[ubuntu/bionic-updates] linux-azure_5.0.0-1025.27~18.04.1_amd64.tar.gz - (Accepted)
Juerg Haefliger
juergh at canonical.com
Tue Nov 12 22:32:50 UTC 2019
linux-azure (5.0.0-1025.27~18.04.1) bionic; urgency=medium
[ Ubuntu: 5.0.0-1025.27 ]
* CVE-2019-11135
- [Config] azure: Disable TSX by default when possible
* [REGRESSION] md/raid0: cannot assemble multi-zone RAID0 with default_layout
setting (LP: #1849682)
- SAUCE: Fix revert "md/raid0: avoid RAID0 data corruption due to layout
confusion."
* refcount underflow and type confusion in shiftfs (LP: #1850867) // CVE-2019-15793
- SAUCE: shiftfs: Correct id translation for lower fs operations
- SAUCE: shiftfs: prevent type confusion
- SAUCE: shiftfs: Fix refcount underflow in btrfs ioctl handling
* CVE-2018-12207
- kvm: Convert kvm_lock to a mutex
- kvm: x86: Do not release the page inside mmu_set_spte()
- KVM: x86: make FNAME(fetch) and __direct_map more similar
- KVM: x86: remove now unneeded hugepage gfn adjustment
- KVM: x86: change kvm_mmu_page_get_gfn BUG_ON to WARN_ON
- KVM: x86: add tracepoints around __direct_map and FNAME(fetch)
- kvm: x86, powerpc: do not allow clearing largepages debugfs entry
- SAUCE: KVM: vmx, svm: always run with EFER.NXE=1 when shadow paging is
active
- SAUCE: x86: Add ITLB_MULTIHIT bug infrastructure
- SAUCE: kvm: mmu: ITLB_MULTIHIT mitigation
- SAUCE: kvm: Add helper function for creating VM worker threads
- SAUCE: kvm: x86: mmu: Recovery of shattered NX large pages
- SAUCE: cpu/speculation: Uninline and export CPU mitigations helpers
- SAUCE: kvm: x86: mmu: Apply global mitigations knob to ITLB_MULTIHIT
* CVE-2019-11135
- KVM: x86: use Intel speculation bugs and features as derived in generic x86
code
- x86/msr: Add the IA32_TSX_CTRL MSR
- x86/cpu: Add a helper function x86_read_arch_cap_msr()
- x86/cpu: Add a "tsx=" cmdline option with TSX disabled by default
- x86/speculation/taa: Add mitigation for TSX Async Abort
- x86/speculation/taa: Add sysfs reporting for TSX Async Abort
- kvm/x86: Export MDS_NO=0 to guests when TSX is enabled
- x86/tsx: Add "auto" option to the tsx= cmdline parameter
- x86/speculation/taa: Add documentation for TSX Async Abort
- x86/tsx: Add config options to set tsx=on|off|auto
- SAUCE: x86/speculation/taa: Call tsx_init()
- [Config] Disable TSX by default when possible
* CVE-2019-0154
- SAUCE: drm/i915: Lower RM timeout to avoid DSI hard hangs
- SAUCE: drm/i915/gen8+: Add RC6 CTX corruption WA
* CVE-2019-0155
- SAUCE: drm/i915: Rename gen7 cmdparser tables
- SAUCE: drm/i915: Disable Secure Batches for gen6+
- SAUCE: drm/i915: Remove Master tables from cmdparser
- SAUCE: drm/i915: Add support for mandatory cmdparsing
- SAUCE: drm/i915: Support ro ppgtt mapped cmdparser shadow buffers
- SAUCE: drm/i915: Allow parsing of unsized batches
- SAUCE: drm/i915: Add gen9 BCS cmdparsing
- SAUCE: drm/i915/cmdparser: Use explicit goto for error paths
- SAUCE: drm/i915/cmdparser: Add support for backward jumps
- SAUCE: drm/i915/cmdparser: Ignore Length operands during command matching
* disco/linux: <version to be filled> -proposed tracker (LP: #1850574)
* [REGRESSION] md/raid0: cannot assemble multi-zone RAID0 with default_layout
setting (LP: #1849682)
- Revert "md/raid0: avoid RAID0 data corruption due to layout confusion."
Date: Mon, 11 Nov 2019 14:39:00 +0100
Changed-By: Juerg Haefliger <juergh at canonical.com>
Maintainer: Launchpad Build Daemon <buildd at lgw01-amd64-016.buildd>
-------------- next part --------------
Format: 1.8
Date: Mon, 11 Nov 2019 14:39:00 +0100
Source: linux-azure
Binary: linux-azure-headers-5.0.0-1025 linux-azure-tools-5.0.0-1025 linux-azure-cloud-tools-5.0.0-1025 linux-image-unsigned-5.0.0-1025-azure linux-modules-5.0.0-1025-azure linux-modules-extra-5.0.0-1025-azure linux-headers-5.0.0-1025-azure linux-image-unsigned-5.0.0-1025-azure-dbgsym linux-tools-5.0.0-1025-azure linux-cloud-tools-5.0.0-1025-azure linux-udebs-azure linux-buildinfo-5.0.0-1025-azure
Architecture: amd64 all amd64_translations
Version: 5.0.0-1025.27~18.04.1
Distribution: bionic
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd at lgw01-amd64-016.buildd>
Changed-By: Juerg Haefliger <juergh at canonical.com>
Description:
linux-azure-cloud-tools-5.0.0-1025 - Linux kernel version specific cloud tools for version 5.0.0-1025
linux-azure-headers-5.0.0-1025 - Header files related to Linux kernel version 5.0.0
linux-azure-tools-5.0.0-1025 - Linux kernel version specific tools for version 5.0.0-1025
linux-buildinfo-5.0.0-1025-azure - Linux kernel buildinfo for version 5.0.0 on 64 bit x86 SMP
linux-cloud-tools-5.0.0-1025-azure - Linux kernel version specific cloud tools for version 5.0.0-1025
linux-headers-5.0.0-1025-azure - Linux kernel headers for version 5.0.0 on 64 bit x86 SMP
linux-image-unsigned-5.0.0-1025-azure - Linux kernel image for version 5.0.0 on 64 bit x86 SMP
linux-image-unsigned-5.0.0-1025-azure-dbgsym - Linux kernel debug image for version 5.0.0 on 64 bit x86 SMP
linux-modules-5.0.0-1025-azure - Linux kernel extra modules for version 5.0.0 on 64 bit x86 SMP
linux-modules-extra-5.0.0-1025-azure - Linux kernel extra modules for version 5.0.0 on 64 bit x86 SMP
linux-tools-5.0.0-1025-azure - Linux kernel version specific tools for version 5.0.0-1025
linux-udebs-azure - Metapackage depending on kernel udebs (udeb)
Launchpad-Bugs-Fixed: 1849682 1850574 1850867
Changes:
linux-azure (5.0.0-1025.27~18.04.1) bionic; urgency=medium
.
[ Ubuntu: 5.0.0-1025.27 ]
.
* CVE-2019-11135
- [Config] azure: Disable TSX by default when possible
* [REGRESSION] md/raid0: cannot assemble multi-zone RAID0 with default_layout
setting (LP: #1849682)
- SAUCE: Fix revert "md/raid0: avoid RAID0 data corruption due to layout
confusion."
* refcount underflow and type confusion in shiftfs (LP: #1850867) // CVE-2019-15793
- SAUCE: shiftfs: Correct id translation for lower fs operations
- SAUCE: shiftfs: prevent type confusion
- SAUCE: shiftfs: Fix refcount underflow in btrfs ioctl handling
* CVE-2018-12207
- kvm: Convert kvm_lock to a mutex
- kvm: x86: Do not release the page inside mmu_set_spte()
- KVM: x86: make FNAME(fetch) and __direct_map more similar
- KVM: x86: remove now unneeded hugepage gfn adjustment
- KVM: x86: change kvm_mmu_page_get_gfn BUG_ON to WARN_ON
- KVM: x86: add tracepoints around __direct_map and FNAME(fetch)
- kvm: x86, powerpc: do not allow clearing largepages debugfs entry
- SAUCE: KVM: vmx, svm: always run with EFER.NXE=1 when shadow paging is
active
- SAUCE: x86: Add ITLB_MULTIHIT bug infrastructure
- SAUCE: kvm: mmu: ITLB_MULTIHIT mitigation
- SAUCE: kvm: Add helper function for creating VM worker threads
- SAUCE: kvm: x86: mmu: Recovery of shattered NX large pages
- SAUCE: cpu/speculation: Uninline and export CPU mitigations helpers
- SAUCE: kvm: x86: mmu: Apply global mitigations knob to ITLB_MULTIHIT
* CVE-2019-11135
- KVM: x86: use Intel speculation bugs and features as derived in generic x86
code
- x86/msr: Add the IA32_TSX_CTRL MSR
- x86/cpu: Add a helper function x86_read_arch_cap_msr()
- x86/cpu: Add a "tsx=" cmdline option with TSX disabled by default
- x86/speculation/taa: Add mitigation for TSX Async Abort
- x86/speculation/taa: Add sysfs reporting for TSX Async Abort
- kvm/x86: Export MDS_NO=0 to guests when TSX is enabled
- x86/tsx: Add "auto" option to the tsx= cmdline parameter
- x86/speculation/taa: Add documentation for TSX Async Abort
- x86/tsx: Add config options to set tsx=on|off|auto
- SAUCE: x86/speculation/taa: Call tsx_init()
- [Config] Disable TSX by default when possible
* CVE-2019-0154
- SAUCE: drm/i915: Lower RM timeout to avoid DSI hard hangs
- SAUCE: drm/i915/gen8+: Add RC6 CTX corruption WA
* CVE-2019-0155
- SAUCE: drm/i915: Rename gen7 cmdparser tables
- SAUCE: drm/i915: Disable Secure Batches for gen6+
- SAUCE: drm/i915: Remove Master tables from cmdparser
- SAUCE: drm/i915: Add support for mandatory cmdparsing
- SAUCE: drm/i915: Support ro ppgtt mapped cmdparser shadow buffers
- SAUCE: drm/i915: Allow parsing of unsized batches
- SAUCE: drm/i915: Add gen9 BCS cmdparsing
- SAUCE: drm/i915/cmdparser: Use explicit goto for error paths
- SAUCE: drm/i915/cmdparser: Add support for backward jumps
- SAUCE: drm/i915/cmdparser: Ignore Length operands during command matching
* disco/linux: <version to be filled> -proposed tracker (LP: #1850574)
* [REGRESSION] md/raid0: cannot assemble multi-zone RAID0 with default_layout
setting (LP: #1849682)
- Revert "md/raid0: avoid RAID0 data corruption due to layout confusion."
Checksums-Sha1:
a70d0da0003f6a56a7ab1e0ea0b2595468345ee5 114708 linux-azure-cloud-tools-5.0.0-1025_5.0.0-1025.27~18.04.1_amd64.deb
8c26a0159b88280b4f519dd2ad7caff3764a667c 10757892 linux-azure-headers-5.0.0-1025_5.0.0-1025.27~18.04.1_all.deb
18175d6dd2990641948a1f2c859dcf3427eb3156 4798424 linux-azure-tools-5.0.0-1025_5.0.0-1025.27~18.04.1_amd64.deb
0fc00b0ce953a953c20292be712f70b8c8b95f25 16741 linux-azure_5.0.0-1025.27~18.04.1_amd64.buildinfo
39e320fa96489714036b98756a501e696ba8cdd0 7726804 linux-azure_5.0.0-1025.27~18.04.1_amd64.tar.gz
0ed10b14ec21a4fcb49d8fa9761c432e9f7dbb3f 24516 linux-azure_5.0.0-1025.27~18.04.1_amd64_translations.tar.gz
1a9178de9ac7c818d7c0f9a7990210ca134594b2 237620 linux-buildinfo-5.0.0-1025-azure_5.0.0-1025.27~18.04.1_amd64.deb
15b9031f5a39270388fdc07478968c3631e592ed 1872 linux-cloud-tools-5.0.0-1025-azure_5.0.0-1025.27~18.04.1_amd64.deb
773ac7b5f0bfe583c469fef79b4fd04a700479e6 993152 linux-headers-5.0.0-1025-azure_5.0.0-1025.27~18.04.1_amd64.deb
c2a5104442d57ab9cbc10daed2dfe2d1dc869ec1 437552216 linux-image-unsigned-5.0.0-1025-azure-dbgsym_5.0.0-1025.27~18.04.1_amd64.ddeb
59a3a1252c98c2c12df44c29aee1767095e5137b 7813208 linux-image-unsigned-5.0.0-1025-azure_5.0.0-1025.27~18.04.1_amd64.deb
6ceef6d24643d2602af5098399a2c680b4f87222 12419192 linux-modules-5.0.0-1025-azure_5.0.0-1025.27~18.04.1_amd64.deb
705af36403c3666abab4d3ba50d69a10b12e266a 11200268 linux-modules-extra-5.0.0-1025-azure_5.0.0-1025.27~18.04.1_amd64.deb
2371a66555c66f968ec452311040f588701d08fc 1952 linux-tools-5.0.0-1025-azure_5.0.0-1025.27~18.04.1_amd64.deb
Checksums-Sha256:
8dd14209b383b520f22ada1f436ae215a66cf987160aa848ed0509f502b5af24 114708 linux-azure-cloud-tools-5.0.0-1025_5.0.0-1025.27~18.04.1_amd64.deb
d3d8badfc7009f31bf5e99b96ae494ebfe5bcc2ef6e91925914d6d61c8af0433 10757892 linux-azure-headers-5.0.0-1025_5.0.0-1025.27~18.04.1_all.deb
15a12d0138f57097a6d5f11cae7c8486ff62354902da7e769ea6df8bad01395c 4798424 linux-azure-tools-5.0.0-1025_5.0.0-1025.27~18.04.1_amd64.deb
4728f59be386e65bbb617bb0235a34c6587c12b7cd50308480e87d891906c886 16741 linux-azure_5.0.0-1025.27~18.04.1_amd64.buildinfo
0b636d0aea40dc925a4d04d0b0707240036615aaf340a5b9e5cdbcb72ad88798 7726804 linux-azure_5.0.0-1025.27~18.04.1_amd64.tar.gz
2f2ed19d20e54c3f31a433bdd88ce6b1148cc7becea1712408253270274849b1 24516 linux-azure_5.0.0-1025.27~18.04.1_amd64_translations.tar.gz
40b73b3d272efa8907ad2ae14f624843b0bb95110573a584f871e2bfce7800a1 237620 linux-buildinfo-5.0.0-1025-azure_5.0.0-1025.27~18.04.1_amd64.deb
83b335a0e4dc31028efd148e0a72099e0cb6299b9421e19736b71ce7662b5b72 1872 linux-cloud-tools-5.0.0-1025-azure_5.0.0-1025.27~18.04.1_amd64.deb
1ef18c61e85cc803dcd1da3066ac333f998da5bfa845e74e03b37933548fb446 993152 linux-headers-5.0.0-1025-azure_5.0.0-1025.27~18.04.1_amd64.deb
1007047d7dfa71d51ce4b81940ae73725018807619bd984d1cb5f672838c669d 437552216 linux-image-unsigned-5.0.0-1025-azure-dbgsym_5.0.0-1025.27~18.04.1_amd64.ddeb
6845db8f3d371da1fe29c4516c1d80903b7927df0e13338593c8b463339988a7 7813208 linux-image-unsigned-5.0.0-1025-azure_5.0.0-1025.27~18.04.1_amd64.deb
49690dae81e498c6c0b0fbc485a10707bd077a0ecda68419f5498ff5cef4023a 12419192 linux-modules-5.0.0-1025-azure_5.0.0-1025.27~18.04.1_amd64.deb
7a1e0080c1fd206a3e8af6be0c46cbbccd014c2a18213f61dd230efcb9f7ccd0 11200268 linux-modules-extra-5.0.0-1025-azure_5.0.0-1025.27~18.04.1_amd64.deb
9e0f42036d0b1ff1ae504debbb450c5b81bc52f9b9bca1569513231df43303cd 1952 linux-tools-5.0.0-1025-azure_5.0.0-1025.27~18.04.1_amd64.deb
Files:
148986ea8e1262d4c807f63e2b9136b3 114708 devel optional linux-azure-cloud-tools-5.0.0-1025_5.0.0-1025.27~18.04.1_amd64.deb
8230d7ed0a115f9bb281145eeda02cab 10757892 devel optional linux-azure-headers-5.0.0-1025_5.0.0-1025.27~18.04.1_all.deb
df03c11d8bae3510a61401a9117107c8 4798424 devel optional linux-azure-tools-5.0.0-1025_5.0.0-1025.27~18.04.1_amd64.deb
3e022b74d03b0bc0643adf36d1f76d79 16741 devel optional linux-azure_5.0.0-1025.27~18.04.1_amd64.buildinfo
4bfa7fec8a96947b9e693833b92a4154 7726804 raw-signing - linux-azure_5.0.0-1025.27~18.04.1_amd64.tar.gz
2d1b0f8a7b415be983b32fbfe9d4c9bd 24516 raw-translations - linux-azure_5.0.0-1025.27~18.04.1_amd64_translations.tar.gz
207c67b3ef58ef02b9f8c5812944ff90 237620 kernel optional linux-buildinfo-5.0.0-1025-azure_5.0.0-1025.27~18.04.1_amd64.deb
f0e5f43e4ebeba4378efb548b8c6c27e 1872 devel optional linux-cloud-tools-5.0.0-1025-azure_5.0.0-1025.27~18.04.1_amd64.deb
3637569ddc364056df986ac5ca6c4b36 993152 devel optional linux-headers-5.0.0-1025-azure_5.0.0-1025.27~18.04.1_amd64.deb
53e2f7a34fbe6d4badf44d27f02666b3 437552216 devel optional linux-image-unsigned-5.0.0-1025-azure-dbgsym_5.0.0-1025.27~18.04.1_amd64.ddeb
a897acade9ec62a8ca469daa2caf6030 7813208 kernel optional linux-image-unsigned-5.0.0-1025-azure_5.0.0-1025.27~18.04.1_amd64.deb
e3b35a115a2a039cc7d617432d01c84c 12419192 kernel optional linux-modules-5.0.0-1025-azure_5.0.0-1025.27~18.04.1_amd64.deb
fd91a0e4df936a2c37f2b67c0376f466 11200268 kernel optional linux-modules-extra-5.0.0-1025-azure_5.0.0-1025.27~18.04.1_amd64.deb
ca557a044ec6dfd1182245965b4a8169 1952 devel optional linux-tools-5.0.0-1025-azure_5.0.0-1025.27~18.04.1_amd64.deb
More information about the Bionic-changes
mailing list