[ubuntu/xenial-proposed] linux_4.4.0-195.227_amd64.tar.gz - (Accepted)
linux (4.4.0-195.227) xenial; urgency=medium * xenial/linux: 4.4.0-195.227 -proposed tracker (LP: #1903107) * Update kernel packaging to support forward porting kernels (LP: #1902957) - [Debian] Update for leader included in BACKPORT_SUFFIX * Avoid double newline when running insertchanges (LP: #1903293) - [Packaging] insertchanges: avoid double newline * EFI: Fails when BootCurrent entry does not exist (LP: #183) - efivarfs: Replace invalid slashes with exclamation marks in dentries. * CVE-2020-14351 - perf/core: Fix race in the perf_mmap_close() function * CVE-2020-25645 - geneve: add transport ports in route lookup for geneve * Xenial update: v4.4.241 upstream stable release (LP: #1902097) - ibmveth: Identify ingress large send packets. - tipc: fix the skb_unshare() in tipc_buf_append() - net/ipv4: always honour route mtu during forwarding - r8169: fix data corruption issue on RTL8402 - ALSA: bebob: potential info leak in hwdep_read() - mm/kasan: print name of mem[set,cpy,move]() caller in report - mm/kasan: add API to check memory regions - compiler.h, kasan: Avoid duplicating __read_once_size_nocheck() - compiler.h: Add read_word_at_a_time() function. - lib/strscpy: Shut up KASAN false-positives in strscpy() - x86/mm/ptdump: Fix soft lockup in page table walker - net: hdlc: In hdlc_rcv, check to make sure dev is an HDLC device - net: hdlc_raw_eth: Clear the IFF_TX_SKB_SHARING flag after calling ether_setup - nfc: Ensure presence of NFC_ATTR_FIRMWARE_NAME attribute in nfc_genl_fw_download() - tcp: fix to update snd_wl1 in bulk receiver fast path - icmp: randomize the global rate limiter - cifs: remove bogus debug code - ima: Don't ignore errors from crypto_shash_update() - EDAC/i5100: Fix error handling order in i5100_init_one() - crypto: ixp4xx - Fix the size used in a 'dma_free_coherent()' call - media: Revert "media: exynos4-is: Add missed check for pinctrl_lookup_state()" - media: m5mols: Check function pointer in m5mols_sensor_power - media: omap3isp: Fix memleak in isp_probe - crypto: omap-sham - fix digcnt register handling with export/import - media: tc358743: initialize variable - media: ti-vpe: Fix a missing check and reference count leak - ath6kl: prevent potential array overflow in ath6kl_add_new_sta() - ath9k: Fix potential out of bounds in ath9k_htc_txcompletion_cb() - wcn36xx: Fix reported 802.11n rx_highest rate wcn3660/wcn3680 - mwifiex: Do not use GFP_KERNEL in atomic context - drm/gma500: fix error check - scsi: qla4xxx: Fix an error handling path in 'qla4xxx_get_host_stats()' - scsi: csiostor: Fix wrong return value in csio_hw_prep_fw() - backlight: sky81452-backlight: Fix refcount imbalance on error - VMCI: check return value of get_user_pages_fast() for errors - tty: serial: earlycon dependency - pty: do tty_flip_buffer_push without port->lock in pty_write - drivers/virt/fsl_hypervisor: Fix error handling path - video: fbdev: vga16fb: fix setting of pixclock because a pass-by-value error - video: fbdev: sis: fix null ptr dereference - HID: roccat: add bounds checking in kone_sysfs_write_settings() - ath6kl: wmi: prevent a shift wrapping bug in ath6kl_wmi_delete_pstream_cmd() - misc: mic: scif: Fix error handling path - ALSA: seq: oss: Avoid mutex lock for a long-time ioctl - quota: clear padding in v2r1_mem2diskdqb() - net: enic: Cure the enic api locking trainwreck - mfd: sm501: Fix leaks in probe() - usb: gadget: u_ether: enable qmult on SuperSpeed Plus as well - nl80211: fix non-split wiphy information - mwifiex: fix double free - net: korina: fix kfree of rx/tx descriptor array - IB/mlx4: Adjust delayed work when a dup is observed - powerpc/pseries: Fix missing of_node_put() in rng_init() - powerpc/icp-hv: Fix missing of_node_put() in success path - mtd: lpddr: fix excessive stack usage with clang - mtd: mtdoops: Don't write panic data twice - ARM: 9007/1: l2c: fix prefetch bits init in L2X0_AUX_CTRL using DT values - powerpc/tau: Use appropriate temperature sample interval - powerpc/tau: Remove duplicated set_thresholds() call - powerpc/tau: Disable TAU between measurements - perf intel-pt: Fix "context_switch event has no tid" error - kdb: Fix pager search for multi-line strings - powerpc/perf/hv-gpci: Fix starting index value - cpufreq: powernv: Fix frame-size-overflow in powernv_cpufreq_reboot_notifier - lib/crc32.c: fix trivial typo in preprocessor condition - vfio/pci: Clear token on bypass registration failure - Input: imx6ul_tsc - clean up some errors in imx6ul_tsc_resume() - Input: ep93xx_keypad - fix handling of platform_get_irq() error - Input: omap4-keypad - fix handling of platform_get_irq() error - Input: sun4i-ps2 - fix ha
[ubuntu/xenial-proposed] linux-signed 4.4.0-195.227 (Accepted)
linux-signed (4.4.0-195.227) xenial; urgency=medium * Master version: 4.4.0-195.227 Date: 2020-11-09 20:34:58.236931+00:00 Changed-By: Stefan Bader Signed-By: Andy Whitcroft https://launchpad.net/ubuntu/+source/linux-signed/4.4.0-195.227 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-proposed] linux-meta 4.4.0.195.201 (Accepted)
linux-meta (4.4.0.195.201) xenial; urgency=medium * Bump ABI 4.4.0-195 Date: 2020-11-09 20:34:59.687179+00:00 Changed-By: Stefan Bader Signed-By: Andy Whitcroft https://launchpad.net/ubuntu/+source/linux-meta/4.4.0.195.201 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-proposed] linux 4.4.0-195.227 (Accepted)
linux (4.4.0-195.227) xenial; urgency=medium * xenial/linux: 4.4.0-195.227 -proposed tracker (LP: #1903107) * Update kernel packaging to support forward porting kernels (LP: #1902957) - [Debian] Update for leader included in BACKPORT_SUFFIX * Avoid double newline when running insertchanges (LP: #1903293) - [Packaging] insertchanges: avoid double newline * EFI: Fails when BootCurrent entry does not exist (LP: #183) - efivarfs: Replace invalid slashes with exclamation marks in dentries. * CVE-2020-14351 - perf/core: Fix race in the perf_mmap_close() function * CVE-2020-25645 - geneve: add transport ports in route lookup for geneve * Xenial update: v4.4.241 upstream stable release (LP: #1902097) - ibmveth: Identify ingress large send packets. - tipc: fix the skb_unshare() in tipc_buf_append() - net/ipv4: always honour route mtu during forwarding - r8169: fix data corruption issue on RTL8402 - ALSA: bebob: potential info leak in hwdep_read() - mm/kasan: print name of mem[set,cpy,move]() caller in report - mm/kasan: add API to check memory regions - compiler.h, kasan: Avoid duplicating __read_once_size_nocheck() - compiler.h: Add read_word_at_a_time() function. - lib/strscpy: Shut up KASAN false-positives in strscpy() - x86/mm/ptdump: Fix soft lockup in page table walker - net: hdlc: In hdlc_rcv, check to make sure dev is an HDLC device - net: hdlc_raw_eth: Clear the IFF_TX_SKB_SHARING flag after calling ether_setup - nfc: Ensure presence of NFC_ATTR_FIRMWARE_NAME attribute in nfc_genl_fw_download() - tcp: fix to update snd_wl1 in bulk receiver fast path - icmp: randomize the global rate limiter - cifs: remove bogus debug code - ima: Don't ignore errors from crypto_shash_update() - EDAC/i5100: Fix error handling order in i5100_init_one() - crypto: ixp4xx - Fix the size used in a 'dma_free_coherent()' call - media: Revert "media: exynos4-is: Add missed check for pinctrl_lookup_state()" - media: m5mols: Check function pointer in m5mols_sensor_power - media: omap3isp: Fix memleak in isp_probe - crypto: omap-sham - fix digcnt register handling with export/import - media: tc358743: initialize variable - media: ti-vpe: Fix a missing check and reference count leak - ath6kl: prevent potential array overflow in ath6kl_add_new_sta() - ath9k: Fix potential out of bounds in ath9k_htc_txcompletion_cb() - wcn36xx: Fix reported 802.11n rx_highest rate wcn3660/wcn3680 - mwifiex: Do not use GFP_KERNEL in atomic context - drm/gma500: fix error check - scsi: qla4xxx: Fix an error handling path in 'qla4xxx_get_host_stats()' - scsi: csiostor: Fix wrong return value in csio_hw_prep_fw() - backlight: sky81452-backlight: Fix refcount imbalance on error - VMCI: check return value of get_user_pages_fast() for errors - tty: serial: earlycon dependency - pty: do tty_flip_buffer_push without port->lock in pty_write - drivers/virt/fsl_hypervisor: Fix error handling path - video: fbdev: vga16fb: fix setting of pixclock because a pass-by-value error - video: fbdev: sis: fix null ptr dereference - HID: roccat: add bounds checking in kone_sysfs_write_settings() - ath6kl: wmi: prevent a shift wrapping bug in ath6kl_wmi_delete_pstream_cmd() - misc: mic: scif: Fix error handling path - ALSA: seq: oss: Avoid mutex lock for a long-time ioctl - quota: clear padding in v2r1_mem2diskdqb() - net: enic: Cure the enic api locking trainwreck - mfd: sm501: Fix leaks in probe() - usb: gadget: u_ether: enable qmult on SuperSpeed Plus as well - nl80211: fix non-split wiphy information - mwifiex: fix double free - net: korina: fix kfree of rx/tx descriptor array - IB/mlx4: Adjust delayed work when a dup is observed - powerpc/pseries: Fix missing of_node_put() in rng_init() - powerpc/icp-hv: Fix missing of_node_put() in success path - mtd: lpddr: fix excessive stack usage with clang - mtd: mtdoops: Don't write panic data twice - ARM: 9007/1: l2c: fix prefetch bits init in L2X0_AUX_CTRL using DT values - powerpc/tau: Use appropriate temperature sample interval - powerpc/tau: Remove duplicated set_thresholds() call - powerpc/tau: Disable TAU between measurements - perf intel-pt: Fix "context_switch event has no tid" error - kdb: Fix pager search for multi-line strings - powerpc/perf/hv-gpci: Fix starting index value - cpufreq: powernv: Fix frame-size-overflow in powernv_cpufreq_reboot_notifier - lib/crc32.c: fix trivial typo in preprocessor condition - vfio/pci: Clear token on bypass registration failure - Input: imx6ul_tsc - clean up some errors in imx6ul_tsc_resume() - Input: ep93xx_keypad - fix handling of platform_get_irq() error - Input: omap4-keypad - fix handling of platform_get_irq() error - Input: sun4i-ps2 - fix ha
[ubuntu/xenial-updates] slirp 1:1.0.17-8ubuntu16.04.1 (Accepted)
slirp (1:1.0.17-8ubuntu16.04.1) xenial-security; urgency=medium * SECURITY UPDATE: Heap-based buffer overflows - debian/patches/014_CVE-2020-7039.patch: tcp_emu: Fix oob access - debian/patches/CVE-2020-8608.patch: tcp_emu: fix unsafe snprintf() usages and util: add slirp_fmt() helpers - CVE-2020-7039 - CVE-2020-8608 Date: 2020-11-12 17:28:15.065248+00:00 Changed-By: Paulo Flabiano Smorigo Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/+source/slirp/1:1.0.17-8ubuntu16.04.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] slirp 1:1.0.17-8ubuntu16.04.1 (Accepted)
slirp (1:1.0.17-8ubuntu16.04.1) xenial-security; urgency=medium * SECURITY UPDATE: Heap-based buffer overflows - debian/patches/014_CVE-2020-7039.patch: tcp_emu: Fix oob access - debian/patches/CVE-2020-8608.patch: tcp_emu: fix unsafe snprintf() usages and util: add slirp_fmt() helpers - CVE-2020-7039 - CVE-2020-8608 Date: 2020-11-12 17:28:15.065248+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/slirp/1:1.0.17-8ubuntu16.04.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-updates] openjdk-8 8u275-b01-0ubuntu1~16.04 (Accepted)
openjdk-8 (8u275-b01-0ubuntu1~16.04) xenial-security; urgency=medium * Backport from Hirsute. openjdk-8 (8u275-b01-0ubuntu1) hirsute; urgency=medium * Update to 8u275-b01 (GA). Patch aarch32 and aarch64 to 8u275-b01. * Regression fixes: - JDK-8214440: ldap over a TLS connection negotiate failed with "javax.net.ssl.SSLPeerUnverifiedException: hostname of the server '' does not match the hostname in the server's certificate" - JDK-8223940: Private key not supported by chosen signature algorithm - JDK-8236512: PKCS11 Connection closed after Cipher.doFinal and NoPadding - JDK-8250861: Crash in MinINode::Ideal(PhaseGVN*, bool) openjdk-8 (8u272-b10-0ubuntu1) hirsute; urgency=medium * Update to 8u272-b10 (GA). Patch aarch32 to 8u272-b10. * Security fixes: - JDK-8236862, CVE-2020-14779: Enhance support of Proxy class. - JDK-8237990, CVE-2020-14781: Enhanced LDAP contexts. - JDK-8237995, CVE-2020-14782: Enhance certificate processing. - JDK-8241114, CVE-2020-14792: Better range handling. - JDK-8242680, CVE-2020-14796: Improved URI Support. - JDK-8242685, CVE-2020-14797: Better Path Validation. - JDK-8242695, CVE-2020-14798: Enhanced buffer support. - JDK-8244136, CVE-2020-14803: Improved Buffer supports. - JDK-8233624: Enhance JNI linkage. - JDK-8236196: Improve string pooling. - JDK-8240124: Better VM Interning. - JDK-8243302: Advanced class supports. - JDK-8244479: Further constrain certificates. - JDK-8244955: Additional Fix for JDK-8240124. - JDK-8245407: Enhance zoning of times. - JDK-8245412: Better class definitions. - JDK-8245417: Improve certificate chain handling. - JDK-8248574: Improve jpeg processing. - JDK-8249927: Specify limits of jdk.serialProxyInterfaceLimit. - JDK-8253019: Enhanced JPEG decoding. * New features: - JDK-8245468: Add TLSv1.3 implementation classes from 11.0.7. Date: 2020-11-09 03:15:13.235575+00:00 Changed-By: Tiago Stürmer Daitx Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/+source/openjdk-8/8u275-b01-0ubuntu1~16.04 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] openjdk-8 8u275-b01-0ubuntu1~16.04 (Accepted)
openjdk-8 (8u275-b01-0ubuntu1~16.04) xenial-security; urgency=medium * Backport from Hirsute. openjdk-8 (8u275-b01-0ubuntu1) hirsute; urgency=medium * Update to 8u275-b01 (GA). Patch aarch32 and aarch64 to 8u275-b01. * Regression fixes: - JDK-8214440: ldap over a TLS connection negotiate failed with "javax.net.ssl.SSLPeerUnverifiedException: hostname of the server '' does not match the hostname in the server's certificate" - JDK-8223940: Private key not supported by chosen signature algorithm - JDK-8236512: PKCS11 Connection closed after Cipher.doFinal and NoPadding - JDK-8250861: Crash in MinINode::Ideal(PhaseGVN*, bool) openjdk-8 (8u272-b10-0ubuntu1) hirsute; urgency=medium * Update to 8u272-b10 (GA). Patch aarch32 to 8u272-b10. * Security fixes: - JDK-8236862, CVE-2020-14779: Enhance support of Proxy class. - JDK-8237990, CVE-2020-14781: Enhanced LDAP contexts. - JDK-8237995, CVE-2020-14782: Enhance certificate processing. - JDK-8241114, CVE-2020-14792: Better range handling. - JDK-8242680, CVE-2020-14796: Improved URI Support. - JDK-8242685, CVE-2020-14797: Better Path Validation. - JDK-8242695, CVE-2020-14798: Enhanced buffer support. - JDK-8244136, CVE-2020-14803: Improved Buffer supports. - JDK-8233624: Enhance JNI linkage. - JDK-8236196: Improve string pooling. - JDK-8240124: Better VM Interning. - JDK-8243302: Advanced class supports. - JDK-8244479: Further constrain certificates. - JDK-8244955: Additional Fix for JDK-8240124. - JDK-8245407: Enhance zoning of times. - JDK-8245412: Better class definitions. - JDK-8245417: Improve certificate chain handling. - JDK-8248574: Improve jpeg processing. - JDK-8249927: Specify limits of jdk.serialProxyInterfaceLimit. - JDK-8253019: Enhanced JPEG decoding. * New features: - JDK-8245468: Add TLSv1.3 implementation classes from 11.0.7. Date: 2020-11-09 03:15:13.235575+00:00 Changed-By: Tiago Stürmer Daitx Signed-By: Eduardo Barretto https://launchpad.net/ubuntu/+source/openjdk-8/8u275-b01-0ubuntu1~16.04 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-updates] apport 2.20.1-0ubuntu2.27 (Accepted)
apport (2.20.1-0ubuntu2.27) xenial-security; urgency=medium * Various security hardening fixes (LP: #1903332) - apport/fileutils.py: drop privileges in the correct order, limit settings file size. - apport/apport/report.py: properly drop privileges, limit ignore file size. - data/apport: drop supplemental groups. Date: 2020-11-11 12:54:06.364370+00:00 Changed-By: Marc Deslauriers Maintainer: Martin Pitt Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/+source/apport/2.20.1-0ubuntu2.27 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] apport 2.20.1-0ubuntu2.27 (Accepted)
apport (2.20.1-0ubuntu2.27) xenial-security; urgency=medium * Various security hardening fixes (LP: #1903332) - apport/fileutils.py: drop privileges in the correct order, limit settings file size. - apport/apport/report.py: properly drop privileges, limit ignore file size. - data/apport: drop supplemental groups. apport (2.20.1-0ubuntu2.26) xenial; urgency=medium * data/apport: In the event that the crashing executable does not exist on disk any more the path name of the executable (passed by core) is appended with '(deleted)' because apport is currently using sys.argv for argument parsing there end up being too many arguments and apport crashes. This is fixed by adding handling for six arguments. (LP: #1899195) apport (2.20.1-0ubuntu2.25) xenial; urgency=medium * data/apport: Introduce support for non-positional arguments so we can easily extend core_pattern in the future (LP: #1732962) Date: 2020-11-11 12:54:06.364370+00:00 Changed-By: Marc Deslauriers Maintainer: Martin Pitt https://launchpad.net/ubuntu/+source/apport/2.20.1-0ubuntu2.27 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
