[ubuntu/xenial-proposed] linux_4.4.0-146.172_amd64.tar.gz - (Accepted)
linux (4.4.0-146.172) xenial; urgency=medium * linux: 4.4.0-146.172 -proposed tracker (LP: #1822834) * Packaging resync (LP: #1786013) - [Packaging] update helper scripts - [Packaging] resync retpoline extraction * 3b080b2564287be91605bfd1d5ee985696e61d3c in ubuntu_btrfs_kernel_fixes triggers system hang on i386 (LP: #1812845) - btrfs: raid56: properly unmap parity page in finish_parity_scrub() * Xenial update: 4.4.177 upstream stable release (LP: #1822271) - ceph: avoid repeatedly adding inode to mdsc->snap_flush_list - numa: change get_mempolicy() to use nr_node_ids instead of MAX_NUMNODES - KEYS: allow reaching the keys quotas exactly - mfd: ti_am335x_tscadc: Use PLATFORM_DEVID_AUTO while registering mfd cells - mfd: twl-core: Fix section annotations on {,un}protect_pm_master - mfd: db8500-prcmu: Fix some section annotations - mfd: ab8500-core: Return zero in get_register_interruptible() - mfd: qcom_rpm: write fw_version to CTRL_REG - mfd: wm5110: Add missing ASRC rate register - mfd: mc13xxx: Fix a missing check of a register-read failure - net: hns: Fix use after free identified by SLUB debug - MIPS: ath79: Enable OF serial ports in the default config - scsi: qla4xxx: check return code of qla4xxx_copy_from_fwddb_param - scsi: isci: initialize shost fully before calling scsi_add_host() - MIPS: jazz: fix 64bit build - isdn: i4l: isdn_tty: Fix some concurrency double-free bugs - atm: he: fix sign-extension overflow on large shift - leds: lp5523: fix a missing check of return value of lp55xx_read - isdn: avm: Fix string plus integer warning from Clang - RDMA/srp: Rework SCSI device reset handling - KEYS: user: Align the payload buffer - KEYS: always initialize keyring_index_key::desc_len - batman-adv: fix uninit-value in batadv_interface_tx() - net/packet: fix 4gb buffer limit due to overflow check - team: avoid complex list operations in team_nl_cmd_options_set() - sit: check if IPv6 enabled before calling ip6_err_gen_icmpv6_unreach() - net/mlx4_en: Force CHECKSUM_NONE for short ethernet frames - ARCv2: Enable unaligned access in early ASM code - Revert "bridge: do not add port to router list when receives query with source 0.0.0.0" - libceph: handle an empty authorize reply - drm/msm: Unblock writer if reader closes file - ASoC: Intel: Haswell/Broadwell: fix setting for .dynamic field - ALSA: compress: prevent potential divide by zero bugs - thermal: int340x_thermal: Fix a NULL vs IS_ERR() check - usb: dwc3: gadget: Fix the uninitialized link_state when udc starts - usb: gadget: Potential NULL dereference on allocation error - ASoC: dapm: change snprintf to scnprintf for possible overflow - ASoC: imx-audmux: change snprintf to scnprintf for possible overflow - ARC: fix __ffs return value to avoid build warnings - mac80211: fix miscounting of ttl-dropped frames - serial: fsl_lpuart: fix maximum acceptable baud rate with over-sampling - scsi: csiostor: fix NULL pointer dereference in csio_vport_set_state() - net: altera_tse: fix connect_local_phy error path - ibmveth: Do not process frames after calling napi_reschedule - mac80211: don't initiate TDLS connection if station is not associated to AP - cfg80211: extend range deviation for DMG - KVM: nSVM: clear events pending from svm_complete_interrupts() when exiting to L1 - arm/arm64: KVM: Feed initialized memory to MMIO accesses - KVM: arm/arm64: Fix MMIO emulation data handling - powerpc: Always initialize input array when calling epapr_hypercall() - mmc: spi: Fix card detection during probe - x86/uaccess: Don't leak the AC flag into __put_user() value