UbuntuUpdates.org

Package "linux-azure"

Name: linux-azure

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Header files related to Linux kernel version 4.11.0
  • Header files related to Linux kernel version 4.11.0
  • Header files related to Linux kernel version 4.11.0
  • Header files related to Linux kernel version 4.11.0

Latest version: 4.13.0-1011.14
Release: xenial (16.04)
Level: updates
Repository: main

Links

Save this URL for the latest version of "linux-azure": https://www.ubuntuupdates.org/linux-azure



Other versions of "linux-azure" in Xenial

Repository Area Version
security main 4.13.0-1011.14
proposed main 4.13.0-1011.14
PPA: Canonical Kernel Team 4.13.0-1011.14

Packages in group

Deleted packages are displayed in grey.

linux-azure-headers-4.11.0-1009 linux-azure-headers-4.11.0-1011 linux-azure-headers-4.11.0-1013 linux-azure-headers-4.11.0-1014 linux-azure-headers-4.11.0-1015
linux-azure-headers-4.11.0-1016 linux-azure-headers-4.13.0-1005 linux-azure-headers-4.13.0-1006 linux-azure-headers-4.13.0-1007 linux-azure-headers-4.13.0-1009
linux-azure-headers-4.13.0-1011

Changelog

Version: 4.13.0-1011.14 2018-02-22 01:07:59 UTC

  linux-azure (4.13.0-1011.14) xenial; urgency=medium

  * linux-azure: 4.13.0-1011.14 -proposed tracker (LP: #1748476)

  * [Hyper-V] Fixes for Network Direct InfiniBand/RDMA driver (LP: #1749332)
    - SAUCE: vmbus-rdma: ND142: don't wait forever for disconnection from remote
      connector
    - SAUCE: vmbus-rdma: ND142: remove idr handle before calling ND on freeing CQ
      and QP
    - SAUCE: vmbus-rdma: ND142: do not crash on idr allocation failure - warn
      instead
    - SAUCE: vmbus-rdma: ND144: don't wait forever for disconnection from remote
      connector
    - SAUCE: vmbus-rdma: ND144: remove idr handle before calling ND on freeing CQ
      and QP
    - SAUCE: vmbus-rdma: ND144: do not crash on idr allocation failure - warn
      instead

  * [Hyper-V] vsock: always call vsock_init_tables() (LP: #1747970)
    - vsock: always call vsock_init_tables()

  * Update the source code location in the debian package for cloud kernels
    (LP: #1747890)
    - [Debian] Update git repository URI

  [ Ubuntu: 4.13.0-35.39 ]

  * linux: 4.13.0-35.39 -proposed tracker (LP: #1748743)
  * CVE-2017-5715 (Spectre v2 Intel)
    - Revert "UBUNTU: SAUCE: turn off IBPB when full retpoline is present"
    - SAUCE: turn off IBRS when full retpoline is present
    - [Packaging] retpoline files must be sorted
    - [Packaging] pull in retpoline files

  [ Ubuntu: 4.13.0-34.37 ]

  * linux: 4.13.0-34.37 -proposed tracker (LP: #1748475)
  * libata: apply MAX_SEC_1024 to all LITEON EP1 series devices (LP: #1743053)
    - libata: apply MAX_SEC_1024 to all LITEON EP1 series devices
  * KVM patches for s390x to provide facility bits 81 (ppa15) and 82 (bpb)
    (LP: #1747090)
    - KVM: s390: wire up bpb feature
  * artful 4.13 i386 kernels crash after memory hotplug remove (LP: #1747069)
    - Revert "mm, memory_hotplug: do not associate hotadded memory to zones until
      online"
  * CVE-2017-5715 (Spectre v2 Intel)
    - x86/feature: Enable the x86 feature to control Speculation
    - x86/feature: Report presence of IBPB and IBRS control
    - x86/enter: MACROS to set/clear IBRS and set IBPB
    - x86/enter: Use IBRS on syscall and interrupts
    - x86/idle: Disable IBRS entering idle and enable it on wakeup
    - x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup
    - x86/mm: Set IBPB upon context switch
    - x86/mm: Only set IBPB when the new thread cannot ptrace current thread
    - x86/entry: Stuff RSB for entry to kernel for non-SMEP platform
    - x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm
    - x86/kvm: Set IBPB when switching VM
    - x86/kvm: Toggle IBRS on VM entry and exit
    - x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature
    - x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb control
    - x86/cpu/AMD: Add speculative control support for AMD
    - x86/microcode: Extend post microcode reload to support IBPB feature
    - KVM: SVM: Do not intercept new speculative control MSRs
    - x86/svm: Set IBRS value on VM entry and exit
    - x86/svm: Set IBPB when running a different VCPU
    - KVM: x86: Add speculative control CPUID support for guests
    - SAUCE: turn off IBPB when full retpoline is present
  * Artful 4.13 fixes for tun (LP: #1748846)
    - tun: call dev_get_valid_name() before register_netdevice()
    - tun: allow positive return values on dev_get_valid_name() call
    - tun/tap: sanitize TUNSETSNDBUF input
  * boot failure on AMD Raven + WestonXT (LP: #1742759)
    - SAUCE: drm/amdgpu: add atpx quirk handling (v2)

Source diff to previous version
CVE-2017-5715 Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an at
1742759 boot failure on AMD Raven + WesternXT
1748846 Artful 4.13 fixes for tun
1747069 artful 4.13 i386 kernels crash after memory hotplug remove
1747090 KVM patches for s390x to provide facility bits 81 (ppa15) and 82 (bpb)
1743053 libata: apply MAX_SEC_1024 to all LITEON EP1 series devices
1747970 [Hyper-V] vsock: always call vsock_init_tables()
1749332 [Hyper-V] Fixes for Network Direct InfiniBand/RDMA driver

Version: 4.13.0-1009.12 2018-02-06 22:06:42 UTC

  linux-azure (4.13.0-1009.12) xenial; urgency=low

  * linux-azure: 4.13.0-1009.12 -proposed tracker (LP: #1746726)

  * libata: apply MAX_SEC_1024 to all LITEON EP1 series devices (LP: #1743053)
    - libata: apply MAX_SEC_1024 to all LITEON EP1 series devices

Source diff to previous version
1743053 libata: apply MAX_SEC_1024 to all LITEON EP1 series devices

Version: 4.13.0-1007.9 2018-01-26 06:06:43 UTC

  linux-azure (4.13.0-1007.9) xenial; urgency=low

  [ Ubuntu: 4.13.0-32.35 ]

  * CVE-2017-5715 // CVE-2017-5753
    - SAUCE: x86/entry: Fix up retpoline assembler labels

  [ Ubuntu: 4.13.0-31.34 ]

  * linux: 4.13.0-31.34 -proposed tracker (LP: #1744294)
  * CVE-2017-5715 // CVE-2017-5753
    - SAUCE: s390: improve cpu alternative handling for gmb and nobp
    - SAUCE: s390: print messages for gmb and nobp
    - [Config] KERNEL_NOBP=y

  [ Ubuntu: 4.13.0-30.33 ]

  * linux: 4.13.0-30.33 -proposed tracker (LP: #1743412)
  * Do not duplicate changelog entries assigned to more than one bug or CVE
    (LP: #1743383)
    - [Packaging] git-ubuntu-log -- handle multiple bugs/cves better
  * Unable to handle kernel NULL pointer dereference at isci_task_abort_task
    (LP: #1726519)
    - Revert "scsi: libsas: allow async aborts"
  * CVE-2017-5715 // CVE-2017-5753
    - SAUCE: x86/microcode: Extend post microcode reload to support IBPB feature
      -- repair missmerge
    - Revert "x86/svm: Add code to clear registers on VM exit"
    - kvm: vmx: Scrub hardware GPRs at VM-exit

 -- Stefan Bader <email address hidden> Thu, 25 Jan 2018 11:18:29 +0100

Source diff to previous version
1743383 Do not duplicate changelog entries assigned to more than one bug or CVE
1726519 Unable to handle kernel NULL pointer dereference at isci_task_abort_task
CVE-2017-5715 Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an at
CVE-2017-5753 Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker wi

Version: 4.13.0-1006.8 2018-01-22 21:07:21 UTC

  linux-azure (4.13.0-1006.8) xenial; urgency=low

  * linux-azure: 4.13.0-1006.8 -proposed tracker (LP: #1742723)

  [ Ubuntu: 4.13.0-29.32 ]

  * linux: 4.13.0-29.32 -proposed tracker (LP: #1742722)
  * CVE-2017-5754
    - Revert "x86/cpu: Implement CPU vulnerabilites sysfs functions"
    - Revert "sysfs/cpu: Fix typos in vulnerability documentation"
    - Revert "sysfs/cpu: Add vulnerability folder"
    - Revert "UBUNTU: [Config] updateconfigs to enable
      GENERIC_CPU_VULNERABILITIES"

  [ Ubuntu: 4.13.0-28.31 ]

  * CVE-2017-5753
    - SAUCE: x86/kvm: Fix stuff_RSB() for 32-bit
  * CVE-2017-5715
    - SAUCE: x86/kvm: Fix stuff_RSB() for 32-bit

  [ Ubuntu: 4.13.0-27.30 ]

  * CVE-2017-5753
    - locking/barriers: introduce new memory barrier gmb()
    - bpf: prevent speculative execution in eBPF interpreter
    - x86, bpf, jit: prevent speculative execution when JIT is enabled
    - uvcvideo: prevent speculative execution
    - carl9170: prevent speculative execution
    - p54: prevent speculative execution
    - qla2xxx: prevent speculative execution
    - cw1200: prevent speculative execution
    - Thermal/int340x: prevent speculative execution
    - userns: prevent speculative execution
    - ipv6: prevent speculative execution
    - fs: prevent speculative execution
    - net: mpls: prevent speculative execution
    - udf: prevent speculative execution
    - x86/feature: Enable the x86 feature to control Speculation
    - x86/feature: Report presence of IBPB and IBRS control
    - x86/enter: MACROS to set/clear IBRS and set IBPB
    - x86/enter: Use IBRS on syscall and interrupts
    - x86/idle: Disable IBRS entering idle and enable it on wakeup
    - x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup
    - x86/mm: Set IBPB upon context switch
    - x86/mm: Only set IBPB when the new thread cannot ptrace current thread
    - x86/entry: Stuff RSB for entry to kernel for non-SMEP platform
    - x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm
    - x86/kvm: Set IBPB when switching VM
    - x86/kvm: Toggle IBRS on VM entry and exit
    - x86/kvm: Pad RSB on VM transition
    - x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature
    - x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb control
    - x86/syscall: Clear unused extra registers on syscall entrance
    - x86/syscall: Clear unused extra registers on 32-bit compatible syscall
      entrance
    - x86/entry: Use retpoline for syscall's indirect calls
    - x86/cpu/AMD: Add speculative control support for AMD
    - x86/microcode: Extend post microcode reload to support IBPB feature
    - KVM: SVM: Do not intercept new speculative control MSRs
    - x86/svm: Set IBRS value on VM entry and exit
    - x86/svm: Set IBPB when running a different VCPU
    - KVM: x86: Add speculative control CPUID support for guests
    - x86/svm: Add code to clobber the RSB on VM exit
    - x86/svm: Add code to clear registers on VM exit
    - x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature
    - powerpc: add gmb barrier
    - s390/spinlock: add gmb memory barrier
    - x86/microcode/AMD: Add support for fam17h microcode loading
  * CVE-2017-5715
    - locking/barriers: introduce new memory barrier gmb()
    - bpf: prevent speculative execution in eBPF interpreter
    - x86, bpf, jit: prevent speculative execution when JIT is enabled
    - uvcvideo: prevent speculative execution
    - carl9170: prevent speculative execution
    - p54: prevent speculative execution
    - qla2xxx: prevent speculative execution
    - cw1200: prevent speculative execution
    - Thermal/int340x: prevent speculative execution
    - userns: prevent speculative execution
    - ipv6: prevent speculative execution
    - fs: prevent speculative execution
    - net: mpls: prevent speculative execution
    - udf: prevent speculative execution
    - x86/feature: Enable the x86 feature to control Speculation
    - x86/feature: Report presence of IBPB and IBRS control
    - x86/enter: MACROS to set/clear IBRS and set IBPB
    - x86/enter: Use IBRS on syscall and interrupts
    - x86/idle: Disable IBRS entering idle and enable it on wakeup
    - x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup
    - x86/mm: Set IBPB upon context switch
    - x86/mm: Only set IBPB when the new thread cannot ptrace current thread
    - x86/entry: Stuff RSB for entry to kernel for non-SMEP platform
    - x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm
    - x86/kvm: Set IBPB when switching VM
    - x86/kvm: Toggle IBRS on VM entry and exit
    - x86/kvm: Pad RSB on VM transition
    - x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature
    - x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb control
    - x86/syscall: Clear unused extra registers on syscall entrance
    - x86/syscall: Clear unused extra registers on 32-bit compatible syscall
      entrance
    - x86/entry: Use retpoline for syscall's indirect calls
    - x86/cpu/AMD: Add speculative control support for AMD
    - x86/microcode: Extend post microcode reload to support IBPB feature
    - KVM: SVM: Do not intercept new speculative control MSRs
    - x86/svm: Set IBRS value on VM entry and exit
    - x86/svm: Set IBPB when running a different VCPU
    - KVM: x86: Add speculative control CPUID support for guests
    - x86/svm: Add code to clobber the RSB on VM exit
    - x86/svm: Add code to clear registers on VM exit
    - x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature
    - powerpc: add gmb barrier
    - s390/spinlock: add gmb memory barrier
    - x86/microcode/AMD: Add support for fam17h microcode loading
  * CVE-2017-5754
    - x86/pti: Enable PTI by default
    - x86/pti: Make sure the user/kernel PTEs match
    - x86/dumpstack: Fix partial register dumps
    - x86/dumpstack: Print registers for first stack frame
    - x86/process: Define cpu_tss_rw in same section as declaration
    - x

Source diff to previous version
1742772 powerpc: flush L1D on return to use
1742771 s390: add ppa to kernel entry/exit
CVE-2017-5754 Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an at
CVE-2017-5753 Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker wi
CVE-2017-5715 Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an at

Version: 4.13.0-1005.7 2018-01-09 20:07:01 UTC

  linux-azure (4.13.0-1005.7) xenial; urgency=low

  * linux-azure: 4.13.0-1005.7 -proposed tracker (LP: #1741957)

  * CVE-2017-5754
    - Revert "UBUNTU: [Config] azure: updateconfigs to enable PTI"
    - [Config] azure: Enable PTI with UNWINDER_FRAME_POINTER

  [ Ubuntu: 4.13.0-25.29 ]

  * linux: 4.13.0-25.29 -proposed tracker (LP: #1741955)
  * CVE-2017-5754
    - Revert "UBUNTU: [Config] updateconfigs to enable PTI"
    - [Config] Enable PTI with UNWINDER_FRAME_POINTER

CVE-2017-5754 Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an at



About   -   Send Feedback to @ubuntu_updates