UbuntuUpdates.org

Latest Changelogs for all releases

All releases Bionic Disco Eoan Precise Trusty Xenial
Include all PPAs Exclude daily builds PPAs Exclude all PPAs
Include levels: securityupdatesproposedbackportsbase

Note: Only updates for "head" packages where the changelog is available are shown on this page (view all).

linux-meta 01-27 20:06 UTC
Release: eoan Repo: main Level: updates New version: 5.3.0.29.33
Packages in group:  linux-source

  linux-meta (5.3.0.29.33) eoan; urgency=medium

  * Bump ABI 5.3.0-29


linux 01-27 20:06 UTC
Release: eoan Repo: main Level: updates New version: 5.3.0-29.31
Packages in group:  linux-cloud-tools-common linux-doc linux-headers-5.3.0-19 linux-headers-5.3.0-22 linux-headers-5.3.0-23 linux-headers-5.3.0-24 linux-headers-5.3.0-26 linux-headers-5.3.0-29 linux-libc-dev linux-source-5.3.0 linux-tools-common (... see all)

  linux (5.3.0-29.31) eoan; urgency=medium

  * eoan/linux: 5.3.0-29.31 -proposed tracker (LP: #1860119)

  * Integrate Intel SGX driver into linux-azure (LP: #1844245)
    - [Packaging] Add systemd service to load intel_sgx


linux-aws 01-27 20:06 UTC
Release: eoan Repo: main Level: updates New version: 5.3.0-1010.11
Packages in group:  linux-aws-headers-5.3.0-1004 linux-aws-headers-5.3.0-1007 linux-aws-headers-5.3.0-1008 linux-aws-headers-5.3.0-1009 linux-aws-headers-5.3.0-1010

  linux-aws (5.3.0-1010.11) eoan; urgency=medium

  * eoan/linux-aws: 5.3.0-1010.11 -proposed tracker (LP: #1859817)

  * Update EFA driver to 1.5.0 (LP: #1850195)
    - SAUCE: Port EFA 1.4.0
    - SAUCE: linux/efa: Fix incorrect error print
    - SAUCE: linux/efa: Fix ‘err’ may be used uninitialized in this function
      warning
    - SAUCE: linux/efa: Add support for CentOS 7.7
    - SAUCE: linux/efa: Clear the admin command buffer prior to its submission
    - SAUCE: linux/efa: Bump driver version to 1.4.1
    - SAUCE: linux/efa: Store network attributes in device attributes
    - SAUCE: linux/efa: Support remote read access in MR registration
    - SAUCE: linux/efa: Expose RDMA read related attributes
    - SAUCE: linux/efa: Add ib_uverbs as a soft dependency
    - SAUCE: linux/efa: Use the ib_port_phys_state enum values
    - SAUCE: linux/efa: Backport missing driver id
    - SAUCE: linux/efa: Check sscanf return value
    - SAUCE: linux/efa: SuSE 15.1 support
    - SAUCE: linux/efa: Bump driver version to 1.5.0

  [ Ubuntu: 5.3.0-28.30 ]

  * eoan/linux: 5.3.0-28.30 -proposed tracker (LP: #1859694)
  * CVE-2019-14615
    - drm/i915/gen9: Clear residual context state on context switch
  * PAN is broken for execute-only user mappings on ARMv8 (LP: #1858815)
    - arm64: Revert support for execute-only user mappings
  * Miscellaneous Ubuntu changes
    - update dkms package versions

  [ Ubuntu: 5.3.0-27.29 ]

  * eoan/linux: 5.3.0-27.29 -proposed tracker (LP: #1858943)
  * [Regression] usb usb2-port2: Cannot enable. Maybe the USB cable is bad?
    (LP: #1856608)
    - SAUCE: Revert "usb: handle warm-reset port requests on hub resume"

  [ Ubuntu: 5.3.0-26.28 ]