evaluation - USB: serial: option: add Telit ME910 ECM composition - USB: serial: cp210x: add ID for Ingenico 3070 - USB: serial: ftdi_sio: add ID for Hjelmslund Electronics USB485 - cpufreq: Use struct kobj_attribute instead of struct global_attr - sockfs: getxattr: Fail with -EOPNOTSUPP for invalid attribute names - ncpfs: fix build warning of strncpy - isdn: isdn_tty: fix build warning of strncpy - staging: lustre: fix buffer overflow of string buffer - net-sysfs: Fix mem leak in netdev_register_kobject - team: Free BPF filter when unregistering netdev - bnxt_en: Drop oversize TX packets to prevent errors. - net: nfc: Fix NULL dereference on nfc_llcp_build_tlv fails - xen-netback: fix occasional leak of grant ref mappings under memory pressure - net: Add __icmp_send helper. - net: avoid use IPCB in cipso_v4_error - net: phy: Micrel KSZ8061: link failure after cable connect - x86/CPU/AMD: Set the CPB bit unconditionally on F17h - applicom: Fix potential Spectre v1 vulnerabilities - MIPS: irq: Allocate accurate order pages for irq stack - hugetlbfs: fix races and page leaks during
[ubuntu/xenial-proposed] linux-signed 4.4.0-146.172 (Accepted)
linux-signed (4.4.0-146.172) xenial; urgency=medium * Master version: 4.4.0-146.172 Date: 2019-04-03 08:58:00.843900+00:00 Changed-By: Khaled El Mously Signed-By: Steve Langasek https://launchpad.net/ubuntu/+source/linux-signed/4.4.0-146.172 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-proposed] linux-meta 4.4.0.146.154 (Accepted)
linux-meta (4.4.0.146.154) xenial; urgency=medium * Bump ABI 4.4.0-146 Date: 2019-04-03 08:58:03.344509+00:00 Changed-By: Khaled El Mously Signed-By: Steve Langasek https://launchpad.net/ubuntu/+source/linux-meta/4.4.0.146.154 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-proposed] linux 4.4.0-146.172 (Accepted)
linux (4.4.0-146.172) xenial; urgency=medium * linux: 4.4.0-146.172 -proposed tracker (LP: #1822834) * Packaging resync (LP: #1786013) - [Packaging] update helper scripts - [Packaging] resync retpoline extraction * 3b080b2564287be91605bfd1d5ee985696e61d3c in ubuntu_btrfs_kernel_fixes triggers system hang on i386 (LP: #1812845) - btrfs: raid56: properly unmap parity page in finish_parity_scrub() * Xenial update: 4.4.177 upstream stable release (LP: #1822271) - ceph: avoid repeatedly adding inode to mdsc->snap_flush_list - numa: change get_mempolicy() to use nr_node_ids instead of MAX_NUMNODES - KEYS: allow reaching the keys quotas exactly - mfd: ti_am335x_tscadc: Use PLATFORM_DEVID_AUTO while registering mfd cells - mfd: twl-core: Fix section annotations on {,un}protect_pm_master - mfd: db8500-prcmu: Fix some section annotations - mfd: ab8500-core: Return zero in get_register_interruptible() - mfd: qcom_rpm: write fw_version to CTRL_REG - mfd: wm5110: Add missing ASRC rate register - mfd: mc13xxx: Fix a missing check of a register-read failure - net: hns: Fix use after free identified by SLUB debug - MIPS: ath79: Enable OF serial ports in the default config - scsi: qla4xxx: check return code of qla4xxx_copy_from_fwddb_param - scsi: isci: initialize shost fully before calling scsi_add_host() - MIPS: jazz: fix 64bit build - isdn: i4l: isdn_tty: Fix some concurrency double-free bugs - atm: he: fix sign-extension overflow on large shift - leds: lp5523: fix a missing check of return value of lp55xx_read - isdn: avm: Fix string plus integer warning from Clang - RDMA/srp: Rework SCSI device reset handling - KEYS: user: Align the payload buffer - KEYS: always initialize keyring_index_key::desc_len - batman-adv: fix uninit-value in batadv_interface_tx() - net/packet: fix 4gb buffer limit due to overflow