UbuntuUpdates.org

Package "linux-headers-3.16.0-76-lowlatency"

This package belongs to a PPA: Canonical Kernel Team

Name: linux-headers-3.16.0-76-lowlatency

Description:

Linux kernel headers for version 3.16.0 on 64 bit x86 SMP

Latest version: 3.16.0-76.98~14.04.1
Release: trusty (14.04)
Level: base
Repository: main
Head package: linux-lts-utopic

Links


Download "linux-headers-3.16.0-76-lowlatency"


Other versions of "linux-headers-3.16.0-76-lowlatency" in Trusty

Repository Area Version
security main 3.16.0-76.98~14.04.1
updates main 3.16.0-76.98~14.04.1

Changelog

Version: 3.16.0-77.99~14.04.1 2016-06-28 23:07:56 UTC

 linux-lts-utopic (3.16.0-77.99~14.04.1) trusty; urgency=low
 .
   [ Kamal Mostafa ]
 .
   * Release Tracking Bug
     - LP: #1597047
 .
   [ Josh Boyer ]
 .
   * SAUCE: UEFI: acpi: Ignore acpi_rsdp kernel parameter when module
     loading is restricted
     - LP: #1566221
   * SAUCE: UEFI: efi: Make EFI_SECURE_BOOT_SIG_ENFORCE depend on EFI
     - LP: #1566221
   * SAUCE: UEFI MODSIGN: Import certificates from UEFI Secure Boot
     - LP: #1571691
   * SAUCE: UEFI: efi: Disable secure boot if shim is in insecure mode
     - LP: #1571691
 .
   [ Matthew Garrett ]
 .
   * SAUCE: UEFI: Add secure_modules() call
     - LP: #1566221
   * SAUCE: UEFI: PCI: Lock down BAR access when module security is enabled
     - LP: #1566221
   * SAUCE: UEFI: x86: Lock down IO port access when module security is
     enabled
     - LP: #1566221
   * SAUCE: UEFI: ACPI: Limit access to custom_method
     - LP: #1566221
   * SAUCE: UEFI: asus-wmi: Restrict debugfs interface when module loading
     is restricted
     - LP: #1566221
   * SAUCE: UEFI: Restrict /dev/mem and /dev/kmem when module loading is
     restricted
     - LP: #1566221
   * SAUCE: UEFI: kexec: Disable at runtime if the kernel enforces module
     loading restrictions
     - LP: #1566221
   * SAUCE: UEFI: x86: Restrict MSR access when module loading is restricted
     - LP: #1566221
   * SAUCE: UEFI: Add option to automatically enforce module signatures when
     in Secure Boot mode
     - LP: #1566221
 .
   [ Stefan Bader ]
 .
   * [Config] Add pm80xx scsi driver to d-i
     - LP: #1595628
 .
   [ Tim Gardner ]
 .
   * [Config] CONFIG_EFI_SECURE_BOOT_SIG_ENFORCE=y
   * SAUCE: UEFI: Display MOKSBState when disabled
     - LP: #1571691
   * SAUCE: UEFI: Add secure boot and MOK SB State disabled sysctl
     - LP: #1593075
 .
   [ Upstream Kernel Changes ]
 .
   * HID: core: prevent out-of-bound readings
     - LP: #1579190
   * mm: migrate dirty page without clear_page_dirty_for_io etc
     - LP: #1581865
     - CVE-2016-3070
   * virtio_balloon: return the amount of freed memory from leak_balloon()
     - LP: #1587087
   * virtio_balloon: free some memory from balloon on OOM
     - LP: #1587087

Source diff to previous version
1566221 linux: Enforce signed module loading when UEFI secure boot
1571691 linux: MokSBState is ignored
1595628 scsi-modules udeb should include pm80xx
1593075 linux: Implement secure boot state variables
1579190 Key 5 automatically pressed on some Logitech wireless keyboards
1587087 OOM in guest Ubuntu with inflated balloon
CVE-2016-3070 Null pointer dereference in trace_writeback_dirty_page()

Version: 3.16.0-76.98~14.04.1 2016-06-24 21:07:48 UTC

 linux-lts-utopic (3.16.0-76.98~14.04.1) trusty; urgency=low
 .
   [ Luis Henriques ]
 .
   * Release Tracking Bug
     - LP: #1596019
 .
   [ Upstream Kernel Changes ]
 .
   * netfilter: x_tables: validate e->target_offset early
     - LP: #1555338
     - CVE-2016-3134
   * netfilter: x_tables: make sure e->next_offset covers remaining blob
     size
     - LP: #1555338
     - CVE-2016-3134
   * netfilter: x_tables: fix unconditional helper
     - LP: #1555338
     - CVE-2016-3134
   * netfilter: x_tables: don't move to non-existent next rule
     - LP: #1595350
   * netfilter: x_tables: validate targets of jumps
     - LP: #1595350
   * netfilter: x_tables: add and use xt_check_entry_offsets
     - LP: #1595350
   * netfilter: x_tables: kill check_entry helper
     - LP: #1595350
   * netfilter: x_tables: assert minimum target size
     - LP: #1595350
   * netfilter: x_tables: add compat version of xt_check_entry_offsets
     - LP: #1595350
   * netfilter: x_tables: check standard target size too
     - LP: #1595350
   * netfilter: x_tables: check for bogus target offset
     - LP: #1595350
   * netfilter: x_tables: validate all offsets and sizes in a rule
     - LP: #1595350
   * netfilter: x_tables: don't reject valid target size on some
     architectures
     - LP: #1595350
   * netfilter: arp_tables: simplify translate_compat_table args
     - LP: #1595350
   * netfilter: ip_tables: simplify translate_compat_table args
     - LP: #1595350
   * netfilter: ip6_tables: simplify translate_compat_table args
     - LP: #1595350
   * netfilter: x_tables: xt_compat_match_from_user doesn't need a retval
     - LP: #1595350
   * netfilter: x_tables: do compat validation via translate_table
     - LP: #1595350
   * netfilter: x_tables: introduce and use xt_copy_counters_from_user
     - LP: #1595350
 .

Source diff to previous version
1595350 Linux netfilter local privilege escalation issues
CVE-2016-3134 The netfilter subsystem in the Linux kernel through 4.5.2 does not validate certain offset fields, which allows local users to gain privileges or cau

Version: 3.16.0-75.97~14.04.1 2016-06-24 06:08:04 UTC

 linux-lts-utopic (3.16.0-75.97~14.04.1) trusty; urgency=low
 .
   [ Kamal Mostafa ]
 .
   * Release Tracking Bug
     - LP: #1595703
 .
   [ Serge Hallyn ]
 .
   * SAUCE: add a sysctl to disable unprivileged user namespace unsharing
     - LP: #1555338, #1595350
 .

Source diff to previous version

Version: 3.16.0-74.96~14.04.1 2016-06-11 01:07:41 UTC

 linux-lts-utopic (3.16.0-74.96~14.04.1) trusty; urgency=low
 .
   [ Kamal Mostafa ]
 .
   * Release Tracking Bug
     - LP: #1591324
 .
   [ Kamal Mostafa ]
 .
   * [debian] getabis: Only git add $abidir if running in local repo
     - LP: #1584890
   * [debian] getabis: Fix inconsistent compiler versions check
     - LP: #1584890
 .
   [ Tim Gardner ]
 .
   * [Config] Remove arc4 from nic-modules
     - LP: #1582991
 .
   [ Upstream Kernel Changes ]
 .
   * Revert "usb: hub: do not clear BOS field during reset device"
     - LP: #1582864
   * mm/balloon_compaction: redesign ballooned pages management
     - LP: #1572562
   * mm/balloon_compaction: fix deflation when compaction is disabled
     - LP: #1572562
   * ALSA: timer: Fix leak in SNDRV_TIMER_IOCTL_PARAMS
     - LP: #1580379
     - CVE-2016-4569
   * ALSA: timer: Fix leak in events via snd_timer_user_ccallback
     - LP: #1581866
     - CVE-2016-4578
   * ALSA: timer: Fix leak in events via snd_timer_user_tinterrupt
     - LP: #1581866
     - CVE-2016-4578
   * net: fix a kernel infoleak in x25 module
     - LP: #1585366
     - CVE-2016-4580
   * get_rock_ridge_filename(): handle malformed NM entries
     - LP: #1583962
     - CVE-2016-4913
   * netfilter: Set /proc/net entries owner to root in namespace
     - LP: #1584953
   * USB: usbfs: fix potential infoleak in devio
     - LP: #1578493
     - CVE-2016-4482
   * IB/security: Restrict use of the write() interface
     - LP: #1580372
     - CVE-2016-4565

Source diff to previous version
1584890 debian.master/.../getabis bogus warnings \
1582991 conflicting modules in udebs - arc4.ko
1582864 use after free of BOS in usb_reset_and_verify_device
1572562 KASan: out of bounds access in isolate_migratepages_range
CVE-2016-4569 The snd_timer_user_params function in sound/core/timer.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows l
CVE-2016-4578 sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive infor
CVE-2016-4580 The x25_negotiate_facilities function in net/x25/x25_facilities.c in the Linux kernel before 4.5.5 does not properly initialize a certain data struct
CVE-2016-4913 The get_rock_ridge_filename function in fs/isofs/rock.c in the Linux kernel before 4.5.5 mishandles NM (aka alternate name) entries containing \0 cha
CVE-2016-4482 The proc_connectinfo function in drivers/usb/core/devio.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows
CVE-2016-4565 The InfiniBand (aka IB) stack in the Linux kernel before 4.5.3 incorrectly relies on the write system call, which allows local users to cause a denia

Version: 3.16.0-73.95~14.04.1 2016-06-09 12:07:45 UTC

 linux-lts-utopic (3.16.0-73.95~14.04.1) trusty; urgency=low
 .
   [ Kamal Mostafa ]
 .
   * CVE-2016-1583 (LP: #1588871)
     - ecryptfs: fix handling of directory opening
     - SAUCE: proc: prevent stacking filesystems on top
     - SAUCE: ecryptfs: forbid opening files without mmap handler

CVE-2016-1583 RESERVED



About   -   Send Feedback to @ubuntu_updates