[ubuntu/xenial-security] linux-kvm 4.4.0-1009.14 (Accepted)
Łukasz Zemczak
lukasz.zemczak at canonical.com
Mon Oct 30 19:56:14 UTC 2017
linux-kvm (4.4.0-1009.14) xenial; urgency=low
* linux-kvm: 4.4.0-1009.14 -proposed tracker (LP: #1722310)
[ Ubuntu: 4.4.0-98.121 ]
* linux: 4.4.0-98.121 -proposed tracker (LP: #1722299)
* Controller lockup detected on ProLiant DL380 Gen9 with P440 Controller
(LP: #1720359)
- scsi: hpsa: limit transfer length to 1MB
* [Dell Docking IE][0bda:8153] Realtek USB Ethernet leads to system hang
(LP: #1720977)
- r8152: fix the list rx_done may be used without initialization
* Add installer support for Broadcom BCM573xx network drivers. (LP: #1720466)
- d-i: Add bnxt_en to nic-modules.
* snapcraft.yaml: add dpkg-dev to the build deps (LP: #1718886)
- snapcraft.yaml: add dpkg-dev to the build deps
* Support setting I2C_TIMEOUT via ioctl for i2c-designware (LP: #1718578)
- i2c: designware: Use transfer timeout from ioctl I2C_TIMEOUT
* 5U84 - ses driver isn't binding right - cannot blink lights on 1 of the 2
5u84 (LP: #1693369)
- scsi_transport_sas: add function to get SAS endpoint address
- ses: fix discovery of SATA devices in SAS enclosures
- scsi: sas: provide stub implementation for scsi_is_sas_rphy
- scsi: ses: Fix SAS device detection in enclosure
* multipath -ll is not showing the disks which are actually multipath
(LP: #1718397)
- fs: aio: fix the increment of aio-nr and counting against aio-max-nr
* Support Dell Wireless DW5819/5818 WWAN devices (LP: #1721455)
- SAUCE: USB: serial: qcserial: add Dell DW5818, DW5819
* CVE-2017-10911
- xen-blkback: don't leak stack data via response ring
* implement 'complain mode' in seccomp for developer mode with snaps
(LP: #1567597)
- seccomp: Provide matching filter for introspection
- seccomp: Sysctl to display available actions
- seccomp: Operation for checking if an action is available
- seccomp: Sysctl to configure actions that are allowed to be logged
- seccomp: Selftest for detection of filter flag support
- seccomp: Action to log before allowing
* implement errno action logging in seccomp for strict mode with snaps
(LP: #1721676)
- seccomp: Provide matching filter for introspection
- seccomp: Sysctl to display available actions
- seccomp: Operation for checking if an action is available
- seccomp: Sysctl to configure actions that are allowed to be logged
- seccomp: Selftest for detection of filter flag support
- seccomp: Filter flag to log all actions except SECCOMP_RET_ALLOW
* [Xenial] update OpenNSL kernel modules to 6.5.10 (LP: #1721511)
- SAUCE: update OpenNSL kernel modules to 6.5.10
* Xenial update to 4.4.90 stable release (LP: #1721550)
- cifs: release auth_key.response for reconnect.
- mac80211: flush hw_roc_start work before cancelling the ROC
- KVM: PPC: Book3S: Fix race and leak in kvm_vm_ioctl_create_spapr_tce()
- tracing: Fix trace_pipe behavior for instance traces
- tracing: Erase irqsoff trace with empty write
- md/raid5: fix a race condition in stripe batch
- md/raid5: preserve STRIPE_ON_UNPLUG_LIST in break_stripe_batch_list
- scsi: scsi_transport_iscsi: fix the issue that iscsi_if_rx doesn't parse
nlmsg properly
- crypto: talitos - Don't provide setkey for non hmac hashing algs.
- crypto: talitos - fix sha224
- KEYS: fix writing past end of user-supplied buffer in keyring_read()
- KEYS: prevent creating a different user's keyrings
- KEYS: prevent KEYCTL_READ on negative key
- powerpc/pseries: Fix parent_dn reference leak in add_dt_node()
- Fix SMB3.1.1 guest authentication to Samba
- SMB: Validate negotiate (to protect against downgrade) even if signing off
- SMB3: Don't ignore O_SYNC/O_DSYNC and O_DIRECT flags
- vfs: Return -ENXIO for negative SEEK_HOLE / SEEK_DATA offsets
- nl80211: check for the required netlink attributes presence
- bsg-lib: don't free job in bsg_prepare_job
- seccomp: fix the usage of get/put_seccomp_filter() in seccomp_get_filter()
- arm64: Make sure SPsel is always set
- arm64: fault: Route pte translation faults via do_translation_fault
- KVM: VMX: Do not BUG() on out-of-bounds guest IRQ
- kvm: nVMX: Don't allow L2 to access the hardware CR8
- PCI: Fix race condition with driver_override
- btrfs: fix NULL pointer dereference from free_reloc_roots()
- btrfs: propagate error to btrfs_cmp_data_prepare caller
- btrfs: prevent to set invalid default subvolid
- x86/fpu: Don't let userspace set bogus xcomp_bv
- gfs2: Fix debugfs glocks dump
- timer/sysclt: Restrict timer migration sysctl values to 0 and 1
- KVM: VMX: do not change SN bit in vmx_update_pi_irte()
- KVM: VMX: remove WARN_ON_ONCE in kvm_vcpu_trigger_posted_interrupt
- cxl: Fix driver use count
- dmaengine: mmp-pdma: add number of requestors
- ARM: pxa: add the number of DMA requestor lines
- ARM: pxa: fix the number of DMA requestor lines
- KVM: VMX: use cmpxchg64
- video: fbdev: aty: do not leak uninitialized padding in clk to userspace
- swiotlb-xen: implement xen_swiotlb_dma_mmap callback
- fix xen_swiotlb_dma_mmap prototype
- Linux 4.4.90
* Xenial update to 4.4.89 stable release (LP: #1721477)
- ipv6: accept 64k - 1 packet length in ip6_find_1stfragopt()
- ipv6: add rcu grace period before freeing fib6_node
- ipv6: fix sparse warning on rt6i_node
- qlge: avoid memcpy buffer overflow
- Revert "net: phy: Correctly process PHY_HALTED in phy_stop_machine()"
- Revert "net: use lib/percpu_counter API for fragmentation mem accounting"
- Revert "net: fix percpu memory leaks"
- gianfar: Fix Tx flow control deactivation
- ipv6: fix memory leak with multiple tables during netns destruction
- ipv6: fix typo in fib6_net_exit()
- f2fs: check hot_data for roll-forward recovery
- x86/fsgsbase/64: Report FSBASE and GSBASE correctly in core dumps
- md/raid5: release/flush io in raid5_do_work()
- nfsd: Fix general protection fault in release_lock_stateid()
- mm: prevent double decrease of nr_reserved_highatomic
- tty: improve tty_insert_flip_char() fast path
- tty: improve tty_insert_flip_char() slow path
- tty: fix __tty_insert_flip_char regression
- Input: i8042 - add Gigabyte P57 to the keyboard reset table
- MIPS: math-emu: <MAX|MAXA|MIN|MINA>.<D|S>: Fix quiet NaN propagation
- MIPS: math-emu: <MAX|MAXA|MIN|MINA>.<D|S>: Fix cases of both inputs zero
- MIPS: math-emu: <MAX|MIN>.<D|S>: Fix cases of both inputs negative
- MIPS: math-emu: <MAXA|MINA>.<D|S>: Fix cases of input values with opposite
signs
- MIPS: math-emu: <MAXA|MINA>.<D|S>: Fix cases of both infinite inputs
- MIPS: math-emu: MINA.<D|S>: Fix some cases of infinity and zero inputs
- crypto: AF_ALG - remove SGL terminator indicator when chaining
- ext4: fix incorrect quotaoff if the quota feature is enabled
- ext4: fix quota inconsistency during orphan cleanup for read-only mounts
- powerpc: Fix DAR reporting when alignment handler faults
- block: Relax a check in blk_start_queue()
- md/bitmap: disable bitmap_resize for file-backed bitmaps.
