[ubuntu/trusty-security] linux-lts-xenial 4.4.0-108.131~14.04.1 (Accepted)
Steve Langasek
steve.langasek at canonical.com
Tue Jan 9 21:06:59 UTC 2018
linux-lts-xenial (4.4.0-108.131~14.04.1) trusty; urgency=low
* linux-lts-xenial: 4.4.0-108.131~14.04.1 -proposed tracker (LP: #1741729)
* linux: 4.4.0-108.131 -proposed tracker (LP: #1741727)
* CVE-2017-5754
- x86/mm: Disable PCID on 32-bit kernels
linux (4.4.0-107.130) xenial; urgency=low
* linux: 4.4.0-107.130 -proposed tracker (LP: #1741643)
* CVE-2017-5754
- Revert "UBUNTU: SAUCE: arch/x86/entry/vdso: temporarily disable vdso"
- KPTI: Report when enabled
- x86, vdso, pvclock: Simplify and speed up the vdso pvclock reader
- x86/vdso: Get pvclock data from the vvar VMA instead of the fixmap
- x86/kasan: Clear kasan_zero_page after TLB flush
- kaiser: Set _PAGE_NX only if supported
linux (4.4.0-106.129) xenial; urgency=low
* linux: 4.4.0-106.129 -proposed tracker (LP: #1741528)
* CVE-2017-5754
- KAISER: Kernel Address Isolation
- kaiser: merged update
- kaiser: do not set _PAGE_NX on pgd_none
- kaiser: stack map PAGE_SIZE at THREAD_SIZE-PAGE_SIZE
- kaiser: fix build and FIXME in alloc_ldt_struct()
- kaiser: KAISER depends on SMP
- kaiser: fix regs to do_nmi() ifndef CONFIG_KAISER
- kaiser: fix perf crashes
- kaiser: ENOMEM if kaiser_pagetable_walk() NULL
- kaiser: tidied up asm/kaiser.h somewhat
- kaiser: tidied up kaiser_add/remove_mapping slightly
- kaiser: kaiser_remove_mapping() move along the pgd
- kaiser: cleanups while trying for gold link
- kaiser: name that 0x1000 KAISER_SHADOW_PGD_OFFSET
- kaiser: delete KAISER_REAL_SWITCH option
- kaiser: vmstat show NR_KAISERTABLE as nr_overhead
- x86/mm: Enable CR4.PCIDE on supported systems
- x86/mm: Build arch/x86/mm/tlb.c even on !SMP
- x86/mm, sched/core: Uninline switch_mm()
- x86/mm: Add INVPCID helpers
- x86/mm: If INVPCID is available, use it to flush global mappings
- kaiser: enhanced by kernel and user PCIDs
- kaiser: load_new_mm_cr3() let SWITCH_USER_CR3 flush user
- kaiser: PCID 0 for kernel and 128 for user
- kaiser: x86_cr3_pcid_noflush and x86_cr3_pcid_user
- kaiser: paranoid_entry pass cr3 need to paranoid_exit
- kaiser: _pgd_alloc() without __GFP_REPEAT to avoid stalls
- kaiser: fix unlikely error in alloc_ldt_struct()
- kaiser: add "nokaiser" boot option, using ALTERNATIVE
- x86/kaiser: Rename and simplify X86_FEATURE_KAISER handling
- x86/boot: Add early cmdline parsing for options with arguments
- x86/kaiser: Check boottime cmdline params
- kaiser: use ALTERNATIVE instead of x86_cr3_pcid_noflush
- kaiser: drop is_atomic arg to kaiser_pagetable_walk()
- kaiser: asm/tlbflush.h handle noPGE at lower level
- kaiser: kaiser_flush_tlb_on_return_to_user() check PCID
- x86/paravirt: Dont patch flush_tlb_single
- x86/kaiser: Reenable PARAVIRT
- kaiser: disabled on Xen PV
- x86/kaiser: Move feature detection up
- kvm: x86: fix RSM when PCID is non-zero
- SAUCE: arch/x86/entry/vdso: temporarily disable vdso
- [Config]: CONFIG_KAISER=y
linux (4.4.0-104.127) xenial; urgency=low
* linux: 4.4.0-104.127 -proposed tracker (LP: #1737511)
* upgrading linux-image package to 4.4.0-103.126 breaks Ceph network file
system connection (LP: #1737033)
- Revert "libceph: MOSDOpReply v7 encoding"
- Revert "libceph: advertise support for TUNABLES5"
- Revert "crush: decode and initialize chooseleaf_stable"
- Revert "crush: add chooseleaf_stable tunable"
- Revert "crush: ensure take bucket value is valid"
- Revert "crush: ensure bucket id is valid before indexing buckets array"
Date: 2018-01-07 15:48:13.749327+00:00
Changed-By: Kleber Sacilotto de Souza <kleber.souza at canonical.com>
Signed-By: Steve Langasek <steve.langasek at canonical.com>
https://launchpad.net/ubuntu/+source/linux-lts-xenial/4.4.0-108.131~14.04.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Trusty-changes
mailing list