[Group.of.nepali.translators] [Bug 1764762] Re: Xenial update to 4.4.124 stable release
This bug was fixed in the package linux - 4.4.0-127.153 --- linux (4.4.0-127.153) xenial; urgency=medium * CVE-2018-3639 (powerpc) - powerpc/pseries: Support firmware disable of RFI flush - powerpc/powernv: Support firmware disable of RFI flush - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code - powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again - powerpc/rfi-flush: Always enable fallback flush on pseries - powerpc/rfi-flush: Differentiate enabled and patched flush types - powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags - powerpc: Add security feature flags for Spectre/Meltdown - powerpc/pseries: Set or clear security feature flags - powerpc/powernv: Set or clear security feature flags - powerpc/64s: Move cpu_show_meltdown() - powerpc/64s: Enhance the information in cpu_show_meltdown() - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() - powerpc/64s: Wire up cpu_show_spectre_v1() - powerpc/64s: Wire up cpu_show_spectre_v2() - powerpc/pseries: Fix clearing of security feature flags - powerpc: Move default security feature flags - powerpc/pseries: Restore default security feature flags on setup - SAUCE: powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit * CVE-2018-3639 (x86) - SAUCE: Clean up IBPB and IBRS control functions and macros - SAUCE: Fix up IBPB and IBRS kernel parameters documentation - SAUCE: Remove #define X86_FEATURE_PTI - x86/cpufeature: Move some of the scattered feature bits to x86_capability - x86/cpufeature: Cleanup get_cpu_cap() - x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6 - x86/cpufeatures: Add CPUID_7_EDX CPUID leaf - x86/cpufeatures: Add Intel feature bits for Speculation Control - SAUCE: x86/kvm: Expose SPEC_CTRL from the leaf - x86/cpufeatures: Add AMD feature bits for Speculation Control - x86/msr: Add definitions for new speculation control MSRs - SAUCE: x86/msr: Rename MSR spec control feature bits - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown - x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 microcodes - x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support - x86/speculation: Add dependency - x86/cpufeatures: Clean up Spectre v2 related CPUID flags - x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel - SAUCE: x86/speculation: Move vendor specific IBRS/IBPB control code - SAUCE: x86: Add alternative_msr_write - SAUCE: x86/nospec: Simplify alternative_msr_write() - SAUCE: x86/bugs: Concentrate bug detection into a separate function - SAUCE: x86/bugs: Concentrate bug reporting into a separate function - arch: Introduce post-init read-only memory - SAUCE: x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - SAUCE: x86/bugs, KVM: Support the combination of guest and host IBRS - SAUCE: x86/bugs: Expose /sys/../spec_store_bypass - SAUCE: x86/cpufeatures: Add X86_FEATURE_RDS - SAUCE: x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - SAUCE: x86/bugs/intel: Set proper CPU features and setup RDS - SAUCE: x86/bugs: Whitelist allowed SPEC_CTRL MSR values - SAUCE: x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - SAUCE: x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - SAUCE: x86/speculation: Create spec-ctrl.h to avoid include hell - SAUCE: prctl: Add speculation control prctls - x86/process: Optimize TIF checks in __switch_to_xtra() - SAUCE: x86/process: Allow runtime control of Speculative Store Bypass - SAUCE: x86/speculation: Add prctl for Speculative Store Bypass mitigation - SAUCE: nospec: Allow getting/setting on non-current task - SAUCE: proc: Provide details on speculation flaw mitigations - SAUCE: seccomp: Enable speculation flaw mitigations - SAUCE: x86/bugs: Honour SPEC_CTRL default - SAUCE: x86/bugs: Make boot modes __ro_after_init - SAUCE: prctl: Add force disable speculation - SAUCE: seccomp: Use PR_SPEC_FORCE_DISABLE - selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC - SAUCE: seccomp: Add filter flag to opt-out of SSB mitigation - SAUCE: seccomp: Move speculation migitation control to arch code - SAUCE: x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - SAUCE: x86/bugs: Rename _RDS to _SSBD - SAUCE: proc: Use underscores for SSBD in 'status' - SAUCE: Documentation/spec_ctrl: Do some minor cleanups - SAUCE: x86/bugs: Fix __ssb_select_mitigation() return type - SAUCE: x86/bugs: Make cpu_show_common() static
[Group.of.nepali.translators] [Bug 1764762] Re: Xenial update to 4.4.124 stable release
