[Kernel-packages] [Bug 1604344] Re: changelog: add CVEs as first class citizens
This bug was fixed in the package linux - 3.13.0-95.142 --- linux (3.13.0-95.142) trusty; urgency=low [ Stefan Bader ] * Release Tracking Bug - LP: #1612715 * CVE-2016-5696 - tcp: make challenge acks less predictable linux (3.13.0-94.141) trusty; urgency=low [ Stefan Bader ] * Release Tracking Bug - LP: #1611281 * CVE-2016-5828 - powerpc/tm: Always reclaim in start_thread() for exec() class syscalls * CVE-2016-5829 - HID: hiddev: validate num_values for HIDIOCGUSAGES, HIDIOCSUSAGES commands * changelog: add CVEs as first class citizens (LP: #1604344) - use CVE numbers in changelog - avoid duplicate CVE numbers in changelog * CVE-2016-5728 - misc: mic: Fix for double fetch security bug in VOP driver * CVE-2016-5244 (LP: #1589041) - rds: fix an infoleak in rds_inc_info_copy -- Stefan BaderFri, 12 Aug 2016 18:37:52 +0200 ** Changed in: linux (Ubuntu Vivid) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1604344 Title: changelog: add CVEs as first class citizens Status in linux package in Ubuntu: Fix Released Status in linux source package in Precise: Fix Released Status in linux source package in Trusty: Fix Released Status in linux source package in Vivid: Fix Released Status in linux source package in Xenial: Fix Released Bug description: We no longer use bugs routinely for CVEs so pull the CVE number up as a bug number rather than letting the fixes all fall into misc. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1604344/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1604344] Re: changelog: add CVEs as first class citizens
This bug was fixed in the package linux - 3.2.0-109.150 --- linux (3.2.0-109.150) precise; urgency=low [ Stefan Bader ] * Release Tracking Bug - LP: #1612732 * CVE-2016-5696 - tcp: make challenge acks less predictable linux (3.2.0-108.149) precise; urgency=low [ Stefan Bader ] * Release Tracking Bug - LP: #1611303 * CVE-2016-5829 - HID: hiddev: validate num_values for HIDIOCGUSAGES, HIDIOCSUSAGES commands * changelog: add CVEs as first class citizens (LP: #1604344) - use CVE numbers in changelog - avoid duplicate CVE numbers in changelog * CVE-2016-5244 (LP: #1589041) - rds: fix an infoleak in rds_inc_info_copy -- Stefan BaderFri, 12 Aug 2016 18:57:31 +0200 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1604344 Title: changelog: add CVEs as first class citizens Status in linux package in Ubuntu: Fix Released Status in linux source package in Precise: Fix Released Status in linux source package in Trusty: Fix Released Status in linux source package in Vivid: Fix Released Status in linux source package in Xenial: Fix Released Bug description: We no longer use bugs routinely for CVEs so pull the CVE number up as a bug number rather than letting the fixes all fall into misc. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1604344/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1604344] Re: changelog: add CVEs as first class citizens
This bug was fixed in the package linux - 3.19.0-68.76 --- linux (3.19.0-68.76) vivid; urgency=low [ Stefan Bader ] * Release Tracking Bug - LP: #1612550 * CVE-2016-5696 - tcp: make challenge acks less predictable linux (3.19.0-67.75) vivid; urgency=low [ Stefan Bader ] * Release Tracking Bug - LP: #1611250 * CVE-2016-5828 - powerpc/tm: Always reclaim in start_thread() for exec() class syscalls * CVE-2016-5829 - HID: hiddev: validate num_values for HIDIOCGUSAGES, HIDIOCSUSAGES commands * CVE-2016-5400 - media: fix airspy usb probe error path * changelog: add CVEs as first class citizens (LP: #1604344) - avoid duplicate CVE numbers in changelog * CVE-2016-5728 - misc: mic: Fix for double fetch security bug in VOP driver * CVE-2016-5244 (LP: #1589041) - rds: fix an infoleak in rds_inc_info_copy -- Stefan BaderFri, 12 Aug 2016 10:31:41 +0200 ** Changed in: linux (Ubuntu Precise) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1604344 Title: changelog: add CVEs as first class citizens Status in linux package in Ubuntu: Fix Released Status in linux source package in Precise: Fix Released Status in linux source package in Trusty: Fix Released Status in linux source package in Vivid: Fix Released Status in linux source package in Xenial: Fix Released Bug description: We no longer use bugs routinely for CVEs so pull the CVE number up as a bug number rather than letting the fixes all fall into misc. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1604344/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1604344] Re: changelog: add CVEs as first class citizens
This bug was fixed in the package linux - 4.4.0-36.55 --- linux (4.4.0-36.55) xenial; urgency=low [ Stefan Bader ] * Release Tracking Bug - LP: #1612305 * I2C touchpad does not work on AMD platform (LP: #1612006) - SAUCE: pinctrl/amd: Remove the default de-bounce time * CVE-2016-5696 - tcp: make challenge acks less predictable linux (4.4.0-35.54) xenial; urgency=low [ Stefan Bader ] * Release Tracking Bug - LP: #1611215 * [i915_bpo] Sync with v4.7 (LP: #1609742) - SAUCE: i915_bpo: Sync with v4.7 * s390/cio: fix reset of channel measurement block (LP: #1609415) - s390/cio: allow to reset channel measurement block * in Ubuntu16.10: Hit on Call traces and system goes down when transactional memory tests are running in 32TB Brazos system (LP: #1606786) - powerpc/tm: Avoid SLB faults in treclaim/trecheckpoint when RI=0 - powerpc/tm: Fix stack pointer corruption in __tm_recheckpoint() * Power Menu does not display after press the Power Button (LP: #1609204) - intel-vbtn: new driver for Intel Virtual Button - [config] enable CONFIG_INTEL_VBTN=m * OptiPlex 7450 AIO hangs when rebooting (LP: #1608762) - x86/reboot: Add Dell Optiplex 7450 AIO reboot quirk * virtualbox+usb 3.0 breaks boot, -28 kernel works (LP: #1604058) - SAUCE: xhci: Fix soft lockup in xhci_pci_probe path when XHCI_STATE_HALTED * linux-kernel: Freeing IRQ from IRQ context (LP: #1597908) - block: defer timeouts to a workqueue * Tunnel offload indications not stripped from encapsulated packets, causing performance overhead (LP: #1602755) - tunnels: Remove encapsulation offloads on decap. * lm-sensors is throwing "ERROR: Can't get value of subfeature temp1_input: I/O error" for be2net driver (LP: #1607387) - be2net: perform temperature query in adapter regardless of its interface state * Dell dock MAC Address pass through doesn't work in Ubuntu (LP: #1579984) - r8152: Add support for setting pass through MAC address on RTL8153-AD * vmxnet3 LRO IPv6 performance issues (stalling TCP) (LP: #1605494) - Driver: Vmxnet3: set CHECKSUM_UNNECESSARY for IPv6 packets * ISST-LTE:pVM:monklp5:Ubuntu16.04.1:system crashed at lpfc_sli4_scmd_to_wqidx_distr (LP: #1597974) - SAUCE: lpfc: fix oops in lpfc_sli4_scmd_to_wqidx_distr() from lpfc_send_taskmgmt() * Backport cxlflash shutdown patch to Xenial SRU (LP: #1605405) - SAUCE: cxlflash: Verify problem state area is mapped before notifying shutdown * Xenial update to v4.4.16 stable release (LP: #1607404) - mac80211: fix fast_tx header alignment - mac80211: mesh: flush mesh paths unconditionally - mac80211_hwsim: Add missing check for HWSIM_ATTR_SIGNAL - mac80211: Fix mesh estab_plinks counting in STA removal case - EDAC, sb_edac: Fix rank lookup on Broadwell - IB/cm: Fix a recently introduced locking bug - IB/mlx4: Properly initialize GRH TClass and FlowLabel in AHs - powerpc/pseries: Fix IBM_ARCH_VEC_NRCORES_OFFSET since POWER8NVL was added - powerpc/tm: Always reclaim in start_thread() for exec() class syscalls - usb: dwc2: fix regression on big-endian PowerPC/ARM systems - USB: EHCI: declare hostpc register as zero-length array - usb: common: otg-fsm: add license to usb-otg-fsm - mnt: fs_fully_visible test the proper mount for