Tuesday, 29 August 2017

Ubuntu Kernel Team - Weekly Newsletter, 2017-08-29

August 22 through August 28

##Development (Artful / 17.10)##


Important upcoming dates:
Beta 1 - Aug 31 (~1-2 days away)
Final Beta - Sept 28 (~4 weeks away)
Kernel Freeze - Oct 5 (~5 weeks away)
Final Freeze - Oct 12 (~6 weeks away)
Ubuntu 17.04 - Oct 19 (~7 weeks away)

We intend to target a 4.13 kernel for the Ubuntu 17.10 release. The
Artful kernel is currently based on Linux 4.12.9. The Artful staging
kernel repository has been updated to 4.13-rc7. As a reminder, the
Ubuntu 17.10 Kernel Freeze is Thurs Oct 5, 2017.

##Stable (Released & Supported)##
* The latest SRU cycle has been completed successfully and the
following kernel updates have been promoted to -updates:
trusty 3.13.0-129.178
xenial 4.4.0-93.116
zesty 4.10.0-33.37

trusty/lts-xenial 4.4.0-93.116~14.04.1
xenial/raspi2 4.4.0-1071.79
xenial/snapdragon 4.4.0-1073.78
xenial/aws 4.4.0-1032.41
xenial/gke 4.4.0-1028.28
xenial/hwe 4.10.0-33.37~16.04.1
zesty/raspi2 4.10.0-1016.19

* The following CVEs have been fixed by kernels promoted to -updates
and -security:
Trusty (3.13.0-129.178)
* CVE-2017-1000112
* CVE-2017-1000111
* CVE-2016-7914
* CVE-2017-7616
* CVE-2017-7261
* CVE-2017-7273
* CVE-2017-7487
* CVE-2017-7495

Xenial (4.4.0-93.116)
* CVE-2017-1000112
* CVE-2017-1000111
* CVE-2017-7495
* CVE-2015-7837

Zesty (4.10.0-33.37)
* CVE-2017-1000112
* CVE-2017-1000111
* CVE-2017-7487

* The following kernel snap updates have been uploaded to the snap store:

* Current cycle: 25-Aug through 16-Sep

25-Aug Last day for kernel commits for this cycle.
28-Aug - 02-Sep Kernel prep week.
03-Sep - 15-Sep Bug verification & Regression testing.
18-Sep Release to -updates.

* Next cycle: 15-Sep through 07-Oct

15-Sep Last day for kernel commits for this cycle.
18-Sep - 23-Sep Kernel prep week.
24-Sep - 06-Oct Bug verification & Regression testing.
09-Oct Release to -updates.

* The Canonical Kernel Team is Hiring!

* We've updated the bcc snap based on the Mon August 28th tip commit:
* http://bugs.launchpad.net/bugs/1712168
In Artful we enforce loading of only signed kernel modules under
secure boot. We support self-signing of modules by enrolling a MOK key
with shim and signing modules with that key. However a bug in our
4.12/4.13 kernels was causing the kernel to not use the MOK when
validating signatures. A fix for that has been comitted and will be in
the next artful-proposed kernel.
* The current CVE status
* If you would like to reach the kernel team, you can find us at the
channel on FreeNode. Alternatively, you can mail the Ubuntu Kernel
Team mailing
list at: kernel-team@lists.ubuntu.com.

ubuntu-devel mailing list
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel