=low
 .
   [ Tim Gardner ]
 .
   * Release Tracking Bug
     - LP: #1666214
 .
   * linux: disable CONFIG_PCIEPORTBUS in the kernel (LP: #1665404)
     - [Config] CONFIG_PCIEPORTBUS=n for ppc64el
 .
   * linux-lts-xenial 4.4.0-63.84~14.04.2 ADT test failure with linux-lts-xenial
     4.4.0-63.84~14.04.2 (LP: #1664912)
     - SAUCE: apparmor: fix link auditing failure due to, uninitialized var
 .
   * Ubuntu 17.04: "Oops: Exception in kernel mode, sig: 5 [#1]" seen during
     fadump over ssh on Alpine machine. (LP: #1655241)
     - SAUCE: powerpc/fadump: set an upper limit for boot memory size
 .
   * In Ubuntu 17.04 : after reboot getting message in console like Unable to
     open file: /etc/keys/x509_ima.der (-2) (LP: #1656908)
     - SAUCE: ima: Downgrade error to warning
 .
   * NFS client : permission denied when trying to access subshare, since kernel
     4.4.0-31 (LP: #1649292)
     - fs: Better permission checking for submounts
 .
   * Miscellaneous Ubuntu changes
     - SAUCE: (noup) Update spl to 0.6.5.9-1, zfs to 0.6.5.9-2
     - [Config] CONFIG_SCSI_HISI_SAS=m on arm64
     - d-i: Add hisi_sas_v2_hw to scsi-modules
     - d-i: Add hns_enet_drv to nic-modules
     - d-i: Add supporting modules for hns_enet_drv to nic-modules
     - rebase to v4.10
 .
   [ Upstream Kernel Changes ]
 .
   * rebase to v4.10

Source diff to previous version
1665404 linux: disable CONFIG_PCIEPORTBUS in the kernel
1655241 Ubuntu 17.04: \
1656908 In Ubuntu 17.04 : after reboot getting message in console like Unable to open file: /etc/keys/x509_ima.der (-2)
1649292 NFS client : permission denied when trying to access subshare, since kernel 4.4.0-31

Version: 4.10.0-8.10~16.04.1 2017-02-13 22:08:16 UTC

 linux-lts-zesty (4.10.0-8.10~16.04.1) xenial; urgency=low
 .
   [ Tim Gardner ]
 .
   * Release Tracking Bug
     - LP: #1664217
 .
   * [Hyper-V] Bug fixes for storvsc (tagged queuing, error conditions)
     (LP: #1663687)
     - scsi: storvsc: Enable tracking of queue depth
     - scsi: storvsc: Remove the restriction on max segment size
     - scsi: storvsc: Enable multi-queue support
     - scsi: storvsc: use tagged SRB requests if supported by the device
     - scsi: storvsc: properly handle SRB_ERROR when sense message is present
     - scsi: storvsc: properly set residual data length on errors
 .
   * Ubuntu16.10-KVM:Big configuration with multiple guests running SRIOV VFs
     caused KVM host hung and all KVM guests down. (LP: #1651248)
     - KVM: PPC: Book 3S: XICS cleanup: remove XICS_RM_REJECT
     - KVM: PPC: Book 3S: XICS: correct the real mode ICP rejecting counter
     - KVM: PPC: Book 3S: XICS: Fix potential issue with duplicate IRQ resends
     - KVM: PPC: Book 3S: XICS: Implement ICS P/Q states
     - KVM: PPC: Book 3S: XICS: Don't lock twice when checking for resend
 .
   * overlay: mkdir fails if directory exists in lowerdir in a user namespace
     (LP: #1531747)
     - SAUCE: overlayfs: Skip permission checking for trusted.overlayfs.* xattrs
 .
   * CVE-2016-1575 (LP: #1534961)
     - SAUCE: overlayfs: Skip permission checking for trusted.overlayfs.* xattrs
 .
   * CVE-2016-1576 (LP: #1535150)
     - SAUCE: overlayfs: Skip permission checking for trusted.overlayfs.* xattrs
 .
   * Miscellaneous Ubuntu changes
     - SAUCE: md/raid6 algorithms: scale test duration for speedier boots
     - SAUCE: Import aufs driver
     - d-i: Build message-modules udeb for arm64
     - rebase to v4.10-rc8
 .
   * Miscellaneous upstream changes
     - Revert "UBUNTU: SAUCE: aufs -- remove .readlink assignment"
     - Revert "UBUNTU: SAUCE: (no-up) aufs: for v4.9-rc1, support setattr_prepare()"
     - Revert "UBUNTU: SAUCE: aufs -- Add flags argument to aufs_rename()"
     - Revert "UBUNTU: SAUCE: aufs -- Convert to use xattr handlers"
     - Revert "UBUNTU: SAUCE: Import aufs driver"
 .
   [ Upstream Kernel Changes ]
 .
   * rebase to v4.10-rc8

Source diff to previous version
1663687 [Hyper-V] Bug fixes for storvsc (tagged queuing, error conditions)
1651248 Ubuntu16.10-KVM:Big configuration with multiple guests running SRIOV VFs caused KVM host hung and all KVM guests down.
1531747 overlay: mkdir fails if directory exists in lowerdir in a user namespace
1534961 insecure overlayfs xattrs handling in copy_up
CVE-2016-1575 RESERVED
CVE-2016-1576 RESERVED

Version: 4.10.0-7.9~16.04.1 2017-02-07 00:08:29 UTC

 linux-lts-zesty (4.10.0-7.9~16.04.1) xenial; urgency=low
 .
   [ Tim Gardner ]
 .
   * Release Tracking Bug
     - LP: #1662201
 .
   * AMDGPU support for CIK parts in kernel config? (LP: #1661887)
     - [Config] CONFIG_DRM_AMDGPU_CIK=y
 .
   * regession tests failing after stackprofile test is run (LP: #1661030)
     - fix regression with domain change in complain mode
 .
   * Permission denied and inconsistent behavior in complain mode with 'ip netns
     list' command (LP: #1648903)
     - fix regression with domain change in complain mode
 .
   * flock not mediated by 'k' (LP: #1658219)
     - SAUCE: apparmor: flock mediation is not being enforced on cache check
 .
   * unexpected errno=13 and disconnected path when trying to open /proc/1/ns/mnt
     from a unshared mount namespace (LP: #1656121)
     - SAUCE: apparmor: null profiles should inherit parent control flags
 .
   * apparmor refcount leak of profile namespace when removing profiles
     (LP: #1660849)
     - SAUCE: apparmor: fix ns ref count link when removing profiles from policy
 .
   * tor in lxd: apparmor="DENIED" operation="change_onexec"
     namespace="root//CONTAINERNAME_" profile="unconfined"
     name="system_tor" (LP: #1648143)
     - SAUCE: apparmor: Fix no_new_privs blocking change_onexec when using stacked
       namespaces
 .
   * apparmor_parser hangs indefinitely when called by multiple threads
     (LP: #1645037)
     - SAUCE: apparmor: fix lock ordering for mkdir
 .
   * apparmor leaking securityfs pin count (LP: #1660846)
     - SAUCE: apparmor: fix leak on securityfs pin count
 .
   * apparmor reference count leak when securityfs_setup_d_inode\ () fails
     (LP: #1660845)
     - SAUCE: apparmor: fix reference count leak when securityfs_setup_d_inode()
       fails
 .
   * apparmor not checking error if security_pin_fs() fails (LP: #1660842)
     - SAUCE: apparmor: fix not handling error case when securityfs_pin_fs() fails
 .
   * apparmor oops in bind_mnt when dev_path lookup fails (LP: #1660840)
     - SAUCE: apparmor: fix oops in bind_mnt when dev_path lookup fails
 .
   * apparmor auditing denied access of special apparmor .null fi\ le
     (LP: #1660836)
     - SAUCE: apparmor: Don't audit denied access of special apparmor .null file
 .
   * apparmor label leak when new label is unused (LP: #1660834)
     - SAUCE: apparmor: fix label leak when new label is unused
 .
   * apparmor reference count bug in label_merge_insert() (LP: #1660833)
     - SAUCE: apparmor: fix reference count bug in label_merge_insert()
 .
   * apparmor's raw_data file in securityfs is sometimes truncated (LP: #1638996)
     - SAUCE: apparmor: fix replacement race in reading rawdata
 .
   * unix domain socket cross permission check failing with nested namespaces
     (LP: #1660832)
     - SAUCE: apparmor: fix cross ns perm of unix domain sockets
 .
   * Regression tests can not detect binfmt_elf mmpa semantic change
     (LP: #1630069)
     - SAUCE: apparmor: add flag to detect semantic change, to binfmt_elf mmap
 .
   * Support snaps inside of lxd containers (LP: #1611078)
     - apparmor: add interface to be able to grab loaded policy
     - apparmor: refactor aa_prepare_ns into prepare_ns and create_ns routines
     - apparmor: add __aa_find_ns fn
     - apparmor: add mkdir/rmdir interface to manage policy namespaces
     - apparmor: fix oops in pivot_root mediation
     - apparmor: fix warning that fn build_pivotroot discards const
     - apparmor: add interface to advertise status of current task stacking
     - apparmor: update policy permissions to consider ns being viewed/managed
     - apparmor: add per ns policy management interface
     - apparmor: bump domain stacking version to 1.2
 .
   * change_hat is logging failures during expected hat probing (LP: #1615893)
     - SAUCE: apparmor: Fix auditing behavior for change_hat probing
 .
   * deleted files outside of the namespace are not being treated as disconnected
     (LP: #1615892)
     - SAUCE: apparmor: deleted dentries can be disconnected
 .
   * stacking to unconfined in a child namespace confuses mediation
     (LP: #1615890)
     - SAUCE: apparmor: special case unconfined when determining the mode
 .
   * apparmor module parameters can be changed after the policy is locked
     (LP: #1615895)
     - SAUCE: apparmor: fix: parameters can be changed after policy is locked
 .
   * AppArmor profile reloading causes an intermittent kernel BUG (LP: #1579135)
     - SAUCE: apparmor: fix vec_unique for vectors larger than 8
 .
   * label vec reductions can result in reference labels instead of direct access
     to labels (LP: #1615889)
     - SAUCE: apparmor: reduction of vec to single entry is just that entry
 .
   * profiles from different namespaces can block other namespaces from being
     able to load a profile (LP: #1615887)
     - SAUCE: apparmor: profiles in one ns can affect mediation in another ns
 .
   * The label build for onexec when stacking is wrong (LP: #1615881)
     - SAUCE: apparmor: Fix label build for onexec stacking.
 .
   * The inherit check for new to old label comparison for domain transitions is
     wrong (LP: #1615880)
     - SAUCE: apparmor: Fix new to old label comparison for domain transitions
 .
   * warning stack trace while playing with apparmor namespaces (LP: #1593874)
     - SAUCE: apparmor: fix stack trace when removing namespace with profiles
 .
   * __label_update proxy comparison test is wrong (LP: #1615878)
     - SAUCE: apparmor: Fix __label_update proxy comparison test
 .
   * reading /sys/kernel/security/apparmor/profiles requires CAP_MAC_ADMIN
     (LP: #1560583)
     - SAUCE: apparmor: Allow ns_root processes to open profiles file
     - SAUCE: apparmor: Consult sysctl when reading profiles in a user ns
 .
   * policy namespace stacking (LP: #1379535)
     - SAUCE: (no-up) apparmor: rebase of apparmor3.5-beta1 snapshot for 4.8
     - SAUCE: add a sysctl to enable unprivileged user ns AppArmor policy loading
 .
   

