jammy/linux-gke: 5.15.0-1040.45 -proposed tracker
Bug Description
This bug will contain status and test results related to a kernel source (or snap) as stated in the title.
For an explanation of the tasks and the associated workflow see:
https:/
-- swm properties --
built:
from: e9605e212bae6a88
route-entry: 2
delta:
promote-
promote-
promote-
flag:
boot-
proposed-
proposed-
issue: KSRU-8974
kernel-
packages:
generate: linux-generate-gke
main: linux-gke
meta: linux-meta-gke
signed: linux-signed-gke
phase: Complete
phase-changed: Tuesday, 29. August 2023 09:57 UTC
reason: {}
synthetic:
:promote-
variant: debs
versions:
main: 5.15.0-1040.45
meta: 5.15.0.1040.39
signed: 5.15.0-1040.45
~~:
clamps:
new-review: e9605e212bae6a88
promote-
self: 5.15.0-1040.45
sru-review: e9605e212bae6a88
tags: | added: kernel-release-tracking-bug-live |
description: | updated |
tags: | added: kernel-sru-cycle-s2023.07.10-1 |
description: | updated |
description: | updated |
tags: | added: kernel-sru-derivative-of-2030588 |
Changed in kernel-sru-workflow: | |
status: | New → Confirmed |
importance: | Undecided → Medium |
Changed in linux-gke (Ubuntu Jammy): | |
importance: | Undecided → Medium |
Changed in kernel-sru-workflow: | |
status: | Confirmed → Triaged |
description: | updated |
Changed in kernel-sru-workflow: | |
status: | Triaged → In Progress |
tags: | added: kernel-jira-issue-ksru-8974 |
description: | updated |
description: | updated |
description: | updated |
summary: |
- jammy/linux-gke: <version to be filled> -proposed tracker + jammy/linux-gke: 5.15.0-1040.45 -proposed tracker |
description: | updated |
description: | updated |
description: | updated |
description: | updated |
description: | updated |
description: | updated |
description: | updated |
description: | updated |
description: | updated |
description: | updated |
description: | updated |
description: | updated |
description: | updated |
description: | updated |
description: | updated |
description: | updated |
description: | updated |
description: | updated |
description: | updated |
description: | updated |
description: | updated |
description: | updated |
description: | updated |
description: | updated |
description: | updated |
description: | updated |
description: | updated |
tags: | added: regression-testing-passed |
description: | updated |
description: | updated |
description: | updated |
description: | updated |
description: | updated |
description: | updated |
Changed in kernel-sru-workflow: | |
status: | Fix Committed → Fix Released |
This bug was fixed in the package linux-gke - 5.15.0-1040.45
---------------
linux-gke (5.15.0-1040.45) jammy; urgency=medium
* jammy/linux-gke: 5.15.0-1040.45 -proposed tracker (LP: #2030558)
* Packaging resync (LP: #1786013) dkms-versions helper
- [Packaging] resync update-
* Miscellaneous Ubuntu changes
- [packaging] update configs
[ Ubuntu: 5.15.0-82.91 ]
* jammy/linux: 5.15.0-82.91 -proposed tracker (LP: #2031147) GDS_FORCE_ MITIGATION
* libgnutls report "trap invalid opcode" when trying to install packages over
https (LP: #2031093)
- [Config]: disable CONFIG_
[ Ubuntu: 5.15.0-80.89 ]
* jammy/linux: 5.15.0-80.87 -proposed tracker (LP: #2030588) finalize_ init() finalize_ init() finalize_ init() finalize_ init() finalize_ init() finalize_ init() earlier finalize_ init() finalize_ init() ARCH_HAS_ CPU_FINALIZE_ INIT and GDS_FORCE_ MITIGATION PREPARE_ ERROR to deal with bound RULE_CHAIN_ ID
* CVE-2022-40982
- x86/mm: Initialize text poking earlier
- x86/mm: fix poking_init() for Xen PV guests
- x86/mm: Use mm_alloc() in poking_init()
- mm: Move mm_cachep initialization to mm_init()
- init: Provide arch_cpu_
- x86/cpu: Switch to arch_cpu_
- ARM: cpu: Switch to arch_cpu_
- sparc/cpu: Switch to arch_cpu_
- um/cpu: Switch to arch_cpu_
- init: Remove check_bugs() leftovers
- init: Invoke arch_cpu_
- init, x86: Move mem_encrypt_init() into arch_cpu_
- x86/init: Initialize signal frame size late
- x86/fpu: Remove cpuinfo argument from init functions
- x86/fpu: Mark init functions __init
- x86/fpu: Move FPU initialization into arch_cpu_
- x86/xen: Fix secondary processors' FPU initialization
- x86/speculation: Add Gather Data Sampling mitigation
- x86/speculation: Add force option to GDS mitigation
- x86/speculation: Add Kconfig option for GDS
- KVM: Add GDS_NO support to KVM
- Documentation/x86: Fix backwards on/off logic about YMM support
- [Config]: Enable CONFIG_
CONFIG_
* CVE-2023-21400
- io_uring: ensure IOPOLL locks around deferred work
* CVE-2023-4015
- netfilter: nf_tables: add NFT_TRANS_
set/chain
- netfilter: nf_tables: unbind non-anonymous set if rule construction fails
- netfilter: nf_tables: skip immediate deactivate in _PREPARE_ERROR
* CVE-2023-3777
- netfilter: nf_tables: skip bound chain on rule flush
* CVE-2023-3995
- netfilter: nf_tables: disallow rule addition to bound chain via
NFTA_
* CVE-2023-20593
- x86/cpu/amd: Move the errata checking functionality up
- x86/cpu/amd: Add a Zenbleed fix
* CVE-2023-3776
- net/sched: cls_fw: Fix improper refcount update leads to use-after-free
* CVE-2023-4004
- netfilter: nft_set_pipapo: fix improper element removal
* CVE-2023-3611
- net/sched: sch_qfq: refactor parsing of netlink parameters
- net/sched: sch_qfq: account for stab overhead in qfq_enqueue
* CVE-2023-3610
- netfilter: nf_tables: fix chain binding transaction logic
* CVE-2023-3609
- net/sched: cls_u32: Fix reference counter leak leading to overflow
-- Khalid Elmously <email address hidden> Mon, 21 Aug 2023 03:19:01 -0400