Format: 1.8
Date: Mon, 30 Oct 2023 13:08:56 +0100
Source: linux
Binary: linux-libc-dev
Built-For-Profiles: noudeb
Architecture: i386 i386_translations
Version: 6.5.0-12.12
Distribution: mantic
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@bos03-amd64-034.buildd>
Changed-By: Roxana Nicolescu <roxana.nicolescu@canonical.com>
Description:
 linux-libc-dev - Linux Kernel Headers for development
Launchpad-Bugs-Fixed: 1786013 2019040 2031412 2033406 2035116 2036184 2036377 2036587 2037077 2037273 2038522 2038611 2039405 2039439 2039575 2040157 2040192 2040194 2040245 2040250 2041536
Changes:
 linux (6.5.0-12.12) mantic; urgency=medium
 .
   * mantic/linux: 6.5.0-12.12 -proposed tracker (LP: #2041536)
 .
   * Packaging resync (LP: #1786013)
     - [Packaging] update annotations scripts
     - [Packaging] update helper scripts
     - debian/dkms-versions -- update from kernel-versions (main/2023.10.30)
 .
   * CVE-2023-5633
     - drm/vmwgfx: Keep a gem reference to user bos in surfaces
 .
   * CVE-2023-5345
     - fs/smb/client: Reset password pointer to NULL
 .
   * CVE-2023-39189
     - netfilter: nfnetlink_osf: avoid OOB read
 .
   * CVE-2023-4244
     - netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction
 .
   * apparmor restricts read access of user namespace mediation sysctls to root
     (LP: #2040194)
     - SAUCE: apparmor: open userns related sysctl so lxc can check if restriction
       are in place
 .
   * AppArmor spams kernel log with assert when auditing (LP: #2040192)
     - SAUCE: apparmor: fix request field from a prompt reply that denies all
       access
 .
   * apparmor notification files verification (LP: #2040250)
     - SAUCE: apparmor: fix notification header size
 .
   * apparmor oops when racing to retrieve a notification (LP: #2040245)
     - SAUCE: apparmor: fix oops when racing to retrieve notification
 .
   * SMC stats: Wrong bucket calculation for payload of exactly 4096 bytes
     (LP: #2039575)
     - net/smc: Fix pos miscalculation in statistics
 .
   * Support mipi camera on Intel Meteor Lake platform (LP: #2031412)
     - SAUCE: iommu: intel-ipu: use IOMMU passthrough mode for Intel IPUs on Meteor
       Lake
     - SAUCE: platform/x86: int3472: Add handshake GPIO function
 .
   * CVE-2023-45898
     - ext4: fix slab-use-after-free in ext4_es_insert_extent()
 .
   * CVE-2023-31085
     - ubi: Refuse attaching if mtd's erasesize is 0
 .
   * CVE-2023-5717
     - perf: Disallow mis-matched inherited group reads
 .
   * CVE-2023-5178
     - nvmet-tcp: Fix a possible UAF in queue intialization setup
 .
   * CVE-2023-5158
     - vringh: don't use vringh_kiov_advance() in vringh_iov_xfer()
 .
   * CVE-2023-5090
     - x86: KVM: SVM: always update the x2avic msr interception
 .
   * [SRU][J/L/M] UBUNTU: [Packaging] Make WWAN driver a loadable module
     (LP: #2033406)
     - [Packaging] Make WWAN driver loadable modules
 .
   * Unable to power off the system with MTL CPU (LP: #2039405)
     - Revert "x86/smp: Put CPUs into INIT on shutdown if possible"
 .
   * usbip: error: failed to open /usr/share/hwdata//usb.ids (LP: #2039439)
     - [Packaging] Make linux-tools-common depend on hwdata
 .
   * drop all references to is_rust_module.sh in kernels >= 6.5 (LP: #2038611)
     - [Packaging] drop references to is_rust_module.sh
 .
   * disable shiftfs (LP: #2038522)
     - SAUCE: ceph: enable unsafe idmapped mounts by default
     - [Config] disable shiftfs
 .
   * Infinite systemd loop when power off the machine with multiple MD RAIDs
     (LP: #2036184)
     - md: Put the right device in md_seq_next
 .
   * [Mediatek] mt8195-demo: enable CONFIG_MTK_IOMMU as module for multimedia and
     PCIE peripherals (LP: #2036587)
     - [Config] Enable CONFIG_MTK_IOMMU on arm64
 .
   * Realtek 8852CE WiFi 6E country code udpates (LP: #2037273)
     - wifi: rtw89: regd: update regulatory map to R64-R43
 .
   * Unable to use nvme drive to install Ubuntu 23.10 (LP: #2040157)
     - misc: rtsx: Fix some platforms can not boot and move the l1ss judgment to
       probe
 .
   * CVE-2023-42754
     - ipv4: fix null-deref in ipv4_link_failure
 .
   * linux-*: please enable dm-verity kconfigs to allow MoK/db verified root
     images (LP: #2019040)
     - [Config] CONFIG_DM_VERITY_VERIFY_ROOTHASH_SIG_SECONDARY_KEYRING=y
 .
   * Fix RCU warning on AMD laptops (LP: #2036377)
     - power: supply: core: Use blocking_notifier_call_chain to avoid RCU complaint
 .
   * allow io_uring to be disabled in runtime (LP: #2035116)
     - io_uring: add a sysctl to disable io_uring system-wide
 .
   * Fix unstable audio at low levels on Thinkpad P1G4 (LP: #2037077)
     - ALSA: hda/realtek - ALC287 I2S speaker platform support
Checksums-Sha1:
 d785f244f44530b0d2118b618c1e5281debdd0f1 1565926 linux-libc-dev_6.5.0-12.12_i386.deb
 bdf3cfa83c97ef9bb15511d3546ab2eb6cf50fde 8993 linux_6.5.0-12.12_i386.buildinfo
 22ceb4bbed9e298184335b2a9e9ff0cb26388f1c 23355 linux_6.5.0-12.12_i386_translations.tar.gz
Checksums-Sha256:
 482f22030dd766241d8b196c6b5c41280724906122498097acd111d19475a9fd 1565926 linux-libc-dev_6.5.0-12.12_i386.deb
 1a3c5621c7a5608ea8dfa99204be24c756b75326b1a496772b3c071aacffcf30 8993 linux_6.5.0-12.12_i386.buildinfo
 a1dfe634bedcc4cc1c87a63e7361c44d5411392c584f3ec9abdc652a1451ee22 23355 linux_6.5.0-12.12_i386_translations.tar.gz
Files:
 dfdaad59c038e484c30a79a16b65ec15 1565926 devel optional linux-libc-dev_6.5.0-12.12_i386.deb
 cd2ce44466a85012b41baa4bf2359011 8993 devel optional linux_6.5.0-12.12_i386.buildinfo
 a5535cc3bd2a592171cf0554ee537ea8 23355 raw-translations - linux_6.5.0-12.12_i386_translations.tar.gz
Ubuntu-Compatible-Signing: ubuntu/4 pro/3