[ubuntu/xenial-security] linux-gke 4.4.0-1014.14 (Accepted)
Andy Whitcroft
apw at canonical.com
Tue Jun 6 15:04:58 UTC 2017
linux-gke (4.4.0-1014.14) xenial; urgency=low
* linux-gke: 4.4.0-1014.14 -proposed tracker (LP: #1691186)
* linux xenial derivatives fail to build (LP: #1691814)
- [Packaging] Set do_tools_common in common vars
- [Packaging] Put hooks.mk file in the right place
* linux-aws/linux-gke incorrectly producing an empty linux-*-source package-*
(LP: #1690183)
- [Packaging] drop linux-gke-source-* package
* linux-aws/linux-gke incorrectly producing and using linux-*-tools-
common/linux-*-cloud-tools-common (LP: #1688579)
- [Config] linux-tools-* linux-cloud-tools-* share -common packages with linux
[ Ubuntu: 4.4.0-79.100 ]
* linux: 4.4.0-79.100 -proposed tracker (LP: #1691180)
* linux-aws/linux-gke incorrectly producing and using linux-*-tools-
common/linux-*-cloud-tools-common (LP: #1688579)
- [Config] make linux-tools-common and linux-cloud-tools-common provide linux-
gke versions
- [Config] make linux-tools-common and linux-cloud-tools-common provide linux-
aws versions
- [Packaging] prevent linux-*-tools-common from being produced from non linux
packages
* CVE-2017-0605
- tracing: Use strlcpy() instead of strcpy() in __trace_find_cmdline()
* i915-bpo crashes on external hdmi input (LP: #1580272)
- SAUCE: i915_bpo: Silence the warning about watermark entries not changing
* Kernel panics on Xenial when using cgroups and strict CFS limits
(LP: #1687512)
- sched/fair: Initialize throttle_count for new task-groups lazily
- sched/fair: Do not announce throttled next buddy in dequeue_task_fair()
* bonding - mlx5 - speed changed to 0 after changing ring size (LP: #1687877)
- bonding: allow notifications for bond_set_slave_link_state
* Xenial update to 4.4.67 stable release (LP: #1689296)
- timerfd: Protect the might cancel mechanism proper
- Handle mismatched open calls
- ASoC: intel: Fix PM and non-atomic crash in bytcr drivers
- ALSA: ppc/awacs: shut up maybe-uninitialized warning
- drbd: avoid redefinition of BITS_PER_PAGE
- mtd: avoid stack overflow in MTD CFI code
- net: tg3: avoid uninitialized variable warning
- netlink: Allow direct reclaim for fallback allocation
- IB/qib: rename BITS_PER_PAGE to RVT_BITS_PER_PAGE
- IB/ehca: fix maybe-uninitialized warnings
- ext4: require encryption feature for EXT4_IOC_SET_ENCRYPTION_POLICY
- ext4 crypto: revalidate dentry after adding or removing the key
- ext4 crypto: use dget_parent() in ext4_d_revalidate()
- ext4/fscrypto: avoid RCU lookup in d_revalidate
- nfsd4: minor NFSv2/v3 write decoding cleanup
- nfsd: stricter decoding of write-like NFSv2/v3 ops
- dm ioctl: prevent stack leak in dm ioctl call
- Linux 4.4.67
* Precision Rack failed to resume from S4 (LP: #1686061)
- x86 / hibernate: Use hlt_play_dead() when resuming from hibernation
- x86/boot: Split out kernel_ident_mapping_init()
- x86/power/64: Always create temporary identity mapping correctly
* Xenial update to 4.4.66 stable release (LP: #1688505)
- f2fs: do more integrity verification for superblock
- xc2028: unlock on error in xc2028_set_config()
- ARM: OMAP2+: timer: add probe for clocksources
- clk: sunxi: Add apb0 gates for H3
- crypto: testmgr - fix out of bound read in __test_aead()
- drm/amdgpu: fix array out of bounds
- ext4: check if in-inode xattr is corrupted in ext4_expand_extra_isize_ea()
- md:raid1: fix a dead loop when read from a WriteMostly disk
- MIPS: Fix crash registers on non-crashing CPUs
- net: cavium: liquidio: Avoid dma_unmap_single on uninitialized ndata
- net_sched: close another race condition in tcf_mirred_release()
- RDS: Fix the atomicity for congestion map update
- regulator: core: Clear the supply pointer if enabling fails
- usb: gadget: f_midi: Fixed a bug when buflen was smaller than wMaxPacketSize
- xen/x86: don't lose event interrupts
- sparc64: kern_addr_valid regression
- sparc64: Fix kernel panic due to erroneous #ifdef surrounding pmd_write()
- net: neigh: guard against NULL solicit() method
- net: phy: handle state correctly in phy_stop_machine
- l2tp: purge socket queues in the .destruct() callback
- l2tp: take reference on sessions being dumped
- l2tp: fix PPP pseudo-wire auto-loading
- net: ipv4: fix multipath RTM_GETROUTE behavior when iif is given
- sctp: listen on the sock only when it's state is listening or closed
- tcp: clear saved_syn in tcp_disconnect()
- dp83640: don't recieve time stamps twice
- net: ipv6: RTF_PCPU should not be settable from userspace
- netpoll: Check for skb->queue_mapping
- ip6mr: fix notification device destruction
- macvlan: Fix device ref leak when purging bc_queue
- ipv6: check skb->protocol before lookup for nexthop
- ipv6: check raw payload size correctly in ioctl
- ALSA: firewire-lib: fix inappropriate assignment between signed/unsigned
type
- ALSA: seq: Don't break snd_use_lock_sync() loop by timeout
- MIPS: KGDB: Use kernel context for sleeping threads
- MIPS: Avoid BUG warning in arch_check_elf
- p9_client_readdir() fix
- Input: i8042 - add Clevo P650RS to the i8042 reset list
- nfsd: check for oversized NFSv2/v3 arguments
- ARCv2: save r30 on kernel entry as gcc uses it for code-gen
- ftrace/x86: Fix triple fault with graph tracing and suspend-to-ram
- Linux 4.4.66
* Xenial update to 4.4.65 stable release (LP: #1688483)
- tipc: make sure IPv6 header fits in skb headroom
- tipc: make dist queue pernet
- tipc: re-enable compensation for socket receive buffer double counting
- tipc: correct error in node fsm
- tty: nozomi: avoid a harmless gcc warning
- hostap: avoid uninitialized variable use in hfa384x_get_rid
- gfs2: avoid uninitialized variable warning
- tipc: fix random link resets while adding a second bearer
- tipc: fix socket timer deadlock
- xc2028: avoid use after free
- netfilter: nfnetlink: correctly validate length of batch messages
- tipc: check minimum bearer MTU
- vfio/pci: Fix integer overflows, bitmask check
- staging/android/ion : fix a race condition in the ion driver
- ping: implement proper locking
- perf/core: Fix concurrent sys_perf_event_open() vs. 'move_group' race
- Linux 4.4.65
* Xenial update to 4.4.64 stable release (LP: #1687638)
- KEYS: Disallow keyrings beginning with '.' to be joined as session keyrings
- KEYS: Change the name of the dead type to ".dead" to prevent user access
- KEYS: fix keyctl_set_reqkey_keyring() to not leak thread keyrings
- tracing: Allocate the snapshot buffer before enabling probe
- ring-buffer: Have ring_buffer_iter_empty() return true when empty
- cifs: Do not send echoes before Negotiate is complete
- CIFS: remove bad_network_name flag
- s390/mm: fix CMMA vs KSM vs others
- VSOCK: Detach QP check should filter out non matching QPs.