- skd: Avoid that module unloading triggers a use-after-free
- skd: Submit requests to firmware before triggering the doorbell
- scsi: zfcp: fix queuecommand for scsi_eh commands when DIX enabled
- scsi: zfcp: add handling for FCP_RESID_OVER to the fcp ingress path
- scsi: zfcp: fix capping of unsuccessful GPN_FT SAN response trace records
- scsi: zfcp: fix passing fsf_req to SCSI trace on TMF to correlate with HBA
- scsi: zfcp: fix missing trace records for early returns in TMF eh handlers
- scsi: zfcp: fix payload with full FCP_RSP IU in SCSI trace records
- scsi: zfcp: trace HBA FSF response by default on dismiss or timedout late
response
- scsi: zfcp: trace high part of "new" 64 bit SCSI LUN
- scsi: megaraid_sas: Check valid aen class range to avoid kernel panic
- scsi: megaraid_sas: Return pended IOCTLs with cmd_status
MFI_STAT_WRONG_STATE in case adapter is dead
- scsi: storvsc: fix memory leak on ring buffer busy
- scsi: sg: remove 'save_scat_len'
- scsi: sg: use standard lists for sg_requests
- scsi: sg: off by one in sg_ioctl()
- scsi: sg: factor out sg_fill_request_table()
- scsi: sg: fixup infoleak when using SG_GET_REQUEST_TABLE
- scsi: qla2xxx: Fix an integer overflow in sysfs code
- ftrace: Fix selftest goto location on error
- tracing: Apply trace_clock changes to instance max buffer
- ARC: Re-enable MMU upon Machine Check exception
- PCI: shpchp: Enable bridge bus mastering if MSI is enabled
- media: v4l2-compat-ioctl32: Fix timespec conversion
- media: uvcvideo: Prevent heap overflow when accessing mapped controls
- bcache: initialize dirty stripes in flash_dev_run()
- bcache: Fix leak of bdev reference
- bcache: do not subtract sectors_to_gc for bypassed IO
- bcache: correct cache_dirty_target in __update_writeback_rate()
- bcache: Correct return value for sysfs attach errors
- bcache: fix for gc and write-back race
- bcache: fix bch_hprint crash and improve output
- ftrace: Fix memleak when unregistering dynamic ops when tracing disabled
- Linux 4.4.89
* ETPS/2 Elantech Touchpad inconsistently detected (Gigabyte P57W laptop)
(LP: #1594214)
- Input: i8042 - add Gigabyte P57 to the keyboard reset table
* Xenial update to 4.4.88 stable release (LP: #1718195)
- usb: quirks: add delay init quirk for Corsair Strafe RGB keyboard
- USB: serial: option: add support for D-Link DWM-157 C1
- usb: Add device quirk for Logitech HD Pro Webcam C920-C
- usb:xhci:Fix regression when ATI chipsets detected
- USB: core: Avoid race of async_completed() w/ usbdev_release()
- staging/rts5208: fix incorrect shift to extract upper nybble
- driver core: bus: Fix a potential double free
- intel_th: pci: Add Cannon Lake PCH-H support
- intel_th: pci: Add Cannon Lake PCH-LP support
- ath10k: fix memory leak in rx ring buffer allocation
- rtlwifi: rtl_pci_probe: Fix fail path of _rtl_pci_find_adapter
- Bluetooth: Add support of 13d3:3494 RTL8723BE device
- dlm: avoid double-free on error path in dlm_device_{register,unregister}
- mwifiex: correct channel stat buffer overflows
- drm/nouveau/pci/msi: disable MSI on big-endian platforms by default
- workqueue: Fix flag collision
- cs5536: add support for IDE controller variant
- scsi: sg: protect against races between mmap() and SG_SET_RESERVED_SIZE
- scsi: sg: recheck MMAP_IO request length with lock held
- drm: adv7511: really enable interrupts for EDID detection
- drm/bridge: adv7511: Fix mutex deadlock when interrupts are disabled
- drm/bridge: adv7511: Use work_struct to defer hotplug handing to out of irq
context
- drm/bridge: adv7511: Switch to using drm_kms_helper_hotplug_event()
- drm/bridge: adv7511: Re-write the i2c address before EDID probing
- btrfs: resume qgroup rescan on rw remount
- locktorture: Fix potential memory leak with rw lock test
- ALSA: msnd: Optimize / harden DSP and MIDI loops
- ARM: 8692/1: mm: abort uaccess retries upon fatal signal
- NFS: Fix 2 use after free issues in the I/O code
- xfs: XFS_IS_REALTIME_INODE() should be false if no rt device present
- Linux 4.4.88
* Kernel has troule recognizing Corsair Strafe RGB keyboard (LP: #1678477)
- usb: quirks: add delay init quirk for Corsair Strafe RGB keyboard
Date: 2017-10-11 19:34:22.190398+00:00
Changed-By: Thadeu Lima de Souza Cascardo <thadeu.cascardo at canonical.com>
Signed-By: Łukasz Zemczak <lukasz.zemczak at canonical.com>
https://launchpad.net/ubuntu/+source/linux-kvm/4.4.0-1009.14
-------------- next part --------------
Sorry, changesfile not available.
More information about the Xenial-changes
mailing list