UbuntuUpdates.org

Package "linux-aws-edge"

Name: linux-aws-edge

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Header files related to Linux kernel version 4.18.0
  • Header files related to Linux kernel version 4.18.0
  • Header files related to Linux kernel version 4.18.0
  • Header files related to Linux kernel version 4.18.0

Latest version: 4.18.0-1020.24~18.04.1
Release: bionic (18.04)
Level: updates
Repository: universe

Links

Save this URL for the latest version of "linux-aws-edge": https://www.ubuntuupdates.org/linux-aws-edge



Other versions of "linux-aws-edge" in Bionic

Repository Area Version
security universe 4.18.0-1020.24~18.04.1
proposed universe 5.0.0-1011.12~18.04.2
PPA: Canonical Kernel Team 5.0.0-1011.12~18.04.2

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 4.18.0-1020.24~18.04.1 2019-06-28 11:06:59 UTC

  linux-aws-edge (4.18.0-1020.24~18.04.1) bionic; urgency=medium

  * linux-aws-edge: 4.18.0-1020.24~18.04.1 -proposed tracker (LP: #1833939)

  [ Ubuntu: 4.18.0-1020.24 ]

  * linux-aws: 4.18.0-1020.24 -proposed tracker (LP: #1833940)
  * linux: 4.18.0-25.26 -proposed tracker (LP: #1833952)
  * CVE-2019-11479
    - SAUCE: tcp: add tcp_min_snd_mss sysctl
    - SAUCE: tcp: enforce tcp_min_snd_mss in tcp_mtu_probing()
  * Remote denial of service (resource exhaustion) caused by TCP SACK scoreboard
    manipulation (LP: #1831638) // CVE-2019-11478
    - tcp: refine memory limit test in tcp_fragment()
  * CVE-2019-12817
    - SAUCE: powerpc/mm/64s/hash: Reallocate context ids on fork

 -- Stefan Bader <email address hidden> Thu, 27 Jun 2019 11:09:01 +0200

Source diff to previous version
1831638 Remote denial of service (resource exhaustion) caused by TCP SACK scoreboard manipulation
CVE-2019-11479 Jonathan Looney discovered that the Linux kernel default MSS is hard-c ...
CVE-2019-11478 Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling cer
CVE-2019-12817 RESERVED

Version: 4.18.0-1018.20~18.04.1 2019-06-17 21:07:14 UTC

  linux-aws-edge (4.18.0-1018.20~18.04.1) bionic; urgency=medium

  [ Ubuntu: 4.18.0-1018.20 ]

  * Remote denial of service (resource exhaustion) caused by TCP SACK scoreboard
    manipulation (LP: #1831638)
    - SAUCE: tcp: tcp_fragment() should apply sane memory limits
  * Remote denial of service (system crash) caused by integer overflow in TCP
    SACK handling (LP: #1831637)
    - SAUCE: tcp: limit payload size of sacked skbs

 -- Stefan Bader <email address hidden> Wed, 05 Jun 2019 16:49:54 +0200

Source diff to previous version
1831638 Remote denial of service (resource exhaustion) caused by TCP SACK scoreboard manipulation
1831637 Remote denial of service (system crash) caused by integer overflow in TCP SACK handling

Version: 4.18.0-1017.19~18.04.1 2019-06-04 15:07:12 UTC

  linux-aws-edge (4.18.0-1017.19~18.04.1) bionic; urgency=medium

  * linux-aws-edge: 4.18.0-1017.19~18.04.1 -proposed tracker (LP: #1829176)

  [ Ubuntu: 4.18.0-1017.19 ]

  * linux-aws: 4.18.0-1017.19 -proposed tracker (LP: #1829177)
  * linux: 4.18.0-21.22 -proposed tracker (LP: #1829186)
  * disable a.out support (LP: #1818552)
    - [Config] Turn off a.out support
  * ftrace in ubuntu_kernel_selftests hang with Cosmic kernel (LP: #1826385)
    - kprobes/x86: Fix instruction patching corruption when copying more than one
      RIP-relative instruction
  * touchpad not working on lenovo yoga 530 (LP: #1787775)
    - Revert "UBUNTU: SAUCE: i2c:amd Depends on ACPI"
    - Revert "UBUNTU: SAUCE: i2c:amd move out pointer in union i2c_event_base"
    - Revert "UBUNTU: SAUCE: i2c:amd I2C Driver based on PCI Interface for
      upcoming platform"
    - i2c: add extra check to safe DMA buffer helper
    - i2c: Add drivers for the AMD PCIe MP2 I2C controller
    - [Config] Update config for AMD MP2 I2C driver
    - [Config] Update I2C_AMD_MP2 annotations
  * Geneve tunnels don't work when ipv6 is disabled (LP: #1794232)
    - geneve: correctly handle ipv6.disable module parameter
  * There are 4 HDMI/Displayport audio output listed in sound setting without
    attach any HDMI/DP monitor (LP: #1827967)
    - ALSA: hda/hdmi - Read the pin sense from register when repolling
    - ALSA: hda/hdmi - Consider eld_valid when reporting jack event
  * Headphone jack switch sense is inverted: plugging in headphones disables
    headphone output (LP: #1824259)
    - ASoC: rt5645: Headphone Jack sense inverts on the LattePanda board
  * CTAUTO:DevOps:860.50:devops4fp1:Error occurred during LINUX Dmesg error
    Checking for all LINUX clients for devops4p10 (LP: #1766201)
    - SAUCE: integrity: downgrade error to warning
  * potential memory corruption on arm64 on dev release (LP: #1827437)
    - driver core: Postpone DMA tear-down until after devres release
  * powerpc/pmu/ebb test in ubuntu_kernel_selftest failed with "error while
    loading shared libraries" on Bionic/Cosmic PowerPC (LP: #1812805)
    - selftests/powerpc/pmu: Link ebb tests with -no-pie
  * unnecessary request_queue freeze (LP: #1815733)
    - block: avoid setting nr_requests to current value
    - block: avoid setting none scheduler if it's already none
  * Kprobe event string type argument failed in ftrace from
    ubuntu_kernel_selftests on B/C i386 (LP: #1825780)
    - selftests/ftrace: Fix kprobe string testcase to not probe notrace function
  * False positive test result in run_netsocktests from net in
    ubuntu_kernel_selftest (LP: #1825777)
    - selftests/net: correct the return value for run_netsocktests

 -- Wen-chien Jesse Sung <email address hidden> Mon, 20 May 2019 17:26:35 +0800

Source diff to previous version
1818552 disable a.out support
1826385 ftrace in ubuntu_kernel_selftests hang with Cosmic kernel
1787775 touchpad not working on lenovo yoga 530
1794232 Geneve tunnels don't work when ipv6 is disabled
1827967 There are 4 HDMI/Displayport audio output listed in sound setting without attach any HDMI/DP monitor
1824259 Headphone jack switch sense is inverted: plugging in headphones disables headphone output
1766201 CTAUTO:DevOps:860.50:devops4fp1:Error occurred during LINUX Dmesg error Checking for all LINUX clients for devops4p10
1827437 potential memory corruption on arm64 on dev release
1812805 powerpc/pmu/ebb test in ubuntu_kernel_selftest failed with \
1815733 unnecessary request_queue freeze
1825780 Kprobe event string type argument failed in ftrace from ubuntu_kernel_selftests on B/C i386
1825777 False positive test result in run_netsocktests from net in ubuntu_kernel_selftest

Version: 4.18.0-1016.18~18.04.1 2019-05-15 03:06:30 UTC

  linux-aws-edge (4.18.0-1016.18~18.04.1) bionic; urgency=medium

  [ Ubuntu: 4.18.0-1016.18 ]

  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log
  * CVE-2018-12126 // CVE-2018-12127 // CVE-2018-12130
    - Documentation/l1tf: Fix small spelling typo
    - x86/cpu: Sanitize FAM6_ATOM naming
    - kvm: x86: Report STIBP on GET_SUPPORTED_CPUID
    - locking/atomics, asm-generic: Move some macros from <linux/bitops.h> to a
      new <linux/bits.h> file
    - tools include: Adopt linux/bits.h
    - x86/msr-index: Cleanup bit defines
    - x86/speculation: Consolidate CPU whitelists
    - x86/speculation/mds: Add basic bug infrastructure for MDS
    - x86/speculation/mds: Add BUG_MSBDS_ONLY
    - x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests
    - x86/speculation/mds: Add mds_clear_cpu_buffers()
    - x86/speculation/mds: Clear CPU buffers on exit to user
    - x86/kvm/vmx: Add MDS protection when L1D Flush is not active
    - x86/speculation/mds: Conditionally clear CPU buffers on idle entry
    - x86/speculation/mds: Add mitigation control for MDS
    - x86/speculation/mds: Add sysfs reporting for MDS
    - x86/speculation/mds: Add mitigation mode VMWERV
    - Documentation: Move L1TF to separate directory
    - Documentation: Add MDS vulnerability documentation
    - x86/speculation/mds: Add mds=full,nosmt cmdline option
    - x86/speculation: Move arch_smt_update() call to after mitigation decisions
    - x86/speculation/mds: Add SMT warning message
    - x86/speculation/mds: Fix comment
    - x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off
    - x86/speculation/mds: Add 'mitigations=' support for MDS
  * CVE-2017-5715 // CVE-2017-5753
    - s390/speculation: Support 'mitigations=' cmdline option
  * CVE-2017-5715 // CVE-2017-5753 // CVE-2017-5754 // CVE-2018-3639
    - powerpc/speculation: Support 'mitigations=' cmdline option
  * CVE-2017-5715 // CVE-2017-5754 // CVE-2018-3620 // CVE-2018-3639 //
    CVE-2018-3646
    - cpu/speculation: Add 'mitigations=' cmdline option
    - x86/speculation: Support 'mitigations=' cmdline option
  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log

Source diff to previous version
1786013 Packaging resync
CVE-2018-12126 MSBDS Microarchitectural Store Buffer Data Sampling
CVE-2018-12127 MLPDS Microarchitectural Load Port Data Sampling
CVE-2018-12130 MFBDS Microarchitectural Fill Buffer Data Sampling
CVE-2017-5715 Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an at
CVE-2017-5753 Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker wi
CVE-2017-5754 Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an at
CVE-2018-3639 Speculative Store Bypass
CVE-2018-3620 L1 Terminal Fault-OS/SMM Foreshadow-NG
CVE-2018-3646 L1 Terminal Fault-VMM

Version: 4.18.0-1013.15~18.04.1 2019-04-24 09:06:27 UTC

  linux-aws-edge (4.18.0-1013.15~18.04.1) bionic; urgency=medium

  * linux-aws-edge: 4.18.0-1013.15~18.04.1 -proposed tracker (LP: #1822787)

  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log

  [ Ubuntu: 4.18.0-1013.15 ]

  * linux-aws: 4.18.0-1013.15 -proposed tracker (LP: #1822788)
  * linux: 4.18.0-18.19 -proposed tracker (LP: #1822796)
  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts
    - [Packaging] resync retpoline extraction
  * 3b080b2564287be91605bfd1d5ee985696e61d3c in ubuntu_btrfs_kernel_fixes
    triggers system hang on i386 (LP: #1812845)
    - btrfs: raid56: properly unmap parity page in finish_parity_scrub()
  * [SRU][B/C/OEM]IOMMU: add kernel dma protection (LP: #1820153)
    - ACPI / property: Allow multiple property compatible _DSD entries
    - PCI / ACPI: Identify untrusted PCI devices
    - iommu/vt-d: Force IOMMU on for platform opt in hint
    - iommu/vt-d: Do not enable ATS for untrusted devices
    - thunderbolt: Export IOMMU based DMA protection support to userspace
    - iommu/vt-d: Disable ATS support on untrusted devices
  * Huawei Hi1822 NIC has poor performance (LP: #1820187)
    - net-next: hinic: fix a problem in free_tx_poll()
    - hinic: remove ndo_poll_controller
    - net-next/hinic: add checksum offload and TSO support
    - hinic: Fix l4_type parameter in hinic_task_set_tunnel_l4
    - net-next/hinic:replace multiply and division operators
    - net-next/hinic:add rx checksum offload for HiNIC
    - net-next/hinic:fix a bug in set mac address
    - net-next/hinic: fix a bug in rx data flow
    - net: hinic: fix null pointer dereference on pointer hwdev
    - hinic: optmize rx refill buffer mechanism
    - net-next/hinic:add shutdown callback
    - net-next/hinic: replace disable_irq_nosync/enable_irq
  * [CONFIG] please enable highdpi font FONT_TER16x32 (LP: #1819881)
    - Fonts: New Terminus large console font
    - [Config]: enable highdpi Terminus 16x32 font support
  * [19.04 FEAT] qeth: Enhanced link speed - kernel part (LP: #1814892)
    - s390/qeth: report 25Gbit link speed
  * Avoid potential memory corruption on HiSilicon SoCs (LP: #1819546)
    - iommu/arm-smmu-v3: Avoid memory corruption from Hisilicon MSI payloads
  * CVE-2017-5715
    - x86/speculation: Apply IBPB more strictly to avoid cross-process data leak
    - x86/speculation: Propagate information about RSB filling mitigation to sysfs
    - x86/speculation: Add RETPOLINE_AMD support to the inline asm CALL_NOSPEC
      variant
    - x86/retpoline: Make CONFIG_RETPOLINE depend on compiler support
    - x86/retpoline: Remove minimal retpoline support
    - x86/speculation: Update the TIF_SSBD comment
    - x86/speculation: Clean up spectre_v2_parse_cmdline()
    - x86/speculation: Remove unnecessary ret variable in cpu_show_common()
    - x86/speculation: Move STIPB/IBPB string conditionals out of
      cpu_show_common()
    - x86/speculation: Disable STIBP when enhanced IBRS is in use
    - x86/speculation: Rename SSBD update functions
    - x86/speculation: Reorganize speculation control MSRs update
    - sched/smt: Make sched_smt_present track topology
    - x86/Kconfig: Select SCHED_SMT if SMP enabled
    - sched/smt: Expose sched_smt_present static key
    - x86/speculation: Rework SMT state change
    - x86/l1tf: Show actual SMT state
    - x86/speculation: Reorder the spec_v2 code
    - x86/speculation: Mark string arrays const correctly
    - x86/speculataion: Mark command line parser data __initdata
    - x86/speculation: Unify conditional spectre v2 print functions
    - x86/speculation: Add command line control for indirect branch speculation
    - x86/speculation: Prepare for per task indirect branch speculation control
    - x86/process: Consolidate and simplify switch_to_xtra() code
    - x86/speculation: Avoid __switch_to_xtra() calls
    - x86/speculation: Prepare for conditional IBPB in switch_mm()
    - ptrace: Remove unused ptrace_may_access_sched() and MODE_IBRS
    - x86/speculation: Split out TIF update
    - x86/speculation: Prevent stale SPEC_CTRL msr content
    - x86/speculation: Prepare arch_smt_update() for PRCTL mode
    - x86/speculation: Add prctl() control for indirect branch speculation
    - x86/speculation: Enable prctl mode for spectre_v2_user
    - x86/speculation: Add seccomp Spectre v2 user space protection mode
    - x86/speculation: Provide IBPB always command line options
    - kvm: svm: Ensure an IBPB on all affected CPUs when freeing a vmcb
    - x86/speculation: Change misspelled STIPB to STIBP
    - x86/speculation: Add support for STIBP always-on preferred mode
    - x86, modpost: Replace last remnants of RETPOLINE with CONFIG_RETPOLINE
  * [Ubuntu] vfio-ap: add subsystem to matrix device to avoid libudev failures
    (LP: #1818854)
    - s390: vfio_ap: link the vfio_ap devices to the vfio_ap bus subsystem
  * Kernel regularly logs: Bluetooth: hci0: last event is not cmd complete
    (0x0f) (LP: #1748565)
    - Bluetooth: Fix unnecessary error message for HCI request completion
  * HiSilicon HNS ethernet broken in 4.15.0-45 (LP: #1818294)
    - net: hns: Fix WARNING when hns modules installed
  * Lenovo ideapad 330-15ICH Wifi rfkill hard blocked (LP: #1811815)
    - platform/x86: ideapad: Add ideapad 330-15ICH to no_hw_rfkill
  * Qualcomm Atheros QCA9377 wireless does not work (LP: #1818204)
    - platform/x86: ideapad-laptop: Add Ideapad 530S-14ARR to no_hw_rfkill list
  * fscache: jobs might hang when fscache disk is full (LP: #1821395)
    - fscache: fix race between enablement and dropping of object
  * hns3: fix oops in hns3_clean_rx_ring() (LP: #1821064)
    - net: hns3: add dma_rmb() for rx description
  * tcm_loop.ko: move from modules-extra into main modules package
    (LP: #1817786)
    - [Packaging] move tcm_loop.lo to main linux-modules package
  * tcmu user space crash results in kernel module hang. (LP: #1819504)
    - scsi: tcmu: delete unused __wait
    - scsi: t

1786013 Packaging resync
1812845 3b080b2564287be91605bfd1d5ee985696e61d3c in ubuntu_btrfs_kernel_fixes triggers system hang on i386
1820153 [SRU][B/C/OEM]IOMMU: add kernel dma protection
1820187 Huawei Hi1822 NIC has poor performance
1819881 [CONFIG] please enable highdpi font FONT_TER16x32
1814892 [19.04 FEAT] qeth: Enhanced link speed - kernel part
1819546 Avoid potential memory corruption on HiSilicon SoCs
1818854 [Ubuntu] vfio-ap: add subsystem to matrix device to avoid libudev failures
1748565 Kernel regularly logs: Bluetooth: hci0: last event is not cmd complete (0x0f)
1818294 HiSilicon HNS ethernet broken in 4.15.0-45
1811815 Lenovo ideapad 330-15ICH Wifi rfkill hard blocked
1818204 Qualcomm Atheros QCA9377 wireless does not work
1821395 fscache: jobs might hang when fscache disk is full
1821064 hns3: fix oops in hns3_clean_rx_ring()
1817786 tcm_loop.ko: move from modules-extra into main modules package
1819504 tcmu user space crash results in kernel module hang.
1779756 Intel XL710 - i40e driver does not work with kernel 4.15 (Ubuntu 18.04)
1820930 some codecs stop working after S3
1788432 4.15 s390x kernel BUG at /build/linux-Gycr4Z/linux-4.15.0/drivers/block/virtio_blk.c:565!
1820990 [SRU][B/B-OEM/C/D] Fix AMD IOMMU NULL dereference
1821271 New Intel Wireless-AC 9260 [8086:2526] card not correctly probed in Ubuntu system
1821276 Add support for MAC address pass through on RTL8153-BD
CVE-2017-5715 Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an at



About   -   Send Feedback to @ubuntu_updates