This bug was fixed in the package linux - 5.19.0-15.15
---
linux (5.19.0-15.15) kinetic; urgency=medium
* kinetic/linux: 5.19.0-15.15 -proposed tracker (LP: #1983335)
* Miscellaneous Ubuntu changes
- [Config] update annotations to support both gcc-11 and gcc-12
-- Andrea
** Changed in: oem-priority
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-oem-5.17 in Ubuntu.
https://bugs.launchpad.net/bugs/1972802
Title:
enable config for fixing 5.17 kernel
This bug was fixed in the package linux-oem-5.17 - 5.17.0-1011.12
---
linux-oem-5.17 (5.17.0-1011.12) jammy; urgency=medium
* CVE-2022-1972
- netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
* CVE-2022-1966
- netfilter: nf_tables: disallow non-stateful
** Tags added: verification-done-jammy
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-oem-5.17 in Ubuntu.
https://bugs.launchpad.net/bugs/1972802
Title:
enable config for fixing 5.17 kernel won't load mok
Status in OEM Priority
bug verified passed with linux-oem-22.04 5.17.0.1009.9 in jammy-proposed
** Changed in: oem-priority
Status: Triaged => Fix Committed
** Changed in: oem-priority
Assignee: (unassigned) => Yuan-Chen Cheng (ycheng-twn)
--
You received this bug notification because you are a member of
5.17-oem-1007 kernel have the fix, wait it's landing and then do
verification.
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-oem-5.17 in Ubuntu.
https://bugs.launchpad.net/bugs/1972802
Title:
enable config for fixing 5.17
install 5.17-oem 1005 kernel from jammy-proposed, it's not fixed yet.
# grep CONFIG_IMA_SECURE_AND_OR_TRUSTED_BOOT /boot/config-5.1*
/boot/config-5.17.0-1004-oem:# CONFIG_IMA_SECURE_AND_OR_TRUSTED_BOOT is not set
/boot/config-5.17.0-1005-oem:# CONFIG_IMA_SECURE_AND_OR_TRUSTED_BOOT is not set
#
** Changed in: linux-oem-5.17 (Ubuntu Jammy)
Status: In Progress => Fix Committed
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-oem-5.17 in Ubuntu.
https://bugs.launchpad.net/bugs/1972802
Title:
enable config for fixing
** Tags added: originate-from-1969557 somerville
** Changed in: oem-priority
Importance: Undecided => Critical
** Changed in: oem-priority
Status: New => Triaged
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-oem-5.17
** Description changed:
[Impact]
Mok keys is not trusted after kernel 5.17
[Fix]
Enable the CONFIG_IMA_SECURE_AND_OR_TRUSTED_BOOT and CONFIG_IMA_ARCH_POLICY
for fixing the patch
"[patch] integrity: Do not load MOK and MOKx when secure boot be disabled"
was added to check if
** Also affects: linux-oem-5.17 (Ubuntu)
Importance: Undecided
Status: New
** Also affects: linux-oem-5.17 (Ubuntu Jammy)
Importance: Undecided
Status: New
** Also affects: linux-oem-5.17 (Ubuntu Kinetic)
Importance: Undecided
Status: New
** Also affects: linux
11 matches
Mail list logo