canonical-hw-cert team mailing list archive
-
canonical-hw-cert team
-
Mailing list archive
-
Message #137259
[Bug 2026737] Re: jammy/linux-aws-6.2: 6.2.0-1008.8~22.04.1 -proposed tracker
This bug was fixed in the package linux-aws-6.2 - 6.2.0-1008.8~22.04.1
---------------
linux-aws-6.2 (6.2.0-1008.8~22.04.1) jammy; urgency=medium
* jammy/linux-aws-6.2: 6.2.0-1008.8~22.04.1 -proposed tracker (LP:
#2026737)
[ Ubuntu: 6.2.0-1008.8 ]
* lunar/linux-aws: 6.2.0-1008.8 -proposed tracker (LP: #2026738)
* lunar/linux: 6.2.0-26.26 -proposed tracker (LP: #2026753)
* CVE-2023-2640 // CVE-2023-32629
- Revert "UBUNTU: SAUCE: overlayfs: handle idmapped mounts in
ovl_do_(set|remove)xattr"
- Revert "UBUNTU: SAUCE: overlayfs: Skip permission checking for
trusted.overlayfs.* xattrs"
- SAUCE: overlayfs: default to userxattr when mounted from non initial user
namespace
* CVE-2023-35001
- netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
* CVE-2023-31248
- netfilter: nf_tables: do not ignore genmask when looking up chain by id
* CVE-2023-3389
- io_uring/poll: serialize poll linked timer start with poll removal
* CVE-2023-3390
- netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
* CVE-2023-3090
- ipvlan:Fix out-of-bounds caused by unclear skb->cb
* CVE-2023-3269
- mm: introduce new 'lock_mm_and_find_vma()' page fault helper
- mm: make the page fault mmap locking killable
- arm64/mm: Convert to using lock_mm_and_find_vma()
- powerpc/mm: Convert to using lock_mm_and_find_vma()
- mips/mm: Convert to using lock_mm_and_find_vma()
- riscv/mm: Convert to using lock_mm_and_find_vma()
- arm/mm: Convert to using lock_mm_and_find_vma()
- mm/fault: convert remaining simple cases to lock_mm_and_find_vma()
- powerpc/mm: convert coprocessor fault to lock_mm_and_find_vma()
- mm: make find_extend_vma() fail if write lock not held
- execve: expand new process stack manually ahead of time
- mm: always expand the stack with the mmap write lock held
- [CONFIG]: Set CONFIG_LOCK_MM_AND_FIND_VMA
-- Tim Gardner <tim.gardner@xxxxxxxxxxxxx> Thu, 13 Jul 2023 08:45:22
-0600
** Changed in: linux-aws-6.2 (Ubuntu Jammy)
Status: New => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-2640
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-3090
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-31248
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-32629
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-3269
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-3389
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-3390
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-35001
--
You received this bug notification because you are a member of hardware-
certification-users, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2026737
Title:
jammy/linux-aws-6.2: 6.2.0-1008.8~22.04.1 -proposed tracker
Status in canonical-signing-jobs task00 series:
Fix Released
Status in Kernel SRU Workflow:
In Progress
Status in Kernel SRU Workflow automated-testing series:
Invalid
Status in Kernel SRU Workflow boot-testing series:
Fix Released
Status in Kernel SRU Workflow certification-testing series:
Invalid
Status in Kernel SRU Workflow new-review series:
Fix Released
Status in Kernel SRU Workflow prepare-package series:
Fix Released
Status in Kernel SRU Workflow prepare-package-generate series:
Fix Released
Status in Kernel SRU Workflow prepare-package-lrg series:
Fix Released
Status in Kernel SRU Workflow prepare-package-lrm series:
Fix Released
Status in Kernel SRU Workflow prepare-package-lrs series:
Fix Released
Status in Kernel SRU Workflow prepare-package-meta series:
Fix Released
Status in Kernel SRU Workflow prepare-package-signed series:
Fix Released
Status in Kernel SRU Workflow promote-signing-to-proposed series:
Invalid
Status in Kernel SRU Workflow promote-to-proposed series:
Fix Released
Status in Kernel SRU Workflow promote-to-security series:
New
Status in Kernel SRU Workflow promote-to-updates series:
Fix Released
Status in Kernel SRU Workflow regression-testing series:
Fix Released
Status in Kernel SRU Workflow security-signoff series:
Fix Released
Status in Kernel SRU Workflow sru-review series:
Fix Released
Status in Kernel SRU Workflow verification-testing series:
Fix Released
Status in linux-aws-6.2 source package in Jammy:
Fix Released
Bug description:
This bug will contain status and test results related to a kernel
source (or snap) as stated in the title.
For an explanation of the tasks and the associated workflow see:
https://wiki.ubuntu.com/Kernel/kernel-sru-workflow
-- swm properties --
built:
from: b3eb2292a7e85b37
route-entry: 2
delta:
promote-to-proposed: [lrm, lrs, main, meta, signed, lrg, generate]
promote-to-updates: [lrm, lrs, main, meta, signed]
flag:
boot-testing-requested: true
proposed-announcement-sent: true
proposed-testing-requested: true
stream-from-cycle: true
issue: KSRU-8371
kernel-stable-master-bug: 2026738
packages:
generate: linux-generate-aws-6.2
lrg: linux-restricted-generate-aws-6.2
lrm: linux-restricted-modules-aws-6.2
lrs: linux-restricted-signatures-aws-6.2
main: linux-aws-6.2
meta: linux-meta-aws-6.2
signed: linux-signed-aws-6.2
phase: Holding before Promote to Security
phase-changed: Monday, 24. July 2023 16:15 UTC
reason:
promote-to-security: Holding -- not ready for security (replication
dwell)
synthetic:
:promote-to-as-proposed: Invalid
variant: debs
versions:
lrm: 6.2.0-1008.8~22.04.1
main: 6.2.0-1008.8~22.04.1
meta: 6.2.0.1008.8~22.04.1
signed: 6.2.0-1008.8~22.04.1
~~:
clamps:
new-review: b3eb2292a7e85b37
promote-to-proposed: b3eb2292a7e85b37
self: 6.2.0-1008.8~22.04.1
sru-review: b3eb2292a7e85b37
To manage notifications about this bug go to:
https://bugs.launchpad.net/canonical-signing-jobs/task00/+bug/2026737/+subscriptions
