This is a brief summary of bugs fixed between Ubuntu 14.04.5 and 14.04.6. This summary covers only changes to packages in main and restricted, which account for all packages in the officially-supported CD images; there are further changes to various packages in universe and multiverse. Some of these fixes were by Ubuntu developers directly, while others were by upstream developers and backported to Ubuntu. For full details, see the individual package changelogs.
In addition to the bugs listed below, this update includes all security updates from the Ubuntu Security Notice list affecting Ubuntu 14.04 LTS that were released up to and including March 4, 2019. The last update included was USN-3885-2 (OpenSSH vulnerability).
Installation bug fixes
Updated CD images are provided with this release, including fixes for some installation bugs. (Many installation problems are hardware-specific; for those, see "Hardware support bugs" below.)
curtin |
curtin/net: fix inet value for subnets, don't add interface attributes to alias |
|
curtin |
improve net-meta network configuration |
|
curtin |
reporting: set webhook handler level to DEBUG, no filtering |
|
curtin |
fix multipath configuration and add multipath tests |
|
curtin |
Detect and remove legacy /etc/network/interfaces.d/eth0.cfg from target |
|
curtin |
sru current curtin |
|
preseed |
Fix for netcfg/hostname, if set, to take precedence. |
|
debian-installer |
No change rebuild to pick up the latest change in preseed |
|
debian-installer |
Drop support for removed keystone kernel |
|
livecd-rootfs |
Add ubuntu-cpc project |
|
livecd-rootfs |
Add basic but configurable autopkgtest. . |
|
live-build |
Add support for the ubuntu-cpc project |
|
livecd-rootfs |
Fix security mirror sources.list entries for non-x86 architectures by backporting trunk revision 1408. |
|
debian-installer |
Include $efi_name in shim filename. |
|
debian-installer |
Rebuild to pick up the latest change in preseed. |
|
preseed |
Fix for netcfg/hostname, if set, to take precedence. |
|
partman-partitioning |
Make get_real_device() both simpler and more generic. |
|
ubuntu-meta |
Added ubuntu-advantage-tools to minimal |
|
ca-certificates |
Add ca-certificates udeb package |
|
debian-installer |
build/pkg-lists/base: add ca-certificates-udeb to enable HTTPS without d-i/allow_unauthenticated_ssl in stock initramfs image as in Debian. |
|
live-build |
Backport Adam's ubuntu-initramfs-handling.patch patch from xenial: Use initramfs-tools to work with initrds, instead of trying to naively repack and unpack them blindly |
Upgrade bug fixes
These changes fix upgrade issues, smoothing the way for future upgrades to later releases of Ubuntu.
update-notifier |
Add support for the HWE End-of-Life notification via motd. |
|
update-manager |
hwe-support-status: utilize a virtualbox metapackage set. |
|
update-manager |
hwe-support-status: Deal with the fact that fglrx was deprecated in 16.04 so will not work with the Xenial 16.04 HWE stack. |
|
update-manager |
Correctly calculate the end of support, and return correctly when support has ended. Patch from Andrew Gaul, with thanks. |
|
ubuntu-release-upgrader |
No change rebuild so the dist-upgrader tarball will be signed with the new method. |
|
update-manager |
Use a 64 bit integer for launch-time instead of a 32 bit one which won't work someday. |
|
update-notifier |
Switch to using a 64 bit integer for launch-time as update-manager also did. |
|
unattended-upgrades |
Add UbuntuESM to the list of sources automatically upgraded from by default. . |
|
update-manager |
Recommend libgtk2-perl be installed so we have a working debconf frontend. |
|
update-manager |
ubuntu-support-status: use component to differentiate packages supported by the community and packages supported by Canonical, override the Supported tag for main and restricted to work around the inaccurate Packages files, hardcode the release date since distro-info-date isn't installed by default in Trusty. |
|
ubuntu-release-upgrader |
Properly drop permissions when opening a browser. |
Desktop fixes
These changes mainly affect desktop installations of Ubuntu, Kubuntu, Edubuntu and other Ubuntu-based systems.
oxide-qt |
Stop using deprecated V8 APIs |
|
xserver-xorg-video-ati-lts-xenial |
control: Move mach64, r128 back to Depends. |
|
gnome-contacts |
Log a warning instead of a crash error when communication with evolution-data-server times out. Fix backported from 3.20 |
|
gnome-keyring |
Use upstream gnome-keyring-daemon man page instead of stub Debian version |
|
whoopsie |
Allow uploading of any field with data less than 1KB, creating a whitelist of fields with large data, and a blacklist of fields we don't want in the Error Tracker. |
|
whoopsie |
src/whoopsie.c: Add fields from package management applications that can be larger than 1KB to the list of accepted fields. |
|
xorg-server-lts-xenial |
Add conflicts for fglrx, fglrx-core, fglrx-updates, and fglrx-updates-core because support for fglrx was removed in 16.04. |
|
oxide-qt |
Don't compile the mock QPA plugin with Qt5.6 |
|
oxide-qt |
Compile with -fno-delete-null-pointer-checks to work around issues related to changes in GCC6 |
|
oxide-qt |
Ensure we use the correct ozone platform |
|
oxide-qt |
Fix Qt5.2 build |
|
oxide-qt |
Oxide should use an app-specific path for shared memory files |
|
oxide-qt |
Implement KeyboardEvent.code and KeyboardEvent.key, as parts of Blink now depend on this |
|
oxide-qt |
Front camera is inverted on BQ E5 |
|
oxide-qt |
Ensure shrinksViewportContentToFit option is enabled on mobile |
|
oxide-qt |
Add a mock QPA plugin and add integration tests for the Screen and ScreenOrientation APIs |
|
oxide-qt |
Correctly report the position for video capture devices |
|
oxide-qt |
ensure GN builds are built with Pango support |
|
oxide-qt |
fix mediahub GN build |
|
oxide-qt |
Make oxide_shared_unittests / oxide_qt_unittests work with the GN build |
|
oxide-qt |
Only enable plugin support on x86 / x86-64 |
|
oxide-qt |
Refactor CookieStoreProxy and ensure that the cookie store is created on the IO thread |
|
oxide-qt |
Stop using GetFormFactorHint for memory optimizations |
|
oxide-qt |
Ensure GN builds are linked without --fatal-warnings |
|
oxide-qt |
Various allocator related fixes |
|
oxide-qt |
Various allocator related fixes |
|
oxide-qt |
Make ENABLE_TCMALLOC work with GN builds |
|
oxide-qt |
Disable TCMalloc on AArch64 |
|
oxide-qt |
Add copy image support to the context menu |
|
oxide-qt |
Fix navigator.vibrate regression and add tests for this |
|
oxide-qt |
Compile the core library with -g1 on hosts with less than 8GB of RAM |
|
oxide-qt |
Fix static ENABLE_PLUGINS=0 GN build |
|
oxide-qt |
Disable gn check step for now |
|
oxide-qt |
Preliminary support for building with GN |
|
oxide-qt |
Cross-compiling support with GN |
|
oxide-qt |
Support for bootstrapping a GN binary |
|
oxide-qt |
Initial build support for AArch64 |
|
oxide-qt |
Support filenames in drag and drop |
|
oxide-qt |
Add a quirk to assume that the native orientation of the primary screen on freiza and cooler devices is landscape |
|
oxide-qt |
Avoid a hard runtime dependency on MADV_FREE when compiled against glibc 2.24, and ensure madvise(MADV_FREE) is allowed in the seccomp policy so that it works when the kernel is upgraded to 4.5 |
|
oxide-qt |
Explicitly whitelist accelerated canvas and GPU raster on various devices. This got disabled due to a recent change in libhybris |
|
libgweather |
Switch to the new METAR data provider, the previous one was shut down (update_metar_provider.patch,). |
|
oxide-qt |
Ensure we actually initialize the elements of Clipboard::cached_info_ |
