Kernel SRU Workflow

jammy/linux-oem-5.17: 5.17.0-1027.28 -proposed tracker

Bug #2003451 reported by Stefan Bader
20
This bug affects 2 people
Affects Status Importance Assigned to Milestone
Kernel SRU Workflow
Fix Released
Medium
Unassigned
Automated-testing
Fix Released
Medium
Canonical Kernel Team
Boot-testing
Fix Released
Medium
Unassigned
Certification-testing
Fix Released
Medium
Unassigned
Kernel-signoff
Fix Released
Undecided
Canonical Kernel Team
New-review
Fix Released
Medium
Andy Whitcroft
Prepare-package
Fix Released
Medium
Timo Aaltonen
Prepare-package-generate
Fix Released
Undecided
Unassigned
Prepare-package-lrg
Fix Released
Medium
Timo Aaltonen
Prepare-package-lrm
Fix Released
Medium
Timo Aaltonen
Prepare-package-lrs
Fix Released
Medium
Timo Aaltonen
Prepare-package-meta
Fix Released
Medium
Timo Aaltonen
Prepare-package-signed
Fix Released
Medium
Timo Aaltonen
Promote-signing-to-proposed
Invalid
Medium
Unassigned
Promote-to-proposed
Fix Released
Medium
Ubuntu Stable Release Updates Team
Promote-to-security
Fix Released
Medium
Andy Whitcroft
Promote-to-updates
Fix Released
Medium
Andy Whitcroft
Regression-testing
Fix Released
Medium
Canonical Kernel Team
Security-signoff
Fix Released
Medium
Steve Beattie
Sru-review
Fix Released
Medium
Andy Whitcroft
Verification-testing
Fix Released
Medium
Canonical Kernel Team
canonical-signing-jobs
Fix Released
Medium
Andy Whitcroft
linux-oem-5.17 (Ubuntu)
Jammy
Fix Released
Medium
Unassigned

Bug Description

This bug will contain status and test results related to a kernel source (or snap) as stated in the title.

For an explanation of the tasks and the associated workflow see:
  https://wiki.ubuntu.com/Kernel/kernel-sru-workflow

-- swm properties --
built:
  from: 7534b109076e7b91
  route-entry: 1
delta:
  promote-to-proposed: [lrm, lrs, main, signed, meta, lrg, generate]
  promote-to-security: []
  promote-to-updates: [main, lrs, meta, lrm, signed]
flag:
  boot-testing-requested: true
  proposed-announcement-sent: true
  proposed-testing-requested: true
  stream-from-cycle: true
issue: KSRU-6296
packages:
  generate: linux-generate-oem-5.17
  lrg: linux-restricted-generate-oem-5.17
  lrm: linux-restricted-modules-oem-5.17
  lrs: linux-restricted-signatures-oem-5.17
  main: linux-oem-5.17
  meta: linux-meta-oem-5.17
  signed: linux-signed-oem-5.17
phase: Complete
phase-changed: Thursday, 09. February 2023 00:16 UTC
reason: {}
synthetic:
  :promote-to-as-proposed: Fix Released
variant: debs
versions:
  lrm: 5.17.0-1027.28
  main: 5.17.0-1027.28
  meta: 5.17.0.1027.25
  signed: 5.17.0-1027.28
~~:
  clamps:
    new-review: 7534b109076e7b91
    promote-to-proposed: 7534b109076e7b91
    self: 5.17.0-1027.28
    sru-review: 7534b109076e7b91

See original description
Stefan Bader (smb)
tags: added: kernel-release-tracking-bug-live
description: updated
tags: added: kernel-sru-cycle-2023.01.02-2
description: updated
description: updated
tags: added: kernel-sru-derivative-of-2003452
Changed in kernel-sru-workflow:
status: New → Confirmed
importance: Undecided → Medium
Ubuntu Kernel Bot (ubuntu-kernel-bot)
Changed in linux-oem-5.17 (Ubuntu Jammy):
importance: Undecided → Medium
Changed in kernel-sru-workflow:
status: Confirmed → Triaged
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in linux-oem-5.17 (Ubuntu Jammy):
status: New → Confirmed
Ubuntu Kernel Bot (ubuntu-kernel-bot)
description: updated
Changed in kernel-sru-workflow:
status: Triaged → In Progress
Ubuntu Kernel Bot (ubuntu-kernel-bot)
tags: added: kernel-jira-issue-ksru-6296
Ubuntu Kernel Bot (ubuntu-kernel-bot)
description: updated
Ubuntu Kernel Bot (ubuntu-kernel-bot)
description: updated
Timo Aaltonen (tjaalton)
summary: - jammy/linux-oem-5.17: <version to be filled> -proposed tracker
+ jammy/linux-oem-5.17: 5.17.0-1027.28 -proposed tracker
Ubuntu Kernel Bot (ubuntu-kernel-bot)
description: updated
Ubuntu Kernel Bot (ubuntu-kernel-bot)
description: updated
description: updated
Ubuntu Kernel Bot (ubuntu-kernel-bot)
description: updated
Ubuntu Kernel Bot (ubuntu-kernel-bot)
description: updated
Ubuntu Kernel Bot (ubuntu-kernel-bot)
description: updated
Ubuntu Kernel Bot (ubuntu-kernel-bot)
description: updated
Ubuntu Kernel Bot (ubuntu-kernel-bot)
description: updated
Ubuntu Kernel Bot (ubuntu-kernel-bot)
description: updated
description: updated
Ubuntu Kernel Bot (ubuntu-kernel-bot)
description: updated
Ubuntu Kernel Bot (ubuntu-kernel-bot)
description: updated
description: updated
Ubuntu Kernel Bot (ubuntu-kernel-bot)
description: updated
Ubuntu Kernel Bot (ubuntu-kernel-bot)
description: updated
Andy Whitcroft (apw)
description: updated
Ubuntu Kernel Bot (ubuntu-kernel-bot)
description: updated
Ubuntu Kernel Bot (ubuntu-kernel-bot)
description: updated
Ubuntu Kernel Bot (ubuntu-kernel-bot)
description: updated
description: updated
Ubuntu Kernel Bot (ubuntu-kernel-bot)
description: updated
Ubuntu Kernel Bot (ubuntu-kernel-bot)
description: updated
Ubuntu Kernel Bot (ubuntu-kernel-bot)
description: updated
Revision history for this message
Dimitri John Ledkov (xnox) wrote :

Contains correct revocations, but lacks expose built-in trusted and revoked certificates https://lists.ubuntu.com/archives/kernel-team/2022-November/134890.html

Ubuntu Kernel Bot (ubuntu-kernel-bot)
description: updated
Ubuntu Kernel Bot (ubuntu-kernel-bot)
description: updated
Andy Whitcroft (apw)
tags: added: kernel-signing-bot
Changed in canonical-signing-jobs:
assignee: nobody → Andy Whitcroft (apw)
importance: Undecided → Medium
importance explanation: unset → unset
status explanation: unset → validate \ --exclude jammy:linux-oem-5.17 --publications \ ~canonical-kernel-team/+archive/ubuntu/ppa/+sourcepub/14455247 \ ~canonical-kernel-team/+archive/ubuntu/ppa/+sourcepub/14455248 \ ~canonical-kernel-team/+archive/ubuntu/ppa/+sourcepub/14457298 \ ~canonical-kernel-team/+archive/ubuntu/ppa/+sourcepub/14455249 \ ~canonical-kernel-team/+archive/ubuntu/ppa/+sourcepub/14455250 \ ~canonical-kernel-team/+archive/ubuntu/ppa-ps/+sourcepub/14455255 \ ~canonical-kernel-team/+archive/ubuntu/ppa-ps/+sourcepub/14455256 copy \ --from ppa:canonical-kernel-team/ubuntu/ppa --from-suite jammy --sources \ linux-oem-5.17/5.17.0-1027.28 \ linux-meta-oem-5.17/5.17.0.1027.25 \ linux-generate-oem-5.17/5.17.0-1027.28 \ linux-signed-oem-5.17/5.17.0-1027.28/signing \ linux-restricted-modules-oem-5.17/5.17.0-1027.28 \ --from ppa:canonical-kernel-team/ubuntu/ppa-ps --from-suite jammy --sources \ linux-restricted-generate-oem-5.17/5.17.0-1027.28 \ linux-restricted-signatures-oem-5.17/5.17.0-1027.28/signing \ --to signing:ubuntu/4 --to-suite jammy copy \ --from signing:ubuntu/4 --from-suite jammy --sources \ linux-oem-5.17/5.17.0-1027.28 \ linux-meta-oem-5.17/5.17.0.1027.25 \ linux-signed-oem-5.17/5.17.0-1027.28 \ linux-restricted-modules-oem-5.17/5.17.0-1027.28 \ linux-restricted-signatures-oem-5.17/5.17.0-1027.28 \ --to ppa:canonical-kernel-security-team/ubuntu/proposed3 --to-suite jammy delete \ --from signing:ubuntu/4 --from-suite jammy --sources \ linux-oem-5.17/5.17.0-1027.28 \ linux-meta-oem-5.17/5.17.0.1027.25 \ linux-generate-oem-5.17/5.17.0-1027.28 \ linux-signed-oem-5.17/5.17.0-1027.28 \ linux-restricted-modules-oem-5.17/5.17.0-1027.28 \ linux-restricted-generate-oem-5.17/5.17.0-1027.28 \ linux-restricted-signatures-oem-5.17/5.17.0-1027.28
status: New → Triaged
Ubuntu Kernel Bot (ubuntu-kernel-bot)
Changed in canonical-signing-jobs:
status: Triaged → Confirmed
description: updated
Andy Whitcroft (apw)
Changed in canonical-signing-jobs:
status: Confirmed → In Progress
Ubuntu Kernel Bot (ubuntu-kernel-bot)
description: updated
Ubuntu Kernel Bot (ubuntu-kernel-bot)
description: updated
Ubuntu Kernel Bot (ubuntu-kernel-bot)
description: updated
Ubuntu Kernel Bot (ubuntu-kernel-bot)
description: updated
Ubuntu Kernel Bot (ubuntu-kernel-bot)
description: updated
Ubuntu Kernel Bot (ubuntu-kernel-bot)
description: updated
Andy Whitcroft (apw)
Changed in canonical-signing-jobs:
importance explanation: unset → Successful
status: In Progress → Fix Released
Ubuntu Kernel Bot (ubuntu-kernel-bot)
description: updated
Ubuntu Kernel Bot (ubuntu-kernel-bot)
description: updated
Ubuntu Kernel Bot (ubuntu-kernel-bot)
description: updated
Ubuntu Kernel Bot (ubuntu-kernel-bot)
description: updated
Ubuntu Kernel Bot (ubuntu-kernel-bot)
description: updated
Revision history for this message
Devices Certification Bot (ce-certification-qa) wrote :

Kernel deb testing completes, no regressions found. Ready for Updates. Results here: https://trello.com/c/h3JPRJ9r/2839-oemjammy-linux-image-5170-1027-oem-5170-102728

Ubuntu Kernel Bot (ubuntu-kernel-bot)
description: updated
Ubuntu Kernel Bot (ubuntu-kernel-bot)
description: updated
Ubuntu Kernel Bot (ubuntu-kernel-bot)
description: updated
Timo Aaltonen (tjaalton)
tags: added: automated-testing-passed
tags: added: verification-testing-passed
tags: added: regression-testing-passed
Ubuntu Kernel Bot (ubuntu-kernel-bot)
description: updated
Ubuntu Kernel Bot (ubuntu-kernel-bot)
description: updated
Ubuntu Kernel Bot (ubuntu-kernel-bot)
description: updated
Ubuntu Kernel Bot (ubuntu-kernel-bot)
description: updated
Timo Aaltonen (tjaalton)
description: updated
tags: removed: kernel-sru-derivative-of-2003452
Ubuntu Kernel Bot (ubuntu-kernel-bot)
description: updated
Ubuntu Kernel Bot (ubuntu-kernel-bot)
description: updated
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux-oem-5.17 - 5.17.0-1027.28

---------------
linux-oem-5.17 (5.17.0-1027.28) jammy; urgency=medium

  * jammy/linux-oem-5.17: 5.17.0-1027.28 -proposed tracker (LP: #2003451)

  * CVE-2022-3545
    - nfp: fix use-after-free in area_cache_get()

  * CVE-2022-42895
    - Bluetooth: L2CAP: Fix attempting to access uninitialized memory

  * ThinkPad L14 Gen 3 blank laptop screen on bootup (LP: #2002467)
    - Revert "drm/amdgpu: make sure to init common IP before gmc"

  * CVE-2023-0179
    - netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits

  [ Ubuntu: 5.17.0-15.16~22.04.8 ]

  * jammy/linux-hwe-5.17: 5.17.0-15.16~22.04.8 -proposed tracker (LP: #2003452)
  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts
    - debian/dkms-versions -- update from kernel-versions (main/2023.01.02)
  * Revoke & rotate to new signing key (LP: #2002812)
    - [Packaging] Revoke and rotate to new signing key
  * CVE-2022-45934
    - Bluetooth: L2CAP: Fix u8 overflow
  * CVE-2022-42896
    - Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM
    - Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm
  * CVE-2022-4378
    - proc: proc_skip_spaces() shouldn't think it is working on C strings
    - proc: avoid integer type confusion in get_proc_long

 -- Timo Aaltonen <email address hidden> Mon, 23 Jan 2023 12:37:39 +0200

Changed in linux-oem-5.17 (Ubuntu Jammy):
status: Confirmed → Fix Released
Ubuntu Kernel Bot (ubuntu-kernel-bot)
description: updated
Ubuntu Kernel Bot (ubuntu-kernel-bot)
description: updated
Ubuntu Kernel Bot (ubuntu-kernel-bot)
description: updated
Ubuntu Kernel Bot (ubuntu-kernel-bot)
description: updated
Revision history for this message
Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote : Workflow done!

All tasks have been completed and the bug is being closed

Changed in kernel-sru-workflow:
status: In Progress → Fix Committed
Ubuntu Kernel Bot (ubuntu-kernel-bot)
Changed in kernel-sru-workflow:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.