bionic/linux-gke-5.4: 5.4.0-1057.60~18.04.1 -proposed tracker

Bug #1952297 reported by Kleber Sacilotto de Souza
12
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Kernel SRU Workflow
Fix Released
Medium
Unassigned
Automated-testing
Fix Released
Medium
Khaled El Mously
Boot-testing
Fix Released
Medium
Unassigned
Certification-testing
Invalid
Medium
Unassigned
Prepare-package
Fix Released
Medium
Khaled El Mously
Prepare-package-meta
Fix Released
Medium
Khaled El Mously
Prepare-package-signed
Fix Released
Medium
Khaled El Mously
Promote-signing-to-proposed
Invalid
Medium
Unassigned
Promote-to-proposed
Fix Released
Medium
Andy Whitcroft
Promote-to-security
Fix Released
Medium
Andy Whitcroft
Promote-to-updates
Fix Released
Medium
Andy Whitcroft
Regression-testing
Fix Released
Medium
Khaled El Mously
Security-signoff
Fix Released
Medium
Steve Beattie
Sru-review
Fix Released
Medium
Andy Whitcroft
Verification-testing
Fix Released
Medium
Canonical Kernel Team
linux-gke-5.4 (Ubuntu)
Bionic
Fix Released
Medium
Unassigned

Bug Description

This bug will contain status and test results related to a kernel source (or snap) as stated in the title.

For an explanation of the tasks and the associated workflow see:
  https://wiki.ubuntu.com/Kernel/kernel-sru-workflow

-- swm properties --
boot-testing-requested: true
bugs-spammed: true
built:
  route-entry: 1
delta:
  promote-to-proposed:
  - signed
  - meta
  - main
  promote-to-security: []
  promote-to-updates:
  - main
  - meta
  - signed
  sru-review:
  - meta
  - main
  - signed
issue: KSRU-533
kernel-stable-master-bug: 1952298
packages:
  main: linux-gke-5.4
  meta: linux-meta-gke-5.4
  signed: linux-signed-gke-5.4
phase: Complete
phase-changed: Tuesday, 04. January 2022 23:02 UTC
proposed-announcement-sent: true
proposed-testing-requested: true
reason: {}
synthetic:
  :promote-to-as-proposed: Fix Released
trackers:
  bionic/linux-gke-5.4/gke-kernel: bug 1952296
variant: debs
versions:
  main: 5.4.0-1057.60~18.04.1
  meta: 5.4.0.1057.60~18.04.22
  signed: 5.4.0-1057.60~18.04.1
  source: 5.4.0-1057.60~18.04.1

CVE References

tags: added: kernel-release-tracking-bug-live
description: updated
tags: added: kernel-sru-cycle-2021.11.29-1
description: updated
tags: added: kernel-sru-backport-of-1952298
Changed in kernel-sru-workflow:
status: New → Confirmed
importance: Undecided → Medium
Changed in linux-gke-5.4 (Ubuntu Bionic):
importance: Undecided → Medium
Changed in kernel-sru-workflow:
status: Confirmed → Triaged
description: updated
Changed in kernel-sru-workflow:
status: Triaged → In Progress
tags: added: kernel-jira-issue-ksru-533
description: updated
description: updated
summary: - bionic/linux-gke-5.4: <version to be filled> -proposed tracker
+ bionic/linux-gke-5.4: 5.4.0-1057.60~18.04.1 -proposed tracker
description: updated
description: updated
description: updated
description: updated
description: updated
description: updated
description: updated
description: updated
description: updated
Andy Whitcroft (apw)
tags: added: kernel-signing-bot
description: updated
description: updated
description: updated
description: updated
description: updated
description: updated
description: updated
description: updated
description: updated
description: updated
Revision history for this message
Khaled El Mously (kmously) wrote :

ADT is good

tags: added: automated-testing-passed
description: updated
Revision history for this message
Khaled El Mously (kmously) wrote :

RT good

tags: added: regression-testing-passed
description: updated
description: updated
description: updated
description: updated
description: updated
description: updated
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (19.3 KiB)

This bug was fixed in the package linux-gke-5.4 - 5.4.0-1057.60~18.04.1

---------------
linux-gke-5.4 (5.4.0-1057.60~18.04.1) bionic; urgency=medium

  * bionic/linux-gke-5.4: 5.4.0-1057.60~18.04.1 -proposed tracker (LP: #1952297)

  [ Ubuntu: 5.4.0-1057.60 ]

  * focal/linux-gke: 5.4.0-1057.60 -proposed tracker (LP: #1952298)
  * Support builtin revoked certificates (LP: #1932029)
    - [Config] gke: Configure CONFIG_SYSTEM_REVOCATION_KEYS with revoked keys
  * focal/linux: 5.4.0-92.103 -proposed tracker (LP: #1952316)
  * Packaging resync (LP: #1786013)
    - [Packaging] resync update-dkms-versions helper
    - debian/dkms-versions -- update from kernel-versions (main/2021.11.29)
  * CVE-2021-4002
    - tlb: mmu_gather: add tlb_flush_*_range APIs
    - hugetlbfs: flush TLBs correctly after huge_pmd_unshare
  * Re-enable DEBUG_INFO_BTF where it was disabled (LP: #1945632)
    - [Config] Enable CONFIG_DEBUG_INFO_BTF on all arches
  * Focal linux-azure: Vm crash on Dv5/Ev5 (LP: #1950462)
    - KVM: VMX: eVMCS: make evmcs_sanitize_exec_ctrls() work again
    - jump_label: Fix usage in module __init
  * Support builtin revoked certificates (LP: #1932029)
    - Revert "UBUNTU: SAUCE: (lockdown) Make get_cert_list() not complain about
      cert lists that aren't present."
    - integrity: Move import of MokListRT certs to a separate routine
    - integrity: Load certs from the EFI MOK config table
    - certs: Add ability to preload revocation certs
    - integrity: Load mokx variables into the blacklist keyring
    - certs: add 'x509_revocation_list' to gitignore
    - SAUCE: Dump stack when X.509 certificates cannot be loaded
    - [Packaging] build canonical-revoked-certs.pem from branch/arch certs
    - [Packaging] Revoke 2012 UEFI signing certificate as built-in
    - [Config] Configure CONFIG_SYSTEM_REVOCATION_KEYS with revoked keys
  * Support importing mokx keys into revocation list from the mok table
    (LP: #1928679)
    - efi: Support for MOK variable config table
    - efi: mokvar-table: fix some issues in new code
    - efi: mokvar: add missing include of asm/early_ioremap.h
    - efi/mokvar: Reserve the table only if it is in boot services data
    - SAUCE: integrity: add informational messages when revoking certs
  * Support importing mokx keys into revocation list from the mok table
    (LP: #1928679) // CVE-2020-26541 when certificates are revoked via
    MokListXRT.
    - SAUCE: integrity: Load mokx certs from the EFI MOK config table
  * Focal update: v5.4.157 upstream stable release (LP: #1951883)
    - ARM: 9133/1: mm: proc-macros: ensure *_tlb_fns are 4B aligned
    - ARM: 9134/1: remove duplicate memcpy() definition
    - ARM: 9139/1: kprobes: fix arch_init_kprobes() prototype
    - ARM: 9141/1: only warn about XIP address when not compile testing
    - ipv6: use siphash in rt6_exception_hash()
    - ipv4: use siphash instead of Jenkins in fnhe_hashfun()
    - usbnet: sanity check for maxpacket
    - usbnet: fix error return code in usbnet_probe()
    - Revert "pinctrl: bcm: ns: support updated DT binding as syscon subnode"
    - ata: sata_mv: Fix the error handling of mv_chip_id()
    - nfc: port100: fix using -ERRNO as ...

Changed in linux-gke-5.4 (Ubuntu Bionic):
status: New → Fix Released
description: updated
description: updated
description: updated
description: updated
Revision history for this message
Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote : Workflow done!

All tasks have been completed and the bug is being set to Fix Released

Changed in kernel-sru-workflow:
status: In Progress → Fix Released
tags: removed: kernel-release-tracking-bug-live
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.