18.04.2


This is a brief summary of bugs fixed between Ubuntu 18.04.1 and 18.04.2. This summary covers only changes to packages in main and restricted, which account for all packages in the officially-supported CD images; there are further changes to various packages in universe and multiverse. Some of these fixes were by Ubuntu developers directly, while others were by upstream developers and backported to Ubuntu. For full details, see the individual package changelogs.

In addition to the bugs listed below, this update includes all security updates from the Ubuntu Security Notice list affecting Ubuntu 18.04 LTS that were released up to and including February 4, 2019. The last update included was USN-3871-3 (Linux kernel vulnerabilities).

Installation bug fixes

Updated CD images are provided with this release, including fixes for some installation bugs. (Many installation problems are hardware-specific; for those, see "Hardware support bugs" below.)

console-setup

1762952

keyboard-configuration.config: While sourcing config files to re-seed debconf, load missing variables as empty values of same

console-setup

1762952

keyboard-configuration.{config,templates}: There is no good default for layout toggling, stop pretending there is. Console users can set one with dpkg-reconfigure or editing /etc/defaults/keyboard

livecd-rootfs

1302192

generate all tar files with --xattrs.

livecd-rootfs

1585233

ubuntu-cpc: Reintroduce the -root.tar.xz artifact.

console-setup

1788597

keyboard-configuration.config: Fix exit/return thinko

livecd-rootfs

1783129

Disentangle enabling universe in the final image a little from having PREINSTALLED=true set and enable it for a live-server build.

livecd-rootfs

1776891

Disable journald rate limiting in the live-server live session.

initramfs-tools

1769682

scripts/functions: write netplan config files to /run/netplan for network devices configured with configure_networking.

initramfs-tools

1769682

scripts/functions: add 'critical: true' parameter; requires netplan 0.36.2.

initramfs-tools

1661629

Work out the kernel modules required to support ZFS filesystems and add them as necessary.

ubiquity

1749289

Implement missing reboot and shutdown methods in debconf_ui

ubiquity

1777900

Add systemd-resolved to oem-config.target's Wants

livecd-rootfs

1792905

Ensure /lib/modules exists in root tarballs and sqashfs.

initramfs-tools

1667512

b4804dd] Only sync the filesystem containing the initramfs

initramfs-tools

1791959

debian/initramfs-tools.postinst: remove orphaned old-dkms initrd files in /boot.

ubiquity

1789920

Mask ubiquity.service in a system installed with oem-config/enabled=true, as this prevents getty@tty1.service from running.

livecd-rootfs

1805190

Include grub efi packages in manifests for uefi images.

livecd-rootfs

1799773

Disable checksum generation.

installation-guide

1730322

Describe HWE kernel, point release and url for supported arm64 platforms.

installation-guide

1804306

Move supported arm64 server list to a wiki page to ease maintenance

debian-installer

1807023

build/pkg-lists/base: add ca-certificates-udeb to enable HTTPS without d-i/allow_unauthenticated_ssl in stock initramfs image as in Debian.

ubiquity

1768230

scripts/plugininstall.py: don't hard-code a resume partition in /etc/initramfs-tools/conf.d/resume at install time. In bionic and later, initramfs-tools will autodetect an appropriate resume partition at initramfs generation time, so ubiquity's resume setting is redundant and possibly wrong.

debian-installer

1809021

Add HWE variants for all architectures

Upgrade bug fixes

These changes fix upgrade issues, smoothing the way for future upgrades to later releases of Ubuntu.

ubuntu-release-upgrader

1783589

make sure that snapd is installed before trying to use it.

ubuntu-release-upgrader

1783593

update the view with information regarding the progress of snaps being installed.

ubuntu-release-upgrader

1783738

when checking for connectivity to the snap store use C.UTF-8 for the language so error message matching works.

ubuntu-release-upgrader

1785096

Remove debs from apt's "Dir::Cache::archives" folder after the upgrade has completed successfully.

ubuntu-release-upgrader

1766890

Upgrade libc6 before other packages to work around trigger issues

ubuntu-release-upgrader

1787668

DistUpgradeQuirks.py: if ubuntu-desktop or snapd isn't in the package cache don't try and run the quirk for installing or upgrading snaps.

gnome-initial-setup

1781417

Display the ubuntu welcome wizard in Unity, don't display the "what's new" page though since Unity didn't change

ubuntu-release-upgrader

1787649

DistUpgradeController.py: If the attempt to only upgrade libc6 ends up creating an issue with apt's problem resolver try the full upgrade. This is what would have happened before the fix for bug 1766890.

update-manager

1317164

Print transaction error and let the user try again applying updates

update-manager

1791931

Don't ask backend to do package operations aready done. Aptdaemon cancels the transaction when asked to remove packages already removed which results the failure being shown to the user. This is unnecessary as update-manager can just filter the package operations to be done using a fresh cache and decrease the likelyhood of hitting a race condition where packages to be removed are already removed.

ubuntu-release-upgrader

1797209

do-release-upgrade: do not run the release upgrade if either not all updates are installed or a reboot is required due to a libc6 upgrade.

ubuntu-release-upgrader

1796940

debian/control: change ubuntu-release-upgrader-core to depend on ca-certificates

unattended-upgrades

1789637

Unlock for dpkg operations with apt_pkg.pkgsystem_unlock_inner() when it is available. Also stop running when reacquiring the lock fails. Thanks to Julian Andres Klode for original partial patch

unattended-upgrades

1781586

Skip rebuilding python-apt in upgrade autopkgtests. Python-apt has a new build dependency making the rebuilding as is failing and the reference handling issue is worked around in unattended-upgrades already.