  * eoan/linux: 5.3.0-26.28 -proposed tracker (LP: #1856807)
  * nvidia-435 is in eoan, linux-restricted-modules only builds against 430,
    ubiquity gives me the self-signed modules experience instead of using the
    Canonical-signed modules (LP: #1856407)
    - Add nvidia-435 dkms build

 -- Khalid Elmously <email address hidden> Thu, 16 Jan 2020 01:37:39 -0500

CVE-2019-14615 Insufficient control flow in certain data structures for some Intel(R) ...
1856407 nvidia-435 is in eoan, linux-restricted-modules only builds against 430, ubiquity gives me the self-signed modules experience instead of using the Ca
1856608 [Regression] usb usb2-port2: Cannot enable. Maybe the USB cable is bad?
1858815 PAN is broken for execute-only user mappings on ARMv8
1850195 Update EFA driver to 1.5.0


linux 01-27 20:06 UTC
Release: bionic Repo: main Level: updates New version: 4.15.0-76.86
Packages in group:  linux-buildinfo-4.15.0-43-generic linux-buildinfo-4.15.0-43-lowlatency linux-buildinfo-4.15.0-44-generic linux-buildinfo-4.15.0-44-lowlatency linux-buildinfo-4.15.0-45-generic linux-buildinfo-4.15.0-45-lowlatency linux-buildinfo-4.15.0-46-generic linux-buildinfo-4.15.0-46-lowlatency linux-buildinfo-4.15.0-47-generic linux-buildinfo-4.15.0-47-lowlatency linux-buildinfo-4.15.0-48-generic (... see all)

  linux (4.15.0-76.86) bionic; urgency=medium

  * bionic/linux: 4.15.0-76.86 -proposed tracker (LP: #1860123)

  * Integrate Intel SGX driver into linux-azure (LP: #1844245)
    - [Packaging] Add systemd service to load intel_sgx

  * [Regression] Bionic kernel 4.15.0-71.80 can not boot on ThunderX
    (LP: #1853326) // Bionic kernel panic on Cavium ThunderX CN88XX
    (LP: #1853485) // Cavium ThunderX CN88XX crashes on boot (LP: #1857074)
    - arm64: Check for errata before evaluating cpu features
    - arm64: add sentinel to kpti_safe_list

1857074 Cavium ThunderX CN88XX crashes on boot
1853485 Bionic kernel panic on Cavium ThunderX CN88XX
1853326 [Regression] Bionic kernel 4.15.0-71.80 can not boot on ThunderX

qemu 01-27 17:06 UTC
Release: eoan Repo: universe Level: proposed New version: 1:4.0+dfsg-0ubuntu9.3
Packages in group:  qemu-guest-agent qemu-system qemu-system-mips qemu-system-misc qemu-system-sparc qemu-user qemu-user-binfmt qemu-user-static

  qemu (1:4.0+dfsg-0ubuntu9.3) eoan; urgency=medium

  * d/p/lp1859527-virtio-blk-fix-out-of-bounds-access-to-bitmap-in-not.patch:
    fix bitmap index to prevent OOB access when # of vqs > 64 (LP: #1859527)

 -- Dan Streetman <email address hidden> Wed, 22 Jan 2020 08:50:56 -0500

1859527 vring_get_region_caches: Assertion `caches != NULL' failed.

mysql-8.0 01-27 17:06 UTC
Release: eoan Repo: universe Level: updates New version: 8.0.19-0ubuntu0.19.10.3
Packages in group:  mysql-router mysql-source-8.0 mysql-testsuite mysql-testsuite-8.0

  mysql-8.0 (8.0.19-0ubuntu0.19.10.3) eoan-security; urgency=medium

  * SECURITY UPDATE: Update to 8.0.19 to fix security issues
    - CVE-2020-2570, CVE-2020-2572, CVE-2020-2573, CVE-2020-2574,
      CVE-2020-2577, CVE-2020-2579, CVE-2020-2584, CVE-2020-2588,
      CVE-2020-2589, CVE-2020-2627, CVE-2020-2660, CVE-2020-2679,
      CVE-2020-2686, CVE-2020-2694
  * Removed patches no longer required:
    - debian/patches/fix-test-mysql_os_user.patch
  * debian/patches/year2020.patch: fixed FTBFS by changing future date to
    2037.
  * debian/mysql-server-8.0.install: remove errmsg-utf8.txt.
  * debian/mysql-testsuite-8.0.install: add new comp_err,
    messages_to_clients.txt, messages_to_error_log.txt,
    component_test_udf_services.so files.
  * debian/mysql-testsuite-8.0.links: add link for mysqld_safe to fix
    autopkgtests.

 -- Marc Deslauriers <email address hidden> Mon, 20 Jan 2020 13:07:23 -0500

CVE-2020-2694 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 8.0.18 an
CVE-2020-2686 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.18 and prior.
CVE-2020-2679 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.18 and prior.
CVE-2020-2660 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.7.28 and prior a
CVE-2020-2627 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Supported versions that are affected are 8.0.18 and prior. Eas
More...

qemu 01-27 17:06 UTC
Release: eoan Repo: main Level: proposed New version: 1:4.0+dfsg-0ubuntu9.3
Packages in group:  qemu-block-extra qemu-kvm qemu-system-arm qemu-system-common qemu-system-data qemu-system-gui qemu-system-ppc qemu-system-s390x qemu-system-x86 qemu-utils

  qemu (1:4.0+dfsg-0ubuntu9.3) eoan; urgency=medium

  * d/p/lp1859527-virtio-blk-fix-out-of-bounds-access-to-bitmap-in-not.patch:
    fix bitmap index to prevent OOB access when # of vqs > 64 (LP: #1859527)

 -- Dan Streetman <email address hidden> Wed, 22 Jan 2020 08:50:56 -0500

1859527 vring_get_region_caches: Assertion `caches != NULL' failed.

mysql-8.0 01-27 17:06 UTC
Release: eoan Repo: main Level: updates New version: 8.0.19-0ubuntu0.19.10.3
Packages in group:  libmysqlclient21 libmysqlclient-dev mysql-client mysql-client-8.0 mysql-client-core-8.0 mysql-server mysql-server-8.0 mysql-server-core-8.0

  mysql-8.0 (8.0.19-0ubuntu0.19.10.3) eoan-security; urgency=medium

  * SECURITY UPDATE: Update to 8.0.19 to fix security issues
    - CVE-2020-2570, CVE-2020-2572, CVE-2020-2573, CVE-2020-2574,
      CVE-2020-2577, CVE-2020-2579, CVE-2020-2584, CVE-2020-2588,
      CVE-2020-2589, CVE-2020-2627, CVE-2020-2660, CVE-2020-2679,
      CVE-2020-2686, CVE-2020-2694
  * Removed patches no longer required:
    - debian/patches/fix-test-mysql_os_user.patch
  * debian/patches/year2020.patch: fixed FTBFS by changing future date to
    2037.
  * debian/mysql-server-8.0.install: remove errmsg-utf8.txt.
  * debian/mysql-testsuite-8.0.install: add new comp_err,
    messages_to_clients.txt, messages_to_error_log.txt,
    component_test_udf_services.so files.
  * debian/mysql-testsuite-8.0.links: add link for mysqld_safe to fix
    autopkgtests.

 -- Marc Deslauriers <email address hidden> Mon, 20 Jan 2020 13:07:23 -0500

CVE-2020-2694 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 8.0.18 an
CVE-2020-2686 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.18 and prior.
CVE-2020-2679 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.18 and prior.
CVE-2020-2660 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.7.28 and prior a
CVE-2020-2627 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Supported versions that are affected are 8.0.18 and prior. Eas
More...

qemu 01-27 17:06 UTC
Release: bionic Repo: universe Level: proposed New version: 1:2.11+dfsg-1ubuntu7.22
Packages in group:  qemu-guest-agent qemu-system qemu-system-mips qemu-system-misc qemu-system-sparc qemu-user qemu-user-binfmt qemu-user-static

  qemu (1:2.11+dfsg-1ubuntu7.22) bionic; urgency=medium

  * d/p/lp1859527-virtio-blk-fix-out-of-bounds-access-to-bitmap-in-not.patch:
    fix bitmap index to prevent OOB access when # of vqs > 64 (LP: #1859527)

 -- Dan Streetman <email address hidden> Wed, 22 Jan 2020 08:55:45 -0500

1859527 vring_get_region_caches: Assertion `caches != NULL' failed.

mysql-5.7 01-27 17:06 UTC
Release: bionic Repo: universe Level: updates New version: 5.7.29-0ubuntu0.18.04.1
Packages in group:  mysql-source-5.7 mysql-testsuite mysql-testsuite-5.7

  mysql-5.7 (5.7.29-0ubuntu0.18.04.1) bionic-security; urgency=medium

  * SECURITY UPDATE: Update to 5.7.29 to fix security issues
    - CVE-2020-2570, CVE-2020-2572, CVE-2020-2573, CVE-2020-2574,
      CVE-2020-2577, CVE-2020-2579, CVE-2020-2584, CVE-2020-2589,
      CVE-2020-2660
  * debian/control: added libssl-dev Depends to libmysqlclient-dev. Since
    the previous update switched to building with OpenSSL, some packages
    were failing to build because of the missing dependency.
  * debian/patches/year2020.patch: fixed FTBFS by changing future date to
    2037.

 -- Marc Deslauriers <email address hidden> Tue, 21 Jan 2020 09:10:07 -0500

CVE-2020-2660 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.7.28 and prior a
CVE-2020-2589 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.28 and prior and 8.0.17 a
CVE-2020-2584 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). Supported versions that are affected are 5.7.28 and prior and
CVE-2020-2579 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.46 and prior,
CVE-2020-2577 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.28 and prior and 8.0.18 a
More...

qemu 01-27 17:06 UTC
Release: bionic Repo: main Level: proposed New version: 1:2.11+dfsg-1ubuntu7.22
Packages in group:  qemu-block-extra qemu-kvm qemu-system-arm qemu-system-common qemu-system-ppc qemu-system-s390x qemu-system-x86 qemu-utils

  qemu (1:2.11+dfsg-1ubuntu7.22) bionic; urgency=medium

  * d/p/lp1859527-virtio-blk-fix-out-of-bounds-access-to-bitmap-in-not.patch:
    fix bitmap index to prevent OOB access when # of vqs > 64 (LP: #1859527)

 -- Dan Streetman <email address hidden> Wed, 22 Jan 2020 08:55:45 -0500

1859527 vring_get_region_caches: Assertion `caches != NULL' failed.

tcpdump 01-27 17:06 UTC
Release: bionic Repo: main Level: updates New version: 4.9.3-0ubuntu0.18.04.1
Packages in group: 

  tcpdump (4.9.3-0ubuntu0.18.04.1) bionic-security; urgency=medium

  * SECURITY UPDATE: Updated to 4.9.3 to fix multiple security issues
    - debian/patches/disable-tests.diff: disable tests that require newer
      libpcap.
    - CVE-2017-16808, CVE-2018-10103, CVE-2018-10105, CVE-2018-14461,
      CVE-2018-14462, CVE-2018-14463, CVE-2018-14464, CVE-2018-14465,
      CVE-2018-14466, CVE-2018-14467, CVE-2018-14468, CVE-2018-14469,
      CVE-2018-14470, CVE-2018-14879, CVE-2018-14880, CVE-2018-14881,
      CVE-2018-14882, CVE-2018-16227, CVE-2018-16228, CVE-2018-16229,
      CVE-2018-16230, CVE-2018-16300, CVE-2018-16451, CVE-2018-16452,
      CVE-2018-19519, CVE-2019-1010220, CVE-2019-15166, CVE-2019-15167

 -- Marc Deslauriers <email address hidden> Fri, 24 Jan 2020 07:57:54 -0500

CVE-2019-15167 RESERVED
CVE-2019-15166 lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.
CVE-2019-1010220 tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer Over-read. The impact is: May expose Saved Frame Pointer, Return Address etc. on stack. The
CVE-2018-19519 In tcpdump 4.9.2, a stack-based buffer over-read exists in the print_prefix function of print-hncp.c via crafted packet data because of missing initi
CVE-2018-16452 The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion.
More...

mysql-5.7 01-27 17:06 UTC
Release: bionic Repo: main Level: updates New version: 5.7.29-0ubuntu0.18.04.1
Packages in group:  libmysqlclient20 libmysqlclient-dev libmysqld-dev mysql-client mysql-client-5.7 mysql-client-core-5.7 mysql-server mysql-server-5.7 mysql-server-core-5.7

  mysql-5.7 (5.7.29-0ubuntu0.18.04.1) bionic-security; urgency=medium

  * SECURITY UPDATE: Update to 5.7.29 to fix security issues
    - CVE-2020-2570, CVE-2020-2572, CVE-2020-2573, CVE-2020-2574,
      CVE-2020-2577, CVE-2020-2579, CVE-2020-2584, CVE-2020-2589,
      CVE-2020-2660
  * debian/control: added libssl-dev Depends to libmysqlclient-dev. Since
    the previous update switched to building with OpenSSL, some packages
    were failing to build because of the missing dependency.
  * debian/patches/year2020.patch: fixed FTBFS by changing future date to
    2037.

 -- Marc Deslauriers <email address hidden> Tue, 21 Jan 2020 09:10:07 -0500

CVE-2020-2660 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.7.28 and prior a
CVE-2020-2589 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.28 and prior and 8.0.17 a
CVE-2020-2584 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). Supported versions that are affected are 5.7.28 and prior and
CVE-2020-2579 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.46 and prior,
CVE-2020-2577 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.28 and prior and 8.0.18 a
More...

tomcat8 01-27 17:06 UTC
Release: xenial Repo: universe Level: updates New version: 8.0.32-1ubuntu1.11
Packages in group:  tomcat8-user

  tomcat8 (8.0.32-1ubuntu1.11) xenial-security; urgency=medium

  * SECURITY UPDATE: JMX interface authentication bypass
    - debian/patches/CVE-2019-12418.patch: refactor JMX remote RMI registry
      creation in JmxRemoteLifecycleListener.java.
    - CVE-2019-12418
  * SECURITY UPDATE: session fixation attack in FORM authentication
    - debian/patches/CVE-2019-17563.patch: refactor so Principal is never
      cached in session with cache==false in
      java/org/apache/catalina/authenticator/AuthenticatorBase.java,
      java/org/apache/catalina/authenticator/Constants.java,
      java/org/apache/catalina/authenticator/FormAuthenticator.java.
    - CVE-2019-17563

 -- Marc Deslauriers <email address hidden> Fri, 24 Jan 2020 11:24:30 -0500

CVE-2019-17563 When using FORM authentication with Apache Tomcat 9.0.0.M1 to 9.0.29, 8.5.0 to 8.5.49 and 7.0.0 to 7.0.98 there was a narrow window where an attacker
CVE-2019-12418 When Apache Tomcat 9.0.0.M1 to 9.0.28, 8.5.0 to 8.5.47, 7.0.0 and 7.0.97 is configured with the JMX Remote Lifecycle Listener, a local attacker witho



About   -   Send Feedback to @ubuntu_updates