[ubuntu/trusty-security] linux-azure 4.15.0-1036.38~14.04.2 (Accepted)

Steve Langasek steve.langasek at canonical.com
Thu Dec 20 05:21:20 UTC 2018 

linux-azure (4.15.0-1036.38~14.04.2) trusty; urgency=medium

  * linux-azure: 4.15.0-1036.38~14.04.2 -proposed tracker (LP: #1806670)

  * Packaging resync (LP: #1786013)
    - [Packaging] update update.conf

  [ Ubuntu: 4.15.0-1036.38 ]

  * linux-azure: 4.15.0-1036.38 -proposed tracker (LP: #1806665)
  * linux-buildinfo: pull out ABI information into its own package
    (LP: #1806380)
    - [Config] buildinfo -- add retpoline version markers
  * Packaging resync (LP: #1786013)
    - [Packaging] update update.conf
  * linux: 4.15.0-43.46 -proposed tracker (LP: #1806659)
  * System randomly hangs during suspend when mei_wdt is loaded (LP: #1803942)
    - SAUCE: base/dd: limit release function changes to vfio driver only
  * Workaround CSS timeout on AMD SNPS 3.0 xHC (LP: #1806838)
    - xhci: Allow more than 32 quirks
    - xhci: workaround CSS timeout on AMD SNPS 3.0 xHC
  * linux-buildinfo: pull out ABI information into its own package
    (LP: #1806380)
    - [Packaging] limit preparation to linux-libc-dev in headers
    - [Packaging] commonise debhelper invocation
    - [Packaging] ABI -- accumulate abi information at the end of the build
    - [Packaging] buildinfo -- add basic build information
    - [Packaging] buildinfo -- add firmware information to the flavour ABI
    - [Packaging] buildinfo -- add compiler information to the flavour ABI
    - [Packaging] buildinfo -- add buildinfo support to getabis
    - [Config] buildinfo -- add retpoline version markers
  * linux packages should own /usr/lib/linux/triggers (LP: #1770256)
    - [Packaging] own /usr/lib/linux/triggers
  * CVE-2018-12896
    - posix-timers: Sanitize overrun handling
  * CVE-2018-16276
    - USB: yurex: fix out-of-bounds uaccess in read handler
  * CVE-2018-10902
    - ALSA: rawmidi: Change resized buffers atomically
  * CVE-2018-18710
    - cdrom: fix improper type cast, which can leat to information leak.
  * CVE-2018-18690
    - xfs: don't fail when converting shortform attr to long form during
      ATTR_REPLACE
  * CVE-2018-14734
    - infiniband: fix a possible use-after-free bug
  * CVE-2018-18445
    - bpf: 32-bit RSH verification must truncate input before the ALU op
  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts

Date: 2018-12-07 04:02:15.700629+00:00
Changed-By: Marcelo Cerri <marcelo.cerri at canonical.com>
Signed-By: Steve Langasek <steve.langasek at canonical.com>
https://launchpad.net/ubuntu/+source/linux-azure/4.15.0-1036.38~14.04.2
-------------- next part --------------
Sorry, changesfile not available.

More information about the Trusty-changes mailing list