[ubuntu/trusty-security] linux-lts-xenial 4.4.0-15.31~14.04.1 (Accepted)
Adam Conrad
adconrad at 0c3.net
Sat Apr 2 05:02:20 UTC 2016
linux-lts-xenial (4.4.0-15.31~14.04.1) trusty; urgency=low
[ Brad Figg ]
* Release Tracking Bug
- LP: #1560196
* Xilinx KU3 Capi card does not show up in Ubuntu 16.04 (LP: #1557001)
- SAUCE: (noup) cxl: Allow initialization on timebase sync failures
* policy namespace stacking (LP: #1379535)
- Revert "UBUNTU: SAUCE: Move replacedby allocation into label_alloc"
- Revert "UBUNTU: SAUCE: Fixup: __label_update() still doesn't handle some cases correctly."
- Revert "UBUNTU: SAUCE: fix: audit "no_new_privs" case for exec failure"
- Revert "UBUNTU: SAUCE: fixup: warning about aa_label_vec_find_or_create not being static"
- Revert "UBUNTU: SAUCE: apparmor: fix refcount race when finding a child profile"
- Revert "UBUNTU: SAUCE: fixup: cast poison values to remove warnings"
- Revert "UBUNTU: SAUCE: fixup: get rid of unused var build warning"
- Revert "UBUNTU: SAUCE: fixup: 20/23 locking issue around in __label_update"
- Revert "UBUNTU: SAUCE: fixup: make __share_replacedby private to get rid of build warning"
- Revert "UBUNTU: SAUCE: fix: replacedby forwarding is not being properly update when ns is destroyed"
- Revert "UBUNTU: SAUCE: apparmor: fix log of apparmor audit message when kern_path() fails"
- Revert "UBUNTU: SAUCE: fixup: cleanup return handling of labels"
- Revert "UBUNTU: SAUCE: apparmor: fix: ref count leak when profile sha1 hash is read"
- Revert "UBUNTU: SAUCE: apparmor: Fix: query label file permission"
- Revert "UBUNTU: SAUCE: apparmor: Don't remove label on rcu callback if the label has already been removed"
- Revert "UBUNTU: SAUCE: apparmor: Fix: break circular refcount for label that is directly freed."
- Revert "UBUNTU: SAUCE: apparmor: Fix: refcount bug when inserting label update that transitions ns"
- Revert "UBUNTU: SAUCE: apparmor: Fix: now that insert can force replacement use it instead of remove_and_insert"
- Revert "UBUNTU: SAUCE: apparmor Fix: refcount bug in pivotroot mediation"
- Revert "UBUNTU: SAUCE: apparmor: ensure that repacedby sharing is done correctly"
- Revert "UBUNTU: SAUCE: apparmor: Fix: update replacedby allocation to take a gfp parameter"
- Revert "UBUNTU: SAUCE: apparmor: Fix: convert replacedby update to be protected by the labelset lock"
- Revert "UBUNTU: SAUCE: apparmor: Fix: add required locking of __aa_update_replacedby on merge path"
- Revert "UBUNTU: SAUCE: apparmor: Fix: deadlock in aa_put_label() call chain"
- Revert "UBUNTU: SAUCE: apparmor: Fix: label_vec_merge insertion"
- Revert "UBUNTU: SAUCE: apparmor: Fix: ensure new labels resulting from merge have a replacedby"
- Revert "UBUNTU: SAUCE: apparmor: Fix: refcount leak in aa_label_merge"
- Revert "UBUNTU: SAUCE: apparmor: Fix: refcount race between locating in labelset and get"
- Revert "UBUNTU: SAUCE: apparmor: Fix: label merge handling of marking unconfined and stale"
- Revert "UBUNTU: SAUCE: apparmor: add underscores to indicate aa_label_next_not_in_set() use needs locking"
- Revert "UBUNTU: SAUCE: apparmor: debug: POISON label and replaceby pointer on free"
- Revert "UBUNTU: SAUCE: apparmor: Fix: ensure aa_get_newest will trip debugging if the replacedby is not setup"
- Revert "UBUNTU: SAUCE: apparmor: Fix: insert race between label_update and label_merge"
- Revert "UBUNTU: SAUCE: apparmor: rework retrieval of the current label in the profile update case"
- Revert "UBUNTU: SAUCE: apparmor: Disallow update of cred when then subjective != the objective cred"
- Revert "UBUNTU: SAUCE: apparmor: Fix: oops do to invalid null ptr deref in label print fns"
- Revert "UBUNTU: SAUCE: fix-up: kern_mount fail path should not be doing put_buffers()"
- Revert "UBUNTU: SAUCE: apparmor: fix sleep from invalid context"
- Revert "UBUNTU: SAUCE: (no-up): apparmor: fix for failed mediation of socket that is being shutdown"
- Revert "UBUNTU: SAUCE: (no-up) apparmor: Fix incompatible pointer type warnings"
- Revert "UBUNTU: SAUCE: (no-up) apparmor: fix mount not handling disconnected paths"
- Revert "UBUNTU: SAUCE: (no-up): apparmor: fix mediation of fs unix sockets"
- Revert "UBUNTU: apparmor -- follow change to this_cpu_ptr"
- Revert "UBUNTU: SAUCE: (no-up) fix: bad unix_addr_fs macro"
- Revert "UBUNTU: SAUCE: Revert: fix: only allow a single threaded process to ..."
- Revert "UBUNTU: SAUCE: (no-up) apparmor: Sync to apparmor3 - RC1 snapshot"
- Revert "UBUNTU: SAUCE: (no-up) apparmor: add parameter to control whether policy hashing is used"
- SAUCE: (no-up) apparmor: sync of apparmor3.5-beta1 snapshot
- SAUCE: add a sysctl to enable unprivileged user ns AppArmor policy loading
* Add arm64 NUMA support (LP: #1558765)
- SAUCE: (noup) efi: ARM/arm64: ignore DT memory nodes instead of removing them
- SAUCE: (noup) Documentation, dt, numa: dt bindings for NUMA.
- [Config] CONFIG_OF_NUMA=y
- SAUCE: (noup) of, numa: Add NUMA of binding implementation.
- SAUCE: (noup) arm64: Move unflatten_device_tree() call earlier.
- [Config] CONFIG_NUMA=y and CONFIG_NODES_SHIFT=2 on arm64
- SAUCE: (noup) arm64, numa: Add NUMA support for arm64 platforms.
- SAUCE: (noup) arm64, mm, numa: Add NUMA balancing support for arm64.
* vivid/linux: total ADT test failures (LP: #1558447)
- Revert "Revert "af_unix: Revert 'lock_interruptible' in stream receive code""
* [Hyper-V] patches to allow kdump crash through NMI (LP: #1558720)
- Drivers: hv: vmbus: Support handling messages on multiple CPUs
- Drivers: hv: vmbus: Support kexec on ws2012 r2 and above
* s390/pci: enforce fmb page boundary rule (LP: #1558625)
- s390/pci: enforce fmb page boundary rule
* s390/pci: backport upstream commits since v4.4 (LP: #1558624)
- s390/pci_dma: fix DMA table corruption with > 4 TB main memory
- page_to_phys() always returns a multiple of PAGE_SIZE
- s390/pci: provide ZPCI_ADDR macro
- s390/pci: improve ZPCI_* macros
- s390/pci: resize iomap
- s390/pci: fix bar check
- s390/pci: set error state for unusable functions
- s390/pci: remove iomap sanity checks
- s390/pci: remove pdev pointer from arch data
- s390/pci: add ioctl interface for CLP
* IMA-appraisal is unusable in Ubuntu 16.04 (LP: #1558553)
- [Config] CONFIG_SYSTEM_EXTRA_CERTIFICATE=y, CONFIG_SYSTEM_EXTRA_CERTIFICATE_SIZE=4096
- KEYS: Use the symbol value for list size, updated by scripts/insert-sys-cert
- KEYS: Reserve an extra certificate symbol for inserting without recompiling
- SAUCE: (noup) KEYS: Support for inserting a certificate into x86 bzImage
* skb_warn_bad_offload Crash (LP: #1558025)
- ipv4: only create late gso-skb if skb is already set up with CHECKSUM_PARTIAL
* Add PCIe root complex to Cavium arm64 (LP: #1558342)
- [Config] CONFIG_PCI_HOST_COMMON=y
- [Config] CONFIG_PCI_HOST_THUNDER_PEM=y
- [Config] CONFIG_PCI_HOST_THUNDER_ECAM=y
- PCI: generic: Move structure definitions to separate header file
- PCI: generic: Add pci_host_common_probe(), based on gen_pci_probe()
- PCI: generic: Expose pci_host_common_probe() for use by other drivers
- PCI: thunder: Add PCIe host driver for ThunderX processors
- PCI: thunder: Add driver for ThunderX-pass{1,2} on-chip devices
* [Hyper-V] vmbus: Fix a bug in hv_need_to_signal_on_read() (LP: #1556264)
- SAUCE: (noup) Drivers: hv: vmbus: Fix a bug in hv_need_to_signal_on_read()
* Xenial update to v4.4.6 stable release (LP: #1558330)
- arm64: account for sparsemem section alignment when choosing vmemmap offset
- ARM: mvebu: fix overlap of Crypto SRAM with PCIe memory window
- ARM: dts: dra7: do not gate cpsw clock due to errata i877
- ARM: OMAP2+: hwmod: Introduce ti,no-idle dt property
- PCI: Allow a NULL "parent" pointer in pci_bus_assign_domain_nr()
- kvm: cap halt polling at exactly halt_poll_ns
- KVM: VMX: disable PEBS before a guest entry
- KVM: s390: correct fprs on SIGP (STOP AND) STORE STATUS
- KVM: PPC: Book3S HV: Sanitize special-purpose register values on guest exit
- KVM: MMU: fix ept=0/pte.u=1/pte.w=0/CR0.WP=0/CR4.SMEP=1/EFER.NX=0 combo
- KVM: MMU: fix reserved bit check for ept=0/CR0.WP=0/CR4.SMEP=1/EFER.NX=0
- s390/dasd: fix diag 0x250 inline assembly
- tracing: Fix check for cpu online when event is disabled
- dmaengine: at_xdmac: fix residue computation
- jffs2: reduce the breakage on recovery from halfway failed rename()
- ncpfs: fix a braino in OOM handling in ncp_fill_cache()
- ASoC: dapm: Fix ctl value accesses in a wrong type
- ASoC: samsung: Use IRQ safe spin lock calls
- ASoC: wm8994: Fix enum ctl accesses in a wrong type
- ASoC: wm8958: Fix enum ctl accesses in a wrong type
- ovl: ignore lower entries when checking purity of non-directory entries
- ovl: fix working on distributed fs as lower layer
- wext: fix message delay/ordering
- cfg80211/wext: fix message ordering
- can: gs_usb: fixed disconnect bug by removing erroneous use of kfree()
- iwlwifi: mvm: inc pending frames counter also when txing non-sta
- mac80211: minstrel: Change expected throughput unit back to Kbps
- mac80211: fix use of uninitialised values in RX aggregation
- mac80211: minstrel_ht: set default tx aggregation timeout to 0
- mac80211: minstrel_ht: fix a logic error in RTS/CTS handling
- mac80211: check PN correctly for GCMP-encrypted fragmented MPDUs
- mac80211: Fix Public Action frame RX in AP mode
- gpu: ipu-v3: Do not bail out on missing optional port nodes
- drm/amdgpu: Fix error handling in amdgpu_flip_work_func.
- drm/radeon: Fix error handling in radeon_flip_work_func.
- Revert "drm/radeon/pm: adjust display configuration after powerstate"
- userfaultfd: don't block on the last VM updates at exit time
- ovl: fix getcwd() failure after unsuccessful rmdir
- MIPS: Fix build error when SMP is used without GIC
- MIPS: smp.c: Fix uninitialised temp_foreign_map
- block: don't optimize for non-cloned bio in bio_get_last_bvec()
- target: Drop incorrect ABORT_TASK put for completed commands
- ld-version: Fix awk regex compile failure
- Linux 4.4.6
* linux fails to load x.509 built-in certificate (LP: #1557250)
- lib/mpi: Endianness fix
* s390/kconfig: setting for CONFIG...9P.... (LP: #1557994)
- [Config] CONFIG_NET_9P=m for s390x
* mlx5_core kernel trace after "ethtool -C eth1 adaptive-rx on" flow
(LP: #1557950)
- net/mlx5e: Don't try to modify CQ moderation if it is not supported
- net/mlx5e: Don't modify CQ before it was created
* [Feature]SD/SDIO/eMMC support for Broxton-P (LP: #1520454)
- mmc: sdhci: Do not BUG on invalid vdd
- mmc: enable MMC/SD/SDIO device to suspend/resume asynchronously
- mmc: It is not an error for the card to be removed while suspended
* s390/kconfig: disable CONFIG_VIRTIO_MMIO (LP: #1557689)
- [Config] CONFIG_VIRTIO_MMIO=n for s390x
* s390/kconfig: CONFIG_NUMA without CONFIG_NUMA_EMU does not make any sense on s390x (LP: #1557690)
- [Config] CONFIG_NUMA_EMU=y for s390x
* Miscellaneous Ubuntu changes
- [Debian] git-ubuntu-log -- prevent bug references being split
- [Debian] git-ubuntu-log -- git log output is UTF-8
linux (4.4.0-14.30) xenial; urgency=low
[ Tim Gardner ]
* Release Tracking Bug
- LP: #1557508
* Current 4.4 kernel won't boot on powerpc (LP: #1557130)
- powerpc: Fix dedotify for binutils >= 2.26
* ZFS: send fails to transmit some holes [corruption] (LP: #1557151)
- Illumos 6370 - ZFS send fails to transmit some holes
* Request to cherry-pick uvcvideo patch for Xenial kernel support of RealSense
camera (LP: #1557138)
- UVC: Add support for ds4 depth camera
* use after free of task_struct->numa_faults in task_numa_find_cpu (LP: #1527643)
- sched/numa: Fix use-after-free bug in the task_numa_compare
* overlay fs regression: chmod fails with "Operation not permitted" on chowned
files (LP: #1555997)
- ovl: copy new uid/gid into overlayfs runtime inode
* Miscellaneous Ubuntu changes
- SAUCE: Dump stack when X.509 certificates cannot be loaded
linux (4.4.0-13.29) xenial; urgency=low
[ Tim Gardner ]
* Release Tracking Bug
- LP: #1556247
* s390/mm: four page table levels vs. fork (LP: #1556141)
- s390/mm: four page table levels vs. fork
* [Hyper-V] network performance patches for Xenial 16.04 (LP: #1556037)
- hv_netvsc: use skb_get_hash() instead of a homegrown implementation
- hv_netvsc: cleanup netdev feature flags for netvsc
* fails to boot on megaraid (LP: #1552903)
- SAUCE: (noup) megaraid_sas: Don't issue kill adapter for MFI controllers in
case of PD list DCMD failure
* ALSA: hda - add codec support for Kabylake display audio codec (LP: #1556002)
- ALSA: hda - add codec support for Kabylake display audio codec
* Backport upstream bugfixes to ubuntu-16.04 (LP: #1555765)
- cpufreq: powernv: Free 'chips' on module exit
- cpufreq: powernv: Hot-plug safe the kworker thread
- cpufreq: powernv: Remove cpu_to_chip_id() from hot-path
- cpufreq: powernv/tracing: Add powernv_throttle tracepoint
- cpufreq: powernv: Replace pr_info with trace print for throttle event
- SAUCE: (noup) cpufreq: powernv: Fix bugs in powernv_cpufreq_{init/exit}
* Linux netfilter IPT_SO_SET_REPLACE memory corruption (LP: #1555338)
- SAUCE: [nf,v2] netfilter: x_tables: don't rely on well-behaving userspace
* integer overflow in xt_alloc_table_info (LP: #1555353)
- SAUCE: (noup) netfilter: x_tables: check for size overflow
* linux: auto-generate the reconstruct information from the git tag (LP: #1555543)
- [Packaging] reconstruct -- automatically reconstruct against base tag
- [Config] reconstruct -- update to autoreconstruct output
- [Packaging] reconstruct -- update when inserting final changes
* Xenial update to v4.4.5 stable release (LP: #1555640)
- use ->d_seq to get coherency between ->d_inode and ->d_flags
- drivers: sh: Restore legacy clock domain on SuperH platforms
- Btrfs: fix deadlock running delayed iputs at transaction commit time
- btrfs: Fix no_space in write and rm loop
- btrfs: async-thread: Fix a use-after-free error for trace
- block: Initialize max_dev_sectors to 0
- PCI: keystone: Fix MSI code that retrieves struct pcie_port pointer
- parisc: Fix ptrace syscall number and return value modification
- mips/kvm: fix ioctl error handling
- kvm: x86: Update tsc multiplier on change.
- fbcon: set a default value to blink interval
- cifs: fix out-of-bounds access in lease parsing
- CIFS: Fix SMB2+ interim response processing for read requests
- Fix cifs_uniqueid_to_ino_t() function for s390x
- vfio: fix ioctl error handling
- KVM: x86: fix root cause for missed hardware breakpoints
- arm/arm64: KVM: Fix ioctl error handling
- iommu/amd: Apply workaround for ATS write permission check
- iommu/amd: Fix boot warning when device 00:00.0 is not iommu covered
- iommu/vt-d: Use BUS_NOTIFY_REMOVED_DEVICE in hotplug path
- target: Fix WRITE_SAME/DISCARD conversion to linux 512b sectors
- drm/ast: Fix incorrect register check for DRAM width
- drm/radeon/pm: update current crtc info after setting the powerstate
- drm/amdgpu/pm: update current crtc info after setting the powerstate
- drm/amdgpu: apply gfx_v8 fixes to gfx_v7 as well
- drm/amdgpu/gfx8: specify which engine to wait before vm flush
- drm/amdgpu: return from atombios_dp_get_dpcd only when error
- libata: fix HDIO_GET_32BIT ioctl
- libata: Align ata_device's id on a cacheline
- block: bio: introduce helpers to get the 1st and last bvec
- writeback: flush inode cgroup wb switches instead of pinning super_block
- Adding Intel Lewisburg device IDs for SATA
- arm64: vmemmap: use virtual projection of linear region
- PM / sleep / x86: Fix crash on graph trace through x86 suspend
- ata: ahci: don't mark HotPlugCapable Ports as external/removable
- tracing: Do not have 'comm' filter override event 'comm' field
- pata-rb532-cf: get rid of the irq_to_gpio() call
- Btrfs: fix loading of orphan roots leading to BUG_ON
- Revert "jffs2: Fix lock acquisition order bug in jffs2_write_begin"
- jffs2: Fix page lock / f->sem deadlock
- Fix directory hardlinks from deleted directories
- dmaengine: pxa_dma: fix cyclic transfers
- adv7604: fix tx 5v detect regression
- ALSA: usb-audio: Add a quirk for Plantronics DA45
- ALSA: ctl: Fix ioctls for X32 ABI
- ALSA: hda - Fix mic issues on Acer Aspire E1-472
- ALSA: rawmidi: Fix ioctls X32 ABI
- ALSA: timer: Fix ioctls for X32 ABI
- ALSA: pcm: Fix ioctls for X32 ABI
- ALSA: seq: oss: Don't drain at closing a client
- ALSA: hdspm: Fix wrong boolean ctl value accesses
- ALSA: hdsp: Fix wrong boolean ctl value accesses
- ALSA: hdspm: Fix zero-division
- ALSA: timer: Fix broken compat timer user status ioctl
- usb: chipidea: otg: change workqueue ci_otg as freezable
- USB: cp210x: Add ID for Parrot NMEA GPS Flight Recorder
- USB: qcserial: add Dell Wireless 5809e Gobi 4G HSPA+ (rev3)
- USB: qcserial: add Sierra Wireless EM74xx device ID
- USB: serial: option: add support for Telit LE922 PID 0x1045
- USB: serial: option: add support for Quectel UC20
- MIPS: scache: Fix scache init with invalid line size.
- MIPS: traps: Fix SIGFPE information leak from `do_ov' and `do_trap_or_bp'
- ubi: Fix out of bounds write in volume update code
- i2c: brcmstb: allocate correct amount of memory for regmap
- thermal: cpu_cooling: fix out of bounds access in time_in_idle
- block: check virt boundary in bio_will_gap()
- block: get the 1st and last bvec via helpers
- drm/i915: more virtual south bridge detection
- drm/i915: refine qemu south bridge detection
- modules: fix longstanding /proc/kallsyms vs module insertion race.
- drm/amdgpu: fix topaz/tonga gmc assignment in 4.4 stable
- Linux 4.4.5
* QEMU: causes vCPU steal time overflow on live migration (LP: #1494350)
- x86/mm: Fix slow_virt_to_phys() for X86_PAE again
* TPM2.0 trusted keys fixes (LP: #1398274)
- tpm_tis: further simplify calculation of ordinal duration
- tpm_tis: Use devm_free_irq not free_irq
- tpm_tis: Ensure interrupts are disabled when the driver starts
- tpm: rework tpm_get_timeouts()
- tpm_tis: Get rid of the duplicate IRQ probing code
- tpm_tis: Refactor the interrupt setup
- tpm_tis: Tighten IRQ auto-probing
- tpm_ibmvtpm: properly handle interrupted packet receptions
* linux: review all versioned depends/conflicts/replaces/breaks for validility (LP: #1555033)
- [Config] control.stub.in -- review versioned Build-Depends:
- [Config] control.stub.in -- review versioned
Depends/Breaks/Conflicts/Replaces
- [Config] flavour-control.stub -- review versioned Breaks/Conflicts/Replaces
- [Config] x86 vars.* -- review versioned Breaks/Conflicts/Replaces
Date: 2016-03-21 21:18:19.204328+00:00
Changed-By: Tim Gardner <tim.gardner at canonical.com>
Signed-By: Adam Conrad <adconrad at 0c3.net>
https://launchpad.net/ubuntu/+source/linux-lts-xenial/4.4.0-15.31~14.04.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Trusty-changes
mailing list