[ubuntu/trusty-security] linux-lts-xenial 4.4.0-98.121~14.04.1 (Accepted)
Łukasz Zemczak
lukasz.zemczak at canonical.com
Mon Oct 30 20:05:44 UTC 2017
linux-lts-xenial (4.4.0-98.121~14.04.1) trusty; urgency=low
* linux-lts-xenial: 4.4.0-98.121~14.04.1 -proposed tracker (LP: #1722301)
* linux: 4.4.0-98.121 -proposed tracker (LP: #1722299)
* Controller lockup detected on ProLiant DL380 Gen9 with P440 Controller
(LP: #1720359)
- scsi: hpsa: limit transfer length to 1MB
* [Dell Docking IE][0bda:8153] Realtek USB Ethernet leads to system hang
(LP: #1720977)
- r8152: fix the list rx_done may be used without initialization
* Add installer support for Broadcom BCM573xx network drivers. (LP: #1720466)
- d-i: Add bnxt_en to nic-modules.
* snapcraft.yaml: add dpkg-dev to the build deps (LP: #1718886)
- snapcraft.yaml: add dpkg-dev to the build deps
* Support setting I2C_TIMEOUT via ioctl for i2c-designware (LP: #1718578)
- i2c: designware: Use transfer timeout from ioctl I2C_TIMEOUT
* 5U84 - ses driver isn't binding right - cannot blink lights on 1 of the 2
5u84 (LP: #1693369)
- scsi_transport_sas: add function to get SAS endpoint address
- ses: fix discovery of SATA devices in SAS enclosures
- scsi: sas: provide stub implementation for scsi_is_sas_rphy
- scsi: ses: Fix SAS device detection in enclosure
* multipath -ll is not showing the disks which are actually multipath
(LP: #1718397)
- fs: aio: fix the increment of aio-nr and counting against aio-max-nr
* Support Dell Wireless DW5819/5818 WWAN devices (LP: #1721455)
- SAUCE: USB: serial: qcserial: add Dell DW5818, DW5819
* CVE-2017-10911
- xen-blkback: don't leak stack data via response ring
* implement 'complain mode' in seccomp for developer mode with snaps
(LP: #1567597)
- seccomp: Provide matching filter for introspection
- seccomp: Sysctl to display available actions
- seccomp: Operation for checking if an action is available
- seccomp: Sysctl to configure actions that are allowed to be logged
- seccomp: Selftest for detection of filter flag support
- seccomp: Action to log before allowing
* implement errno action logging in seccomp for strict mode with snaps
(LP: #1721676)
- seccomp: Provide matching filter for introspection
- seccomp: Sysctl to display available actions
- seccomp: Operation for checking if an action is available
- seccomp: Sysctl to configure actions that are allowed to be logged
- seccomp: Selftest for detection of filter flag support
- seccomp: Filter flag to log all actions except SECCOMP_RET_ALLOW
* [Xenial] update OpenNSL kernel modules to 6.5.10 (LP: #1721511)
- SAUCE: update OpenNSL kernel modules to 6.5.10
* Xenial update to 4.4.90 stable release (LP: #1721550)
- cifs: release auth_key.response for reconnect.
- mac80211: flush hw_roc_start work before cancelling the ROC
- KVM: PPC: Book3S: Fix race and leak in kvm_vm_ioctl_create_spapr_tce()
- tracing: Fix trace_pipe behavior for instance traces
- tracing: Erase irqsoff trace with empty write
- md/raid5: fix a race condition in stripe batch
- md/raid5: preserve STRIPE_ON_UNPLUG_LIST in break_stripe_batch_list
- scsi: scsi_transport_iscsi: fix the issue that iscsi_if_rx doesn't parse
nlmsg properly
- crypto: talitos - Don't provide setkey for non hmac hashing algs.
