[ubuntu/xenial-updates] ansible 2.0.0.2-2ubuntu1.3 (Accepted)
ansible (2.0.0.2-2ubuntu1.3) xenial-security; urgency=medium * SECURITY REGRESSION: Fix indentation, missing dependencies, and calls. - debian/patches/CVE-2018-10875.patch: Fix indentation and dependency. - debian/patches/CVE-2018-16837.patch: Fix dependency. - debian/patches/CVE-2017-7481.patch: Fix function call. - CVE-2017-7481 - CVE-2018-10875 - CVE-2018-16837 ansible (2.0.0.2-2ubuntu1.2) xenial-security; urgency=medium * SECURITY UPDATE: Fix vulnerability where a local user could use symlinks to write arbitrary files or gain privileges. - debian/patches/CVE-2016-3096.patch: Do not use a predictable filenames in the LXC plugin. - CVE-2016-3096 * SECURITY UPDATE: Avoid unicode strings injection. - debian/patches/CVE-2017-7481.patch: Fixing security issue with lookup returns not tainting the jinja2 environment. - CVE-2017-7481 * SECURITY UPDATE: Fix a flaw in ansible.cfg where an attacker could point to a plugin or a module path under control and execute arbitrary code. - debian/patches/CVE-2018-10875.patch: Ignore ansible.cfg in world writable cwd. - CVE-2018-10875 * SECURITY UPDATE: Avoid information disclosure in log and command line. - debian/patches/CVE-2018-16837.patch: user: Don't pass ssh_key_passphrase on command line. - CVE-2018-16837 Date: 2019-07-18 20:46:13.140447+00:00 Changed-By: Paulo Flabiano Smorigo Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/+source/ansible/2.0.0.2-2ubuntu1.3 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] ansible 2.0.0.2-2ubuntu1.3 (Accepted)
ansible (2.0.0.2-2ubuntu1.3) xenial-security; urgency=medium * SECURITY REGRESSION: Fix indentation, missing dependencies, and calls. - debian/patches/CVE-2018-10875.patch: Fix indentation and dependency. - debian/patches/CVE-2018-16837.patch: Fix dependency. - debian/patches/CVE-2017-7481.patch: Fix function call. - CVE-2017-7481 - CVE-2018-10875 - CVE-2018-16837 ansible (2.0.0.2-2ubuntu1.2) xenial-security; urgency=medium * SECURITY UPDATE: Fix vulnerability where a local user could use symlinks to write arbitrary files or gain privileges. - debian/patches/CVE-2016-3096.patch: Do not use a predictable filenames in the LXC plugin. - CVE-2016-3096 * SECURITY UPDATE: Avoid unicode strings injection. - debian/patches/CVE-2017-7481.patch: Fixing security issue with lookup returns not tainting the jinja2 environment. - CVE-2017-7481 * SECURITY UPDATE: Fix a flaw in ansible.cfg where an attacker could point to a plugin or a module path under control and execute arbitrary code. - debian/patches/CVE-2018-10875.patch: Ignore ansible.cfg in world writable cwd. - CVE-2018-10875 * SECURITY UPDATE: Avoid information disclosure in log and command line. - debian/patches/CVE-2018-16837.patch: user: Don't pass ssh_key_passphrase on command line. - CVE-2018-16837 Date: 2019-07-18 20:46:13.140447+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/ansible/2.0.0.2-2ubuntu1.3 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-updates] evince 3.18.2-1ubuntu4.6 (Accepted)
evince (3.18.2-1ubuntu4.6) xenial-security; urgency=medium * SECURITY UPDATE: Buffer overflow - debian/patches/CVE-2019-1010006-*.patch: remove unused configure check for cairo_format_stride_for_width and fix overflow checks in backend/tiff/tiff-document.c. - CVE-2019-1010006 Date: 2019-07-19 15:09:13.648444+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/+source/evince/3.18.2-1ubuntu4.6 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] evince 3.18.2-1ubuntu4.6 (Accepted)
evince (3.18.2-1ubuntu4.6) xenial-security; urgency=medium * SECURITY UPDATE: Buffer overflow - debian/patches/CVE-2019-1010006-*.patch: remove unused configure check for cairo_format_stride_for_width and fix overflow checks in backend/tiff/tiff-document.c. - CVE-2019-1010006 Date: 2019-07-19 15:09:13.648444+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/evince/3.18.2-1ubuntu4.6 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-updates] linux-meta-gcp 4.15.0.1037.51 (Accepted)
linux-meta-gcp (4.15.0.1037.51) xenial; urgency=medium * Bump ABI 4.15.0-1037 Date: 2019-07-04 09:26:53.587577+00:00 Changed-By: Connor Kuehl Signed-By: Łukasz Zemczak https://launchpad.net/ubuntu/+source/linux-meta-gcp/4.15.0.1037.51 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-updates] linux-signed-gcp 4.15.0-1037.39~16.04.1 (Accepted)
linux-signed-gcp (4.15.0-1037.39~16.04.1) xenial; urgency=medium * Master version: 4.15.0-1037.39~16.04.1 Date: 2019-07-04 09:26:55.512146+00:00 Changed-By: Connor Kuehl Signed-By: Łukasz Zemczak https://launchpad.net/ubuntu/+source/linux-signed-gcp/4.15.0-1037.39~16.04.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-updates] linux-gcp 4.15.0-1037.39~16.04.1 (Accepted)
linux-gcp (4.15.0-1037.39~16.04.1) xenial; urgency=medium * linux-gcp: 4.15.0-1037.39~16.04.1 -proposed tracker (LP: #1834935) [ Ubuntu: 4.15.0-1037.39 ] * linux-gcp: 4.15.0-1037.39 -proposed tracker (LP: #1834936) * linux: 4.15.0-55.60 -proposed tracker (LP: #1834954) * Request backport of ceph commits into bionic (LP: #1834235) - ceph: use atomic_t for ceph_inode_info::i_shared_gen - ceph: define argument structure for handle_cap_grant - ceph: flush pending works before shutdown super - ceph: send cap releases more aggressively - ceph: single workqueue for inode related works - ceph: avoid dereferencing invalid pointer during cached readdir - ceph: quota: add initial infrastructure to support cephfs quotas - ceph: quota: support for ceph.quota.max_files - ceph: quota: don't allow cross-quota renames - ceph: fix root quota realm check - ceph: quota: support for ceph.quota.max_bytes - ceph: quota: update MDS when max_bytes is approaching - ceph: quota: add counter for snaprealms with quota - ceph: avoid iput_final() while holding mutex or in dispatch thread * QCA9377 isn't being recognized sometimes (LP: #1757218) - SAUCE: USB: Disable USB2 LPM at shutdown * hns: fix ICMP6 neighbor solicitation messages discard problem (LP: #1833140) - net: hns: fix ICMP6 neighbor solicitation messages discard problem - net: hns: fix unsigned comparison to less than zero * Fix occasional boot time crash in hns driver (LP: #1833138) - net: hns: Fix probabilistic memory overwrite when HNS driver initialized * use-after-free in hns_nic_net_xmit_hw (LP: #1833136) - net: hns: fix KASAN: use-after-free in hns_nic_net_xmit_hw() * hns: attempt to restart autoneg when disabled should report error (LP: #1833147) - net: hns: Restart autoneg need return failed when autoneg off * systemd 237-3ubuntu10.14 ADT test failure on Bionic ppc64el (test-seccomp) (LP: #1821625) - powerpc: sys_pkey_alloc() and sys_pkey_free() system calls - powerpc: sys_pkey_mprotect() system call * [UBUNTU] pkey: Indicate old mkvp only if old and curr. mkvp are different (LP: #1832625) - pkey: Indicate old mkvp only if old and current mkvp are different * [UBUNTU] kernel: Fix gcm-aes-s390 wrong scatter-gather list processing (LP: #1832623) - s390/crypto: fix gcm-aes-s390 selftest failures * System crashes on hot adding a core with drmgr command (4.15.0-48-generic) (LP: #1833716) - powerpc/numa: improve control of topology updates - powerpc/numa: document topology_updates_enabled, disable by default * Kernel modules generated incorrectly when system is localized to a non- English language (LP: #1828084) - scripts: override locale from environment when running recordmcount.pl * [UBUNTU] kernel: Fix wrong dispatching for control domain CPRBs (LP: #1832624) - s390/zcrypt: Fix wrong dispatching for control domain CPRBs * CVE-2019-11815 - net: rds: force to destroy connection if t_sock is NULL in rds_tcp_kill_sock(). * Sound device not detected after resume from hibernate (LP: #1826868) - drm/i915: Force 2*96 MHz cdclk on glk/cnl when audio power is enabled - drm/i915: Save the old CDCLK atomic state - drm/i915: Remove redundant store of logical CDCLK state - drm/i915: Skip modeset for cdclk changes if possible * Handle overflow in proc_get_long of sysctl (LP: #1833935) - sysctl: handle overflow in proc_get_long * Dell XPS 13 (9370) defaults to s2idle sleep/suspend instead of deep, NVMe drains lots of power under s2idle (LP: #1808957) - Revert "UBUNTU: SAUCE: pci/nvme: prevent WDC PC SN720 NVMe from entering D3 and being disabled" - Revert "UBUNTU: SAUCE: nvme: add quirk to not call disable function when suspending" - Revert "UBUNTU: SAUCE: pci: prevent Intel NVMe SSDPEKKF from entering D3" - Revert "SAUCE: nvme: add quirk to not call disable function when suspending" - Revert "SAUCE: pci: prevent sk hynix nvme from entering D3" - PCI: PM: Avoid possible suspend-to-idle issue - PCI: PM: Skip devices in D0 for suspend-to-idle - nvme-pci: Sync queues on reset - nvme: Export get and set features - nvme-pci: Use host managed power state for suspend * linux v4.15 ftbfs on a newer host kernel (e.g. hwe) (LP: #1823429) - selinux: use kernel linux/socket.h for genheaders and mdp * 32-bit x86 kernel 4.15.0-50 crash in vmalloc_sync_all (LP: #1830433) - x86/mm/pat: Disable preemption around __flush_tlb_all() - x86/mm: Drop usage of __flush_tlb_all() in kernel_physical_mapping_init() - x86/mm: Disable ioremap free page handling on x86-PAE - ioremap: Update pgtable free interfaces with addr - x86/mm: Add TLB purge to free pmd/pte page interfaces - x86/init: fix build with CONFIG_SWAP=n - x86/mm: provide pmdp_establish() helper - x86/mm: Use WRITE_ONCE() when setting PTEs
[ubuntu/xenial-updates] linux-hwe 4.15.0-55.60~16.04.2 (Accepted)
linux-hwe (4.15.0-55.60~16.04.2) xenial; urgency=medium * linux-hwe: 4.15.0-55.60~16.04.2 -proposed tracker (LP: #1834953) * [18.04/18.10] File libperf-jvmti.so is missing in linux-tools-common deb on Ubuntu (LP: #1761379) - [Packaging] Support building libperf-jvmti.so for HWE [ Ubuntu: 4.15.0-55.60 ] * linux: 4.15.0-55.60 -proposed tracker (LP: #1834954) * Request backport of ceph commits into bionic (LP: #1834235) - ceph: use atomic_t for ceph_inode_info::i_shared_gen - ceph: define argument structure for handle_cap_grant - ceph: flush pending works before shutdown super - ceph: send cap releases more aggressively - ceph: single workqueue for inode related works - ceph: avoid dereferencing invalid pointer during cached readdir - ceph: quota: add initial infrastructure to support cephfs quotas - ceph: quota: support for ceph.quota.max_files - ceph: quota: don't allow cross-quota renames - ceph: fix root quota realm check - ceph: quota: support for ceph.quota.max_bytes - ceph: quota: update MDS when max_bytes is approaching - ceph: quota: add counter for snaprealms with quota - ceph: avoid iput_final() while holding mutex or in dispatch thread * QCA9377 isn't being recognized sometimes (LP: #1757218) - SAUCE: USB: Disable USB2 LPM at shutdown * hns: fix ICMP6 neighbor solicitation messages discard problem (LP: #1833140) - net: hns: fix ICMP6 neighbor solicitation messages discard problem - net: hns: fix unsigned comparison to less than zero * Fix occasional boot time crash in hns driver (LP: #1833138) - net: hns: Fix probabilistic memory overwrite when HNS driver initialized * use-after-free in hns_nic_net_xmit_hw (LP: #1833136) - net: hns: fix KASAN: use-after-free in hns_nic_net_xmit_hw() * hns: attempt to restart autoneg when disabled should report error (LP: #1833147) - net: hns: Restart autoneg need return failed when autoneg off * systemd 237-3ubuntu10.14 ADT test failure on Bionic ppc64el (test-seccomp) (LP: #1821625) - powerpc: sys_pkey_alloc() and sys_pkey_free() system calls - powerpc: sys_pkey_mprotect() system call * [UBUNTU] pkey: Indicate old mkvp only if old and curr. mkvp are different (LP: #1832625) - pkey: Indicate old mkvp only if old and current mkvp are different * [UBUNTU] kernel: Fix gcm-aes-s390 wrong scatter-gather list processing (LP: #1832623) - s390/crypto: fix gcm-aes-s390 selftest failures * System crashes on hot adding a core with drmgr command (4.15.0-48-generic) (LP: #1833716) - powerpc/numa: improve control of topology updates - powerpc/numa: document topology_updates_enabled, disable by default * Kernel modules generated incorrectly when system is localized to a non- English language (LP: #1828084) - scripts: override locale from environment when running recordmcount.pl * [UBUNTU] kernel: Fix wrong dispatching for