unattended-upgrades

1785093

Stop trying when no adjustment could be made and adjust package candidates only to lower versions

unattended-upgrades

1785093

Skip already adjusted packages from being checked for readjusting. This makes it clearer that the recursion ends and can also be a bit quicker.

update-manager

1072136

Keep or delete packages after looping over all of them. This prevents the resolver from changing the packages in the loop resulting in not keeping some phased packages back from being upgraded.

update-manager

1795898

Stop lazy import of InstallBackends. Lazy imports made update-manager crash when an update-manager update changed the backend API and an updated incompatible backend was loaded to the not updated running update-manager process.

update-manager

1790670

Cancel transaction on exit only when Cancel button is active. Also ignore exception when cancellation fails.

ubuntu-release-upgrader

1799839

DistUpgrade/DistUpgradeController.py: check all the python symlinks and versions instead of the python one. Thanks to juliank for the assistance.

ubuntu-release-upgrader

1799710

do-release-upgrade: Do not block release upgrades if the installable updates are ones which are not fully phased.

update-manager

1787553

Add a reminder to enable Livepatch.

ubuntu-release-upgrader

1797384

Set icon_name in the dialogs so that there will be an icon in gnome-shell.

update-notifier

1800862

Check if a Livepatch patch has been applied during boot or before update-notifier has started.

unattended-upgrades

1778219

Trigger unattended-upgrade-shutdown actions with PrepareForShutdown() Performing upgrades in service's ExecStop did not work when the upgrades involved restarting services because systemd blocked other stop/start actions making maintainer scripts time out and be killed leaving a broken system behind. Running unattended-upgrades.service before shutdown.target as a oneshot service made it run after unmounting filesystems and scheduling services properly on shutdown is a complex problem and adding more services to the mix make it even more fragile. The solution of monitoring PrepareForShutdown() signal from DBus allows Unattended Upgrade to run _before_ the jobs related to shutdown are queued thus package upgrades can safely restart services without risking causing deadlocks or breaking part of the shutdown actions. Also ask running unattended-upgrades to stop when shutdown starts even in InstallOnShutdown mode and refactor most of unattended-upgrade-shutdown to UnattendedUpgradesShutdown class.

unattended-upgrades

1778219

Increase logind's InhibitDelayMaxSec to 30s. This allows more time for unattended-upgrades to shut down gracefully or even install a few packages in InstallOnShutdown mode, but is still a big step back from the 30 minutes allowed for InstallOnShutdown previously. Users enabling InstallOnShutdown node are advised to increase InhibitDelayMaxSec even further possibly to 30 minutes.

unattended-upgrades

1803749

Stop using ActionGroups, they interfere with apt.Cache.clear() causing all autoremovable packages to be handled as newly autoremovable ones and be removed by default. Dropping ActionGroup usage does not slow down the most frequent case of not having anything to upgrade and when there are packages to upgrade the gain is small compared to the actual package installation. Also collect autoremovable packages before adjusting candidates because that also changed .is_auto_removable attribute of some of them.

update-manager

1805118

Do not show the livepatch reminder if update-manager is running on a distribution without software-properties-gtk.

update-manager

1787553

Add a reminder to enable Livepatch.

software-properties

1805436

cloudarchive: Enable support for the Stein Ubuntu Cloud Archive on 18.04.

shotwell

1802895

New bugfix update

shotwell

1606491

Fix "Out of memory" issues when scrolling through large collections

shotwell

1723181

direct: Fix crash when dismissing modifications

libreoffice

1799230

New upstream release

libreoffice-l10n

1799230

New upstream release

unattended-upgrades

1806487

Start service after systemd-logind.service to be able to take inhibition lock

unattended-upgrades

1806487

Handle gracefully when logind is down

update-notifier

1809505

src/update-notifier.c: Don't use G_SPAWN_DO_NOT_REAP_CHILD in order to avoid zombie processes.

update-manager

1798618

UpdateManager/Core/MetaRelease.py: set prompt in MetaReleaseCore so that do-release-upgrade can provide more informative error messages.

update-manager

1795024

UpdateManager/Core/MetaRelease.py: set prompt in MetaReleaseCore so that do-release-upgrade can provide more informative error messages.

ubuntu-release-upgrader

1795024

data/release-upgrades: Clarify documentation regarding the behavior for different Prompt settings.

ubuntu-release-upgrader

1798618

do-release-upgrade: Utilize information regarding what Prompt is set to so that a more informative error message can be displayed.

ubuntu-release-upgrader

1795024

do-release-upgrade: Utilize information regarding what Prompt is set to so that a more informative error message can be displayed.

ubuntu-release-upgrader

1786484

DistUpgrade/DistUpgradeCache.py: When calculating free space needed for mount points don't use a negative number as the buffer.

ubuntu-release-upgrader

1807043

DistUpgrade/DistUpgradeController.py: When rewriting sources.list entries check to see if the source provides packages for the release to which the upgrade is occurring. If it doesn't the entry is disabled thereby improving upgrades with PPAs.

ubuntu-release-upgrader

1807032

do-release-upgrade: add a parameter to allow third party mirrors and repositories, additionally pass along the environmental variable RELEASE_UPGRADER_ALLOW_THIRD_PARTY via pkexec and sudo.

ubuntu-release-upgrader

1771387

DistUpgrade/DistUpgradeCache.py: in the event there is a failure to calculate the upgrade provide information about the log files in /var/log/dist-upgrade.

ubuntu-release-upgrader

1773637

DistUpgrade/xorg_fix_proprietary.py: modify how the system is checked to see if nvidia is being used, drop fglrx check since it has been deprecated.

Desktop fixes

These changes mainly affect desktop installations of Ubuntu, Kubuntu, Edubuntu and other Ubuntu-based systems.

xorg

1768610

Rename nux config leftovers which might change the environment even when not running an unity session

vte2.91

1780501

Revert the changes to revert-pcre2.patch in the previous SRU since they introduced API incompatibilies which aren't OK in an SRU.

gnome-menus

1765799

Fix app menus not updating correctly after app install or removal. This patch was accidentally dropped in previous merge.

gnome-shell-extension-ubuntu-dock

1712661

Fix crash connecting/disconnecting monitors

gnome-shell-extension-ubuntu-dock

1784920

Fix showApps button label position

gnome-control-center

1779051

Fix crash when settings changed after panel closed

gnome-software

1778160

Fix crash when have plugs with multiple slots available

gnome-software

1781996

don't segfault on null snap installation date

gnome-shell

1718931

New upstream release

gnome-shell

1782614

New upstream release

gnome-shell

1784671

Don't handle key presses directly if there are modifiers

mutter

1754949

Avoid crashing when warning about wrongly set crtc mode

mutter

1767956

Don't crash if drmModeGetResources returns NULL

mutter

1784398

Always update monitor in wayland, avoiding crash

mutter

1772831

Don't return screen resolutions that can't be applied

mutter

1422253

Don't crash if a modal dialog closes while being dragged

mutter

1723615

Don't try to use an invalid monitor mode to figure out scaling

mutter

1783311

No-change backport to bionic

gnome-software

1775226

also disable offline updates in refresh plugin

ubuntu-report

1786432

Include optional DCD OEM file

ubuntu-report

1784383

Collect number of disks and their sizes

apport

1778497

Add a remember option to whoopsie so that users can diminish crash interactions

apport

1778694

Move apport autoreport service files to apport binary package. Having them in apport-noui was creating a bug where autoreport wasn't working on desktop. As we check in the launched script for whoopsie and autoreport file, we don't autoreport by default. apport-noui still touches the file to enable autoreport on install.

apport

1778694

Start apport-autoreport after installing apport-noui which is part of improving apport's automatic crash reporing feature.

software-properties

1770686

SoftwarePropertiesGtk.py: Hide livepatch widgets in flavors without an online account panel in gnome-control-center

glib2.0

1789472

New upstream release

ubuntu-settings

1782190

revert in communitheme session default font size to 11, as it creates rendering issues in GNOME Shell

firefox

1791789

Fix : Mark distribution search engines as read-only, so that they are marked as hidden in rather than removed from the search engine cache when a user "removes" them (they can't actually be removed from disk). This stops them from reappearing on cache rebuilds

firefox

1791789

Backport upstream change to the search service to not handle locale changes on shutdown. As well as resulting in en-US search engines being added to the search engine cache for all locales, it was resulting in a cache rebuild on every restart, making the above bug worse (fixes another part of )

firefox

1791789

Set "spellchecker.dictionary_path" by default to point to /usr/share/hunspell so that system dictionaries are loaded again, now that Firefox no longer loads them from its own install directory. Fixes another part of

firefox

1791789

Final part of the fix for : Cleanup extra Amazon.com search engine in locales that have their own Amazon search engine

fonts-liberation

1769654

Backport to bionic to fix skewed font metrics

fonts-liberation2

1769654

Backport to bionic to fix skewed font metrics

libreoffice

1785679

New upstream release

libreoffice-l10n

1785679

New upstream release

evolution-data-server

1784514

New upstream release

apport

1791324

Handle old reports generated pre-apport with "remember" option. If the option isn't there, consider as false.

nautilus

1782681

New upstream release: 3.26.4

nautilus

1765776

New upstream release: 3.26.4

nautilus

1767027

Follow nautilus settings to search only in current folder. This doesn't apply to gnome-shell search provider for indexed searches.

nautilus

1764779

don't crash if selecting a volume that is not mounted

nautilus

1713581

don't crash when try to select a file multiple times in a single run

nvidia-graphics-drivers-340

1791542

Use diversions for "libGLESv1_CM.so" "libGLESv1_CM.so.1".

nvidia-graphics-drivers-340

1761593

Install the modprobe file in /lib, and remove the blacklist file manually.

gnome-mines

1772191

Backport fix from 3.30 for missing high resolution app icon

gnome-software

1789336

Show verified developers

gnome-software

1789338

Use wide scope searching

gnome-software

1756379

Delay startup of service to allow the shell to load first

ubuntu-themes

1773045

Remove nonexistent gnome-builder.css

ubuntu-themes

1781736

Radiance: fix typo in assets link for focused buttons

ubuntu-themes

1781736

Radiance: Use scaled image for buttons border

ubuntu-themes

1782038

Ambiance, Radiance: don't use padding on window buttons for chromium

ubuntu-themes

1758841

Ambiance: use default foreground color for toolbar menus

ubuntu-themes

1743373

Ambiance, Radiance: show proper arrow in combobox

ubuntu-themes

1785699

Ambiance, Radiance: use default disabled color for actions headerbar buttons

ubuntu-themes

1761684

Ambiance, Radiance: fix list selected color for gnome-boxes

ubuntu-themes

1795895

Ambiance, Radiance: properly theme disabled and hovered accelerators

xorg-server

1789913

prime-sync-refactor.diff: Fix crash on modesetting+amdgpu hybrid.

nautilus

1795028

Fix remote filesystem check on file during search

nautilus

1798426

Refreshed to add memory leak and potential crash fixes

gnome-settings-daemon

1797322

backport fix from upstream to resolve suspend/resume rfk issues

xdg-utils

1743216

Use perl's decode() to ensure we don't pass invalid UTF-8 to D-Bus, as doing so triggers an assertion from libdbus which makes us crash.

fonts-noto-color-emoji

1788256

New upstream release

evince

1790609

New upstream release

apport

1760220

apport/ui.py: when using ubuntu-bug properly handle executables which start with /snap/bin.

apport

1780767

test/test_ui_gtk.py: Increase the timeout so that when the autopkgtest infrastructure is busy the tests should not fail.

gnome-shell

1739931

use defined color for menu separators

gnome-shell

1743058

set StEntry minimun height to work properly with Ubuntu font

gnome-shell

1745888

Don't emit two click events on touch under X11

gnome-shell

1725312

Handle NULL scroll bars in st-scroll-view

gnome-calculator

1790876

New upstream stable release

mutter

1727356

Create back buffers in early intel GPU generations

mutter

1730211

Fix typing capital letters when using OSD keyboard

gnome-initial-setup

1789925

rework the patch from the previous upload to change the right reference this time

gnome-initial-setup

1764723

Show an error message in case livepatch setup fails. This also will make sure that gnome-intial-setup does not quit before livepatch responds back.

totem

1433984

backport fix for nautilus sometime crashing when closing the video properties dialog

totem

1798399

backport fixes to make the gallery plugin work again

desktop-file-utils

1768271

backport debian change to fix update-desktop-error with gnome-font-viewer 3.28

gnome-desktop3

1795668

Enable bubblewrap hardening for thumnbailers

ghostscript

1806517

SECURITY REGRESSION: multiple regressions

libgnomekbd

1721893

backport a patch available on bugzilla to fix a segfault in the keyboard layout preview code. The most common case seems to be g-c-c trying to preview a 'default' layout which was working before some other fixes landed, that fixes the regression.

gnome-software

1552792

Build with PackageKit autoremove support

gnome-software

1785240

Stop cancelling snapd authorization triggers error notification

gnome-software

1754864

Pull related flatpak refs

gnome-software

1798228

Fix snap search result ordering

gnome-software

1719797

Stop reboot notification from timing out

gnome-software

1798470

Support composite CAB files

gnome-desktop3

1807127

Fix thumbnailer on 32-bit systems where /lib64 is not available. This fixes a regression introduced in the previous update.

gedit

1800179

'document selector: make search caseless', it makes the filter in the open document dialog work in a more logical way

gnome-shell

1765304

Cherry-pick upstream commit to prevent focus stealing on password fields in firefox when ibus is used

libgweather

1803487

New upstream release: 3.28.2

nautilus

1804685

'preferences-window: Fix icon views captions order'

software-properties

1807373

SoftwarePropertiesGtk.py: when checking a package's depends for DKMS also pass on an AttributeError

gvfs

1803158

Use O_RDWR to fix fstat when writing

gvfs

1798725

common: Prevent crashes on invalid autorun file

gvfs

1630905

daemon: Prevent deadlock and invalid read when closing channels

gvfs

1792878

workaround libsoup limitation to prevent dav lockups

gvfs

1778322

smbbrowse: Force NT1 protocol version for workgroup support

gvfs

1803190

smb: Add workaround to fix removal of non-empty dir

gjs

1809181

New upstream release

gjs

1803271

New upstream release

gparted

1779292

d/patches/lvm2_prompt_patch.patch: Apply upstream patch to fix pvresize compatibility with LVM2 >= 2.02.171, which broke LVM PV resizing due to the addition of a confirmation dialogue for the resize.

cups

1804576

fix-handling-of-MaxJobTime.patch: Fix handling of MaxJobTime 0

totem

1726688

Together, these patches fix the right-click .desktop actions

gnome-shell-extension-ubuntu-dock

1743976

Avoid repainting an unchanging dock.

gnome-shell-extension-ubuntu-dock

1769383

theming: Ensure _trackingWindows contains valid windows

gnome-shell-extension-ubuntu-dock

1769383

extension: Ensure signal disconnection

firefox

1808980

Build with --enable-rust-simd (except on i386 and armhf)

libdrm

1798597

Backport to bionic for 18.04.2 HWE stack update.

wayland

1798597

Backport for 18.04.2 HWE stack update.

wayland

1781440

control: Bump Breaks/Replaces again to match reality.

mesa

1798597

Backport for 18.04.2 HWE stack update.

xf86-input-wacom-hwe-18.04

1798597

Backport for 18.04.2 HWE stack update.

xorg-server-hwe-18.04

1798597

Backport for 18.04.2 HWE stack update.

xserver-xorg-input-libinput-hwe-18.04

1798597

Backport for 18.04.2 HWE stack update.

xserver-xorg-video-amdgpu-hwe-18.04

1798597

Backport for 18.04.2 HWE stack update.

xserver-xorg-video-ati-hwe-18.04

1798597

Backport for 18.04.2 HWE stack update.

xserver-xorg-video-vesa-hwe-18.04

1798597

Backport for 18.04.2 HWE stack update.

xserver-xorg-video-vmware-hwe-18.04

1798597

Backport for 18.04.2 HWE stack update.

xserver-xorg-video-nouveau-hwe-18.04

1798597

Backport for 18.04.2 HWE stack update.

xserver-xorg-video-fbdev-hwe-18.04

1798597

Backport for 18.04.2 HWE stack update.

xserver-xorg-video-qxl-hwe-18.04

1798597

Backport for 18.04.2 HWE stack update.

xserver-xorg-video-dummy-hwe-18.04

1798597

Backport for 18.04.2 HWE stack update.

xorg-hwe-18.04

1798597

Backport for 18.04.2 HWE stack update.

cairo

1560286

"Revert "Correctly decode Adobe CMYK JPEGs in PDF export" From further testing and investigation it appears that many PDF viewers already have a workaround to invert Adobe CMYK JPEGs, so our generated PDFs display incorrectly with those viewers due to double-inversion.

xserver-xorg-video-intel-hwe-18.04

1798597

Backport for 18.04.2 HWE stack update.

These changes mainly affect installations of Ubuntu on server systems and clouds.

keepalived

1744062

d/p/fix-removing-left-over-addresses-if-keepalived-abort.patch: Cherry-picked from upstream to ensure left-over VIPs and eVIPs are properly removed on restart if keepalived terminates abonormally. This fix is from the upstream 1.4.0 release.

cloud-init

1784685

cherry-pick 3cee0bf8: oracle: fix detect_openstack to report True on

cloud-init

1777912

New upstream snapshot.

cloud-init

1770712

debian/rules: update version.version_string to contain packaged version.

cloud-init

1777912

New upstream release.

aodh

1776375

Support same projects in different domain

maas

1773201

Stable Release Update. New upstream release, MAAS 2.4.0

freeipmi

1784926

Cherry-pick patches from upstream that add support to ipmi-locate for parsing ACPI/SPMI tables out of sysfs:

rax-nova-agent

1783614

New upstream version 2.1.15

libvirt

1788226

Fix an issue where guests with plenty of hostdevs attached where detected as not shut down due to the kernel needing more time to free up resources

apache2

1750356

d/p/balance-member-long-hostname-part{1,2}.patch: Provide an RFC1035 compliant version of the hostname in the proxy_worker_shared structure. A hostname that is too long is no longer a fatal error.

chrony

1787366

d/p/lp-1787366-fall-back-to-urandom.patch: avoid hangs when starting the service on newer kernels by falling back to urandom.

avahi

1752411

debian/avahi-daemon-check-dns.sh: On some hardware, the 'host' command gets stuck and does not timeout as it should leaving this script and boot-up hanging indefinitely. Launch host with 'timeout' to kill it after 5 seconds in these cases as a workaround.

unbound

1788622

d/p/lp-1788622-fix-systemd-reload.patch: Fix hang due to all worker threads stopping on reload

maas

1788641

Stable Release Update. New upstream release, MAAS 2.4.2

postfix

1753470

debian/patches/fix-postconf-segfault.diff: Fix a postconf segfault when map file cannot be read. Thanks to Viktor Dukhovni <postfix- users@dukhovni.org>.

qemu

1755912

d/p/lp-1755912-qxl-fix-local-renderer-crash.patch: Fix an issue triggered by migrations with UI frontends or frequent guest resolution changes

qemu

1787408

d/p/ubuntu/target-ppc-extend-eieio-for-POWER9.patch: Backport to extend eieio for POWER9 emulation.

rax-nova-agent

1788716

Use DefaultDependencies=no to prevent forming service ordering cycles

openjdk-lts

1788250

debian/rules: by default leave atk disabled, move accessibility bridge to recommends.

openjdk-lts

1788267

debian/rules: by default leave atk disabled, move accessibility bridge to recommends.

openvpn

1787208

d/openvpn@.service: Add CAP_AUDIT_WRITE to avoid issues with callout scripts breaking due to sudo/pam being unable to audit the action. Fixed in upstream issue #918, suggested to Debian in #868806

libvirt

1788603

d/p/ubuntu-aa/lp-1788603-fix-ptrace-rules-with-kernel-4.18.patch: avoid issues with newer kernels >=4.18

libvirt

1789659

d/p/ubuntu/lp-1789659-don-t-check-for-parallel-iteration-in-hash.patch: remove broken and redundant check for parallel iteration in hash functions

nova-lxd

1789427

New upstream stable point release for OpenStack Queens.

nginx

1782226

Stable Release Update. Do not attempt to start nginx if other daemon is binding to port 80, to prevent install failure:

open-vm-tools

1791220

d/p/ubuntu/lp-1791220-Disable-hgfsServer-not-VMware.patch: avoid crashing with segfaults when force starting the service in non VMWare environments.

open-vm-tools

1790145

d/p/debian/scsi-udev-rule: fix applying of the scsi timeout

horizon

1790189

d/theme/ubuntu/_styles.scss: Ensure btn-danger rules are preferred when used with a, a:link, a:visited and dropdown-menu.li.

nova

1761140

d/control: Drop circular dependencies. nova-compute depends on nova-compute-* packages. nova-compute-* packages shouldn't depend on nova-compute. nova-compute-* should however depend on nova-common..

cloud-initramfs-tools

1792905

copymods: Take ownership of lib/modules

squid3

1792728

d/usr.sbin.squid: Update apparmor profile to grant read access to squid binary

webkit2gtk

1795901

Install missing headers

lxcfs

1788232

New upstream bugfix release:

lxc

1788457

New upstream bugfix release:

snapd-glib

1785240

Support auth cancelled error

snapd-glib

1789338

Support wide scope searches

snapd-glib

1789336

Support publisher information

snapd-glib

1789335

Support refresh information

networkd-dispatcher

1797884

Allow overriding /usr/lib scripts in /etc/networkd-dispatcher. Replaces our patch to use /usr/lib/networkd-dispatcher with the solution contributed upstream that has a search path with both /usr/lib/ and /etc locations.

qemu

1790901

Update pxe netboot images for KVM s390x to qemu 3.0 level The SLOF source pieces in src:qemu are only used for s390x netboot, which are independent ROMs (no linking). All other binaries out of this are part of src:slof and independent.

cloud-init

1795953

New upstream release.

horizon

1778771

d/p/add-enabled-check-in-backups-panel.patch: Cherry-picked from https://review.openstack.org/#/c/605994/ to ensure Volume Backups panel is disabled if enable_backup is False.

lxd

1788280

New upstream bugfix release:

lxd

1788314

Temporarily disable ZFS tests on s390x due to conflict between zfsutils-linux and s390-tools

netplan.io

1770082

Fix typo breaking rename on 'netplan apply'.

netplan.io

1793309

Backport netplan 0.40.1 to 18.04.

netplan.io

1795343

Deal gracefully with empty files on 'netplan apply'

netplan.io

1786726

Don't render ipv4 dns-search unless we have an ipv4 address.

netplan.io

1736965

Set permissive umask on networkd .network, .link and .netdev files

netplan.io

1768560

Set permissive umask on networkd .network, .link and .netdev files

netplan.io

1747455

Fix support for link-scope routes.

netplan.io

1756701

Spell Gratuitous ARP correctly and make it work.

netplan.io

1783940

Many typo fixes for documentation.

netplan.io

1771704

Allow link-local addresses to be configured.

netplan.io

1736975

Forces bridges with no addresses to be brought online.

netplan.io

1770082

Write udev .rules files to /run/udev/rules.d to enforce interface renaming.

netplan.io

1768823

Don't traceback for 'netplan ip leases' when iface is not managed or doesn't DHCP

netplan.io

1771440

Fix duplicate "/" path separator in error messages

netplan.io

1768798

Fix incorrect terminal reset in 'netplan try' on Ctrl-C.

netplan.io

1768783

Updated doc entries: mtu, fix fwmark->mark, cleanup optional.

netplan.io

1770082

Generate udev rules files to rename devices Due to a systemd issue[1], using link files to rename interfaces doesn't work as expected. Link files will not rename an interface if it was already renamed, and interfaces are renamed in initrd, so set-name will often not work as expected when rebooting. However, rules files will cause a renaming, even if the interface has been renamed in initrd.

amavisd-new

1792293

d/p/100_more_amavisd_helpers_fixes: Fix Debian/Ubuntu pathing in amavisd-release

amavisd-new

1770532

d/p/105_amavisd_fix_originating_dkim_signing.patch: Fix DKIM signing in 2.11.0

nova

1795424

New stable point release for OpenStack Queens.

heat

1795424

New stable point release for OpenStack Queens.

keystone

1795424

New stable point release for OpenStack Queens.

python-openstackclient

1800490

New stable point release for OpenStack Queens.

open-vm-tools

1793219

d/p/lp-1793219-fix-stats-overflow.patch: fix potential overflow of 32 bit /proc values

bind9

1769440

d/p/skip-rtld-deepbind-for-dyndb.diff: fix named-pkcs11 crashing on startup. Thanks to Petr Menšík <pemensik@redhat.com>

neutron

1795424

New stable point release for OpenStack Queens.

neutron

1790598

d/p/metadata-use-requests-for-comms-with-nova-api.patch: Cherry-picked from https://review.openstack.org/#/c/599541/ to enable cert management where IP addresses are used in subject alternate names.

openldap

1783183

d/apparmor-profile: update apparmor profile to allow reading of files needed when slapd is behaving as a kerberos/gssapi client and acquiring its own ticket.

samba

1795772

d/p/fix-rmdir.patch: fix the patch to not apply with offset, which previously made it change the wrong, almost identical, function.

samba

1795772

d/p/fix-rmdir.patch: Fix to make smbclient report directory-not-empty errors

ca-certificates-java

1770553

Backport from Cosmic.

ca-certificates-java

1771815

Merge from Debian unstable. Remaining changes:

ca-certificates-java

1771363

debian/postinst.in: Detect PKCS12 cacert keystore generated by previous ca-certificates-java and convert them to JKS.

ca-certificates-java

1769013

Merge from debian unstable. Remaining changes:

ca-certificates-java

1739631

Merge from debian unstable. Remaining changes:

apache2

1782806

d/debhelper/apache2-maintscript-helper: fix typo in apache2_switch_mpm()'s a2query call.

openjdk-lts

1800792

debian/patches/sec-webrev-11.0.1-b21-S8211731.patch: apply missing patch from the security update.

bubblewrap

1795668

Don't install setuid on Ubuntu & derivatives since Ubuntu's kernel enables unprivileged user namespaces

ubuntu-keyring

1798073

Validate that all shipped fragments are signed.

netplan.io

1802322

Fix idempotency in renaming: bond members should be exempt from rename, as they may all share a single MAC for the bond device.

netplan.io

1770082

Fix typo breaking rename on 'netplan apply'.

netplan.io

1793309

Backport netplan 0.40.1 to 18.04.

netplan.io

1795343

Deal gracefully with empty files on 'netplan apply'

netplan.io

1786726

Don't render ipv4 dns-search unless we have an ipv4 address.

netplan.io

1736965

Set permissive umask on networkd .network, .link and .netdev files

netplan.io

1768560

Set permissive umask on networkd .network, .link and .netdev files

netplan.io

1747455

Fix support for link-scope routes.

netplan.io

1756701

Spell Gratuitous ARP correctly and make it work.

netplan.io

1783940

Many typo fixes for documentation.

netplan.io

1771704

Allow link-local addresses to be configured.

netplan.io

1736975

Forces bridges with no addresses to be brought online.

netplan.io

1770082

Write udev .rules files to /run/udev/rules.d to enforce interface renaming.

netplan.io

1768823

Don't traceback for 'netplan ip leases' when iface is not managed or doesn't DHCP

netplan.io

1771440

Fix duplicate "/" path separator in error messages

netplan.io

1768798

Fix incorrect terminal reset in 'netplan try' on Ctrl-C.

netplan.io

1768783

Updated doc entries: mtu, fix fwmark->mark, cleanup optional.

rax-nova-agent

1804445

New upstream version 2.1.18

rax-nova-agent

1788716

Use DefaultDependencies=no to prevent forming service ordering cycles

libvirt

1801666

d/control: explicitly Build-dep on libwiretap-dev to fix FTBFS since libwireshark 2.6.x SRU upload

exim4

1786508

d/p/eximstats_unitialized_value.patch: Fix uninitialized value error in eximstats.

postfix

1791139

d/postfix-{cdb,ldap,lmdb,mysql,pcre,pgsql}.postinst, d/postfix.postinst: Handle empty alias_database field in main.cf

lxc

1804755

New upstream bugfix release:

lxcfs

1804753

New upstream bugfix release:

barbican

1806043

New stable point release for OpenStack Queens.

neutron-fwaas

1806043

New stable point release for OpenStack Queens.

keystone

1806043

New stable point release for OpenStack Queens.

nova

1744079

d/p/disk-size-live-migration-overcommit.patch: Cherry-picked from https://review.openstack.org/#/c/602478 to ensure proper disk calculation during live migration with over-commit.

nova

1806043

New stable point release for OpenStack Queens.

horizon

1802226

d/openstack-dashboard.postinst: Ensure that if memcached is installed it is restarted in post-install script after collecting/compressing static assets, enabling refresh of memcached static assets after upgrade.

psmisc

1806060

fix killall option parsing

walinuxagent

1799498

New upstream release.

ceph

1796645

New upstream point release.

cinder

1806043

New stable point release for OpenStack Queens.

netplan.io

1811210

No change rebuild in -security pocket to fix dependency issue

samba

1801227

d/p/auth-fail-eexist.diff: smbc_opendir should not return EEXIST with invalid login credentials. Thanks to David Mulder.

network-manager-applet

1807460

'libnma: unescape certificate paths in URIs', that fixes selecting files with a space in their name

openvswitch

1780752

New upstream point release:

sssd

1807246

d/p/fix-id-out-of-range-lookup.patch: CACHE_REQ: Do not fail the domain locator plugin if ID outside the domain range is looked up. Thanks to Jakub Hrozek <jhrozek@redhat.com>.

sssd

1793882

d/t/common-tests, d/t/control, d/t/ldap-user-group-krb5-auth, d/t/ldap-user-group-ldap-auth, d/t/login.exp, d/t/util: add DEP8 tests for kerberos and LDAP

deja-dup

1804744

Fix bug preventing restore on a fresh install if you don't also set your current backup location to the old backup.

snapd

1811233

New upstream release,

snapd

1779403

New upstream release,

snapd

1814355

disable systemd environment generator on bionic to fix

Considerable work has been done in Ubuntu 18.04.2 on improving support for many specific items of hardware.

intel-microcode

1778738

Default to early instead of auto, and install all of the microcode, not just the one matching the current CPU, if MODULES=most is set in the initramfs-tools config

amd64-microcode

1778738

Default to 'early' instead of 'auto' in the initramfs-tools hook when building with MODULES=most

lshw

1752523

d/patches/lshw-fix-unknown-version-issue.patch: Cherry pick from upstream.

open-iscsi

1785108

d/net-interface-handler: Apply changes only for the iscsi-root

grub2

1786491

Verify that the current and newer kernels are signed when grub is updated, to make sure people do not accidentally shutdown without a signed kernel.

grub2-signed

1786491

Rebuild against grub2 2.02-2ubuntu8.3 and check kernel is signed on amd64 EFI before installing grub.

linux-meta-gcp

1780923

linux-gcp: add a meta package for the extra modules

linux-oem

1781895

Bluetooth: Redpine: Bionics: L2test transfer is failed to start in Ubuntu 18.04

linux-oem

1782070

Redpine] Upgrades to improve throughput and stability

grub2-signed

1785859

Rebuild against grub2 2.02-2ubuntu8.4

grub2

1785859

debian/patches/ofnet-init-structs-in-bootpath-parser.patch: initialize structs in bootpath parser. Fixes netboot issues on ppc64el.

gnu-efi

1790709

New upstream version 3.0.8.

shim-signed

1790724

Backport shim-signed 1.37 to Ubuntu 18.04.

shim-signed

1778848

debian/shim-signed.postinst: use --auto-nvram with grub-install in case we're installing on a NVRAM-unavailable platform.

