UbuntuUpdates.org

Package "linux"

This package belongs to a PPA: Canonical Kernel Team

Name: linux

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Linux kernel version specific cloud tools for version 3.13.0-91
  • Linux kernel version specific cloud tools for version 3.13.0-91
  • Linux kernel version specific cloud tools for version 3.13.0-91
  • Linux kernel headers for version 3.13.0 on 64 bit x86 SMP

Latest version: 3.13.0-91.138
Release: trusty (14.04)
Level: base
Repository: main

Links



Other versions of "linux" in Trusty

Repository Area Version
base main 3.13.0-24.46
security main 3.13.0-170.220
updates main 3.13.0-170.220

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 3.13.0-91.138 2019-06-26 06:09:45 UTC

 linux (3.13.0-91.138) trusty; urgency=medium
 .
   [ Luis Henriques ]
 .
   * Release Tracking Bug
     - LP: #1595991
 .
   [ Upstream Kernel Changes ]
 .
   * netfilter: x_tables: validate e->target_offset early
     - LP: #1555338
     - CVE-2016-3134
   * netfilter: x_tables: make sure e->next_offset covers remaining blob
     size
     - LP: #1555338
     - CVE-2016-3134
   * netfilter: x_tables: fix unconditional helper
     - LP: #1555338
     - CVE-2016-3134
   * netfilter: x_tables: don't move to non-existent next rule
     - LP: #1595350
   * netfilter: x_tables: validate targets of jumps
     - LP: #1595350
   * netfilter: x_tables: add and use xt_check_entry_offsets
     - LP: #1595350
   * netfilter: x_tables: kill check_entry helper
     - LP: #1595350
   * netfilter: x_tables: assert minimum target size
     - LP: #1595350
   * netfilter: x_tables: add compat version of xt_check_entry_offsets
     - LP: #1595350
   * netfilter: x_tables: check standard target size too
     - LP: #1595350
   * netfilter: x_tables: check for bogus target offset
     - LP: #1595350
   * netfilter: x_tables: validate all offsets and sizes in a rule
     - LP: #1595350
   * netfilter: x_tables: don't reject valid target size on some
     architectures
     - LP: #1595350
   * netfilter: arp_tables: simplify translate_compat_table args
     - LP: #1595350
   * netfilter: ip_tables: simplify translate_compat_table args
     - LP: #1595350
   * netfilter: ip6_tables: simplify translate_compat_table args
     - LP: #1595350
   * netfilter: x_tables: xt_compat_match_from_user doesn't need a retval
     - LP: #1595350
   * netfilter: x_tables: do compat validation via translate_table
     - LP: #1595350
   * netfilter: x_tables: introduce and use xt_copy_counters_from_user
     - LP: #1595350
 .

Source diff to previous version
1595350 Linux netfilter local privilege escalation issues
CVE-2016-3134 The netfilter subsystem in the Linux kernel through 4.5.2 does not validate certain offset fields, which allows local users to gain privileges or cau

Version: 3.13.0-169.219 2019-04-03 17:08:44 UTC

 linux (3.13.0-169.219) trusty; urgency=medium
 .
   * linux: 3.13.0-169.219 -proposed tracker (LP: #1822883)
 .
   * Packaging resync (LP: #1786013)
     - [Packaging] update helper scripts
     - [Packaging] resync retpoline extraction

Source diff to previous version
1786013 Packaging resync

Version: 3.13.0-168.218 2019-03-14 20:08:23 UTC

 linux (3.13.0-168.218) trusty; urgency=medium
 .
   * linux: 3.13.0-168.218 -proposed tracker (LP: #1819663)
 .
   * CVE-2019-9213
     - mm: enforce min addr even if capable() in expand_downwards()
 .
   * CVE-2019-3460
     - Bluetooth: Check L2CAP option sizes returned from l2cap_get_conf_opt
 .
   * CVE-2017-1000410
     - Bluetooth: Prevent stack info leak from the EFS element.
 .
   * ixgbe: Kernel Oops when attempting to disable spoofchk in a non-existing VF
     (LP: #1815501)
     - ixgbe: check for vfs outside of sriov_num_vfs before dereference
 .
   * CVE-2018-19824
     - ALSA: usb-audio: Fix UAF decrement if card has no live interfaces in card.c
 .
   * CVE-2019-3459
     - Bluetooth: Verify that l2cap_get_conf_opt provides large enough buffer
 .
   * CVE-2019-7222
     - KVM: x86: work around leak of uninitialized stack contents (CVE-2019-7222)
 .
   * CVE-2019-6974
     - kvm: fix kvm_ioctl_create_device() reference counting (CVE-2019-6974)
 .
   * CVE-2017-18360
     - USB: serial: io_ti: fix div-by-zero in set_termios

Source diff to previous version
1815501 ixgbe: Kernel Oops when attempting to disable spoofchk in a non-existing VF
CVE-2019-9213 In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to
CVE-2019-3460 Heap data infoleak in multiple locations including functionl2cap_parse_conf_rsp
CVE-2017-1000410 The Linux kernel version 3.3-rc1 and later is affected by a vulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and Conf
CVE-2018-19824 In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with ze
CVE-2019-3459 Heap address infoleak in use of l2cap_get_conf_opt
CVE-2019-7222 KVM: x86: work around leak of uninitialized stack contents
CVE-2019-6974 In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading
CVE-2017-18360 In change_port_settings in drivers/usb/serial/io_ti.c in the Linux kernel before 4.11.3, local users could cause a denial of service by division-by-z

Version: 3.13.0-167.217 2019-03-13 20:08:29 UTC

 linux (3.13.0-167.217) trusty; urgency=medium
 .
   * linux: 3.13.0-167.217 -proposed tracker (LP: #1819917)
 .
   * Packaging resync (LP: #1786013)
     - [Packaging] resync getabis
     - [Packaging] update helper scripts
     - [Packaging] resync retpoline extraction
 .
   * linux-cloud-tools-common 3.13.0-166.216 in Trusty is missing contents of
     /usr/sbin (LP: #1819869)
     - Revert "UBUNTU: [Packaging] skip cloud tools packaging when not building
       package"

Source diff to previous version
1786013 Packaging resync
1819869 linux-cloud-tools-common 3.13.0-166.216 in Trusty is missing contents of /usr/sbin

Version: 3.13.0-166.216 2019-02-07 22:09:42 UTC

 linux (3.13.0-166.216) trusty; urgency=medium
 .
   * linux: 3.13.0-166.216 -proposed tracker (LP: #1814645)
 .
   * linux-buildinfo: pull out ABI information into its own package
     (LP: #1806380)
     - [Packaging] limit preparation to linux-libc-dev in headers
     - [Packaging] commonise debhelper invocation
     - [Packaging] ABI -- accumulate abi information at the end of the build
     - [Packaging] buildinfo -- add basic build information
     - [Packaging] buildinfo -- add firmware information to the flavour ABI
     - [Packaging] buildinfo -- add compiler information to the flavour ABI
     - [Packaging] buildinfo -- add buildinfo support to getabis
     - [Config] buildinfo -- add retpoline version markers
     - [Packaging] getabis -- handle all known package combinations
     - [Packaging] getabis -- support parsing a simple version
     - [Packaging] autoreconstruct -- base tag is always primary mainline version
 .
   * signing: only install a signed kernel (LP: #1764794)
     - [Debian] usbip tools packaging
     - [Debian] Don't fail if a symlink already exists
     - [Debian] perf -- build in the context of the full generated local headers
     - [Debian] basic hook support
     - [Debian] follow rename of DEB_BUILD_PROFILES
     - [Debian] standardise on stage1 for the bootstrap stage in line with debian
     - [Debian] set do_*_tools after stage1 or bootstrap is determined
     - [Debian] initscripts need installing when making the package
     - [Packaging] reconstruct -- automatically reconstruct against base tag
     - [Debian] add feature interlock with mainline builds
     - [Debian] Remove generated intermediate files on clean
     - [Packaging] prevent linux-*-tools-common from being produced from non linux
       packages
     - SAUCE: ubuntu: vbox -- elide the new symlinks and reconstruct on clean:
     - [Debian] Update to new signing key type and location
     - [Packaging] autoreconstruct -- generate extend-diff-ignore for links
     - [Packaging] reconstruct -- update when inserting final changes
     - [Packaging] update to Debian like control scripts
     - [Packaging] switch to triggers for postinst.d postrm.d handling
     - [Packaging] signing -- switch to raw-signing tarballs
     - [Packaging] signing -- switch to linux-image as signed when available
     - [Packaging] printenv -- add signing options
     - [Packaging] fix invocation of header postinst hooks
     - [Packaging] signing -- add support for signing Opal kernel binaries
     - [Debian] Use src_pkg_name when constructing udeb control files
     - [Debian] Dynamically determine linux udebs package name
     - [Packaging] handle both linux-lts* and linux-hwe* as backports
     - [Config] linux-source-* is in the primary linux namespace
     - [Packaging] lookup the upstream tag
     - [Packaging] switch up to debhelper 9
     - [Packaging] autopkgtest -- disable d-i when dropping flavours
     - [debian] support for ship_extras_package=false
     - [Debian] do_common_tools should always be on
     - [debian] do not force do_tools_common
     - [Packaging] skip cloud tools packaging when not building package
     - [debian] prep linux-libc-dev only if do_libc_dev_package=true
 .
   * Packaging resync (LP: #1786013)
     - [Packaging] update helper scripts
 .
   * kernel oops in bcache module (LP: #1793901)
     - SAUCE: bcache: never writeback a discard operation
 .
   * iptables connlimit allows more connections than the limit when using
     multiple CPUs (LP: #1811094)
     - netfilter: connlimit: improve packet-to-closed-connection logic
     - netfilter: nf_conncount: fix garbage collection confirm race
     - netfilter: nf_conncount: don't skip eviction when age is negative
 .
   * CVE-2019-6133
     - fork: record start_time late
 .
   * test_095_kernel_symbols_missing_proc_self_stack failed on P-LTS
     (LP: #1813001)
     - procfs: make /proc/*/{stack, syscall, personality} 0400

1806380 linux-buildinfo: pull out ABI information into its own package
1764794 signing: only install a signed kernel
1786013 Packaging resync
1793901 kernel oops in bcache module
1811094 iptables connlimit allows more connections than the limit when using multiple CPUs
1813001 test_095_kernel_symbols_missing_proc_self_stack failed on P-LTS
CVE-2019-6133 In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization deci



About   -   Send Feedback to @ubuntu_updates