[ubuntu/xenial-proposed] linux 4.4.0-160.188 (Accepted)

2019-08-15 Thread Andy Whitcroft
linux (4.4.0-160.188) xenial; urgency=medium

  * xenial/linux: 4.4.0-160.188 -proposed tracker (LP: #1840021)

  * Packaging resync (LP: #1786013)
- [Packaging] update helper scripts

  * EeePC 1005px laptop backlight is off after system boot up (LP: #1837117)
- platform/x86: asus-wmi: Only Tell EC the OS will handle display hotkeys 
from
  asus_nb_wmi

  * CVE-2019-10638
- [Config] CONFIG_TEST_HASH=n
- siphash: add cryptographically secure PRF
- inet: switch IP ID generator to siphash

  * Stacked onexec transitions fail when under NO NEW PRIVS restrictions
(LP: #1839037)
- SAUCE: apparmor: fix nnp subset check failure, when stacking

  * AppArmor onexec transition causes WARN kernel stack trace (LP: #1838627)
- SAUCE: apparmor: fix audit failures when performing profile transitions

  * flock not mediated by 'k' (LP: #1658219) // Ubuntu 16.04: read access
incorrectly implies 'm' rule (LP: #1838090)
- SAUCE: apparmor: flock mediation is not being, enforced on cache check

  * bcache: bch_allocator_thread(): hung task timeout (LP: #1784665) // Tight
timeout for bcache removal causes spurious failures (LP: #1796292)
- SAUCE: bcache: fix deadlock in bcache_allocator

  * bcache: bch_allocator_thread(): hung task timeout (LP: #1784665)
- bcache: improve bcache_reboot()
- bcache: add journal statistic
- bcache: fix high CPU occupancy during journal
- bcache: fix incorrect sysfs output value of strip size
- bcache: fix error return value in memory shrink
- bcache: fix using of loop variable in memory shrink
- bcache: Fix indentation
- bcache: Add __printf annotation to __bch_check_keys()
- bcache: Annotate switch fall-through
- bcache: Fix kernel-doc warnings
- bcache: Remove an unused variable
- bcache: Suppress more warnings about set-but-not-used variables
- bcache: Reduce the number of sparse complaints about lock imbalances
- bcache: Move couple of functions to sysfs.c

  * CVE-2019-3900
- vhost: introduce vhost_vq_avail_empty()
- vhost_net: tx batching
- vhost_net: do not stall on zerocopy depletion
- vhost-net: set packet weight of tx polling to 2 * vq size
- vhost_net: use packet weight for rx handler, too
- vhost_net: introduce vhost_exceeds_weight()
- vhost: introduce vhost_exceeds_weight()
- vhost_net: fix possible infinite loop
- vhost: scsi: add weight support

  * Xenial: ZFS deadlock in shrinker path with xattrs (LP: #1839521)
- SAUCE: (noup) Update zfs to 0.6.5.6-0ubuntu28

  * CVE-2019-13648
- powerpc/tm: Fix oops on sigreturn on systems without TM

  * CVE-2018-20856
- block: blk_init_allocated_queue() set q->fq as NULL in the fail case

  * CVE-2019-14283
- floppy: fix out-of-bounds read in copy_buffer

  * CVE-2019-14284
- floppy: fix div-by-zero in setup_format_params

  * Xenial update: 4.4.186 upstream stable release (LP: #1838467)
- Input: elantech - enable middle button support on 2 ThinkPads
- samples, bpf: fix to change the buffer size for read()
- mac80211: mesh: fix RCU warning
- dt-bindings: can: mcp251x: add mcp25625 support
- can: mcp251x: add support for mcp25625
- Input: imx_keypad - make sure keyboard can always wake up system
- ARM: davinci: da850-evm: call regulator_has_full_constraints()
- ARM: davinci: da8xx: specify dma_coherent_mask for lcdc
- md: fix for divide error in status_resync
- bnx2x: Check if transceiver implements DDM before access
- udf: Fix incorrect final NOT_ALLOCATED (hole) extent length
- x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()
- x86/tls: Fix possible spectre-v1 in do_get_thread_area()
- mwifiex: Abort at too short BSS descriptor element
- fscrypt: don't set policy for a dead directory
- mwifiex: Don't abort on small, spec-compliant vendor IEs
- USB: serial: ftdi_sio: add ID for isodebug v1
- USB: serial: option: add support for GosunCn ME3630 RNDIS mode
- usb: gadget: ether: Fix race between gether_disconnect and rx_submit
- usb: renesas_usbhs: add a workaround for a race condition of workqueue
- staging: comedi: dt282x: fix a null pointer deref on interrupt
- staging: comedi: amplc_pci230: fix null pointer deref on interrupt
- carl9170: fix misuse of device driver API
- VMCI: Fix integer overflow in VMCI handle arrays
- MIPS: Remove superfluous check for __linux__
- e1000e: start network tx queue only when link is up
- perf/core: Fix perf_sample_regs_user() mm check
- ARM: omap2: remove incorrect __init annotation
- be2net: fix link failure after ethtool offline test
- ppp: mppe: Add softdep to arc4
- sis900: fix TX completion
- dm verity: use message limit for data block corruption message
- kvm: x86: avoid warning on repeated KVM_SET_TSS_ADDR
- ARC: hide unused function unw_hdr_alloc
- s390: fix stfle zero padding
- 

[ubuntu/xenial-proposed] linux-signed 4.4.0-160.188 (Accepted)

2019-08-15 Thread Andy Whitcroft
linux-signed (4.4.0-160.188) xenial; urgency=medium