- Input: elantech - add Fujitsu Lifebook E547 to force crc_enabled
- ACPI / power: Avoid maybe-uninitialized warning
- mmc: sdhci-esdhc-imx: increase the pad I/O drive strength for DDR50 card
- mac80211: reject ToDS broadcast data frames
- ubi/upd: Always flush after prepared for an update
- powerpc/kprobe: Fix oops when kprobed on 'stdu' instruction
- x86/mce/AMD: Give a name to MCA bank 3 when accessed with legacy MSRs
- kvm: arm/arm64: Fix locking for kvm_free_stage2_pgd
- x86, pmem: fix broken __copy_user_nocache cache-bypass assumptions
- block: fix del_gendisk() vs blkdev_ioctl crash
- tipc: fix crash during node removal
- Linux 4.4.64
* Xenial update to 4.4.63 stable release (LP: #1687629)
- cgroup, kthread: close race window where new kthreads can be migrated to
non-root cgroups
- thp: fix MADV_DONTNEED vs clear soft dirty race
- drm/nouveau/mpeg: mthd returns true on success now
- drm/nouveau/mmu/nv4a: use nv04 mmu rather than the nv44 one
- CIFS: store results of cifs_reopen_file to avoid infinite wait
- Input: xpad - add support for Razer Wildcat gamepad
- perf/x86: Avoid exposing wrong/stale data in intel_pmu_lbr_read_32()
- x86/vdso: Ensure vdso32_enabled gets set to valid values only
- x86/vdso: Plug race between mapping and ELF header setup
- acpi, nfit, libnvdimm: fix interleave set cookie calculation (64-bit
comparison)
- iscsi-target: Fix TMR reference leak during session shutdown
- iscsi-target: Drop work-around for legacy GlobalSAN initiator
- scsi: sr: Sanity check returned mode data
- scsi: sd: Consider max_xfer_blocks if opt_xfer_blocks is unusable
- scsi: sd: Fix capacity calculation with 32-bit sector_t
- xen, fbfront: fix connecting to backend
- libnvdimm: fix reconfig_mutex, mmap_sem, and jbd2_handle lockdep splat
- irqchip/irq-imx-gpcv2: Fix spinlock initialization
- ftrace: Fix removing of second function probe
- char: Drop bogus dependency of DEVPORT on !M68K
- char: lack of bool string made CONFIG_DEVPORT always on
- Revert "MIPS: Lantiq: Fix cascaded IRQ setup"
- kvm: fix page struct leak in handle_vmon
- zram: do not use copy_page with non-page aligned address
- powerpc: Disable HFSCR[TM] if TM is not supported
- crypto: ahash - Fix EINPROGRESS notification callback
- ath9k: fix NULL pointer dereference
- dvb-usb-v2: avoid use-after-free
- ext4: fix inode checksum calculation problem if i_extra_size is small
- platform/x86: acer-wmi: setup accelerometer when machine has appropriate
notify event
- rtc: tegra: Implement clock handling
- mm: Tighten x86 /dev/mem with zeroing reads
- dvb-usb: don't use stack for firmware load
- dvb-usb-firmware: don't do DMA on stack
- virtio-console: avoid DMA from stack
- pegasus: Use heap buffers for all register access
- rtl8150: Use heap buffers for all register access
- catc: Combine failure cleanup code in catc_probe()
- catc: Use heap buffer for memory size test
- tty/serial: atmel: RS485 half duplex w/DMA: enable RX after TX is done
- net: ipv6: check route protocol when deleting routes
- MIPS: fix Select HAVE_IRQ_EXIT_ON_IRQ_STACK patch.
- Linux 4.4.63
Date: 2017-05-19 17:58:13.717462+00:00
Changed-By: Thadeu Lima de Souza Cascardo <thadeu.cascardo at canonical.com>
Signed-By: Andy Whitcroft <apw at canonical.com>
https://launchpad.net/ubuntu/+source/linux-gke/4.4.0-1014.14
-------------- next part --------------
Sorry, changesfile not available.
More information about the Xenial-changes
mailing list