[ubuntu/jammy-security] linux-oem-6.1 6.1.0-1020.20 (Accepted)
Andy Whitcroft
apw at canonical.com
Tue Aug 29 09:25:43 UTC 2023
linux-oem-6.1 (6.1.0-1020.20) jammy; urgency=medium
* jammy/linux-oem-6.1: 6.1.0-1020.20 -proposed tracker (LP: #2030594)
* CVE-2022-40982
- init: Provide arch_cpu_finalize_init()
- x86/cpu: Switch to arch_cpu_finalize_init()
- ARM: cpu: Switch to arch_cpu_finalize_init()
- ia64/cpu: Switch to arch_cpu_finalize_init()
- loongarch/cpu: Switch to arch_cpu_finalize_init()
- m68k/cpu: Switch to arch_cpu_finalize_init()
- mips/cpu: Switch to arch_cpu_finalize_init()
- sh/cpu: Switch to arch_cpu_finalize_init()
- sparc/cpu: Switch to arch_cpu_finalize_init()
- um/cpu: Switch to arch_cpu_finalize_init()
- init: Remove check_bugs() leftovers
- init: Invoke arch_cpu_finalize_init() earlier
- init, x86: Move mem_encrypt_init() into arch_cpu_finalize_init()
- x86/init: Initialize signal frame size late
- x86/fpu: Remove cpuinfo argument from init functions
- x86/fpu: Mark init functions __init
- x86/fpu: Move FPU initialization into arch_cpu_finalize_init()
- x86/speculation: Add Gather Data Sampling mitigation
- x86/speculation: Add force option to GDS mitigation
- x86/speculation: Add Kconfig option for GDS
- KVM: Add GDS_NO support to KVM
- x86/mem_encrypt: Unbreak the AMD_MEM_ENCRYPT=n build
- x86/xen: Fix secondary processors' FPU initialization
- x86/mm: fix poking_init() for Xen PV guests
- x86/mm: Use mm_alloc() in poking_init()
- mm: Move mm_cachep initialization to mm_init()
- x86/mm: Initialize text poking earlier
- Documentation/x86: Fix backwards on/off logic about YMM support
- [Config]: Enable CONFIG_ARCH_HAS_CPU_FINALIZE_INIT
* System freeze after resuming from suspend due to PCI ASPM settings
(LP: #1980829)
- SAUCE: PCI/ASPM: Save/restore L1SS Capability for suspend/resume
- SAUCE: whitelist platforms that needs save/restore ASPM L1SS for
suspend/resume
* CVE-2023-20593
- x86/cpu/amd: Move the errata checking functionality up
- x86/cpu/amd: Add a Zenbleed fix
* Fix repeated errors of blacklisting during bootup (LP: #2029363)
- certs: make blacklisted hash available in klog
- KEYS: Add new function key_create()
- certs: don't try to update blacklist keys
* Fix AMD gpu hang when screen off/on (LP: #2028740)
- drm/amd/display: Keep PHY active for dp config
* CVE-2023-4015
- netfilter: nf_tables: skip immediate deactivate in _PREPARE_ERROR
* CVE-2023-3995
- netfilter: nf_tables: disallow rule addition to bound chain via
NFTA_RULE_CHAIN_ID
* CVE-2023-3777
- netfilter: nf_tables: skip bound chain on rule flush
* CVE-2023-4004
- netfilter: nft_set_pipapo: fix improper element removal
Date: 2023-08-16 12:39:08.693955+00:00
Changed-By: Timo Aaltonen <tjaalton at ubuntu.com>
Signed-By: Andy Whitcroft <apw at canonical.com>
https://launchpad.net/ubuntu/+source/linux-oem-6.1/6.1.0-1020.20
-------------- next part --------------
Sorry, changesfile not available.
More information about the jammy-changes
mailing list