- crypto: talitos - fix sha224
- KEYS: fix writing past end of user-supplied buffer in keyring_read()
- KEYS: prevent creating a different user's keyrings
- KEYS: prevent KEYCTL_READ on negative key
- powerpc/pseries: Fix parent_dn reference leak in add_dt_node()
- Fix SMB3.1.1 guest authentication to Samba
- SMB: Validate negotiate (to protect against downgrade) even if signing off
- SMB3: Don't ignore O_SYNC/O_DSYNC and O_DIRECT flags
- vfs: Return -ENXIO for negative SEEK_HOLE / SEEK_DATA offsets
- nl80211: check for the required netlink attributes presence
- bsg-lib: don't free job in bsg_prepare_job
- seccomp: fix the usage of get/put_seccomp_filter() in seccomp_get_filter()
- arm64: Make sure SPsel is always set
- arm64: fault: Route pte translation faults via do_translation_fault
- KVM: VMX: Do not BUG() on out-of-bounds guest IRQ
- kvm: nVMX: Don't allow L2 to access the hardware CR8
- PCI: Fix race condition with driver_override
- btrfs: fix NULL pointer dereference from free_reloc_roots()
- btrfs: propagate error to btrfs_cmp_data_prepare caller
- btrfs: prevent to set invalid default subvolid
- x86/fpu: Don't let userspace set bogus xcomp_bv
- gfs2: Fix debugfs glocks dump
- timer/sysclt: Restrict timer migration sysctl values to 0 and 1
- KVM: VMX: do not change SN bit in vmx_update_pi_irte()
- KVM: VMX: remove WARN_ON_ONCE in kvm_vcpu_trigger_posted_interrupt
- cxl: Fix driver use count
- dmaengine: mmp-pdma: add number of requestors
- ARM: pxa: add the number of DMA requestor lines
- ARM: pxa: fix the number of DMA requestor lines
- KVM: VMX: use cmpxchg64
- video: fbdev: aty: do not leak uninitialized padding in clk to userspace
- swiotlb-xen: implement xen_swiotlb_dma_mmap callback
- fix xen_swiotlb_dma_mmap prototype
- Linux 4.4.90
* Xenial update to 4.4.89 stable release (LP: #1721477)
- ipv6: accept 64k - 1 packet length in ip6_find_1stfragopt()
- ipv6: add rcu grace period before freeing fib6_node
- ipv6: fix sparse warning on rt6i_node
- qlge: avoid memcpy buffer overflow
- Revert "net: phy: Correctly process PHY_HALTED in phy_stop_machine()"
- Revert "net: use lib/percpu_counter API for fragmentation mem accounting"
- Revert "net: fix percpu memory leaks"
- gianfar: Fix Tx flow control deactivation
- ipv6: fix memory leak with multiple tables during netns destruction
- ipv6: fix typo in fib6_net_exit()
- f2fs: check hot_data for roll-forward recovery
- x86/fsgsbase/64: Report FSBASE and GSBASE correctly in core dumps
- md/raid5: release/flush io in raid5_do_work()
- nfsd: Fix general protection fault in release_lock_stateid()
- mm: prevent double decrease of nr_reserved_highatomic
- tty: improve tty_insert_flip_char() fast path
- tty: improve tty_insert_flip_char() slow path
- tty: fix __tty_insert_flip_char regression
- Input: i8042 - add Gigabyte P57 to the keyboard reset table
- MIPS: math-emu: <MAX|MAXA|MIN|MINA>.<D|S>: Fix quiet NaN propagation
- MIPS: math-emu: <MAX|MAXA|MIN|MINA>.<D|S>: Fix cases of both inputs zero
- MIPS: math-emu: <MAX|MIN>.<D|S>: Fix cases of both inputs negative
- MIPS: math-emu: <MAXA|MINA>.<D|S>: Fix cases of input values with opposite
signs
- MIPS: math-emu: <MAXA|MINA>.<D|S>: Fix cases of both infinite inputs
- MIPS: math-emu: MINA.<D|S>: Fix some cases of infinity and zero inputs
- crypto: AF_ALG - remove SGL terminator indicator when chaining
- ext4: fix incorrect quotaoff if the quota feature is enabled
- ext4: fix quota inconsistency during orphan cleanup for read-only mounts
- powerpc: Fix DAR reporting when alignment handler faults
- block: Relax a check in blk_start_queue()
- md/bitmap: disable bitmap_resize for file-backed bitmaps.
- skd: Avoid that module unloading triggers a use-after-free
- skd: Submit requests to firmware before triggering the doorbell
- scsi: zfcp: fix queuecommand for scsi_eh commands when DIX enabled
- scsi: zfcp: add handling for FCP_RESID_OVER to the fcp ingress path
- scsi: zfcp: fix capping of unsuccessful GPN_FT SAN response trace records
- scsi: zfcp: fix passing fsf_req to SCSI trace on TMF to correlate with HBA
- scsi: zfcp: fix missing trace records for early returns in TMF eh handlers
- scsi: zfcp: fix payload with full FCP_RSP IU in SCSI trace records
- scsi: zfcp: trace HBA FSF response by default on dismiss or timedout late
response
- scsi: zfcp: trace high part of "new" 64 bit SCSI LUN
- scsi: megaraid_sas: Check valid aen class range to avoid kernel panic
- scsi: megaraid_sas: Return pended IOCTLs with cmd_status
MFI_STAT_WRONG_STATE in case adapter is dead
- scsi: storvsc: fix memory leak on ring buffer busy
- scsi: sg: remove 'save_scat_len'
- scsi: sg: use standard lists for sg_requests
- scsi: sg: off by one in sg_ioctl()
- scsi: sg: factor out sg_fill_request_table()
- scsi: sg: fixup infoleak when using SG_GET_REQUEST_TABLE
- scsi: qla2xxx: Fix an integer overflow in sysfs code
- ftrace: Fix selftest goto location on error
- tracing: Apply trace_clock changes to instance max buffer
- ARC: Re-enable MMU upon Machine Check exception
- PCI: shpchp: Enable bridge bus mastering if MSI is enabled
- media: v4l2-compat-ioctl32: Fix timespec conversion
- media: uvcvideo: Prevent heap overflow when accessing mapped controls
- bcache: initialize dirty stripes in flash_dev_run()
- bcache: Fix leak of bdev reference
- bcache: do not subtract sectors_to_gc for bypassed IO
- bcache: correct cache_dirty_target in __update_writeback_rate()
- bcache: Correct return value for sysfs attach errors
- bcache: fix for gc and write-back race
- bcache: fix bch_hprint crash and improve output
- ftrace: Fix memleak when unregistering dynamic ops when tracing disabled
- Linux 4.4.89
* ETPS/2 Elantech Touchpad inconsistently detected (Gigabyte P57W laptop)
(LP: #1594214)
- Input: i8042 - add Gigabyte P57 to the keyboard reset table
* Xenial update to 4.4.88 stable release (LP: #1718195)
- usb: quirks: add delay init quirk for Corsair Strafe RGB keyboard
- USB: serial: option: add support for D-Link DWM-157 C1
- usb: Add device quirk for Logitech HD Pro Webcam C920-C
- usb:xhci:Fix regression when ATI chipsets detected
- USB: core: Avoid race of async_completed() w/ usbdev_release()
- staging/rts5208: fix incorrect shift to extract upper nybble
- driver core: bus: Fix a potential double free
- intel_th: pci: Add Cannon Lake PCH-H support
- intel_th: pci: Add Cannon Lake PCH-LP support
- ath10k: fix memory leak in rx ring buffer allocation
- rtlwifi: rtl_pci_probe: Fix fail path of _rtl_pci_find_adapter
- Bluetooth: Add support of 13d3:3494 RTL8723BE device
- dlm: avoid double-free on error path in dlm_device_{register,unregister}
- mwifiex: correct channel stat buffer overflows
- drm/nouveau/pci/msi: disable MSI on big-endian platforms by default
- workqueue: Fix flag collision
- cs5536: add support for IDE controller variant
- scsi: sg: protect against races between mmap() and SG_SET_RESERVED_SIZE
- scsi: sg: recheck MMAP_IO request length with lock held
- drm: adv7511: really enable interrupts for EDID detection
- drm/bridge: adv7511: Fix mutex deadlock when interrupts are disabled
- drm/bridge: adv7511: Use work_struct to defer hotplug handing to out of irq
context
- drm/bridge: adv7511: Switch to using drm_kms_helper_hotplug_event()
- drm/bridge: adv7511: Re-write the i2c address before EDID probing
- btrfs: resume qgroup rescan on rw remount
- locktorture: Fix potential memory leak with rw lock test
- ALSA: msnd: Optimize / harden DSP and MIDI loops
- ARM: 8692/1: mm: abort uaccess retries upon fatal signal
- NFS: Fix 2 use after free issues in the I/O code
- xfs: XFS_IS_REALTIME_INODE() should be false if no rt device present
- Linux 4.4.88
* Kernel has troule recognizing Corsair Strafe RGB keyboard (LP: #1678477)
- usb: quirks: add delay init quirk for Corsair Strafe RGB keyboard
linux (4.4.0-97.120) xenial; urgency=low
* linux: 4.4.0-97.120 -proposed tracker (LP: #1718149)
* blk-mq: possible deadlock on CPU hot(un)plug (LP: #1670634)
- [Config] s390x -- disable CONFIG_{DM, SCSI}_MQ_DEFAULT
* Xenial update to 4.4.87 stable release (LP: #1715678)
- irqchip: mips-gic: SYNC after enabling GIC region
- i2c: ismt: Don't duplicate the receive length for block reads
- i2c: ismt: Return EMSGSIZE for block reads with bogus length
- ceph: fix readpage from fscache
- cpumask: fix spurious cpumask_of_node() on non-NUMA multi-node configs
- cpuset: Fix incorrect memory_pressure control file mapping
- alpha: uapi: Add support for __SANE_USERSPACE_TYPES__
- CIFS: remove endian related sparse warning
- wl1251: add a missing spin_lock_init()
- xfrm: policy: check policy direction value
- drm/ttm: Fix accounting error when fail to get pages for pool
- kvm: arm/arm64: Fix race in resetting stage2 PGD
- kvm: arm/arm64: Force reading uncached stage2 PGD
- epoll: fix race between ep_poll_callback(POLLFREE) and ep_free()/ep_remove()
- crypto: algif_skcipher - only call put_page on referenced and used pages
- Linux 4.4.87
* Xenial update to 4.4.86 stable release (LP: #1715430)
- scsi: isci: avoid array subscript warning
- ALSA: au88x0: Fix zero clear of stream->resources
- btrfs: remove duplicate const specifier
- i2c: jz4780: drop superfluous init
- gcov: add support for gcc version >= 6
- gcov: support GCC 7.1
- lightnvm: initialize ppa_addr in dev_to_generic_addr()
- p54: memset(0) whole array
- lpfc: Fix Device discovery failures during switch reboot test.
- arm64: mm: abort uaccess retries upon fatal signal
- x86/io: Add "memory" clobber to insb/insw/insl/outsb/outsw/outsl
- arm64: fpsimd: Prevent registers leaking across exec
- scsi: sg: protect accesses to 'reserved' page array
- scsi: sg: reset 'res_in_use' after unlinking reserved array
- drm/i915: fix compiler warning in drivers/gpu/drm/i915/intel_uncore.c
- Linux 4.4.86
* Xenial update to 4.4.85 stable release (LP: #1714298)
- af_key: do not use GFP_KERNEL in atomic contexts
- dccp: purge write queue in dccp_destroy_sock()
- dccp: defer ccid_hc_tx_delete() at dismantle time
- ipv4: fix NULL dereference in free_fib_info_rcu()
- net_sched/sfq: update hierarchical backlog when drop packet
- ipv4: better IP_MAX_MTU enforcement
- sctp: fully initialize the IPv6 address in sctp_v6_to_addr()
- tipc: fix use-after-free
- ipv6: reset fn->rr_ptr when replacing route
- ipv6: repair fib6 tree in failure case
- tcp: when rearming RTO, if RTO time is in past then fire RTO ASAP
- irda: do not leak initialized list.dev to userspace
- net: sched: fix NULL pointer dereference when action calls some targets
- net_sched: fix order of queue length updates in qdisc_replace()
- mei: me: add broxton pci device ids
- mei: me: add lewisburg device ids
- Input: trackpoint - add new trackpoint firmware ID
- Input: elan_i2c - add ELAN0602 ACPI ID to support Lenovo Yoga310
- ALSA: core: Fix unexpected error at replacing user TLV
- ALSA: hda - Add stereo mic quirk for Lenovo G50-70 (17aa:3978)
- ARCv2: PAE40: Explicitly set MSB counterpart of SLC region ops addresses
- i2c: designware: Fix system suspend
- drm: Release driver tracking before making the object available again
- drm/atomic: If the atomic check fails, return its value first
- drm: rcar-du: lvds: Fix PLL frequency-related configuration
- drm: rcar-du: lvds: Rename PLLEN bit to PLLON
- drm: rcar-du: Fix crash in encoder failure error path
- drm: rcar-du: Fix display timing controller parameter
- drm: rcar-du: Fix H/V sync signal polarity configuration
- tracing: Fix freeing of filter in create_filter() when set_str is false
- cifs: Fix df output for users with quota limits
- cifs: return ENAMETOOLONG for overlong names in cifs_open()/cifs_lookup()
- nfsd: Limit end of page list when decoding NFSv4 WRITE
- perf/core: Fix group {cpu,task} validation
- Bluetooth: hidp: fix possible might sleep error in hidp_session_thread
- Bluetooth: cmtp: fix possible might sleep error in cmtp_session
- Bluetooth: bnep: fix possible might sleep error in bnep_session
- binder: use group leader instead of open thread
- binder: Use wake up hint for synchronous transactions.
- ANDROID: binder: fix proc->tsk check.
- iio: imu: adis16480: Fix acceleration scale factor for adis16480
- iio: hid-sensor-trigger: Fix the race with user space powering up sensors
- staging: rtl8188eu: add RNX-N150NUB support
- ASoC: simple-card: don't fail if sysclk setting is not supported
- ASoC: rsnd: disable SRC.out only when stop timing
- ASoC: rsnd: avoid pointless loop in rsnd_mod_interrupt()
- ASoC: rsnd: Add missing initialization of ADG req_rate
- ASoC: rsnd: ssi: 24bit data needs right-aligned settings
- ASoC: rsnd: don't call update callback if it was NULL
- ntb_transport: fix qp count bug
- ntb_transport: fix bug calculating num_qps_mw
- ACPI: ioapic: Clear on-stack resource before using it
- ACPI / APEI: Add missing synchronize_rcu() on NOTIFY_SCI removal
- Linux 4.4.85
* Xenial update to 4.4.84 stable release (LP: #1713729)
- audit: Fix use after free in audit_remove_watch_rule()
- parisc: pci memory bar assignment fails with 64bit kernels on dino/cujo
- crypto: x86/sha1 - Fix reads beyond the number of blocks passed
- Input: elan_i2c - Add antoher Lenovo ACPI ID for upcoming Lenovo NB
- ALSA: seq: 2nd attempt at fixing race creating a queue
- Revert "UBUNTU: SAUCE: (no-up) ALSA: usb-audio: Add quirk for sennheiser
officerunner"
- ALSA: usb-audio: Apply sample rate quirk to Sennheiser headset
- ALSA: usb-audio: Add mute TLV for playback volumes on C-Media devices
- mm/mempolicy: fix use after free when calling get_mempolicy
- xen: fix bio vec merging
- x86/asm/64: Clear AC on NMI entries
- irqchip/atmel-aic: Fix unbalanced of_node_put() in aic_common_irq_fixup()
- irqchip/atmel-aic: Fix unbalanced refcount in aic_common_rtc_irq_fixup()
- Sanitize 'move_pages()' permission checks
- pids: make task_tgid_nr_ns() safe
- perf/x86: Fix LBR related crashes on Intel Atom
- usb: optimize acpi companion search for usb port devices
- usb: qmi_wwan: add D-Link DWM-222 device ID
- Linux 4.4.84
* Intel i40e PF reset due to incorrect MDD detection (LP: #1713553)
- i40e: Limit TX descriptor count in cases where frag size is greater than 16K
* Neighbour confirmation broken, breaks ARP cache aging (LP: #1715812)
- sock: add sk_dst_pending_confirm flag
- net: add dst_pending_confirm flag to skbuff
- sctp: add dst_pending_confirm flag
- tcp: replace dst_confirm with sk_dst_confirm
- net: add confirm_neigh method to dst_ops
- net: use dst_confirm_neigh for UDP, RAW, ICMP, L2TP
- net: pending_confirm is not used anymore
* CVE-2017-14106
- tcp: initialize rcv_mss to TCP_MIN_MSS instead of 0
* [CIFS] Fix maximum SMB2 header size (LP: #1713884)
- CIFS: Fix maximum SMB2 header size
* Middle button of trackpoint doesn't work (LP: #1715271)
- Input: trackpoint - assume 3 buttons when buttons detection fails
* kernel BUG at /build/linux-lts-xenial-_hWfOZ/linux-lts-
xenial-4.4.0/security/apparmor/include/context.h:69! (LP: #1626984)
- SAUCE: fix oops when disabled and module parameters, are accessed
* Touchpad not detected (LP: #1708852)
- Input: elan_i2c - add ELAN0608 to the ACPI table
Date: 2017-10-11 11:52:23.610511+00:00
Changed-By: Thadeu Lima de Souza Cascardo <thadeu.cascardo at canonical.com>
Signed-By: Łukasz Zemczak <lukasz.zemczak at canonical.com>
https://launchpad.net/ubuntu/+source/linux-lts-xenial/4.4.0-98.121~14.04.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Trusty-changes
mailing list