Latest Changelogs for all releases

  opennds (10.2.0+dfsg-1ubuntu0.24.10.1) oracular-security; urgency=medium

  * SECURITY UPDATE: Use after free
    - debian/patches/CVE-2024-25763.patch: Delete the client instead of
      changing state
    - CVE-2024-25763

 -- Bruce Cable <email address hidden> Thu, 27 Feb 2025 13:34:10 +1100

  linux-signed-gkeop (6.8.0-1008.10) noble; urgency=medium

  * Main version: 6.8.0-1008.10

  * Packaging resync (LP: #1786013)
    - [Packaging] debian/tracking-bug -- resync from main package

 -- Magali Lemes <email address hidden> Thu, 27 Feb 2025 09:30:54 -0300

  linux-meta-gkeop (6.8.0-1008.10) noble; urgency=medium

  * Main version: 6.8.0-1008.10

 -- Magali Lemes <email address hidden> Thu, 27 Feb 2025 09:30:34 -0300

  linux-signed-gke (6.8.0-1021.25) noble; urgency=medium

  * Main version: 6.8.0-1021.25

  * Packaging resync (LP: #1786013)
    - [Packaging] debian/tracking-bug -- resync from main package

 -- Kevin Becker <email address hidden> Wed, 26 Feb 2025 15:58:36 -0500

  linux-meta-gke (6.8.0-1021.25) noble; urgency=medium

  * Main version: 6.8.0-1021.25

 -- Kevin Becker <email address hidden> Wed, 26 Feb 2025 15:58:26 -0500

  linux-riscv-6.8 (6.8.0-56.58.1~22.04.1) jammy; urgency=medium

  * jammy/linux-riscv-6.8: 6.8.0-56.58.1~22.04.1 -proposed tracker
    (LP: #2098240)

  [ Ubuntu: 6.8.0-56.58.1 ]

  * noble/linux-riscv: 6.8.0-56.58.1 -proposed tracker (LP: #2098241)
  [ Ubuntu: 6.8.0-56.58 ]
  * noble/linux: 6.8.0-56.58 -proposed tracker (LP: #2098244)
  * Noble update: upstream stable patchset 2024-07-19 (LP: #2073603)
    - Revert "drm: Make drivers depends on DRM_DW_HDMI"
    - Revert "UBUNTU: [Config] Drivers now depend on DRM_DW_HDMI"
  * drm/amd/display: Add check for granularity in dml ceil/floor helpers
    (LP: #2098080)
    - drm/amd/display: Add check for granularity in dml ceil/floor helpers
  * optimized default EPP for GNR family (LP: #2097554)
    - cpufreq: intel_pstate: Update Balance-performance EPP for Granite Rapids
  * Incorrect LAPIC/x2APIC parsing order (LP: #2097455)
    - x86/acpi: Fix LAPIC/x2APIC parsing order
  * MGLRU: page allocation failure on NUMA-enabled systems (LP: #2097214)
    - mm/vmscan: wake up flushers conditionally to avoid cgroup OOM
  * Upstream commit 65357e2c164a: "RDMA/mana_ib: set node_guid" applied
    incorrectly (LP: #2096885)
    - Revert "RDMA/mana_ib: set node_guid"
  * AppArmor early policy load not funcitoning (LP: #2095370)
    - SAUCE: Revert "UBUNTU: SAUCE: apparmor4.0.0 [67/90]: userns - add the
      ability to reference a global variable for a feature value"
  * apparmor unconfined profile blocks pivot_root (LP: #2067900)
    - SAUCE: Revert "UBUNTU: SAUCE: apparmor4.0.0 [81/90]: apparmor: convert easy
      uses of unconfined() to label_mediates()"
  * CVE-2024-50117
    - drm/amd: Guard against bad data for ATIF ACPI method
  * CVE-2024-56582
    - btrfs: fix use-after-free in btrfs_encoded_read_endio()
  * CVE-2024-53165
    - sh: intc: Fix use-after-free bug in register_intc_controller()
  * CVE-2024-53156
    - wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service()
  * CVE-2024-56663
    - wifi: nl80211: fix NL80211_ATTR_MLO_LINK_ID off-by-one
  * CVE-2024-56614
    - xsk: fix OOB map writes when deleting elements
  * VM boots slowly with large-BAR GPU Passthrough due to pci/probe.c redundancy
    (LP: #2097389)
    - PCI: Batch BAR sizing operations
  * Noble update: upstream stable patchset 2025-02-04 (LP: #2097393)
    - Revert "PCI/MSI: Provide stubs for IMS functions"
    - gfs2: Revert "introduce qd_bh_get_or_undo"
    - gfs2: qd_check_sync cleanups
    - gfs2: Revert "ignore negated quota changes"
    - Revert "powerpc/ps3_defconfig: Disable PPC64_BIG_ENDIAN_ELF_ABI_V2"
    - tracing: Have saved_cmdlines arrays all in one allocation
    - spi: spi-fsl-lpspi: remove redundant spi_controller_put call
    - ata: ahci: Add mask_port_map module parameter
    - ASoC: tas2781: mark dvc_tlv with __maybe_unused
    - scsi: sd: Do not repeat the starting disk message
    - bootconfig: Fix the kerneldoc of _xbc_exit()
    - perf sched: Move start_work_mutex and work_done_wait_mutex in

  opennds (10.2.0+dfsg-1ubuntu0.24.10.1) oracular-security; urgency=medium

  * SECURITY UPDATE: Use after free
    - debian/patches/CVE-2024-25763.patch: Delete the client instead of
      changing state
    - CVE-2024-25763

 -- Bruce Cable <email address hidden> Thu, 27 Feb 2025 13:34:10 +1100

  linux-signed-kvm (5.4.0-1128.137) focal; urgency=medium

  * Main version: 5.4.0-1128.137

  * Packaging resync (LP: #1786013)
    - [Packaging] debian/tracking-bug -- resync from main package

 -- Wei-Lin Chang <email address hidden> Thu, 20 Feb 2025 19:44:54 +0800

  linux-signed-hwe-5.15 (5.15.0-135.146~20.04.1) focal; urgency=medium

  * Main version: 5.15.0-135.146~20.04.1

  * Packaging resync (LP: #1786013)
    - [Packaging] debian/tracking-bug -- resync from main package

 -- Stefan Bader <email address hidden> Thu, 20 Feb 2025 11:56:01 +0100

  linux-meta-kvm (5.4.0.1128.124) focal; urgency=medium

  * Bump ABI 5.4.0-1128

 -- Wei-Lin Chang <email address hidden> Thu, 20 Feb 2025 19:44:26 +0800

  linux-meta-hwe-5.15 (5.15.0.135.146~20.04.1) focal; urgency=medium

  * Bump ABI 5.15.0-135.146~20.04

 -- Stefan Bader <email address hidden> Thu, 20 Feb 2025 11:56:43 +0100

  linux-hwe-5.15 (5.15.0-135.146~20.04.1) focal; urgency=medium

  * focal/linux-hwe-5.15: 5.15.0-135.146~20.04.1 -proposed tracker
    (LP: #2098298)

  [ Ubuntu: 5.15.0-135.146 ]

  * jammy/linux: 5.15.0-135.146 -proposed tracker (LP: #2098300)
  * Packaging resync (LP: #1786013)
    - [Packaging] debian.master/dkms-versions -- update from kernel-versions
      (main/2025.02.10)
  * Jammy update: v5.15.178 upstream stable release (LP: #2098441)
    - ASoC: wm8994: Add depends on MFD core
    - ASoC: samsung: Add missing selects for MFD_WM8994
    - seccomp: Stub for !CONFIG_SECCOMP
    - scsi: iscsi: Fix redundant response for ISCSI_UEVENT_GET_HOST_STATS request
    - irqchip/sunxi-nmi: Add missing SKIP_WAKE flag
    - ASoC: samsung: Add missing depends on I2C
    - regmap: detach regmap from dev on regmap_exit
    - mptcp: don't always assume copied data in mptcp_cleanup_rbuf()
    - gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag
    - net: sched: fix ets qdisc OOB Indexing
    - vfio/platform: check the bounds of read/write syscalls
    - fs/ntfs3: Additional check in ntfs_file_release
    - platform/chrome: cros_ec_typec: Check for EC driver
    - ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find()
    - scsi: storvsc: Ratelimit warning logs to prevent VM denial of service
    - wifi: iwlwifi: add a few rate index validity checks
    - USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb()
    - ALSA: usb-audio: Add delay quirk for USB Audio Device
    - Input: atkbd - map F23 key to support default copilot shortcut
    - Input: xpad - add unofficial Xbox 360 wireless receiver clone
    - Input: xpad - add support for wooting two he (arm)
    - drm/v3d: Assign job pointer to NULL before signaling the fence
    - Linux 5.15.178
  * CVE-2024-49925
    - fbdev: efifb: Register sysfs groups through driver core
  * Jammy update: v5.15.177 upstream stable release (LP: #2097298)
    - ceph: give up on paths longer than PATH_MAX
    - jbd2: flush filesystem device before updating tail sequence
    - dm array: fix releasing a faulty array block twice in dm_array_cursor_end
    - dm array: fix unreleased btree blocks on closing a faulty array cursor
    - dm array: fix cursor index when skipping across block boundaries
    - exfat: fix the infinite loop in exfat_readdir()
    - exfat: fix the infinite loop in __exfat_free_cluster()
    - ASoC: mediatek: disable buffer pre-allocation
    - ieee802154: ca8210: Add missing check for kfifo_alloc() in ca8210_probe()
    - net: 802: LLC+SNAP OID:PID lookup on start of skb data
    - tcp/dccp: complete lockless accesses to sk->sk_max_ack_backlog
    - tcp/dccp: allow a connection when sk_max_ack_backlog is zero
    - net_sched: cls_flow: validate TCA_FLOW_RSHIFT attribute
    - bnxt_en: Fix possible memory leak when hwrm_req_replace fails
    - cxgb4: Avoid removal of uninserted tid
    - tls: Fix tls_sw_sendmsg error handling
    - netfilter: nf_tables: imbal

  libreoffice (4:24.8.5-0ubuntu0.24.10.1) oracular; urgency=medium

  * New upstream release (LP: #2098640)
  * Refresh external-flags.patch

 -- Rico Tzschichholz <email address hidden> Thu, 13 Feb 2025 17:41:18 +0100

  libreoffice (4:24.8.5-0ubuntu0.24.10.1) oracular; urgency=medium

  * New upstream release (LP: #2098640)
  * Refresh external-flags.patch

 -- Rico Tzschichholz <email address hidden> Thu, 13 Feb 2025 17:41:18 +0100

  valkey (7.2.8+dfsg1-0ubuntu0.24.10.1) oracular; urgency=medium

  * New upstream version 7.2.8 (LP: #2097546)
    - Security fixes:
      + CVE-2024-46981: Lua script commands may lead to remote code
        execution.
      + CVE-2024-51741: Denial-of-service due to malformed ACL
        selectors.
    - Bug fixes:
      + Fix extra memory use when storing strings in inline protocol.
      + Fix error message when FUNCTION KILL is used on a script.
      + Fix last accessed time update using TOUCH with CLIENT NO-TOUCH
        option.

 -- Lena Voytek <email address hidden> Thu, 06 Feb 2025 09:14:14 -0500