check - team: avoid complex list operations in team_nl_cmd_options_set() - sit: check if IPv6 enabled before calling ip6_err_gen_icmpv6_unreach() - net/mlx4_en: Force CHECKSUM_NONE for short ethernet frames - ARCv2: Enable unaligned access in early ASM code - Revert "bridge: do not add port to router list when receives query with source 0.0.0.0" - libceph: handle an empty authorize reply - drm/msm: Unblock writer if reader closes file - ASoC: Intel: Haswell/Broadwell: fix setting for .dynamic field - ALSA: compress: prevent potential divide by zero bugs - thermal: int340x_thermal: Fix a NULL vs IS_ERR() check - usb: dwc3: gadget: Fix the uninitialized link_state when udc starts - usb: gadget: Potential NULL dereference on allocation error - ASoC: dapm: change snprintf to scnprintf for possible overflow - ASoC: imx-audmux: change snprintf to scnprintf for possible overflow - ARC: fix __ffs return value to avoid build warnings - mac80211: fix miscounting of ttl-dropped frames - serial: fsl_lpuart: fix maximum acceptable baud rate with over-sampling - scsi: csiostor: fix NULL pointer dereference in csio_vport_set_state() - net: altera_tse: fix connect_local_phy error path - ibmveth: Do not process frames after calling napi_reschedule - mac80211: don't initiate TDLS connection if station is not associated to AP - cfg80211: extend range deviation for DMG - KVM: nSVM: clear events pending from svm_complete_interrupts() when exiting to L1 - arm/arm64: KVM: Feed initialized memory to MMIO accesses - KVM: arm/arm64: Fix MMIO emulation data handling - powerpc: Always initialize input array when calling epapr_hypercall() - mmc: spi: Fix card detection during probe - x86/uaccess: Don't leak the AC flag into __put_user() value evaluation - USB: serial: option: add Telit ME910 ECM composition - USB: serial: cp210x: add ID for Ingenico 3070 - USB: serial: ftdi_sio: add ID for Hjelmslund Electronics USB485 - cpufreq: Use struct kobj_attribute instead of struct global_attr - sockfs: getxattr: Fail with -EOPNOTSUPP for invalid attribute names - ncpfs: fix build warning of strncpy - isdn: isdn_tty: fix build warning of strncpy - staging: lustre: fix buffer overflow of string buffer - net-sysfs: Fix mem leak in netdev_register_kobject - team: Free BPF filter when unregistering netdev - bnxt_en: Drop oversize TX packets to prevent errors. - net: nfc: Fix NULL dereference on nfc_llcp_build_tlv fails - xen-netback: fix occasional leak of grant ref mappings under memory pressure - net: Add __icmp_send helper. - net: avoid use IPCB in cipso_v4_error - net: phy: Micrel KSZ8061: link failure after cable connect - x86/CPU/AMD: Set the CPB bit unconditionally on F17h - applicom: Fix potential Spectre v1 vulnerabilities - MIPS: irq: Allocate accurate order pages for irq stack - hugetlbfs: fix races and page leaks during
[ubuntu/partner/xenial] ibm-java80 8.0.5.30-0ubuntu1 (Accepted)
ibm-java80 (8.0.5.30-0ubuntu1) xenial; urgency=medium [ Java Information Manager ] * New upstream release. LP: #1818799. Date: 2019-03-06 16:19:09.425911+00:00 Changed-By: dann frazier Signed-By: Steve Langasek https://launchpad.net/ubuntu/+source/ibm-java80/8.0.5.30-0ubuntu1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-updates] busybox 1:1.22.0-15ubuntu1.4 (Accepted)
