[ubuntu/lunar-security] linux-oracle 6.2.0-1010.10 (Accepted)
Andy Whitcroft
apw at canonical.com
Thu Aug 31 21:28:17 UTC 2023
linux-oracle (6.2.0-1010.10) lunar; urgency=medium
* lunar/linux-oracle: 6.2.0-1010.10 -proposed tracker (LP: #2030542)
* Packaging resync (LP: #1786013)
- [Packaging] resync update-dkms-versions helper
* arm64 support: Enable ARM_SMMU and ARM_SMMU_V3 for oracle (LP: #2002381)
- [packaging] Enable ARM_SMMU and ARM_SMMU_V3
* Miscellaneous Ubuntu changes
- [packaging] Fix annotations for Oracle
- [packaging] Split oracle configs into dedicated file
- [packaging] update configs for updated chroot
[ Ubuntu: 6.2.0-31.31 ]
* lunar/linux: 6.2.0-31.31 -proposed tracker (LP: #2031146)
* libgnutls report "trap invalid opcode" when trying to install packages over
https (LP: #2031093)
- [Config]: disable CONFIG_GDS_FORCE_MITIGATION
[ Ubuntu: 6.2.0-28.29 ]
* lunar/linux: 6.2.0-28.29 -proposed tracker (LP: #2030547)
* CVE-2022-40982
- init: Provide arch_cpu_finalize_init()
- x86/cpu: Switch to arch_cpu_finalize_init()
- ARM: cpu: Switch to arch_cpu_finalize_init()
- ia64/cpu: Switch to arch_cpu_finalize_init()
- m68k/cpu: Switch to arch_cpu_finalize_init()
- mips/cpu: Switch to arch_cpu_finalize_init()
- sh/cpu: Switch to arch_cpu_finalize_init()
- sparc/cpu: Switch to arch_cpu_finalize_init()
- um/cpu: Switch to arch_cpu_finalize_init()
- init: Remove check_bugs() leftovers
- init: Invoke arch_cpu_finalize_init() earlier
- init, x86: Move mem_encrypt_init() into arch_cpu_finalize_init()
- x86/init: Initialize signal frame size late
- x86/fpu: Remove cpuinfo argument from init functions
- x86/fpu: Mark init functions __init
- x86/fpu: Move FPU initialization into arch_cpu_finalize_init()
- x86/mem_encrypt: Unbreak the AMD_MEM_ENCRYPT=n build
- x86/xen: Fix secondary processors' FPU initialization
- x86/speculation: Add Gather Data Sampling mitigation
- x86/speculation: Add force option to GDS mitigation
- x86/speculation: Add Kconfig option for GDS
- KVM: Add GDS_NO support to KVM
- Documentation/x86: Fix backwards on/off logic about YMM support
- [Config]: Enable CONFIG_ARCH_HAS_CPU_FINALIZE_INIT and
CONFIG_GDS_FORCE_MITIGATION
* CVE-2023-4015
- netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound
set/chain
- netfilter: nf_tables: unbind non-anonymous set if rule construction fails
- netfilter: nf_tables: skip immediate deactivate in _PREPARE_ERROR
* CVE-2023-3777
- netfilter: nf_tables: skip bound chain on rule flush
* CVE-2023-3995
- netfilter: nf_tables: disallow rule addition to bound chain via
NFTA_RULE_CHAIN_ID
* CVE-2023-20593
- x86/cpu/amd: Move the errata checking functionality up
- x86/cpu/amd: Add a Zenbleed fix
* CVE-2023-3776
- net/sched: cls_fw: Fix improper refcount update leads to use-after-free
* CVE-2023-4004
- netfilter: nft_set_pipapo: fix improper element removal
* CVE-2023-3611
- net/sched: sch_qfq: refactor parsing of netlink parameters
- net/sched: sch_qfq: account for stab overhead in qfq_enqueue
* CVE-2023-3610
- netfilter: nf_tables: fix chain binding transaction logic
* CVE-2023-3609
- net/sched: cls_u32: Fix reference counter leak leading to overflow
Date: 2023-08-21 06:51:13.549973+00:00
Changed-By: Khaled El Mously <khalid.elmously at canonical.com>
Signed-By: Andy Whitcroft <apw at canonical.com>
https://launchpad.net/ubuntu/+source/linux-oracle/6.2.0-1010.10
-------------- next part --------------
Sorry, changesfile not available.
More information about the lunar-changes
mailing list