  * Master version: 4.4.0-160.188

Date: 2019-08-14 04:14:55.641841+00:00
Changed-By: Connor Kuehl 
Signed-By: Andy Whitcroft 
https://launchpad.net/ubuntu/+source/linux-signed/4.4.0-160.188
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes


[ubuntu/xenial-proposed] linux_4.4.0-160.188_amd64.tar.gz - (Accepted)

2019-08-15 Thread Connor Kuehl
linux (4.4.0-160.188) xenial; urgency=medium

  * xenial/linux: 4.4.0-160.188 -proposed tracker (LP: #1840021)

  * Packaging resync (LP: #1786013)
- [Packaging] update helper scripts

  * EeePC 1005px laptop backlight is off after system boot up (LP: #1837117)
- platform/x86: asus-wmi: Only Tell EC the OS will handle display hotkeys 
from
  asus_nb_wmi

  * CVE-2019-10638
- [Config] CONFIG_TEST_HASH=n
- siphash: add cryptographically secure PRF
- inet: switch IP ID generator to siphash

  * Stacked onexec transitions fail when under NO NEW PRIVS restrictions
(LP: #1839037)
- SAUCE: apparmor: fix nnp subset check failure, when stacking

  * AppArmor onexec transition causes WARN kernel stack trace (LP: #1838627)
- SAUCE: apparmor: fix audit failures when performing profile transitions

  * flock not mediated by 'k' (LP: #1658219) // Ubuntu 16.04: read access
incorrectly implies 'm' rule (LP: #1838090)
- SAUCE: apparmor: flock mediation is not being, enforced on cache check

  * bcache: bch_allocator_thread(): hung task timeout (LP: #1784665) // Tight
timeout for bcache removal causes spurious failures (LP: #1796292)
- SAUCE: bcache: fix deadlock in bcache_allocator

  * bcache: bch_allocator_thread(): hung task timeout (LP: #1784665)
- bcache: improve bcache_reboot()
- bcache: add journal statistic
- bcache: fix high CPU occupancy during journal
- bcache: fix incorrect sysfs output value of strip size
- bcache: fix error return value in memory shrink
- bcache: fix using of loop variable in memory shrink
- bcache: Fix indentation
- bcache: Add __printf annotation to __bch_check_keys()
- bcache: Annotate switch fall-through
- bcache: Fix kernel-doc warnings
- bcache: Remove an unused variable
- bcache: Suppress more warnings about set-but-not-used variables
- bcache: Reduce the number of sparse complaints about lock imbalances
- bcache: Move couple of functions to sysfs.c

  * CVE-2019-3900
- vhost: introduce vhost_vq_avail_empty()
- vhost_net: tx batching
- vhost_net: do not stall on zerocopy depletion
- vhost-net: set packet weight of tx polling to 2 * vq size
- vhost_net: use packet weight for rx handler, too
- vhost_net: introduce vhost_exceeds_weight()
- vhost: introduce vhost_exceeds_weight()
- vhost_net: fix possible infinite loop
- vhost: scsi: add weight support

  * Xenial: ZFS deadlock in shrinker path with xattrs (LP: #1839521)
- SAUCE: (noup) Update zfs to 0.6.5.6-0ubuntu28

  * CVE-2019-13648
- powerpc/tm: Fix oops on sigreturn on systems without TM

  * CVE-2018-20856
- block: blk_init_allocated_queue() set q->fq as NULL in the fail case

  * CVE-2019-14283
- floppy: fix out-of-bounds read in copy_buffer

  * CVE-2019-14284
- floppy: fix div-by-zero in setup_format_params

  * Xenial update: 4.4.186 upstream stable release (LP: #1838467)
- Input: elantech - enable middle button support on 2 ThinkPads
- samples, bpf: fix to change the buffer size for read()
- mac80211: mesh: fix RCU warning
- dt-bindings: can: mcp251x: add mcp25625 support
- can: mcp251x: add support for mcp25625
- Input: imx_keypad - make sure keyboard can always wake up system
- ARM: davinci: da850-evm: call regulator_has_full_constraints()
- ARM: davinci: da8xx: specify dma_coherent_mask for lcdc
- md: fix for divide error in status_resync
- bnx2x: Check if transceiver implements DDM before access
- udf: Fix incorrect final NOT_ALLOCATED (hole) extent length
- x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()
- x86/tls: Fix possible spectre-v1 in do_get_thread_area()
- mwifiex: Abort at too short BSS descriptor element
- fscrypt: don't set policy for a dead directory
- mwifiex: Don't abort on small, spec-compliant vendor IEs
- USB: serial: ftdi_sio: add ID for isodebug v1
- USB: serial: option: add support for GosunCn ME3630 RNDIS mode
- usb: gadget: ether: Fix race between gether_disconnect and rx_submit
- usb: renesas_usbhs: add a workaround for a race condition of workqueue
- staging: comedi: dt282x: fix a null pointer deref on interrupt
- staging: comedi: amplc_pci230: fix null pointer deref on interrupt
- carl9170: fix misuse of device driver API
- VMCI: Fix integer overflow in VMCI handle arrays
- MIPS: Remove superfluous check for __linux__
- e1000e: start network tx queue only when link is up
- perf/core: Fix perf_sample_regs_user() mm check
- ARM: omap2: remove incorrect __init annotation
- be2net: fix link failure after ethtool offline test
- ppp: mppe: Add softdep to arc4
- sis900: fix TX completion
- dm verity: use message limit for data block corruption message
- kvm: x86: avoid warning on repeated KVM_SET_TSS_ADDR
- ARC: hide unused function unw_hdr_alloc
- s390: fix stfle zero padding
- 

[ubuntu/xenial-security] nginx 1.10.3-0ubuntu0.16.04.4 (Accepted)

2019-08-15 Thread Marc Deslauriers
nginx (1.10.3-0ubuntu0.16.04.4) xenial-security; urgency=medium

  * SECURITY UPDATE: HTTP/2 Data Dribble issue
- debian/patches/CVE-2019-9511.patch: limited number of DATA frames in
  src/http/v2/ngx_http_v2.c, src/http/v2/ngx_http_v2.h,
  src/http/v2/ngx_http_v2_filter_module.c.
- CVE-2019-9511
  * SECURITY UPDATE: HTTP/2 Resource Loop / Priority Shuffling issue
- debian/patches/CVE-2019-9513.patch: limited number of PRIORITY frames
  in src/http/v2/ngx_http_v2.c, src/http/v2/ngx_http_v2.h.
- CVE-2019-9513
  * SECURITY UPDATE: HTTP/2 0-Length Headers Leak issue
- debian/patches/CVE-2019-9516.patch: reject zero length headers with
  PROTOCOL_ERROR in src/http/v2/ngx_http_v2.c.
- CVE-2019-9516

Date: 2019-08-14 19:35:16.907476+00:00
Changed-By: Marc Deslauriers 
https://launchpad.net/ubuntu/+source/nginx/1.10.3-0ubuntu0.16.04.4
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes


[ubuntu/xenial-proposed] linux-meta-raspi2 4.4.0.1119.119 (Accepted)

2019-08-15 Thread Andy Whitcroft
linux-meta-raspi2 (4.4.0.1119.119) xenial; urgency=medium

  * Bump ABI 4.4.0-1119

Date: 2019-08-14 16:23:59.141395+00:00
Changed-By: Kleber Sacilotto de Souza 
Signed-By: Andy Whitcroft 
https://launchpad.net/ubuntu/+source/linux-meta-raspi2/4.4.0.1119.119
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes


[ubuntu/xenial-proposed] linux-raspi2 4.4.0-1119.128 (Accepted)

2019-08-15 Thread Andy Whitcroft
linux-raspi2 (4.4.0-1119.128) xenial; urgency=medium

  * xenial/linux-raspi2: 4.4.0-1119.128 -proposed tracker (LP: #1840014)

  * CVE-2019-10638
- raspi2: [Config] CONFIG_TEST_HASH=n

  [ Ubuntu: 4.4.0-160.188 ]

  * xenial/linux: 4.4.0-160.188 -proposed tracker (LP: #1840021)
  * Packaging resync (LP: #1786013)
- [Packaging] update helper scripts
  * EeePC 1005px laptop backlight is off after system boot up (LP: #1837117)
- platform/x86: asus-wmi: Only Tell EC the OS will handle display hotkeys 
from
  asus_nb_wmi
  * CVE-2019-10638
- [Config] CONFIG_TEST_HASH=n
- siphash: add cryptographically secure PRF
- inet: switch IP ID generator to siphash
  * Stacked onexec transitions fail when under NO NEW PRIVS restrictions
(LP: #1839037)
- SAUCE: apparmor: fix nnp subset check failure, when stacking
  * AppArmor onexec transition causes WARN kernel stack trace (LP: #1838627)
- SAUCE: apparmor: fix audit failures when performing profile transitions
  * flock not mediated by 'k' (LP: #1658219) // Ubuntu 16.04: read access
incorrectly implies 'm' rule (LP: #1838090)
- SAUCE: apparmor: flock mediation is not being, enforced on cache check
  * bcache: bch_allocator_thread(): hung task timeout (LP: #1784665) // Tight
timeout for bcache removal causes spurious failures (LP: #1796292)
- SAUCE: bcache: fix deadlock in bcache_allocator
  * bcache: bch_allocator_thread(): hung task timeout (LP: #1784665)
- bcache: improve bcache_reboot()
- bcache: add journal statistic
- bcache: fix high CPU occupancy during journal
- bcache: fix incorrect sysfs output value of strip size
- bcache: fix error return value in memory shrink
- bcache: fix using of loop variable in memory shrink
- bcache: Fix indentation
- bcache: Add __printf annotation to __bch_check_keys()
- bcache: Annotate switch fall-through
- bcache: Fix kernel-doc warnings
- bcache: Remove an unused variable
- bcache: Suppress more warnings about set-but-not-used variables
- bcache: Reduce the number of sparse complaints about lock imbalances
- bcache: Move couple of functions to sysfs.c
  * CVE-2019-3900
- vhost: introduce vhost_vq_avail_empty()
- vhost_net: tx batching
- vhost_net: do not stall on zerocopy depletion
- vhost-net: set packet weight of tx polling to 2 * vq size
- vhost_net: use packet weight for rx handler, too
- vhost_net: introduce vhost_exceeds_weight()
- vhost: introduce vhost_exceeds_weight()
- vhost_net: fix possible infinite loop
- vhost: scsi: add weight support
  * Xenial: ZFS deadlock in shrinker path with xattrs (LP: #1839521)
- SAUCE: (noup) Update zfs to 0.6.5.6-0ubuntu28
  * CVE-2019-13648
- powerpc/tm: Fix oops on sigreturn on systems without TM
  * CVE-2018-20856
- block: blk_init_allocated_queue() set q->fq as NULL in the fail case
  * CVE-2019-14283
- floppy: fix out-of-bounds read in copy_buffer
  * CVE-2019-14284
- floppy: fix div-by-zero in setup_format_params
  * Xenial update: 4.4.186 upstream stable release (LP: #1838467)
- Input: elantech - enable middle button support on 2 ThinkPads
- samples, bpf: fix to change the buffer size for read()
- mac80211: mesh: fix RCU warning
- dt-bindings: can: mcp251x: add mcp25625 support
- can: mcp251x: add support for mcp25625
- Input: imx_keypad - make sure keyboard can always wake up system
- ARM: davinci: da850-evm: call regulator_has_full_constraints()
- ARM: davinci: da8xx: specify dma_coherent_mask for lcdc
- md: fix for divide error in status_resync
- bnx2x: Check if transceiver implements DDM before access
- udf: Fix incorrect final NOT_ALLOCATED (hole) extent length
- x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()
- x86/tls: Fix possible spectre-v1 in do_get_thread_area()
- mwifiex: Abort at too short BSS descriptor element
- fscrypt: don't set policy for a dead directory
- mwifiex: Don't abort on small, spec-compliant vendor IEs
- USB: serial: ftdi_sio: add ID for isodebug v1
- USB: serial: option: add support for GosunCn ME3630 RNDIS mode
- usb: gadget: ether: Fix race between gether_disconnect and rx_submit
- usb: renesas_usbhs: add a workaround for a race condition of workqueue
- staging: comedi: dt282x: fix a null pointer deref on interrupt
- staging: comedi: amplc_pci230: fix null pointer deref on interrupt
- carl9170: fix misuse of device driver API
- VMCI: Fix integer overflow in VMCI handle arrays
- MIPS: Remove superfluous check for __linux__
- e1000e: start network tx queue only when link is up
- perf/core: Fix perf_sample_regs_user() mm check
- ARM: omap2: remove incorrect __init annotation
- be2net: fix link failure after ethtool offline test
- ppp: mppe: Add softdep to arc4
- sis900: fix TX completion
- dm verity: use message limit for data block corruption 

[ubuntu/xenial-updates] firefox 68.0.2+build1-0ubuntu0.16.04.1 (Accepted)

2019-08-15 Thread Ubuntu Archive Robot
firefox (68.0.2+build1-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream stable release (68.0.2build1)

Date: 2019-08-13 21:56:13.971855+00:00
Changed-By: Olivier Tilloy 
Signed-By: Ubuntu Archive Robot 

https://launchpad.net/ubuntu/+source/firefox/68.0.2+build1-0ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes


[ubuntu/xenial-proposed] linux-signed-hwe 4.15.0-59.66~16.04.1 (Accepted)

2019-08-15 Thread Andy Whitcroft
linux-signed-hwe (4.15.0-59.66~16.04.1) xenial; urgency=medium

  * Master version: 4.15.0-59.66~16.04.1

Date: 2019-08-14 15:38:55.428009+00:00
Changed-By: Stefan Bader 
Signed-By: Andy Whitcroft 
https://launchpad.net/ubuntu/+source/linux-signed-hwe/4.15.0-59.66~16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes


[ubuntu/xenial-proposed] linux-meta-hwe 4.15.0.59.80 (Accepted)

2019-08-15 Thread Andy Whitcroft
linux-meta-hwe (4.15.0.59.80) xenial; urgency=medium

  * Bump ABI 4.15.0-59

Date: 2019-08-14 15:38:57.530067+00:00
Changed-By: Stefan Bader 
Signed-By: Andy Whitcroft 
https://launchpad.net/ubuntu/+source/linux-meta-hwe/4.15.0.59.80
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes


[ubuntu/xenial-proposed] linux-aws 4.4.0-1091.102 (Accepted)

2019-08-15 Thread Andy Whitcroft
linux-aws (4.4.0-1091.102) xenial; urgency=medium

  * xenial/linux-aws: 4.4.0-1091.102 -proposed tracker (LP: #1840010)

  * CVE-2019-10638
- [Config] aws: CONFIG_TEST_HASH=n

  * Add the EFA driver into linux-aws (LP: #1837638)
- RDMA/efa: Add EFA device definitions
- RDMA/efa: Add the ABI definitions
- RDMA/efa: Add the efa.h header file
- RDMA/efa: Add the efa_com.h file
- RDMA/efa: Add the com service API definitions
- RDMA/efa: Implement functions that submit and complete admin commands
- RDMA/efa: Add common command handlers
- RDMA/efa: Add EFA verbs implementation
- RDMA/efa: Add the efa module
- RDMA/efa: Add driver to Kconfig/Makefile
- [Config] aws: CONFIG_INFINIBAND_EFA=m
- RDMA/efa: Remove MAYEXEC flag check from mmap flow
- RDMA/efa: Fix success return value in case of error
- RDMA/efa: Handle mmap insertions overflow
- SAUCE: Add kernel compatibility fixups
- SAUCE: linux/efa: Be consistent with success flow return value
- SAUCE: linux/efa: Entropy in admin commands id
- SAUCE: linux/efa: Fix modify QP udata check backport

  [ Ubuntu: 4.4.0-160.188 ]

  * xenial/linux: 4.4.0-160.188 -proposed tracker (LP: #1840021)
  * Packaging resync (LP: #1786013)
- [Packaging] update helper scripts
  * EeePC 1005px laptop backlight is off after system boot up (LP: #1837117)
- platform/x86: asus-wmi: Only Tell EC the OS will handle display hotkeys 
from
  asus_nb_wmi
  * CVE-2019-10638
- [Config] CONFIG_TEST_HASH=n
- siphash: add cryptographically secure PRF
- inet: switch IP ID generator to siphash
  * Stacked onexec transitions fail when under NO NEW PRIVS restrictions
(LP: #1839037)
- SAUCE: apparmor: fix nnp subset check failure, when stacking
  * AppArmor onexec transition causes WARN kernel stack trace (LP: #1838627)
- SAUCE: apparmor: fix audit failures when performing profile transitions
  * flock not mediated by 'k' (LP: #1658219) // Ubuntu 16.04: read access
incorrectly implies 'm' rule (LP: #1838090)
- SAUCE: apparmor: flock mediation is not being, enforced on cache check
  * bcache: bch_allocator_thread(): hung task timeout (LP: #1784665) // Tight
timeout for bcache removal causes spurious failures (LP: #1796292)
- SAUCE: bcache: fix deadlock in bcache_allocator
  * bcache: bch_allocator_thread(): hung task timeout (LP: #1784665)
- bcache: improve bcache_reboot()
- bcache: add journal statistic
- bcache: fix high CPU occupancy during journal
- bcache: fix incorrect sysfs output value of strip size
- bcache: fix error return value in memory shrink
- bcache: fix using of loop variable in memory shrink
- bcache: Fix indentation
- bcache: Add __printf annotation to __bch_check_keys()
- bcache: Annotate switch fall-through
- bcache: Fix kernel-doc warnings
- bcache: Remove an unused variable
- bcache: Suppress more warnings about set-but-not-used variables
- bcache: Reduce the number of sparse complaints about lock imbalances
- bcache: Move couple of functions to sysfs.c
  * CVE-2019-3900
- vhost: introduce vhost_vq_avail_empty()
- vhost_net: tx batching
- vhost_net: do not stall on zerocopy depletion
- vhost-net: set packet weight of tx polling to 2 * vq size
- vhost_net: use packet weight for rx handler, too
- vhost_net: introduce vhost_exceeds_weight()
- vhost: introduce vhost_exceeds_weight()
- vhost_net: fix possible infinite loop
- vhost: scsi: add weight support
  * Xenial: ZFS deadlock in shrinker path with xattrs (LP: #1839521)
- SAUCE: (noup) Update zfs to 0.6.5.6-0ubuntu28
  * CVE-2019-13648
- powerpc/tm: Fix oops on sigreturn on systems without TM
  * CVE-2018-20856
- block: blk_init_allocated_queue() set q->fq as NULL in the fail case
  * CVE-2019-14283
- floppy: fix out-of-bounds read in copy_buffer
  * CVE-2019-14284
- floppy: fix div-by-zero in setup_format_params
  * Xenial update: 4.4.186 upstream stable release (LP: #1838467)
- Input: elantech - enable middle button support on 2 ThinkPads
- samples, bpf: fix to change the buffer size for read()
- mac80211: mesh: fix RCU warning
- dt-bindings: can: mcp251x: add mcp25625 support
- can: mcp251x: add support for mcp25625
- Input: imx_keypad - make sure keyboard can always wake up system
- ARM: davinci: da850-evm: call regulator_has_full_constraints()
- ARM: davinci: da8xx: specify dma_coherent_mask for lcdc
- md: fix for divide error in status_resync
- bnx2x: Check if transceiver implements DDM before access
- udf: Fix incorrect final NOT_ALLOCATED (hole) extent length
- x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()
- x86/tls: Fix possible spectre-v1 in do_get_thread_area()
- mwifiex: Abort at too short BSS descriptor element
- fscrypt: don't set policy for a dead directory
- mwifiex: Don't abort on small, 

[ubuntu/xenial-security] firefox 68.0.2+build1-0ubuntu0.16.04.1 (Accepted)

2019-08-15 Thread Chris Coulson
firefox (68.0.2+build1-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream stable release (68.0.2build1)

Date: 2019-08-13 21:56:13.971855+00:00
Changed-By: Olivier Tilloy 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/firefox/68.0.2+build1-0ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes


[ubuntu/xenial-proposed] linux-meta 4.4.0.160.168 (Accepted)

2019-08-15 Thread Andy Whitcroft
linux-meta (4.4.0.160.168) xenial; urgency=medium

  * Bump ABI 4.4.0-160

Date: 2019-08-14 04:14:53.283888+00:00
Changed-By: Connor Kuehl 
Signed-By: Andy Whitcroft 
https://launchpad.net/ubuntu/+source/linux-meta/4.4.0.160.168
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes


[ubuntu/xenial-proposed] linux-meta-aws 4.4.0.1091.95 (Accepted)

2019-08-15 Thread Andy Whitcroft
linux-meta-aws (4.4.0.1091.95) xenial; urgency=medium

  * Bump ABI 4.4.0-1091

Date: 2019-08-14 12:33:56.066927+00:00
Changed-By: Stefan Bader 
Signed-By: Andy Whitcroft 
https://launchpad.net/ubuntu/+source/linux-meta-aws/4.4.0.1091.95
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes


[ubuntu/xenial-security] chromium-browser 76.0.3809.100-0ubuntu0.16.04.1 (Accepted)

2019-08-15 Thread Chris Coulson
chromium-browser (76.0.3809.100-0ubuntu0.16.04.1) xenial; urgency=medium

  * Upstream release: 76.0.3809.100
- CVE-2019-5868: Use-after-free in PDFium ExecuteFieldAction.
- CVE-2019-5867: Out-of-bounds read in V8.

Date: 2019-08-10 13:56:13.498579+00:00
Changed-By: Olivier Tilloy 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/chromium-browser/76.0.3809.100-0ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes


[ubuntu/xenial-updates] chromium-browser 76.0.3809.100-0ubuntu0.16.04.1 (Accepted)

2019-08-15 Thread Ubuntu Archive Robot
chromium-browser (76.0.3809.100-0ubuntu0.16.04.1) xenial; urgency=medium

  * Upstream release: 76.0.3809.100
- CVE-2019-5868: Use-after-free in PDFium ExecuteFieldAction.
- CVE-2019-5867: Out-of-bounds read in V8.

Date: 2019-08-10 13:56:13.498579+00:00
Changed-By: Olivier Tilloy 
Signed-By: Ubuntu Archive Robot 

https://launchpad.net/ubuntu/+source/chromium-browser/76.0.3809.100-0ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes


[ubuntu/xenial-updates] nginx 1.10.3-0ubuntu0.16.04.4 (Accepted)

2019-08-15 Thread Ubuntu Archive Robot
nginx (1.10.3-0ubuntu0.16.04.4) xenial-security; urgency=medium

  * SECURITY UPDATE: HTTP/2 Data Dribble issue
- debian/patches/CVE-2019-9511.patch: limited number of DATA frames in
  src/http/v2/ngx_http_v2.c, src/http/v2/ngx_http_v2.h,
  src/http/v2/ngx_http_v2_filter_module.c.
- CVE-2019-9511
  * SECURITY UPDATE: HTTP/2 Resource Loop / Priority Shuffling issue
- debian/patches/CVE-2019-9513.patch: limited number of PRIORITY frames
  in src/http/v2/ngx_http_v2.c, src/http/v2/ngx_http_v2.h.
- CVE-2019-9513
  * SECURITY UPDATE: HTTP/2 0-Length Headers Leak issue
- debian/patches/CVE-2019-9516.patch: reject zero length headers with
  PROTOCOL_ERROR in src/http/v2/ngx_http_v2.c.
- CVE-2019-9516

Date: 2019-08-14 19:35:16.907476+00:00
Changed-By: Marc Deslauriers 
Signed-By: Ubuntu Archive Robot 

https://launchpad.net/ubuntu/+source/nginx/1.10.3-0ubuntu0.16.04.4
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes


[ubuntu/xenial-proposed] linux-kvm 4.4.0-1055.62 (Accepted)

2019-08-15 Thread Andy Whitcroft
linux-kvm (4.4.0-1055.62) xenial; urgency=medium

  * xenial/linux-kvm: 4.4.0-1055.62 -proposed tracker (LP: #1840012)

  * CVE-2019-10638
- [Config] kvm: CONFIG_TEST_HASH=n

  [ Ubuntu: 4.4.0-160.188 ]

  * xenial/linux: 4.4.0-160.188 -proposed tracker (LP: #1840021)
  * Packaging resync (LP: #1786013)
- [Packaging] update helper scripts
  * EeePC 1005px laptop backlight is off after system boot up (LP: #1837117)
- platform/x86: asus-wmi: Only Tell EC the OS will handle display hotkeys 
from
  asus_nb_wmi
  * CVE-2019-10638
- [Config] CONFIG_TEST_HASH=n
- siphash: add cryptographically secure PRF
- inet: switch IP ID generator to siphash
  * Stacked onexec transitions fail when under NO NEW PRIVS restrictions
(LP: #1839037)
- SAUCE: apparmor: fix nnp subset check failure, when stacking
  * AppArmor onexec transition causes WARN kernel stack trace (LP: #1838627)
- SAUCE: apparmor: fix audit failures when performing profile transitions
  * flock not mediated by 'k' (LP: #1658219) // Ubuntu 16.04: read access
incorrectly implies 'm' rule (LP: #1838090)
- SAUCE: apparmor: flock mediation is not being, enforced on cache check
  * bcache: bch_allocator_thread(): hung task timeout (LP: #1784665) // Tight
timeout for bcache removal causes spurious failures (LP: #1796292)
- SAUCE: bcache: fix deadlock in bcache_allocator
  * bcache: bch_allocator_thread(): hung task timeout (LP: #1784665)
- bcache: improve bcache_reboot()
- bcache: add journal statistic
- bcache: fix high CPU occupancy during journal
- bcache: fix incorrect sysfs output value of strip size
- bcache: fix error return value in memory shrink
- bcache: fix using of loop variable in memory shrink
- bcache: Fix indentation
- bcache: Add __printf annotation to __bch_check_keys()
- bcache: Annotate switch fall-through
- bcache: Fix kernel-doc warnings
- bcache: Remove an unused variable
- bcache: Suppress more warnings about set-but-not-used variables
- bcache: Reduce the number of sparse complaints about lock imbalances
- bcache: Move couple of functions to sysfs.c
  * CVE-2019-3900
- vhost: introduce vhost_vq_avail_empty()
- vhost_net: tx batching
- vhost_net: do not stall on zerocopy depletion
- vhost-net: set packet weight of tx polling to 2 * vq size
- vhost_net: use packet weight for rx handler, too
- vhost_net: introduce vhost_exceeds_weight()
- vhost: introduce vhost_exceeds_weight()
- vhost_net: fix possible infinite loop
- vhost: scsi: add weight support
  * Xenial: ZFS deadlock in shrinker path with xattrs (LP: #1839521)
- SAUCE: (noup) Update zfs to 0.6.5.6-0ubuntu28
  * CVE-2019-13648
- powerpc/tm: Fix oops on sigreturn on systems without TM
  * CVE-2018-20856
- block: blk_init_allocated_queue() set q->fq as NULL in the fail case
  * CVE-2019-14283
- floppy: fix out-of-bounds read in copy_buffer
  * CVE-2019-14284
- floppy: fix div-by-zero in setup_format_params
  * Xenial update: 4.4.186 upstream stable release (LP: #1838467)
- Input: elantech - enable middle button support on 2 ThinkPads
- samples, bpf: fix to change the buffer size for read()
- mac80211: mesh: fix RCU warning
- dt-bindings: can: mcp251x: add mcp25625 support
- can: mcp251x: add support for mcp25625
- Input: imx_keypad - make sure keyboard can always wake up system
- ARM: davinci: da850-evm: call regulator_has_full_constraints()
- ARM: davinci: da8xx: specify dma_coherent_mask for lcdc
- md: fix for divide error in status_resync
- bnx2x: Check if transceiver implements DDM before access
- udf: Fix incorrect final NOT_ALLOCATED (hole) extent length
- x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()
- x86/tls: Fix possible spectre-v1 in do_get_thread_area()
- mwifiex: Abort at too short BSS descriptor element
- fscrypt: don't set policy for a dead directory
- mwifiex: Don't abort on small, spec-compliant vendor IEs
- USB: serial: ftdi_sio: add ID for isodebug v1
- USB: serial: option: add support for GosunCn ME3630 RNDIS mode
- usb: gadget: ether: Fix race between gether_disconnect and rx_submit
- usb: renesas_usbhs: add a workaround for a race condition of workqueue
- staging: comedi: dt282x: fix a null pointer deref on interrupt
- staging: comedi: amplc_pci230: fix null pointer deref on interrupt
- carl9170: fix misuse of device driver API
- VMCI: Fix integer overflow in VMCI handle arrays
- MIPS: Remove superfluous check for __linux__
- e1000e: start network tx queue only when link is up
- perf/core: Fix perf_sample_regs_user() mm check
- ARM: omap2: remove incorrect __init annotation
- be2net: fix link failure after ethtool offline test
- ppp: mppe: Add softdep to arc4
- sis900: fix TX completion
- dm verity: use message limit for data block corruption message
- 

[ubuntu/xenial-proposed] linux-meta-kvm 4.4.0.1055.55 (Accepted)

2019-08-15 Thread Andy Whitcroft
linux-meta-kvm (4.4.0.1055.55) xenial; urgency=medium

  * Bump ABI 4.4.0-1055

Date: 2019-08-14 16:08:51.921052+00:00
Changed-By: Stefan Bader 
Signed-By: Andy Whitcroft 
https://launchpad.net/ubuntu/+source/linux-meta-kvm/4.4.0.1055.55
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes


[ubuntu/xenial-proposed] linux-meta-snapdragon 4.4.0.1123.115 (Accepted)

2019-08-15 Thread Andy Whitcroft
linux-meta-snapdragon (4.4.0.1123.115) xenial; urgency=medium

  * Bump ABI 4.4.0-1123

Date: 2019-08-14 13:59:58.388354+00:00
Changed-By: Kleber Sacilotto de Souza 
Signed-By: Andy Whitcroft 
https://launchpad.net/ubuntu/+source/linux-meta-snapdragon/4.4.0.1123.115
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes


[ubuntu/xenial-proposed] linux-snapdragon 4.4.0-1123.129 (Accepted)

2019-08-15 Thread Andy Whitcroft
linux-snapdragon (4.4.0-1123.129) xenial; urgency=medium

  * xenial/linux-snapdragon: 4.4.0-1123.129 -proposed tracker (LP: #1840016)

  * CVE-2019-10638
- snapdragon: [Config] CONFIG_TEST_HASH=n

  [ Ubuntu: 4.4.0-160.188 ]

  * xenial/linux: 4.4.0-160.188 -proposed tracker (LP: #1840021)
  * Packaging resync (LP: #1786013)
- [Packaging] update helper scripts
  * EeePC 1005px laptop backlight is off after system boot up (LP: #1837117)
- platform/x86: asus-wmi: Only Tell EC the OS will handle display hotkeys 
from
  asus_nb_wmi
  * CVE-2019-10638
- [Config] CONFIG_TEST_HASH=n
- siphash: add cryptographically secure PRF
- inet: switch IP ID generator to siphash
  * Stacked onexec transitions fail when under NO NEW PRIVS restrictions
(LP: #1839037)
- SAUCE: apparmor: fix nnp subset check failure, when stacking
  * AppArmor onexec transition causes WARN kernel stack trace (LP: #1838627)
- SAUCE: apparmor: fix audit failures when performing profile transitions
  * flock not mediated by 'k' (LP: #1658219) // Ubuntu 16.04: read access
incorrectly implies 'm' rule (LP: #1838090)
- SAUCE: apparmor: flock mediation is not being, enforced on cache check
  * bcache: bch_allocator_thread(): hung task timeout (LP: #1784665) // Tight
timeout for bcache removal causes spurious failures (LP: #1796292)
- SAUCE: bcache: fix deadlock in bcache_allocator
  * bcache: bch_allocator_thread(): hung task timeout (LP: #1784665)
- bcache: improve bcache_reboot()
- bcache: add journal statistic
- bcache: fix high CPU occupancy during journal
- bcache: fix incorrect sysfs output value of strip size
- bcache: fix error return value in memory shrink
- bcache: fix using of loop variable in memory shrink
- bcache: Fix indentation
- bcache: Add __printf annotation to __bch_check_keys()
- bcache: Annotate switch fall-through
- bcache: Fix kernel-doc warnings
- bcache: Remove an unused variable
- bcache: Suppress more warnings about set-but-not-used variables
- bcache: Reduce the number of sparse complaints about lock imbalances
- bcache: Move couple of functions to sysfs.c
  * CVE-2019-3900
- vhost: introduce vhost_vq_avail_empty()
- vhost_net: tx batching
- vhost_net: do not stall on zerocopy depletion
- vhost-net: set packet weight of tx polling to 2 * vq size
- vhost_net: use packet weight for rx handler, too
- vhost_net: introduce vhost_exceeds_weight()
- vhost: introduce vhost_exceeds_weight()
- vhost_net: fix possible infinite loop
- vhost: scsi: add weight support
  * Xenial: ZFS deadlock in shrinker path with xattrs (LP: #1839521)
- SAUCE: (noup) Update zfs to 0.6.5.6-0ubuntu28
  * CVE-2019-13648
- powerpc/tm: Fix oops on sigreturn on systems without TM
  * CVE-2018-20856
- block: blk_init_allocated_queue() set q->fq as NULL in the fail case
  * CVE-2019-14283
- floppy: fix out-of-bounds read in copy_buffer
  * CVE-2019-14284
- floppy: fix div-by-zero in setup_format_params
  * Xenial update: 4.4.186 upstream stable release (LP: #1838467)
- Input: elantech - enable middle button support on 2 ThinkPads
- samples, bpf: fix to change the buffer size for read()
- mac80211: mesh: fix RCU warning
- dt-bindings: can: mcp251x: add mcp25625 support
- can: mcp251x: add support for mcp25625
- Input: imx_keypad - make sure keyboard can always wake up system
- ARM: davinci: da850-evm: call regulator_has_full_constraints()
- ARM: davinci: da8xx: specify dma_coherent_mask for lcdc
- md: fix for divide error in status_resync
- bnx2x: Check if transceiver implements DDM before access
- udf: Fix incorrect final NOT_ALLOCATED (hole) extent length
- x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()
- x86/tls: Fix possible spectre-v1 in do_get_thread_area()
- mwifiex: Abort at too short BSS descriptor element
- fscrypt: don't set policy for a dead directory
- mwifiex: Don't abort on small, spec-compliant vendor IEs
- USB: serial: ftdi_sio: add ID for isodebug v1
- USB: serial: option: add support for GosunCn ME3630 RNDIS mode
- usb: gadget: ether: Fix race between gether_disconnect and rx_submit
- usb: renesas_usbhs: add a workaround for a race condition of workqueue
- staging: comedi: dt282x: fix a null pointer deref on interrupt
- staging: comedi: amplc_pci230: fix null pointer deref on interrupt
- carl9170: fix misuse of device driver API
- VMCI: Fix integer overflow in VMCI handle arrays
- MIPS: Remove superfluous check for __linux__
- e1000e: start network tx queue only when link is up
- perf/core: Fix perf_sample_regs_user() mm check
- ARM: omap2: remove incorrect __init annotation
- be2net: fix link failure after ethtool offline test
- ppp: mppe: Add softdep to arc4
- sis900: fix TX completion
- dm verity: use message limit for data block 

[ubuntu/xenial-updates] dh-python 2.20151103ubuntu1.2 (Accepted)

2019-08-15 Thread Ubuntu Archive Robot
dh-python (2.20151103ubuntu1.2) xenial-security; urgency=medium

  * No change rebuild to get fixed dh-python into xenial-security.

Date: 2019-08-16 00:58:13.120511+00:00
Changed-By: Steve Beattie 
Signed-By: Ubuntu Archive Robot 

https://launchpad.net/ubuntu/+source/dh-python/2.20151103ubuntu1.2
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes


[ubuntu/xenial-security] kde4libs 4:4.14.16-0ubuntu3.3 (Accepted)

2019-08-15 Thread Paulo Flabiano Smorigo
kde4libs (4:4.14.16-0ubuntu3.3) xenial-security; urgency=medium

  * SECURITY UPDATE: Directory traversal vulnerability.
- debian/patches/CVE-2016-6232.patch: extraction location to be in
  subfolder.
- CVE-2016-6232
  * SECURITY UPDATE: malicious .desktop files (and others) would execute
code (LP: #1839432).
- debian/patches/CVE-2019-14744.patch: remove support for $(...) in
  config keys with [$e] marker.
- CVE-2019-14744

Date: 2019-08-15 22:31:14.485866+00:00
Changed-By: Paulo Flabiano Smorigo 
https://launchpad.net/ubuntu/+source/kde4libs/4:4.14.16-0ubuntu3.3
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes


[ubuntu/xenial-updates] kde4libs 4:4.14.16-0ubuntu3.3 (Accepted)

2019-08-15 Thread Ubuntu Archive Robot
kde4libs (4:4.14.16-0ubuntu3.3) xenial-security; urgency=medium

  * SECURITY UPDATE: Directory traversal vulnerability.
- debian/patches/CVE-2016-6232.patch: extraction location to be in
  subfolder.
- CVE-2016-6232
  * SECURITY UPDATE: malicious .desktop files (and others) would execute
code (LP: #1839432).
- debian/patches/CVE-2019-14744.patch: remove support for $(...) in
  config keys with [$e] marker.
- CVE-2019-14744

Date: 2019-08-15 22:31:14.485866+00:00
Changed-By: Paulo Flabiano Smorigo 
Signed-By: Ubuntu Archive Robot 

https://launchpad.net/ubuntu/+source/kde4libs/4:4.14.16-0ubuntu3.3
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes


[ubuntu/xenial-security] dh-python 2.20151103ubuntu1.2 (Accepted)

2019-08-15 Thread Steve Beattie
dh-python (2.20151103ubuntu1.2) xenial-security; urgency=medium

  * No change rebuild to get fixed dh-python into xenial-security.

Date: 2019-08-16 00:58:13.120511+00:00
Changed-By: Steve Beattie 
https://launchpad.net/ubuntu/+source/dh-python/2.20151103ubuntu1.2
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes