This bug was fixed in the package linux - 4.18.0-17.18
---------------
linux (4.18.0-17.18) cosmic; urgency=medium
* linux: 4.18.0-17.18 -proposed tracker (LP: #1819624)
* Packaging resync (LP: #1786013)
- [Packaging] resync getabis
- [Packaging] update helper scripts
* C++ demangling support missing from perf (LP: #1396654)
- [Packaging] fix a mistype
* arm-smmu-v3 arm-smmu-v3.3.auto: CMD_SYNC timeout (LP: #1818162)
- iommu/arm-smmu-v3: Fix unexpected CMD_SYNC timeout
* Crash in nvme_irq_check() when using threaded interrupts (LP: #1818747)
- nvme-pci: fix out of bounds access in nvme_cqe_pending
* CVE-2019-9003
- ipmi: fix use-after-free of user->release_barrier.rda
* CVE-2019-9162
- netfilter: nf_nat_snmp_basic: add missing length checks in ASN.1 cbs
* CVE-2019-9213
- mm: enforce min addr even if capable() in expand_downwards()
* CVE-2019-3460
- Bluetooth: Check L2CAP option sizes returned from l2cap_get_conf_opt
* tun/tap: unable to manage carrier state from userland (LP: #1806392)
- tun: implement carrier change
* CVE-2019-8980
- exec: Fix mem leak in kernel_read_file
* [Packaging] Allow overlay of config annotations (LP: #1752072)
- [Packaging] config-check: Add an include directive
* amdgpu with mst WARNING on blanking (LP: #1814308)
- drm/amd/display: Fix MST dp_blank REG_WAIT timeout
* CVE-2019-7308
- bpf: move {prev_,}insn_idx into verifier env
- bpf: move tmp variable into ax register in interpreter
- bpf: enable access to ax register also from verifier rewrite
- bpf: restrict map value pointer arithmetic for unprivileged
- bpf: restrict stack pointer arithmetic for unprivileged
- bpf: restrict unknown scalars of mixed signed bounds for unprivileged
- bpf: fix check_map_access smin_value test when pointer contains offset
- bpf: prevent out of bounds speculation on pointer arithmetic
- bpf: fix sanitation of alu op with pointer / scalar type from different
paths
- bpf: add various test cases to test_verifier
- bpf: add various test cases to selftests
* CVE-2017-5753
- bpf: fix inner map masking to prevent oob under speculation
* Use memblock quirk instead of delayed allocation for GICv3 LPI tables
(LP: #1816425)
- efi/arm: Revert "Defer persistent reservations until after paging_init()"
- arm64, mm, efi: Account for GICv3 LPI tables in static memblock reserve
table
* efi/arm/arm64: Allow SetVirtualAddressMap() to be omitted (LP: #1814982)
- efi/arm/arm64: Allow SetVirtualAddressMap() to be omitted
* Update ENA driver to version 2.0.3K (LP: #1816806)
- net: ena: update driver version from 2.0.2 to 2.0.3
- net: ena: fix race between link up and device initalization
- net: ena: fix crash during failed resume from hibernation
* Silent "Unknown key" message when pressing keyboard backlight hotkey
(LP: #1817063)
- platform/x86: dell-wmi: Ignore new keyboard backlight change event
* CVE-2018-19824
- ALSA: usb-audio: Fix UAF decrement if card has no live interfaces in
card.c
* CVE-2019-3459
- Bluetooth: Verify that l2cap_get_conf_opt provides large enough buffer
* CONFIG_TEST_BPF is disabled (LP: #1813955)
- [Config]: Reenable TEST_BPF
* installer does not support iSCSI iBFT (LP: #1817321)
- d-i: add iscsi_ibft to scsi-modules
* CVE-2019-7222
- KVM: x86: work around leak of uninitialized stack contents (CVE-2019-7222)
* CVE-2019-7221
- KVM: nVMX: unconditionally cancel preemption timer in free_nested
(CVE-2019-7221)
* CVE-2019-6974
- kvm: fix kvm_ioctl_create_device() reference counting (CVE-2019-6974)
* hns3 nic speed may not match optical port speed (LP: #1817969)
- net: hns3: Config NIC port speed same as that of optical module
* [Hyper-V] srcu: Lock srcu_data structure in srcu_gp_start() (LP: #1802021)
- srcu: Lock srcu_data structure in srcu_gp_start()
* libsas disks can have non-unique by-path names (LP: #1817784)
- scsi: libsas: Fix rphy phy_identifier for PHYs with end devices attached
* Bluetooth not working (Intel CyclonePeak) (LP: #1817518)
- Bluetooth: btusb: Add support for Intel bluetooth device 8087:0029
* CVE-2019-8912
- net: crypto set sk to NULL when af_alg_release.
- net: socket: set sock->sk to NULL after calling proto_ops::release()
* 4.18.0 thinkpad_acpi : thresholds for BAT1 not writable (LP: #1812099)
- platform/x86: thinkpad_acpi: Fix multi-battery bug
* [ALSA] [PATCH] System76 darp5 and oryp5 fixups (LP: #1815831)
- ALSA: hda/realtek - Headset microphone support for System76 darp5
- ALSA: hda/realtek - Headset microphone and internal speaker support for
System76 oryp5
* CVE-2019-8956
- sctp: walk the list of asoc safely
* Constant noise in the headphone on Lenovo X1 machines (LP: #1817263)
- ALSA: hda/realtek: Disable PC beep in passthrough on alc285
-- Kleber Sacilotto de Souza <kleber.so...@canonical.com> Wed, 13 Mar
2019 12:52:13 +0100
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-gcp in Ubuntu.
https://bugs.launchpad.net/bugs/1752072
Title:
[Packaging] Allow overlay of config annotations
Status in linux package in Ubuntu:
Fix Released
Status in linux-gcp package in Ubuntu:
Fix Released
Status in linux source package in Xenial:
Fix Released
Status in linux source package in Bionic:
Fix Released
Status in linux-gcp source package in Bionic:
Fix Released
Status in linux source package in Cosmic:
Fix Released
Status in linux-gcp source package in Cosmic:
Fix Released
Bug description:
Currently for custom kernels, it's necessary to keep a separate
annotations file that often gets out of sync with the corresponding
file in debian.master/.
The "debian/scripts/config-check" script can be changed to allow
additional annotations files to act as overlays over the original
annotations file, allowing custom kernels to override the policies
just for the relevant configs.
As an initial proposal, any file matching the pattern
"$DEBIAN/config/*.annotations" could be considered as an overlay file
and policies could be overridden on a config basis. That means that
any mention to a config in the overlay file would discard all the
policies for that config in the original file.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1752072/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
