linux-aws 4.4.0-1052.61 source package in Ubuntu
Changelog
linux-aws (4.4.0-1052.61) xenial; urgency=medium * linux-aws: 4.4.0-1052.61 -proposed tracker (LP: #1748489) [ Ubuntu: 4.4.0-116.140 ] * linux: 4.4.0-116.140 -proposed tracker (LP: #1748990) * BUG: unable to handle kernel NULL pointer dereference at 0000000000000009 (LP: #1748671) - SAUCE: net: ipv4: fix for a race condition in raw_sendmsg -- fix backport [ Ubuntu: 4.4.0-115.139 ] * linux: 4.4.0-115.138 -proposed tracker (LP: #1748745) * CVE-2017-5715 (Spectre v2 Intel) - Revert "UBUNTU: SAUCE: turn off IBPB when full retpoline is present" - SAUCE: turn off IBRS when full retpoline is present - [Packaging] retpoline files must be sorted - [Packaging] pull in retpoline files [ Ubuntu: 4.4.0-114.137 ] * linux: 4.4.0-114.137 -proposed tracker (LP: #1748484) * ALSA backport missing NVIDIA GPU codec IDs to patch table to Ubuntu 16.04 LTS Kernel (LP: #1744117) - ALSA: hda - Add missing NVIDIA GPU codec IDs to patch table * Shutdown hang on 16.04 with iscsi targets (LP: #1569925) - scsi: libiscsi: Allow sd_shutdown on bad transport * libata: apply MAX_SEC_1024 to all LITEON EP1 series devices (LP: #1743053) - libata: apply MAX_SEC_1024 to all LITEON EP1 series devices * KVM patches for s390x to provide facility bits 81 (ppa15) and 82 (bpb) (LP: #1747090) - KVM: s390: wire up bpb feature - KVM: s390: Enable all facility bits that are known good for passthrough * CVE-2017-5715 (Spectre v2 Intel) - SAUCE: drop lingering gmb() macro - x86/feature: Enable the x86 feature to control Speculation - x86/feature: Report presence of IBPB and IBRS control - x86/enter: MACROS to set/clear IBRS and set IBPB - x86/enter: Use IBRS on syscall and interrupts - x86/idle: Disable IBRS entering idle and enable it on wakeup - x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup - x86/mm: Set IBPB upon context switch - x86/mm: Only set IBPB when the new thread cannot ptrace current thread - x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm - x86/kvm: Set IBPB when switching VM - x86/kvm: Toggle IBRS on VM entry and exit - x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature - x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb control - x86/cpu/amd, kvm: Satisfy guest kernel reads of IC_CFG MSR - x86/cpu/AMD: Add speculative control support for AMD - x86/microcode: Extend post microcode reload to support IBPB feature - KVM: SVM: Do not intercept new speculative control MSRs - x86/svm: Set IBRS value on VM entry and exit - x86/svm: Set IBPB when running a different VCPU - KVM: x86: Add speculative control CPUID support for guests - SAUCE: Fix spec_ctrl support in KVM - SAUCE: turn off IBPB when full retpoline is present linux-aws (4.4.0-1051.60) xenial; urgency=low * linux-aws: 4.4.0-1051.60 -proposed tracker (LP: #1746946) [ Ubuntu: 4.4.0-113.136 ] * linux: 4.4.0-113.136 -proposed tracker (LP: #1746936) * Missing install-time driver for QLogic QED 25/40/100Gb Ethernet NIC (LP: #1743638) - [d-i] Add qede to nic-modules udeb * CVE-2017-5753 (Spectre v1 Intel) - x86/cpu/AMD: Make the LFENCE instruction serialized - x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature - SAUCE: reinstate MFENCE_RDTSC feature definition - locking/barriers: introduce new observable speculation barrier - bpf: prevent speculative execution in eBPF interpreter - x86, bpf, jit: prevent speculative execution when JIT is enabled - SAUCE: FIX: x86, bpf, jit: prevent speculative execution when JIT is enabled - carl9170: prevent speculative execution - qla2xxx: prevent speculative execution - Thermal/int340x: prevent speculative execution - ipv4: prevent speculative execution - ipv6: prevent speculative execution - fs: prevent speculative execution - net: mpls: prevent speculative execution - udf: prevent speculative execution - userns: prevent speculative execution - SAUCE: claim mitigation via observable speculation barrier - SAUCE: powerpc: add osb barrier - SAUCE: s390/spinlock: add osb memory barrier - SAUCE: arm64: no osb() implementation yet - SAUCE: arm: no osb() implementation yet * CVE-2017-5715 (Spectre v2 retpoline) - x86/cpuid: Provide get_scattered_cpuid_leaf() - x86/cpu: Factor out application of forced CPU caps - x86/cpufeatures: Make CPU bugs sticky - x86/cpufeatures: Add X86_BUG_CPU_INSECURE - x86/cpu, x86/pti: Do not enable PTI on AMD processors - x86/pti: Rename BUG_CPU_INSECURE to BUG_CPU_MELTDOWN - x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] - x86/cpu: Merge bugs.c and bugs_64.c - sysfs/cpu: Add vulnerability folder - x86/cpu: Implement CPU vulnerabilites sysfs functions - x86/alternatives: Add missing '\n' at end of ALTERNATIVE inline asm - x86/mm/32: Move setup_clear_cpu_cap(X86_FEATURE_PCID) earlier - x86/asm: Use register variable to get stack pointer value - x86/kbuild: enable modversions for symbols exported from asm - x86/asm: Make asm/alternative.h safe from assembly - EXPORT_SYMBOL() for asm - kconfig.h: use __is_defined() to check if MODULE is defined - x86/retpoline: Add initial retpoline support - x86/spectre: Add boot time option to select Spectre v2 mitigation - x86/retpoline/crypto: Convert crypto assembler indirect jumps - x86/retpoline/entry: Convert entry assembler indirect jumps - x86/retpoline/ftrace: Convert ftrace assembler indirect jumps - x86/retpoline/hyperv: Convert assembler indirect jumps - x86/retpoline/xen: Convert Xen hypercall indirect jumps - x86/retpoline/checksum32: Convert assembler indirect jumps - x86/retpoline/irq32: Convert assembler indirect jumps - x86/retpoline: Fill return stack buffer on vmexit - x86/retpoline: Remove compile time warning - x86/retpoline: Add LFENCE to the retpoline/RSB filling RSB macros - module: Add retpoline tag to VERMAGIC - x86/mce: Make machine check speculation protected - retpoline: Introduce start/end markers of indirect thunk - kprobes/x86: Blacklist indirect thunk functions for kprobes - kprobes/x86: Disable optimizing on the function jumps to indirect thunk - x86/retpoline: Optimize inline assembler for vmexit_fill_RSB - [Config] CONFIG_RETPOLINE=y - [Packaging] retpoline -- add call site validation - [Config] disable retpoline checks for first upload * CVE-2017-5715 (revert embargoed) // CVE-2017-5753 (revert embargoed) - Revert "UBUNTU: SAUCE: Fix spec_ctrl support in KVM" - Revert "x86/cpuid: Provide get_scattered_cpuid_leaf()" - Revert "kvm: vmx: Scrub hardware GPRs at VM-exit" - Revert "Revert "x86/svm: Add code to clear registers on VM exit"" - Revert "UBUNTU: SAUCE: x86/microcode: Extend post microcode reload to support IBPB feature -- repair missmerge" - Revert "arm: no gmb() implementation yet" - Revert "arm64: no gmb() implementation yet" - Revert "UBUNTU: SAUCE: x86/kvm: Fix stuff_RSB() for 32-bit" - Revert "s390/spinlock: add gmb memory barrier" - Revert "powerpc: add gmb barrier" - Revert "x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature" - Revert "x86/cpu/AMD: Make the LFENCE instruction serialized" - Revert "x86/svm: Add code to clear registers on VM exit" - Revert "x86/svm: Add code to clobber the RSB on VM exit" - Revert "KVM: x86: Add speculative control CPUID support for guests" - Revert "x86/svm: Set IBPB when running a different VCPU" - Revert "x86/svm: Set IBRS value on VM entry and exit" - Revert "KVM: SVM: Do not intercept new speculative control MSRs" - Revert "x86/microcode: Extend post microcode reload to support IBPB feature" - Revert "x86/cpu/AMD: Add speculative control support for AMD" - Revert "x86/cpu/amd, kvm: Satisfy guest kernel reads of IC_CFG MSR" - Revert "x86/entry: Use retpoline for syscall's indirect calls" - Revert "x86/syscall: Clear unused extra registers on 32-bit compatible syscall entrance" - Revert "x86/syscall: Clear unused extra registers on syscall entrance" - Revert "x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb control" - Revert "x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature" - Revert "x86/kvm: Pad RSB on VM transition" - Revert "x86/kvm: Toggle IBRS on VM entry and exit" - Revert "x86/kvm: Set IBPB when switching VM" - Revert "x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm" - Revert "x86/entry: Stuff RSB for entry to kernel for non-SMEP platform" - Revert "x86/mm: Only set IBPB when the new thread cannot ptrace current thread" - Revert "x86/mm: Set IBPB upon context switch" - Revert "x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup" - Revert "x86/idle: Disable IBRS entering idle and enable it on wakeup" - Revert "x86/enter: Use IBRS on syscall and interrupts" - Revert "x86/enter: MACROS to set/clear IBRS and set IBPB" - Revert "x86/feature: Report presence of IBPB and IBRS control" - Revert "x86/feature: Enable the x86 feature to control Speculation" - Revert "udf: prevent speculative execution" - Revert "net: mpls: prevent speculative execution" - Revert "fs: prevent speculative execution" - Revert "ipv6: prevent speculative execution" - Revert "userns: prevent speculative execution" - Revert "Thermal/int340x: prevent speculative execution" - Revert "qla2xxx: prevent speculative execution" - Revert "carl9170: prevent speculative execution" - Revert "uvcvideo: prevent speculative execution" - Revert "x86, bpf, jit: prevent speculative execution when JIT is enabled" - Revert "bpf: prevent speculative execution in eBPF interpreter" * CVE-2017-17712 - net: ipv4: fix for a race condition in raw_sendmsg * upload urgency should be medium by default (LP: #1745338) - [Packaging] update urgency to medium by default * CVE-CVE-2017-12190 - more bio_map_user_iov() leak fixes * CVE-2015-8952 - mbcache2: reimplement mbcache - ext2: convert to mbcache2 - ext4: convert to mbcache2 - mbcache2: limit cache size - mbcache2: Use referenced bit instead of LRU - ext4: kill ext4_mballoc_ready - ext4: shortcut setting of xattr to the same value - mbcache: remove mbcache - mbcache2: rename to mbcache - mbcache: get rid of _e_hash_list_head - mbcache: add reusable flag to cache entries * CVE-2017-15115 - sctp: do not peel off an assoc from one netns to another one * CVE-2017-8824 - dccp: CVE-2017-8824: use-after-free in DCCP code [ Ubuntu: 4.4.0-112.135 ] * linux: 4.4.0-112.135 -proposed tracker (LP: #1744244) * CVE-2017-5715 // CVE-2017-5753 - x86/cpuid: Provide get_scattered_cpuid_leaf() - SAUCE: Fix spec_ctrl support in KVM - SAUCE: s390: improve cpu alternative handling for gmb and nobp - SAUCE: s390: print messages for gmb and nobp - [Config] KERNEL_NOBP=y [ Ubuntu: 4.4.0-111.134 ] * linux: 4.4.0-111.134 -proposed tracker (LP: #1743362) * Do not duplicate changelog entries assigned to more than one bug or CVE (LP: #1743383) - [Packaging] git-ubuntu-log -- handle multiple bugs/cves better * CVE-2017-5715 // CVE-2017-5753 - SAUCE: x86/microcode: Extend post microcode reload to support IBPB feature -- repair missmerge - Revert "x86/svm: Add code to clear registers on VM exit" - kvm: vmx: Scrub hardware GPRs at VM-exit * CVE-2017-5754 - SAUCE: powerpc: use sync instead of hwsync mnemonic -- Kamal Mostafa <email address hidden> Mon, 12 Feb 2018 14:44:47 -0800
Upload details
- Uploaded by:
- Kamal Mostafa
- Uploaded to:
- Xenial
- Original maintainer:
- Ubuntu Kernel Team
- Architectures:
- all amd64
- Section:
- devel
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
linux-aws_4.4.0.orig.tar.gz | 126.7 MiB | 730e75919b5d30a9bc934ccb300eaedfdf44994ca9ee1d07a46901c46c221357 |
linux-aws_4.4.0-1052.61.diff.gz | 16.9 MiB | d573c12c8b0b01f1dd91160df9f01d3f527b93f5d7b69440b8fb1eee68e4bdba |
linux-aws_4.4.0-1052.61.dsc | 3.5 KiB | 16c321ddd7bc4ab522576c0806917a56def835fb11d04524d6846fec2da7b6d1 |
Available diffs
Binary packages built by this source
- linux-aws-cloud-tools-4.4.0-1052: Linux kernel version specific cloud tools for version 4.4.0-1052
This package provides the architecture dependant parts for kernel
version locked tools for cloud tools for version 4.4.0-1052 on
64 bit x86.
You probably want to install linux-cloud-tools-4. 4.0-1052- <flavour> .
- linux-aws-cloud-tools-4.4.0-1052-dbgsym: debug symbols for package linux-aws-cloud-tools-4.4.0-1052
This package provides the architecture dependant parts for kernel
version locked tools for cloud tools for version 4.4.0-1052 on
64 bit x86.
You probably want to install linux-cloud-tools-4. 4.0-1052- <flavour> .
- linux-aws-headers-4.4.0-1052: Header files related to Linux kernel version 4.4.0
This package provides kernel header files for version 4.4.0, for sites
that want the latest kernel headers. Please read
/usr/share/doc/linux- aws-headers- 4.4.0-1052/ debian. README. gz for details
- linux-aws-tools-4.4.0-1052: Linux kernel version specific tools for version 4.4.0-1052
This package provides the architecture dependant parts for kernel
version locked tools (such as perf and x86_energy_perf_policy) for
version 4.4.0-1052 on
64 bit x86.
You probably want to install linux-tools-4.4.0-1052- <flavour> .
- linux-aws-tools-4.4.0-1052-dbgsym: debug symbols for package linux-aws-tools-4.4.0-1052
This package provides the architecture dependant parts for kernel
version locked tools (such as perf and x86_energy_perf_policy) for
version 4.4.0-1052 on
64 bit x86.
You probably want to install linux-tools-4.4.0-1052- <flavour> .
- linux-cloud-tools-4.4.0-1052-aws: Linux kernel version specific cloud tools for version 4.4.0-1052
This package provides the architecture dependant parts for kernel
version locked tools for cloud for version 4.4.0-1052 on
64 bit x86.
- linux-headers-4.4.0-1052-aws: Linux kernel headers for version 4.4.0 on 64 bit x86 SMP
This package provides kernel header files for version 4.4.0 on
64 bit x86 SMP.
.
This is for sites that want the latest kernel headers. Please read
/usr/share/doc/linux- headers- 4.4.0-1052/ debian. README. gz for details.
- linux-image-4.4.0-1052-aws: Linux kernel image for version 4.4.0 on 64 bit x86 SMP
This package contains the Linux kernel image for version 4.4.0 on
64 bit x86 SMP.
.
Also includes the corresponding System.map file, the modules built by the
packager, and scripts that try to ensure that the system is not left in an
unbootable state after an update.
.
Supports AWS processors.
.
Geared toward Amazon Web Services (AWS) systems.
.
You likely do not want to install this package directly. Instead, install
the linux-aws meta-package, which will ensure that upgrades work
correctly, and that supporting packages are also installed.
- linux-image-4.4.0-1052-aws-dbgsym: Linux kernel debug image for version 4.4.0 on 64 bit x86 SMP
This package provides a kernel debug image for version 4.4.0 on
64 bit x86 SMP.
.
This is for sites that wish to debug the kernel.
.
The kernel image contained in this package is NOT meant to boot from. It
is uncompressed, and unstripped. This package also includes the
unstripped modules.
- linux-tools-4.4.0-1052-aws: Linux kernel version specific tools for version 4.4.0-1052
This package provides the architecture dependant parts for kernel
version locked tools (such as perf and x86_energy_perf_policy) for
version 4.4.0-1052 on
64 bit x86.