group.of.nepali.translators team mailing list archive

Thread
Date
[Bug 1642368] Re: linux: Staging modules should be unsigned

To: group.of.nepali.translators@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <1642368@xxxxxxxxxxxxxxxxxx>
Date: Tue, 10 Jan 2017 14:11:15 -0000
Reply-to: Bug 1642368 <1642368@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx
This bug was fixed in the package linux - 4.4.0-59.80

---------------
linux (4.4.0-59.80) xenial; urgency=low

  [ John Donnelly ]

  * Release Tracking Bug
    - LP: #1654282

  * [2.1.1] MAAS has nvme0n1 set as boot disk, curtin fails (LP: #1651602)
    - (fix) nvme: only require 1 interrupt vector, not 2+

linux (4.4.0-58.79) xenial; urgency=low

  [ Luis Henriques ]

  * Release Tracking Bug
    - LP: #1651402

  * Support ACPI probe for IIO sensor drivers from ST Micro (LP: #1650123)
    - SAUCE: iio: st_sensors: match sensors using ACPI handle
    - SAUCE: iio: st_accel: Support sensor i2c probe using acpi
    - SAUCE: iio: st_pressure: Support i2c probe using acpi
    - [Config] CONFIG_HTS221=m, CONFIG_HTS221_I2C=m, CONFIG_HTS221_SPI=m

  * Fix channel data parsing in ST Micro sensor IIO drivers (LP: #1650189)
    - SAUCE: iio: common: st_sensors: fix channel data parsing

  * ST Micro lng2dm 3-axis "femto" accelerometer support (LP: #1650112)
    - SAUCE: iio: st-accel: add support for lis2dh12
    - SAUCE: iio: st_sensors: support active-low interrupts
    - SAUCE: iio: accel: Add support for the h3lis331dl accelerometer
    - SAUCE: iio: st_sensors: verify interrupt event to status
    - SAUCE: iio: st_sensors: support open drain mode
    - SAUCE: iio:st_sensors: fix power regulator usage
    - SAUCE: iio: st_sensors: switch to a threaded interrupt
    - SAUCE: iio: accel: st_accel: Add lis3l02dq support
    - SAUCE: iio: st_sensors: fix scale configuration for h3lis331dl
    - SAUCE: iio: accel: st_accel: add support to lng2dm
    - SAUCE: iio: accel: st_accel: inline per-sensor data
    - SAUCE: Documentation: dt: iio: accel: add lng2dm sensor device binding

  * ST Micro hts221 relative humidity sensor support (LP: #1650116)
    - SAUCE: iio: humidity: add support to hts221 rh/temp combo device
    - SAUCE: Documentation: dt: iio: humidity: add hts221 sensor device binding
    - SAUCE: iio: humidity: remove
    - SAUCE: iio: humidity: Support acpi probe for hts211

  * crypto : tolerate new crypto hardware for z Systems (LP: #1644557)
    - s390/zcrypt: Introduce CEX6 toleration

  * Acer, Inc ID 5986:055a is useless after 14.04.2 installed. (LP: #1433906)
    - uvcvideo: uvc_scan_fallback() for webcams with broken chain

  * vmxnet3 driver could causes kernel panic with v4.4 if LRO enabled.
    (LP: #1650635)
    - vmxnet3: segCnt can be 1 for LRO packets

  * system freeze when swapping to encrypted swap partition (LP: #1647400)
    - mm, oom: rework oom detection
    - mm: throttle on IO only when there are too many dirty and writeback pages

  * Kernel Fixes to get TCMU File Backed Optical to work (LP: #1646204)
    - target/user: Use sense_reason_t in tcmu_queue_cmd_ring
    - target/user: Return an error if cmd data size is too large
    - target/user: Fix comments to not refer to data ring
    - SAUCE: (no-up) target/user: Fix use-after-free of tcmu_cmds if they are
      expired

  * CVE-2016-9756
    - KVM: x86: drop error recovery in em_jmp_far and em_ret_far

  * Dell Precision 5520 & 3520 freezes at login screent (LP: #1650054)
    - ACPI / blacklist: add _REV quirks for Dell Precision 5520 and 3520

  * CVE-2016-9794
    - ALSA: pcm : Call kill_fasync() in stream lock

  * Allow fuse user namespace mounts by default in xenial (LP: #1634964)
    - (namespace) mnt: Move the FS_USERNS_MOUNT check into sget_userns
    - (namespace) Revert "UBUNTU: SAUCE: fs: Refuse uid/gid changes which don't
      map into s_user_ns"
    - (namespace) fs: Refuse uid/gid changes which don't map into s_user_ns
    - (namespace) Revert "UBUNTU: SAUCE: fs: Update posix_acl support to handle
      user namespace mounts"
    - (namespace) vfs: Verify acls are valid within superblock's s_user_ns.
    - SAUCE: (namespace) posix_acl: Export posix_acl_fix_xattr_userns() to modules
    - SAUCE: (namespace) fuse: Translate ids in posix acl xattrs
    - (namespace) vfs: Don't modify inodes with a uid or gid unknown to the vfs
    - (namespace) vfs: Don't create inodes with a uid or gid unknown to the vfs
    - (namespace) Revert "UBUNTU: SAUCE: quota: Require that qids passed to
      dqget() be valid and map into s_user_ns"
    - (namespace) Revert "UBUNTU: SAUCE: quota: Convert ids relative to s_user_ns"
    - (namespace) quota: Ensure qids map to the filesystem
    - (namespace) quota: Handle quota data stored in s_user_ns in quota_setxquota
    - (namespace) dquot: For now explicitly don't support filesystems outside of
      init_user_ns
    - (namespace) Revert "UBUNTU: SAUCE: ima/evm: Allow root in s_user_ns to set
      xattrs"
    - SAUCE: (namespace) security/integrity: Harden against malformed xattrs
    - (namespace) Revert "UBUNTU: SAUCE: fs: Allow superblock owner to change
      ownership of inodes with unmappable ids"
    - SAUCE: (namespace) fs: Allow superblock owner to change ownership of inodes
    - (namespace) Revert "UBUNTU: SAUCE: fs: Don't remove suid for CAP_FSETID in
      s_user_ns"
    - SAUCE: (namespace) fs: Don't remove suid for CAP_FSETID for userns root
    - SAUCE: (namespace) fuse: Allow user namespace mounts by default

  * Boot crash in xen_send_IPI_one (LP: #1649821)
    - xen/qspinlock: Don't kick CPU if IRQ is not initialized

  * linux: Staging modules should be unsigned (LP: #1642368)
    - [Debian] Suppress module signing for staging drivers
    - SAUCE: Add rtl drivers to signature inclusion list

  * Ethernet not work after upgrade from kernel 3.19 to 4.4 [10ec:8168]
    (LP: #1648279)
    - ACPI / blacklist: Make Dell Latitude 3350 ethernet work

  * CVE-2016-9793
    - net: avoid signed overflows for SO_{SND|RCV}BUFFORCE

  * [Hyper-V] Kernel panic not functional on 32bit Ubuntu 14.10, 15.04, and
    15.10 (LP: #1400319)
    - Drivers: hv: avoid vfree() on crash

  * [Hyper-V] netvsc: fix incorrect receive checksum offloading (LP: #1636656)
    - netvsc: fix incorrect receive checksum offloading

 -- John Donnelly <john.donnelly@xxxxxxxxxxxxx>  Thu, 05 Jan 2017
12:49:16 +0000

** Changed in: linux (Ubuntu Xenial)
       Status: Fix Committed => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-9756

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-9793

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-9794

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1642368

Title:
  linux: Staging modules should be unsigned

Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Trusty:
  In Progress
Status in linux source package in Xenial:
  Fix Released
Status in linux source package in Yakkety:
  In Progress
Status in linux source package in Zesty:
  Fix Released

Bug description:
  Modules under the drivers/staging hierarchy get little attention when
  it comes to vulnerabilities. It is possible that memory mapping tricks
  that expose kernel internals would go unnoticed. Therefore, do not
  sign staging modules so that they cannot be loaded in a secure boot
  environment.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1642368/+subscriptions