==========================================================================
Ubuntu Security Notice USN-3697-1
July 02, 2018
linux, linux-raspi2 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 17.10
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux: Linux kernel
- linux-raspi2: Linux kernel for Raspberry Pi 2
Details:
It was discovered that a null pointer dereference vulnerability existed in
the DCCP protocol implementation in the Linux kernel. A local attacker
could use this to cause a denial of service (system crash). (CVE-2018-1130)
Jann Horn discovered that the 32 bit adjtimex() syscall implementation for
64 bit Linux kernels did not properly initialize memory returned to user
space in some situations. A local attacker could use this to expose
sensitive information (kernel memory). (CVE-2018-11508)
Wang Qize discovered that an information disclosure vulnerability existed
in the SMBus driver for ACPI Embedded Controllers in the Linux kernel. A
local attacker could use this to expose sensitive information (kernel
pointer addresses). (CVE-2018-5750)
It was discovered that the SCTP Protocol implementation in the Linux kernel
did not properly validate userspace provided payload lengths in some
situations. A local attacker could use this to cause a denial of service
(system crash). (CVE-2018-5803)
It was discovered that an integer overflow error existed in the futex
implementation in the Linux kernel. A local attacker could use this to
cause a denial of service (system crash). (CVE-2018-6927)
It was discovered that an information leak vulnerability existed in the
floppy driver in the Linux kernel. A local attacker could use this to
expose sensitive information (kernel memory). (CVE-2018-7755)
It was discovered that a memory leak existed in the SAS driver subsystem of
the Linux kernel. A local attacker could use this to cause a denial of
service (memory exhaustion). (CVE-2018-7757)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 17.10:
linux-image-4.13.0-1023-raspi2 4.13.0-1023.24
linux-image-4.13.0-46-generic 4.13.0-46.51
linux-image-4.13.0-46-generic-lpae 4.13.0-46.51
linux-image-4.13.0-46-lowlatency 4.13.0-46.51
linux-image-generic 4.13.0.46.49
linux-image-generic-lpae 4.13.0.46.49
linux-image-lowlatency 4.13.0.46.49
linux-image-raspi2 4.13.0.1023.21
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://usn.ubuntu.com/usn/usn-3697-1
CVE-2018-1130, CVE-2018-11508, CVE-2018-5750, CVE-2018-5803,
CVE-2018-6927, CVE-2018-7755, CVE-2018-7757
Package Information:
https://launchpad.net/ubuntu/+source/linux/4.13.0-46.51
https://launchpad.net/ubuntu/+source/linux-raspi2/4.13.0-1023.24
Monday, July 2, 2018
[USN-3697-2] Linux kernel (OEM) vulnerabilities
==========================================================================
Ubuntu Security Notice USN-3697-2
July 02, 2018
linux-oem vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-oem: Linux kernel for OEM processors
Details:
It was discovered that a null pointer dereference vulnerability existed in
the DCCP protocol implementation in the Linux kernel. A local attacker
could use this to cause a denial of service (system crash). (CVE-2018-1130)
Jann Horn discovered that the 32 bit adjtimex() syscall implementation for
64 bit Linux kernels did not properly initialize memory returned to user
space in some situations. A local attacker could use this to expose
sensitive information (kernel memory). (CVE-2018-11508)
Wang Qize discovered that an information disclosure vulnerability existed
in the SMBus driver for ACPI Embedded Controllers in the Linux kernel. A
local attacker could use this to expose sensitive information (kernel
pointer addresses). (CVE-2018-5750)
It was discovered that the SCTP Protocol implementation in the Linux kernel
did not properly validate userspace provided payload lengths in some
situations. A local attacker could use this to cause a denial of service
(system crash). (CVE-2018-5803)
It was discovered that an integer overflow error existed in the futex
implementation in the Linux kernel. A local attacker could use this to
cause a denial of service (system crash). (CVE-2018-6927)
It was discovered that an information leak vulnerability existed in the
floppy driver in the Linux kernel. A local attacker could use this to
expose sensitive information (kernel memory). (CVE-2018-7755)
It was discovered that a memory leak existed in the SAS driver subsystem of
the Linux kernel. A local attacker could use this to cause a denial of
service (memory exhaustion). (CVE-2018-7757)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 LTS:
linux-image-4.13.0-1031-oem 4.13.0-1031.35
linux-image-oem 4.13.0.1031.36
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://usn.ubuntu.com/usn/usn-3697-2
https://usn.ubuntu.com/usn/usn-3697-1
CVE-2018-1130, CVE-2018-11508, CVE-2018-5750, CVE-2018-5803,
CVE-2018-6927, CVE-2018-7755, CVE-2018-7757
Package Information:
https://launchpad.net/ubuntu/+source/linux-oem/4.13.0-1031.35
Ubuntu Security Notice USN-3697-2
July 02, 2018
linux-oem vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-oem: Linux kernel for OEM processors
Details:
It was discovered that a null pointer dereference vulnerability existed in
the DCCP protocol implementation in the Linux kernel. A local attacker
could use this to cause a denial of service (system crash). (CVE-2018-1130)
Jann Horn discovered that the 32 bit adjtimex() syscall implementation for
64 bit Linux kernels did not properly initialize memory returned to user
space in some situations. A local attacker could use this to expose
sensitive information (kernel memory). (CVE-2018-11508)
Wang Qize discovered that an information disclosure vulnerability existed
in the SMBus driver for ACPI Embedded Controllers in the Linux kernel. A
local attacker could use this to expose sensitive information (kernel
pointer addresses). (CVE-2018-5750)
It was discovered that the SCTP Protocol implementation in the Linux kernel
did not properly validate userspace provided payload lengths in some
situations. A local attacker could use this to cause a denial of service
(system crash). (CVE-2018-5803)
It was discovered that an integer overflow error existed in the futex
implementation in the Linux kernel. A local attacker could use this to
cause a denial of service (system crash). (CVE-2018-6927)
It was discovered that an information leak vulnerability existed in the
floppy driver in the Linux kernel. A local attacker could use this to
expose sensitive information (kernel memory). (CVE-2018-7755)
It was discovered that a memory leak existed in the SAS driver subsystem of
the Linux kernel. A local attacker could use this to cause a denial of
service (memory exhaustion). (CVE-2018-7757)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 LTS:
linux-image-4.13.0-1031-oem 4.13.0-1031.35
linux-image-oem 4.13.0.1031.36
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://usn.ubuntu.com/usn/usn-3697-2
https://usn.ubuntu.com/usn/usn-3697-1
CVE-2018-1130, CVE-2018-11508, CVE-2018-5750, CVE-2018-5803,
CVE-2018-6927, CVE-2018-7755, CVE-2018-7757
Package Information:
https://launchpad.net/ubuntu/+source/linux-oem/4.13.0-1031.35
[USN-3696-2] Linux kernel (Xenial HWE) vulnerabilities
==========================================================================
Ubuntu Security Notice USN-3696-2
July 02, 2018
linux-lts-xenial, linux-aws vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-aws: Linux kernel for Amazon Web Services (AWS) systems
- linux-lts-xenial: Linux hardware enablement kernel from Xenial for Trusty
Details:
USN-3696-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04
LTS. This update provides the corresponding updates for the Linux
Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu
14.04 LTS.
It was discovered that an integer overflow existed in the perf subsystem of
the Linux kernel. A local attacker could use this to cause a denial of
service (system crash). (CVE-2017-18255)
Wei Fang discovered an integer overflow in the F2FS filesystem
implementation in the Linux kernel. A local attacker could use this to
cause a denial of service. (CVE-2017-18257)
It was discovered that an information leak existed in the generic SCSI
driver in the Linux kernel. A local attacker could use this to expose
sensitive information (kernel memory). (CVE-2018-1000204)
It was discovered that the wait4() system call in the Linux kernel did not
properly validate its arguments in some situations. A local attacker could
possibly use this to cause a denial of service. (CVE-2018-10087)
It was discovered that the kill() system call implementation in the Linux
kernel did not properly validate its arguments in some situations. A local
attacker could possibly use this to cause a denial of service.
(CVE-2018-10124)
Julian Stecklina and Thomas Prescher discovered that FPU register states
(such as MMX, SSE, and AVX registers) which are lazily restored are
potentially vulnerable to a side channel attack. A local attacker could use
this to expose sensitive information. (CVE-2018-3665)
Jakub Jirasek discovered that multiple use-after-errors existed in the
USB/IP implementation in the Linux kernel. A local attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2018-5814)
It was discovered that an information leak vulnerability existed in the
floppy driver in the Linux kernel. A local attacker could use this to
expose sensitive information (kernel memory). (CVE-2018-7755)
Seunghun Han discovered an information leak in the ACPI handling code in
the Linux kernel when handling early termination of ACPI table loading. A
local attacker could use this to expose sensitive informal (kernel address
locations). (CVE-2017-13695)
It was discovered that a memory leak existed in the Serial Attached SCSI
(SAS) implementation in the Linux kernel. A physically proximate attacker
could use this to cause a denial of service (memory exhaustion).
(CVE-2018-10021)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.04 LTS:
linux-image-4.4.0-1024-aws 4.4.0-1024.25
linux-image-4.4.0-130-generic 4.4.0-130.156~14.04.1
linux-image-4.4.0-130-generic-lpae 4.4.0-130.156~14.04.1
linux-image-4.4.0-130-lowlatency 4.4.0-130.156~14.04.1
linux-image-4.4.0-130-powerpc-e500mc 4.4.0-130.156~14.04.1
linux-image-4.4.0-130-powerpc-smp 4.4.0-130.156~14.04.1
linux-image-4.4.0-130-powerpc64-emb 4.4.0-130.156~14.04.1
linux-image-4.4.0-130-powerpc64-smp 4.4.0-130.156~14.04.1
linux-image-aws 4.4.0.1024.24
linux-image-generic-lpae-lts-xenial 4.4.0.130.110
linux-image-generic-lts-xenial 4.4.0.130.110
linux-image-lowlatency-lts-xenial 4.4.0.130.110
linux-image-powerpc-e500mc-lts-xenial 4.4.0.130.110
linux-image-powerpc-smp-lts-xenial 4.4.0.130.110
linux-image-powerpc64-emb-lts-xenial 4.4.0.130.110
linux-image-powerpc64-smp-lts-xenial 4.4.0.130.110
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://usn.ubuntu.com/usn/usn-3696-2
https://usn.ubuntu.com/usn/usn-3696-1
CVE-2017-13695, CVE-2017-18255, CVE-2017-18257, CVE-2018-1000204,
CVE-2018-10021, CVE-2018-10087, CVE-2018-10124, CVE-2018-3665,
CVE-2018-5814, CVE-2018-7755
Package Information:
https://launchpad.net/ubuntu/+source/linux-aws/4.4.0-1024.25
https://launchpad.net/ubuntu/+source/linux-lts-xenial/4.4.0-130.156~14.04.1
Ubuntu Security Notice USN-3696-2
July 02, 2018
linux-lts-xenial, linux-aws vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-aws: Linux kernel for Amazon Web Services (AWS) systems
- linux-lts-xenial: Linux hardware enablement kernel from Xenial for Trusty
Details:
USN-3696-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04
LTS. This update provides the corresponding updates for the Linux
Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu
14.04 LTS.
It was discovered that an integer overflow existed in the perf subsystem of
the Linux kernel. A local attacker could use this to cause a denial of
service (system crash). (CVE-2017-18255)
Wei Fang discovered an integer overflow in the F2FS filesystem
implementation in the Linux kernel. A local attacker could use this to
cause a denial of service. (CVE-2017-18257)
It was discovered that an information leak existed in the generic SCSI
driver in the Linux kernel. A local attacker could use this to expose
sensitive information (kernel memory). (CVE-2018-1000204)
It was discovered that the wait4() system call in the Linux kernel did not
properly validate its arguments in some situations. A local attacker could
possibly use this to cause a denial of service. (CVE-2018-10087)
It was discovered that the kill() system call implementation in the Linux
kernel did not properly validate its arguments in some situations. A local
attacker could possibly use this to cause a denial of service.
(CVE-2018-10124)
Julian Stecklina and Thomas Prescher discovered that FPU register states
(such as MMX, SSE, and AVX registers) which are lazily restored are
potentially vulnerable to a side channel attack. A local attacker could use
this to expose sensitive information. (CVE-2018-3665)
Jakub Jirasek discovered that multiple use-after-errors existed in the
USB/IP implementation in the Linux kernel. A local attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2018-5814)
It was discovered that an information leak vulnerability existed in the
floppy driver in the Linux kernel. A local attacker could use this to
expose sensitive information (kernel memory). (CVE-2018-7755)
Seunghun Han discovered an information leak in the ACPI handling code in
the Linux kernel when handling early termination of ACPI table loading. A
local attacker could use this to expose sensitive informal (kernel address
locations). (CVE-2017-13695)
It was discovered that a memory leak existed in the Serial Attached SCSI
(SAS) implementation in the Linux kernel. A physically proximate attacker
could use this to cause a denial of service (memory exhaustion).
(CVE-2018-10021)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.04 LTS:
linux-image-4.4.0-1024-aws 4.4.0-1024.25
linux-image-4.4.0-130-generic 4.4.0-130.156~14.04.1
linux-image-4.4.0-130-generic-lpae 4.4.0-130.156~14.04.1
linux-image-4.4.0-130-lowlatency 4.4.0-130.156~14.04.1
linux-image-4.4.0-130-powerpc-e500mc 4.4.0-130.156~14.04.1
linux-image-4.4.0-130-powerpc-smp 4.4.0-130.156~14.04.1
linux-image-4.4.0-130-powerpc64-emb 4.4.0-130.156~14.04.1
linux-image-4.4.0-130-powerpc64-smp 4.4.0-130.156~14.04.1
linux-image-aws 4.4.0.1024.24
linux-image-generic-lpae-lts-xenial 4.4.0.130.110
linux-image-generic-lts-xenial 4.4.0.130.110
linux-image-lowlatency-lts-xenial 4.4.0.130.110
linux-image-powerpc-e500mc-lts-xenial 4.4.0.130.110
linux-image-powerpc-smp-lts-xenial 4.4.0.130.110
linux-image-powerpc64-emb-lts-xenial 4.4.0.130.110
linux-image-powerpc64-smp-lts-xenial 4.4.0.130.110
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://usn.ubuntu.com/usn/usn-3696-2
https://usn.ubuntu.com/usn/usn-3696-1
CVE-2017-13695, CVE-2017-18255, CVE-2017-18257, CVE-2018-1000204,
CVE-2018-10021, CVE-2018-10087, CVE-2018-10124, CVE-2018-3665,
CVE-2018-5814, CVE-2018-7755
Package Information:
https://launchpad.net/ubuntu/+source/linux-aws/4.4.0-1024.25
https://launchpad.net/ubuntu/+source/linux-lts-xenial/4.4.0-130.156~14.04.1
[USN-3696-1] Linux kernel vulnerabilities
==========================================================================
Ubuntu Security Notice USN-3696-1
July 02, 2018
linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux: Linux kernel
- linux-aws: Linux kernel for Amazon Web Services (AWS) systems
- linux-kvm: Linux kernel for cloud environments
- linux-raspi2: Linux kernel for Raspberry Pi 2
- linux-snapdragon: Linux kernel for Snapdragon processors
Details:
It was discovered that an integer overflow existed in the perf subsystem of
the Linux kernel. A local attacker could use this to cause a denial of
service (system crash). (CVE-2017-18255)
Wei Fang discovered an integer overflow in the F2FS filesystem
implementation in the Linux kernel. A local attacker could use this to
cause a denial of service. (CVE-2017-18257)
It was discovered that an information leak existed in the generic SCSI
driver in the Linux kernel. A local attacker could use this to expose
sensitive information (kernel memory). (CVE-2018-1000204)
It was discovered that the wait4() system call in the Linux kernel did not
properly validate its arguments in some situations. A local attacker could
possibly use this to cause a denial of service. (CVE-2018-10087)
It was discovered that the kill() system call implementation in the Linux
kernel did not properly validate its arguments in some situations. A local
attacker could possibly use this to cause a denial of service.
(CVE-2018-10124)
Julian Stecklina and Thomas Prescher discovered that FPU register states
(such as MMX, SSE, and AVX registers) which are lazily restored are
potentially vulnerable to a side channel attack. A local attacker could use
this to expose sensitive information. (CVE-2018-3665)
Jakub Jirasek discovered that multiple use-after-errors existed in the
USB/IP implementation in the Linux kernel. A local attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2018-5814)
It was discovered that an information leak vulnerability existed in the
floppy driver in the Linux kernel. A local attacker could use this to
expose sensitive information (kernel memory). (CVE-2018-7755)
Seunghun Han discovered an information leak in the ACPI handling code in
the Linux kernel when handling early termination of ACPI table loading. A
local attacker could use this to expose sensitive informal (kernel address
locations). (CVE-2017-13695)
It was discovered that a memory leak existed in the Serial Attached SCSI
(SAS) implementation in the Linux kernel. A physically proximate attacker
could use this to cause a denial of service (memory exhaustion).
(CVE-2018-10021)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 LTS:
linux-image-4.4.0-1029-kvm 4.4.0-1029.34
linux-image-4.4.0-1062-aws 4.4.0-1062.71
linux-image-4.4.0-1092-raspi2 4.4.0-1092.100
linux-image-4.4.0-1095-snapdragon 4.4.0-1095.100
linux-image-4.4.0-130-generic 4.4.0-130.156
linux-image-4.4.0-130-generic-lpae 4.4.0-130.156
linux-image-4.4.0-130-lowlatency 4.4.0-130.156
linux-image-4.4.0-130-powerpc-e500mc 4.4.0-130.156
linux-image-4.4.0-130-powerpc-smp 4.4.0-130.156
linux-image-4.4.0-130-powerpc64-emb 4.4.0-130.156
linux-image-4.4.0-130-powerpc64-smp 4.4.0-130.156
linux-image-aws 4.4.0.1062.64
linux-image-generic 4.4.0.130.136
linux-image-generic-lpae 4.4.0.130.136
linux-image-kvm 4.4.0.1029.28
linux-image-lowlatency 4.4.0.130.136
linux-image-powerpc-e500mc 4.4.0.130.136
linux-image-powerpc-smp 4.4.0.130.136
linux-image-powerpc64-emb 4.4.0.130.136
linux-image-powerpc64-smp 4.4.0.130.136
linux-image-raspi2 4.4.0.1092.92
linux-image-snapdragon 4.4.0.1095.87
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://usn.ubuntu.com/usn/usn-3696-1
CVE-2017-13695, CVE-2017-18255, CVE-2017-18257, CVE-2018-1000204,
CVE-2018-10021, CVE-2018-10087, CVE-2018-10124, CVE-2018-3665,
CVE-2018-5814, CVE-2018-7755
Package Information:
https://launchpad.net/ubuntu/+source/linux/4.4.0-130.156
https://launchpad.net/ubuntu/+source/linux-aws/4.4.0-1062.71
https://launchpad.net/ubuntu/+source/linux-kvm/4.4.0-1029.34
https://launchpad.net/ubuntu/+source/linux-raspi2/4.4.0-1092.100
https://launchpad.net/ubuntu/+source/linux-snapdragon/4.4.0-1095.100
Ubuntu Security Notice USN-3696-1
July 02, 2018
linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux: Linux kernel
- linux-aws: Linux kernel for Amazon Web Services (AWS) systems
- linux-kvm: Linux kernel for cloud environments
- linux-raspi2: Linux kernel for Raspberry Pi 2
- linux-snapdragon: Linux kernel for Snapdragon processors
Details:
It was discovered that an integer overflow existed in the perf subsystem of
the Linux kernel. A local attacker could use this to cause a denial of
service (system crash). (CVE-2017-18255)
Wei Fang discovered an integer overflow in the F2FS filesystem
implementation in the Linux kernel. A local attacker could use this to
cause a denial of service. (CVE-2017-18257)
It was discovered that an information leak existed in the generic SCSI
driver in the Linux kernel. A local attacker could use this to expose
sensitive information (kernel memory). (CVE-2018-1000204)
It was discovered that the wait4() system call in the Linux kernel did not
properly validate its arguments in some situations. A local attacker could
possibly use this to cause a denial of service. (CVE-2018-10087)
It was discovered that the kill() system call implementation in the Linux
kernel did not properly validate its arguments in some situations. A local
attacker could possibly use this to cause a denial of service.
(CVE-2018-10124)
Julian Stecklina and Thomas Prescher discovered that FPU register states
(such as MMX, SSE, and AVX registers) which are lazily restored are
potentially vulnerable to a side channel attack. A local attacker could use
this to expose sensitive information. (CVE-2018-3665)
Jakub Jirasek discovered that multiple use-after-errors existed in the
USB/IP implementation in the Linux kernel. A local attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2018-5814)
It was discovered that an information leak vulnerability existed in the
floppy driver in the Linux kernel. A local attacker could use this to
expose sensitive information (kernel memory). (CVE-2018-7755)
Seunghun Han discovered an information leak in the ACPI handling code in
the Linux kernel when handling early termination of ACPI table loading. A
local attacker could use this to expose sensitive informal (kernel address
locations). (CVE-2017-13695)
It was discovered that a memory leak existed in the Serial Attached SCSI
(SAS) implementation in the Linux kernel. A physically proximate attacker
could use this to cause a denial of service (memory exhaustion).
(CVE-2018-10021)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 LTS:
linux-image-4.4.0-1029-kvm 4.4.0-1029.34
linux-image-4.4.0-1062-aws 4.4.0-1062.71
linux-image-4.4.0-1092-raspi2 4.4.0-1092.100
linux-image-4.4.0-1095-snapdragon 4.4.0-1095.100
linux-image-4.4.0-130-generic 4.4.0-130.156
linux-image-4.4.0-130-generic-lpae 4.4.0-130.156
linux-image-4.4.0-130-lowlatency 4.4.0-130.156
linux-image-4.4.0-130-powerpc-e500mc 4.4.0-130.156
linux-image-4.4.0-130-powerpc-smp 4.4.0-130.156
linux-image-4.4.0-130-powerpc64-emb 4.4.0-130.156
linux-image-4.4.0-130-powerpc64-smp 4.4.0-130.156
linux-image-aws 4.4.0.1062.64
linux-image-generic 4.4.0.130.136
linux-image-generic-lpae 4.4.0.130.136
linux-image-kvm 4.4.0.1029.28
linux-image-lowlatency 4.4.0.130.136
linux-image-powerpc-e500mc 4.4.0.130.136
linux-image-powerpc-smp 4.4.0.130.136
linux-image-powerpc64-emb 4.4.0.130.136
linux-image-powerpc64-smp 4.4.0.130.136
linux-image-raspi2 4.4.0.1092.92
linux-image-snapdragon 4.4.0.1095.87
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://usn.ubuntu.com/usn/usn-3696-1
CVE-2017-13695, CVE-2017-18255, CVE-2017-18257, CVE-2018-1000204,
CVE-2018-10021, CVE-2018-10087, CVE-2018-10124, CVE-2018-3665,
CVE-2018-5814, CVE-2018-7755
Package Information:
https://launchpad.net/ubuntu/+source/linux/4.4.0-130.156
https://launchpad.net/ubuntu/+source/linux-aws/4.4.0-1062.71
https://launchpad.net/ubuntu/+source/linux-kvm/4.4.0-1029.34
https://launchpad.net/ubuntu/+source/linux-raspi2/4.4.0-1092.100
https://launchpad.net/ubuntu/+source/linux-snapdragon/4.4.0-1095.100
[USN-3695-2] Linux kernel (HWE) vulnerabilities
==========================================================================
Ubuntu Security Notice USN-3695-2
July 02, 2018
linux-hwe, linux-azure vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-azure: Linux kernel for Microsoft Azure Cloud systems
- linux-hwe: Linux hardware enablement (HWE) kernel
Details:
USN-3695-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04
LTS. This update provides the corresponding updates for the Linux
Hardware Enablement (HWE) kernel from Ubuntu 18.04 LTS for Ubuntu
16.04 LTS.
Wen Xu discovered that the ext4 file system implementation in the Linux
kernel did not properly initialize the crc32c checksum driver. A local
attacker could use this to cause a denial of service (system crash).
(CVE-2018-1094)
It was discovered that the cdrom driver in the Linux kernel contained an
incorrect bounds check. A local attacker could use this to expose sensitive
information (kernel memory). (CVE-2018-10940)
Wen Xu discovered that the ext4 file system implementation in the Linux
kernel did not properly validate xattr sizes. A local attacker could use
this to cause a denial of service (system crash). (CVE-2018-1095)
Jann Horn discovered that the 32 bit adjtimex() syscall implementation for
64 bit Linux kernels did not properly initialize memory returned to user
space in some situations. A local attacker could use this to expose
sensitive information (kernel memory). (CVE-2018-11508)
It was discovered that an information leak vulnerability existed in the
floppy driver in the Linux kernel. A local attacker could use this to
expose sensitive information (kernel memory). (CVE-2018-7755)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 LTS:
linux-image-4.15.0-1014-azure 4.15.0-1014.14~16.04.1
linux-image-4.15.0-24-generic 4.15.0-24.26~16.04.1
linux-image-4.15.0-24-generic-lpae 4.15.0-24.26~16.04.1
linux-image-4.15.0-24-lowlatency 4.15.0-24.26~16.04.1
linux-image-azure 4.15.0.1014.21
linux-image-generic-hwe-16.04 4.15.0.24.46
linux-image-generic-lpae-hwe-16.04 4.15.0.24.46
linux-image-lowlatency-hwe-16.04 4.15.0.24.46
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://usn.ubuntu.com/usn/usn-3695-2
https://usn.ubuntu.com/usn/usn-3695-1
CVE-2018-1094, CVE-2018-10940, CVE-2018-1095, CVE-2018-11508,
CVE-2018-7755
Package Information:
https://launchpad.net/ubuntu/+source/linux-azure/4.15.0-1014.14~16.04.1
https://launchpad.net/ubuntu/+source/linux-hwe/4.15.0-24.26~16.04.1
Ubuntu Security Notice USN-3695-2
July 02, 2018
linux-hwe, linux-azure vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-azure: Linux kernel for Microsoft Azure Cloud systems
- linux-hwe: Linux hardware enablement (HWE) kernel
Details:
USN-3695-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04
LTS. This update provides the corresponding updates for the Linux
Hardware Enablement (HWE) kernel from Ubuntu 18.04 LTS for Ubuntu
16.04 LTS.
Wen Xu discovered that the ext4 file system implementation in the Linux
kernel did not properly initialize the crc32c checksum driver. A local
attacker could use this to cause a denial of service (system crash).
(CVE-2018-1094)
It was discovered that the cdrom driver in the Linux kernel contained an
incorrect bounds check. A local attacker could use this to expose sensitive
information (kernel memory). (CVE-2018-10940)
Wen Xu discovered that the ext4 file system implementation in the Linux
kernel did not properly validate xattr sizes. A local attacker could use
this to cause a denial of service (system crash). (CVE-2018-1095)
Jann Horn discovered that the 32 bit adjtimex() syscall implementation for
64 bit Linux kernels did not properly initialize memory returned to user
space in some situations. A local attacker could use this to expose
sensitive information (kernel memory). (CVE-2018-11508)
It was discovered that an information leak vulnerability existed in the
floppy driver in the Linux kernel. A local attacker could use this to
expose sensitive information (kernel memory). (CVE-2018-7755)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 LTS:
linux-image-4.15.0-1014-azure 4.15.0-1014.14~16.04.1
linux-image-4.15.0-24-generic 4.15.0-24.26~16.04.1
linux-image-4.15.0-24-generic-lpae 4.15.0-24.26~16.04.1
linux-image-4.15.0-24-lowlatency 4.15.0-24.26~16.04.1
linux-image-azure 4.15.0.1014.21
linux-image-generic-hwe-16.04 4.15.0.24.46
linux-image-generic-lpae-hwe-16.04 4.15.0.24.46
linux-image-lowlatency-hwe-16.04 4.15.0.24.46
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://usn.ubuntu.com/usn/usn-3695-2
https://usn.ubuntu.com/usn/usn-3695-1
CVE-2018-1094, CVE-2018-10940, CVE-2018-1095, CVE-2018-11508,
CVE-2018-7755
Package Information:
https://launchpad.net/ubuntu/+source/linux-azure/4.15.0-1014.14~16.04.1
https://launchpad.net/ubuntu/+source/linux-hwe/4.15.0-24.26~16.04.1
[USN-3695-1] Linux kernel vulnerabilities
==========================================================================
Ubuntu Security Notice USN-3695-1
July 02, 2018
linux, linux-aws, linux-azure, linux-gcp, linux-kvm, linux-oem, linux-raspi2 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux: Linux kernel
- linux-aws: Linux kernel for Amazon Web Services (AWS) systems
- linux-azure: Linux kernel for Microsoft Azure Cloud systems
- linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems
- linux-kvm: Linux kernel for cloud environments
- linux-oem: Linux kernel for OEM processors
- linux-raspi2: Linux kernel for Raspberry Pi 2
Details:
Wen Xu discovered that the ext4 file system implementation in the Linux
kernel did not properly initialize the crc32c checksum driver. A local
attacker could use this to cause a denial of service (system crash).
(CVE-2018-1094)
It was discovered that the cdrom driver in the Linux kernel contained an
incorrect bounds check. A local attacker could use this to expose sensitive
information (kernel memory). (CVE-2018-10940)
Wen Xu discovered that the ext4 file system implementation in the Linux
kernel did not properly validate xattr sizes. A local attacker could use
this to cause a denial of service (system crash). (CVE-2018-1095)
Jann Horn discovered that the 32 bit adjtimex() syscall implementation for
64 bit Linux kernels did not properly initialize memory returned to user
space in some situations. A local attacker could use this to expose
sensitive information (kernel memory). (CVE-2018-11508)
It was discovered that an information leak vulnerability existed in the
floppy driver in the Linux kernel. A local attacker could use this to
expose sensitive information (kernel memory). (CVE-2018-7755)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS:
linux-image-4.15.0-1010-gcp 4.15.0-1010.10
linux-image-4.15.0-1011-aws 4.15.0-1011.11
linux-image-4.15.0-1012-kvm 4.15.0-1012.12
linux-image-4.15.0-1013-raspi2 4.15.0-1013.14
linux-image-4.15.0-1014-azure 4.15.0-1014.14
linux-image-4.15.0-24-generic 4.15.0-24.26
linux-image-4.15.0-24-generic-lpae 4.15.0-24.26
linux-image-4.15.0-24-lowlatency 4.15.0-24.26
linux-image-4.15.0-24-snapdragon 4.15.0-24.26
linux-image-aws 4.15.0.1011.11
linux-image-azure 4.15.0.1014.14
linux-image-gcp 4.15.0.1010.12
linux-image-generic 4.15.0.24.26
linux-image-generic-lpae 4.15.0.24.26
linux-image-gke 4.15.0.1010.12
linux-image-kvm 4.15.0.1012.12
linux-image-lowlatency 4.15.0.24.26
linux-image-oem 4.15.0.1009.11
linux-image-raspi2 4.15.0.1013.11
linux-image-snapdragon 4.15.0.24.26
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://usn.ubuntu.com/usn/usn-3695-1
CVE-2018-1094, CVE-2018-10940, CVE-2018-1095, CVE-2018-11508,
CVE-2018-7755
Package Information:
https://launchpad.net/ubuntu/+source/linux/4.15.0-24.26
https://launchpad.net/ubuntu/+source/linux-aws/4.15.0-1011.11
https://launchpad.net/ubuntu/+source/linux-azure/4.15.0-1014.14
https://launchpad.net/ubuntu/+source/linux-gcp/4.15.0-1010.10
https://launchpad.net/ubuntu/+source/linux-kvm/4.15.0-1012.12
https://launchpad.net/ubuntu/+source/linux-oem/4.15.0-1009.12
https://launchpad.net/ubuntu/+source/linux-raspi2/4.15.0-1013.14
Ubuntu Security Notice USN-3695-1
July 02, 2018
linux, linux-aws, linux-azure, linux-gcp, linux-kvm, linux-oem, linux-raspi2 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux: Linux kernel
- linux-aws: Linux kernel for Amazon Web Services (AWS) systems
- linux-azure: Linux kernel for Microsoft Azure Cloud systems
- linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems
- linux-kvm: Linux kernel for cloud environments
- linux-oem: Linux kernel for OEM processors
- linux-raspi2: Linux kernel for Raspberry Pi 2
Details:
Wen Xu discovered that the ext4 file system implementation in the Linux
kernel did not properly initialize the crc32c checksum driver. A local
attacker could use this to cause a denial of service (system crash).
(CVE-2018-1094)
It was discovered that the cdrom driver in the Linux kernel contained an
incorrect bounds check. A local attacker could use this to expose sensitive
information (kernel memory). (CVE-2018-10940)
Wen Xu discovered that the ext4 file system implementation in the Linux
kernel did not properly validate xattr sizes. A local attacker could use
this to cause a denial of service (system crash). (CVE-2018-1095)
Jann Horn discovered that the 32 bit adjtimex() syscall implementation for
64 bit Linux kernels did not properly initialize memory returned to user
space in some situations. A local attacker could use this to expose
sensitive information (kernel memory). (CVE-2018-11508)
It was discovered that an information leak vulnerability existed in the
floppy driver in the Linux kernel. A local attacker could use this to
expose sensitive information (kernel memory). (CVE-2018-7755)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS:
linux-image-4.15.0-1010-gcp 4.15.0-1010.10
linux-image-4.15.0-1011-aws 4.15.0-1011.11
linux-image-4.15.0-1012-kvm 4.15.0-1012.12
linux-image-4.15.0-1013-raspi2 4.15.0-1013.14
linux-image-4.15.0-1014-azure 4.15.0-1014.14
linux-image-4.15.0-24-generic 4.15.0-24.26
linux-image-4.15.0-24-generic-lpae 4.15.0-24.26
linux-image-4.15.0-24-lowlatency 4.15.0-24.26
linux-image-4.15.0-24-snapdragon 4.15.0-24.26
linux-image-aws 4.15.0.1011.11
linux-image-azure 4.15.0.1014.14
linux-image-gcp 4.15.0.1010.12
linux-image-generic 4.15.0.24.26
linux-image-generic-lpae 4.15.0.24.26
linux-image-gke 4.15.0.1010.12
linux-image-kvm 4.15.0.1012.12
linux-image-lowlatency 4.15.0.24.26
linux-image-oem 4.15.0.1009.11
linux-image-raspi2 4.15.0.1013.11
linux-image-snapdragon 4.15.0.24.26
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://usn.ubuntu.com/usn/usn-3695-1
CVE-2018-1094, CVE-2018-10940, CVE-2018-1095, CVE-2018-11508,
CVE-2018-7755
Package Information:
https://launchpad.net/ubuntu/+source/linux/4.15.0-24.26
https://launchpad.net/ubuntu/+source/linux-aws/4.15.0-1011.11
https://launchpad.net/ubuntu/+source/linux-azure/4.15.0-1014.14
https://launchpad.net/ubuntu/+source/linux-gcp/4.15.0-1010.10
https://launchpad.net/ubuntu/+source/linux-kvm/4.15.0-1012.12
https://launchpad.net/ubuntu/+source/linux-oem/4.15.0-1009.12
https://launchpad.net/ubuntu/+source/linux-raspi2/4.15.0-1013.14
Python 3.7 on its way to rawhide
The merge of the f29-python side tag into rawhide has started.
Expect Python 3.7 in rawhide soon.
If your package will have broken dependencies (on Python 3.6), rebuild it.
If you cannot rebuild it due to dependencies not being rebuilt, (search
and) open bugs.
Make sure to block PYTHON37 [1] so we are aware of all the issues.
[1] http://bugzilla.redhat.com/show_bug.cgi?id=PYTHON37
--
Miro Hrončok
--
Phone: +420777974800
IRC: mhroncok
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org/message/3EQTXTW53WVR7FAC5Y47RWYZPF7EKIOQ/
Expect Python 3.7 in rawhide soon.
If your package will have broken dependencies (on Python 3.6), rebuild it.
If you cannot rebuild it due to dependencies not being rebuilt, (search
and) open bugs.
Make sure to block PYTHON37 [1] so we are aware of all the issues.
[1] http://bugzilla.redhat.com/show_bug.cgi?id=PYTHON37
--
Miro Hrončok
--
Phone: +420777974800
IRC: mhroncok
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org/message/3EQTXTW53WVR7FAC5Y47RWYZPF7EKIOQ/
F29 System Wide Change: Discontinue PPC64 as Alternative Architecture
= Proposed System Wide Change: Discontinue PPC64 as Alternative Architecture =
https://fedoraproject.org/wiki/Changes/DiscontinuePPC64
Owner(s):
* Dan Horák <sharkcz at fedoraproject dot org>
After a number of projects dropped support for the big endian ppc64
architecture and our move of ppc64 to "maintenance-only" mode few
releases back, now a vital dependency, the Eclipse project, stops
supporting ppc64. As a consequence we need to discontinue producing
any ppc64 content. This is a long time anticipated step as the
upstream focus on the little endian variant (ppc64le) on Linux is well
known. My email
[https://lists.fedoraproject.org/archives/list/ppc@lists.fedoraproject.org/message/D6G5RQUTRYGZ5Y4XIPMADMUSH2PTZDO4/]
sent to the Fedora PPC mailing list has few more details.
== Detailed description ==
Fedora will stop producing ppc64 content - binary rpms or composes.
== Scope ==
* Proposal owners:
synchronize with rel-engs
* Other developers:
none
* Release engineering:
#7602 [https://pagure.io/releng/issues/7602] changes in koji, bodhi
and pungi configurations are expected
** List of deliverables:
N/A
* Policies and guidelines:
none
* Trademark approval:
N/A (not needed for this Change)
--
Jan Kuřík
JBoss EAP Program Manager
Red Hat Czech s.r.o., Purkynova 99/71, 612 45 Brno, Czech Republic
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org/message/CBZBCLPPZE732X4O6SX53WC5L7QBB4A7/
https://fedoraproject.org/wiki/Changes/DiscontinuePPC64
Owner(s):
* Dan Horák <sharkcz at fedoraproject dot org>
After a number of projects dropped support for the big endian ppc64
architecture and our move of ppc64 to "maintenance-only" mode few
releases back, now a vital dependency, the Eclipse project, stops
supporting ppc64. As a consequence we need to discontinue producing
any ppc64 content. This is a long time anticipated step as the
upstream focus on the little endian variant (ppc64le) on Linux is well
known. My email
[https://lists.fedoraproject.org/archives/list/ppc@lists.fedoraproject.org/message/D6G5RQUTRYGZ5Y4XIPMADMUSH2PTZDO4/]
sent to the Fedora PPC mailing list has few more details.
== Detailed description ==
Fedora will stop producing ppc64 content - binary rpms or composes.
== Scope ==
* Proposal owners:
synchronize with rel-engs
* Other developers:
none
* Release engineering:
#7602 [https://pagure.io/releng/issues/7602] changes in koji, bodhi
and pungi configurations are expected
** List of deliverables:
N/A
* Policies and guidelines:
none
* Trademark approval:
N/A (not needed for this Change)
--
Jan Kuřík
JBoss EAP Program Manager
Red Hat Czech s.r.o., Purkynova 99/71, 612 45 Brno, Czech Republic
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org/message/CBZBCLPPZE732X4O6SX53WC5L7QBB4A7/
F29 System Wide Change: Fedora 29 Boost 1.67 upgrade
= Proposed System Wide Change: Fedora 29 Boost 1.67 upgrade =
https://fedoraproject.org/wiki/Changes/F29Boost167
Owner(s):
* Jonathan Wakely <jwakely at fedoraproject dot org>
This change brings Boost 1.67.0 to Fedora 29. This will mean F29 ships
with a recent upstream Boost release.
== Detailed description ==
The aim is to synchronize Fedora with the most recent Boost release.
Because ABI stability is one of explicit Boost non-goals, this entails
rebuilding of all dependent packages. This has also always entailed
yours truly assisting maintainers of client packages in decoding
cryptic boost-ese seen in output from g++. Such care is to be expected
this time around as well.
The equivalent changes for previous releases were Fedora 22 Change
[https://fedoraproject.org/wiki/Changes/F22Boost158] and Fedora 23
Change [https://fedoraproject.org/wiki/Changes/F23Boost159] and Fedora
24 Change [https://fedoraproject.org/wiki/Changes/F24Boost160] and
Fedora 26 Change [https://fedoraproject.org/wiki/Changes/F26Boost163]
and Fedora 27 Change
[https://fedoraproject.org/wiki/Changes/F27Boost164] and Fedora 28
Change [https://fedoraproject.org/wiki/Changes/F28Boost166].
== Scope ==
* Proposal owners:
** Build will be done with Boost.Build v2 (which is the
upstream-sanctioned way of building Boost)
** Request a "f29-boost" build system tag (discussion
[http://lists.fedoraproject.org/pipermail/devel/2011-November/159908.html]):
7278 (similar ticket for F28: https://pagure.io/releng/issue/7278)
** Build boost into that tag (take a look at the build #606493
[http://koji.fedoraproject.org/koji/buildinfo?buildID=606493] for
inspiration)
** Post a request for rebuilds to fedora-devel
** Work on rebuilding dependent packages in the tag.
** When most is done, re-tag all the packages to rawhide
** Watch fedora-devel and assist in rebuilding broken Boost clients
(by fixing the client, or Boost).
* Other developers:
** Those who depend on Boost DSOs will have to rebuild their packages.
Feature owners will alleviate some of this work as indicated above,
and will assist those whose packages fail to build in debugging them.
* Release engineering:
#7595 [https://pagure.io/releng/issue/7595]
** List of deliverables:
All deliverables will include updated Boost packages.
* Policies and guidelines:
** Apart from scope, this is business as usual, so no policies, no guidelines.
* Trademark approval:
N/A (not needed for this Change)
--
Jan Kuřík
JBoss EAP Program Manager
Red Hat Czech s.r.o., Purkynova 99/71, 612 45 Brno, Czech Republic
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org/message/6BYCYIIA4SLVN2FICAQBI6XEYK5PF7HN/
https://fedoraproject.org/wiki/Changes/F29Boost167
Owner(s):
* Jonathan Wakely <jwakely at fedoraproject dot org>
This change brings Boost 1.67.0 to Fedora 29. This will mean F29 ships
with a recent upstream Boost release.
== Detailed description ==
The aim is to synchronize Fedora with the most recent Boost release.
Because ABI stability is one of explicit Boost non-goals, this entails
rebuilding of all dependent packages. This has also always entailed
yours truly assisting maintainers of client packages in decoding
cryptic boost-ese seen in output from g++. Such care is to be expected
this time around as well.
The equivalent changes for previous releases were Fedora 22 Change
[https://fedoraproject.org/wiki/Changes/F22Boost158] and Fedora 23
Change [https://fedoraproject.org/wiki/Changes/F23Boost159] and Fedora
24 Change [https://fedoraproject.org/wiki/Changes/F24Boost160] and
Fedora 26 Change [https://fedoraproject.org/wiki/Changes/F26Boost163]
and Fedora 27 Change
[https://fedoraproject.org/wiki/Changes/F27Boost164] and Fedora 28
Change [https://fedoraproject.org/wiki/Changes/F28Boost166].
== Scope ==
* Proposal owners:
** Build will be done with Boost.Build v2 (which is the
upstream-sanctioned way of building Boost)
** Request a "f29-boost" build system tag (discussion
[http://lists.fedoraproject.org/pipermail/devel/2011-November/159908.html]):
7278 (similar ticket for F28: https://pagure.io/releng/issue/7278)
** Build boost into that tag (take a look at the build #606493
[http://koji.fedoraproject.org/koji/buildinfo?buildID=606493] for
inspiration)
** Post a request for rebuilds to fedora-devel
** Work on rebuilding dependent packages in the tag.
** When most is done, re-tag all the packages to rawhide
** Watch fedora-devel and assist in rebuilding broken Boost clients
(by fixing the client, or Boost).
* Other developers:
** Those who depend on Boost DSOs will have to rebuild their packages.
Feature owners will alleviate some of this work as indicated above,
and will assist those whose packages fail to build in debugging them.
* Release engineering:
#7595 [https://pagure.io/releng/issue/7595]
** List of deliverables:
All deliverables will include updated Boost packages.
* Policies and guidelines:
** Apart from scope, this is business as usual, so no policies, no guidelines.
* Trademark approval:
N/A (not needed for this Change)
--
Jan Kuřík
JBoss EAP Program Manager
Red Hat Czech s.r.o., Purkynova 99/71, 612 45 Brno, Czech Republic
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org/message/6BYCYIIA4SLVN2FICAQBI6XEYK5PF7HN/
F29 System Wide Change: Zchunk Metadata
= Proposed System Wide Change: Zchunk Metadata =
https://fedoraproject.org/wiki/Changes/Zchunk_Metadata
Owner(s):
* Jonathan Dieter <jdieter at gmail dot com>
* Neal Gompa <ngompa13 at gmail dot com>
All dnf repository metadata will be compressed with the zchunk format rather than xz or gzip.
== Detailed description ==
Currently Fedora's repository metadata is compressed using the xz and gzip formats. Zchunk is a new compression format designed to allow for highly efficient deltas. When Fedora's metadata is compressed using zchunk, dnf will download only the differences between any earlier copies of the metadata and the current version.
== Scope ==
* Proposal owners:
** Package zchunk for Fedora
** Get the pull requests to enable zchunk in dnf, libdnf, librepo, libsolv and createrepo_c merged upstream
*** https://github.com/rpm-software-management/librepo/pull/127
*** https://github.com/openSUSE/libsolv/pull/270
*** https://github.com/rpm-software-management/dnf/pull/1107
*** https://github.com/rpm-software-management/libdnf/pull/478
*** https://github.com/rpm-software-management/createrepo_c/pull/92
** Create a new package for Fedora's zchunk dictionaries.
* Other developers:
Fedora Infrastructure needs to start creating zchunked metadata
* Release engineering:
#7600 [https://pagure.io/releng/issue/7600]
** List of deliverables:
Zchunk repository metadata
* Policies and guidelines:
Packaging guidelines are not affected by this change.
* Trademark approval:
N/A (not needed for this Change)
-- https://fedoraproject.org/wiki/Changes/Zchunk_Metadata
Owner(s):
* Jonathan Dieter <jdieter at gmail dot com>
* Neal Gompa <ngompa13 at gmail dot com>
All dnf repository metadata will be compressed with the zchunk format rather than xz or gzip.
== Detailed description ==
Currently Fedora's repository metadata is compressed using the xz and gzip formats. Zchunk is a new compression format designed to allow for highly efficient deltas. When Fedora's metadata is compressed using zchunk, dnf will download only the differences between any earlier copies of the metadata and the current version.
== Scope ==
* Proposal owners:
** Package zchunk for Fedora
** Get the pull requests to enable zchunk in dnf, libdnf, librepo, libsolv and createrepo_c merged upstream
*** https://github.com/rpm-software-management/librepo/pull/127
*** https://github.com/openSUSE/libsolv/pull/270
*** https://github.com/rpm-software-management/dnf/pull/1107
*** https://github.com/rpm-software-management/libdnf/pull/478
*** https://github.com/rpm-software-management/createrepo_c/pull/92
** Create a new package for Fedora's zchunk dictionaries.
* Other developers:
Fedora Infrastructure needs to start creating zchunked metadata
* Release engineering:
#7600 [https://pagure.io/releng/issue/7600]
** List of deliverables:
Zchunk repository metadata
* Policies and guidelines:
Packaging guidelines are not affected by this change.
* Trademark approval:
N/A (not needed for this Change)
Jan Kuřík
JBoss EAP Program Manager
Red Hat Czech s.r.o., Purkynova 99/71, 612 45 Brno, Czech Republic
JBoss EAP Program Manager
Red Hat Czech s.r.o., Purkynova 99/71, 612 45 Brno, Czech Republic
Sunday, July 1, 2018
lists.linuxfromscratch.org mailing list memberships reminder
This is a reminder, sent out once a month, about your
lists.linuxfromscratch.org mailing list memberships. It includes your
subscription info and how to use it to change it or unsubscribe from a
list.
lists.linuxfromscratch.org mailing list memberships. It includes your
subscription info and how to use it to change it or unsubscribe from a
list.
You can visit the URLs to change your membership status or
configuration, including unsubscribing, setting digest-style delivery
or disabling delivery altogether (e.g., for a vacation), and so on.
In addition to the URL interfaces, you can also use email to make such
changes. For more info, send a message to the '-request' address of
the list (for example, mailman-request@lists.linuxfromscratch.org)
containing just the word 'help' in the message body, and an email
message will be sent to you with instructions.
If you have questions, problems, comments, etc, send them to
mailman-owner@lists.linuxfromscratch.org. Thanks!
Passwords for reallost1.fbsd2233449@blogger.com:
List Password // URL
---- --------
lfs-announce@lists.linuxfromscratch.org vaozebru
http://lists.linuxfromscratch.org/options/lfs-announce/reallost1.fbsd2233449%40blogger.com
Thursday, June 28, 2018
Planned Outage: Build, cloud and web proxy service down/disrupted 2018-07-02 21:00 UTC
There will be an outage starting at 2018-07-02 21:00UTC, which will
last approximately 4 hours.
To convert UTC to your local time, take a look at
http://fedoraproject.org/wiki/Infrastructure/UTCHowto
or run:
date -d '2018-07-02 21:00UTC'
Reason for outage:
There have been a set up of updates for EL7 and Fedora requiring
reboots of infrastructure. We will be rebooting the Build and remote
systems outside of PHX2 on this day.
Affected Services:
All build and cloud services may be up or down during the outage
window. Various proxies will not be available and fedorapeople will be
down also.
Contact Information:
Ticket Link:
https://pagure.io/fedora-infrastructure/issue/7064
Please join #fedora-admin or #fedora-noc on irc.freenode.net or add
comments to the ticket for this outage above.

--
Stephen J Smoogen.
_______________________________________________
announce mailing list -- announce@lists.fedoraproject.org
To unsubscribe send an email to announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/announce@lists.fedoraproject.org/message/D2V6JED6H7Y3575ZRP4OCXR5JGRRHNWC/
last approximately 4 hours.
To convert UTC to your local time, take a look at
http://fedoraproject.org/wiki/Infrastructure/UTCHowto
or run:
date -d '2018-07-02 21:00UTC'
Reason for outage:
There have been a set up of updates for EL7 and Fedora requiring
reboots of infrastructure. We will be rebooting the Build and remote
systems outside of PHX2 on this day.
Affected Services:
All build and cloud services may be up or down during the outage
window. Various proxies will not be available and fedorapeople will be
down also.
Contact Information:
Ticket Link:
https://pagure.io/fedora-infrastructure/issue/7064
Please join #fedora-admin or #fedora-noc on irc.freenode.net or add
comments to the ticket for this outage above.

--
Stephen J Smoogen.
_______________________________________________
announce mailing list -- announce@lists.fedoraproject.org
To unsubscribe send an email to announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/announce@lists.fedoraproject.org/message/D2V6JED6H7Y3575ZRP4OCXR5JGRRHNWC/
Subscribe to:
Posts (Atom)