MNT_LOCKED - mnt: Account for MS_RDONLY in fs_fully_visible - mnt: If fs_fully_visible fails call put_filesystem. - of: fix autoloading due to broken modalias with no 'compatible' - of: irq: fix of_irq_get[_byname]() kernel-doc - locking/ww_mutex: Report recursive ww_mutex locking early - locking/qspinlock: Fix spin_unlock_wait() some more - locking/static_key: Fix concurrent static_key_slow_inc() - x86, build: copy ldlinux.c32 to image.iso - kprobes/x86: Clear TF bit in fault on single-stepping - x86/amd_nb: Fix boot crash on non-AMD systems - Revert "gpiolib: Split GPIO flags parsing and GPIO configuration" - uvc: Forward compat ioctls to their handlers directly - thermal: cpu_cooling: fix improper order during initialization - writeback: use higher precision calculation in domain_dirty_limits() - nfsd4/rpc: move backchannel create logic into rpc code - nfsd: Always lock state exclusively. - nfsd: Extend the mutex holding region around in nfsd4_process_open2() - posix_acl: Add set_posix_acl - nfsd: check permissions when setting ACLs - make nfs_atomic_open() call d_drop() on all ->open_context() errors. - NFS: Fix another OPEN_DOWNGRADE bug - ARM: imx6ul: Fix Micrel PHY mask - ARM: 8578/1: mm: ensure pmd_present only checks the valid bit - ARM: 8579/1: mm: Fix definition of pmd_mknotpresent - MIPS: KVM: Fix modular KVM under QEMU - mm: Export migrate_page_move_mapping and migrate_page_copy - UBIFS: Implement ->migratepage() - sched/fair: Fix
[Kernel-packages] [Bug 1604344] Re: changelog: add CVEs as first class citizens
** Tags removed: verification-needed-precise ** Tags added: verification-done-precise ** Tags removed: verification-needed-trusty ** Tags added: verification-done-trusty -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1604344 Title: changelog: add CVEs as first class citizens Status in linux package in Ubuntu: Fix Released Status in linux source package in Precise: Fix Committed Status in linux source package in Trusty: Fix Committed Status in linux source package in Vivid: Fix Committed Status in linux source package in Xenial: Fix Committed Bug description: We no longer use bugs routinely for CVEs so pull the CVE number up as a bug number rather than letting the fixes all fall into misc. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1604344/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1604344] Re: changelog: add CVEs as first class citizens
This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed- precise' to 'verification-done-precise'. If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you! ** Tags added: verification-needed-precise ** Tags added: verification-needed-trusty -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1604344 Title: changelog: add CVEs as first class citizens Status in linux package in Ubuntu: Fix Released Status in linux source package in Precise: Fix Committed Status in linux source package in Trusty: Fix Committed Status in linux source package in Vivid: Fix Committed Status in linux source package in Xenial: Fix Committed Bug description: We no longer use bugs routinely for CVEs so pull the CVE number up as a bug number rather than letting the fixes all fall into misc. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1604344/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1604344] Re: changelog: add CVEs as first class citizens
This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed- trusty' to 'verification-done-trusty'. If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you! -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1604344 Title: changelog: add CVEs as first class citizens Status in linux package in Ubuntu: Fix Released Status in linux source package in Precise: Fix Committed Status in linux source package in Trusty: Fix Committed Status in linux source package in Vivid: Fix Committed Status in linux source package in Xenial: Fix Committed Bug description: We no longer use bugs routinely for CVEs so pull the CVE number up as a bug number rather than letting the fixes all fall into misc. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1604344/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1604344] Re: changelog: add CVEs as first class citizens
** Branch linked: lp:ubuntu/trusty-security/linux-lts-vivid ** Branch linked: lp:ubuntu/trusty-proposed/linux-lts-vivid ** Branch linked: lp:ubuntu/trusty-updates/linux-lts-vivid -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1604344 Title: changelog: add CVEs as first class citizens Status in linux package in Ubuntu: Fix Released Status in linux source package in Precise: Fix Committed Status in linux source package in Trusty: Fix Committed Status in linux source package in Vivid: Fix Committed Status in linux source package in Xenial: Fix Committed Bug description: We no longer use bugs routinely for CVEs so pull the CVE number up as a bug number rather than letting the fixes all fall into misc. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1604344/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1604344] Re: changelog: add CVEs as first class citizens
** Changed in: linux (Ubuntu Vivid) Status: Fix Released => Fix Committed ** Changed in: linux (Ubuntu Xenial) Status: Fix Released => Fix Committed -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1604344 Title: changelog: add CVEs as first class citizens Status in linux package in Ubuntu: Fix Released Status in linux source package in Precise: Fix Committed Status in linux source package in Trusty: Fix Committed Status in linux source package in Vivid: Fix Committed Status in linux source package in Xenial: Fix Committed Bug description: We no longer use bugs routinely for CVEs so pull the CVE number up as a bug number rather than letting the fixes all fall into misc. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1604344/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1604344] Re: changelog: add CVEs as first class citizens
This bug was fixed in the package linux - 3.19.0-66.74 --- linux (3.19.0-66.74) vivid; urgency=low [ Seth Forshee ] * Release Tracking Bug - LP: #1604153 * CVE-2016-1237 - posix_acl: Add set_posix_acl - nfsd: check permissions when setting ACLs * changelog: add CVEs as first class citizens (LP: #1604344) - use CVE numbers in changelog * CVE-2016-5243 (LP: #1589036) - tipc: fix an infoleak in tipc_nl_compat_link_dump * CVE-2016-4470 - KEYS: potential uninitialized variable * CVE-2016-4794 (LP: #1581871) - percpu: fix synchronization between chunk->map_extend_work and chunk destruction - percpu: fix synchronization between synchronous map extension and chunk destruction * qeth: delete napi struct when removing a qeth device (LP: #1601831) - qeth: delete napi struct when removing a qeth device * arm64: statically link rtc-efi (LP: #1583738) - [Config] Link rtc-efi statically on arm64 * linux: Homogenize changelog format across releases (LP: #1599562) - Revert "UBUNTU: [debian] BugLink: close LP: bugs only for Launchpad urls" - [Debian] git-ubuntu-log -- switch to bug order - [Debian] git-ubuntu-log -- fix empty section formatting - [Debian] git-ubuntu-log -- output should be utf-8 - [Debian] git-ubuntu-log -- handle invalid or private bugs - [Debian] git-ubuntu-log -- wrap long bug and commit titles - [Debian] git-ubuntu-log -- ensure we get the last commit - [Debian] git-ubuntu-log -- prevent bug references being split - [Debian] git-ubuntu-log -- git log output is UTF-8 * exercising ptys causes a kernel oops (LP: #1586418) - devpts: fix null pointer dereference on failed memory allocation * the kernel hangs when reboot or shutdown on a lenovo baytrail-m based machine (LP: #1597564) - usb: xhci: Makefile: move xhci-pci and xhci-plat-hcd after xhci-hcd * [i915_bpo][SKL] Display core init/uninit updates (LP: #1595803) - SAUCE: i915_bpo: drm/i915: Extract a intel_power_well_enable() function - SAUCE: i915_bpo: drm/i915: Extract a intel_power_well_disable() function - SAUCE: i915_bpo: drm/i915/skl: Making DC6 entry is the last call in suspend flow. - SAUCE: i915_bpo: drm/i915: Kill intel_runtime_pm_disable() - SAUCE: i915_bpo: drm/i915/gen9: csr_init after runtime pm enable - SAUCE: i915_bpo: drm/i915: use correct power domain for csr loading - SAUCE: i915_bpo: drm/i915/gen9: Don't try to load garbage dmc firmware on resume - SAUCE: i915_bpo: drm/i915/skl: Removed assert for csr-fw-loading check during disabling dc6 - SAUCE: i915_bpo: drm/i915: fix the power well ID for always on wells - SAUCE: i915_bpo: drm/i915: fix lookup_power_well for power wells without any domain - SAUCE: i915_bpo: drm/i915: Make turning on/off PW1 and Misc I/O part of the init/fini sequences -- Seth ForsheeTue, 19 Jul 2016 09:07:26 -0500 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1604344 Title: changelog: add CVEs as first class citizens Status in linux package in Ubuntu: Fix Released Status in linux source package in Precise: Fix Committed Status in linux source package in Trusty: Fix Committed Status in linux source package in Vivid: Fix Released Status in linux source package in Xenial: Fix Released Bug description: We no longer use bugs routinely for CVEs so pull the CVE number up as a bug number rather than letting the fixes all fall into misc. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1604344/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1604344] Re: changelog: add CVEs as first class citizens
This bug was fixed in the package linux - 4.4.0-34.53 --- linux (4.4.0-34.53) xenial; urgency=low [ Seth Forshee ] * Release Tracking Bug - LP: #1606960 * [APL][SAUCE] Slow system response time due to a monitor bug (LP: #1606147) - x86/cpu/intel: Introduce macros for Intel family numbers - SAUCE: x86/cpu: Add workaround for MONITOR instruction erratum on Goldmont based CPUs linux (4.4.0-33.52) xenial; urgency=low [ Seth Forshee ] * Release Tracking Bug - LP: #1605709 * [regression] NFS client: access problems after updating to kernel 4.4.0-31-generic (LP: #1603719) - SAUCE: (namespace) Bypass sget() capability check for nfs linux (4.4.0-32.51) xenial; urgency=low [ Seth Forshee ] * Release Tracking Bug - LP: #1604443 * thinkpad yoga 260 wacom touchscreen not working (LP: #1603975) - HID: wacom: break out parsing of device and registering of input - HID: wacom: Initialize hid_data.inputmode to -1 - HID: wacom: Support switching from vendor-defined device mode on G9 and G11 * changelog: add CVEs as first class citizens (LP: #1604344) - use CVE numbers in changelog * [Xenial] Include Huawei PCIe SSD hio kernel driver (LP: #1603483) - SAUCE: import Huawei ES3000_V2 (2.1.0.23) - SAUCE: hio: bio_endio() no longer takes errors arg - SAUCE: hio: blk_queue make_request_fn now returns a blk_qc_t - SAUCE: hio: use alloc_cpumask_var to avoid -Wframe-larger-than - SAUCE: hio: fix mask maybe-uninitialized warning - [config] enable CONFIG_HIO (Huawei ES3000_V2 PCIe SSD driver) - SAUCE: hio: Makefile and Kconfig * CVE-2016-5243 (LP: #1589036) - tipc: fix an infoleak in tipc_nl_compat_link_dump - tipc: fix nl compat regression for link statistics * CVE-2016-4470 - KEYS: potential uninitialized variable * integer overflow in xt_alloc_table_info (LP: #1555353) - netfilter: x_tables: check for size overflow * CVE-2016-3135: - Revert "UBUNTU: SAUCE: (noup) netfilter: x_tables: check for size overflow" * CVE-2016-4440 (LP: #1584192) - kvm:vmx: more complete state update on APICv on/off * the system hangs in the dma driver when reboot or shutdown on a baytrail-m laptop (LP: #1602579) - dmaengine: dw: platform: power on device on shutdown - ACPI / LPSS: override power state for LPSS DMA device * Add proper palm detection support for MS Precision Touchpad (LP: #1593124) - Revert "HID: multitouch: enable palm rejection if device implements confidence usage" - HID: multitouch: enable palm rejection for Windows Precision Touchpad * Add support for Intel 8265 Bluetooth ([8087:0A2B]) (LP: #1599068) - Bluetooth: Add support for Intel Bluetooth device 8265 [8087:0a2b] * CVE-2016-4794 (LP: #1581871) - percpu: fix synchronization between chunk->map_extend_work and chunk destruction - percpu: fix synchronization between synchronous map extension and chunk destruction * Xenial update to v4.4.15 stable release (LP: #1601952) - net_sched: fix pfifo_head_drop behavior vs backlog - net: Don't forget pr_fmt on net_dbg_ratelimited for CONFIG_DYNAMIC_DEBUG - sit: correct IP protocol used in ipip6_err - esp: Fix ESN generation under UDP encapsulation - netem: fix a use after free - ipmr/ip6mr: Initialize the last assert time of mfc entries. - Bridge: Fix ipv6 mc snooping if bridge has no ipv6 address - sock_diag: do not broadcast raw socket destruction - bpf, perf: delay release of BPF prog after grace period - neigh: Explicitly declare RCU-bh read side critical section in neigh_xmit() - net: macb: fix default configuration for GMAC on AT91 - net: alx: Work around the DMA RX overflow issue - bpf: try harder on clones when writing into skb - AX.25: Close socket connection on session completion - crypto: ux500 - memmove the right size - crypto: user - re-add size check for CRYPTO_MSG_GETALG - USB: uas: Fix slave queue_depth not being set - usb: quirks: Fix sorting - usb: quirks: Add no-lpm quirk for Acer C120 LED Projector - usb: musb: only restore devctl when session was set in backup - usb: musb: Stop bulk endpoint while queue is rotated - usb: musb: Ensure rx reinit occurs for shared_fifo endpoints - usb: musb: host: correct cppi dma channel for isoch transfer - usb: xhci-plat: properly handle probe deferral for devm_clk_get() - USB: xhci: Add broken streams quirk for Frescologic device id 1009 - xhci: Fix handling timeouted commands on hosts in weird states. - USB: mos7720: delete parport - usb: gadget: fix spinlock dead lock in gadgetfs - usb: host: ehci-tegra: Grab the correct UTMI pads reset - usb: dwc3: exynos: Fix deferred probing storm. - Linux 4.4.15 * qeth: delete napi struct when removing a qeth device (LP: #1601831) - qeth: delete napi struct when removing a qeth device *
[Kernel-packages] [Bug 1604344] Re: changelog: add CVEs as first class citizens
** Tags removed: verification-needed-vivid verification-needed-xenial ** Tags added: verification-done-vivid verification-done-xenial -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1604344 Title: changelog: add CVEs as first class citizens Status in linux package in Ubuntu: Fix Released Status in linux source package in Precise: Fix Committed Status in linux source package in Trusty: Fix Committed Status in linux source package in Vivid: Fix Committed Status in linux source package in Xenial: Fix Committed Bug description: We no longer use bugs routinely for CVEs so pull the CVE number up as a bug number rather than letting the fixes all fall into misc. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1604344/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1604344] Re: changelog: add CVEs as first class citizens
This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed- vivid' to 'verification-done-vivid'. If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you! ** Tags added: verification-needed-vivid ** Tags added: verification-needed-xenial -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1604344 Title: changelog: add CVEs as first class citizens Status in linux package in Ubuntu: Fix Released Status in linux source package in Precise: Fix Committed Status in linux source package in Trusty: Fix Committed Status in linux source package in Vivid: Fix Committed Status in linux source package in Xenial: Fix Committed Bug description: We no longer use bugs routinely for CVEs so pull the CVE number up as a bug number rather than letting the fixes all fall into misc. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1604344/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1604344] Re: changelog: add CVEs as first class citizens
This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed- xenial' to 'verification-done-xenial'. If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you! -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1604344 Title: changelog: add CVEs as first class citizens Status in linux package in Ubuntu: Fix Released Status in linux source package in Precise: Fix Committed Status in linux source package in Trusty: Fix Committed Status in linux source package in Vivid: Fix Committed Status in linux source package in Xenial: Fix Committed Bug description: We no longer use bugs routinely for CVEs so pull the CVE number up as a bug number rather than letting the fixes all fall into misc. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1604344/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1604344] Re: changelog: add CVEs as first class citizens
This bug was fixed in the package linux - 4.4.0-33.52 --- linux (4.4.0-33.52) xenial; urgency=low [ Seth Forshee ] * Release Tracking Bug - LP: #1605709 * [regression] NFS client: access problems after updating to kernel 4.4.0-31-generic (LP: #1603719) - SAUCE: (namespace) Bypass sget() capability check for nfs linux (4.4.0-32.51) xenial; urgency=low [ Seth Forshee ] * Release Tracking Bug - LP: #1604443 * thinkpad yoga 260 wacom touchscreen not working (LP: #1603975) - HID: wacom: break out parsing of device and registering of input - HID: wacom: Initialize hid_data.inputmode to -1 - HID: wacom: Support switching from vendor-defined device mode on G9 and G11 * changelog: add CVEs as first class citizens (LP: #1604344) - use CVE numbers in changelog * [Xenial] Include Huawei PCIe SSD hio kernel driver (LP: #1603483) - SAUCE: import Huawei ES3000_V2 (2.1.0.23) - SAUCE: hio: bio_endio() no longer takes errors arg - SAUCE: hio: blk_queue make_request_fn now returns a blk_qc_t - SAUCE: hio: use alloc_cpumask_var to avoid -Wframe-larger-than - SAUCE: hio: fix mask maybe-uninitialized warning - [config] enable CONFIG_HIO (Huawei ES3000_V2 PCIe SSD driver) - SAUCE: hio: Makefile and Kconfig * CVE-2016-5243 (LP: #1589036) - tipc: fix an infoleak in tipc_nl_compat_link_dump - tipc: fix nl compat regression for link statistics * CVE-2016-4470 - KEYS: potential uninitialized variable * integer overflow in xt_alloc_table_info (LP: #1555353) - netfilter: x_tables: check for size overflow * CVE-2016-3135: - Revert "UBUNTU: SAUCE: (noup) netfilter: x_tables: check for size overflow" * CVE-2016-4440 (LP: #1584192) - kvm:vmx: more complete state update on APICv on/off * the system hangs in the dma driver when reboot or shutdown on a baytrail-m laptop (LP: #1602579) - dmaengine: dw: platform: power on device on shutdown - ACPI / LPSS: override power state for LPSS DMA device * Add proper palm detection support for MS Precision Touchpad (LP: #1593124) - Revert "HID: multitouch: enable palm rejection if device implements confidence usage" - HID: multitouch: enable palm rejection for Windows Precision Touchpad * Add support for Intel 8265 Bluetooth ([8087:0A2B]) (LP: #1599068) - Bluetooth: Add support for Intel Bluetooth device 8265 [8087:0a2b] * CVE-2016-4794 (LP: #1581871) - percpu: fix synchronization between chunk->map_extend_work and chunk destruction - percpu: fix synchronization between synchronous map extension and chunk destruction * Xenial update to v4.4.15 stable release (LP: #1601952) - net_sched: fix pfifo_head_drop behavior vs backlog - net: Don't forget pr_fmt on net_dbg_ratelimited for CONFIG_DYNAMIC_DEBUG - sit: correct IP protocol used in ipip6_err - esp: Fix ESN generation under UDP encapsulation - netem: fix a use after free - ipmr/ip6mr: Initialize the last assert time of mfc entries. - Bridge: Fix ipv6 mc snooping if bridge has no ipv6 address - sock_diag: do not broadcast raw socket destruction - bpf, perf: delay release of BPF prog after grace period - neigh: Explicitly declare RCU-bh read side critical section in neigh_xmit() - net: macb: fix default configuration for GMAC on AT91 - net: alx: Work around the DMA RX overflow issue - bpf: try harder on clones when writing into skb - AX.25: Close socket connection on session completion - crypto: ux500 - memmove the right size - crypto: user - re-add size check for CRYPTO_MSG_GETALG - USB: uas: Fix slave queue_depth not being set - usb: quirks: Fix sorting - usb: quirks: Add no-lpm quirk for Acer C120 LED Projector - usb: musb: only restore devctl when session was set in backup - usb: musb: Stop bulk endpoint while queue is rotated - usb: musb: Ensure rx reinit occurs for shared_fifo endpoints - usb: musb: host: correct cppi dma channel for isoch transfer - usb: xhci-plat: properly handle probe deferral for devm_clk_get() - USB: xhci: Add broken streams quirk for Frescologic device id 1009 - xhci: Fix handling timeouted commands on hosts in weird states. - USB: mos7720: delete parport - usb: gadget: fix spinlock dead lock in gadgetfs - usb: host: ehci-tegra: Grab the correct UTMI pads reset - usb: dwc3: exynos: Fix deferred probing storm. - Linux 4.4.15 * qeth: delete napi struct when removing a qeth device (LP: #1601831) - qeth: delete napi struct when removing a qeth device * Adjust KBL PCI-ID's (LP: #1600124) - drm/i915: Add more Kabylake PCI IDs. - drm/i915: Removing PCI IDs that are no longer listed as Kabylake. * [i915_bpo] Rebase driver to v4.7-rc6 + gen9 workarounds + KBP PCH support (LP: #1599109) - drm/kms_helper: Add a common place to call init and exit functions. - drm: Add helper for
[Kernel-packages] [Bug 1604344] Re: changelog: add CVEs as first class citizens
** Also affects: linux (Ubuntu Precise) Importance: Undecided Status: New ** Also affects: linux (Ubuntu Vivid) Importance: Undecided Status: New ** Also affects: linux (Ubuntu Xenial) Importance: Undecided Status: New ** Also affects: linux (Ubuntu Trusty) Importance: Undecided Status: New ** Changed in: linux (Ubuntu Precise) Importance: Undecided => High ** Changed in: linux (Ubuntu Precise) Status: New => Fix Committed ** Changed in: linux (Ubuntu Precise) Assignee: (unassigned) => Andy Whitcroft (apw) ** Changed in: linux (Ubuntu Trusty) Importance: Undecided => High ** Changed in: linux (Ubuntu Trusty) Status: New => Fix Committed ** Changed in: linux (Ubuntu Trusty) Assignee: (unassigned) => Andy Whitcroft (apw) ** Changed in: linux (Ubuntu Vivid) Importance: Undecided => High ** Changed in: linux (Ubuntu Vivid) Status: New => Fix Committed ** Changed in: linux (Ubuntu Vivid) Assignee: (unassigned) => Andy Whitcroft (apw) ** Changed in: linux (Ubuntu Xenial) Importance: Undecided => High ** Changed in: linux (Ubuntu Xenial) Status: New => Fix Committed ** Changed in: linux (Ubuntu Xenial) Assignee: (unassigned) => Andy Whitcroft (apw) -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1604344 Title: changelog: add CVEs as first class citizens Status in linux package in Ubuntu: In Progress Status in linux source package in Precise: Fix Committed Status in linux source package in Trusty: Fix Committed Status in linux source package in Vivid: Fix Committed Status in linux source package in Xenial: Fix Committed Bug description: We no longer use bugs routinely for CVEs so pull the CVE number up as a bug number rather than letting the fixes all fall into misc. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1604344/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp