Package "linux-lts-utopic-cloud-tools-3.16.0-76"
Name: |
linux-lts-utopic-cloud-tools-3.16.0-76
|
Description: |
Linux kernel version specific cloud tools for version 3.16.0-76
|
Latest version: |
3.16.0-76.98~14.04.1 |
Release: |
trusty (14.04) |
Level: |
base |
Repository: |
main |
Head package: |
linux-lts-utopic |
Links
Download "linux-lts-utopic-cloud-tools-3.16.0-76"
Other versions of "linux-lts-utopic-cloud-tools-3.16.0-76" in Trusty
No other version of this package is available
in the Trusty release.
Changelog
linux-lts-utopic (3.16.0-77.99~14.04.1) trusty; urgency=low
.
[ Kamal Mostafa ]
.
* Release Tracking Bug
- LP: #1597047
.
[ Josh Boyer ]
.
* SAUCE: UEFI: acpi: Ignore acpi_rsdp kernel parameter when module
loading is restricted
- LP: #1566221
* SAUCE: UEFI: efi: Make EFI_SECURE_BOOT_SIG_ENFORCE depend on EFI
- LP: #1566221
* SAUCE: UEFI MODSIGN: Import certificates from UEFI Secure Boot
- LP: #1571691
* SAUCE: UEFI: efi: Disable secure boot if shim is in insecure mode
- LP: #1571691
.
[ Matthew Garrett ]
.
* SAUCE: UEFI: Add secure_modules() call
- LP: #1566221
* SAUCE: UEFI: PCI: Lock down BAR access when module security is enabled
- LP: #1566221
* SAUCE: UEFI: x86: Lock down IO port access when module security is
enabled
- LP: #1566221
* SAUCE: UEFI: ACPI: Limit access to custom_method
- LP: #1566221
* SAUCE: UEFI: asus-wmi: Restrict debugfs interface when module loading
is restricted
- LP: #1566221
* SAUCE: UEFI: Restrict /dev/mem and /dev/kmem when module loading is
restricted
- LP: #1566221
* SAUCE: UEFI: kexec: Disable at runtime if the kernel enforces module
loading restrictions
- LP: #1566221
* SAUCE: UEFI: x86: Restrict MSR access when module loading is restricted
- LP: #1566221
* SAUCE: UEFI: Add option to automatically enforce module signatures when
in Secure Boot mode
- LP: #1566221
.
[ Stefan Bader ]
.
* [Config] Add pm80xx scsi driver to d-i
- LP: #1595628
.
[ Tim Gardner ]
.
* [Config] CONFIG_EFI_SECURE_BOOT_SIG_ENFORCE=y
* SAUCE: UEFI: Display MOKSBState when disabled
- LP: #1571691
* SAUCE: UEFI: Add secure boot and MOK SB State disabled sysctl
- LP: #1593075
.
[ Upstream Kernel Changes ]
.
* HID: core: prevent out-of-bound readings
- LP: #1579190
* mm: migrate dirty page without clear_page_dirty_for_io etc
- LP: #1581865
- CVE-2016-3070
* virtio_balloon: return the amount of freed memory from leak_balloon()
- LP: #1587087
* virtio_balloon: free some memory from balloon on OOM
- LP: #1587087
|
Source diff to previous version |
1566221 |
linux: Enforce signed module loading when UEFI secure boot |
1571691 |
linux: MokSBState is ignored |
1595628 |
scsi-modules udeb should include pm80xx |
1593075 |
linux: Implement secure boot state variables |
1579190 |
Key 5 automatically pressed on some Logitech wireless keyboards |
1587087 |
OOM in guest Ubuntu with inflated balloon |
CVE-2016-3070 |
Null pointer dereference in trace_writeback_dirty_page() |
|
linux-lts-utopic (3.16.0-76.98~14.04.1) trusty; urgency=low
.
[ Luis Henriques ]
.
* Release Tracking Bug
- LP: #1596019
.
[ Upstream Kernel Changes ]
.
* netfilter: x_tables: validate e->target_offset early
- LP: #1555338
- CVE-2016-3134
* netfilter: x_tables: make sure e->next_offset covers remaining blob
size
- LP: #1555338
- CVE-2016-3134
* netfilter: x_tables: fix unconditional helper
- LP: #1555338
- CVE-2016-3134
* netfilter: x_tables: don't move to non-existent next rule
- LP: #1595350
* netfilter: x_tables: validate targets of jumps
- LP: #1595350
* netfilter: x_tables: add and use xt_check_entry_offsets
- LP: #1595350
* netfilter: x_tables: kill check_entry helper
- LP: #1595350
* netfilter: x_tables: assert minimum target size
- LP: #1595350
* netfilter: x_tables: add compat version of xt_check_entry_offsets
- LP: #1595350
* netfilter: x_tables: check standard target size too
- LP: #1595350
* netfilter: x_tables: check for bogus target offset
- LP: #1595350
* netfilter: x_tables: validate all offsets and sizes in a rule
- LP: #1595350
* netfilter: x_tables: don't reject valid target size on some
architectures
- LP: #1595350
* netfilter: arp_tables: simplify translate_compat_table args
- LP: #1595350
* netfilter: ip_tables: simplify translate_compat_table args
- LP: #1595350
* netfilter: ip6_tables: simplify translate_compat_table args
- LP: #1595350
* netfilter: x_tables: xt_compat_match_from_user doesn't need a retval
- LP: #1595350
* netfilter: x_tables: do compat validation via translate_table
- LP: #1595350
* netfilter: x_tables: introduce and use xt_copy_counters_from_user
- LP: #1595350
.
|
Source diff to previous version |
1595350 |
Linux netfilter local privilege escalation issues |
CVE-2016-3134 |
The netfilter subsystem in the Linux kernel through 4.5.2 does not validate certain offset fields, which allows local users to gain privileges or cau |
|
linux-lts-utopic (3.16.0-75.97~14.04.1) trusty; urgency=low
.
[ Kamal Mostafa ]
.
* Release Tracking Bug
- LP: #1595703
.
[ Serge Hallyn ]
.
* SAUCE: add a sysctl to disable unprivileged user namespace unsharing
- LP: #1555338, #1595350
.
|
Source diff to previous version |
linux-lts-utopic (3.16.0-74.96~14.04.1) trusty; urgency=low
.
[ Kamal Mostafa ]
.
* Release Tracking Bug
- LP: #1591324
.
[ Kamal Mostafa ]
.
* [debian] getabis: Only git add $abidir if running in local repo
- LP: #1584890
* [debian] getabis: Fix inconsistent compiler versions check
- LP: #1584890
.
[ Tim Gardner ]
.
* [Config] Remove arc4 from nic-modules
- LP: #1582991
.
[ Upstream Kernel Changes ]
.
* Revert "usb: hub: do not clear BOS field during reset device"
- LP: #1582864
* mm/balloon_compaction: redesign ballooned pages management
- LP: #1572562
* mm/balloon_compaction: fix deflation when compaction is disabled
- LP: #1572562
* ALSA: timer: Fix leak in SNDRV_TIMER_IOCTL_PARAMS
- LP: #1580379
- CVE-2016-4569
* ALSA: timer: Fix leak in events via snd_timer_user_ccallback
- LP: #1581866
- CVE-2016-4578
* ALSA: timer: Fix leak in events via snd_timer_user_tinterrupt
- LP: #1581866
- CVE-2016-4578
* net: fix a kernel infoleak in x25 module
- LP: #1585366
- CVE-2016-4580
* get_rock_ridge_filename(): handle malformed NM entries
- LP: #1583962
- CVE-2016-4913
* netfilter: Set /proc/net entries owner to root in namespace
- LP: #1584953
* USB: usbfs: fix potential infoleak in devio
- LP: #1578493
- CVE-2016-4482
* IB/security: Restrict use of the write() interface
- LP: #1580372
- CVE-2016-4565
|
Source diff to previous version |
1584890 |
debian.master/.../getabis bogus warnings \ |
1582991 |
conflicting modules in udebs - arc4.ko |
1582864 |
use after free of BOS in usb_reset_and_verify_device |
1572562 |
KASan: out of bounds access in isolate_migratepages_range |
CVE-2016-4569 |
The snd_timer_user_params function in sound/core/timer.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows l |
CVE-2016-4578 |
sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive infor |
CVE-2016-4580 |
The x25_negotiate_facilities function in net/x25/x25_facilities.c in the Linux kernel before 4.5.5 does not properly initialize a certain data struct |
CVE-2016-4913 |
The get_rock_ridge_filename function in fs/isofs/rock.c in the Linux kernel before 4.5.5 mishandles NM (aka alternate name) entries containing \0 cha |
CVE-2016-4482 |
The proc_connectinfo function in drivers/usb/core/devio.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows |
CVE-2016-4565 |
The InfiniBand (aka IB) stack in the Linux kernel before 4.5.3 incorrectly relies on the write system call, which allows local users to cause a denia |
|
linux-lts-utopic (3.16.0-73.95~14.04.1) trusty; urgency=low
.
[ Kamal Mostafa ]
.
* CVE-2016-1583 (LP: #1588871)
- ecryptfs: fix handling of directory opening
- SAUCE: proc: prevent stacking filesystems on top
- SAUCE: ecryptfs: forbid opening files without mmap handler
|
|
About
-
Send Feedback to @ubuntu_updates