** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1913392
Title: Security Repository Doesn't Contain USN-4689-4 Fixed Kernel Version Status in linux package in Ubuntu: New Bug description: https://ubuntu.com/security/notices/USN-4689-4 says that the fixed version of Ubuntu 20.04 is: linux-image-5.4.0-64-generic - 5.4.0-64.72 With only the focal and focal-security sources enabled this version is not installed. Only linux-image-5.4.0-62-generic is installed. We've had automated vulnerability tools flag some of our hosts as vulnerable due to this mismatch. To reproduce this, I tried a clean install using a 20.04 live server cd, with network disabled. I then enabled only the focal and focal-security repos: root@ubuntu-test:/home/danp# cat /etc/apt/sources.list /etc/apt/sources.list.d/* # See http://help.ubuntu.com/community/UpgradeNotes for how to upgrade to # newer versions of the distribution. deb http://archive.ubuntu.com/ubuntu focal main restricted deb http://archive.ubuntu.com/ubuntu focal-security main restricted cat: '/etc/apt/sources.list.d/*': No such file or directory root@ubuntu-test:/home/danp# apt update && apt list --upgradable Hit:1 http://archive.ubuntu.com/ubuntu focal InRelease Hit:2 http://archive.ubuntu.com/ubuntu focal-security InRelease Reading package lists... Done Building dependency tree Reading state information... Done All packages are up to date. Listing... Done root@ubuntu-test:/home/danp# dpkg -l | grep linux-image-5.4 ii linux-image-5.4.0-26-generic 5.4.0-26.30 amd64 Signed kernel image generic ii linux-image-5.4.0-62-generic 5.4.0-62.70 amd64 Signed kernel image generic ProblemType: Bug DistroRelease: Ubuntu 20.04 Package: linux-image-5.4.0-62-generic 5.4.0-62.70 ProcVersionSignature: Ubuntu 5.4.0-62.70-generic 5.4.78 Uname: Linux 5.4.0-62-generic x86_64 AlsaDevices: total 0 crw-rw----+ 1 root audio 116, 1 Jan 27 07:35 seq crw-rw----+ 1 root audio 116, 33 Jan 27 07:35 timer AplayDevices: Error: [Errno 2] No such file or directory: 'aplay' ApportVersion: 2.20.11-0ubuntu27.12 Architecture: amd64 ArecordDevices: Error: [Errno 2] No such file or directory: 'arecord' AudioDevicesInUse: Error: command ['fuser', '-v', '/dev/snd/seq', '/dev/snd/timer'] failed with exit code 1: CasperMD5CheckResult: pass Date: Wed Jan 27 07:38:40 2021 InstallationDate: Installed on 2021-01-27 (0 days ago) InstallationMedia: Ubuntu-Server 20.04 LTS "Focal Fossa" - Release amd64 (20200423) IwConfig: Error: [Errno 2] No such file or directory: 'iwconfig' Lsusb: Bus 001 Device 002: ID 0627:0001 Adomax Technology Co., Ltd QEMU USB Tablet Bus 001 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub Lsusb-t: /: Bus 01.Port 1: Dev 1, Class=root_hub, Driver=uhci_hcd/2p, 12M |__ Port 1: Dev 2, If 0, Class=Human Interface Device, Driver=usbhid, 12M MachineType: QEMU Standard PC (i440FX + PIIX, 1996) PciMultimedia: ProcEnviron: TERM=xterm-256color PATH=(custom, no user) LANG=en_US.UTF-8 SHELL=/bin/bash ProcFB: 0 bochs-drmdrmfb ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-5.4.0-62-generic root=UUID=00a34725-3888-4064-a820-bab3d2bdab8a ro maybe-ubiquity RelatedPackageVersions: linux-restricted-modules-5.4.0-62-generic N/A linux-backports-modules-5.4.0-62-generic N/A linux-firmware 1.187 RfKill: Error: [Errno 2] No such file or directory: 'rfkill' SourcePackage: linux UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 04/01/2014 dmi.bios.vendor: SeaBIOS dmi.bios.version: rel-1.13.0-48-gd9c812dda519-prebuilt.qemu.org dmi.chassis.type: 1 dmi.chassis.vendor: QEMU dmi.chassis.version: pc-i440fx-5.1 dmi.modalias: dmi:bvnSeaBIOS:bvrrel-1.13.0-48-gd9c812dda519-prebuilt.qemu.org:bd04/01/2014:svnQEMU:pnStandardPC(i440FX+PIIX,1996):pvrpc-i440fx-5.1:cvnQEMU:ct1:cvrpc-i440fx-5.1: dmi.product.name: Standard PC (i440FX + PIIX, 1996) dmi.product.version: pc-i440fx-5.1 dmi.sys.vendor: QEMU To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1913392/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
