[ubuntu/bionic-proposed] linux-aws 4.15.0-1117.124 (Accepted)
Andy Whitcroft
apw at canonical.com
Sun Dec 5 21:51:07 UTC 2021
linux-aws (4.15.0-1117.124) bionic; urgency=medium
* bionic/linux-aws: 4.15.0-1117.124 -proposed tracker (LP: #1952325)
* Support builtin revoked certificates (LP: #1932029)
- [Config] aws: Configure CONFIG_SYSTEM_REVOCATION_KEYS with revoked keys
[ Ubuntu: 4.15.0-165.173 ]
* bionic/linux: 4.15.0-165.173 -proposed tracker (LP: #1952780)
* Support builtin revoked certificates (LP: #1932029)
- certs: Add EFI_CERT_X509_GUID support for dbx entries
- certs: Move load_system_certificate_list to a common function
- integrity: Move import of MokListRT certs to a separate routine
- integrity: Load certs from the EFI MOK config table
- certs: Add ability to preload revocation certs
- certs: add 'x509_revocation_list' to gitignore
- SAUCE: Dump stack when X.509 certificates cannot be loaded
- [Packaging] build canonical-revoked-certs.pem from branch/arch certs
- [Packaging] Revoke 2012 UEFI signing certificate as built-in
- [Config] Configure CONFIG_SYSTEM_REVOCATION_KEYS with revoked keys
* Support importing mokx keys into revocation list from the mok table
(LP: #1928679)
- efi: Support for MOK variable config table
- efi: mokvar-table: fix some issues in new code
- efi: mokvar: add missing include of asm/early_ioremap.h
- efi/mokvar: Reserve the table only if it is in boot services data
- SAUCE: integrity: Load mokx certs from the EFI MOK config table
- SAUCE: integrity: add informational messages when revoking certs
* CVE-2021-4002
- arm64: tlb: Provide forward declaration of tlb_flush() before including
tlb.h
- mm: mmu_notifier fix for tlb_end_vma
- hugetlbfs: flush TLBs correctly after huge_pmd_unshare
[ Ubuntu: 4.15.0-164.172 ]
* bionic/linux: 4.15.0-164.172 -proposed tracker (LP: #1952348)
* Packaging resync (LP: #1786013)
- [Packaging] resync update-dkms-versions helper
- debian/dkms-versions -- update from kernel-versions (main/2021.11.29)
* Bionic update: upstream stable patchset 2021-11-23 (LP: #1951997)
- btrfs: always wait on ordered extents at fsync time
- ARM: dts: at91: sama5d2_som1_ek: disable ISC node by default
- xtensa: xtfpga: use CONFIG_USE_OF instead of CONFIG_OF
- xtensa: xtfpga: Try software restart before simulating CPU reset
- NFSD: Keep existing listeners on portlist error
- netfilter: ipvs: make global sysctl readonly in non-init netns
- NIOS2: irqflags: rename a redefined register name
- can: rcar_can: fix suspend/resume
- can: peak_usb: pcan_usb_fd_decode_status(): fix back to ERROR_ACTIVE state
notification
- can: peak_pci: peak_pci_remove(): fix UAF
- ocfs2: fix data corruption after conversion from inline format
- ocfs2: mount fails with buffer overflow in strlen
- elfcore: correct reference to CONFIG_UML
- ALSA: usb-audio: Provide quirk for Sennheiser GSP670 Headset
- ASoC: DAPM: Fix missing kctl change notifications
- nfc: nci: fix the UAF of rf_conn_info object
- isdn: cpai: check ctr->cnr to avoid array index out of bound
- netfilter: Kconfig: use 'default y' instead of 'm' for bool config option
- btrfs: deal with errors when checking if a dir entry exists during log
replay
- net: stmmac: add support for dwmac 3.40a
- ARM: dts: spear3xx: Fix gmac node
- isdn: mISDN: Fix sleeping function called from invalid context
- platform/x86: intel_scu_ipc: Update timeout value in comment
- ALSA: hda: avoid write to STATESTS if controller is in reset
- tracing: Have all levels of checks prevent recursion
- ARM: 9122/1: select HAVE_FUTEX_CMPXCHG
- dma-debug: fix sg checks in debug_dma_map_sg()
- ASoC: wm8960: Fix clock configuration on slave mode
- lan78xx: select CRC32
- net: hns3: add limit ets dwrr bandwidth cannot be 0
- net: hns3: disable sriov before unload hclge layer
- ALSA: hda/realtek: Add quirk for Clevo PC50HS
- mm, slub: fix mismatch between reconstructed freelist depth and cnt
- gcc-plugins/structleak: add makefile var for disabling structleak
* creat09 from ubuntu_ltp_syscalls and cve-2018-13405 from ubuntu_ltp/cve
failed with XFS (LP: #1950239)
- xfs: ensure that the inode uid/gid match values match the icdinode ones
- xfs: merge the projid fields in struct xfs_icdinode
- xfs: remove the icdinode di_uid/di_gid members
- xfs: fix up non-directory creation in SGID directories
* ubuntu_ltp / finit_module02 fails on v4.15 and other kernels (LP: #1950644)
- vfs: check fd has read access in kernel_read_file_from_fd()
* reuseport_bpf_numa in net from ubuntu_kernel_selftests fails on ppc64le
(LP: #1867570)
- selftests/net: Fix reuseport_bpf_numa by skipping unavailable nodes
* Bionic update: upstream stable patchset 2021-11-12 (LP: #1950816)
- net: mdio: introduce a shutdown method to mdio device drivers
- xen-netback: correct success/error reporting for the SKB-with-fraglist case
- sparc64: fix pci_iounmap() when CONFIG_PCI is not set
- ext2: fix sleeping in atomic bugs on error
- scsi: sd: Free scsi_disk device via put_device()
- usb: testusb: Fix for showing the connection speed
- usb: dwc2: check return value after calling platform_get_resource()
- scsi: ses: Retry failed Send/Receive Diagnostic commands
- libata: Add ATA_HORKAGE_NO_NCQ_ON_ATI for Samsung 860 and 870 SSD.
- lib/timerqueue: Rely on rbtree semantics for next timer
- selftests: be sure to make khdr before other targets
- Partially revert "usb: Kconfig: using select for USB_COMMON dependency"
- USB: cdc-acm: fix racy tty buffer accesses
- USB: cdc-acm: fix break reporting
- ovl: fix missing negative dentry check in ovl_rename()
- nfsd4: Handle the NFSv4 READDIR 'dircount' hint being zero
- xen/balloon: fix cancelled balloon action
- ARM: dts: omap3430-sdp: Fix NAND device node
- ARM: dts: qcom: apq8064: use compatible which contains chipid
- bpf: add also cbpf long jump test cases with heavy expansion
- bpf, mips: Validate conditional branch offsets
- xtensa: call irqchip_init only when CONFIG_USE_OF is selected
- bpf: Fix integer overflow in prealloc_elems_and_freelist()
- phy: mdio: fix memory leak
- net_sched: fix NULL deref in fifo_set_limit()
- powerpc/fsl/dts: Fix phy-connection-type for fm1mac3
- ptp_pch: Load module automatically if ID matches
- ARM: imx6: disable the GIC CPU interface before calling stby-poweroff
sequence
- net: bridge: use nla_total_size_64bit() in br_get_linkxstats_size()
- netlink: annotate data races around nlk->bound
- drm/nouveau/debugfs: fix file release memory leak
- rtnetlink: fix if_nlmsg_stats_size() under estimation
- i40e: fix endless loop under rtnl
- i2c: acpi: fix resource leak in reconfiguration device addition
- net: phy: bcm7xxx: Fixed indirect MMD operations
- HID: apple: Fix logical maximum and usage maximum of Magic Keyboard JIS
- netfilter: ip6_tables: zero-initialize fragment offset
- mac80211: Drop frames from invalid MAC address in ad-hoc mode
- m68k: Handle arrivals of multiple signals correctly
- net: sun: SUNVNET_COMMON should depend on INET
- scsi: ses: Fix unsigned comparison with less than zero
- scsi: virtio_scsi: Fix spelling mistake "Unsupport" -> "Unsupported"
- perf/x86: Reset destroy callback on event init failure
- sched: Always inline is_percpu_thread()
- bpf, arm: Fix register clobbering in div/mod implementation
- i40e: Fix freeing of uninitialized misc IRQ vector
- mac80211: check return value of rhashtable_init
- stable: clamp SUBLEVEL in 4.14
- ALSA: seq: Fix a potential UAF by wrong private_free call order
- s390: fix strrchr() implementation
- btrfs: deal with errors when replaying dir entry during log replay
- btrfs: deal with errors when adding inode reference during log replay
- btrfs: check for error when looking up inode during dir entry replay
- xhci: Fix command ring pointer corruption while aborting a command
- xhci: Enable trust tx length quirk for Fresco FL11 USB controller
- cb710: avoid NULL pointer subtraction
- efi/cper: use stack buffer for error record decoding
- efi: Change down_interruptible() in virt_efi_reset_system() to
down_trylock()
- usb: musb: dsps: Fix the probe error path
- Input: xpad - add support for another USB ID of Nacon GC-100
- USB: serial: qcserial: add EM9191 QDL support
- USB: serial: option: add Quectel EC200S-CN module support
- USB: serial: option: add Telit LE910Cx composition 0x1204
- USB: serial: option: add prod. id for Quectel EG91
- virtio: write back F_VERSION_1 before validate
- nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells
- x86/Kconfig: Do not enable AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT automatically
- iio: adc: aspeed: set driver data when adc probe.
- iio: adc128s052: Fix the error handling path of 'adc128_probe()'
- iio: light: opt3001: Fixed timeout error when 0 lux
- iio: ssp_sensors: add more range checking in ssp_parse_dataframe()
- iio: ssp_sensors: fix error code in ssp_print_mcu_debug()
- sctp: account stream padding length for reconf chunk
- net: arc: select CRC32
- net: korina: select CRC32
- net: encx24j600: check error in devm_regmap_init_encx24j600
- ethernet: s2io: fix setting mac address during resume
- nfc: fix error handling of nfc_proto_register()
- NFC: digital: fix possible memory leak in digital_tg_listen_mdaa()
- NFC: digital: fix possible memory leak in digital_in_send_sdd_req()
- pata_legacy: fix a couple uninitialized variable bugs
- drm/msm: Fix null pointer dereference on pointer edp
- drm/msm/dsi: fix off by one in dsi_bus_clk_enable error handling
- acpi/arm64: fix next_platform_timer() section mismatch error
- qed: Fix missing error code in qed_slowpath_start()
- r8152: select CRC32 and CRYPTO/CRYPTO_HASH/CRYPTO_SHA256
Date: 2021-12-03 17:19:10.433143+00:00
Changed-By: Ian May <ian.may at canonical.com>
Signed-By: Andy Whitcroft <apw at canonical.com>
https://launchpad.net/ubuntu/+source/linux-aws/4.15.0-1117.124
-------------- next part --------------
Sorry, changesfile not available.
More information about the Bionic-changes
mailing list