busybox (1:1.22.0-15ubuntu1.4) xenial-security; urgency=medium * SECURITY UPDATE: directory traversal via tar symlink extraction - debian/patches/CVE-2011-5325-1.patch: postpone creation of symlinks with "suspicious" targets in archival/libarchive/data_extract_all.c, archival/tar.c, archival/tar_symlink_attack, include/bb_archive.h, testsuite/tar.tests. - debian/patches/CVE-2011-5325-2.patch: do not extract unsafe symlinks unless env variable is set in archival/libarchive/Kbuild.src, archival/libarchive/data_extract_all.c, archival/libarchive/unsafe_symlink_target.c, archival/tar.c, include/bb_archive.h, libbb/copy_file.c, testsuite/tar.tests. - debian/patches/CVE-2011-5325-3.patch: postpone creation of symlinks with "suspicious" targets in archival/libarchive/data_extract_all.c, archival/libarchive/unsafe_symlink_target.c, archival/tar.c, include/bb_archive.h, testsuite/tar.tests. - debian/patches/CVE-2011-5325-4.patch: extract "unsafe" symlinks the same way tar/unzip does in archival/cpio.c. - debian/patches/CVE-2011-5325-5.patch: fix symlink creation in archival/libarchive/get_header_ar.c. - CVE-2011-5325 * SECURITY UPDATE: integer overflow in the DHCP client - debian/patches/CVE-2016-2147-1.patch: fix a SEGV on malformed RFC1035-encoded domain name in networking/udhcp/domain_codec.c. - debian/patches/CVE-2016-2147-2.patch: fix a warning in debug code in networking/udhcp/domain_codec.c. - CVE-2016-2147 * SECURITY UPDATE: heap-based buffer overflow in the DHCP client - debian/patches/CVE-2016-2148.patch: fix OPTION_6RD parsing in networking/udhcp/common.c, networking/udhcp/dhcpc.c. - CVE-2016-2148 * SECURITY UPDATE: integer overflow in get_next_block - debian/patches/CVE-2017-15873.patch: fix runCnt overflow in archival/libarchive/decompress_bunzip2.c. - CVE-2017-15873 * SECURITY UPDATE: code execution in tab autocomplete feature - debian/patches/CVE-2017-16544.patch: check for control characters in libbb/lineedit.c. - CVE-2017-16544 * SECURITY UPDATE: DoS in unzip operations - debian/patches/CVE-2015-9261-1.patch: test for a bad archive in archival/libarchive/decompress_gunzip.c, added test in testsuite/unzip.tests. - debian/patches/CVE-2015-9261-2.patch: further fix decompression code in archival/libarchive/decompress_gunzip.c, testsuite/unzip.tests. - CVE-2015-9261 * SECURITY UPDATE: buffer overflow in wget - debian/patches/CVE-2018-1000517.patch: check chunk length in networking/wget.c. - CVE-2018-1000517 * SECURITY UPDATE: out-of-bounds read in udhcp - debian/patches/CVE-2018-20679.patch: check that 4-byte options are indeed 4-byte in networking/udhcp/common.*, networking/udhcp/dhcpc.c, networking/udhcp/dhcpd.c. - CVE-2018-20679 * SECURITY UPDATE: incomplete fix for out-of-bounds read in udhcp - debian/patches/CVE-2019-5747.patch: when decoding DHCP_SUBNET, ensure it is 4 bytes long in networking/udhcp/common.*, networking/udhcp/dhcpc.c. - CVE-2019-5747 * debian/rules: fix nocheck test so test suite gets run during build and set SKIP_INTERNET_TESTS=y. Date: 2019-03-07 15:05:18.047879+00:00 Changed-By: Marc Deslauriers Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/+source/busybox/1:1.22.0-15ubuntu1.4 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-updates] policykit-1 0.105-14.1ubuntu0.5 (Accepted)
policykit-1 (0.105-14.1ubuntu0.5) xenial-security; urgency=medium * SECURITY UPDATE: start time protection mechanism bypass - debian/patches/CVE-2019-6133.patch: Compare PolkitUnixProcess uids for temporary authorizations in src/polkit/polkitsubject.c, src/polkit/polkitunixprocess.c, src/polkitbackend/polkitbackendinteractiveauthority.c. - CVE-2019-6133 Date: 2019-03-27 14:37:14.729246+00:00 Changed-By: Marc Deslauriers Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/+source/policykit-1/0.105-14.1ubuntu0.5 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] busybox 1:1.22.0-15ubuntu1.4 (Accepted)
