This bug was fixed in the package linux-lts-trusty - 3.13.0-92.139~precise1
--------------- linux-lts-trusty (3.13.0-92.139~precise1) precise; urgency=low
[ Kamal Mostafa ]
* Release Tracking Bug - LP: #1597106
[ Josh Boyer ]
* SAUCE: UEFI: acpi: Ignore acpi_rsdp kernel parameter when module loading is restricted - LP: #1566221 * SAUCE: UEFI: efi: Make EFI_SECURE_BOOT_SIG_ENFORCE depend on EFI - LP: #1566221 * SAUCE: UEFI MODSIGN: Import certificates from UEFI Secure Boot - LP: #1566221, #1571691 * SAUCE: UEFI: efi: Disable secure boot if shim is in insecure mode - LP: #1566221, #1571691
[ Matthew Garrett ]
* SAUCE: UEFI: Add secure_modules() call - LP: #1566221 * SAUCE: UEFI: PCI: Lock down BAR access when module security is enabled - LP: #1566221 * SAUCE: UEFI: x86: Lock down IO port access when module security is enabled - LP: #1566221 * SAUCE: UEFI: ACPI: Limit access to custom_method - LP: #1566221 * SAUCE: UEFI: asus-wmi: Restrict debugfs interface when module loading is restricted - LP: #1566221 * SAUCE: UEFI: Restrict /dev/mem and /dev/kmem when module loading is restricted - LP: #1566221 * SAUCE: UEFI: kexec: Disable at runtime if the kernel enforces module loading restrictions - LP: #1566221 * SAUCE: UEFI: x86: Restrict MSR access when module loading is restricted - LP: #1566221 * SAUCE: UEFI: Add option to automatically enforce module signatures when in Secure Boot mode - LP: #1566221
[ Stefan Bader ]
* [Config] Add pm80xx scsi driver to d-i - LP: #1595628
[ Tim Gardner ]
* [Config] CONFIG_EFI_SECURE_BOOT_SIG_ENFORCE=y * SAUCE: UEFI: Display MOKSBState when disabled - LP: #1566221, #1571691 * SAUCE: UEFI: Add secure boot and MOK SB State disabled sysctl - LP: #1593075 * SAUCE: UEFI: Set EFI_SECURE_BOOT bit in x86_efi_facility - LP: #1593075 * [Config] CONFIG_EFI=n for arm64 - LP: #1566221
[ Upstream Kernel Changes ]
* powerpc/tm: Abort syscalls in active transactions - LP: #1572624 * HID: core: prevent out-of-bound readings - LP: #1579190 * efi: Add separate 32-bit/64-bit definitions - LP: #1566221 * x86/efi: Build our own EFI services pointer table - LP: #1566221 * mm: migrate dirty page without clear_page_dirty_for_io etc - LP: #1581865 - CVE-2016-3070 * oom_kill: change oom_kill.c to use for_each_thread() - LP: #1592429 * oom_kill: has_intersects_mems_allowed() needs rcu_read_lock() - LP: #1592429 * oom_kill: add rcu_read_lock() into find_lock_task_mm() - LP: #1592429 * virtio_balloon: return the amount of freed memory from leak_balloon() - LP: #1587089 * virtio_balloon: free some memory from balloon on OOM - LP: #1587089 * virtio_ballon: change stub of release_pages_by_pfn - LP: #1587089 * virtio_balloon: do not change memory amount visible via /proc/meminfo - LP: #1587089
-- Kamal Mostafa <email address hidden> Tue, 28 Jun 2016 12:40:49 -0700
This bug was fixed in the package linux-lts-trusty - 3.13.0- 92.139~ precise1
--------------- 92.139~ precise1) precise; urgency=low
linux-lts-trusty (3.13.0-
[ Kamal Mostafa ]
* Release Tracking Bug
- LP: #1597106
[ Josh Boyer ]
* SAUCE: UEFI: acpi: Ignore acpi_rsdp kernel parameter when module BOOT_SIG_ ENFORCE depend on EFI
loading is restricted
- LP: #1566221
* SAUCE: UEFI: efi: Make EFI_SECURE_
- LP: #1566221
* SAUCE: UEFI MODSIGN: Import certificates from UEFI Secure Boot
- LP: #1566221, #1571691
* SAUCE: UEFI: efi: Disable secure boot if shim is in insecure mode
- LP: #1566221, #1571691
[ Matthew Garrett ]
* SAUCE: UEFI: Add secure_modules() call
- LP: #1566221
* SAUCE: UEFI: PCI: Lock down BAR access when module security is enabled
- LP: #1566221
* SAUCE: UEFI: x86: Lock down IO port access when module security is
enabled
- LP: #1566221
* SAUCE: UEFI: ACPI: Limit access to custom_method
- LP: #1566221
* SAUCE: UEFI: asus-wmi: Restrict debugfs interface when module loading
is restricted
- LP: #1566221
* SAUCE: UEFI: Restrict /dev/mem and /dev/kmem when module loading is
restricted
- LP: #1566221
* SAUCE: UEFI: kexec: Disable at runtime if the kernel enforces module
loading restrictions
- LP: #1566221
* SAUCE: UEFI: x86: Restrict MSR access when module loading is restricted
- LP: #1566221
* SAUCE: UEFI: Add option to automatically enforce module signatures when
in Secure Boot mode
- LP: #1566221
[ Stefan Bader ]
* [Config] Add pm80xx scsi driver to d-i
- LP: #1595628
[ Tim Gardner ]
* [Config] CONFIG_ EFI_SECURE_ BOOT_SIG_ ENFORCE= y
* SAUCE: UEFI: Display MOKSBState when disabled
- LP: #1566221, #1571691
* SAUCE: UEFI: Add secure boot and MOK SB State disabled sysctl
- LP: #1593075
* SAUCE: UEFI: Set EFI_SECURE_BOOT bit in x86_efi_facility
- LP: #1593075
* [Config] CONFIG_EFI=n for arm64
- LP: #1566221
[ Upstream Kernel Changes ]
* powerpc/tm: Abort syscalls in active transactions dirty_for_ io etc mems_allowed( ) needs rcu_read_lock() pages_by_ pfn
- LP: #1572624
* HID: core: prevent out-of-bound readings
- LP: #1579190
* efi: Add separate 32-bit/64-bit definitions
- LP: #1566221
* x86/efi: Build our own EFI services pointer table
- LP: #1566221
* mm: migrate dirty page without clear_page_
- LP: #1581865
- CVE-2016-3070
* oom_kill: change oom_kill.c to use for_each_thread()
- LP: #1592429
* oom_kill: has_intersects_
- LP: #1592429
* oom_kill: add rcu_read_lock() into find_lock_task_mm()
- LP: #1592429
* virtio_balloon: return the amount of freed memory from leak_balloon()
- LP: #1587089
* virtio_balloon: free some memory from balloon on OOM
- LP: #1587089
* virtio_ballon: change stub of release_
- LP: #1587089
* virtio_balloon: do not change memory amount visible via /proc/meminfo
- LP: #1587089
-- Kamal Mostafa <email address hidden> Tue, 28 Jun 2016 12:40:49 -0700