** Also affects: linux (Ubuntu Xenial) Importance: Undecided Status: New ** Changed in: linux (Ubuntu Xenial) Importance: Undecided => Medium ** Changed in: linux (Ubuntu Xenial) Status: New => In Progress -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1764762 Title: Xenial update to 4.4.124 stable release Status in linux package in Ubuntu: Invalid Status in linux source package in Xenial: In Progress Bug description: SRU Justification Impact: The upstream process for stable tree updates is quite similar in scope to the Ubuntu SRU process, e.g., each patch has to demonstrably fix a bug, and each patch is vetted by upstream by originating either directly from a mainline/stable Linux tree or a minimally backported form of that patch. The 4.4.124 upstream stable stable patch set is now available. It should be included in the Ubuntu kernel as well. git://git.kernel.org/ TEST CASE: TBD The following patches from the 4.4.124 stable release shall be applied: * Linux 4.4.124 * RDMA/ucma: Fix access to non-initialized CM_ID object * dmaengine: ti-dma-crossbar: Fix event mapping for TPCC_EVT_MUX_60_63 * clk: si5351: Rename internal plls to avoid name collisions * nfsd4: permit layoutget of executable-only files * RDMA/ocrdma: Fix permissions for OCRDMA_RESET_STATS * ip6_vti: adjust vti mtu according to mtu of lower device * iommu/vt-d: clean up pr_irq if request_threaded_irq fails * pinctrl: Really force states during suspend/resume * coresight: Fix disabling of CoreSight TPIU * pty: cancel pty slave port buf's work in tty_release * drm/omap: DMM: Check for DMM readiness after successful transaction commit * vgacon: Set VGA struct resource types * IB/umem: Fix use of npages/nmap fields * RDMA/cma: Use correct size when writing netlink stats * IB/ipoib: Avoid memory leak if the SA returns a different DGID * mmc: avoid removing non-removable hosts during suspend * platform/chrome: Use proper protocol transfer function * cros_ec: fix nul-termination for firmware build info * media: [RESEND] media: dvb-frontends: Add delay to Si2168 restart * media: bt8xx: Fix err 'bt878_probe()' * rtlwifi: rtl_pci: Fix the bug when inactiveps is enabled. * RDMA/iwpm: Fix uninitialized error code in iwpm_send_mapinfo() * drm/msm: fix leak in failed get_pages * media: c8sectpfe: fix potential NULL pointer dereference in c8sectpfe_timer_interrupt * Bluetooth: hci_qca: Avoid setup failure on missing rampatch * perf tests kmod-path: Don't fail if compressed modules aren't supported * rtc: ds1374: wdt: Fix stop/start ioctl always returning -EINVAL * rtc: ds1374: wdt: Fix issue with timeout scaling from secs to wdt ticks * cifs: small underflow in cnvrtDosUnixTm() * net: hns: fix ethtool_get_strings overflow in hns driver * sm501fb: don't return zero on failure path in sm501fb_start() * video: fbdev: udlfb: Fix buffer on stack * tcm_fileio: Prevent information leak for short reads * ia64: fix module loading for gcc-5.4 * md/raid10: skip spare disk as 'first' disk * Input: twl4030-pwrbutton - use correct device for irq request * power: supply: pda_power: move from timer to delayed_work * bnx2x: Align RX buffers * drm/nouveau/kms: Increase max retries in scanout position queries. * ACPI / PMIC: xpower: Fix power_table addresses * ipmi/watchdog: fix wdog hang on panic waiting for ipmi response * ARM: DRA7: clockdomain: Change the CLKTRCTRL of CM_PCIE_CLKSTCTRL to SW_WKUP * mmc: sdhci-of-esdhc: limit SD clock for ls1012a/ls1046a * staging: wilc1000: fix unchecked return value * staging: unisys: visorhba: fix s-Par to boot with option CONFIG_VMAP_STACK set to y * mtip32xx: use runtime tag to initialize command header * mfd: palmas: Reset the POWERHOLD mux during power off * mac80211: don't parse encrypted management frames in ieee80211_frame_acked * Btrfs: send, fix file hole not being preserved due to inline extent * rndis_wlan: add return value validation * mt7601u: check return value of alloc_skb * iio: st_pressure: st_accel: Initialise sensor platform data properly * NFS: don't try to cross a mountpount when there isn't one there. * infiniband/uverbs: Fix integer overflows * scsi: mac_esp: Replace bogus memory barrier with spinlock * qlcnic: fix unchecked return value * wan: pc300too: abort path on failure * mmc: host: omap_hsmmc: checking for NULL instead of IS_ERR() * openvswitch: Delete conntrack entry clashing with an expectation. * netfilter: xt_CT: fix refcnt leak on error path *