busybox (1:1.22.0-15ubuntu1.4) xenial-security; urgency=medium * SECURITY UPDATE: directory traversal via tar symlink extraction - debian/patches/CVE-2011-5325-1.patch: postpone creation of symlinks with "suspicious" targets in archival/libarchive/data_extract_all.c, archival/tar.c, archival/tar_symlink_attack, include/bb_archive.h, testsuite/tar.tests. - debian/patches/CVE-2011-5325-2.patch: do not extract unsafe symlinks unless env variable is set in archival/libarchive/Kbuild.src, archival/libarchive/data_extract_all.c, archival/libarchive/unsafe_symlink_target.c, archival/tar.c, include/bb_archive.h, libbb/copy_file.c, testsuite/tar.tests. - debian/patches/CVE-2011-5325-3.patch: postpone creation of symlinks with "suspicious" targets in archival/libarchive/data_extract_all.c, archival/libarchive/unsafe_symlink_target.c, archival/tar.c, include/bb_archive.h, testsuite/tar.tests. - debian/patches/CVE-2011-5325-4.patch: extract "unsafe" symlinks the same way tar/unzip does in archival/cpio.c. - debian/patches/CVE-2011-5325-5.patch: fix symlink creation in archival/libarchive/get_header_ar.c. - CVE-2011-5325 * SECURITY UPDATE: integer overflow in the DHCP client - debian/patches/CVE-2016-2147-1.patch: fix a SEGV on malformed RFC1035-encoded domain name in networking/udhcp/domain_codec.c. - debian/patches/CVE-2016-2147-2.patch: fix a warning in debug code in networking/udhcp/domain_codec.c. - CVE-2016-2147 * SECURITY UPDATE: heap-based buffer overflow in the DHCP client - debian/patches/CVE-2016-2148.patch: fix OPTION_6RD parsing in networking/udhcp/common.c, networking/udhcp/dhcpc.c. - CVE-2016-2148 * SECURITY UPDATE: integer overflow in get_next_block - debian/patches/CVE-2017-15873.patch: fix runCnt overflow in archival/libarchive/decompress_bunzip2.c. - CVE-2017-15873 * SECURITY UPDATE: code execution in tab autocomplete feature - debian/patches/CVE-2017-16544.patch: check for control characters in libbb/lineedit.c. - CVE-2017-16544 * SECURITY UPDATE: DoS in unzip operations - debian/patches/CVE-2015-9261-1.patch: test for a bad archive in archival/libarchive/decompress_gunzip.c, added test in testsuite/unzip.tests. - debian/patches/CVE-2015-9261-2.patch: further fix decompression code in archival/libarchive/decompress_gunzip.c, testsuite/unzip.tests. - CVE-2015-9261 * SECURITY UPDATE: buffer overflow in wget - debian/patches/CVE-2018-1000517.patch: check chunk length in networking/wget.c. - CVE-2018-1000517 * SECURITY UPDATE: out-of-bounds read in udhcp - debian/patches/CVE-2018-20679.patch: check that 4-byte options are indeed 4-byte in networking/udhcp/common.*, networking/udhcp/dhcpc.c, networking/udhcp/dhcpd.c. - CVE-2018-20679 * SECURITY UPDATE: incomplete fix for out-of-bounds read in udhcp - debian/patches/CVE-2019-5747.patch: when decoding DHCP_SUBNET, ensure it is 4 bytes long in networking/udhcp/common.*, networking/udhcp/dhcpc.c. - CVE-2019-5747 * debian/rules: fix nocheck test so test suite gets run during build and set SKIP_INTERNET_TESTS=y. Date: 2019-03-07 15:05:18.047879+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/busybox/1:1.22.0-15ubuntu1.4 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] policykit-1 0.105-14.1ubuntu0.5 (Accepted)
policykit-1 (0.105-14.1ubuntu0.5) xenial-security; urgency=medium * SECURITY UPDATE: start time protection mechanism bypass - debian/patches/CVE-2019-6133.patch: Compare PolkitUnixProcess uids for temporary authorizations in src/polkit/polkitsubject.c, src/polkit/polkitunixprocess.c, src/polkitbackend/polkitbackendinteractiveauthority.c. - CVE-2019-6133 Date: 2019-03-27 14:37:14.729246+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/policykit-1/0.105-14.1ubuntu0.5 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes