[ubuntu/eoan-updates] linux-gcp_5.3.0-1008.9_amd64.tar.gz - (Accepted)
Stefan Bader
stefan.bader at canonical.com
Tue Nov 12 22:27:00 UTC 2019
linux-gcp (5.3.0-1008.9) eoan; urgency=medium
* CVE-2019-11135
- [Config] gcp: Disable TSX by default when possible
[ Ubuntu: 5.3.0-22.24 ]
* [REGRESSION] md/raid0: cannot assemble multi-zone RAID0 with default_layout
setting (LP: #1849682)
- Revert "md/raid0: avoid RAID0 data corruption due to layout confusion."
* refcount underflow and type confusion in shiftfs (LP: #1850867) // CVE-2019-15793
- SAUCE: shiftfs: Correct id translation for lower fs operations
- SAUCE: shiftfs: prevent type confusion
- SAUCE: shiftfs: Fix refcount underflow in btrfs ioctl handling
* CVE-2018-12207
- kvm: x86, powerpc: do not allow clearing largepages debugfs entry
- SAUCE: KVM: vmx, svm: always run with EFER.NXE=1 when shadow paging is
active
- SAUCE: x86: Add ITLB_MULTIHIT bug infrastructure
- SAUCE: kvm: mmu: ITLB_MULTIHIT mitigation
- SAUCE: kvm: Add helper function for creating VM worker threads
- SAUCE: kvm: x86: mmu: Recovery of shattered NX large pages
- SAUCE: cpu/speculation: Uninline and export CPU mitigations helpers
- SAUCE: kvm: x86: mmu: Apply global mitigations knob to ITLB_MULTIHIT
* CVE-2019-11135
- x86/msr: Add the IA32_TSX_CTRL MSR
- x86/cpu: Add a helper function x86_read_arch_cap_msr()
- x86/cpu: Add a "tsx=" cmdline option with TSX disabled by default
- x86/speculation/taa: Add mitigation for TSX Async Abort
- x86/speculation/taa: Add sysfs reporting for TSX Async Abort
- kvm/x86: Export MDS_NO=0 to guests when TSX is enabled
- x86/tsx: Add "auto" option to the tsx= cmdline parameter
- x86/speculation/taa: Add documentation for TSX Async Abort
- x86/tsx: Add config options to set tsx=on|off|auto
- [Config] Disable TSX by default when possible
* CVE-2019-0154
- SAUCE: drm/i915: Lower RM timeout to avoid DSI hard hangs
- SAUCE: drm/i915/gen8+: Add RC6 CTX corruption WA
* CVE-2019-0155
- SAUCE: drm/i915: Rename gen7 cmdparser tables
- SAUCE: drm/i915: Disable Secure Batches for gen6+
- SAUCE: drm/i915: Remove Master tables from cmdparser
- SAUCE: drm/i915: Add support for mandatory cmdparsing
- SAUCE: drm/i915: Support ro ppgtt mapped cmdparser shadow buffers
- SAUCE: drm/i915: Allow parsing of unsized batches
- SAUCE: drm/i915: Add gen9 BCS cmdparsing
- SAUCE: drm/i915/cmdparser: Use explicit goto for error paths
- SAUCE: drm/i915/cmdparser: Add support for backward jumps
- SAUCE: drm/i915/cmdparser: Ignore Length operands during command matching
Date: Mon, 11 Nov 2019 10:20:55 +0100
Changed-By: Stefan Bader <stefan.bader at canonical.com>
Maintainer: Launchpad Build Daemon <buildd at lgw01-amd64-038.buildd>
-------------- next part --------------
Format: 1.8
Date: Mon, 11 Nov 2019 10:20:55 +0100
Source: linux-gcp
Binary: linux-buildinfo-5.3.0-1008-gcp linux-gcp-headers-5.3.0-1008 linux-gcp-tools-5.3.0-1008 linux-headers-5.3.0-1008-gcp linux-image-unsigned-5.3.0-1008-gcp linux-modules-5.3.0-1008-gcp linux-modules-extra-5.3.0-1008-gcp linux-tools-5.3.0-1008-gcp
Architecture: amd64 amd64_translations
Version: 5.3.0-1008.9
Distribution: eoan
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd at lgw01-amd64-038.buildd>
Changed-By: Stefan Bader <stefan.bader at canonical.com>
Description:
linux-buildinfo-5.3.0-1008-gcp - Linux kernel buildinfo for version 5.3.0 on 64 bit x86 SMP
linux-gcp-headers-5.3.0-1008 - Header files related to Linux kernel version 5.3.0
linux-gcp-tools-5.3.0-1008 - Linux kernel version specific tools for version 5.3.0-1008
linux-headers-5.3.0-1008-gcp - Linux kernel headers for version 5.3.0 on 64 bit x86 SMP
linux-image-unsigned-5.3.0-1008-gcp - Linux kernel image for version 5.3.0 on 64 bit x86 SMP
linux-modules-5.3.0-1008-gcp - Linux kernel extra modules for version 5.3.0 on 64 bit x86 SMP
linux-modules-extra-5.3.0-1008-gcp - Linux kernel extra modules for version 5.3.0 on 64 bit x86 SMP
linux-tools-5.3.0-1008-gcp - Linux kernel version specific tools for version 5.3.0-1008
Launchpad-Bugs-Fixed: 1849682 1850867
Changes:
linux-gcp (5.3.0-1008.9) eoan; urgency=medium
.
* CVE-2019-11135
- [Config] gcp: Disable TSX by default when possible
.
[ Ubuntu: 5.3.0-22.24 ]
.
* [REGRESSION] md/raid0: cannot assemble multi-zone RAID0 with default_layout
setting (LP: #1849682)
- Revert "md/raid0: avoid RAID0 data corruption due to layout confusion."
* refcount underflow and type confusion in shiftfs (LP: #1850867) // CVE-2019-15793
- SAUCE: shiftfs: Correct id translation for lower fs operations
- SAUCE: shiftfs: prevent type confusion
- SAUCE: shiftfs: Fix refcount underflow in btrfs ioctl handling
* CVE-2018-12207
- kvm: x86, powerpc: do not allow clearing largepages debugfs entry
- SAUCE: KVM: vmx, svm: always run with EFER.NXE=1 when shadow paging is
active
- SAUCE: x86: Add ITLB_MULTIHIT bug infrastructure
- SAUCE: kvm: mmu: ITLB_MULTIHIT mitigation
- SAUCE: kvm: Add helper function for creating VM worker threads
- SAUCE: kvm: x86: mmu: Recovery of shattered NX large pages
- SAUCE: cpu/speculation: Uninline and export CPU mitigations helpers
- SAUCE: kvm: x86: mmu: Apply global mitigations knob to ITLB_MULTIHIT
* CVE-2019-11135
- x86/msr: Add the IA32_TSX_CTRL MSR
- x86/cpu: Add a helper function x86_read_arch_cap_msr()
- x86/cpu: Add a "tsx=" cmdline option with TSX disabled by default
- x86/speculation/taa: Add mitigation for TSX Async Abort
- x86/speculation/taa: Add sysfs reporting for TSX Async Abort
- kvm/x86: Export MDS_NO=0 to guests when TSX is enabled
- x86/tsx: Add "auto" option to the tsx= cmdline parameter
- x86/speculation/taa: Add documentation for TSX Async Abort
- x86/tsx: Add config options to set tsx=on|off|auto
- [Config] Disable TSX by default when possible
* CVE-2019-0154
- SAUCE: drm/i915: Lower RM timeout to avoid DSI hard hangs
- SAUCE: drm/i915/gen8+: Add RC6 CTX corruption WA
* CVE-2019-0155
- SAUCE: drm/i915: Rename gen7 cmdparser tables
- SAUCE: drm/i915: Disable Secure Batches for gen6+
- SAUCE: drm/i915: Remove Master tables from cmdparser
- SAUCE: drm/i915: Add support for mandatory cmdparsing
- SAUCE: drm/i915: Support ro ppgtt mapped cmdparser shadow buffers
- SAUCE: drm/i915: Allow parsing of unsized batches
- SAUCE: drm/i915: Add gen9 BCS cmdparsing
- SAUCE: drm/i915/cmdparser: Use explicit goto for error paths
- SAUCE: drm/i915/cmdparser: Add support for backward jumps
- SAUCE: drm/i915/cmdparser: Ignore Length operands during command matching
Checksums-Sha1:
ffc254a71812eb5d2f79aa86b1f9ed97c4617daa 295616 linux-buildinfo-5.3.0-1008-gcp_5.3.0-1008.9_amd64.deb
ff68ff895d18d8aa483d5b04ceb4f5185b3defd8 10998108 linux-gcp-headers-5.3.0-1008_5.3.0-1008.9_amd64.deb
7430dab3fb539a2199cfa822060d77f314f949b8 5502312 linux-gcp-tools-5.3.0-1008_5.3.0-1008.9_amd64.deb
96d838416fa53e76edc58f91f177173c49dd325f 15325 linux-gcp_5.3.0-1008.9_amd64.buildinfo
26da78c87d81e644400052ed3a313f3979945322 9263465 linux-gcp_5.3.0-1008.9_amd64.tar.gz
cb6785f94a64898d0e505389c80c2abb48177bfc 24516 linux-gcp_5.3.0-1008.9_amd64_translations.tar.gz
0565ff5adb0477c61429bfe2a5d22396a22dd03f 1239352 linux-headers-5.3.0-1008-gcp_5.3.0-1008.9_amd64.deb
6b8a5489c0636621cc20adc7e2b734fb86aeb5b9 894516500 linux-image-unsigned-5.3.0-1008-gcp-dbgsym_5.3.0-1008.9_amd64.ddeb
f62aec7dc2e6eff7f43a809ac7d6234d310e33e2 8764684 linux-image-unsigned-5.3.0-1008-gcp_5.3.0-1008.9_amd64.deb
a1ccb0b4cc55b4f5a64649fd3d0eeb087c8b3a52 13860648 linux-modules-5.3.0-1008-gcp_5.3.0-1008.9_amd64.deb
c6647723815176099ae00e90d82396638f1a2544 33036512 linux-modules-extra-5.3.0-1008-gcp_5.3.0-1008.9_amd64.deb
e239323ab74034cd30221f26df593599e465d081 1956 linux-tools-5.3.0-1008-gcp_5.3.0-1008.9_amd64.deb
Checksums-Sha256:
aa8d2d6061e618923678a63aa669334d30d43d12af9d1a6eb51fe75952beb6f9 295616 linux-buildinfo-5.3.0-1008-gcp_5.3.0-1008.9_amd64.deb
88140b320820b53ae177ba206e84992d7de7e5a0445f12ef5e126910def2e47b 10998108 linux-gcp-headers-5.3.0-1008_5.3.0-1008.9_amd64.deb
32b3dc51c23e0857127fc482f222c82789a73223794563d7366bab93810d05b4 5502312 linux-gcp-tools-5.3.0-1008_5.3.0-1008.9_amd64.deb
c51e76d593f66333e27bf57b79b723903a10498d487d8eacc5f92b47120f0c26 15325 linux-gcp_5.3.0-1008.9_amd64.buildinfo
dfe05a85396e9573cc0e236a6fb5d2cda18bd59bab3d25bdd4001778bdf645d5 9263465 linux-gcp_5.3.0-1008.9_amd64.tar.gz
707a91af4f7ef2276f0830d5ade616049aefd9da6a503d64ecbc52f40360226a 24516 linux-gcp_5.3.0-1008.9_amd64_translations.tar.gz
342efc772ab5f0d1e1270d43853edf2984b0040f36b32f958f3543456fb33f0d 1239352 linux-headers-5.3.0-1008-gcp_5.3.0-1008.9_amd64.deb
514c92d3922f5222eb6123eb39c409f8cca94cbc23fe3e1690802f3c31106bd0 894516500 linux-image-unsigned-5.3.0-1008-gcp-dbgsym_5.3.0-1008.9_amd64.ddeb
54e20d0b06ec7c1ccbb25ee2463c66279a1ff54ad91e471c657892ea0cc2f85d 8764684 linux-image-unsigned-5.3.0-1008-gcp_5.3.0-1008.9_amd64.deb
47f034b1511ff010b98f98514a7358a873ef2fe9888346fdcc87b2b7ade485d7 13860648 linux-modules-5.3.0-1008-gcp_5.3.0-1008.9_amd64.deb
5eabe0584f255c322c8faa06773c9d1af8ba47991c2b59b067b2e1dccbdeda0c 33036512 linux-modules-extra-5.3.0-1008-gcp_5.3.0-1008.9_amd64.deb
1ebd9b0a50305c60dbe06836c4a1ff598ffdbbedcfa0e779ef35ac397bfbebbd 1956 linux-tools-5.3.0-1008-gcp_5.3.0-1008.9_amd64.deb
Files:
83218d0f7b69fdcd64702d94ebc7d973 295616 kernel optional linux-buildinfo-5.3.0-1008-gcp_5.3.0-1008.9_amd64.deb
60278a975f85350ee966f5ace6958fe5 10998108 devel optional linux-gcp-headers-5.3.0-1008_5.3.0-1008.9_amd64.deb
8209a091de9ca13af80b1ad67d34bbd5 5502312 devel optional linux-gcp-tools-5.3.0-1008_5.3.0-1008.9_amd64.deb
808c09ea46147cbbc88c14361bb7bdce 15325 devel optional linux-gcp_5.3.0-1008.9_amd64.buildinfo
6e22cf9415808188819a5f0b3be3b989 9263465 raw-signing - linux-gcp_5.3.0-1008.9_amd64.tar.gz
699f6957302f780701fe343d99fbb4e6 24516 raw-translations - linux-gcp_5.3.0-1008.9_amd64_translations.tar.gz
deaec3da48da7fae4cc262102a5b95f3 1239352 devel optional linux-headers-5.3.0-1008-gcp_5.3.0-1008.9_amd64.deb
f316de8ff48956389ac991b9a1d5a600 894516500 devel optional linux-image-unsigned-5.3.0-1008-gcp-dbgsym_5.3.0-1008.9_amd64.ddeb
a6173d2d4b06e1165220644661732a99 8764684 kernel optional linux-image-unsigned-5.3.0-1008-gcp_5.3.0-1008.9_amd64.deb
ee44e5fab15f2d79cd6082879cb35116 13860648 kernel optional linux-modules-5.3.0-1008-gcp_5.3.0-1008.9_amd64.deb
9a0f6c87f761df10f0b890ee40976c91 33036512 kernel optional linux-modules-extra-5.3.0-1008-gcp_5.3.0-1008.9_amd64.deb
fa6c2372aa17c52598dcc417ee2668db 1956 devel optional linux-tools-5.3.0-1008-gcp_5.3.0-1008.9_amd64.deb
More information about the Eoan-changes
mailing list