Changelog
linux-signed-arm64 (4.19.9+1) unstable; urgency=medium
* Sign kernel from linux 4.19.9-1
* New upstream stable update:
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.6
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.7
- [x86] KVM: LAPIC: Fix pv ipis use-before-initialization (CVE-2018-19406)
- mm: cleancache: fix corruption on missed inode invalidation
(CVE-2018-16862)
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.8
- blk-mq: fix corruption with direct issue (Closes: #915666)
- userfaultfd: use ENOENT instead of EFAULT if the atomic copy user fails
(CVE-2018-18397)
- userfaultfd: shmem: allocate anonymous memory for MAP_PRIVATE shmem
(CVE-2018-18397)
- userfaultfd: shmem: add i_size checks (CVE-2018-18397)
- userfaultfd: shmem: UFFDIO_COPY: set the page dirty if VM_WRITE is not
set (CVE-2018-18397)
- blk-mq: punt failed direct issue to dispatch list
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.9
- ALSA: usb-audio: Fix UAF decrement if card has no live interfaces in
card.c (CVE-2018-19824)
- vhost/vsock: fix use-after-free in network stack callers
(CVE-2018-14625)
[ Marcin Juszkiewicz ]
* [arm64] Enable ACPI IMPI
* [arm64] Enable IPMI watchdog and power off support
* [arm64] Enable PCI Express hotplug
* [arm64] Enable PMU for several server cpus
* [arm64] Enable HiSilicon LPC for serial/ipmi access
[ Romain Perier ]
* [x86] Enable support for error detection and correction on the Intel
Pondicherry2 Integrated Memory Controller (Closes: #914946)
* [rt] Update to 4.19.8-rt6
[ Uwe Kleine-König ]
* Enable usb support for ATH10K (Closes: #915083)
[ Luca Boccassi ]
* debian/rules.real: Split the rules so that the [un]versioned_tools
knobs can be used to avoid building them. Fixes FTBFS with unversioned
tools disabled.
* perf: do not ship python2-only call-graph-from-sql script.
* Override Lintian warning dbg-package-missing-depends in source too.
[ Ben Hutchings ]
* debian/rules.real: Mark most targets as phony
* debian/rules: Mark more targets as phony
* libcpupower: Hide private function and drop it from .symbols file
* integrity: Disable INTEGRITY_TRUSTED_KEYRING (Closes: #865277)
[ Vagrant Cascadian ]
* debian/config/config: Enable Z3FOLD as a module.
[ Salvatore Bonaccorso ]
* Set ABI to 1
[ Nicolas Schier ]
* ovl: permit overlayfs mounts in user namespaces (Closes: #913880)
[ Hilko Bengen ]
* Add patches to build libbpf.so with SONAME, link against libelf
* Add versioned libbpf, libbpf-dev package (Closes: #914428)
[ Hans van Kranenburg ]
* [x86] Add patch to repair booting as Xen dom0 (Closes: #914951)
* [x86] Add patches to support booting a Xen PVH guest via Grub2
[ Christoph Anton Mitterer ]
* crypto: Enable MORUS and AEGIS AEAD ciphers (Closes: #914136)
* [amd64]: Enable AES-NI/SSE2/AVX2 optimised implementations of the MORUS
and AEGIS AEAD ciphers
[ Bastian Blank ]
* Enable NFT_CONNLIMIT, NFT_TUNNEL, NFT_SOCKET, NFT_OSF, NFT_TPROXY,
IP_VS_MH.
* Enable netfilter flow table support.
* [x86] Enable DRM_XEN_FRONTEND.
* Enable EFI_BOOTLOADER_CONTROL, EFI_CAPSULE_LOADER.
-- Bastian Blank <email address hidden> Sun, 16 Dec 2018 19:45:54 +0100
