[Canonical-hw-cert] [Bug 2075763] Re: focal/linux-bluefield: 5.4.0-1091.98 -proposed tracker

Wed, 21 Aug 2024 01:03:28 -0700 

This bug was fixed in the package linux-bluefield - 5.4.0-1091.98

---------------
linux-bluefield (5.4.0-1091.98) focal; urgency=medium

  * focal/linux-bluefield: 5.4.0-1091.98 -proposed tracker (LP:
#2075763)

  [ Ubuntu: 5.4.0-193.213 ]

  * focal/linux: 5.4.0-193.213 -proposed tracker (LP: #2075804)
  * CVE-2024-26921
    - skbuff: introduce skb_expand_head()
    - skb_expand_head() adjust skb->truesize incorrectly
    - inet: inet_defrag: prevent sk release while still in use
  * CVE-2024-26929
    - scsi: qla2xxx: Fix double free of fcport
  * CVE-2024-39484
    - mmc: davinci: Don't strip remove function when driver is builtin
  * CVE-2024-36901
    - ipv6: prevent NULL dereference in ip6_output()
  * CVE-2024-26830
    - i40e: Refactoring VF MAC filters counting to make more reliable
    - i40e: Fix MAC address setting for a VF via Host/VM
    - i40e: Do not allow untrusted VF to remove administratively set MAC
  * CVE-2024-24860
    - Bluetooth: Fix atomicity violation in {min, max}_key_size_set
  * CVE-2023-52760
    - gfs2: Fix slab-use-after-free in gfs2_qd_dealloc
  * CVE-2024-2201
    - [Config] Set SPECTRE_BHI_ON=y
  * CVE-2023-52629
    - sh: push-switch: Reorder cleanup operations to avoid use-after-free bug
  * CVE-2021-46926
    - ALSA: hda: intel-sdw-acpi: harden detection of controller

 -- Bartlomiej Zolnierkiewicz <[email protected]>
Wed, 07 Aug 2024 11:44:41 +0200

** Changed in: linux-bluefield (Ubuntu Focal)
       Status: New => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-46926

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-52629

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-52760

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-2201

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-24860

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-26830

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-26921

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-26929

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-36901

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-39484

-- 
You received this bug notification because you are a member of hardware-
certification-users, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2075763

Title:
  focal/linux-bluefield: 5.4.0-1091.98 -proposed tracker

Status in canonical-signing-jobs task00 series:
  Fix Released
Status in Kernel SRU Workflow:
  In Progress
Status in Kernel SRU Workflow abi-testing series:
  Fix Released
Status in Kernel SRU Workflow automated-testing series:
  Invalid
Status in Kernel SRU Workflow boot-testing series:
  Invalid
Status in Kernel SRU Workflow certification-testing series:
  Invalid
Status in Kernel SRU Workflow new-review series:
  Fix Released
Status in Kernel SRU Workflow prepare-package series:
  Fix Released
Status in Kernel SRU Workflow prepare-package-generate series:
  Fix Released
Status in Kernel SRU Workflow prepare-package-meta series:
  Fix Released
Status in Kernel SRU Workflow prepare-package-signed series:
  Fix Released
Status in Kernel SRU Workflow promote-signing-to-proposed series:
  Invalid
Status in Kernel SRU Workflow promote-to-proposed series:
  Fix Released
Status in Kernel SRU Workflow promote-to-security series:
  New
Status in Kernel SRU Workflow promote-to-updates series:
  In Progress
Status in Kernel SRU Workflow regression-testing series:
  Invalid
Status in Kernel SRU Workflow security-signoff series:
  Fix Released
Status in Kernel SRU Workflow sru-review series:
  Fix Released
Status in Kernel SRU Workflow stakeholder-signoff series:
  Fix Released
Status in Kernel SRU Workflow verification-testing series:
  Fix Released
Status in linux-bluefield source package in Focal:
  Fix Released

Bug description:
  This bug will contain status and test results related to a kernel
  source (or snap) as stated in the title.

  For an explanation of the tasks and the associated workflow see:
    https://wiki.ubuntu.com/Kernel/kernel-sru-workflow

  -- swm properties --
  built:
    from: d2daabf0f8f96899
    route-entry: 2
  comments:
    abi-testing: 1
  delta:
    promote-to-proposed: [main, meta, signed, generate]
    promote-to-updates: [main, meta, signed]
  flag:
    bugs-spammed: true
    proposed-announcement-sent: true
    stream-from-cycle: true
  issue: KSRU-13476
  kernel-stable-master-bug: 2075804
  packages:
    generate: linux-generate-bluefield
    main: linux-bluefield
    meta: linux-meta-bluefield
    signed: linux-signed-bluefield
  phase: Promote to Updates
  phase-changed: Wednesday, 21. August 2024 07:51 UTC
  reason:
    promote-to-updates: Ongoing -- packages not yet published
  synthetic:
    :promote-to-as-proposed: Invalid
  variant: debs
  versions:
    main: 5.4.0-1091.98
    meta: 5.4.0.1091.87
    signed: 5.4.0-1091.98
  ~~:
    announce:
      swm-transition-crankable: 2024-08-07 08:24:54.817929
    clamps:
      new-review: d2daabf0f8f96899
      promote-to-proposed: d2daabf0f8f96899
      self: 5.4.0-1091.98
      sru-review: d2daabf0f8f96899
    tracker:
      last-message: '2024-08-21 07:50:34.569037+00:00'

To manage notifications about this bug go to:
https://bugs.launchpad.net/canonical-signing-jobs/task00/+bug/2075763/+subscriptions


-- 
Mailing list: https://launchpad.net/~canonical-hw-cert
Post to     : [email protected]
Unsubscribe : https://launchpad.net/~canonical-hw-cert
More help   : https://help.launchpad.net/ListHelp

Reply via email to