[ubuntu/eoan-proposed] linux-azure_5.3.0-1007.8_amd64.tar.gz - (Accepted)
Stefan Bader
stefan.bader at canonical.com
Tue Nov 12 18:07:44 UTC 2019
linux-azure (5.3.0-1007.8) eoan; urgency=medium
* CVE-2019-11135
- [Config] azure: Disable TSX by default when possible
[ Ubuntu: 5.3.0-22.24 ]
* [REGRESSION] md/raid0: cannot assemble multi-zone RAID0 with default_layout
setting (LP: #1849682)
- Revert "md/raid0: avoid RAID0 data corruption due to layout confusion."
* refcount underflow and type confusion in shiftfs (LP: #1850867) // CVE-2019-15793
- SAUCE: shiftfs: Correct id translation for lower fs operations
- SAUCE: shiftfs: prevent type confusion
- SAUCE: shiftfs: Fix refcount underflow in btrfs ioctl handling
* CVE-2018-12207
- kvm: x86, powerpc: do not allow clearing largepages debugfs entry
- SAUCE: KVM: vmx, svm: always run with EFER.NXE=1 when shadow paging is
active
- SAUCE: x86: Add ITLB_MULTIHIT bug infrastructure
- SAUCE: kvm: mmu: ITLB_MULTIHIT mitigation
- SAUCE: kvm: Add helper function for creating VM worker threads
- SAUCE: kvm: x86: mmu: Recovery of shattered NX large pages
- SAUCE: cpu/speculation: Uninline and export CPU mitigations helpers
- SAUCE: kvm: x86: mmu: Apply global mitigations knob to ITLB_MULTIHIT
* CVE-2019-11135
- x86/msr: Add the IA32_TSX_CTRL MSR
- x86/cpu: Add a helper function x86_read_arch_cap_msr()
- x86/cpu: Add a "tsx=" cmdline option with TSX disabled by default
- x86/speculation/taa: Add mitigation for TSX Async Abort
- x86/speculation/taa: Add sysfs reporting for TSX Async Abort
- kvm/x86: Export MDS_NO=0 to guests when TSX is enabled
- x86/tsx: Add "auto" option to the tsx= cmdline parameter
- x86/speculation/taa: Add documentation for TSX Async Abort
- x86/tsx: Add config options to set tsx=on|off|auto
- [Config] Disable TSX by default when possible
* CVE-2019-0154
- SAUCE: drm/i915: Lower RM timeout to avoid DSI hard hangs
- SAUCE: drm/i915/gen8+: Add RC6 CTX corruption WA
* CVE-2019-0155
- SAUCE: drm/i915: Rename gen7 cmdparser tables
- SAUCE: drm/i915: Disable Secure Batches for gen6+
- SAUCE: drm/i915: Remove Master tables from cmdparser
- SAUCE: drm/i915: Add support for mandatory cmdparsing
- SAUCE: drm/i915: Support ro ppgtt mapped cmdparser shadow buffers
- SAUCE: drm/i915: Allow parsing of unsized batches
- SAUCE: drm/i915: Add gen9 BCS cmdparsing
- SAUCE: drm/i915/cmdparser: Use explicit goto for error paths
- SAUCE: drm/i915/cmdparser: Add support for backward jumps
- SAUCE: drm/i915/cmdparser: Ignore Length operands during command matching
Date: Mon, 11 Nov 2019 10:04:26 +0100
Changed-By: Stefan Bader <stefan.bader at canonical.com>
Maintainer: Launchpad Build Daemon <buildd at lgw01-amd64-049.buildd>
-------------- next part --------------
Format: 1.8
Date: Mon, 11 Nov 2019 10:04:26 +0100
Source: linux-azure
Binary: linux-azure-cloud-tools-5.3.0-1007 linux-azure-headers-5.3.0-1007 linux-azure-tools-5.3.0-1007 linux-buildinfo-5.3.0-1007-azure linux-cloud-tools-5.3.0-1007-azure linux-headers-5.3.0-1007-azure linux-image-unsigned-5.3.0-1007-azure linux-modules-5.3.0-1007-azure linux-modules-extra-5.3.0-1007-azure linux-tools-5.3.0-1007-azure
Architecture: amd64 all amd64_translations
Version: 5.3.0-1007.8
Distribution: eoan
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd at lgw01-amd64-049.buildd>
Changed-By: Stefan Bader <stefan.bader at canonical.com>
Description:
linux-azure-cloud-tools-5.3.0-1007 - Linux kernel version specific cloud tools for version 5.3.0-1007
linux-azure-headers-5.3.0-1007 - Header files related to Linux kernel version 5.3.0
linux-azure-tools-5.3.0-1007 - Linux kernel version specific tools for version 5.3.0-1007
linux-buildinfo-5.3.0-1007-azure - Linux kernel buildinfo for version 5.3.0 on 64 bit x86 SMP
linux-cloud-tools-5.3.0-1007-azure - Linux kernel version specific cloud tools for version 5.3.0-1007
linux-headers-5.3.0-1007-azure - Linux kernel headers for version 5.3.0 on 64 bit x86 SMP
linux-image-unsigned-5.3.0-1007-azure - Linux kernel image for version 5.3.0 on 64 bit x86 SMP
linux-modules-5.3.0-1007-azure - Linux kernel extra modules for version 5.3.0 on 64 bit x86 SMP
linux-modules-extra-5.3.0-1007-azure - Linux kernel extra modules for version 5.3.0 on 64 bit x86 SMP
linux-tools-5.3.0-1007-azure - Linux kernel version specific tools for version 5.3.0-1007
Launchpad-Bugs-Fixed: 1849682 1850867
Changes:
linux-azure (5.3.0-1007.8) eoan; urgency=medium
.
* CVE-2019-11135
- [Config] azure: Disable TSX by default when possible
.
[ Ubuntu: 5.3.0-22.24 ]
.
* [REGRESSION] md/raid0: cannot assemble multi-zone RAID0 with default_layout
setting (LP: #1849682)
- Revert "md/raid0: avoid RAID0 data corruption due to layout confusion."
* refcount underflow and type confusion in shiftfs (LP: #1850867) // CVE-2019-15793
- SAUCE: shiftfs: Correct id translation for lower fs operations
- SAUCE: shiftfs: prevent type confusion
- SAUCE: shiftfs: Fix refcount underflow in btrfs ioctl handling
* CVE-2018-12207
- kvm: x86, powerpc: do not allow clearing largepages debugfs entry
- SAUCE: KVM: vmx, svm: always run with EFER.NXE=1 when shadow paging is
active
- SAUCE: x86: Add ITLB_MULTIHIT bug infrastructure
- SAUCE: kvm: mmu: ITLB_MULTIHIT mitigation
- SAUCE: kvm: Add helper function for creating VM worker threads
- SAUCE: kvm: x86: mmu: Recovery of shattered NX large pages
- SAUCE: cpu/speculation: Uninline and export CPU mitigations helpers
- SAUCE: kvm: x86: mmu: Apply global mitigations knob to ITLB_MULTIHIT
* CVE-2019-11135
- x86/msr: Add the IA32_TSX_CTRL MSR
- x86/cpu: Add a helper function x86_read_arch_cap_msr()
- x86/cpu: Add a "tsx=" cmdline option with TSX disabled by default
- x86/speculation/taa: Add mitigation for TSX Async Abort
- x86/speculation/taa: Add sysfs reporting for TSX Async Abort
- kvm/x86: Export MDS_NO=0 to guests when TSX is enabled
- x86/tsx: Add "auto" option to the tsx= cmdline parameter
- x86/speculation/taa: Add documentation for TSX Async Abort
- x86/tsx: Add config options to set tsx=on|off|auto
- [Config] Disable TSX by default when possible
* CVE-2019-0154
- SAUCE: drm/i915: Lower RM timeout to avoid DSI hard hangs
- SAUCE: drm/i915/gen8+: Add RC6 CTX corruption WA
* CVE-2019-0155
- SAUCE: drm/i915: Rename gen7 cmdparser tables
- SAUCE: drm/i915: Disable Secure Batches for gen6+
- SAUCE: drm/i915: Remove Master tables from cmdparser
- SAUCE: drm/i915: Add support for mandatory cmdparsing
- SAUCE: drm/i915: Support ro ppgtt mapped cmdparser shadow buffers
- SAUCE: drm/i915: Allow parsing of unsized batches
- SAUCE: drm/i915: Add gen9 BCS cmdparsing
- SAUCE: drm/i915/cmdparser: Use explicit goto for error paths
- SAUCE: drm/i915/cmdparser: Add support for backward jumps
- SAUCE: drm/i915/cmdparser: Ignore Length operands during command matching
Checksums-Sha1:
42a50f2923903deda3798517292d24498a74210b 70260 linux-azure-cloud-tools-5.3.0-1007_5.3.0-1007.8_amd64.deb
f25847ccaed18ad7c34a4f630eba5bd6fda39b95 10975512 linux-azure-headers-5.3.0-1007_5.3.0-1007.8_all.deb
7314889a88c210f68f54965f64ec54967c444342 5478352 linux-azure-tools-5.3.0-1007_5.3.0-1007.8_amd64.deb
86709ae748b049c1c832f9765b40ebf0b7c1599f 16115 linux-azure_5.3.0-1007.8_amd64.buildinfo
5efef3824e4cff819c9c5a48f72df1f83ebd24e3 8034909 linux-azure_5.3.0-1007.8_amd64.tar.gz
5bfc56540781a5100955def8869066d7c569751f 24517 linux-azure_5.3.0-1007.8_amd64_translations.tar.gz
c86ddc94eba730705d6548566f310212c382fb54 196336 linux-buildinfo-5.3.0-1007-azure_5.3.0-1007.8_amd64.deb
08eb3b4dda8399b9fdbc16a77ac9e0ed9120a00a 1864 linux-cloud-tools-5.3.0-1007-azure_5.3.0-1007.8_amd64.deb
957ffbde08ba72b0307572085b67daf8c4d85e55 1041712 linux-headers-5.3.0-1007-azure_5.3.0-1007.8_amd64.deb
588ac7d077ba685d3cf74e0a10aaf476affd5b53 511721644 linux-image-unsigned-5.3.0-1007-azure-dbgsym_5.3.0-1007.8_amd64.ddeb
2767c214c087d337508208814c8d59ba33faa985 8076700 linux-image-unsigned-5.3.0-1007-azure_5.3.0-1007.8_amd64.deb
4cd7f0d3ed0e5292f9ddcf8449e3ba840fbc99a2 12836760 linux-modules-5.3.0-1007-azure_5.3.0-1007.8_amd64.deb
17e9832fc846285440897abab491b863fe8a7737 15151796 linux-modules-extra-5.3.0-1007-azure_5.3.0-1007.8_amd64.deb
820f22b952be9a1f4c22d709ebc4e274b0741fe8 1956 linux-tools-5.3.0-1007-azure_5.3.0-1007.8_amd64.deb
Checksums-Sha256:
081b992b827f0f7865432b9052f93efdcf8de2d61d69ed9ce4110abc9d154b2a 70260 linux-azure-cloud-tools-5.3.0-1007_5.3.0-1007.8_amd64.deb
e96e6becb36376cbbb2e1d3a3564d9a0cb96bddeb8773f8a99380c2222fe6ec8 10975512 linux-azure-headers-5.3.0-1007_5.3.0-1007.8_all.deb
2c19f783f991def31e1e0246408c6d9b4532cc40f70941b6d08a6ca272bd98fc 5478352 linux-azure-tools-5.3.0-1007_5.3.0-1007.8_amd64.deb
70faea6410615f998b5abd5d072fb390f815595511ef8442b249f436e002968d 16115 linux-azure_5.3.0-1007.8_amd64.buildinfo
bb0f4e68bd5207732925e764e64b4fa751fa70dd4c0436d5de0c81d07ec1cfc0 8034909 linux-azure_5.3.0-1007.8_amd64.tar.gz
f794827da64baafbed28418010e7fd3458b780b569ec63a44d2ddb9f848ceca0 24517 linux-azure_5.3.0-1007.8_amd64_translations.tar.gz
60b8f71a9f37868408403c3b81d7c73233af559750f76e76aace5a13bf405f01 196336 linux-buildinfo-5.3.0-1007-azure_5.3.0-1007.8_amd64.deb
bb449b9155806694114f9d2eea11a08a8288ed7e9afd4c7410070351c1abf841 1864 linux-cloud-tools-5.3.0-1007-azure_5.3.0-1007.8_amd64.deb
a17afdf76298456330b1a828c3ec6099d0ad188e3a174ab751ae354ff4c1a41e 1041712 linux-headers-5.3.0-1007-azure_5.3.0-1007.8_amd64.deb
c36eb720e7ab93c18129d3c5c2bea90804d7e1d2cc8d909102b7afa26b02ca50 511721644 linux-image-unsigned-5.3.0-1007-azure-dbgsym_5.3.0-1007.8_amd64.ddeb
029aee45e965f24cd4d8fb8319eca5f758eed572c8fe45e2b3bbb437cac12eb9 8076700 linux-image-unsigned-5.3.0-1007-azure_5.3.0-1007.8_amd64.deb
6933000a069856b9a8b585e4386e95d189b624c93c844cfb2d2d9bb2d9ae69a3 12836760 linux-modules-5.3.0-1007-azure_5.3.0-1007.8_amd64.deb
3fce6cf03e1210620de80ff23a0f0aa6fe7c08c5c2b3ea5a3862d1362ac78719 15151796 linux-modules-extra-5.3.0-1007-azure_5.3.0-1007.8_amd64.deb
fcfed4d5371e10e05471e670f606f917b6a5078e8f5ebbec425d9b1ecb3ba151 1956 linux-tools-5.3.0-1007-azure_5.3.0-1007.8_amd64.deb
Files:
39fed1d18feea36ad144b8df85ccb426 70260 devel optional linux-azure-cloud-tools-5.3.0-1007_5.3.0-1007.8_amd64.deb
ee847239186fbde102e3ede75a449ceb 10975512 devel optional linux-azure-headers-5.3.0-1007_5.3.0-1007.8_all.deb
30f713ef5de8c0cb41a7a7c67501c27e 5478352 devel optional linux-azure-tools-5.3.0-1007_5.3.0-1007.8_amd64.deb
a87d12b16897c2e0a839c71f397ef3f7 16115 devel optional linux-azure_5.3.0-1007.8_amd64.buildinfo
6883125b6b0f415d2d7f96f0733ea7fd 8034909 raw-signing - linux-azure_5.3.0-1007.8_amd64.tar.gz
969f5983f3d077f271ac59fa2ed20692 24517 raw-translations - linux-azure_5.3.0-1007.8_amd64_translations.tar.gz
af232cf0074765c097deae724155a33b 196336 kernel optional linux-buildinfo-5.3.0-1007-azure_5.3.0-1007.8_amd64.deb
5a0f70fa49505b24ba6c6c611468ef96 1864 devel optional linux-cloud-tools-5.3.0-1007-azure_5.3.0-1007.8_amd64.deb
9ea1bbde180843f09fb46338d2b9df2b 1041712 devel optional linux-headers-5.3.0-1007-azure_5.3.0-1007.8_amd64.deb
94edb0fa33b97da0f503cce91f64ccf9 511721644 devel optional linux-image-unsigned-5.3.0-1007-azure-dbgsym_5.3.0-1007.8_amd64.ddeb
b4c31bb4cce84cee3b97af749aed2f10 8076700 kernel optional linux-image-unsigned-5.3.0-1007-azure_5.3.0-1007.8_amd64.deb
5809a4ccea8f87ae99e639b37a182d4b 12836760 kernel optional linux-modules-5.3.0-1007-azure_5.3.0-1007.8_amd64.deb
d935607b11c5b23ca68ed6a194e58486 15151796 kernel optional linux-modules-extra-5.3.0-1007-azure_5.3.0-1007.8_amd64.deb
9e088d3bcc8d9beedef529d5acc73706 1956 devel optional linux-tools-5.3.0-1007-azure_5.3.0-1007.8_amd64.deb
More information about the Eoan-changes
mailing list