Bug #1705562 “linux-gke: 4.4.0-1022.22 -proposed tracker” : Series verification-testing : Bugs : Kernel SRU Workflow

Thadeu Lima de Souza Cascardo (cascardo) on 2017-07-20

tags:	added: kernel-release-tracking-bug
tags:	added: kernel-release-tracking-bug-live
tags:	added: block-proposed-xenial
tags:	added: xenial
Changed in kernel-sru-workflow:
status:	New → In Progress
importance:	Undecided → Medium
Changed in linux-gke (Ubuntu):
status:	New → Invalid
tags:	added: kernel-sru-cycle-2017.06.28-5

Brad Figg (brad-figg) on 2017-07-20

description:	updated
description:	updated

Brad Figg (brad-figg) on 2017-07-20

description:	updated
description:	updated

Brad Figg (brad-figg) on 2017-07-21

tags:	added: block-proposed
description:	updated

Revision history for this message

Launchpad Janitor (janitor) wrote on 2017-07-21:

#1

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in linux-gke (Ubuntu Xenial):
status:	New → Confirmed

Brad Figg (brad-figg) on 2017-07-21

description:	updated
description:	updated

Thadeu Lima de Souza Cascardo (cascardo) on 2017-07-21

description:

updated

Brad Figg (brad-figg) on 2017-07-21

description:

updated

Kleber Sacilotto de Souza (kleber-souza) on 2017-07-25

tags:

added: regression-testing-passed

Brad Figg (brad-figg) on 2017-07-25

tags:	removed: block-proposed-xenial
tags:	removed: block-proposed

Revision history for this message

Launchpad Janitor (janitor) wrote on 2017-07-25:

#2

Download full text (15.4 KiB)

This bug was fixed in the package linux-gke - 4.4.0-1022.22

---------------
linux-gke (4.4.0-1022.22) xenial; urgency=low

* linux-gke: 4.4.0-1022.22 -proposed tracker (LP: #1705562)

* sock_recvmsg has dropped size argument (LP: #1701697)
- Packaging: Breaks yet another iscsitarget-dkms version

linux-gke (4.4.0-1021.21) xenial; urgency=low

* linux-gke: 4.4.0-1021.21 -proposed tracker (LP: #1704991)

[ Ubuntu: 4.4.0-87.110 ]

  * linux: 4.4.0-87.110 -proposed tracker (LP: #1704982)
  * CVE-2017-1000364
    - mm/mmap.c: do not blow on PROT_NONE MAP_FIXED holes in the stack
    - mm/mmap.c: expand_downwards: don't require the gap if !vm_prev
  * CIFS causes oops (LP: #1704857)
    - CIFS: Fix null pointer deref during read resp processing
    - CIFS: Fix some return values in case of error in 'crypt_message'

linux-gke (4.4.0-1020.20) xenial; urgency=low

* linux-gke: 4.4.0-1020.20 -proposed tracker (LP: #1704003)

[ Ubuntu: 4.4.0-86.109 ]

  * linux: 4.4.0-86.109 -proposed tracker (LP: #1703995)
  * sock_recvmsg has dropped size argument (LP: #1701697)
    - Packaging: Breaks unfixed iscsitarget versions

[ Ubuntu: 4.4.0-85.108 ]

  * linux: 4.4.0-85.108 -proposed tracker (LP: #1702103)
  * [Hyper-V] Implement Hyper-V PTP Source (LP: #1676635)
    - SAUCE: hv: make clocksource available for PTP device supporting
    - Drivers: hv: util: Use hv_get_current_tick() to get current tick
    - hv_util: switch to using timespec64
    - hv_utils: implement Hyper-V PTP source
    - Drivers: hv: util: Fix a typo
    - Drivers: hv: util: don't forget to init host_ts.lock
    - hv_utils: drop .getcrosststamp() support from PTP driver
    - hv_utils: fix TimeSync work on pre-TimeSync-v4 hosts

linux-gke (4.4.0-1019.19) xenial; urgency=low

* linux-gke: 4.4.0-1019.19 -proposed tracker (LP: #1701030)

[ Ubuntu: 4.4.0-84.107 ]

  * linux: 4.4.0-84.107 -proposed tracker (LP: #1701024)
  * Can't disable USB port from BIOS (LP: #1695216)
    - SAUCE: xhci: AMD Promontory USB disable port support
  * KILLER1435-S[0489:e0a2] BT cannot search BT 4.0 device (LP: #1699651)
    - Bluetooth: btusb: Add support for 0489:e0a2 QCA_ROME device
  * CIFS: Enable encryption for SMB3 (LP: #1670508)
    - Revert "Handle mismatched open calls"
    - Revert "Call echo service immediately after socket reconnect"
    - cifs: Make echo interval tunable
    - Prepare for encryption support (first part). Add decryption and encryption
      key generation. Thanks to Metze for helping with this.
    - [net] drop 'size' argument of sock_recvmsg()
    - cifs: merge the hash calculation helpers
    - cifs: no need to wank with copying and advancing iovec on recvmsg side
      either
    - cifs: don't bother with kmap on read_pages side
    - cifs_readv_receive: use cifs_read_from_socket()
    - Fix memory leaks in cifs_do_mount()
    - SMB3: Add mount parameter to allow user to override max credits
    - SMB2: Separate Kerberos authentication from SMB2_sess_setup
    - SMB2: Separate RawNTLMSSP authentication from SMB2_sess_setup
    - SMB3: parsing for new snapshot timestamp mount parm
    - cifs: Simplify SMB2 and SMB311 dependencies
    - cifs: Only select the r...

This bug was fixed in the package linux-gke - 4.4.0-1022.22

---------------
linux-gke (4.4.0-1022.22) xenial; urgency=low

* linux-gke: 4.4.0-1022.22 -proposed tracker (LP: #1705562)

* sock_recvmsg has dropped size argument (LP: #1701697)
    - Packaging: Breaks yet another iscsitarget-dkms version

linux-gke (4.4.0-1021.21) xenial; urgency=low

* linux-gke: 4.4.0-1021.21 -proposed tracker (LP: #1704991)

[ Ubuntu: 4.4.0-87.110 ]

* linux: 4.4.0-87.110 -proposed tracker (LP: #1704982)
  * CVE-2017-1000364
    - mm/mmap.c: do not blow on PROT_NONE MAP_FIXED holes in the stack
    - mm/mmap.c: expand_downwards: don't require the gap if !vm_prev
  * CIFS causes oops (LP: #1704857)
    - CIFS: Fix null pointer deref during read resp processing
    - CIFS: Fix some return values in case of error in 'crypt_message'

linux-gke (4.4.0-1020.20) xenial; urgency=low

* linux-gke: 4.4.0-1020.20 -proposed tracker (LP: #1704003)

[ Ubuntu: 4.4.0-86.109 ]

* linux: 4.4.0-86.109 -proposed tracker (LP: #1703995)
  * sock_recvmsg has dropped size argument (LP: #1701697)
    - Packaging: Breaks unfixed iscsitarget versions

[ Ubuntu: 4.4.0-85.108 ]

* linux: 4.4.0-85.108 -proposed tracker (LP: #1702103)
  * [Hyper-V] Implement Hyper-V PTP Source (LP: #1676635)
    - SAUCE: hv: make clocksource available for PTP device supporting
    - Drivers: hv: util: Use hv_get_current_tick() to get current tick
    - hv_util: switch to using timespec64
    - hv_utils: implement Hyper-V PTP source
    - Drivers: hv: util: Fix a typo
    - Drivers: hv: util: don't forget to init host_ts.lock
    - hv_utils: drop .getcrosststamp() support from PTP driver
    - hv_utils: fix TimeSync work on pre-TimeSync-v4 hosts

linux-gke (4.4.0-1019.19) xenial; urgency=low

* linux-gke: 4.4.0-1019.19 -proposed tracker (LP: #1701030)

[ Ubuntu: 4.4.0-84.107 ]

* linux: 4.4.0-84.107 -proposed tracker (LP: #1701024)
  * Can't disable USB port from BIOS (LP: #1695216)
    - SAUCE: xhci: AMD Promontory USB disable port support
  * KILLER1435-S[0489:e0a2] BT cannot search BT 4.0 device (LP: #1699651)
    - Bluetooth: btusb: Add support for 0489:e0a2 QCA_ROME device
  * CIFS: Enable encryption for SMB3 (LP: #1670508)
    - Revert "Handle mismatched open calls"
    - Revert "Call echo service immediately after socket reconnect"
    - cifs: Make echo interval tunable
    - Prepare for encryption support (first part). Add decryption and encryption
      key generation. Thanks to Metze for helping with this.
    - [net] drop 'size' argument of sock_recvmsg()
    - cifs: merge the hash calculation helpers
    - cifs: no need to wank with copying and advancing iovec on recvmsg side
      either
    - cifs: don't bother with kmap on read_pages side
    - cifs_readv_receive: use cifs_read_from_socket()
    - Fix memory leaks in cifs_do_mount()
    - SMB3: Add mount parameter to allow user to override max credits
    - SMB2: Separate Kerberos authentication from SMB2_sess_setup
    - SMB2: Separate RawNTLMSSP authentication from SMB2_sess_setup
    - SMB3: parsing for new snapshot timestamp mount parm
    - cifs: Simplify SMB2 and SMB311 dependencies
    - cifs: Only select the required crypto modules
    - cifs: Add soft dependencies
    - CIFS: Separate SMB2 header structure
    - CIFS: Make SendReceive2() takes resp iov
    - CIFS: Make send_cancel take rqst as argument
    - CIFS: Send RFC1001 length in a separate iov
    - CIFS: Separate SMB2 sync header processing
    - CIFS: Separate RFC1001 length processing for SMB2 read
    - CIFS: Add capability to transform requests before sending
    - CIFS: Enable encryption during session setup phase
    - CIFS: Encrypt SMB3 requests before sending
    - CIFS: Add transform header handling callbacks
    - CIFS: Add mid handle callback
    - CIFS: Add copy into pages callback for a read operation
    - CIFS: Decrypt and process small encrypted packets
    - CIFS: Add capability to decrypt big read responses
    - CIFS: Allow to switch on encryption with seal mount option
    - CIFS: Fix possible use after free in demultiplex thread
    - Call echo service immediately after socket reconnect
    - Handle mismatched open calls
  * CVE-2017-9150
    - bpf: don't let ldimm64 leak map addresses on unprivileged
  * CVE-2015-8944
    - Make file credentials available to the seqfile interfaces
    - /proc/iomem: only expose physical resource addresses to privileged users
  * Xenial update to 4.4.73 stable release (LP: #1698817)
    - s390/vmem: fix identity mapping
    - partitions/msdos: FreeBSD UFS2 file systems are not recognized
    - ARM: dts: imx6dl: Fix the VDD_ARM_CAP voltage for 396MHz operation
    - staging: rtl8192e: rtl92e_fill_tx_desc fix write to mapped out memory.
    - net: xilinx_emaclite: fix freezes due to unordered I/O
    - net: xilinx_emaclite: fix receive buffer overflow
    - ipv6: Handle IPv4-mapped src to in6addr_any dst.
    - ipv6: Inhibit IPv4-mapped src address on the wire.
    - NET: Fix /proc/net/arp for AX.25
    - NET: mkiss: Fix panic
    - net: hns: Fix the device being used for dma mapping during TX
    - sierra_net: Skip validating irrelevant fields for IDLE LSIs
    - sierra_net: Add support for IPv6 and Dual-Stack Link Sense Indications
    - i2c: piix4: Fix request_region size
    - ipv6: Fix IPv6 packet loss in scenarios involving roaming + snooping
      switches
    - PM / runtime: Avoid false-positive warnings from might_sleep_if()
    - jump label: pass kbuild_cflags when checking for asm goto support
    - kasan: respect /proc/sys/kernel/traceoff_on_warning
    - log2: make order_base_2() behave correctly on const input value zero
    - ethtool: do not vzalloc(0) on registers dump
    - fscache: Fix dead object requeue
    - fscache: Clear outstanding writes when disabling a cookie
    - FS-Cache: Initialise stores_lock in netfs cookie
    - ipv6: fix flow labels when the traffic class is non-0
    - drm/nouveau: prevent userspace from deleting client object
    - drm/nouveau/fence/g84-: protect against concurrent access to semaphore
      buffers
    - gianfar: synchronize DMA API usage by free_skb_rx_queue w/ gfar_new_page
    - pinctrl: berlin-bg4ct: fix the value for "sd1a" of pin SCRD0_CRD_PRES
    - net: adaptec: starfire: add checks for dma mapping errors
    - parisc, parport_gsc: Fixes for printk continuation lines
    - drm/nouveau: Don't enabling polling twice on runtime resume
    - drm/ast: Fixed system hanged if disable P2A
    - ravb: unmap descriptors when freeing rings
    - nfs: Fix "Don't increment lock sequence ID after NFS4ERR_MOVED"
    - r8152: re-schedule napi for tx
    - r8152: fix rtl8152_post_reset function
    - r8152: avoid start_xmit to schedule napi when napi is disabled
    - sctp: sctp_addr_id2transport should verify the addr before looking up assoc
    - romfs: use different way to generate fsid for BLOCK or MTD
    - proc: add a schedule point in proc_pid_readdir()
    - tipc: ignore requests when the connection state is not CONNECTED
    - xtensa: don't use linux IRQ #0
    - s390/kvm: do not rely on the ILC on kvm host protection fauls
    - sparc64: make string buffers large enough
    - Linux 4.4.73
  * Xenial update to 4.4.72 stable release (LP: #1698799)
    - bnx2x: Fix Multi-Cos
    - ipv6: xfrm: Handle errors reported by xfrm6_find_1stfragopt()
    - cxgb4: avoid enabling napi twice to the same queue
    - tcp: disallow cwnd undo when switching congestion control
    - vxlan: fix use-after-free on deletion
    - ipv6: Fix leak in ipv6_gso_segment().
    - net: ping: do not abuse udp_poll()
    - net: ethoc: enable NAPI before poll may be scheduled
    - net: bridge: start hello timer only if device is up
    - sparc64: mm: fix copy_tsb to correctly copy huge page TSBs
    - sparc: Machine description indices can vary
    - sparc64: reset mm cpumask after wrap
    - sparc64: combine activate_mm and switch_mm
    - sparc64: redefine first version
    - sparc64: add per-cpu mm of secondary contexts
    - sparc64: new context wrap
    - sparc64: delete old wrap code
    - arch/sparc: support NR_CPUS = 4096
    - serial: ifx6x60: fix use-after-free on module unload
    - ptrace: Properly initialize ptracer_cred on fork
    - KEYS: fix dereferencing NULL payload with nonzero length
    - KEYS: fix freeing uninitialized memory in key_update()
    - crypto: gcm - wait for crypto op not signal safe
    - drm/amdgpu/ci: disable mclk switching for high refresh rates (v2)
    - nfsd4: fix null dereference on replay
    - nfsd: Fix up the "supattr_exclcreat" attributes
    - kvm: async_pf: fix rcu_irq_enter() with irqs enabled
    - KVM: cpuid: Fix read/write out-of-bounds vulnerability in cpuid emulation
    - arm: KVM: Allow unaligned accesses at HYP
    - KVM: async_pf: avoid async pf injection when in guest mode
    - dmaengine: usb-dmac: Fix DMAOR AE bit definition
    - dmaengine: ep93xx: Always start from BASE0
    - xen/privcmd: Support correctly 64KB page granularity when mapping memory
    - xen-netfront: do not cast grant table reference to signed short
    - xen-netfront: cast grant table reference first to type int
    - ext4: fix SEEK_HOLE
    - ext4: keep existing extra fields when inode expands
    - ext4: fix fdatasync(2) after extent manipulation operations
    - usb: gadget: f_mass_storage: Serialize wake and sleep execution
    - usb: chipidea: udc: fix NULL pointer dereference if udc_start failed
    - usb: chipidea: debug: check before accessing ci_role
    - staging/lustre/lov: remove set_fs() call from lov_getstripe()
    - iio: light: ltr501 Fix interchanged als/ps register field
    - iio: proximity: as3935: fix AS3935_INT mask
    - drivers: char: random: add get_random_long()
    - random: properly align get_random_int_hash
    - stackprotector: Increase the per-task stack canary's random range from 32
      bits to 64 bits on 64-bit platforms
    - cpufreq: cpufreq_register_driver() should return -ENODEV if init fails
    - target: Re-add check to reject control WRITEs with overflow data
    - drm/msm: Expose our reservation object when exporting a dmabuf.
    - Input: elantech - add Fujitsu Lifebook E546/E557 to force crc_enabled
    - cpuset: consider dying css as offline
    - fs: add i_blocksize()
    - ufs: restore proper tail allocation
    - fix ufs_isblockset()
    - ufs: restore maintaining ->i_blocks
    - ufs: set correct ->s_maxsize
    - ufs_extend_tail(): fix the braino in calling conventions of
      ufs_new_fragments()
    - ufs_getfrag_block(): we only grab ->truncate_mutex on block creation path
    - cxl: Fix error path on bad ioctl
    - btrfs: use correct types for page indices in btrfs_page_exists_in_range
    - btrfs: fix memory leak in update_space_info failure path
    - KVM: arm/arm64: Handle possible NULL stage2 pud when ageing pages
    - scsi: qla2xxx: don't disable a not previously enabled PCI device
    - powerpc/eeh: Avoid use after free in eeh_handle_special_event()
    - powerpc/numa: Fix percpu allocations to be NUMA aware
    - powerpc/hotplug-mem: Fix missing endian conversion of aa_index
    - perf/core: Drop kernel samples even though :u is specified
    - drm/vmwgfx: Handle vmalloc() failure in vmw_local_fifo_reserve()
    - drm/vmwgfx: Make sure backup_handle is always valid
    - drm/nouveau/tmr: fully separate alarm execution/pending lists
    - ALSA: timer: Fix race between read and ioctl
    - ALSA: timer: Fix missing queue indices reset at SNDRV_TIMER_IOCTL_SELECT
    - ASoC: Fix use-after-free at card unregistration
    - drivers: char: mem: Fix wraparound check to allow mappings up to the end
    - tty: Drop krefs for interrupted tty lock
    - serial: sh-sci: Fix panic when serial console and DMA are enabled
    - mm: consider memblock reservations for deferred memory initialization sizing
    - NFS: Ensure we revalidate attributes before using execute_ok()
    - NFSv4: Don't perform cached access checks before we've OPENed the file
    - Make __xfs_xattr_put_listen preperly report errors.
    - arm64: hw_breakpoint: fix watchpoint matching for tagged pointers
    - arm64: entry: improve data abort handling of tagged pointers
    - RDMA/qib,hfi1: Fix MR reference count leak on write with immediate
    - usercopy: Adjust tests to deal with SMAP/PAN
    - arm64: armv8_deprecated: ensure extension of addr
    - arm64: ensure extension of smp_store_release value
    - Linux 4.4.72
  * Xenial update to 4.4.71 stable release (LP: #1697001)
    - sparc: Fix -Wstringop-overflow warning
    - s390/qeth: handle sysfs error during initialization
    - s390/qeth: unbreak OSM and OSN support
    - s390/qeth: avoid null pointer dereference on OSN
    - tcp: avoid fragmenting peculiar skbs in SACK
    - sctp: fix src address selection if using secondary addresses for ipv6
    - tcp: eliminate negative reordering in tcp_clean_rtx_queue
    - net: Improve handling of failures on link and route dumps
    - bridge: netlink: check vlan_default_pvid range
    - qmi_wwan: add another Lenovo EM74xx device ID
    - bridge: start hello_timer when enabling KERNEL_STP in br_stp_start
    - be2net: Fix offload features for Q-in-Q packets
    - virtio-net: enable TSO/checksum offloads for Q-in-Q vlans
    - tcp: avoid fastopen API to be used on AF_UNSPEC
    - sctp: fix ICMP processing if skb is non-linear
    - ipv4: add reference counting to metrics
    - netem: fix skb_orphan_partial()
    - net: phy: marvell: Limit errata to 88m1101
    - vlan: Fix tcp checksum offloads in Q-in-Q vlans
    - i2c: i2c-tiny-usb: fix buffer not being DMA capable
    - mmc: sdhci-iproc: suppress spurious interrupt with Multiblock read
    - HID: wacom: Have wacom_tpc_irq guard against possible NULL dereference
    - scsi: mpt3sas: Force request partial completion alignment
    - drm/radeon/ci: disable mclk switching for high refresh rates (v2)
    - drm/radeon: Unbreak HPD handling for r600+
    - pcmcia: remove left-over %Z format
    - ALSA: hda - apply STAC_9200_DELL_M22 quirk for Dell Latitude D430
    - slub/memcg: cure the brainless abuse of sysfs attributes
    - drm/gma500/psb: Actually use VBT mode when it is found
    - mm/migrate: fix refcount handling when !hugepage_migration_supported()
    - mlock: fix mlock count can not decrease in race condition
    - xfs: Fix missed holes in SEEK_HOLE implementation
    - xfs: fix off-by-one on max nr_pages in xfs_find_get_desired_pgoff()
    - xfs: fix over-copying of getbmap parameters from userspace
    - xfs: handle array index overrun in xfs_dir2_leaf_readbuf()
    - xfs: prevent multi-fsb dir readahead from reading random blocks
    - xfs: fix up quotacheck buffer list error handling
    - xfs: support ability to wait on new inodes
    - xfs: update ag iterator to support wait on new inodes
    - xfs: wait on new inodes during quotaoff dquot release
    - xfs: fix indlen accounting error on partial delalloc conversion
    - xfs: bad assertion for delalloc an extent that start at i_size
    - xfs: fix unaligned access in xfs_btree_visit_blocks
    - xfs: in _attrlist_by_handle, copy the cursor back to userspace
    - xfs: only return -errno or success from attr ->put_listent
    - Linux 4.4.71
  * CVE-2017-7346
    - drm/vmwgfx: limit the number of mip levels in vmw_gb_surface_define_ioctl()
  * Power button does not work on Latitude 7480 (LP: #1697116)
    - intel-hid: Remove duplicated acpi_remove_notify_handler
    - platform/x86: intel-hid: Support 5 button array
  * CVE-2017-9074
    - ipv6: Check ip6_find_1stfragopt() return value properly.
  * CVE-2014-9900
    - net: Zeroing the structure ethtool_wolinfo in ethtool_get_wol()

-- Thadeu Lima de Souza Cascardo <cascardo@canonical.com>  Thu, 20 Jul 2017 16:35:05 -0300

Changed in linux-gke (Ubuntu Xenial):
status:	Confirmed → Fix Released

Revision history for this message

Brad Figg (brad-figg) wrote on 2017-07-25: Package Released!

#3

The package has been published and the bug is being set to Fix Released

Changed in kernel-sru-workflow:
status:	In Progress → Fix Released
description:	updated
description:	updated
tags:	removed: kernel-release-tracking-bug-live

Kernel SRU Workflow

linux-gke: 4.4.0-1022.22 -proposed tracker

Bug Description

CVE References

Duplicates of this bug

Other bug subscribers

Remote bug watches

	Status	Importance	Assigned to
Kernel SRU Workflow	Fix Released	Medium	Unassigned
Automated-testing	Fix Released	Medium	Canonical Kernel Team
Certification-testing	Invalid	Medium	Canonical Hardware Certification
Prepare-package	Fix Released	Medium	Thadeu Lima de Souza Cascardo
Prepare-package-meta	Fix Released	Medium	Thadeu Lima de Souza Cascardo
Promote-to-proposed	Fix Released	Medium	Łukasz Zemczak
Promote-to-security	Fix Released	Medium	Łukasz Zemczak
Promote-to-updates	Fix Released	Medium	Łukasz Zemczak
Regression-testing	Fix Released	Medium	Canonical Kernel Team
Security-signoff	Fix Released	Medium	Canonical Security Team
Upload-to-ppa	Invalid	Medium	Canonical Kernel Team
Verification-testing	Fix Released	Medium	Canonical Kernel Team
linux-gke (Ubuntu)	Invalid	Undecided	Unassigned
Xenial	Fix Released	Undecided	Unassigned