Package "linux"
Name: |
linux
|
Description: |
This package is just an umbrella for a group of other packages,
it has no description. Description samples from packages in group:
- Linux kernel version specific cloud tools for version 3.13.0-91
- Linux kernel version specific cloud tools for version 3.13.0-91
- Linux kernel version specific cloud tools for version 3.13.0-91
- Linux kernel headers for version 3.13.0 on 64 bit x86 SMP
|
Latest version: |
3.13.0-91.138 |
Release: |
trusty (14.04) |
Level: |
base |
Repository: |
main |
Links
Other versions of "linux" in Trusty
Packages in group
Deleted packages are displayed in grey.
Changelog
linux (3.13.0-91.138) trusty; urgency=medium
.
[ Luis Henriques ]
.
* Release Tracking Bug
- LP: #1595991
.
[ Upstream Kernel Changes ]
.
* netfilter: x_tables: validate e->target_offset early
- LP: #1555338
- CVE-2016-3134
* netfilter: x_tables: make sure e->next_offset covers remaining blob
size
- LP: #1555338
- CVE-2016-3134
* netfilter: x_tables: fix unconditional helper
- LP: #1555338
- CVE-2016-3134
* netfilter: x_tables: don't move to non-existent next rule
- LP: #1595350
* netfilter: x_tables: validate targets of jumps
- LP: #1595350
* netfilter: x_tables: add and use xt_check_entry_offsets
- LP: #1595350
* netfilter: x_tables: kill check_entry helper
- LP: #1595350
* netfilter: x_tables: assert minimum target size
- LP: #1595350
* netfilter: x_tables: add compat version of xt_check_entry_offsets
- LP: #1595350
* netfilter: x_tables: check standard target size too
- LP: #1595350
* netfilter: x_tables: check for bogus target offset
- LP: #1595350
* netfilter: x_tables: validate all offsets and sizes in a rule
- LP: #1595350
* netfilter: x_tables: don't reject valid target size on some
architectures
- LP: #1595350
* netfilter: arp_tables: simplify translate_compat_table args
- LP: #1595350
* netfilter: ip_tables: simplify translate_compat_table args
- LP: #1595350
* netfilter: ip6_tables: simplify translate_compat_table args
- LP: #1595350
* netfilter: x_tables: xt_compat_match_from_user doesn't need a retval
- LP: #1595350
* netfilter: x_tables: do compat validation via translate_table
- LP: #1595350
* netfilter: x_tables: introduce and use xt_copy_counters_from_user
- LP: #1595350
.
|
Source diff to previous version |
1595350 |
Linux netfilter local privilege escalation issues |
CVE-2016-3134 |
The netfilter subsystem in the Linux kernel through 4.5.2 does not validate certain offset fields, which allows local users to gain privileges or cau |
|
linux (3.13.0-169.219) trusty; urgency=medium
.
* linux: 3.13.0-169.219 -proposed tracker (LP: #1822883)
.
* Packaging resync (LP: #1786013)
- [Packaging] update helper scripts
- [Packaging] resync retpoline extraction
|
Source diff to previous version |
|
linux (3.13.0-168.218) trusty; urgency=medium
.
* linux: 3.13.0-168.218 -proposed tracker (LP: #1819663)
.
* CVE-2019-9213
- mm: enforce min addr even if capable() in expand_downwards()
.
* CVE-2019-3460
- Bluetooth: Check L2CAP option sizes returned from l2cap_get_conf_opt
.
* CVE-2017-1000410
- Bluetooth: Prevent stack info leak from the EFS element.
.
* ixgbe: Kernel Oops when attempting to disable spoofchk in a non-existing VF
(LP: #1815501)
- ixgbe: check for vfs outside of sriov_num_vfs before dereference
.
* CVE-2018-19824
- ALSA: usb-audio: Fix UAF decrement if card has no live interfaces in card.c
.
* CVE-2019-3459
- Bluetooth: Verify that l2cap_get_conf_opt provides large enough buffer
.
* CVE-2019-7222
- KVM: x86: work around leak of uninitialized stack contents (CVE-2019-7222)
.
* CVE-2019-6974
- kvm: fix kvm_ioctl_create_device() reference counting (CVE-2019-6974)
.
* CVE-2017-18360
- USB: serial: io_ti: fix div-by-zero in set_termios
|
Source diff to previous version |
1815501 |
ixgbe: Kernel Oops when attempting to disable spoofchk in a non-existing VF |
CVE-2019-9213 |
In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to |
CVE-2019-3460 |
Heap data infoleak in multiple locations including functionl2cap_parse_conf_rsp |
CVE-2017-1000410 |
The Linux kernel version 3.3-rc1 and later is affected by a vulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and Conf |
CVE-2018-19824 |
In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with ze |
CVE-2019-3459 |
Heap address infoleak in use of l2cap_get_conf_opt |
CVE-2019-7222 |
KVM: x86: work around leak of uninitialized stack contents |
CVE-2019-6974 |
In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading |
CVE-2017-18360 |
In change_port_settings in drivers/usb/serial/io_ti.c in the Linux kernel before 4.11.3, local users could cause a denial of service by division-by-z |
|
linux (3.13.0-167.217) trusty; urgency=medium
.
* linux: 3.13.0-167.217 -proposed tracker (LP: #1819917)
.
* Packaging resync (LP: #1786013)
- [Packaging] resync getabis
- [Packaging] update helper scripts
- [Packaging] resync retpoline extraction
.
* linux-cloud-tools-common 3.13.0-166.216 in Trusty is missing contents of
/usr/sbin (LP: #1819869)
- Revert "UBUNTU: [Packaging] skip cloud tools packaging when not building
package"
|
Source diff to previous version |
1786013 |
Packaging resync |
1819869 |
linux-cloud-tools-common 3.13.0-166.216 in Trusty is missing contents of /usr/sbin |
|
linux (3.13.0-166.216) trusty; urgency=medium
.
* linux: 3.13.0-166.216 -proposed tracker (LP: #1814645)
.
* linux-buildinfo: pull out ABI information into its own package
(LP: #1806380)
- [Packaging] limit preparation to linux-libc-dev in headers
- [Packaging] commonise debhelper invocation
- [Packaging] ABI -- accumulate abi information at the end of the build
- [Packaging] buildinfo -- add basic build information
- [Packaging] buildinfo -- add firmware information to the flavour ABI
- [Packaging] buildinfo -- add compiler information to the flavour ABI
- [Packaging] buildinfo -- add buildinfo support to getabis
- [Config] buildinfo -- add retpoline version markers
- [Packaging] getabis -- handle all known package combinations
- [Packaging] getabis -- support parsing a simple version
- [Packaging] autoreconstruct -- base tag is always primary mainline version
.
* signing: only install a signed kernel (LP: #1764794)
- [Debian] usbip tools packaging
- [Debian] Don't fail if a symlink already exists
- [Debian] perf -- build in the context of the full generated local headers
- [Debian] basic hook support
- [Debian] follow rename of DEB_BUILD_PROFILES
- [Debian] standardise on stage1 for the bootstrap stage in line with debian
- [Debian] set do_*_tools after stage1 or bootstrap is determined
- [Debian] initscripts need installing when making the package
- [Packaging] reconstruct -- automatically reconstruct against base tag
- [Debian] add feature interlock with mainline builds
- [Debian] Remove generated intermediate files on clean
- [Packaging] prevent linux-*-tools-common from being produced from non linux
packages
- SAUCE: ubuntu: vbox -- elide the new symlinks and reconstruct on clean:
- [Debian] Update to new signing key type and location
- [Packaging] autoreconstruct -- generate extend-diff-ignore for links
- [Packaging] reconstruct -- update when inserting final changes
- [Packaging] update to Debian like control scripts
- [Packaging] switch to triggers for postinst.d postrm.d handling
- [Packaging] signing -- switch to raw-signing tarballs
- [Packaging] signing -- switch to linux-image as signed when available
- [Packaging] printenv -- add signing options
- [Packaging] fix invocation of header postinst hooks
- [Packaging] signing -- add support for signing Opal kernel binaries
- [Debian] Use src_pkg_name when constructing udeb control files
- [Debian] Dynamically determine linux udebs package name
- [Packaging] handle both linux-lts* and linux-hwe* as backports
- [Config] linux-source-* is in the primary linux namespace
- [Packaging] lookup the upstream tag
- [Packaging] switch up to debhelper 9
- [Packaging] autopkgtest -- disable d-i when dropping flavours
- [debian] support for ship_extras_package=false
- [Debian] do_common_tools should always be on
- [debian] do not force do_tools_common
- [Packaging] skip cloud tools packaging when not building package
- [debian] prep linux-libc-dev only if do_libc_dev_package=true
.
* Packaging resync (LP: #1786013)
- [Packaging] update helper scripts
.
* kernel oops in bcache module (LP: #1793901)
- SAUCE: bcache: never writeback a discard operation
.
* iptables connlimit allows more connections than the limit when using
multiple CPUs (LP: #1811094)
- netfilter: connlimit: improve packet-to-closed-connection logic
- netfilter: nf_conncount: fix garbage collection confirm race
- netfilter: nf_conncount: don't skip eviction when age is negative
.
* CVE-2019-6133
- fork: record start_time late
.
* test_095_kernel_symbols_missing_proc_self_stack failed on P-LTS
(LP: #1813001)
- procfs: make /proc/*/{stack, syscall, personality} 0400
|
1806380 |
linux-buildinfo: pull out ABI information into its own package |
1764794 |
signing: only install a signed kernel |
1786013 |
Packaging resync |
1793901 |
kernel oops in bcache module |
1811094 |
iptables connlimit allows more connections than the limit when using multiple CPUs |
1813001 |
test_095_kernel_symbols_missing_proc_self_stack failed on P-LTS |
CVE-2019-6133 |
In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization deci |
|
About
-
Send Feedback to @ubuntu_updates