control domain CPRBs (LP: #1832624) - s390/zcrypt: Fix wrong dispatching for control domain CPRBs * CVE-2019-11815 - net: rds: force to destroy connection if t_sock is NULL in rds_tcp_kill_sock(). * Sound device not detected after resume from hibernate (LP: #1826868) - drm/i915: Force 2*96 MHz cdclk on glk/cnl when audio power is enabled - drm/i915: Save the old CDCLK atomic state - drm/i915: Remove redundant store of logical CDCLK state - drm/i915: Skip modeset for cdclk changes if possible * Handle overflow in proc_get_long of sysctl (LP: #1833935) - sysctl: handle overflow in proc_get_long * Dell XPS 13 (9370) defaults to s2idle sleep/suspend instead of deep, NVMe drains lots of power under s2idle (LP: #1808957) - Revert "UBUNTU: SAUCE: pci/nvme: prevent WDC PC SN720 NVMe from entering D3 and being disabled" - Revert "UBUNTU: SAUCE: nvme: add quirk to not call disable function when suspending" - Revert "UBUNTU: SAUCE: pci: prevent Intel NVMe SSDPEKKF from entering D3" - Revert "SAUCE: nvme: add quirk to not call disable function when suspending" - Revert "SAUCE: pci: prevent sk hynix nvme from entering D3" - PCI: PM: Avoid possible suspend-to-idle issue - PCI: PM: Skip devices in D0 for suspend-to-idle - nvme-pci: Sync queues on reset - nvme: Export get and set features - nvme-pci: Use host managed power state for suspend * linux v4.15 ftbfs on a newer host kernel (e.g. hwe) (LP: #1823429) - selinux: use kernel linux/socket.h for genheaders and mdp * 32-bit x86 kernel 4.15.0-50 crash in vmalloc_sync_all (LP: #1830433) - x86/mm/pat: Disable preemption around __flush_tlb_all() - x86/mm: Drop usage of __flush_tlb_all() in kernel_physical_mapping_init() - x86/mm: Disable ioremap free page handling on x86-PAE - ioremap: Update pgtable free interfaces with addr - x86/mm: Add TLB purge to free pmd/pte page interfaces - x86/init: fix build with CONFIG_SWAP=n
[ubuntu/xenial-updates] linux-meta-hwe-edge 4.15.0.55.74 (Accepted)
linux-meta-hwe-edge (4.15.0.55.74) xenial; urgency=medium * Bump ABI 4.15.0-55 Date: 2019-07-03 13:50:14.734641+00:00 Changed-By: Kleber Sacilotto de Souza Signed-By: Łukasz Zemczak https://launchpad.net/ubuntu/+source/linux-meta-hwe-edge/4.15.0.55.74 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-updates] linux-signed-hwe 4.15.0-55.60~16.04.2 (Accepted)
linux-signed-hwe (4.15.0-55.60~16.04.2) xenial; urgency=medium * Master version: 4.15.0-55.60~16.04.2 linux-signed-hwe (4.15.0-55.60~16.04.1) xenial; urgency=medium * Master version: 4.15.0-55.60~16.04.1 Date: 2019-07-04 08:59:23.345622+00:00 Changed-By: Kleber Sacilotto de Souza Signed-By: Łukasz Zemczak https://launchpad.net/ubuntu/+source/linux-signed-hwe/4.15.0-55.60~16.04.2 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-updates] linux-meta-hwe 4.15.0.55.76 (Accepted)
linux-meta-hwe (4.15.0.55.76) xenial; urgency=medium * Bump ABI 4.15.0-55 Date: 2019-07-03 11:41:19.125570+00:00 Changed-By: Kleber Sacilotto de Souza Signed-By: Łukasz Zemczak https://launchpad.net/ubuntu/+source/linux-meta-hwe/4.15.0.55.76 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-updates] walinuxagent 2.2.40-0ubuntu1~16.04.1 (Accepted)
walinuxagent (2.2.40-0ubuntu1~16.04.1) xenial; urgency=medium * New upstream release (LP: #1827995) * debian/patches/CVE-2019-0804.patch: dropped; included in upstream release. walinuxagent (2.2.32-0ubuntu2) disco; urgency=medium * debian/patches/CVE-2019-0804.patch: - Cherry-pick fixes from upstream for handling swap file. walinuxagent (2.2.32-0ubuntu1) disco; urgency=medium * New upstream release (LP: #1799498). * debian/patches/disable_import_test.patch: refreshed patch. * debian/control: - Add the python3-mock build-dependency. * debian/rules: - Run unit tests but don't fail the build if they fail. Previously, due to a bug in setup.py, those were never being run during build so the failures are not regressions. Date: 2019-06-05 21:32:12.262316+00:00 Changed-By: Mathieu Trudel-Lapierre Signed-By: Łukasz Zemczak https://launchpad.net/ubuntu/+source/walinuxagent/2.2.40-0ubuntu1~16.04.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes