linux-oracle: 4.15.0-1012.14 -proposed tracker

Bug #1826348 reported by Stefan Bader
12
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Kernel SRU Workflow
Invalid
Medium
Unassigned
Automated-testing
Invalid
Medium
Canonical Kernel Team
Certification-testing
Invalid
Medium
Canonical Hardware Certification
Prepare-package
Invalid
Medium
Khaled El Mously
Prepare-package-meta
Invalid
Medium
Khaled El Mously
Prepare-package-signed
Invalid
Medium
Khaled El Mously
Promote-to-proposed
Invalid
Medium
Łukasz Zemczak
Promote-to-security
Invalid
Medium
Ubuntu Stable Release Updates Team
Promote-to-updates
Invalid
Medium
Ubuntu Stable Release Updates Team
Regression-testing
Invalid
Medium
Canonical Kernel Team
Security-signoff
Invalid
Medium
Steve Beattie
Verification-testing
Invalid
Medium
Canonical Kernel Team
linux-oracle (Ubuntu)
Fix Released
Undecided
Unassigned
Bionic
Fix Released
Medium
Unassigned

Bug Description

This bug will contain status and test results related to a kernel source (or snap) as stated in the title.

For an explanation of the tasks and the associated workflow see:
  https://wiki.ubuntu.com/Kernel/kernel-sru-workflow

-- swm properties --
boot-testing-requested: true
phase: Holding before Release
phase-changed: Monday, 13. May 2019 10:12 UTC
proposed-announcement-sent: true
proposed-testing-requested: true

Stefan Bader (smb)
Changed in linux-oracle (Ubuntu):
status: New → Invalid
Changed in linux-oracle (Ubuntu Bionic):
importance: Undecided → Medium
tags: added: bionic
tags: added: kernel-release-tracking-bug
tags: added: kernel-release-tracking-bug-live
tags: added: kernel-sru-cycle-2019.04.22-1
description: updated
Stefan Bader (smb)
description: updated
tags: added: kernel-sru-derivative-of-1826358
Changed in kernel-sru-workflow:
status: New → In Progress
importance: Undecided → Medium
description: updated
description: updated
summary: - linux-oracle: <version to be filled> -proposed tracker
+ linux-oracle: 4.15.0-1012.14 -proposed tracker
description: updated
description: updated
tags: added: block-proposed-bionic
tags: added: block-proposed
description: updated
description: updated
description: updated
description: updated
description: updated
description: updated
description: updated
description: updated
description: updated
Sean Feole (sfeole)
tags: added: regression-testing-passed
description: updated
description: updated
description: updated
description: updated
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (13.1 KiB)

This bug was fixed in the package linux-oracle - 4.15.0-1013.15

---------------
linux-oracle (4.15.0-1013.15) bionic; urgency=medium

  [ Ubuntu: 4.15.0-50.54 ]

  * CVE-2018-12126 // CVE-2018-12127 // CVE-2018-12130
    - Documentation/l1tf: Fix small spelling typo
    - x86/cpu: Sanitize FAM6_ATOM naming
    - kvm: x86: Report STIBP on GET_SUPPORTED_CPUID
    - locking/atomics, asm-generic: Move some macros from <linux/bitops.h> to a
      new <linux/bits.h> file
    - tools include: Adopt linux/bits.h
    - x86/msr-index: Cleanup bit defines
    - x86/speculation: Consolidate CPU whitelists
    - x86/speculation/mds: Add basic bug infrastructure for MDS
    - x86/speculation/mds: Add BUG_MSBDS_ONLY
    - x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests
    - x86/speculation/mds: Add mds_clear_cpu_buffers()
    - x86/speculation/mds: Clear CPU buffers on exit to user
    - x86/kvm/vmx: Add MDS protection when L1D Flush is not active
    - x86/speculation/mds: Conditionally clear CPU buffers on idle entry
    - x86/speculation/mds: Add mitigation control for MDS
    - x86/speculation/mds: Add sysfs reporting for MDS
    - x86/speculation/mds: Add mitigation mode VMWERV
    - Documentation: Move L1TF to separate directory
    - Documentation: Add MDS vulnerability documentation
    - x86/speculation/mds: Add mds=full,nosmt cmdline option
    - x86/speculation: Move arch_smt_update() call to after mitigation decisions
    - x86/speculation/mds: Add SMT warning message
    - x86/speculation/mds: Fix comment
    - x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off
    - x86/speculation/mds: Add 'mitigations=' support for MDS
  * CVE-2017-5715 // CVE-2017-5753
    - s390/speculation: Support 'mitigations=' cmdline option
  * CVE-2017-5715 // CVE-2017-5753 // CVE-2017-5754 // CVE-2018-3639
    - powerpc/speculation: Support 'mitigations=' cmdline option
  * CVE-2017-5715 // CVE-2017-5754 // CVE-2018-3620 // CVE-2018-3639 //
    CVE-2018-3646
    - cpu/speculation: Add 'mitigations=' cmdline option
    - x86/speculation: Support 'mitigations=' cmdline option
  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log

linux-oracle (4.15.0-1012.14) bionic; urgency=medium

  * linux-oracle: 4.15.0-1012.14 -proposed tracker (LP: #1826348)

  * linux-oracle: Use upstream approach to fix a race when hot adding a VF
    (LP: #1825229)
    - Revert "UBUNTU: SAUCE: net_failover: delay taking over primary device to
      accommodate udevd renaming"
    - ipvlan, l3mdev: fix broken l3s mode wrt local routes
    - SAUCE: failover: allow name change on IFF_UP slave interfaces

  [ Ubuntu: 4.15.0-49.53 ]

  * linux: 4.15.0-49.53 -proposed tracker (LP: #1826358)
  * Backport support for software count cache flush Spectre v2 mitigation. (CVE)
    (required for POWER9 DD2.3) (LP: #1822870)
    - powerpc/64s: Add support for ori barrier_nospec patching
    - powerpc/64s: Patch barrier_nospec in modules
    - powerpc/64s: Enable barrier_nospec based on firmware settings
    - powerpc: Use barrier_nospec in copy_from_user()
    - powerpc/64: Use barrier_nospec in syscall entry
    - powerpc/64s: Enhance the information in cpu_show_...

Changed in linux-oracle (Ubuntu Bionic):
status: New → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (13.2 KiB)

This bug was fixed in the package linux-oracle - 4.15.0-1013.15~16.04.1

---------------
linux-oracle (4.15.0-1013.15~16.04.1) xenial; urgency=medium

  [ Ubuntu: 4.15.0-1013.15 ]

  * CVE-2018-12126 // CVE-2018-12127 // CVE-2018-12130
    - Documentation/l1tf: Fix small spelling typo
    - x86/cpu: Sanitize FAM6_ATOM naming
    - kvm: x86: Report STIBP on GET_SUPPORTED_CPUID
    - locking/atomics, asm-generic: Move some macros from <linux/bitops.h> to a
      new <linux/bits.h> file
    - tools include: Adopt linux/bits.h
    - x86/msr-index: Cleanup bit defines
    - x86/speculation: Consolidate CPU whitelists
    - x86/speculation/mds: Add basic bug infrastructure for MDS
    - x86/speculation/mds: Add BUG_MSBDS_ONLY
    - x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests
    - x86/speculation/mds: Add mds_clear_cpu_buffers()
    - x86/speculation/mds: Clear CPU buffers on exit to user
    - x86/kvm/vmx: Add MDS protection when L1D Flush is not active
    - x86/speculation/mds: Conditionally clear CPU buffers on idle entry
    - x86/speculation/mds: Add mitigation control for MDS
    - x86/speculation/mds: Add sysfs reporting for MDS
    - x86/speculation/mds: Add mitigation mode VMWERV
    - Documentation: Move L1TF to separate directory
    - Documentation: Add MDS vulnerability documentation
    - x86/speculation/mds: Add mds=full,nosmt cmdline option
    - x86/speculation: Move arch_smt_update() call to after mitigation decisions
    - x86/speculation/mds: Add SMT warning message
    - x86/speculation/mds: Fix comment
    - x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off
    - x86/speculation/mds: Add 'mitigations=' support for MDS
  * CVE-2017-5715 // CVE-2017-5753
    - s390/speculation: Support 'mitigations=' cmdline option
  * CVE-2017-5715 // CVE-2017-5753 // CVE-2017-5754 // CVE-2018-3639
    - powerpc/speculation: Support 'mitigations=' cmdline option
  * CVE-2017-5715 // CVE-2017-5754 // CVE-2018-3620 // CVE-2018-3639 //
    CVE-2018-3646
    - cpu/speculation: Add 'mitigations=' cmdline option
    - x86/speculation: Support 'mitigations=' cmdline option
  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log

linux-oracle (4.15.0-1012.14~16.04.1) xenial; urgency=medium

  * linux-oracle: 4.15.0-1012.14~16.04.1 -proposed tracker (LP: #1826346)

  [ Ubuntu: 4.15.0-1012.14 ]

  * linux-oracle: 4.15.0-1012.14 -proposed tracker (LP: #1826348)
  * linux-oracle: Use upstream approach to fix a race when hot adding a VF
    (LP: #1825229)
    - Revert "UBUNTU: SAUCE: net_failover: delay taking over primary device to
      accommodate udevd renaming"
    - ipvlan, l3mdev: fix broken l3s mode wrt local routes
    - SAUCE: failover: allow name change on IFF_UP slave interfaces
  * linux: 4.15.0-49.53 -proposed tracker (LP: #1826358)
  * Backport support for software count cache flush Spectre v2 mitigation. (CVE)
    (required for POWER9 DD2.3) (LP: #1822870)
    - powerpc/64s: Add support for ori barrier_nospec patching
    - powerpc/64s: Patch barrier_nospec in modules
    - powerpc/64s: Enable barrier_nospec based on firmware settings
    - powerpc: Use barrier_nospec in copy_from_user()
    - po...

Changed in linux-oracle (Ubuntu):
status: Invalid → Fix Released
description: updated
Stefan Bader (smb)
description: updated
Stefan Bader (smb)
tags: removed: kernel-sru-derivative-of-1826358
description: updated
tags: removed: kernel-release-tracking-bug-live
Changed in kernel-sru-workflow:
status: In Progress → Invalid
Changed in linux-oracle (Ubuntu):
status: Fix Released → Invalid
Changed in linux-oracle (Ubuntu Bionic):
status: Fix Released → Invalid
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (13.1 KiB)

This bug was fixed in the package linux-oracle - 4.15.0-1013.15

---------------
linux-oracle (4.15.0-1013.15) bionic; urgency=medium

  [ Ubuntu: 4.15.0-50.54 ]

  * CVE-2018-12126 // CVE-2018-12127 // CVE-2018-12130
    - Documentation/l1tf: Fix small spelling typo
    - x86/cpu: Sanitize FAM6_ATOM naming
    - kvm: x86: Report STIBP on GET_SUPPORTED_CPUID
    - locking/atomics, asm-generic: Move some macros from <linux/bitops.h> to a
      new <linux/bits.h> file
    - tools include: Adopt linux/bits.h
    - x86/msr-index: Cleanup bit defines
    - x86/speculation: Consolidate CPU whitelists
    - x86/speculation/mds: Add basic bug infrastructure for MDS
    - x86/speculation/mds: Add BUG_MSBDS_ONLY
    - x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests
    - x86/speculation/mds: Add mds_clear_cpu_buffers()
    - x86/speculation/mds: Clear CPU buffers on exit to user
    - x86/kvm/vmx: Add MDS protection when L1D Flush is not active
    - x86/speculation/mds: Conditionally clear CPU buffers on idle entry
    - x86/speculation/mds: Add mitigation control for MDS
    - x86/speculation/mds: Add sysfs reporting for MDS
    - x86/speculation/mds: Add mitigation mode VMWERV
    - Documentation: Move L1TF to separate directory
    - Documentation: Add MDS vulnerability documentation
    - x86/speculation/mds: Add mds=full,nosmt cmdline option
    - x86/speculation: Move arch_smt_update() call to after mitigation decisions
    - x86/speculation/mds: Add SMT warning message
    - x86/speculation/mds: Fix comment
    - x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off
    - x86/speculation/mds: Add 'mitigations=' support for MDS
  * CVE-2017-5715 // CVE-2017-5753
    - s390/speculation: Support 'mitigations=' cmdline option
  * CVE-2017-5715 // CVE-2017-5753 // CVE-2017-5754 // CVE-2018-3639
    - powerpc/speculation: Support 'mitigations=' cmdline option
  * CVE-2017-5715 // CVE-2017-5754 // CVE-2018-3620 // CVE-2018-3639 //
    CVE-2018-3646
    - cpu/speculation: Add 'mitigations=' cmdline option
    - x86/speculation: Support 'mitigations=' cmdline option
  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log

linux-oracle (4.15.0-1012.14) bionic; urgency=medium

  * linux-oracle: 4.15.0-1012.14 -proposed tracker (LP: #1826348)

  * linux-oracle: Use upstream approach to fix a race when hot adding a VF
    (LP: #1825229)
    - Revert "UBUNTU: SAUCE: net_failover: delay taking over primary device to
      accommodate udevd renaming"
    - ipvlan, l3mdev: fix broken l3s mode wrt local routes
    - SAUCE: failover: allow name change on IFF_UP slave interfaces

  [ Ubuntu: 4.15.0-49.53 ]

  * linux: 4.15.0-49.53 -proposed tracker (LP: #1826358)
  * Backport support for software count cache flush Spectre v2 mitigation. (CVE)
    (required for POWER9 DD2.3) (LP: #1822870)
    - powerpc/64s: Add support for ori barrier_nospec patching
    - powerpc/64s: Patch barrier_nospec in modules
    - powerpc/64s: Enable barrier_nospec based on firmware settings
    - powerpc: Use barrier_nospec in copy_from_user()
    - powerpc/64: Use barrier_nospec in syscall entry
    - powerpc/64s: Enhance the information in cpu_show_...

Changed in linux-oracle (Ubuntu Bionic):
status: Invalid → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (13.2 KiB)

This bug was fixed in the package linux-oracle - 4.15.0-1013.15~16.04.1

---------------
linux-oracle (4.15.0-1013.15~16.04.1) xenial; urgency=medium

  [ Ubuntu: 4.15.0-1013.15 ]

  * CVE-2018-12126 // CVE-2018-12127 // CVE-2018-12130
    - Documentation/l1tf: Fix small spelling typo
    - x86/cpu: Sanitize FAM6_ATOM naming
    - kvm: x86: Report STIBP on GET_SUPPORTED_CPUID
    - locking/atomics, asm-generic: Move some macros from <linux/bitops.h> to a
      new <linux/bits.h> file
    - tools include: Adopt linux/bits.h
    - x86/msr-index: Cleanup bit defines
    - x86/speculation: Consolidate CPU whitelists
    - x86/speculation/mds: Add basic bug infrastructure for MDS
    - x86/speculation/mds: Add BUG_MSBDS_ONLY
    - x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests
    - x86/speculation/mds: Add mds_clear_cpu_buffers()
    - x86/speculation/mds: Clear CPU buffers on exit to user
    - x86/kvm/vmx: Add MDS protection when L1D Flush is not active
    - x86/speculation/mds: Conditionally clear CPU buffers on idle entry
    - x86/speculation/mds: Add mitigation control for MDS
    - x86/speculation/mds: Add sysfs reporting for MDS
    - x86/speculation/mds: Add mitigation mode VMWERV
    - Documentation: Move L1TF to separate directory
    - Documentation: Add MDS vulnerability documentation
    - x86/speculation/mds: Add mds=full,nosmt cmdline option
    - x86/speculation: Move arch_smt_update() call to after mitigation decisions
    - x86/speculation/mds: Add SMT warning message
    - x86/speculation/mds: Fix comment
    - x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off
    - x86/speculation/mds: Add 'mitigations=' support for MDS
  * CVE-2017-5715 // CVE-2017-5753
    - s390/speculation: Support 'mitigations=' cmdline option
  * CVE-2017-5715 // CVE-2017-5753 // CVE-2017-5754 // CVE-2018-3639
    - powerpc/speculation: Support 'mitigations=' cmdline option
  * CVE-2017-5715 // CVE-2017-5754 // CVE-2018-3620 // CVE-2018-3639 //
    CVE-2018-3646
    - cpu/speculation: Add 'mitigations=' cmdline option
    - x86/speculation: Support 'mitigations=' cmdline option
  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log

linux-oracle (4.15.0-1012.14~16.04.1) xenial; urgency=medium

  * linux-oracle: 4.15.0-1012.14~16.04.1 -proposed tracker (LP: #1826346)

  [ Ubuntu: 4.15.0-1012.14 ]

  * linux-oracle: 4.15.0-1012.14 -proposed tracker (LP: #1826348)
  * linux-oracle: Use upstream approach to fix a race when hot adding a VF
    (LP: #1825229)
    - Revert "UBUNTU: SAUCE: net_failover: delay taking over primary device to
      accommodate udevd renaming"
    - ipvlan, l3mdev: fix broken l3s mode wrt local routes
    - SAUCE: failover: allow name change on IFF_UP slave interfaces
  * linux: 4.15.0-49.53 -proposed tracker (LP: #1826358)
  * Backport support for software count cache flush Spectre v2 mitigation. (CVE)
    (required for POWER9 DD2.3) (LP: #1822870)
    - powerpc/64s: Add support for ori barrier_nospec patching
    - powerpc/64s: Patch barrier_nospec in modules
    - powerpc/64s: Enable barrier_nospec based on firmware settings
    - powerpc: Use barrier_nospec in copy_from_user()
    - po...

Changed in linux-oracle (Ubuntu):
status: Invalid → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.