Package "linux-aws"
Name: |
linux-aws
|
Description: |
This package is just an umbrella for a group of other packages,
it has no description. Description samples from packages in group:
- Header files related to Linux kernel version 4.4.0
- Header files related to Linux kernel version 4.4.0
- Header files related to Linux kernel version 4.4.0
- Header files related to Linux kernel version 4.4.0
|
Latest version: |
4.4.0-1044.47 |
Release: |
trusty (14.04) |
Level: |
security |
Repository: |
universe |
Links
Other versions of "linux-aws" in Trusty
Packages in group
Deleted packages are displayed in grey.
Changelog
linux-aws (4.4.0-1034.37) trusty; urgency=medium
* linux-aws: 4.4.0-1034.37 -proposed tracker (LP: #1801123)
* Update ENA driver to version 2.0.1K (LP: #1798182)
- net: ena: remove ndo_poll_controller
- net: ena: fix warning in rmmod caused by double iounmap
- net: ena: fix rare bug when failed restart/resume is followed by driver
removal
- net: ena: fix NULL dereference due to untimely napi initialization
- net: ena: fix auto casting to boolean
- net: ena: minor performance improvement
- net: ena: complete host info to match latest ENA spec
- net: ena: introduce Low Latency Queues data structures according to ENA spec
- net: ena: add functions for handling Low Latency Queues in ena_com
- net: ena: add functions for handling Low Latency Queues in ena_netdev
- net: ena: use CSUM_CHECKED device indication to report skb's checksum status
- net: ena: explicit casting and initialization, and clearer error handling
- net: ena: limit refill Rx threshold to 256 to avoid latency issues
- net: ena: change rx copybreak default to reduce kernel memory pressure
- net: ena: remove redundant parameter in ena_com_admin_init()
- net: ena: update driver version to 2.0.1
- net: ena: fix indentations in ena_defs for better readability
- net: ena: Fix Kconfig dependency on X86
- net: ena: enable Low Latency Queues
- net: ena: fix compilation error in xtensa architecture
|
Source diff to previous version |
1798182 |
Update ENA driver to version 2.0.1K |
|
linux-aws (4.4.0-1032.35) trusty; urgency=medium
* linux-aws: 4.4.0-1032.35 -proposed tracker (LP: #1795583)
[ Ubuntu: 4.4.0-138.164 ]
* linux: 4.4.0-138.164 -proposed tracker (LP: #1795582)
* Linux 4.4.155 stable release build is broken on ppc64 (LP: #1795662)
- powerpc/fadump: Return error when fadump registration fails
* Kernel hang on drive pull caused by regression introduced by commit
287922eb0b18 (LP: #1791790)
- block: Fix a race between blk_cleanup_queue() and timeout handling
* qeth: use vzalloc for QUERY OAT buffer (LP: #1793086)
- s390/qeth: use vzalloc for QUERY OAT buffer
* Page leaking in cachefiles_read_backing_file while vmscan is active
(LP: #1793430)
- SAUCE: cachefiles: Page leaking in cachefiles_read_backing_file while vmscan
is active
* Bugfix for handling of shadow doorbell buffer (LP: #1788222)
- nvme-pci: add a memory barrier to nvme_dbbuf_update_and_check_event
* Xenial update to 4.4.155 stable release (LP: #1792419)
- net: 6lowpan: fix reserved space for single frames
- net: mac802154: tx: expand tailroom if necessary
- 9p/net: Fix zero-copy path in the 9p virtio transport
- net: lan78xx: Fix misplaced tasklet_schedule() call
- spi: davinci: fix a NULL pointer dereference
- drm/i915/userptr: reject zero user_size
- powerpc/fadump: handle crash memory ranges array index overflow
- powerpc/pseries: Fix endianness while restoring of r3 in MCE handler.
- fs/9p/xattr.c: catch the error of p9_client_clunk when setting xattr failed
- 9p/virtio: fix off-by-one error in sg list bounds check
- net/9p/client.c: version pointer uninitialized
- net/9p/trans_fd.c: fix race-condition by flushing workqueue before the
kfree()
- dm cache metadata: save in-core policy_hint_size to on-disk superblock
- iio: ad9523: Fix displayed phase
- iio: ad9523: Fix return value for ad952x_store()
- vmw_balloon: fix inflation of 64-bit GFNs
- vmw_balloon: do not use 2MB without batching
- vmw_balloon: VMCI_DOORBELL_SET does not check status
- vmw_balloon: fix VMCI use when balloon built into kernel
- tracing: Do not call start/stop() functions when tracing_on does not change
- tracing/blktrace: Fix to allow setting same value
- kthread, tracing: Don't expose half-written comm when creating kthreads
- uprobes: Use synchronize_rcu() not synchronize_sched()
- 9p: fix multiple NULL-pointer-dereferences
- PM / sleep: wakeup: Fix build error caused by missing SRCU support
- pnfs/blocklayout: off by one in bl_map_stripe()
- ARM: tegra: Fix Tegra30 Cardhu PCA954x reset
- mm/tlb: Remove tlb_remove_table() non-concurrent condition
- iommu/vt-d: Add definitions for PFSID
- iommu/vt-d: Fix dev iotlb pfsid use
- osf_getdomainname(): use copy_to_user()
- sys: don't hold uts_sem while accessing userspace memory
- userns: move user access out of the mutex
- ubifs: Fix memory leak in lprobs self-check
- Revert "UBIFS: Fix potential integer overflow in allocation"
- ubifs: Check data node size before truncate
- ubifs: Fix synced_i_size calculation for xattr inodes
- pwm: tiehrpwm: Fix disabling of output of PWMs
- fb: fix lost console when the user unplugs a USB adapter
- udlfb: set optimal write delay
- getxattr: use correct xattr length
- bcache: release dc->writeback_lock properly in bch_writeback_thread()
- perf auxtrace: Fix queue resize
- fs/quota: Fix spectre gadget in do_quotactl
- x86/io: add interface to reserve io memtype for a resource range. (v1.1)
- drm/drivers: add support for using the arch wc mapping API.
- Linux 4.4.155
* Xenial update to 4.4.154 stable release (LP: #1792392)
- sched/sysctl: Check user input value of sysctl_sched_time_avg
- Cipso: cipso_v4_optptr enter infinite loop
- vti6: fix PMTU caching and reporting on xmit
- xfrm: fix missing dst_release() after policy blocking lbcast and multicast
- xfrm: free skb if nlsk pointer is NULL
- mac80211: add stations tied to AP_VLANs during hw reconfig
- nl80211: Add a missing break in parse_station_flags
- drm/bridge: adv7511: Reset registers on hotplug
- scsi: libiscsi: fix possible NULL pointer dereference in case of TMF
- drm/imx: imx-ldb: disable LDB on driver bind
- drm/imx: imx-ldb: check if channel is enabled before printing warning
- usb: gadget: r8a66597: Fix two possible sleep-in-atomic-context bugs in
init_controller()
- usb: gadget: r8a66597: Fix a possible sleep-in-atomic-context bugs in
r8a66597_queue()
- usb/phy: fix PPC64 build errors in phy-fsl-usb.c
- tools: usb: ffs-test: Fix build on big endian systems
- usb: gadget: f_uac2: fix endianness of 'struct cntrl_*_lay3'
- tools/power turbostat: fix -S on UP systems
- net: caif: Add a missing rcu_read_unlock() in caif_flow_cb
- qed: Fix possible race for the link state value.
- atl1c: reserve min skb headroom
- net: prevent ISA drivers from building on PPC32
- can: mpc5xxx_can: check of_iomap return before use
- i2c: davinci: Avoid zero value of CLKH
- media: staging: omap4iss: Include asm/cacheflush.h after generic includes
- bnx2x: Fix invalid memory access in rss hash config path.
- net: axienet: Fix double deregister of mdio
- selftests/ftrace: Add snapshot and tracing_on test case
- zswap: re-check zswap_is_full() after do zswap_shrink()
- tools/power turbostat: Read extended processor family from CPUID
- Revert "MIPS: BCM47XX: Enable 74K Core ExternalSync for PCIe erratum"
- enic: handle mtu change for vf properly
- arc: fix build errors in arc/include/asm/delay.h
- arc: fix type warnings in arc/mm/cache.c
- drivers: net: lmc: fix case value for target abort error
- scsi: fcoe: drop frames in ELS LOGO error path
- scsi: vmw_pvscsi: Return DID_RESET for status SAM_STAT
|
Source diff to previous version |
1795662 |
Linux 4.4.155 stable release build is broken on ppc64 |
1791790 |
Kernel hang on drive pull caused by regression introduced by commit 287922eb0b18 |
1793086 |
qeth: use vzalloc for QUERY OAT buffer |
1793430 |
Page leaking in cachefiles_read_backing_file while vmscan is active |
1788222 |
Bugfix for handling of shadow doorbell buffer |
1792419 |
Xenial update to 4.4.155 stable release |
1792392 |
Xenial update to 4.4.154 stable release |
1792383 |
Xenial update to 4.4.153 stable release |
1792377 |
Xenial update to 4.4.152 stable release |
1792340 |
Xenial update to 4.4.151 stable release |
1792336 |
Xenial update to 4.4.150 stable release |
1792310 |
Xenial update to 4.4.149 stable release |
1792174 |
Xenial update to 4.4.148 stable release |
1792109 |
Xenial update to 4.4.147 stable release |
1791953 |
Xenial update to 4.4.146 stable release |
1791942 |
Xenial update to 4.4.145 stable release |
1793753 |
kernel panic - null pointer dereference on ipset operations |
1793461 |
Improvements to the kernel source package preparation |
1792044 |
update ENA driver to latest mainline version |
CVE-2018-9363 |
HID: Bluetooth: hidp: buffer overflow in hidp_process_report |
|
linux-aws (4.4.0-1031.34) trusty; urgency=medium
[ Ubuntu: 4.4.0-137.163 ]
* CVE-2018-14633
- iscsi target: Use hex2bin instead of a re-implementation
* CVE-2018-17182
- mm: get rid of vmacache_flush_all() entirely
|
Source diff to previous version |
CVE-2018-14633 |
A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request f |
CVE-2018-17182 |
An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An |
|
linux-aws (4.4.0-1028.31) trusty; urgency=medium
* linux-aws: 4.4.0-1028.31 -proposed tracker (LP: #1787178)
* Xenial update to 4.4.136 stable release (LP: #1776177)
- [Config] Add CONFIG_CC_OPTIMIZE_FOR_PERFORMANCE=y
[ Ubuntu: 4.4.0-134.160 ]
* linux: 4.4.0-134.160 -proposed tracker (LP: #1787177)
* locking sockets broken due to missing AppArmor socket mediation patches
(LP: #1780227)
- UBUNTU SAUCE: apparmor: fix apparmor mediating locking non-fs, unix sockets
* Backport namespaced fscaps to xenial 4.4 (LP: #1778286)
- Introduce v3 namespaced file capabilities
- commoncap: move assignment of fs_ns to avoid null pointer dereference
- capabilities: fix buffer overread on very short xattr
- commoncap: Handle memory allocation failure.
* Xenial update to 4.4.140 stable release (LP: #1784409)
- usb: cdc_acm: Add quirk for Uniden UBC125 scanner
- USB: serial: cp210x: add CESINEL device ids
- USB: serial: cp210x: add Silicon Labs IDs for Windows Update
- n_tty: Fix stall at n_tty_receive_char_special().
- staging: android: ion: Return an ERR_PTR in ion_map_kernel
- n_tty: Access echo_* variables carefully.
- x86/boot: Fix early command-line parsing when matching at end
- ath10k: fix rfc1042 header retrieval in QCA4019 with eth decap mode
- i2c: rcar: fix resume by always initializing registers before transfer
- ipv4: Fix error return value in fib_convert_metrics()
- kprobes/x86: Do not modify singlestep buffer while resuming
- nvme-pci: initialize queue memory before interrupts
- netfilter: nf_tables: use WARN_ON_ONCE instead of BUG_ON in nft_do_chain()
- ARM: dts: imx6q: Use correct SDMA script for SPI5 core
- ubi: fastmap: Correctly handle interrupted erasures in EBA
- mm: hugetlb: yield when prepping struct pages
- tracing: Fix missing return symbol in function_graph output
- scsi: sg: mitigate read/write abuse
- s390: Correct register corruption in critical section cleanup
- drbd: fix access after free
- cifs: Fix infinite loop when using hard mount option
- jbd2: don't mark block as modified if the handle is out of credits
- ext4: make sure bitmaps and the inode table don't overlap with bg
descriptors
- ext4: always check block group bounds in ext4_init_block_bitmap()
- ext4: only look at the bg_flags field if it is valid
- ext4: verify the depth of extent tree in ext4_find_extent()
- ext4: include the illegal physical block in the bad map ext4_error msg
- ext4: clear i_data in ext4_inode_info when removing inline data
- ext4: add more inode number paranoia checks
- ext4: add more mount time checks of the superblock
- ext4: check superblock mapped prior to committing
- HID: i2c-hid: Fix "incomplete report" noise
- HID: hiddev: fix potential Spectre v1
- HID: debug: check length before copy_to_user()
- x86/mce: Detect local MCEs properly
- x86/mce: Fix incorrect "Machine check from unknown source" message
- media: cx25840: Use subdev host data for PLL override
- mm, page_alloc: do not break __GFP_THISNODE by zonelist reset
- dm bufio: avoid sleeping while holding the dm_bufio lock
- dm bufio: drop the lock when doing GFP_NOIO allocation
- mtd: rawnand: mxc: set spare area size register explicitly
- dm bufio: don't take the lock in dm_bufio_shrink_count
- mtd: cfi_cmdset_0002: Change definition naming to retry write operation
- mtd: cfi_cmdset_0002: Change erase functions to retry for error
- mtd: cfi_cmdset_0002: Change erase functions to check chip good only
- netfilter: nf_log: don't hold nf_log_mutex during user access
- staging: comedi: quatech_daqp_cs: fix no-op loop daqp_ao_insn_write()
- Linux 4.4.140
* Xenial update to 4.4.139 stable release (LP: #1784382)
- xfrm6: avoid potential infinite loop in _decode_session6()
- netfilter: ebtables: handle string from userspace with care
- ipvs: fix buffer overflow with sync daemon and service
- atm: zatm: fix memcmp casting
- net: qmi_wwan: Add Netgear Aircard 779S
- net/sonic: Use dma_mapping_error()
- Revert "Btrfs: fix scrub to repair raid6 corruption"
- tcp: do not overshoot window_clamp in tcp_rcv_space_adjust()
- Btrfs: make raid6 rebuild retry more
- usb: musb: fix remote wakeup racing with suspend
- bonding: re-evaluate force_primary when the primary slave name changes
- tcp: verify the checksum of the first data segment in a new connection
- ext4: update mtime in ext4_punch_hole even if no blocks are released
- ext4: fix fencepost error in check for inode count overflow during resize
- driver core: Don't ignore class_dir_create_and_add() failure.
- btrfs: scrub: Don't use inode pages for device replace
- ALSA: hda - Handle kzalloc() failure in snd_hda_attach_pcm_stream()
- ALSA: hda: add dock and led support for HP EliteBook 830 G5
- ALSA: hda: add dock and led support for HP ProBook 640 G4
- cpufreq: Fix new policy initialization during limits updates via sysfs
- libata: zpodd: make arrays cdb static, reduces object code size
- libata: zpodd: small read overflow in eject_tray()
- libata: Drop SanDisk SD7UB3Q*G1001 NOLPM quirk
- w1: mxc_w1: Enable clock before calling clk_get_rate() on it
- x86/spectre_v1: Disable compiler optimizations over
array_index_mask_nospec()
- m68k/mm: Adjust VM area to be unmapped by gap size for __iounmap()
- serial: sh-sci: Use spin_{try}lock_irqsave instead of open coding version
- signal/xtensa: Consistenly use SIGBUS in do_unaligned_user
- usb: do not reset if a low-speed or full-speed device timed out
- 1wire: family module autoload fails because of upper/lower case mismatch.
- ASoC: dapm: delete dapm_kcontrol_data paths list before freeing it
- ASoC: cirrus: i2s: Fix LRCLK configuration
- ASoC: cirrus: i2s: Fix {TX|RX}L
|
Source diff to previous version |
1776177 |
Xenial update to 4.4.136 stable release |
1780227 |
locking sockets broken due to missing AppArmor socket mediation patches |
1778286 |
Backport namespaced fscaps to xenial 4.4 |
1784409 |
Xenial update to 4.4.140 stable release |
1784382 |
Xenial update to 4.4.139 stable release |
1620762 |
Support AverMedia DVD EZMaker 7 USB video capture dongle |
1779830 |
vfio/pci: cannot assign a i40e pf device to a vm using vfio-pci |
1781364 |
Kernel error \ |
1759848 |
Allow multiple mounts of zfs datasets |
1773410 |
Redpine: Observed kernel panic while running wireless tests in regression mode |
1777850 |
Redpine: Observed kernel panic while running soft-ap tests |
1783241 |
[HMS] Upgrades to Support SocketCAN over USB on Dell IoT 300x Gateways |
1779923 |
other users' coredumps can be read via setgid directory and killpriv bypass |
1782116 |
snapcraft.yaml: missing ubuntu-retpoline-extract-one script breaks the build |
1783152 |
Enable basic support for Solarflare 8000 series NIC |
1777858 |
Redpine: Observed kernel panic while running wireless regressions tests |
1777389 |
Xenial update to 4.4.138 stable release |
1773400 |
Redpine: wifi-ap stopped working after restart |
1777063 |
Xenial update to 4.4.137 stable release |
1776158 |
Xenial update to 4.4.135 stable release |
CVE-2018-12233 |
In the ea_get function in fs/jfs/xattr.c in the Linux kernel through 4.17.1, a memory corruption bug in JFS can be triggered by calling setxattr twic |
CVE-2018-13094 |
An issue was discovered in fs/xfs/libxfs/xfs_attr_leaf.c in the Linux kernel through 4.17.3. An OOPS may occur for a corrupted xfs image after xfs_da |
CVE-2018-13405 |
The inode_init_owner function in fs/inode.c in the Linux kernel through 4.17.4 allows local users to create files with an unintended group ownership, |
|
linux-aws (4.4.0-1027.30) trusty; urgency=medium
[ Ubuntu: 4.4.0-133.159 ]
* CVE-2018-5390
- tcp: avoid collapses in tcp_prune_queue() if possible
- tcp: detect malicious patterns in tcp_collapse_ofo_queue()
* CVE-2018-5391
- Revert "net: increase fragment memory usage limits"
* CVE-2018-3620 // CVE-2018-3646
- KVM: x86: introduce linear_{read,write}_system
- KVM: x86: pass kvm_vcpu to kvm_read_guest_virt and
kvm_write_guest_virt_system
- kvm: x86: use correct privilege level for sgdt/sidt/fxsave/fxrstor access
- x86/speculation/l1tf: Increase 32bit PAE __PHYSICAL_PAGE_SHIFT
- x86/speculation/l1tf: Change order of offset/type in swap entry
- x86/speculation/l1tf: Protect swap entries against L1TF
- x86/mm: Simplify p[g4um]d_page() macros
- x86/speculation/l1tf: Protect PROT_NONE PTEs against speculation
- x86/speculation/l1tf: Make sure the first page is always reserved
- SAUCE: x86/cpu: Add Knights Mill/Gemini Lake
- x86/speculation/l1tf: Add sysfs reporting for l1tf
- x86/speculation/l1tf: Disallow non privileged high MMIO PROT_NONE mappings
- x86/speculation/l1tf: Limit swap file size to MAX_PA/2
- x86/smp: Provide topology_is_primary_thread()
- x86/topology: Provide topology_smt_supported()
- cpu/hotplug: Split do_cpu_down()
- x86/topology: Add topology_max_smt_threads()
- cpu/hotplug: Provide knobs to control SMT
- x86/CPU: Modify detect_extended_topology() to return result
- x86/cpu: Remove the pointless CPU printout
- x86/cpu/AMD: Remove the pointless detect_ht() call
- x86/cpu/common: Provide detect_ht_early()
- x86/cpu/topology: Provide detect_extended_topology_early()
- x86/cpu/intel: Evaluate smp_num_siblings early
- x86/cpu/AMD: Evaluate smp_num_siblings early
- x86/apic: Ignore secondary threads if nosmt=force
- x86/speculation/l1tf: Extend 64bit swap file size limit
- x86/CPU/AMD: Move TOPOEXT reenablement before reading smp_num_siblings
- x86/cpufeatures: Add detection of L1D cache flush support.
- x86/speculation/l1tf: Protect PAE swap entries against L1TF
- x86/speculation/l1tf: Fix up pte->pfn conversion for PAE
- Revert "x86/apic: Ignore secondary threads if nosmt=force"
- SAUCE: x86/mce: register mce notifier earlier
- cpu/hotplug: Boot HT siblings at least once
- KVM: x86: Introducing kvm_x86_ops VM init/destroy hooks
- x86/KVM: Warn user if KVM is loaded SMT and L1TF CPU bug being present.
- x86/KVM/VMX: Add module argument for L1TF mitigation
- x86/KVM/VMX: Add L1D flush algorithm
- x86/KVM/VMX: Add L1D MSR based flush
- x86/KVM/VMX: Add L1D flush logic
- x86/KVM/VMX: Split the VMX MSR LOAD structures to have an host/guest numbers
- x86/KVM/VMX: Add find_msr() helper function
- x86/KVM/VMX: Seperate the VMX AUTOLOAD guest/host number accounting.
- x86/KVM/VMX: Extend add_atomic_switch_msr() to allow VMENTER only MSRs
- x86/KVM/VMX: Use MSR save list for IA32_FLUSH_CMD if required
- cpu/hotplug: Online siblings when SMT control is turned on
- x86/litf: Introduce vmx status variable
- x86/kvm: Drop L1TF MSR list approach
- x86/l1tf: Handle EPT disabled state proper
- x86/kvm: Move l1tf setup function
- x86/kvm: Add static key for flush always
- x86/kvm: Serialize L1D flush parameter setter
- x86/kvm: Allow runtime control of L1D flush
- cpu/hotplug: Expose SMT control init function
- cpu/hotplug: Set CPU_SMT_NOT_SUPPORTED early
- x86/bugs, kvm: Introduce boot-time control of L1TF mitigations
- Documentation: Add section about CPU vulnerabilities
- x86/speculation/l1tf: Unbreak !__HAVE_ARCH_PFN_MODIFY_ALLOWED architectures
- x86/KVM/VMX: Initialize the vmx_l1d_flush_pages' content
- Documentation/l1tf: Fix typos
- cpu/hotplug: detect SMT disabled by BIOS
- x86/KVM/VMX: Don't set l1tf_flush_l1d to true from vmx_l1d_flush()
- x86/KVM/VMX: Replace 'vmx_l1d_flush_always' with 'vmx_l1d_flush_cond'
- x86/KVM/VMX: Move the l1tf_flush_l1d test to vmx_l1d_flush()
- x86/irq: Demote irq_cpustat_t::__softirq_pending to u16
- x86/KVM/VMX: Introduce per-host-cpu analogue of l1tf_flush_l1d
- x86: Don't include linux/irq.h from asm/hardirq.h
- x86/apic: Order irq_enter/exit() calls correctly vs. ack_APIC_irq()
- x86/irq: Let interrupt handlers set kvm_cpu_l1tf_flush_l1d
- x86/KVM/VMX: Don't set l1tf_flush_l1d from vmx_handle_external_intr()
- Documentation/l1tf: Remove Yonah processors from not vulnerable list
- x86/speculation: Simplify sysfs report of VMX L1TF vulnerability
- x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on vmentry
- KVM/VMX: Emulate MSR_IA32_ARCH_CAPABILITIES
- KVM: x86: Add a framework for supporting MSR-based features
- KVM: X86: Introduce kvm_get_msr_feature()
- KVM: VMX: support MSR_IA32_ARCH_CAPABILITIES as a feature MSR
- KVM: VMX: Tell the nested hypervisor to skip L1D flush on vmentry
- cpu/hotplug: Fix SMT supported evaluation
- x86/speculation/l1tf: Invert all not present mappings
- x86/speculation/l1tf: Make pmd/pud_mknotpresent() invert
- x86/mm/pat: Ensure cpa->pfn only contains page frame numbers
- SAUCE: Add pfn_pud() and pud_mkhuge()
- x86/mm/pat: Make set_memory_np() L1TF safe
-- Stefan Bader <email address hidden> Fri, 10 Aug 2018 15:21:28 +0200
|
|
About
-
Send Feedback to @ubuntu_updates