Bug #1820075 “[Packaging] Improve config annotations check on cu...” : Bionic (18.04) : Bugs : linux-oracle package : Ubuntu

Marcelo Cerri (mhcerri) on 2019-03-14

no longer affects:

linux (Ubuntu)

Kleber Sacilotto de Souza (kleber-souza) on 2019-03-14

Changed in linux-gcp (Ubuntu Cosmic):
status:	New → Fix Committed

Revision history for this message

Launchpad Janitor (janitor) wrote on 2019-04-02:

#1

Download full text (5.5 KiB)

This bug was fixed in the package linux-gcp - 4.18.0-1008.9

---------------
linux-gcp (4.18.0-1008.9) cosmic; urgency=medium

* linux-gcp: 4.18.0-1008.9 -proposed tracker (LP: #1819620)

  * [Packaging] Improve config annotations check on custom kernels
    (LP: #1820075)
    - [Config] linux-gcp: Replace annotations symlink with overlay
    - [Config] linux-gcp: Include master annotations to linux-gcp annotations
    - [Config] linux-gcp: Update annotations file

  * tcm_loop.ko: move from modules-extra into main modules-gcp package
    (LP: #1817786)
    - [Packaging] move tcm_loop.lo to main linux-modules-gcp package

[ Ubuntu: 4.18.0-17.18 ]

  * linux: 4.18.0-17.18 -proposed tracker (LP: #1819624)
  * Packaging resync (LP: #1786013)
    - [Packaging] resync getabis
    - [Packaging] update helper scripts
  * C++ demangling support missing from perf (LP: #1396654)
    - [Packaging] fix a mistype
  * arm-smmu-v3 arm-smmu-v3.3.auto: CMD_SYNC timeout (LP: #1818162)
    - iommu/arm-smmu-v3: Fix unexpected CMD_SYNC timeout
  * Crash in nvme_irq_check() when using threaded interrupts (LP: #1818747)
    - nvme-pci: fix out of bounds access in nvme_cqe_pending
  * CVE-2019-9003
    - ipmi: fix use-after-free of user->release_barrier.rda
  * CVE-2019-9162
    - netfilter: nf_nat_snmp_basic: add missing length checks in ASN.1 cbs
  * CVE-2019-9213
    - mm: enforce min addr even if capable() in expand_downwards()
  * CVE-2019-3460
    - Bluetooth: Check L2CAP option sizes returned from l2cap_get_conf_opt
  * tun/tap: unable to manage carrier state from userland (LP: #1806392)
    - tun: implement carrier change
  * CVE-2019-8980
    - exec: Fix mem leak in kernel_read_file
  * [Packaging] Allow overlay of config annotations (LP: #1752072)
    - [Packaging] config-check: Add an include directive
  * amdgpu with mst WARNING on blanking (LP: #1814308)
    - drm/amd/display: Fix MST dp_blank REG_WAIT timeout
  * CVE-2019-7308
    - bpf: move {prev_,}insn_idx into verifier env
    - bpf: move tmp variable into ax register in interpreter
    - bpf: enable access to ax register also from verifier rewrite
    - bpf: restrict map value pointer arithmetic for unprivileged
    - bpf: restrict stack pointer arithmetic for unprivileged
    - bpf: restrict unknown scalars of mixed signed bounds for unprivileged
    - bpf: fix check_map_access smin_value test when pointer contains offset
    - bpf: prevent out of bounds speculation on pointer arithmetic
    - bpf: fix sanitation of alu op with pointer / scalar type from different
      paths
    - bpf: add various test cases to test_verifier
    - bpf: add various test cases to selftests
  * CVE-2017-5753
    - bpf: fix inner map masking to prevent oob under speculation
  * Use memblock quirk instead of delayed allocation for GICv3 LPI tables
    (LP: #1816425)
    - efi/arm: Revert "Defer persistent reservations until after paging_init()"
    - arm64, mm, efi: Account for GICv3 LPI tables in static memblock reserve
      table
  * efi/arm/arm64: Allow SetVirtualAddressMap() to be omitted (LP: #1814982)
    - efi/arm/arm64: Allow SetVirtualAddressMap() to be omitted
  * Update ENA driver to version 2.0.3K (L...

This bug was fixed in the package linux-gcp - 4.18.0-1008.9

---------------
linux-gcp (4.18.0-1008.9) cosmic; urgency=medium

* linux-gcp: 4.18.0-1008.9 -proposed tracker (LP: #1819620)

* [Packaging] Improve config annotations check on custom kernels
    (LP: #1820075)
    - [Config] linux-gcp: Replace annotations symlink with overlay
    - [Config] linux-gcp: Include master annotations to linux-gcp annotations
    - [Config] linux-gcp: Update annotations file

* tcm_loop.ko: move from modules-extra into main modules-gcp package
    (LP: #1817786)
    - [Packaging] move tcm_loop.lo to main linux-modules-gcp package

[ Ubuntu: 4.18.0-17.18 ]

* linux: 4.18.0-17.18 -proposed tracker (LP: #1819624)
  * Packaging resync (LP: #1786013)
    - [Packaging] resync getabis
    - [Packaging] update helper scripts
  * C++ demangling support missing from perf (LP: #1396654)
    - [Packaging] fix a mistype
  * arm-smmu-v3 arm-smmu-v3.3.auto: CMD_SYNC timeout (LP: #1818162)
    - iommu/arm-smmu-v3: Fix unexpected CMD_SYNC timeout
  * Crash in nvme_irq_check() when using threaded interrupts (LP: #1818747)
    - nvme-pci: fix out of bounds access in nvme_cqe_pending
  * CVE-2019-9003
    - ipmi: fix use-after-free of user->release_barrier.rda
  * CVE-2019-9162
    - netfilter: nf_nat_snmp_basic: add missing length checks in ASN.1 cbs
  * CVE-2019-9213
    - mm: enforce min addr even if capable() in expand_downwards()
  * CVE-2019-3460
    - Bluetooth: Check L2CAP option sizes returned from l2cap_get_conf_opt
  * tun/tap: unable to manage carrier state from userland (LP: #1806392)
    - tun: implement carrier change
  * CVE-2019-8980
    - exec: Fix mem leak in kernel_read_file
  * [Packaging] Allow overlay of config annotations (LP: #1752072)
    - [Packaging] config-check: Add an include directive
  * amdgpu with mst WARNING on blanking (LP: #1814308)
    - drm/amd/display: Fix MST dp_blank REG_WAIT timeout
  * CVE-2019-7308
    - bpf: move {prev_,}insn_idx into verifier env
    - bpf: move tmp variable into ax register in interpreter
    - bpf: enable access to ax register also from verifier rewrite
    - bpf: restrict map value pointer arithmetic for unprivileged
    - bpf: restrict stack pointer arithmetic for unprivileged
    - bpf: restrict unknown scalars of mixed signed bounds for unprivileged
    - bpf: fix check_map_access smin_value test when pointer contains offset
    - bpf: prevent out of bounds speculation on pointer arithmetic
    - bpf: fix sanitation of alu op with pointer / scalar type from different
      paths
    - bpf: add various test cases to test_verifier
    - bpf: add various test cases to selftests
  * CVE-2017-5753
    - bpf: fix inner map masking to prevent oob under speculation
  * Use memblock quirk instead of delayed allocation for GICv3 LPI tables
    (LP: #1816425)
    - efi/arm: Revert "Defer persistent reservations until after paging_init()"
    - arm64, mm, efi: Account for GICv3 LPI tables in static memblock reserve
      table
  * efi/arm/arm64: Allow SetVirtualAddressMap() to be omitted (LP: #1814982)
    - efi/arm/arm64: Allow SetVirtualAddressMap() to be omitted
  * Update ENA driver to version 2.0.3K (LP: #1816806)
    - net: ena: update driver version from 2.0.2 to 2.0.3
    - net: ena: fix race between link up and device initalization
    - net: ena: fix crash during failed resume from hibernation
  * Silent "Unknown key" message when pressing keyboard backlight hotkey
    (LP: #1817063)
    - platform/x86: dell-wmi: Ignore new keyboard backlight change event
  * CVE-2018-19824
    - ALSA: usb-audio: Fix UAF decrement if card has no live interfaces in card.c
  * CVE-2019-3459
    - Bluetooth: Verify that l2cap_get_conf_opt provides large enough buffer
  * CONFIG_TEST_BPF is disabled (LP: #1813955)
    - [Config]: Reenable TEST_BPF
  * installer does not support iSCSI iBFT (LP: #1817321)
    - d-i: add iscsi_ibft to scsi-modules
  * CVE-2019-7222
    - KVM: x86: work around leak of uninitialized stack contents (CVE-2019-7222)
  * CVE-2019-7221
    - KVM: nVMX: unconditionally cancel preemption timer in free_nested
      (CVE-2019-7221)
  * CVE-2019-6974
    - kvm: fix kvm_ioctl_create_device() reference counting (CVE-2019-6974)
  * hns3 nic speed may not match optical port speed (LP: #1817969)
    - net: hns3: Config NIC port speed same as that of optical module
  * [Hyper-V] srcu: Lock srcu_data structure in srcu_gp_start() (LP: #1802021)
    - srcu: Lock srcu_data structure in srcu_gp_start()
  * libsas disks can have non-unique by-path names (LP: #1817784)
    - scsi: libsas: Fix rphy phy_identifier for PHYs with end devices attached
  * Bluetooth not working (Intel CyclonePeak) (LP: #1817518)
    - Bluetooth: btusb: Add support for Intel bluetooth device 8087:0029
  * CVE-2019-8912
    - net: crypto set sk to NULL when af_alg_release.
    - net: socket: set sock->sk to NULL after calling proto_ops::release()
  * 4.18.0 thinkpad_acpi : thresholds for BAT1 not writable (LP: #1812099)
    - platform/x86: thinkpad_acpi: Fix multi-battery bug
  * [ALSA] [PATCH] System76 darp5 and oryp5 fixups (LP: #1815831)
    - ALSA: hda/realtek - Headset microphone support for System76 darp5
    - ALSA: hda/realtek - Headset microphone and internal speaker support for
      System76 oryp5
  * CVE-2019-8956
    - sctp: walk the list of asoc safely
  * Constant noise in the headphone on Lenovo X1 machines (LP: #1817263)
    - ALSA: hda/realtek: Disable PC beep in passthrough on alc285

-- Kleber Sacilotto de Souza <kleber.souza@canonical.com>  Thu, 14 Mar 2019 17:05:02 +0100

Changed in linux-gcp (Ubuntu Cosmic):
status:	Fix Committed → Fix Released

Revision history for this message

Marcelo Cerri (mhcerri) wrote on 2019-05-30:

#2

linux-azure: https://lists.ubuntu.com/archives/kernel-team/2019-May/101009.html

Changed in linux-azure (Ubuntu Bionic):
assignee:	nobody → Marcelo Cerri (mhcerri)
Changed in linux-azure (Ubuntu Cosmic):
assignee:	nobody → Marcelo Cerri (mhcerri)
Changed in linux-azure (Ubuntu Disco):
assignee:	nobody → Marcelo Cerri (mhcerri)
Changed in linux-gcp (Ubuntu Cosmic):
assignee:	nobody → Marcelo Cerri (mhcerri)
Changed in linux-gcp (Ubuntu Bionic):
assignee:	nobody → Marcelo Cerri (mhcerri)
Changed in linux-gcp (Ubuntu Disco):
assignee:	nobody → Marcelo Cerri (mhcerri)
Changed in linux-azure (Ubuntu Bionic):
status:	New → In Progress
Changed in linux-azure (Ubuntu Cosmic):
status:	New → In Progress
Changed in linux-azure (Ubuntu Disco):
status:	New → In Progress

Marcelo Cerri (mhcerri) on 2019-05-31

Changed in linux-azure (Ubuntu Xenial):
status:	New → In Progress
Changed in linux-azure (Ubuntu Bionic):
status:	In Progress → Invalid
Changed in linux-azure (Ubuntu Xenial):
assignee:	nobody → Marcelo Cerri (mhcerri)

Marcelo Cerri (mhcerri) on 2019-06-10

Changed in linux-azure (Ubuntu Xenial):
status:	In Progress → Fix Committed
Changed in linux-azure (Ubuntu Cosmic):
status:	In Progress → Fix Committed
Changed in linux-azure (Ubuntu Disco):
status:	In Progress → Fix Committed

Revision history for this message

Launchpad Janitor (janitor) wrote on 2019-06-25:

#3

This bug was fixed in the package linux-azure - 4.15.0-1049.54

---------------
linux-azure (4.15.0-1049.54) xenial; urgency=medium

* linux-azure: 4.15.0-1049.54 -proposed tracker (LP: #1834091)

  * Upstream Commits Needed for DPDK on Azure (LP: #1812123)
    - uio: document uio_hv_generic regions
    - uio_hv_generic: create send and receive buffers
    - uio_hv_generic: add rescind support
    - uio_hv_generic: support sub-channels
    - uio_hv_generic: fix subchannel ring mmap
    - uio_hv_generic: use standard mmap for resources
    - vmbus: keep pointer to ring buffer page
    - uio: introduce UIO_MEM_IOVA
    - hv_uio_generic: map ringbuffer phys addr
    - uio_hv_generic: use ISR callback method
    - uio_hv_generic: use correct channel in isr
    - uio_hv_generic: make ring buffer attribute for primary channel
    - uio_hv_generic: defer opening vmbus until first use
    - uio_hv_generic: set callbacks on open
    - vmbus: pass channel to hv_process_channel_removal
    - vmbus: split ring buffer allocation from open
    - vmbus: fix subchannel removal

* Enable eBPF JIT in the linux-azure kernels (LP: #1827916)
- [Config] linux-azure: CONFIG_MLX{4,5}_INFINIBAND=m

  * [linux-azure] Please Include Mainline Commit ebaf39e6032f in the 16.04 and
    18.04 linux-azure kernels (LP: #1830266)
    - ipv4: ipv6: netfilter: Adjust the frag mem limit when truesize changes

  * [linux-azure] Commits Requested in 16.04 for the Azure Kernel (LP: #1830242)
    - blk-mq: remove the request_list usage
    - nvme-pci: remove cq check after submission
    - nvme-pci: split the nvme queue lock into submission and completion locks

  * [Packaging] Improve config annotations check on custom kernels
    (LP: #1820075)
    - [Config] linux-azure: Include custom annotations files

[ Ubuntu: 4.15.0-54.58 ]

  * linux: 4.15.0-54.58 -proposed tracker (LP: #1833987)
  * Remote denial of service (resource exhaustion) caused by TCP SACK scoreboard
    manipulation (LP: #1831638) // CVE-2019-11478
    - tcp: refine memory limit test in tcp_fragment()
  * CVE-2019-11479
    - SAUCE: tcp: add tcp_min_snd_mss sysctl
    - SAUCE: tcp: enforce tcp_min_snd_mss in tcp_mtu_probing()

-- Marcelo Henrique Cerri <email address hidden> Mon, 24 Jun 2019 17:44:20 -0300

This bug was fixed in the package linux-azure - 4.15.0-1049.54

---------------
linux-azure (4.15.0-1049.54) xenial; urgency=medium

* linux-azure: 4.15.0-1049.54 -proposed tracker (LP: #1834091)

* Upstream Commits Needed for DPDK on Azure (LP: #1812123)
    - uio: document uio_hv_generic regions
    - uio_hv_generic: create send and receive buffers
    - uio_hv_generic: add rescind support
    - uio_hv_generic: support sub-channels
    - uio_hv_generic: fix subchannel ring mmap
    - uio_hv_generic: use standard mmap for resources
    - vmbus: keep pointer to ring buffer page
    - uio: introduce UIO_MEM_IOVA
    - hv_uio_generic: map ringbuffer phys addr
    - uio_hv_generic: use ISR callback method
    - uio_hv_generic: use correct channel in isr
    - uio_hv_generic: make ring buffer attribute for primary channel
    - uio_hv_generic: defer opening vmbus until first use
    - uio_hv_generic: set callbacks on open
    - vmbus: pass channel to hv_process_channel_removal
    - vmbus: split ring buffer allocation from open
    - vmbus: fix subchannel removal

* Enable eBPF JIT in the linux-azure kernels (LP: #1827916)
    - [Config] linux-azure: CONFIG_MLX{4,5}_INFINIBAND=m

* [linux-azure] Please Include Mainline Commit ebaf39e6032f  in the 16.04 and
    18.04 linux-azure kernels (LP: #1830266)
    - ipv4: ipv6: netfilter: Adjust the frag mem limit when truesize changes

* [linux-azure] Commits Requested in 16.04 for the Azure Kernel (LP: #1830242)
    - blk-mq: remove the request_list usage
    - nvme-pci: remove cq check after submission
    - nvme-pci: split the nvme queue lock into submission and completion locks

* [Packaging] Improve config annotations check on custom kernels
    (LP: #1820075)
    - [Config] linux-azure: Include custom annotations files

[ Ubuntu: 4.15.0-54.58 ]

* linux: 4.15.0-54.58 -proposed tracker (LP: #1833987)
  * Remote denial of service (resource exhaustion) caused by TCP SACK scoreboard
    manipulation (LP: #1831638) // CVE-2019-11478
    - tcp: refine memory limit test in tcp_fragment()
  * CVE-2019-11479
    - SAUCE: tcp: add tcp_min_snd_mss sysctl
    - SAUCE: tcp: enforce tcp_min_snd_mss in tcp_mtu_probing()

-- Marcelo Henrique Cerri <marcelo.cerri@canonical.com>  Mon, 24 Jun 2019 17:44:20 -0300

Changed in linux-azure (Ubuntu Xenial):
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2019-06-26:

#4

This bug was fixed in the package linux-azure - 5.0.0-1010.10

---------------
linux-azure (5.0.0-1010.10) disco; urgency=medium

* linux-azure: 5.0.0-1010.10 -proposed tracker (LP: #1833924)

* Enable eBPF JIT in the linux-azure kernels (LP: #1827916)
- [Config] linux-azure: CONFIG_MLX{4,5}_INFINIBAND=m

  * linux-azure: Add the Catapult FPGA Driver (LP: #1824879)
    - SAUCE: linux-azure: Include Catapult FPGA PCI driver
    - [Config] linux-azure: CONFIG_CATAPULT_PCI=m

  * [Packaging] Improve config annotations check on custom kernels
    (LP: #1820075)
    - [Config] linux-azure: Include custom annotations files

[ Ubuntu: 5.0.0-20.21 ]

  * linux: 5.0.0-20.21 -proposed tracker (LP: #1833934)
  * CVE-2019-11479
    - SAUCE: tcp: add tcp_min_snd_mss sysctl
    - SAUCE: tcp: enforce tcp_min_snd_mss in tcp_mtu_probing()
  * Remote denial of service (resource exhaustion) caused by TCP SACK scoreboard
    manipulation (LP: #1831638) // CVE-2019-11478
    - tcp: refine memory limit test in tcp_fragment()

[ Ubuntu: 5.0.0-19.20 ]

* CVE-2019-12817
- SAUCE: powerpc/mm/64s/hash: Reallocate context ids on fork

-- Marcelo Henrique Cerri <email address hidden> Tue, 25 Jun 2019 10:36:47 -0300

Changed in linux-azure (Ubuntu Disco):
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2019-06-26:

#5

This bug was fixed in the package linux-azure - 4.18.0-1023.24

---------------
linux-azure (4.18.0-1023.24) cosmic; urgency=medium

* linux-azure: 4.18.0-1023.24 -proposed tracker (LP: #1833946)

  * [linux-azure] XDP generic fixes (LP: #1831254)
    - netvsc: unshare skb in VF rx handler
    - net: convert rps_needed and rfs_needed to new static
    - net: core: support XDP generic on stacked devices.

* Enable eBPF JIT in the linux-azure kernels (LP: #1827916)
- [Config] linux-azure: CONFIG_MLX{4,5}_INFINIBAND=m

  * Azure: Backport vIOMMU driver (increase vCPU limits) (LP: #1826447)
    - PCI: hv: Replace hv_vp_set with hv_vpset
    - PCI: hv: Refactor hv_irq_unmask() to use cpumask_to_vpset()
    - x86/Hyper-V: Set x2apic destination mode to physical when x2apic is
      available
    - iommu/hyper-v: Add Hyper-V stub IOMMU driver
    - [Config] linux-azure: CONFIG_HYPERV_IOMMU=y

  * [linux-azure] Please Include Mainline Commit ebaf39e6032f in the 16.04 and
    18.04 linux-azure kernels (LP: #1830266)
    - ipv4: ipv6: netfilter: Adjust the frag mem limit when truesize changes

  * [Packaging] Improve config annotations check on custom kernels
    (LP: #1820075)
    - [Config] linux-azure: Include custom annotations files

[ Ubuntu: 4.18.0-25.26 ]

  * linux: 4.18.0-25.26 -proposed tracker (LP: #1833952)
  * CVE-2019-11479
    - SAUCE: tcp: add tcp_min_snd_mss sysctl
    - SAUCE: tcp: enforce tcp_min_snd_mss in tcp_mtu_probing()
  * Remote denial of service (resource exhaustion) caused by TCP SACK scoreboard
    manipulation (LP: #1831638) // CVE-2019-11478
    - tcp: refine memory limit test in tcp_fragment()

[ Ubuntu: 4.18.0-24.25 ]

* CVE-2019-12817
- SAUCE: powerpc/mm/64s/hash: Reallocate context ids on fork

-- Stefan Bader <email address hidden> Tue, 25 Jun 2019 12:46:06 +0200

Changed in linux-azure (Ubuntu Cosmic):
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2019-06-26:

#6

This bug was fixed in the package linux-azure - 4.18.0-1023.24~18.04.1

---------------
linux-azure (4.18.0-1023.24~18.04.1) bionic; urgency=medium

* linux-azure: 4.18.0-1023.24~18.04.1 -proposed tracker (LP: #1833945)

[ Ubuntu: 4.18.0-1023.24 ]

  * linux-azure: 4.18.0-1023.24 -proposed tracker (LP: #1833946)
  * [linux-azure] XDP generic fixes (LP: #1831254)
    - netvsc: unshare skb in VF rx handler
    - net: convert rps_needed and rfs_needed to new static
    - net: core: support XDP generic on stacked devices.
  * Enable eBPF JIT in the linux-azure kernels (LP: #1827916)
    - [Config] linux-azure: CONFIG_MLX{4,5}_INFINIBAND=m
  * Azure: Backport vIOMMU driver (increase vCPU limits) (LP: #1826447)
    - PCI: hv: Replace hv_vp_set with hv_vpset
    - PCI: hv: Refactor hv_irq_unmask() to use cpumask_to_vpset()
    - x86/Hyper-V: Set x2apic destination mode to physical when x2apic is
      available
    - iommu/hyper-v: Add Hyper-V stub IOMMU driver
    - [Config] linux-azure: CONFIG_HYPERV_IOMMU=y
  * [linux-azure] Please Include Mainline Commit ebaf39e6032f in the 16.04 and
    18.04 linux-azure kernels (LP: #1830266)
    - ipv4: ipv6: netfilter: Adjust the frag mem limit when truesize changes
  * [Packaging] Improve config annotations check on custom kernels
    (LP: #1820075)
    - [Config] linux-azure: Include custom annotations files
  * linux: 4.18.0-25.26 -proposed tracker (LP: #1833952)
  * CVE-2019-11479
    - SAUCE: tcp: add tcp_min_snd_mss sysctl
    - SAUCE: tcp: enforce tcp_min_snd_mss in tcp_mtu_probing()
  * Remote denial of service (resource exhaustion) caused by TCP SACK scoreboard
    manipulation (LP: #1831638) // CVE-2019-11478
    - tcp: refine memory limit test in tcp_fragment()
  * CVE-2019-12817
    - SAUCE: powerpc/mm/64s/hash: Reallocate context ids on fork

-- Marcelo Henrique Cerri <email address hidden> Tue, 25 Jun 2019 11:42:46 -0300

Changed in linux-azure (Ubuntu Bionic):
status:	Invalid → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2019-07-02:

#7

This bug was fixed in the package linux-azure - 5.0.0-1010.10

---------------
linux-azure (5.0.0-1010.10) disco; urgency=medium

* linux-azure: 5.0.0-1010.10 -proposed tracker (LP: #1833924)

* Enable eBPF JIT in the linux-azure kernels (LP: #1827916)
- [Config] linux-azure: CONFIG_MLX{4,5}_INFINIBAND=m

  * linux-azure: Add the Catapult FPGA Driver (LP: #1824879)
    - SAUCE: linux-azure: Include Catapult FPGA PCI driver
    - [Config] linux-azure: CONFIG_CATAPULT_PCI=m

  * [Packaging] Improve config annotations check on custom kernels
    (LP: #1820075)
    - [Config] linux-azure: Include custom annotations files

[ Ubuntu: 5.0.0-20.21 ]

  * linux: 5.0.0-20.21 -proposed tracker (LP: #1833934)
  * CVE-2019-11479
    - SAUCE: tcp: add tcp_min_snd_mss sysctl
    - SAUCE: tcp: enforce tcp_min_snd_mss in tcp_mtu_probing()
  * Remote denial of service (resource exhaustion) caused by TCP SACK scoreboard
    manipulation (LP: #1831638) // CVE-2019-11478
    - tcp: refine memory limit test in tcp_fragment()

[ Ubuntu: 5.0.0-19.20 ]

* CVE-2019-12817
- SAUCE: powerpc/mm/64s/hash: Reallocate context ids on fork

-- Marcelo Henrique Cerri <email address hidden> Tue, 25 Jun 2019 10:36:47 -0300

Changed in linux-azure (Ubuntu):
status:	New → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2019-10-09:

#8

This bug was fixed in the package linux-gcp - 5.0.0-1020.20~18.04.1

---------------
linux-gcp (5.0.0-1020.20~18.04.1) bionic; urgency=medium

* bionic/linux-gcp: 5.0.0-1020.20~18.04.1 -proposed tracker (LP: #1846012)

[ Ubuntu: 5.0.0-1020.20 ]

  * disco/linux-gcp: 5.0.0-1020.20 -proposed tracker (LP: #1846015)
  * disco/linux: 5.0.0-31.33 -proposed tracker (LP: #1846026)
  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts
  * /proc/self/maps paths missing on live session (was vlc won't start; eoan
    19.10 & bionic 18.04 ubuntu/lubuntu/kubuntu/xubuntu/ubuntu-mate dailies)
    (LP: #1842382)
    - SAUCE: Revert "UBUNTU: SAUCE: shiftfs: enable overlayfs on shiftfs"

-- Khalid Elmously <email address hidden> Fri, 04 Oct 2019 04:26:12 -0400

Changed in linux-gcp (Ubuntu Bionic):
status:	New → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2019-10-10:

#9

This bug was fixed in the package linux-oracle - 5.0.0-1004.8

---------------
linux-oracle (5.0.0-1004.8) disco; urgency=medium

* disco/linux-oracle: 5.0.0-1004.8 -proposed tracker (LP: #1846019)

* 5.0-based linux-oracle kernels can't run ADT (LP: #1845434)
- [config] CONFIG_VIRTIO=y

[ Ubuntu: 5.0.0-31.33 ]

  * disco/linux: 5.0.0-31.33 -proposed tracker (LP: #1846026)
  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts
  * /proc/self/maps paths missing on live session (was vlc won't start; eoan
    19.10 & bionic 18.04 ubuntu/lubuntu/kubuntu/xubuntu/ubuntu-mate dailies)
    (LP: #1842382)
    - SAUCE: Revert "UBUNTU: SAUCE: shiftfs: enable overlayfs on shiftfs"

-- Khalid Elmously <email address hidden> Mon, 30 Sep 2019 20:23:48 -0400

Changed in linux-oracle (Ubuntu Disco):
status:	New → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2019-10-15:

#10

Download full text (5.7 KiB)

This bug was fixed in the package linux-oracle - 5.3.0-1002.2

---------------
linux-oracle (5.3.0-1002.2) eoan; urgency=medium

* eoan/linux-oracle: 5.3.0-1002.2 -proposed tracker (LP: #1847295)

* Miscellaneous Ubuntu changes
- update dkms package versions

[ Ubuntu: 5.3.0-18.19 ]

  * eoan/linux: 5.3.0-18.19 -proposed tracker (LP: #1847298)
  * Enable the Dragonboards out of Eoan/master arm64 kernel (LP: #1846704)
    - [Packaging] arm64: snapdragon: introduce a snapdragon flavour
    - [Packaging] arm64: snapdragon: switch kernel format to Image
    - [Config] arm64: snapdragon: CONFIG_PINCTRL_MSM8916=y
    - [Config] arm64: snapdragon: CONFIG_PINCTRL_MSM8994=y
    - [Config] arm64: snapdragon: CONFIG_PINCTRL_MSM8996=y
    - [Config] arm64: snapdragon: CONFIG_PINCTRL_MSM8998=y
    - [Config] arm64: snapdragon: CONFIG_REGULATOR_QCOM_RPMH=y
    - [Config] arm64: snapdragon: CONFIG_QCOM_BAM_DMA=y
    - [Config] arm64: snapdragon: CONFIG_QCOM_HIDMA_MGMT=y
    - [Config] arm64: snapdragon: CONFIG_QCOM_HIDMA=y
    - [Config] arm64: snapdragon: CONFIG_COMMON_CLK_QCOM=y
    - [Config] arm64: snapdragon: CONFIG_QCOM_CLK_RPMH=y
    - [Config] arm64: snapdragon: CONFIG_MSM_GCC_8916=y
    - [Config] arm64: snapdragon: CONFIG_MSM_GCC_8994=y
    - [Config] arm64: snapdragon: CONFIG_MSM_MMCC_8996=y
    - [Config] arm64: snapdragon: CONFIG_MSM_GCC_8998=y
    - [Config] arm64: snapdragon: CONFIG_HWSPINLOCK_QCOM=y
    - [Config] arm64: snapdragon: CONFIG_QCOM_APCS_IPC=y
    - [Config] arm64: snapdragon: CONFIG_RPMSG_QCOM_GLINK_RPM=y
    - [Config] arm64: snapdragon: CONFIG_QCOM_GENI_SE=y
    - [Config] arm64: snapdragon: CONFIG_QCOM_SMEM=y
    - [Config] arm64: snapdragon: CONFIG_QCOM_SMD_RPM=y
    - [Config] arm64: snapdragon: CONFIG_QCOM_SMP2P=y
    - [Config] arm64: snapdragon: CONFIG_QCOM_SMSM=y
    - [Config] arm64: snapdragon: CONFIG_QCOM_QFPROM=y
    - [Config] arm64: snapdragon: CONFIG_SERIAL_QCOM_GENI=y
    - [Config] arm64: snapdragon: CONFIG_QCOM_TSENS=y
    - [Config] arm64: snapdragon: CONFIG_REGULATOR_QCOM_SMD_RPM=y
    - [Config] arm64: snapdragon: CONFIG_QCOM_CLK_SMD_RPM=y
    - [Config] arm64: snapdragon: CONFIG_RPMSG_QCOM_SMD=y
    - [Config] arm64: snapdragon: CONFIG_MFD_QCOM_RPM=y
    - [Config] arm64: snapdragon: CONFIG_SCSI_UFSHCD=y
    - [Config] arm64: snapdragon: CONFIG_SCSI_UFSHCD_PLATFORM=y
    - [Config] arm64: snapdragon: CONFIG_SCSI_UFS_HISI=y
    - [Config] arm64: snapdragon: CONFIG_MMC_SDHCI=y
    - [Config] arm64: snapdragon: CONFIG_MMC_SDHCI_PLTFM=y
    - [Config] arm64: snapdragon: CONFIG_MMC_SDHCI_MSM=y
    - [Config] arm64: snapdragon: CONFIG_REGULATOR_QCOM_SPMI=y
    - [Config] arm64: snapdragon: CONFIG_PINCTRL_QCOM_SPMI_PMIC=y
    - [Config] arm64: snapdragon: CONFIG_PHY_QCOM_USB_HS=y
    - [Config] arm64: snapdragon: CONFIG_PHY_QCOM_QMP=y
    - [Config] arm64: snapdragon: CONFIG_PHY_QCOM_UFS=y
    - [Config] arm64: snapdragon: CONFIG_PHY_QCOM_USB_HSIC=y
    - [Config] arm64: snapdragon: CONFIG_USB_CHIPIDEA_OF=y
    - [Config] arm64: snapdragon: CONFIG_USB_EHCI_HCD_PLATFORM=y
    - [Config] arm64: snapdragon: CONFIG_EXTCON_USB_GPIO=y
    - [Config] arm64: snapdragon: CONFIG_REGULATOR_FIXED_VOLTAGE=y
    - [C...

Ubuntu
linux-oracle package

[Packaging] Improve config annotations check on custom kernels

Bug Description

CVE References

Other bug subscribers

Remote bug watches

	Status	Importance	Assigned to
linux-azure (Ubuntu)	Fix Released	Undecided	Unassigned
Xenial	Fix Released	Undecided	Marcelo Cerri
Bionic	Fix Released	Undecided	Marcelo Cerri
Cosmic	Fix Released	Undecided	Marcelo Cerri
Disco	Fix Released	Undecided	Marcelo Cerri
linux-gcp (Ubuntu)	New	Undecided	Unassigned
Xenial	New	Undecided	Unassigned
Bionic	Fix Released	Undecided	Marcelo Cerri
Cosmic	Fix Released	Undecided	Marcelo Cerri
Disco	Won't Fix	Undecided	Marcelo Cerri
linux-oracle (Ubuntu)	Fix Released	Undecided	Unassigned
Xenial	New	Undecided	Unassigned
Bionic	New	Undecided	Unassigned
Cosmic	New	Undecided	Unassigned
Disco	Fix Released	Undecided	Unassigned

Changed in linux-oracle (Ubuntu):
status:	New → Fix Released

Changed in linux-gcp (Ubuntu Disco):
status:	New → Won't Fix

Ubuntulinux-oracle package

[Packaging] Improve config annotations check on custom kernels

Bug Description

CVE References

Other bug subscribers

Remote bug watches

Ubuntu
linux-oracle package