Source diff to previous version
1661887 AMDGPU support for CIK parts in kernel config?
1661030 regession tests failing after stackprofile test is run
1648903 Permission denied and inconsistent behavior in complain mode with 'ip netns list' command
1658219 flock not mediated by 'k'
1656121 unexpected errno=13 and disconnected path when trying to open /proc/1/ns/mnt from a unshared mount namespace
1660849 apparmor refcount leak of profile namespace when removing profiles
1648143 tor in lxd: apparmor=\
1645037 apparmor_parser hangs indefinitely when called by multiple threads
1660846 apparmor leaking securityfs pin count
1660845 apparmor reference count leak when securityfs_setup_d_inode\\ () fails
1660842 apparmor not checking error if security_pin_fs() fails
1660840 apparmor oops in bind_mnt when dev_path lookup fails
1660836 apparmor auditing denied access of special apparmor .null fi\\ le
1660834 apparmor label leak when new label is unused
1660833 apparmor reference count bug in label_merge_insert()
1638996 apparmor's raw_data file in securityfs is sometimes truncated
1660832 unix domain socket cross permission check failing with nested namespaces
1630069 Regression tests can not detect binfmt_elf mmpa semantic change
1611078 Support snaps inside of lxd containers
1615893 change_hat is logging failures during expected hat probing
1615892 deleted files outside of the namespace are not being treated as disconnected
1615890 stacking to unconfined in a child namespace confuses mediation
1615895 apparmor module parameters can be changed after the policy is locked
1579135 AppArmor profile reloading causes an intermittent kernel BUG
1615889 label vec reductions can result in reference labels instead of direct access to labels
1615887 profiles from different namespaces can block other namespaces from being able to load a profile
1615881 The label build for onexec when stacking is wrong
1615880 The inherit check for new to old label comparison for domain transitions is wrong
1593874 warning stack trace while playing with apparmor namespaces
1615878 __label_update proxy comparison test is wrong
1560583 reading /sys/kernel/security/apparmor/profiles requires CAP_MAC_ADMIN
1379535 policy namespace stacking
1593293 brd module compiled as built-in

Version: 4.9.0-16.17~16.04.1 2017-02-02 04:08:03 UTC

 linux-lts-zesty (4.9.0-16.17~16.04.1) xenial; urgency=low
 .
   [ Tim Gardner ]
 .
   * Release Tracking Bug
     - LP: #1660738
 .
   * Zesty update to v4.9.6 stable release (LP: #1660732)
     - IB/core: Release allocated memory in cache setup failure
     - IB/rxe: Increase max number of completions to 32k
     - IB/rxe: avoid putting a large struct rxe_qp on stack
     - IB/mlx5: Avoid system crash when enabling many VFs
     - IB/mlx5: Fix reported max SGE calculation
     - IB/mlx5: Assign SRQ type earlier
     - IB/mlx5: Wait for all async command completions to complete
     - IB/mlx4: Set traffic class in AH
     - IB/mlx4: Fix out-of-range array index in destroy qp flow
     - IB/mlx4: Handle well-known-gid in mad_demux processing
     - IB/mlx4: Fix port query for 56Gb Ethernet links
     - IB/mlx4: When no DMFS for IPoIB, don't allow NET_IF QPs
     - IB/mlx4: Check if GRH is available before using it
     - IB/IPoIB: Remove can't use GFP_NOIO warning
     - perf trace: Use the syscall raw_syscalls:sys_enter timestamp
     - perf mem: Fix --all-user/--all-kernel options
     - perf trace: Check if MAP_32BIT is defined (again)
     - perf diff: Do not overwrite valid build id
     - perf callchain: Fixup help/config for no-unwinding
     - perf scripting: Avoid leaking the scripting_context variable
     - perf jit: Enable jitdump support without dwarf
     - ARM: dts: bcm283x: fix typo in mailbox address
     - ARM: dts: r8a7794: Use SYSC "always-on" PM Domain for sound
     - ARM: dts: r8a7794: remove Z clock
     - ARM: dts: imx6q-cm-fx6: fix fec pinctrl
     - ARM: dts: imx31: fix clock control module interrupts description
     - ARM: dts: imx31: move CCM device node to AIPS2 bus devices
     - ARM: dts: imx31: fix AVIC base address
     - ARM: dts: omap3: Add DTS for Logic PD SOM-LV 37xx Dev Kit
     - tmpfs: clear S_ISGID when setting posix ACLs
     - x86/PCI: Ignore _CRS on Supermicro X8DTH-i/6/iF/6F
     - rcu: Remove cond_resched() from Tiny synchronize_sched()
     - rcu: Narrow early boot window of illegal synchronous grace periods
     - sunrpc: don't call sleeping functions from the notifier block callbacks
     - svcrpc: don't leak contexts on PROC_DESTROY
     - libnvdimm, namespace: fix pmem namespace leak, delete when size set to zero
     - ARC: module: Fix !CONFIG_ARC_DW2_UNWIND builds
     - fuse: clear FR_PENDING flag when moving requests out of pending queue
     - fuse: fix time_to_jiffies nsec sanity check
     - PCI: designware: Check for iATU unroll only on platforms that use ATU
     - PCI: Enumerate switches below PCI-to-PCIe bridges
     - HID: corsair: fix DMA buffers on stack
     - HID: corsair: fix control-transfer error handling
     - mmc: sdhci-acpi: Only powered up enabled acpi child devices
     - mmc: mxs-mmc: Fix additional cycles after transmission stop
     - ieee802154: atusb: do not use the stack for buffers to make them DMA able
     - mtd: nand: lpc32xx: fix invalid error handling of a requested irq
     - mtd: nand: xway: disable module support
     - mtd: nand: xway: fix build because of module functions
     - KVM: s390: do not expose random data via facility bitmap
     - KVM: arm/arm64: vgic: Fix deadlock on error handling
     - powerpc/icp-opal: Fix missing KVM case and harden replay
     - powerpc/perf: Fix PM_BRU_CMPL event code for power9
     - powerpc/ptrace: Preserve previous fprs/vsrs on short regset write
     - powerpc/ptrace: Preserve previous TM fprs/vsrs on short regset write
     - powerpc: Ignore reserved field in DCSR and PVR reads and writes
     - x86/ioapic: Restore IO-APIC irq_chip retrigger callback
     - qla2xxx: Fix crash due to null pointer access
     - mac80211: implement multicast forwarding on fast-RX path
     - ubifs: Fix journal replay wrt. xattr nodes
     - clocksource/exynos_mct: Clear interrupt when cpu is shut down
     - svcrdma: avoid duplicate dma unmapping during error recovery
     - ARM: 8634/1: hw_breakpoint: blacklist Scorpion CPUs
     - ceph: fix bad endianness handling in parse_reply_info_extra
     - ARM: dts: OMAP5 / DRA7: indicate that SATA port 0 is available.
     - ARM: dts: da850-evm: fix read access to SPI flash
     - arm64: avoid returning from bad_mode
     - arm64/ptrace: Preserve previous registers for short regset write
     - arm64/ptrace: Preserve previous registers for short regset write - 2
     - arm64/ptrace: Preserve previous registers for short regset write - 3
     - arm64/ptrace: Avoid uninitialised struct padding in fpr_set()
     - arm64/ptrace: Reject attempts to set incomplete hardware breakpoint fields
     - Input: ALPS - fix TrackStick support for SS5 hardware
     - libceph: ceph_x_encrypt_buflen() takes in_len
     - libceph: old_key in process_one_ticket() is redundant
     - libceph: introduce ceph_x_encrypt_offset()
     - libceph: introduce ceph_crypt() for in-place en/decryption
     - libceph: rename and align ceph_x_authorizer::reply_buf
     - libceph: tweak calcu_signature() a little
     - libceph: switch ceph_x_encrypt() to ceph_crypt()
     - libceph: switch ceph_x_decrypt() to ceph_crypt()
     - libceph: remove now unused ceph_*{en,de}crypt*() functions
     - ARM: dts: dra7: Add an empty chosen node to top level DTSI
     - ARM: dts: dm816x: Add an empty chosen node to top level DTSI
     - ARM: dts: dm814x: Add an empty chosen node to top level DTSI
     - ARM: dts: am33xx: Add an empty chosen node to top level DTSI
     - ARM: dts: omap4: Add an empty chosen node to top level DTSI
     - ARM: dts: omap5: Add an empty chosen node to top level DTSI
     - ARM: dts: am4372: Add an empty chosen node to top level DTSI
     - ARM: dts: omap3: Add an empty chosen node to top level DTSI
     - ARM: dts: omap2: Add an empty chosen node to top level DTSI
     - ARM: dts: imx6qdl-nitrogen6_max: fix sgtl5000 pinctrl init
     - ARM: dts: omap3: Fix Card Detect and Write Protect on Logic PD SOM-LV
     - ARM: ux500: fix prcmu_is_cpu_in_wfi

1660732 Zesty update to v4.9.6 stable release



About   -   Send Feedback to @ubuntu_updates