UbuntuUpdates.org

Package "linux-aws"

Name: linux-aws

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Header files related to Linux kernel version 4.4.0

Latest version: 4.4.0-1088.99
Release: xenial (16.04)
Level: proposed
Repository: main

Links

Save this URL for the latest version of "linux-aws": https://www.ubuntuupdates.org/linux-aws



Other versions of "linux-aws" in Xenial

Repository Area Version
security universe 4.4.0-1012.21
security main 4.4.0-1087.98
updates universe 4.4.0-1012.21
updates main 4.4.0-1087.98
PPA: Canonical Kernel Team 4.4.0-1088.99

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 4.4.0-1088.99 2019-07-05 11:07:10 UTC

  linux-aws (4.4.0-1088.99) xenial; urgency=medium

  * linux-aws: 4.4.0-1088.99 -proposed tracker (LP: #1834908)

  * hibernation support for linux-aws (LP: #1831940)
    - UBUNTU SAUCE [aws]: block: xen-blkfront: consider new dom0 features on
      restore
    - UBUNTU SAUCE [aws]: ACPICA: Enable sleep button on ACPI legacy wake
    - UBUNTU SAUCE [aws]: xen: restore pirqs on resume from hibernation.
    - UBUNTU SAUCE [aws]: xen: Only restore the ACPI SCI interrupt in
      xen_restore_pirqs.
    - radix-tree: delete radix_tree_locate_item()
    - mm: rid swapoff of quadratic complexity
    - sched/wait: Fix abort_exclusive_wait(), it should pass TASK_NORMAL to
      wake_up()
    - sched/wait: Avoid abort_exclusive_wait() in ___wait_event()
    - sched/wait: Avoid abort_exclusive_wait() in __wait_on_bit_lock()
    - sched/wait: Introduce init_wait_entry()
    - sched/wait: Standardize wait_bit_queue naming
    - sched/wait: Introduce wait_var_event()
    - mm: swapoff: shmem_unuse() stop eviction without igrab()
    - UBUNTU SAUCE [aws]: mm: aggressive swapoff
    - UBUNTU SAUCE [aws]: PM / hibernate: make sure pm_async is always disabled
    - NVMe: Allow request merges
    - PM / hibernate: Do not free preallocated safe pages during image restore
    - PM / hibernate: Recycle safe pages after image restoration
    - PM / hibernate: Simplify mark_unsafe_pages()
    - [Config] aws: disable CONFIG_TRANSPARENT_HUGEPAGE_ALWAYS
    - UBUNTU SAUCE [aws] PM / hibernate: set image_size to total RAM size by
      default
    - UBUNTU SAUCE [aws] PM / hibernate: reduce memory pressure during image
      writing
    - UBUNTU SAUCE [aws] mm, page_alloc: disable fair zone allocation policy on
      hibernate

 -- Kleber Sacilotto de Souza <email address hidden> Thu, 04 Jul 2019 15:27:25 +0200

1831940 hibernation support for linux-aws

Version: *DELETED* 2019-07-01 11:07:04 UTC
No changelog for deleted or moved packages.

Version: 4.4.0-1087.98 2019-06-26 10:07:24 UTC

  linux-aws (4.4.0-1087.98) xenial; urgency=medium

  * linux-aws: 4.4.0-1087.98 -proposed tracker (LP: #1834020)

  [ Ubuntu: 4.4.0-154.181 ]

  * linux: 4.4.0-154.181 -proposed tracker (LP: #1834030)
  * CVE-2019-11478
    - tcp: refine memory limit test in tcp_fragment()
  * CVE-2019-11479
    - SAUCE: tcp: add tcp_min_snd_mss sysctl
    - SAUCE: tcp: enforce tcp_min_snd_mss in tcp_mtu_probing()

 -- Khalid Elmously <email address hidden> Wed, 26 Jun 2019 01:17:15 -0400

Source diff to previous version
CVE-2019-11478 Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling cer
CVE-2019-11479 Jonathan Looney discovered that the Linux kernel default MSS is hard-c ...

Version: 4.4.0-1086.97 2019-06-19 17:06:21 UTC

  linux-aws (4.4.0-1086.97) xenial; urgency=medium

  * linux-aws: 4.4.0-1086.97 -proposed tracker (LP: #1832582)

  [ Ubuntu: 4.4.0-152.179 ]

  * linux: 4.4.0-152.179 -proposed tracker (LP: #1832593)
  * CVE-2019-11479
    - SAUCE: tcp: add tcp_min_snd_mss sysctl
    - SAUCE: tcp: enforce tcp_min_snd_mss in tcp_mtu_probing()
  * 4.4.0-145-generic Kernel Panic ip6_expire_frag_queue (LP: #1824687)
    - SAUCE: ipv6: frags: fix skb extraction in ip6_expire_frag_queue()
  * [Xenial] Customer can not SSH to Linux VM due to "VSC State Unhealthy"
    (LP: #1826416)
    - vmbus: fix missing signaling in hv_signal_on_read()
  * Xenial update: 4.4.180 upstream stable release (LP: #1830176)
    - kbuild: simplify ld-option implementation
    - KVM: fail KVM_SET_VCPU_EVENTS with invalid exception number
    - cifs: do not attempt cifs operation on smb2+ rename error
    - MIPS: scall64-o32: Fix indirect syscall number load
    - trace: Fix preempt_enable_no_resched() abuse
    - sched/numa: Fix a possible divide-by-zero
    - ceph: ensure d_name stability in ceph_dentry_hash()
    - ceph: fix ci->i_head_snapc leak
    - nfsd: Don't release the callback slot unless it was actually held
    - sunrpc: don't mark uninitialised items as VALID.
    - USB: Add new USB LPM helpers
    - USB: Consolidate LPM checks to avoid enabling LPM twice
    - powerpc/xmon: Add RFI flush related fields to paca dump
    - powerpc/64s: Improve RFI L1-D cache flush fallback
    - powerpc/64s: Fix section mismatch warnings from setup_rfi_flush()
    - Revert "UBUNTU: SAUCE: powerpc/64s: Add support for a store forwarding
      barrier at kernel entry/exit"
    - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit
    - powerpc/64s: Add barrier_nospec
    - powerpc/64s: Add support for ori barrier_nospec patching
    - powerpc/64s: Patch barrier_nospec in modules
    - powerpc/64s: Enable barrier_nospec based on firmware settings
    - powerpc/64: Use barrier_nospec in syscall entry
    - powerpc: Use barrier_nospec in copy_from_user()
    - powerpc/64s: Enhance the information in cpu_show_spectre_v1()
    - powerpc64s: Show ori31 availability in spectre_v1 sysfs file not v2
    - powerpc/64: Disable the speculation barrier from the command line
    - powerpc/64: Make stf barrier PPC_BOOK3S_64 specific.
    - powerpc/64: Add CONFIG_PPC_BARRIER_NOSPEC
    - powerpc/64: Call setup_barrier_nospec() from setup_arch()
    - powerpc/64: Make meltdown reporting Book3S 64 specific
    - powerpc/fsl: Add barrier_nospec implementation for NXP PowerPC Book3E
    - powerpc/asm: Add a patch_site macro & helpers for patching instructions
    - powerpc/64s: Add new security feature flags for count cache flush
    - powerpc/64s: Add support for software count cache flush
    - powerpc/pseries: Query hypervisor for count cache flush settings
    - powerpc/powernv: Query firmware for count cache flush settings
    - powerpc: Avoid code patching freed init sections
    - powerpc/fsl: Add infrastructure to fixup branch predictor flush
    - powerpc/fsl: Add macro to flush the branch predictor
    - powerpc/fsl: Fix spectre_v2 mitigations reporting
    - powerpc/fsl: Add nospectre_v2 command line argument
    - powerpc/fsl: Flush the branch predictor at each kernel entry (64bit)
    - powerpc/fsl: Update Spectre v2 reporting
    - powerpc/security: Fix spectre_v2 reporting
    - powerpc/fsl: Fix the flush of branch predictor.
    - tipc: handle the err returned from cmd header function
    - slip: make slhc_free() silently accept an error pointer
    - intel_th: gth: Fix an off-by-one in output unassigning
    - fs/proc/proc_sysctl.c: Fix a NULL pointer dereference
    - NFS: Forbid setting AF_INET6 to "struct sockaddr_in"->sin_family.
    - netfilter: ebtables: CONFIG_COMPAT: drop a bogus WARN_ON
    - tipc: check bearer name with right length in tipc_nl_compat_bearer_enable
    - tipc: check link name with right length in tipc_nl_compat_link_set
    - bpf: reject wrong sized filters earlier
    - Revert "block/loop: Use global lock for ioctl() operation."
    - ipv4: add sanity checks in ipv4_link_failure()
    - team: fix possible recursive locking when add slaves
    - net: stmmac: move stmmac_check_ether_addr() to driver probe
    - ipv4: set the tcp_min_rtt_wlen range from 0 to one day
    - powerpc/fsl: Enable runtime patching if nospectre_v2 boot arg is used
    - powerpc/fsl: Flush branch predictor when entering KVM
    - powerpc/fsl: Emulate SPRN_BUCSR register
    - powerpc/fsl: Flush the branch predictor at each kernel entry (32 bit)
    - powerpc/fsl: Sanitize the syscall table for NXP PowerPC 32 bit platforms
    - powerpc/fsl: Fixed warning: orphan section `__btb_flush_fixup'
    - powerpc/fsl: Add FSL_PPC_BOOK3E as supported arch for nospectre_v2 boot arg
    - Documentation: Add nospectre_v1 parameter
    - usbnet: ipheth: prevent TX queue timeouts when device not ready
    - usbnet: ipheth: fix potential null pointer dereference in ipheth_carrier_set
    - qlcnic: Avoid potential NULL pointer dereference
    - netfilter: bridge: set skb transport_header before entering
      NF_INET_PRE_ROUTING
    - sc16is7xx: missing unregister/delete driver on error in sc16is7xx_init()
    - usb: gadget: net2280: Fix overrun of OUT messages
    - usb: gadget: net2280: Fix net2280_dequeue()
    - usb: gadget: net2272: Fix net2272_dequeue()
    - ARM: dts: pfla02: increase phy reset duration
    - net: ks8851: Dequeue RX packets explicitly
    - net: ks8851: Reassert reset pin if chip ID check fails
    - net: ks8851: Delay requesting IRQ until opened
    - net: ks8851: Set initial carrier state to down
    - net: xilinx: fix possible object reference leak
    - net: ibm: fix possible object reference leak
    - net: ethernet: ti: fix possible object reference leak
    - scsi: qla4xxx: fix a potential NULL pointer dereference
    - usb: u132-hcd: fix resource leak
    - ceph: fix use-after-free on symlink

Source diff to previous version
1824687 4.4.0-145-generic Kernel Panic ip6_expire_frag_queue
1826416 [Xenial] Customer can not SSH to Linux VM due to \
1830176 Xenial update: 4.4.180 upstream stable release
CVE-2019-11479 Jonathan Looney discovered that the Linux kernel default MSS is hard-c ...
CVE-2018-12126 MSBDS Microarchitectural Store Buffer Data Sampling
CVE-2018-12127 MLPDS Microarchitectural Load Port Data Sampling
CVE-2018-12130 MFBDS Microarchitectural Fill Buffer Data Sampling
CVE-2019-11091 MDSUM Microarchitectural Data Sampling Uncacheable Memory

Version: 4.4.0-1085.96 2019-06-17 18:06:22 UTC

  linux-aws (4.4.0-1085.96) xenial; urgency=medium

  [ Ubuntu: 4.4.0-151.178 ]

  * Remote denial of service (system crash) caused by integer overflow in TCP
    SACK handling (LP: #1831637)
    - SAUCE: tcp: limit payload size of sacked skbs
    - SAUCE: tcp: fix fack_count accounting on tcp_shift_skb_data()
  * Remote denial of service (resource exhaustion) caused by TCP SACK scoreboard
    manipulation (LP: #1831638)
    - SAUCE: tcp: tcp_fragment() should apply sane memory limits

  [ Ubuntu: 4.4.0-150.176 ]

  * linux: 4.4.0-150.176 -proposed tracker (LP: #1830941)
  * glibc 2.23-0ubuntu11 ADT test failure with linux 4.4.0-149.175
    (LP: #1830890)
    - x86/vdso: Pass --eh-frame-hdr to the linker

 -- Stefan Bader <email address hidden> Tue, 11 Jun 2019 10:32:54 +0200

1830890 glibc 2.23-0ubuntu11 ADT test failure with linux 4.4.0-149.175



About   -   Send Feedback to @ubuntu_updates