|
oxide-qt |
Initialize the locationbar position before the webview is navigated for the first time |
|
oxide-qt |
Don't spin the event loop during shutdown |
|
oxide-qt |
Fix and - Refactor ownership of BrowserContext |
|
oxide-qt |
Stop using GetFormFactorHint in PowerSaveBlocker |
|
oxide-qt |
ENABLE_TESTS fixes for Qt5.6 |
|
oxide-qt |
OSK not displaying |
|
oxide-qt |
Stop using device form factor for configuring various WebPreferences options. This also deprecates OxideQWebPreferences::shrinksStandaloneImagesToFit, which never actually worked and the corresponding setting in Blink no longer exists |
|
oxide-qt |
Delete gyp support |
|
oxide-qt |
Use WebPreferences::main_frame_resizes_are_orientation_changes rather than the corresponding command line option |
|
oxide-qt |
Clean up pinch-zoom settings and always send pinch gestures to content |
|
oxide-qt |
Turn off WebPreferences::shrinks_viewport_contents_to_fit in windowed mode to avoid some sites being scaled on window resize (incomplete fix for) |
|
oxide-qt |
Stop using GetFormFactorHint in shared/renderer |
|
oxide-qt |
Rename ScreenClient to Screen and move all screen state handling there. This removes some duplication and makes it easier to unit-test |
|
accountsservice |
Backport 0.6.43 commit to fix logout records when a user shuts down or restarts their computer |
|
nvidia-prime |
Add support for EGL alternatives. |
|
oxide-qt |
Frequent web process crashes with webapps |
|
oxide-qt |
Crash during webbrowser-app tests |
|
software-center |
Added support for Adwaita Dark theme variant to fix |
|
oxide-qt |
Ensure navigator.languages matches the embedder provided value (via WebContext::acceptLangs) |
|
oxide-qt |
Make the auto mode of LocationBarController more intelligent. It now blocks auto hide in the following circumstances: |
|
oxide-qt |
Add WebView::terminateWebProcess and WebProcessUnresponsive enum to WebProcessStatus so that applications can implement handling for hung web content processes |
|
oxide-qt |
Implement RWHV::GetFrameSinkId, and ensure our RWHV implementation uses the same cc::SurfaceManager as Chromium's RWHVChildFrame, so that cross-process frames work |
|
oxide-qt |
Add initial API reference documentation |
|
oxide-qt |
The webview shouldn't indicate that it is focused when one of its children is |
|
oxide-qt |
Don't crash when receiving messages as the webview is unloading |
|
oxide-qt |
build failure on trusty |
|
oxide-qt |
Make OxideQQuickNavigationHistory constructor private |
|
oxide-qt |
Location bar is hidden for webviews that are script opened |
|
oxide-qt |
Find-in-page doesn't wrap correctly |
|
xserver-xorg-video-intel |
Package intel-virtual-output |
|
dbus |
debian/patches/unrequested-reply-mediation.patch: Don't let unrequested reply messages through and don't audit them. Unrequested reply messages are error or method_return messages that are sent from D-Bus connection A to D-Bus connection B that do not correspond to any message ever sent by D-Bus connection B. They should be quietly dropped as there's no use for them outside of malicious activity. Patch based on upstream patches. |
|
firefox |
Fix Apparmor denials triggered by shared memory usage when e10s is enabled |
|
xorg-server-lts-xenial |
Drop the unnecessary systemd breaks clause which conflicts with snapd. In trusty, logind is managed by upstart. . |
|
pyqt5 |
Backport a change from upstream 5.2-maint branch to fix conversion of QStrings with surrogate pairs (fix_qstring_conversion.patch). Fixes. |
|
oxide-qt |
Build failure on arm64 |
|
oxide-qt |
session save/restore across oxide versions |
|
oxide-qt |
Disable zoom-for-dsf |
|
oxide-qt |
Update tst_WebView_findController.qml to test that results are updated on navigation |
|
oxide-qt |
Implement Screen::GetShellMode() |
|
oxide-qt |
Add libOxideUbuntuUITK, associated QML plugin and UbuntuWebView implementation, which will eventually replace the Ubuntu.Web component |
|
oxide-qt |
Add context menu implementation to UbuntuWebView |
|
oxide-qt |
Set the solid colour scrollbar colour correctly |
|
oxide-qt |
Fix an issue where the fling direction sometimes reverses |
|
oxide-qt |
Emit a warning when importing Oxide.Ubuntu |
|
oxide-qt |
Don't spin up a zygote process in single process mode |
|
oxide-qt |
Add QML tests for context menu |
|
oxide-qt |
Add API to allow embedders to customize actions in the context menu |
|
oxide-qt |
"Open {link,media} in new {tab,window}" entries in context menu shouldn't cause WebView.navigationRequested to fire |
|
oxide-qt |
misaligned access when running mksnapshot during the armhf build. Add this as a distro-patch to avoid having to fork the v8 repo for upstream checkouts. This isn't a problem for cross-builds anyway |
|
imagemagick |
SECURITY REGRESSION: test label regression |
|
imagemagick |
SECURITY REGRESSION: text coder issue |
|
cups |
Fixed processing of server overrides without port numbers. |
|
firefox |
Don't crash if LOGNAME is not set in the environment |
|
fglrx-installer-updates |
Avoid triggering any prompts for /etc. |
|
fglrx-installer-updates |
Bump the release replacing etc/ati so that we don't trigger a bug in software updater. |
|
fglrx-installer-updates |
Back up and restore the files that the old fglrx removes when upgrading. |
|
fglrx-installer-updates |
Make sure to also migrate the real ati configuration dir, not only the symlinks, or the upgrade will fail. |
|
fglrx-installer |
Avoid triggering any prompts for /etc. |
|
fglrx-installer |
Bump the release replacing etc/ati so that we don't trigger a bug in software updater. |
|
fglrx-installer |
Back up and restore the files that the old fglrx removes when upgrading. |
|
fglrx-installer |
Make sure to also migrate the real ati configuration dir, not only the symlinks, or the upgrade will fail. |
|
linux-lts-xenial |
snaps with classic + jailmode confinement started to fail on zesty |
|
oxide-qt |
Revert "Decide focus state of webview based on activeFocusItem check of window", as it caused a regression in popup menu handling |
|
oxide-qt |
Fails to build with vivid gcc |
|
oxide-qt |
Unbreak component build |
|
oxide-qt |
Decide the webview focus state from ItemChanged event not the focusIn/Out events |
|
oxide-qt |
Add <select> popup menu implementation to UbuntuWebView |
|
oxide-qt |
Test hang at the start of tst_focus.qml |
|
oxide-qt |
Session save/restore across oxide versions |
|
oxide-qt |
Don't run ubuntu-api and ubuntu-ui test sequences when built without ENABLE_UITK_WEBVIEW |
|
oxide-qt |
Change the behaviour of JS dialogs. |
|
oxide-qt |
Change the behaviour of JS dialogs. |
|
oxide-qt |
Add JS dialog implementation to UbuntuWebView |
|
oxide-qt |
Sync ParamTraits for content::WebPreferences to make double-tap-to-zoom work again |
|
oxide-qt |
Fix build failure with GCC 4.8 due to lack of stdatomic.h |
|
firefox |
Don't crash if LOGNAME is not set in the environment |
|
firefox |
Build with --enable-alsa for now to re-enable the unmaintained ALSA backend. Note that problems with the ALSA backend will not block future updates and Ubuntu flavors that ship without Pulseaudio need to participate in maintaining this code |
|
ido |
IdoCalendarMenuItem: disconnect from parent signals on item destruction |
|
graphviz |
Add missing dependency from libgraphviz-dev to libgvc6-plugins-gtk |
|
activity-log-manager |
Fix calendars not working when selecting date range to clear |
|
thunderbird |
Drop the previous workaround for failing to link libprldap60.so on x86 (exporting LIBS=-lc) and replace it with a more targetted workaround |
|
apport |
data/general/ubuntu.py: Collect a minimal version of /proc/cpuinfo in every report. |
|
apport |
data/general/ubuntu-gnome.py: The GNOME3 PPAs are no longer supported for 14.04 or 16.04 so set an UnreportableReason in those reports. |
|
whoopsie |
src/whoopsie.c: Add ProcCpuinfoMinimal which can be larger than 1KB to the list of accepted fields. |
|
software-properties |
depend on libgtk2-perl to ensure it's available, since it was not seeded on the desktop at release time. This is only a Recommends: in zesty, but we need to ensure this isn't ignored on upgrade.. |
|
nvidia-graphics-drivers-375 |
Drop nvidia-prime and bumblebee Recommends on armhf. |
|
nvidia-graphics-drivers-375 |
Limit the amount of cores to a maximum of 16. |
|
nvidia-graphics-drivers-375 |
install glvnd EGL vendor configuration file. |
|
desktop-file-utils |
Add Cinnamon, EDE, and LXQt to the list of registered desktop environments |
|
imagemagick |
SECURITY REGRESSION: image composite function regression |
|
firefox |
Don't restrict Destop Actions to Unity and make them compliant with GNOME-Shell |
|
firefox |
Backport patch to stub gdk_screen_get_monitor_workarea in mozgtk2 (fixes) |
|
firefox |
Remote OSProtocolHandlerExists to properly launch custom protocol handler |
|
firefox |
Search suggestions are broken after refreshing the Google searchplugin |
|
firefox |
Install EmojiOneMozilla.ttf |
|
avahi |
Remove all overly restrictive default rlimit restrictions in avahi-daemon.conf which can cause avahi to fail to start due to too many running process or crash out of memory. |
|
firefox |
Cannot customize toolbars in Unity |
|
plymouth |
debian/patches/misc-changes.patch: Drop call to stop_animation as it would unreference a bunch of variables and cause a crash writing a NULL VMA. |
|
gnome-user-docs |
debian/rules: Set NO_PKG_MANGLE so the translations are not stripped. This works around the fact that the localized gnome-help pages are not included in the latest (last?) version of the language-pack-gnome-XX-base packages. |
|
firefox |
Fix: Mark distribution search engines as read-only, so that they are marked as hidden in rather than removed from the search engine cache when a user "removes" them (they can't actually be removed from disk). This stops them from reappearing on cache rebuilds |
|
firefox |
Backport upstream change to the search service to not handle locale changes on shutdown. As well as resulting in en-US search engines being added to the search engine cache for all locales, it was resulting in a cache rebuild on every restart, making the above bug worse (fixes another part of) |
|
firefox |
Set "spellchecker.dictionary_path" by default to point to /usr/share/hunspell so that system dictionaries are loaded again, now that Firefox no longer loads them from its own install directory. Fixes another part of |
|
firefox |
Final part of the fix for: Cleanup extra Amazon.com search engine in locales that have their own Amazon search engine |
|
ghostscript |
Fix dependency for libgs9-common |
|
ghostscript |
SECURITY REGRESSION: multiple regressions |
|
gnome-desktop3 |
some vendors encode the screen ratio (e.g 16/9) in the EDID instead of including the screen size, detect those cases and display the product name instead of the screen diagonal. |
|
firefox |
Build with --enable-rust-simd (except on i386 and armhf) |
|
ghostscript |
SECURITY REGRESSION: High RIP_MAX_CACHE makes cups output device fail |
|
ghostscript |
SECURITY REGRESSION: Ghostscript update causes blue background |
|
ghostscript |
SECURITY REGRESSION: High RIP_MAX_CACHE makes cups output device fail, second fix attempt. |
Server and Cloud related fixes
These changes mainly affect installations of Ubuntu on server systems and clouds.
maas |
New Upstream Release, 1.9: |
|
pollinate |
debian/pollinate.service: Move installation from network.target to multi-user.target. network.target is too early and causes dependency loops with e. g. NFS. |
|
pollinate |
use the right flag file for |
|
pollinate |
Don't run pollinate.service in containers (as containers can't and should not write the host's random pool) and when we already have a saved random seeds (i. e. only on first boot). |
|
pollinate |
pollinate: use timeout(1) to limit curl, related to |
|
pollinate |
pollinate: |
|
pollinate |
pollinate, pollinate.1: |
|
neutron |
Backport performance fix by refactoring logging statements.: |
|
cloud-init |
debian/patches/lp-1581200-gce-metadatafqdn.patch : Remove trailing dot in metadata.google.internal GCE metadata lookup. |
|
curl |
fix problem with chunked encoded data |
|
isc-dhcp |
Fixed missing broadcast flag for Infiniband interfaces |
|
sssd |
New upstream bugfix release. |
|
sssd |
fix-upstream-2620.diff: Set sdap handle as explicitly connected in LDAP auth. |
|
sssd |
debian/patches/AD-*.diff: Prefer site-local-DCs in LDAP ping, thanks Jorge Niedbalski! |
|
neutron |
iptables_manager can run very slowly when a large number of security group rules are present |
|
isc-dhcp |
Don't assume IPv6 prefix length of 64. Pulled from debian commit c347ab8a43587164486ce1f104eedfd638594e59. |
|
logwatch |
debian/patches/fix-match-samba-logs.patch: Fix match rules for samba logs |
|
multipath-tools |
d/p/0045-fix-mpp_alias-freeing.patch, d/p/0046-revert-act_reload.patch: Fix double-free situation that generate segfaults with multipathd |
|
pollinate |
New upstream release: |
|
linux-keystone |
Release Tracking Bug |
|
tzdata |
New upstream release, with DST changes for Turkey |
|
qemu |
Apply upstream fix for memory slot alignement |
|
vlan |
If VLAN is configured with higher MTU than raw device MTU, which can happen if VLAN is ifup'ed before raw device, then increase raw device MTU first so the VLAN ifup does not fail. |
|
strongswan |
debian/patches/fix_reauth_crash.patch: auth-cfg: Fix crash after several reauthentications with multiple authentication rounds. Thanks to Tobias Brunner <tobias@strongswan.org>. |
|
libnl3 |
d/p/lib-nl-Increase-receive-buffer-size-to-4-pages.patch: Increase receive buffer size to 4 pages by default.. |
|
multipath-tools |
d/p/0047-Add-existing-multipath-devices-to-wwids-file-on.patch: Fix multipathd which does not update /etc/multipath/wwids file when reconfigure is invoked. |
|
multipath-tools |
d/p/0048-multipathd-delay-free-pathvec.patch : Fix SEGV on multipathd shutdown |
|
multipath-tools |
debian/patches/fix_use_after_free.patch: Fix use-after-free bugs. Thanks to Christof Schmitt <christof.schmitt@de.ibm.com> and Benjamin Marzinski <bmarzins@redhat.com>. |
|
postgresql-9.3 |
New upstream bug fix release |
|
qemu |
Drop pc-1.0-qemu-kvm alias to pc-1.0, which is a duplicate id to the pc-1.0-qemu-kvm type, to fix migration from precise. |
|
libnss-ldap |
SIGPIPE not caught in do_atfork_child() |
|
neutron |
agent/linux/ip_lib.py does not correctly handle output from 'iproute2' command.: |
|
cinder |
Include boot properties from glance v2 images: |
|
cinder |
Fix extract properties from image with glance api v2: |
|
python-glanceclient |
Expose is base schema property attribute |
|
samba |
Revert to version prior to the 2:4.3.11+dfsg-0ubuntu0.14.04.2 which is causing regression with statically linked libpam_winbind. Removes d/p/fix-1584485.patch. |
|
isc-dhcp |
ipv6: wait for duplicate address detection to finish. |
|
sssd |
d/p/fix-upstream-2519.diff SSSD should not fail authentication when only allow rules are used |
|
cloud-init |
Use /dev/disk/cloud entries for ephemeral disk |
|
walinuxagent |
Backport to trusty |
|
libspectre |
Replace fix-document-rotation.patch with new version from 0.2.8. This fixes a regression introduced in 0.2.7-2ubuntu1.1 where some eps files are mostly unreadable with a black background when viewed in apps like Evince or Okular |
|
libseccomp |
Cherrypick various bpf fixes to support argument filtering on 64-bit |
|
libseccomp |
debian/patches/bpf-track-accumulator-state.patch: track accumulator state and reload it when necessary. This is the fix for. The previous patches are required by this patch. |
|
libseccomp |
Bring libseccomp 2.1.1-1ubuntu1~vivid2, from Ubuntu 14.10, to Ubuntu 14.04 and add a couple patches to account for new syscalls found in the 4.4 based hardware enablement kernel. This allows for proper snap seccomp confinement on Ubuntu 14.04 when using the hardware enablement kernel |
|
libseccomp |
sync-syscall-table-entries-3.19.patch |
|
lxc |
Cherry-pick upstream bugfix: |
|
krb5 |
d/p/upstream/0001-Add-SPNEGO-special-case-for-NTLMSSP-MechListMIC.patch: Cherry-pick from upstream to add SPNEGO special case for NTLMSSP+MechListMIC. . |
|
neutron |
d/p/update_dhcp_host_portbinding_on_failover.patch: Update dhcp host portbinding on failover. |
|
walinuxagent |
New upstream release |
|
kombu |
d/p/fix-uuid-shim.patch: Cherry-pick patch from upstream to fix uuid shim in newer Python versions. |
|
systemd |
Add support for installing deputy systemd for snapd on Ubuntu Desktop 14.04.5 |
|
tomcat7 |
SECURITY REGRESSION: security manager startup issue |
|
python-glanceclient |
d/p/Update-HTTPS-certificate-handling-for-pep-0476.patch: Partial cherry-picks from upstream to update HTTPS certificate handling for pep-0476. |
|
nova |
Allow evacuate for an instance in the Error state |
|
qemu |
aio: fix qemu_bh_schedule() bh->ctx race condition |
|
qemu |
aio: strengthen memory barriers for bottom half scheduling |
|
bind9 |
Backport (70_precise_mtime.diff) 18b87b2a58d422fe4d3073540bf89b5a812ed2e5 to trusty. |
|
qemu |
Qemu VM crash with error "bdrv_error_action: Assertion `error >= 0' failed" |
|
postgresql-9.3 |
New upstream release |
|
tcpdump |
Merge from Debian unstable. Remaining changes: |
|
tcpdump |
debian/usr.sbin.tcpdump: Allow the tcpdump binary to be mapped as required by version 4.8 and newer kernels. tcpdump was immediately segfaulting when used inside of LXD containers before this AppArmor profile change. |
|
tcpdump |
debian/usr.sbin.tcpdump: allow capability net_admin to support '-j'. Patch thanks to Graeme Hewson. |
|
tcpdump |
debian/usr.sbin.tcpdump: allow capability net_admin to support '-j'. Patch thanks to Graeme Hewson. |
|
tcpdump |
Merge from Debian unstable. Remaining changes: |
|
tcpdump |
debian/usr.sbin.tcpdump: allow capability net_admin to support '-j'. Patch thanks to Graeme Hewson. |
|
tcpdump |
debian/usr.sbin.tcpdump: allow capability net_admin to support '-j'. Patch thanks to Graeme Hewson. |
|
sssd |
d/p/BUILD-Fix-linking-with-librt.patch: Upstream fix for FTBS on ppc64el/arm64 after the implementation of timer functions in watchdog. |
|
walinuxagent |
New upstream release. |
|
walinuxagent |
Change the maintainer to Ubuntu Developers. |
|
walinuxagent |
Add the dependency of isc-dhcp-client as our maintainer scripts assume it's installed. |
|
walinuxagent |
We now ship with auto-updates enabled. |
|
walinuxagent |
Add a maintscript to rename the old logrotate file on upgrade from an ancient version of walinuxagent. |
|
maas |
Stable Release Update. New MAAS upstream bugfix release 1.9.5: |
|
landscape-client |
Don't report packages that are coming from backports, so that Landscape doesn't try to upgrade to versions of packages that are in backports. |
|
tftp-hpa |
Replace the default value of TFTP_ADDRESS to :69 instead of [::]:69. The previous default caused a failure to start when the NIC is not available at startup time |
|
libvirt |
d/p/reject-blockcommit-of-active-layer.patch: Block commit code isn't ready for QEMU 2.0 and has to be blocked. This avoids virsh to hang forever on blackcommit jobs. |
|
tomcat7 |
Fix an upgrade error when JAVA_OPTS in /etc/default/tomcat7 contains the '%' character. |
|
tomcat7 |
Fix javax.servlet.jsp POM to use servlet-api version 3.0 instead of 2.2. |
|
walinuxagent |
New upstream release. |
|
sosreport |
Collection of the OPAL msglog |
|
sosreport |
Add ZFS sosreport plugin |
|
sosreport |
Take into account the iscsi initiator config and logs |
|
openjdk-7 |
Fix JDK regression introduced by 7u131 upgrade: |
|
cloud-initramfs-tools |
Add cloud-initramfs-rooturl package. |
|
isc-dhcp |
4b8251a] DHCPv6: fix socket handling so multiple DHCPv6 local clients will successfully get addresses |
|
ceph |
Start ceph-all after static-network-up. |
|
sssd |
d/p/pidfile-creation.diff: Delay the pidfile creation until the responders are up |
|
sssd |
d/p/sanitize_newline.diff: Sanitize newline and carriage return characters before LDAP queries. |
|
isc-dhcp |
Introduction of a new binary package "isc-dhcp-client-noddns" |
|
walinuxagent |
New upstream release. |
|
sssd |
Fix regression where SSSD doesn't start on boot if autofs is not installed: |
|
sssd |
sssd-common.sssd-autofs.upstart.in: Restart autofs to read direct mounts after SSSD and autofs have started (only on startup). This keeps the fix for the autofs and SSSD race condition |
|
ebtables |
Use real locking in ebtables |
|
logrotate |
createOutputFile: rename already existing file |
|
vlan |
Don't trust ifup return code, as it returns 0 on failure; call ip link set up after ifup to force vlan raw device up. |
|
klibc |
debian/patches/dhcp-one-socket-per-interface.patch: Use separate sockets for DHCP from multiple interfaces. Thanks to Jay Vosburgh <jay.vosburgh@canonical.com>. |
|
cinder |
Fix issue that upload-to-image doesn't copy os_type property: |
|
cloud-init |
Correctly detect kernels ending in -aws as kernels that can boot on EC2 |
|
cloud-init |
Consider kernels with CONFIG_XEN=y bootable on aws. |
|
multipath-tools |
Fixes multipathd crash on usa after free (mpp->alias) |
|
multipath-tools |
Fixes multipathd crash on log thread initialization |
|
walinuxagent |
New upstream release. |
|
swift |
Fix issue where swift daemons crash while writing logs to a stopped rsyslogd /dev/log socket. |
|
rsyslog |
d/p/bugfix-plug-a-memleak-in-imuxsock.patch: Applied upstream patches fixing abnormal timestamps in rsyslog when using cron. |
|
ntp |
debian/ntpdate.if-up: Drop delta to stop/start service around ntpdate updates - fixes ntp restart storms due to network changes, fixes accidential start of ntp, avoids issues of ntpdate jumping too far while running ntp was supposed to drift |
|
pollinate |
Add missing dependency on vim-common, for xxd. |
|
ubuntu-advantage-tools |
ubuntu-advantage & /etc/update-motd.d/99-esm now build, run and are quiet on non-precise release. |
|
ubuntu-advantage-tools |
Also install ca-certificates |
|
libapache2-mod-auth-pgsql |
d/p/fixdoublefree.patch: set freed pointers to NULL before subsequent checks against NULL. |
|
libapache2-mod-auth-pgsql |
d/p/crypt-check-null-1698758.patch: check for a NULL return from crypt(3) |
|
libseccomp |
debian/libseccomp-dev.install: include static library |
|
landscape-client |
Minor updates: |
|
pollinate |
New upstream release: |
|
logcheck |
ignore.d.server/dhclient: rewrite rules ( |
|
logrotate |
logrotate does not ever recover from a corrupted statefile |
|
libvirt |
d/libvirt-bin.postinst: call apparmor_parser with options to ignore the apparmor cache and rebuild it, otherwise old apparmor rules are used and this might break upgrades |
|
walinuxagent |
New upstream release. |
|
nut |
debian/nut-server.postinst: The udevd process is called systemd-udevd for quite sometimes already, properly detect whether it's running or not, this should fix the devices permissions for USB UPS's |
|
libvirt |
fix guest channel support. |
|
walinuxagent |
New upstream release. |
|
postgresql-9.3 |
New upstream release |
|
vlan |
Allow ip-rp-filter to be 0, 1, or 2 instead of only 0 or 1 |
|
libvirt |
d/libvirt-bin.init, d/libvirt-bin.upstart: fix waiting for the libvirt socket |
|
maas |
debian/patches/fix-shim-name-lp1713795.patch: Grub package in Trusty has changed the name of the shim and has caused MAAS to being unable to import new images. |
|
initramfs-tools |
hook-functions: handle lvm-on-nvme case. |
|
systemd |
rules: introduce fsck@.service for snappy |
|
initramfs-tools |
hook-functions: include backported bnxt driver. |
|
squid3 |
debian/patches/fix-assertion-ftp-put-empty-file.patch: Fix ftp assertion error when uploading empty file. Thanks to Alex Rousskov <rousskov@measurement-factory.com>. |
|
ubuntu-advantage-tools |
Backports from upstream version 13: |
|
tzdata |
New upstream release |
|
postgresql-9.3 |
New upstream release |
|
oslo.messaging |
d/p/fix-rabbit-starvation-of-connections-for-reply: To solve nova-conductor infinitely loop issue. |
|
mdadm |
Prevent segfault when get_md_name() returns NULL This fixes mdadm segfaults when running inside a container. |
|
resolvconf |
Fix bad shell syntax in newly added /lib/resolvconf/net-interface-handler |
|
resolvconf |
support reading dns information written by initramfs. |
|
hibagent |
Rebuild for Trusty |
|
mailman |
Fixed a misspelling in Tagger.py that breaks Lists with topics enabled |
|
landscape-client |
Add proxy handling to package reporter. |
|
landscape-client |
Fix regression in configuration hook under install-cd chroot |
|
landscape-client |
Report autoremovable packages |
|
landscape-client |
No not re-register client by default |
|
iproute2 |
debian/patches/99-increase-receive-buffer-size.patch: Fix "Message truncated" issue with many VF's. Thanks to Phil Sutter <phil@nwl.cc>. |
|
corosync |
d/p/Parser-Make-config-file-parser-more-hierarchy.patch: Fixes how corosync parses a config file with malformed entries. |
|
maas |
debian/patches/harcode-upstart-lp1732703.patch: Running snapd or livepatch in Trusty installs systemd. Due to a systemd regressions, this causes MAAS to incorrectly detect the init system. As such, hardcode the init system to upstart (as systemd is not supported in Ubuntu). |
|
iproute2 |
Fix ip maddr show: |
|
landscape-client |
d/p/set-vm-info-to-kvm-for-aws-C5-instances.patch: Sets vm_info to kvm for new AWS EC2 C5 instances. |
|
landscape-client |
d/p/set-vm-info-to-kvm-for-digitalocean-instances.patch: Sets vm_info to kvm for digitalocean instances. |
|
sosreport |
d/p/0003-fix-name-containers-is-not-defined.patch: "containers" is an unknown variable, "insp" is the correct one. |
|
sosreport |
New upstream release v3.5 New features include : New plugins for : |
|
resolvconf |
Read and apply dns information written by initramfs if using rooturl (root=http* on the command line) |
|
walinuxagent |
Revert to an older upstream release: 2.2.20. |
|
open-vm-tools |
Make tools.conf template useful. |
|
isc-dhcp |
dhclient-script.linux: handle empty case also when waiting for ipv6 link local DAD. |
|
horizon |
d/openstack-dashboard.postinst: Ensure permissions are not world-readable for /etc/openstack-dashboard/local_settings.py. |
|
pacemaker |
Fixing memory leak |
|
strongswan |
d/control: Add Conflicts from strongswan-starter to openswan to avoid file conflict on upgrade. |
|
apache2 |
Avoid crashes, hangs and loops by fixing mod_ldap locking: |
|
systemd |
logind: fix memleaks in session's free path and cgmanager glue code |
|
landscape-client |
d/p/detect-cloudstack-kvm-1754073.patch: Detect CloudStack kvm hypervisor |
|
vlan |
Revert change for lp1573272; instead fix by redesigning when vlan interfaces are created; after raw-device ifup, not during raw-device udev processing. |
|
ifupdown |
We are not even reading the contents of the per-interface state files when running ifquery, so there is no need to lock them. Not locking will allow ifquery to be called recursively from ifup and ifdown. |
|
ebtables |
Fix check of fcntl errno value, to allow lockfile contention to work. |
|
sosreport |
d/p/Fix-string-decoding-for-debug-log-output.patch: Fix bug in _collect_strings that causes error trying to str.decode() |
|
pollinate |
New upstream release: |
|
smartmontools |
d/p/curl-follow-redirects.patch: allow curl to follow redirects |
|
samba |
d/p/bug_1583324_include_with_macro.patch: don't fail parsing the config file if it has macros in include directives |
|
tzdata |
New upstream release. . |
|
cloud-init |
debian/patches/lp-1781039-gce-datasource-update.patch: Backport GCE datasource functionality from Xenial. |
|
openldap |
d/apparmor-profile: update apparmor profile to allow reading of files needed when slapd is behaving as a kerberos/gssapi client and acquiring its own ticket. |
|
ceph |
Don't truncate message sequence to 32-bit. |
|
walinuxagent |
New upstream release. |
|
apache2 |
d/p/AuthzProviderAlias-visibility.patch: Allow <AuthzProviderAlias>'es to be seen from auth stanzas under virtual hosts |
|
landscape-client |
debian/patches/nutanix-kvm.patch: Update vm_info.py to include Nutanix hypervisor. |
|
landscape-client |
Fixes for release-upgrade. |
|
landscape-client |
debian/patches/1699179-release-upgrade-check.diff: Check if ubuntu- release-upgrader is running before apt-update. |
|
landscape-client |
debian/patches/release-upgrade-success.patch: Enable landscape-client to survive trusty upgrade. |
|
landscape-client |
debian/patches/post-upgrade-reboot.patch: Force reboot operation in case systemd fails. |
|
landscape-client |
debian/patches/1616116-resync-loop.patch: Clear hash id database on package resync. |
|
backuppc |
d/rules, d/p/smb-compat-fix.patch: cope with changes in newer smbclient. Thanks to Maksym Schipka <maksym@hotmail.com> |
|
backuppc |
d/t/{control,smb-backup}: simple smb-based DEP8 test |
|
sqlite3 |
d/p/0001-Fix-a-parsing-issue-associated-with-a-corrupt-sqlite.patch: Check if parser is busy before using it and raise an error if positive. |
Kernel and Hardware support updates
Considerable work has been done in Ubuntu 14.04.5 on improving support for many specific items of hardware.
Note that upstream commits to stable kernel releases are listed separately below.
linux-meta |
Update HWE meta packages to point to xenial |
|
linux-lts-xenial |
CIFS client: access problems after updating to kernel 4.4.0-29-generic |
|
linux-lts-xenial |
apt-key add fails in overlayfs |
|
linux-lts-xenial |
Release Tracking Bug |
|
linux-lts-xenial |
Feature] Instruction decoder support for new SKX instructions- AVX512 |
|
linux-lts-xenial |
Ubuntu 16.04] FCoE Lun not visible in OS with inbox driver - Issue with ioremap() call on 32bit kernel |
|
linux-lts-xenial |
Feature] turbostat support for Skylake-SP server |
|
linux-lts-xenial |
BYT] display hotplug doesn't work on console |
|
linux-lts-xenial |
Feature]intel_idle enabling on Broxton-P |
|
linux-lts-xenial |
Feature] EDAC: Update driver for SKX-SP |
|
linux-lts-xenial |
Feature] KBL: Sandy Peak(3168) WiFi/BT support |
|
linux-lts-xenial |
Please add support for alps touchpad. |
|
linux-lts-xenial |
DINO2M - System hangs with a black screen during s4 stress test |
|
linux-lts-xenial |
Xenial update to v4.4.17 stable release |
|
linux-lts-xenial |
Enable virtual scsi server driver for Power |
|
linux-lts-xenial |
AES-XTS poor performance in Ubuntu 16.04 |
|
linux-lts-xenial |
System hang when plug/pull USB 3.1 key via thunderbolt port over 5 times |
|
linux-lts-xenial |
change_hat is logging failures during expected hat probing |
|
linux-lts-xenial |
deleted files outside of the namespace are not being treated as disconnected |
|
linux-lts-xenial |
stacking to unconfined in a child namespace confuses mediation |
|
linux-lts-xenial |
apparmor module parameters can be changed after the policy is locked |
|
linux-lts-xenial |
AppArmor profile reloading causes an intermittent kernel BUG |
|
linux-lts-xenial |
label vec reductions can result in reference labels instead of direct access to labels |
|
linux-lts-xenial |
profiles from different namespaces can block other namespaces from being able to load a profile |
|
linux-lts-xenial |
vmalloc failure leads to null ptr dereference in aa_dfa_next |
|
linux-lts-xenial |
vmalloc_addr is being checked on the failed return address of kvzalloc() |
|
linux-lts-xenial |
dfa is missing a bounds check which can cause an oops |
|
linux-lts-xenial |
The label build for onexec when stacking is wrong |
|
linux-lts-xenial |
The inherit check for new to old label comparison for domain transitions is wrong |
|
linux-lts-xenial |
warning stack trace while playing with apparmor namespaces |
|
linux-lts-xenial |
label_update proxy comparison test is wrong |
|
linux-lts-xenial |
Xenial update to v4.4.19 stable release |
|
linux-lts-xenial |
ISST-LTE:pKVM311:lotg5:Ubutu16041:lotg5 crashed @ writeback_sb_inodes+0x30c/0x590 |
|
linux-lts-xenial |
IBM Power 720 Ethernet Not Seen |
|
linux-lts-xenial |
CAPI: Update default setting for the psl_fir_cntl register |
|
linux-lts-xenial |
Xenial update to v4.4.18 stable release |
|
linux-lts-xenial |
Ubuntu16.10:installation fails on Brazos system (31TB and 192 cores) No memory for flatten_device_tree (no room) |
|
linux-lts-xenial |
SRU] xgene_enet: 10g performance only hits ~75% on multi-client tests |
|
linux-lts-xenial |
SRU] xgene_enet: an extra interrupt may be pending for an interrupt controller that doesn't support irq_disable and hardware with level interrupt |
|
linux-lts-xenial |
Mic mute hotkey does not work on usb keyboard [03f0:2f4a] |
|
dkms |
debian/patches/Parallel-depmod-failure.patch: |
|
linux-lts-xenial |
Enable virtual scsi server driver for Power |
|
dkms |
apport_name_in_valueerror.diff: |
|
makedumpfile |
Remove hugepages/hugepagesz from kdump's cmdline. |
|
linux |
Trusty update to 3.16.7-ckt26 stable release |
|
linux |
Trusty update to 3.16.7-ckt19 stable release |
|
linux |
Trusty update to 3.13.11-ckt26 stable release |
|
linux-lts-xenial |
Release Tracking Bug |
|
shim-signed |
Add a --help option, document other options. |
|
shim-signed |
Rework prompting to display our Secure Boot warning and explanation text more prominently, rather than forcing graphical users to hit "Help" to see the full explanation for why we ask about disabling Secure Boot. |
|
klibc |
debian/patches/fix_broadcast_flag-bit.patch: the previous patch set the wrong bit in the bootp flags field, instead of 0x800 it must be 0x8000. |
|
ubuntu-drivers-common |
Add all the necessary changes for nvidia and hybrid graphics to handle the new kernel modules and the EGL alternatives. Also detect the new amdgpu driver. |
|
util-linux |
mount/lomount.c: Query /dev/loop-control for next free loopback device. |
|
initramfs-tools |
hooks/framebuffer: Copy kernel/ubuntu/i915 backport driver too. |
|
linux-firmware |
Trigger update-initramfs following linux-firmware install |
|
linux-firmware |
Add i915/skl_guc_ver6.bin to linux-firmware in Trusty |
|
initramfs-tools |
hook-functions: firmware -- copy symlink components into initramfs |
|
linux-lts-xenial |
Release Tracking Bug |
|
linux-lts-xenial |
Backport DP MST fixes to i915 |
|
linux-lts-xenial |
Ubuntu xenial - 4.4.0-59-generic i3 I/O performance issue |
|
linux-lts-xenial |
Release Tracking Bug |
|
linux-lts-xenial |
Release Tracking Bug |
|
linux-lts-xenial |
Couldn't emulate instruction 0x7813427c |
|
linux-lts-xenial |
perf: 24x7: Eliminate domain name suffix in event names |
|
linux-lts-xenial |
i386 ftrace tests hang on ADT testing |
|
linux-lts-xenial |
VMX module autoloading if available |
|
linux-lts-xenial |
ACPI probe support for AD5592/3 configurable multi-channel converter |
|
linux-lts-xenial |
Xenial update to v4.4.40 stable release |
|
linux-lts-xenial |
igb i210 probe of pci device failed with error -2 |
|
linux-lts-xenial |
PowerNV: PCI Slot is invalid after fencedPHB Error injection |
|
linux-lts-xenial |
mfd: intel-lpss: Add default I2C device properties for Apollo Lake |
|
linux-lts-xenial |
Xenial update to v4.4.39 stable release |
|
linux-lts-xenial |
Xenial update to v4.4.38 stable release |
|
linux-lts-xenial |
Xenial update to v4.4.37 stable release |
|
linux-lts-xenial |
Xenial update to v4.4.36 stable release |
|
linux-meta |
ensure all items are included in changelog and standardise packaging |
|
linux-lts-xenial |
Release Tracking Bug |
|
linux-lts-xenial |
Release Tracking Bug |
|
linux-lts-xenial |
regression 4.8.0-14 -> 4.8.0-17] keyboard and touchscreen lost on Acer Chromebook R11 |
|
linux-lts-xenial |
Call trace when testing fstat stressor on ppc64el with virtual keyboard and mouse present |
|
linux-lts-xenial |
VLAN SR-IOV regression for IXGBE driver |
|
linux-lts-xenial |
"Out of memory" errors after upgrade to 4.4.0-59 |
|
linux-lts-xenial |
Backport 3 patches to fix bugs with AIX clients using IBMVSCSI Target Driver |
|
linux-lts-xenial |
NVMe: adapter is missing after abnormal shutdown followed by quick reboot, quirk needed |
|
linux-lts-xenial |
Ubuntu 16.10 KVM SRIOV: if enable sriov while ping flood is running ping will stop working |
|
linux-lts-xenial |
Linux rtc self test fails in a VM under xenial |
|
linux-lts-xenial |
Xenial update to v4.4.44 stable release |
|
linux-lts-xenial |
Hyper-V] netvsc: add rcu_read locked to netvsc callback |
|
linux-lts-xenial |
Hyper-V] Rebase Hyper-V in 16.04 and 16.10 to the the upstream 4.9 kernel |
|
linux-lts-xenial |
Ubuntu - ibmveth: abnormally large TCP MSS value caused a TCP session to hang with a zero window |
|
linux-lts-xenial |
netfilter regression introducing a performance slowdown in binary arp/ip/ip6tables |
|
linux-lts-xenial |
Move some kernel modules to the main kernel package (part 2) |
|
linux-lts-xenial |
Xenial update to v4.4.43 stable release |
|
linux-lts-xenial |
Xenial update to v4.4.42 stable release |
|
linux-lts-xenial |
Xenial update to v4.4.41 stable release |
|
linux-meta-lts-xenial |
ensure all items are included in changelog and standardise packaging |
|
linux |
Release Tracking Bug |
|
linux |
Windows guest got 0x5c BSOD when rebooting |
|
linux |
ipv6: fix a refcnt leak with peer addr |
|
linux |
Windows guest got 0x5c BSOD when rebooting |
|
linux |
ipv6: fix a refcnt leak with peer addr |
|
linux-meta |
make linux-image-* Breaks: snapd before 2.23.1 |
|
linux-lts-xenial |
Recent KVM RTC cherry-picks break (some) Windows Live-Migrations |
|
linux-lts-xenial |
Upgrade Redpine RS9113 driver to support AP mode |
|
linux-lts-xenial |
NFS client : permission denied when trying to access subshare, since kernel 4.4.0-31 |
|
linux-lts-xenial |
Hyper-V] SAUCE: pci-hyperv fixes for SR-IOV on Azure |
|
linux-lts-xenial |
Xenial update to v4.4.49 stable release |
|
linux-lts-xenial |
NFS client : kernel 4.4.0-57 crash with nfsv4 enries in /etc/fstab |
|
linux-lts-xenial |
0bda:0328] Card reader failed after S3 |
|
linux-lts-xenial |
ibmvscsis: Add SGL LIMIT |
|
linux-lts-xenial |
ISST-LTE:pNV: ppc64_cpu command is hung w HDs, SSDs and NVMe |
|
linux-lts-xenial |
Possible missing firmware /lib/firmware/i915/kbl_dmc_ver1.bin for module i915_bpo |
|
linux-lts-xenial |
Intel I210 ethernet does not work both after S3 |
|
linux-lts-xenial |
Hyper-V] Fix ring buffer handling to avoid host throttling |
|
linux-lts-xenial |
apparmor_parser hangs indefinitely when called by multiple threads |
|
linux-lts-xenial |
apparmor not checking error if security_pin_fs() fails |
|
linux-lts-xenial |
docker permission issues with overlay2 storage driver |
|
linux-lts-xenial |
Xenial update to v4.4.48 stable release |
|
linux-lts-xenial |
Xenial update to v4.4.47 stable release |
|
linux-lts-xenial |
Xenial update to v4.4.46 stable release |
|
linux-lts-xenial |
Xenial update to v4.4.45 stable release |
|
linux-meta-lts-xenial |
make linux-image-* Breaks: snapd before 2.23.1 |
|
crash |
Fix for: Unable to analyse vmcore/dump via crash due to bad kernel debug info build. |
|
initramfs-tools |
hook-functions: copy xhci-plat-hcd also. |
|
makedev |
Don't attempt to create /dev devices when inside a container. |
|
linux-lts-xenial |
Enable lspcon on i915 |
|
linux-lts-xenial |
Broadcom bluetooth modules sometimes fail to initialize |
|
binutils |
002-dont-segv-on-initial-instructions-overflow.patch: Fix ld crash on arm64 |
|
linux-lts-xenial |
UbuntuKVM guest crashed while running I/O stress test with Ubuntu kernel 4.4.0-47-generic |
|
linux-lts-xenial |
Xenial update to v4.4.62 stable release |
|
linux-lts-xenial |
Feature] KBL: intel_powerclamp driver support |
|
linux-lts-xenial |
sysfs channel reads of lps22hb pressure sensor are stale |
|
linux-lts-xenial |
Backlight control does not work and there are no entries in /sys/class/backlight |
|
linux-lts-xenial |
Feature] KBL: intel_rapl driver support |
|
linux-lts-xenial |
Xenial update to v4.4.61 stable release |
|
linux-lts-xenial |
Xenial update to v4.4.60 stable release |
|
linux-lts-xenial |
Upgrade Redpine WLAN/BT driver to ver. 1.2.RC4 |
|
linux-lts-xenial |
Fix RX fail issue on Exar USB serial driver after resume from S3/S4 |
|
kexec-tools |
Fixes non-efi systems, upstream code regression not present |
|
linux-lts-xenial |
Creating conntrack entry failure with kernel 4.4.0-89 |
|
linux-lts-xenial |
Creating conntrack entry failure with kernel 4.4.0-89 |
|
grub2-signed |
Rebuild against grub-efi-amd64 2.02~beta2-9ubuntu1.14 |
|
grub2 |
debian/patches/install_signed.patch: update to use the new names for the shim binary (shim$arch) and MokManager (mm$arch). |
|
shim |
debian/patches/0001-shim-fix-the-mirroring-MokSBState-fail.patch: guard against errors in mirroring MokSBState to MokSBStateRT. Thanks to Ivan Hu for the patch. This will fix issues updating MokSBStateRT if the variable already exists with different attributes. |
|
shim-signed |
Backport shim-signed 1.32 to 14.04. |
|
shim-signed |
update-secureboot-policy: track the installed DKMS modules so we can skip failing unattended upgrades if they hasn't changed (ie. if no new DKMS modules have been installed, just honour the user's previous decision to not disable shim validation). |
|
shim-signed |
update-secureboot-policy: allow re-enabling shim validation when no DKMS packages are installed. |
|
shim-signed |
debian/source_shim-signed.py: add the textual representation of SecureBoot and MokSBStateRT EFI variables rather than just adding the files directly; also, make sure we include the relevant EFI bits from kernel log. |
|
shim-signed |
Adjust apport hook to include key files that tell us about the system's current SB state. . |
|
shim-signed |
detect when we have no debconf prompting and error out instead of ending up in an infinite loop. . |
|
shim-signed |
some more fixes to properly handle non-interactive mode. |
|
shim-signed |
Update to the signed 0.9+1465500757.14a5905-0ubuntu1 binary from Microsoft. |
|
lshw |
Fix situation where lshw segfaults, when there is an external USB 3.0 drive connected to the system. |
|
linux-lts-xenial |
s390/mm: fix write access check in gup_huge_pmd() |
|
linux-lts-xenial |
Xenial update to 4.4.95 stable release |
|
linux-lts-xenial |
Xenial update to 4.4.94 stable release |
|
linux-lts-xenial |
Remove vmbus-rdma driver from Xenial kernel |
|
linux-lts-xenial |
usb 3-1: 2:1: cannot get freq at ep 0x1 |
|
linux-lts-xenial |
Plantronics Blackwire C520-M - Cannot get freq at ep 0x1, 0x81 |
|
linux-lts-xenial |
wait-for-root fails to detect nbd root |
|
linux-lts-xenial |
Fix OpenNSL GPL bugs found by CoverityScan static analysis |
|
linux-lts-xenial |
HID: multitouch: Correct ALPS PTP Stick and Touchpad devices ID |
|
linux-lts-xenial |
Xenial update to 4.4.93 stable release |
|
linux-lts-xenial |
NULL pointer dereference in tty_write() in kernel 4.4.0-93.116+ |
|
linux-lts-xenial |
Xenial update to 4.4.92 stable release |
|
linux-lts-xenial |
Xenial update to 4.4.91 stable release |
|
linux-lts-xenial |
upgrading linux-image package to 4.4.0-103.126 breaks Ceph network file system connection |
|
intel-microcode |
New upstream data file: microcode-20140624 |
|
initramfs-tools |
mkinitramfs: Delete or report temporary files in /var/tmp/ on failure. |
|
linux-lts-xenial |
upgrading linux-image package to 4.4.0-103.126 breaks Ceph network file system connection |
|
btrfs-tools |
Cherry-pick upstream fix loop device mount checks |
|
intel-microcode |
Revert to 20170707 version of microcode because of regressions on certain hardware. |
|
linux-meta |
Make the kernel image packages depend on the cpu microcode updates, to ensure they are pulled into all host installs of Ubuntu on upgrade.. |
|
linux-meta-lts-xenial |
Make the kernel image packages depend on the cpu microcode updates, to ensure they are pulled into all host installs of Ubuntu on upgrade.. |
|
xfsprogs |
dda4129] xfs_logprint: Handle multiply-logged inode fields. xlog_print_trans_inode() will error "illegal inode type" if more than one flag is set on f->ilf_fields. |
|
intel-microcode |
SECURITY UPDATE: New upstream microcode data file 20180425 to provide IBRS/IBPB/STIBP microcode support for Spectre variant 2 mitigation for Pentium Silver N/J5xxx, Celeron N/J4xxx (sig 0x000706a1) and Xeon E5/E7 v4; Core i7-69xx/68xx (sig 0x000406f1) |
|
linux-meta |
need to ensure microcode updates are available to all bare-metal installs of Ubuntu |
|
linux-meta |
need to ensure microcode updates are available to all bare-metal installs of Ubuntu |
|
kmod |
depmod-ignore-powerpc64-abiv2-toc-symbol.patch: Ignore the TOC symbol in depmod on PPC64 as it does not need to be relocated |
|
linux-meta |
need to ensure microcode updates are available to all bare-metal installs of Ubuntu |
|
linux-meta-lts-xenial |
need to ensure microcode updates are available to all bare-metal installs of Ubuntu |
|
initramfs-tools |
hook-functions: handle md arrays with nvme disk members. |
|
amd64-microcode |
REGRESSION UPDATE: revert to 2.20131007.1+really20130710.1 due to 3.20180524.1~ubuntu0.14.04.1 causing boot looping for some AMD processors |
|
squashfs-tools |
debian/patches/0004-use-macros-not-raw-octal-with-chmod.patch, debian/patches/0005-also-set-stickybit-as-non-root.patch: apply stickybit when run as non-root. Patches thanks to Tyler Hicks. |
|
linux-lts-xenial |
Cannot set MTU higher than 1500 in Xen instance |
|
zlib |
SRU:. |
|
intel-microcode |
Default to early instead of auto, and install all of the microcode, not just the one matching the current CPU, if MODULES=most is set in the initramfs-tools config |
|
linux |
3.13.0-155.205 Kernel Panic - divide by zero |
|
amd64-microcode |
Install (all) microcode on non-amd systems too if MODULES=most in initramfs-tools config |
|
linux-base |
Update trusty to the latest linux-base. |
|
linux-lts-xenial |
Regression] APM Merlin boards fail to recover link after interface down/up |
|
linux-lts-xenial |
nvme: avoid cqe corruption |
|
gnu-efi |
New upstream version 3.0.8. |
|
grub2-signed |
Rebuild against grub-efi-amd64 2.02~beta2-9ubuntu1.14 |
|
shim-signed |
Backport shim-signed 1.33.1 to 14.04. |
|
shim-signed |
Update to the signed 13-0ubuntu2 binary from Microsoft. |
|
grub2 |
util/grub-install.c: Use MokManager EFI binary name without the .signed extension now that shim handles signing via sbsigntool natively. |
|
linux-lts-xenial |
kernel panic - null pointer dereference on ipset operations |
|
shim-signed |
debian/control: Add a Pre-Depends on dpkg (>= 1.17.5ubuntu5.8) in order to help ensure upgrades have the right dpkg to be able to extract shim. |
|
secureboot-db |
Backport secureboot-db from cosmic to apply the August 2016 dbx updates from Microsoft. . |
|
linux-azure |
Silent data corruption in Linux kernel 4.15 |
|
linux-azure |
getxattr: always handle namespaced attributes |
|
linux-azure |
Fails to boot under Xen PV: BUG: unable to handle kernel paging request at edc21fd9 |
|
linux-azure |
some nvidia p1000 graphic cards hang during the boot |
|
linux-azure |
ipmmu is always registered |
|
linux-azure |
Bionic update: upstream stable patchset 2018-09-27 |
|
mokutil |
Backport mokutil 0.3.0+1538710437.fb6250f-0ubuntu2 to 14.04. |
|
linux-azure |
linux-azure: fix systemd ADT test failure |
|
linux |
dev test in ubuntu_stress_smoke_test cause kernel oops on T-3.13 |
|
linux-lts-xenial |
xenial guest on arm64 drops to busybox under openstack bionic-rocky |
|
linux-lts-xenial |
Xenial update: 4.4.162 upstream stable release |
|
linux-lts-xenial |
Xenial update: 4.4.161 upstream stable release |
|
linux-lts-xenial |
mlock203 test in ubuntu_ltp_syscalls failed with Xenial kernel |
|
hwdata |
Change PNP vendor name for GSM to LG Electronics |
|
systemd |
d/p/0001-udev-build-by-path-identifiers-for-ATA-devices.patch create /dev/disk/by-path/ symlinks for (s)ata disks |
|
mountall |
try_udev_device: Ignore udev block device nodes which are missing devnames. |
|
grub2 |
debian/patches/0001-i386-linux-Add-support-for-ext_lfb_base.patch: Add support for ext_lfb_base. |
|
grub2 |
Add grub2/update_nvram template to allow users to disable NVRAM updates during package upgrades. |
|
grub2 |
debian/patches: Rework linuxefi/SecureBoot support and sync with upstream SB patch set: |
|
grub2 |
debian/patches/linuxefi_fix_relocate_coff.patch: fix typo in relocate_coff() causing issues with relocation of code in chainload. |
|
grub2 |
debian/patches/linuxefi_truncate_overlong_relocs.patch: The Windows 7 bootloader has inconsistent headers; truncate to the smaller, correct size to fix chainloading Windows 7. |
|
grub2-signed |
Rebuild against grub-efi-amd64 2.02~beta2-9ubuntu1.16 |
|
grub2-signed |
Rebuild against grub-efi-amd64 2.02~beta2-9ubuntu1.16 |
|
grub2-signed |
Rebuild against grub-efi-amd64 2.02~beta2-9ubuntu1.16 |
|
grub2-signed |
Rebuild against grub-efi-amd64 2.02~beta2-9ubuntu1.16 |
|
shim-signed |
update-secureboot-policy: |
|
dkms |
Move to signing just after module build to ensure it correctly applies at kernel update times. |
|
dkms |
Generate a new MOK if there isn't one yet, and use that so sign newly-built kernel modules. |
Unsorted changes
lsb |
01-upstart-lsb: when diverting an init script to an upstart job, we can't directly map the 'status' subcommand to /sbin/status because the return value of the latter is always 0 if we communicated successfully with upstart. Instead, parse the output of the command to correctly map this to the LSB return codes. . |
|
python3.4 |
SRU:: Fix invalid code in pyhash/siphash24. Issue #28055. |
|
apt |
Fixes failure to download the Package index file when using mirror:// URL in sources.list and the archive fails to profile a file. APT would try the next archive in the list for .deb packages but did not retry when the index file failed to download. |
|
distro-info-data |
Copy data from 0.30 |
|
sudo |
include /snap/bin in the secure_path |
|
debootstrap |
Add (Ubuntu) zesty as a symlink to gutsy. |
|
init-system-helpers |
script/deb-systemd-invoke: Replace with /bin/true. systemd as pid 1 and for /lib/systemd/system/ is not supported in Ubuntu 14.04. It will only be supported as "deputy init" running as an upstart job and handling /lib/systemd/upstart/ (and /{run,etc}/systemd/system as usual). This completely disables the handling of systemd units shipped by Ubuntu packages, to avoid suddenly breaking them when installing them alongside the new deputy systemd init. |
|
systemd |
Build systemd binary package. Drop installation of /etc/* aside from systemd's own config files. This avoids a package conflict with systemd-services and we don't want to support the full feature set anyway. |
|
deja-dup |
Fixes a bug that allowed an incorrect password when making a new full backup |
|
apparmor |
This allows for proper snap confinement on Ubuntu 14.04 when using the hardware enablement kernel |
|
systemd |
rules: introduce disk/by-id (wwid and model_serial) symlinks for NVMe drives |
|
systemd |
keymap: Some HP refactoring, add Probook 440 G3 keys |
|
systemd |
Do not create /run/nologin, and thus make sure deputy systemd does not prevent system logins.. |
|
systemd |
d/p/0001-libudev-util-change-util_replace_whitespace-to-retur.patch, d/p/0002-udev-event-add-replace_whitespace-param-to-udev_even.patch, d/p/0003-udev-rules-perform-whitespace-replacement-for-symlin.patch: Cherry-pick upstream fixes from Dan Streetman <ddstreet@ieee.org> to fix by-id symlinks for devices whose IDs contain whitespace.. |
|
distro-info-data |
Copy data from 0.35 |
|
bash |
When the readline `revert-all-at-newline' option is set, pressing newline when the current line is one retrieved from history results in a double free and a segmentation fault.. |
|
debootstrap |
Add (Debian) stretch, buster and bullseye as a symlink to sid. |
|
ubufox |
Add multiProcessCompatible to the install.rdf. Thanks to Shih-Yuan Lee for this |
|
gdebi |
Backport a fix from 0.9.5.5 to fix FTBFS with non en_US locales |
|
distro-info-data |
Add Ubuntu 18.04 LTS Bionic Beaver. |
|
squashfs-tools |
debian/patches/0003-unsquashfs-preserve-symlink-times.patch: Preserve atime and mtime of symlink inodes in unsquashfs rather than using the current time |
|
apparmor |
Modify the existing/renamed patch to use the dir that should be use to patch a profile. profiles-14.04/ should be use instead of profiles/ which is not use. |
|
gcc-4.8 |
mindirect-branch-register, and -mfunction-return= support |
|
debootstrap |
Add (Ubuntu) bionic as a symlink to gutsy. |
|
dpkg |
Add support for .deb archives with a control member not compressed (control.tar) or compressed with xz (control.tar.xz). |
|
apt |
ExecFork: Use /proc/self/fd to determine which files to close. |
|
distro-info-data |
Add Ubuntu 18.10 Cosmic Cuttlefish. |
|
distro-info-data |
Correct EOL date for zesty. |
|
apport |
REGRESSION UPDATE: Fix regression that caused a Traceback in the container support |
|
apport |
data/apport: Properly handle crashes originating from a PID namespace. |
|
debootstrap |
Add (Ubuntu) cosmic as a symlink to gutsy. |
|
python-apt |
Raise CacheMismatchError if objects passed to DepCache are from different cache; also includes the following regression fixes from bionic: |
|
clamav |
SECURITY REGRESSION: clamav-daemon fails to start due to options removed in new version and manually edited configuration file. |
|
clamav |
debian/clamav-daemon.config.in: fix infinite loop during dpkg-reconfigure |
|
apparmor |
disallow writes to thumbnailer dir |
|
apparmor |
disallow access to the dirs of private files |
|
apturl |
Make Synaptic backend actually work. |
|
distro-info-data |
Add Ubuntu 19.04 Disco Dingo. |
|
debootstrap |
For (Ubuntu) releases disco+ default to MERGED_USR=yes, -k extract option. |
|
apt |
Fix crashes in apt search, cache file |
|
apt |
backport "do not segfault in cache generation on mmap failure" (Closes: 803417) |