## page was copied from XenialXerus/ReleaseNotes/ChangeSummary/16.04.5 ||<>|| This is a brief summary of bugs fixed between Ubuntu 16.04.5 and 16.04.6. '''This summary covers only changes to packages in ''__main__'' and ''__restricted__'', which account for all packages in the officially-supported CD images; there are further changes to various packages in ''universe'' and ''multiverse''.''' Some of these fixes were by Ubuntu developers directly, while others were by upstream developers and backported to Ubuntu. For full details, see the individual package changelogs. In addition to the bugs listed below, this update includes all security updates from the [[https://usn.ubuntu.com/releases/ubuntu-16.04-lts/|Ubuntu Security Notice list]] affecting Ubuntu 16.04.5 LTS that were released up to and including February 26, 2019. The last update included was USN-3866-3 (Ghostscript regression). == Installation bug fixes == Updated CD images are provided with this release, including fixes for some installation bugs. (Many installation problems are hardware-specific; for those, see "Hardware support bugs" below.) || livecd-rootfs || Bug:1794383 || debian/dirs: add debian/dirs entry for empty includes.chroot dir || || ubiquity || Bug:1749289 || Implement missing reboot and shutdown methods in debconf_ui || || ubuntu-meta || Bug:1686183 || Added ubuntu-advantage-tools to minimal || || debian-installer || Bug:1807023 || build/pkg-lists/base: add ca-certificates-udeb to enable HTTPS without d-i/allow_unauthenticated_ssl in stock initramfs image as in Debian. || || user-setup || Bug:1817689 || Mount /proc before calling adduser --encrypt-home. This calls into ecryptfs, which requires a /proc in order to find out where sysfs is mounted. || || ubiquity || Bug:1817689 || Automatic update of included source packages: user-setup 1.63ubuntu4.1. || == Upgrade bug fixes == These changes fix upgrade issues, smoothing the way for future upgrades to later releases of Ubuntu. || update-manager || Bug:1317164 || Print transaction error and let the user try again applying updates || || update-manager || Bug:1791931 || Don't ask backend to do package operations aready done. Aptdaemon cancels the transaction when asked to remove packages already removed which results the failure being shown to the user. This is unnecessary as update-manager can just filter the package operations to be done using a fresh cache and decrease the likelyhood of hitting a race condition where packages to be removed are already removed. || || update-manager || Bug:1072136 || Keep or delete packages after looping over all of them. This prevents the resolver from changing the packages in the loop resulting in not keeping some phased packages back from being upgraded. || || update-manager || Bug:1795898 || Stop lazy import of InstallBackends. Lazy imports made update-manager crash when an update-manager update changed the backend API and an updated incompatible backend was loaded to the not updated running update-manager process. || || update-manager || Bug:1790670 || Cancel transaction on exit only when Cancel button is active. Also ignore exception when cancellation fails. || || update-manager || Bug:1771894 || Make commit()'s last parameter optional for avoiding crash on upgrade || || ubuntu-release-upgrader || Bug:1797209 || do-release-upgrade: do not run the release upgrade if either not all fully phased updates are installed or a reboot is required due to a libc6 upgrade. || || update-notifier || Bug:1458204 || Do not notify-reboot-required on linux-image-extra removal || == Desktop fixes == These changes mainly affect desktop installations of Ubuntu, Kubuntu, Edubuntu and other Ubuntu-based systems. || glib2.0 || Bug:1784065 || Add a versioned Pre-Depends for dpkg because the libglib2.0-0 -await trigger requires a newer dpkg than the one in Ubuntu 14.04. || || xorg || Bug:1768610 || Rename nux config leftovers which might change the environment even when not running an unity session || || nux || Bug:1768610 || Restore backup config files before installing nux-tools, so that they will be updaded with the fixed versions || || libreoffice || Bug:1780996 || debian/libreoffice-common.triggers.in: switch to -noawait trigger || || xorg-server || Bug:1780664 || glx-do-not-pick-srgb-config-for-32bit-rgba-visual.diff: Fix a regression with newer mesa. || || firefox || Bug:1791789 || Mark distribution search engines as read-only, so that they are marked as hidden in rather than removed from the search engine cache when a user "removes" them (they can't actually be removed from disk). This stops them from reappearing on cache rebuilds || || firefox || Bug:1791789 || Backport upstream change to the search service to not handle locale changes on shutdown. As well as resulting in en-US search engines being added to the search engine cache for all locales, it was resulting in a cache rebuild on every restart, making the above bug worse || || firefox || Bug:1791789 || Set "spellchecker.dictionary_path" by default to point to /usr/share/hunspell so that system dictionaries are loaded again, now that Firefox no longer loads them from its own install directory.|| || firefox || Bug:1791789 || Cleanup extra Amazon.com search engine in locales that have their own Amazon search engine || || xorg-server-hwe-16.04 || Bug:1789913 || prime-sync-refactor.diff: Fix crash on modesetting+amdgpu hybrid. || || ghostscript || Bug:1802958 || Fix dependency for libgs9-common || || unity-settings-daemon || Bug:1683445 || power: Choose correct backlight device on laptops with hybrid graphics Backported from gnome-settings-daemon commit ed7c2744 || || unity-settings-daemon || Bug:1755490 || some vendors record the screen ratio (e.g 16/9) in the EDID instead of including the screen size, detect those cases and display the product name instead of the screen diagonal. || || ghostscript || Bug:1806517 || SECURITY REGRESSION: multiple regressions || || software-properties || Bug:1807373 || SoftwarePropertiesGtk.py: when checking a package's depends for DKMS also pass on an AttributeError || || cups || Bug:1804576 || fix-handling-of-MaxJobTime.patch: Fix handling of MaxJobTime 0 || || firefox || Bug:1808980 || Build with --enable-rust-simd (except on i386 and armhf) || || ghostscript || Bug:1815339 || SECURITY REGRESSION: High RIP_MAX_CACHE makes cups output device fail, second fix attempt. || == Server and Cloud related fixes == These changes mainly affect installations of Ubuntu on server systems and clouds. || ceph || Bug:1780930 || New upstream point release. || || cloud-init || Bug:1784685 || cherry-pick 3cee0bf8: oracle: fix detect_openstack to report True on || || cloud-init || Bug:1777912 || New upstream snapshot. || || cloud-init || Bug:1770712 || debian/rules: update version.version_string to contain packaged version. || || cloud-init || Bug:1777912 || New upstream release. || || keepalived || Bug:1783583 || New upstream version for Ubuntu 16.04. || || keepalived || Bug:1744062 || d/p/fix-removing-left-over-addresses-if-keepalived-abort.patch: Cherry-picked from upstream to ensure left-over VIPs and eVIPs are properly removed on restart if keepalived terminates abonormally. This fix is from the upstream 1.4.0 release. || || open-iscsi || Bug:1785108 || d/net-interface-handler: Apply changes only for the iscsi-root || || python-urllib3 || Bug:1771988 || d/p/07_support_ip_sans.patch: Cherry pick fix to support use of IP based SAN's in TLS certificates. || || samba || Bug:1583324 || d/p/bug_1583324_include_with_macro.patch: don't fail parsing the config file if it has macros in include directives || || python-pylxd || Bug:1754657 || New upstream point release. || || maas || Bug:1772010 || Stable Release Update. New upstream release, MAAS 2.3.5: || || maas || Bug:1772010 || Stable Release Update. New upstream release, MAAS 2.3.4: || || nova || Bug:1761140 || d/control: Drop circular dependencies. nova-compute depends on nova-compute-* packages. nova-compute-* packages shouldn't depend on nova-compute. nova-compute-* should however depend on nova-common.. || || cloud-initramfs-tools || Bug:1792905 || copymods: Take ownership of lib/modules || || open-iscsi || Bug:1791108 || d/net-interface-handler: replace 'domainsearch' with the correct configuration option 'search' in net-interface-handler || || qemu || Bug:1783140 || fix migration of new guests on ppc64el Fixed by backporting two patches from the 2.6.x stable branch || || livecd-rootfs || Bug:1797170 || ubuntu-cpc: Handle a pre-existing /lib/modules in 030-root-tarball.hook. || || openssh || Bug:1771340 || debian/systemd/ssh.service: Test configuration before starting or reloading sshd || || snapd-glib || Bug:1748289 || New upstream release: || || cloud-init || Bug:1798424 || cherry-pick 1d5e9aef: azure: Add apply_network_config option to disable network || || cloud-init || Bug:1795953 || New upstream release. || || squid3 || Bug:1738412 || d/squid.rc: fix regexp for catching FATAL errors || || iproute2 || Bug:1800877 || Add support for VF Trust || || cyrus-sasl2 || Bug:997217 || d/p/dont_hang_when_imap_closes.patch: Don't hang when IMAP server closes connection. || || sssd || Bug:1777860 || d/p/add-back-pidfile.patch: Re-add PIDFILE entry to /lib/systemd/system/sssd.service || || nova-lxd || Bug:1675386 || d/p/01_bug-1675386-ensure-all-net-devices-added.diff: Returns all network devices to container || || openldap || Bug:1783183 || d/apparmor-profile: update apparmor profile to allow reading of files needed when slapd is behaving as a kerberos/gssapi client and acquiring its own ticket. || || livecd-rootfs || Bug:1799773 || Disable checksum generation || || livecd-rootfs || Bug:1801134 || Increasing modularity in relocation of /etc/resolv.conf to enable users of live-build/functions to manipulate /etc/resolv.conf in a more granular and future-proof way. || || livecd-rootfs || Bug:1799736 || Decide what model assertion series to fetch depending on the suite. Use 16 for xenial and 18 for other series (bionic+). This enables core18 image builds. || || open-iscsi || Bug:1806777 || debian/extra/initramfs.local-top: handle iSCSI iBFT DHCP to correctly run ipconfig to gather all DHCP config info, including DNS search domain, which iBFT can't provide. || || ca-certificates || Bug:1807023 || Add ca-certificates udeb package || || qemu || Bug:1807743 || d/p/ubuntu/lp1807743-linux-user-timerfd.patch: fix define for timerfd_create system call || || livecd-rootfs || Bug:1805497 || Backport adding snaps to image manifests || || tomcat8 || Bug:1606331 || d/p/fix-class-resource-name-filtering.patch: Fix class and resource name filtering in WebappClassLoader. || || ubuntu-geoip || Bug:1617535 || Use https for geoip.ubuntu.com/lookup URL || || openjdk-8 || Bug:1800792 || Update to 8u191-b12. || || libmemcached || Bug:1573594 || Fix missing null termination in PROTOCOL_BINARY_CMD_SASL_LIST_MECHS response handling || || landscape-client || Bug:1788219 || debian/patches/nutanix-kvm.patch: Update vm_info.py to include Nutanix hypervisor || || landscape-client || Bug:1699179 || Fixes for release-upgrade. || || landscape-client || Bug:1699179 || debian/patches/1699179-release-upgrade-check.diff: Check if ubuntu- release-upgrader is running before apt-update. || || landscape-client || Bug:1670291 || debian/patches/release-upgrade-success.patch: Enable landscape-client to survive trusty upgrade. || || landscape-client || Bug:1670291 || debian/patches/post-upgrade-reboot.patch: Force reboot operation in case systemd fails. || || landscape-client || Bug:1616116 || debian/patches/1616116-resync-loop.patch: Clear hash id database on package resync. || || sqlite3 || Bug:1814869 || d/p/0001-Fix-a-parsing-issue-associated-with-a-corrupt-sqlite.patch: Check if parser is busy before using it and raise an error if positive. || == Kernel and Hardware support updates == Considerable work has been done in Ubuntu 16.04.4 on improving support for many specific items of hardware. Note that upstream commits to stable kernel releases are listed separately below. || linux-kvm || Bug:1781413 || Cannot set MTU higher than 1500 in Xen instance || || linux-meta-gcp || Bug:1788586 || xenial/linux-meta-gcp is still depending on cloud-tools || || linux-meta-gcp || Bug:1780923 || linux-gcp: add a meta package for the extra modules || || fwupd || Bug:1780442 || Fix a crash from bad metadata || || crash || Bug:1746088 || Backport to xenial. || || linux || Bug:1785739 || Regression] APM Merlin boards fail to recover link after interface down/up || || linux || Bug:1788035 || nvme: avoid cqe corruption || || linux-aws || Bug:1785739 || Regression] APM Merlin boards fail to recover link after interface down/up || || linux-aws || Bug:1788035 || nvme: avoid cqe corruption || || linux-kvm || Bug:1785739 || Regression] APM Merlin boards fail to recover link after interface down/up || || linux-kvm || Bug:1788035 || nvme: avoid cqe corruption || || initramfs-tools || Bug:1769682 || scripts/functions: write netplan config files to /run/netplan for network devices configured with configure_networking. || || initramfs-tools || Bug:1769682 || scripts/functions: add 'critical: true' parameter; requires netplan 0.32~16.04.5. || || gnu-efi || Bug:1790709 || New upstream version 3.0.8. || || binutils || Bug:1781242 || binutils-march-fix.patch: Fix -march= option parsing bound check. || || linux-meta-hwe || Bug:1785280 || Transition 4.13 OEM kernel users to 4.15 HWE kernel || || initramfs-tools || Bug:1667512 || b4804dd] Only sync the filesystem containing the initramfs || || initramfs-tools || Bug:1791959 || debian/initramfs-tools.postinst: remove orphaned old-dkms initrd files in /boot. || || linux || Bug:1793753 || kernel panic - null pointer dereference on ipset operations || || linux-aws || Bug:1793753 || kernel panic - null pointer dereference on ipset operations || || linux-kvm || Bug:1793753 || kernel panic - null pointer dereference on ipset operations || || linux-hwe || Bug:1796542 || Silent data corruption in Linux kernel 4.15 || || linux-hwe || Bug:1789746 || getxattr: always handle namespaced attributes || || linux-hwe || Bug:1789118 || Fails to boot under Xen PV: BUG: unable to handle kernel paging request at edc21fd9 || || linux-hwe || Bug:1791569 || some nvidia p1000 graphic cards hang during the boot || || linux-hwe || Bug:1783746 || ipmmu is always registered || || linux-hwe || Bug:1794889 || Bionic update: upstream stable patchset 2018-09-27 || || linux-gcp || Bug:1796542 || Silent data corruption in Linux kernel 4.15 || || linux-gcp || Bug:1789746 || getxattr: always handle namespaced attributes || || linux-gcp || Bug:1789118 || Fails to boot under Xen PV: BUG: unable to handle kernel paging request at edc21fd9 || || linux-gcp || Bug:1791569 || some nvidia p1000 graphic cards hang during the boot || || linux-gcp || Bug:1783746 || ipmmu is always registered || || linux-gcp || Bug:1794889 || Bionic update: upstream stable patchset 2018-09-27 || || friendly-recovery || Bug:1766872 || Cleanup lintian warnings. || || linux-azure || Bug:1796542 || Silent data corruption in Linux kernel 4.15 || || linux-azure || Bug:1789746 || getxattr: always handle namespaced attributes || || linux-azure || Bug:1789118 || Fails to boot under Xen PV: BUG: unable to handle kernel paging request at edc21fd9 || || linux-azure || Bug:1791569 || some nvidia p1000 graphic cards hang during the boot || || linux-azure || Bug:1783746 || ipmmu is always registered || || linux-azure || Bug:1794889 || Bionic update: upstream stable patchset 2018-09-27 || || s390-tools || Bug:1777600 || zdev: Adjust zdev modprobe path to be compatible with split-usr systems. || || s390-tools || Bug:1794308 || zdev: Trigger generic_ccw devices on any kernel module loads. || || secureboot-db || Bug:1776996 || Backport secureboot-db from cosmic to apply the August 2016 dbx updates from Microsoft. || || shim-signed || Bug:1790724 || Update to the signed 15+1533136590.3beb971-0ubuntu1 binary from Microsoft. || || shim-signed || Bug:1708245 || Backport shim-signed 1.33.1 to 16.04. || || kmod || Bug:1786574 || Remove i2c_i801 from d/modprobe.d/blacklist.conf. || || grub2 || Bug:1785033 || debian/patches/0001-i386-linux-Add-support-for-ext_lfb_base.patch: Add support for ext_lfb_base. || || grub2-signed || Bug:1785033 || Rebuild against grub2 2.02~beta2-36ubuntu3.19.) || || mokutil || Bug:1797011 || Backport mokutil 0.3.0+1538710437.fb6250f-0ubuntu2 to 16.04. || || linux-azure || Bug:1722226 || linux-azure: fix systemd ADT test failure || || linux || Bug:1797092 || xenial guest on arm64 drops to busybox under openstack bionic-rocky || || linux || Bug:1801900 || Xenial update: 4.4.162 upstream stable release || || linux || Bug:1801893 || Xenial update: 4.4.161 upstream stable release || || linux || Bug:1793451 || mlock203 test in ubuntu_ltp_syscalls failed with Xenial kernel || || linux-aws || Bug:1801305 || Restore request-based mode to xen-blkfront for AWS kernels || || linux-aws || Bug:1797092 || xenial guest on arm64 drops to busybox under openstack bionic-rocky || || linux-aws || Bug:1801900 || Xenial update: 4.4.162 upstream stable release || || linux-aws || Bug:1801893 || Xenial update: 4.4.161 upstream stable release || || linux-aws || Bug:1793451 || mlock203 test in ubuntu_ltp_syscalls failed with Xenial kernel || || linux-kvm || Bug:1797092 || xenial guest on arm64 drops to busybox under openstack bionic-rocky || || linux-kvm || Bug:1801900 || Xenial update: 4.4.162 upstream stable release || || linux-kvm || Bug:1801893 || Xenial update: 4.4.161 upstream stable release || || linux-kvm || Bug:1793451 || mlock203 test in ubuntu_ltp_syscalls failed with Xenial kernel || || hwdata || Bug:1755490 || Change PNP vendor name for GSM to LG Electronics Update pnp.ids file, which was missing from last change. || || gcc-5 || Bug:1783252 || Backport upstream revision r235876 to correct PIC_OFFSET_TABLE_REGNUM on ppc64el. || || initramfs-tools || Bug:1802591 || scripts/functions: include a new option to skip enslaved network devices. Include the new variable NETWORK_SKIP_ENSLAVED. When set to a value different than "0", this variable will cause any enslaved network devices to be skipped from the list of netbootable devices. This variable can be set via the configuration files under /etc/initramfs-tools/ or via any configuration file under the initrd directory /conf/conf.d/ via a hook script. || || linux-oracle || Bug:1802591 || Skip enslaved devices during boot || || linux-oracle || Bug:1802591 || Skip enslaved devices during boot || || shim-signed || Bug:1792575 || debian/control: Depends: on grub2 2.02~beta2-36ubuntu3.20 to ensure shim cannot be installed without the new grub2 version that fixes chainloading issues. || || shim-signed || Bug:1790724 || Update to the signed 15+1533136590.3beb971-0ubuntu1 binary from Microsoft. || || linux-hwe || Bug:1813663 || External monitors does not work anymore 4.15.0-44 || || linux-hwe || Bug:1813727 || kernel 4.15.0-44 cannot mount ext4 fs with meta_bg enabled || || zfs-linux || Bug:1813749 || Fix modules not loaded on debian tests || || s390-tools || Bug:1799208 || Addresses dbginfo.sh hanging indefinately whilst walking sysfs. || || shim-signed || Bug:1748983 || update-secureboot-policy: || || dkms || Bug:1772950 || Move to signing just after module build to ensure it correctly applies at kernel update times. || || dkms || Bug:1748983 || Generate a new MOK if there isn't one yet, and use that so sign newly-built kernel modules. || || pciutils || Bug:1815212 || Update pci.ids to version 2018-07-21. || || kmod || Bug:1802689 || Add i2c_i801 back to d/modprobe.d/blacklist.conf again due to regressions. || || binutils || Bug:1807448 || power9-001.diff: Drop this patch as it breaks IFUNC on ELFv1 || || glibc || Bug:1663280 || debian/patches/ubuntu/xsave-part1.diff and debian/patches/ubuntu/xsave-part2.diff: Fix a serious performance regression when mixing SSE and AVX code on certain processors. The patches are from the upstream 2.23 stable branch. || || linux-azure || Bug:1816106 || 4.15.0-1037 does not see all PCI devices on GPU VMs || == Unsorted changes == || appstream-glib || Bug:1780442 || Handle '&' in attribute values || || clamav || Bug:1792051 || debian/clamav-daemon.config.in: fix infinite loop during dpkg-reconfigure || || tzdata || Bug:1750627 || New upstream release. || || mutt || Bug:1794278 || debian/patches/series: re-order patch application || || apparmor || Bug:1788929 || disallow writes to thumbnailer dir || || apparmor || Bug:1794848 || disallow access to the dirs of private files || || apturl || Bug:1338482 || Make Synaptic backend actually work. || || systemd || Bug:1670291 || systemctl: correctly proceed to immediate shutdown if scheduling fails || || systemd || Bug:1738153 || hwdb: update micmute on Dell laptops. || || systemd || Bug:1773148 || units: Disable journald Watchdog || || systemd || Bug:1795658 || core: Fix for service to enter the 'failed' state (rather than 'inactive') after it repeatedly fails restart. || || systemd || Bug:1748147 || Disable dh_installinit generation of tmpfiles for the systemd package. || || apt || Bug:1796808 || Set DPKG_FRONTEND_LOCKED when running {pre,post}-invoke scripts. Some post-invoke scripts install packages, which fails because the environment variable is not set. This sets the variable for all three kinds of scripts {pre,post-}invoke and pre-install-pkgs, but we will only allow post-invoke at a later time. || || apt || Bug:1698159 || apt.conf.autoremove: Add linux-cloud-tools to list || || apt || Bug:1781169 || Add support for dpkg frontend lock || || apt || Bug:1794957 || http: Stop pipeline after close only if it was not filled before || || apt || Bug:1794053 || pkgCacheFile: Only unlock in destructor if locked before || || apt || Bug:1787120 || Support records larger than 32kb in 'apt show' || || packagekit || Bug:1795614 || debian/patches/frontend-locking.diff: Implement frontend locking in a simple way. Will need some more work to upstream, and possibly some error checking. || || dpkg || Bug:1796081 || Apply patch from upstream to add frontend locking: || || distro-info-data || Bug:1800656 || Add Ubuntu 19.04 Disco Dingo. || || sosreport || Bug:1803735 || d/p/dont-collect-some-tracing-instance-files.patch: || || sosreport || Bug:1775195 || New 3.6 upstream release. major enhancements to core features and existing plugins: || || grub2 || Bug:1792575 || debian/patches/linuxefi_fix_relocate_coff.patch: fix typo in relocate_coff() causing issues with relocation of code in chainload. || || grub2 || Bug:1792575 || debian/patches/linuxefi_truncate_overlong_reloc_section.patch: The Windows 7 bootloader has inconsistent headers; truncate to the smaller, correct size to fix chainloading Windows 7. || || grub2 || Bug:1785033 || debian/patches/0001-i386-linux-Add-support-for-ext_lfb_base.patch: Add support for ext_lfb_base. || || grub2-signed || Bug:1792575 || Rebuild against grub2 2.02~beta2-36ubuntu3.20. || || grub2-signed || Bug:1785033 || Rebuild against grub2 2.02~beta2-36ubuntu3.19.) || || walinuxagent || Bug:1799498 || New upstream release. || || ubuntu-image || Bug:1807750 || debian/control: add sudo to the list of dependencies as we need it for the sudo cp workaround we have in place for xenial's outdated mkfs.ext4. || || debootstrap || Bug:1773496 || For (Ubuntu) releases disco+ default to MERGED_USR=yes, -k extract option. ||