shim-signed

1778848

debian/control: bump the dependency for grub2-common to make sure grub-install supports --auto-nvram.

shim-signed

1778848

debian/control: switch the grub-efi-amd64-bin dependency to grub-efi-amd64-signed.

ipxe

1789319

Build ROMs for QEMU with CONFIG=qemu

libglvnd

1782285

rules, libgles2: Add GLESv1 support.

libglvnd

1780039

Always return an error from eglMakeCurrent if EGLDisplay is invalid.

bolt

1786265

New upstream version

bolt

1778020

should resolve issues with devices not being authorized on initial boot e.g in lightdm

open-iscsi

1755858

make iscsid socket activated to only activate it as-needed

ubuntu-drivers-common

1789201

Start before oem-config.service.

open-iscsi

1791108

d/net-interface-handler: replace 'domainsearch' with the correct configuration option 'search' in net-interface-handler

shim-signed

1792575

debian/control: add Breaks: grub-efi-amd64-signed (<< 1.93.7), as the new version of shim exercises a bug in relocation code for chainload that was fixed in that upload of grub, affecting Windows 7, Windows 10, and some netboot scenarios where chainloading is required.

shim-signed

1790724

Backport shim-signed 1.37 to Ubuntu 18.04.

grub2-signed

1792575

Rebuild against grub2 2.02-2ubuntu8.6

grub2-signed

788298

Rebuild against grub2 2.02-2ubuntu8.5

grub2

1792575

debian/patches/linuxefi_fix_relocate_coff.patch: fix typo in relocate_coff() causing issues with relocation of code in chainload.

grub2

1792575

debian/patches/linuxefi_truncate_overlong_reloc_section.patch: The Windows 7 bootloader has inconsistent headers; truncate to the smaller, correct size to fix chainloading Windows 7.

grub2

788298

debian/patches/grub-reboot-warn.patch: Warn when "for the next boot only" promise cannot be kept.

util-linux

1783810

Use getrandom() with GRND_NONBLOCK to avoid hangs in early boot when e.g. the partition is resized. Cherry picked from upstream.

skiboot

1785026

d/opal-prd.logrotate: fix ownership of /var/log/opal-prd.log.

friendly-recovery

1766872

Cleanup lintian warnings.

linux

1796542

Silent data corruption in Linux kernel 4.15

linux

1789746

getxattr: always handle namespaced attributes

linux

1789118

Fails to boot under Xen PV: BUG: unable to handle kernel paging request at edc21fd9

linux

1791569

some nvidia p1000 graphic cards hang during the boot

linux

1783746

ipmmu is always registered

linux

1794889

Bionic update: upstream stable patchset 2018-09-27

linux-kvm

1796542

Silent data corruption in Linux kernel 4.15

linux-kvm

1793841

IP_SET modules not included in kernel build, prevents container functionality

linux-kvm

1789746

getxattr: always handle namespaced attributes

linux-kvm

1789118

Fails to boot under Xen PV: BUG: unable to handle kernel paging request at edc21fd9

linux-kvm

1791569

some nvidia p1000 graphic cards hang during the boot

linux-kvm

1783746

ipmmu is always registered

linux-kvm

1794889

Bionic update: upstream stable patchset 2018-09-27

gdm3

1780076

Add utils-add-new-gdm-disable-wayland-binary.patch, cherry-picked from cosmic.

linux-aws

1796542

Silent data corruption in Linux kernel 4.15

linux-aws

1794175

kyber-iosched module missing from linux-modules package

linux-aws

1789746

getxattr: always handle namespaced attributes

linux-aws

1789118

Fails to boot under Xen PV: BUG: unable to handle kernel paging request at edc21fd9

linux-aws

1791569

some nvidia p1000 graphic cards hang during the boot

linux-aws

1783746

ipmmu is always registered

linux-aws

1794889

Bionic update: upstream stable patchset 2018-09-27

linux-gcp

1796542

Silent data corruption in Linux kernel 4.15

linux-gcp

1789746

getxattr: always handle namespaced attributes

linux-gcp

1789118

Fails to boot under Xen PV: BUG: unable to handle kernel paging request at edc21fd9

linux-gcp

1791569

some nvidia p1000 graphic cards hang during the boot

linux-gcp

1783746

ipmmu is always registered

linux-gcp

1794889

Bionic update: upstream stable patchset 2018-09-27

linux-oem

1796542

Silent data corruption in Linux kernel 4.15

grub2

1785033

debian/patches/0001-i386-linux-Add-support-for-ext_lfb_base.patch: Add support for ext_lfb_base.

grub2-signed

1785033

Rebuild against grub2 2.02-2ubuntu8.7

linux-azure

1798185

Enable CONFIG_INFINIBAND_USER_MAD

linux-azure

1798185

Enable CONFIG_INFINIBAND_USER_MAD

linux-azure

1796542

Silent data corruption in Linux kernel 4.15

linux-azure

1789746

getxattr: always handle namespaced attributes

linux-azure

1789118

Fails to boot under Xen PV: BUG: unable to handle kernel paging request at edc21fd9

linux-azure

1791569

some nvidia p1000 graphic cards hang during the boot

linux-azure

1783746

ipmmu is always registered

linux-azure

1794889

Bionic update: upstream stable patchset 2018-09-27

s390-tools

1777600

zdev: Adjust zdev modprobe path to be compatible with split-usr systems.

s390-tools

1794308

zdev: Trigger generic_ccw devices on any kernel module loads.

secureboot-db

1776996

Backport secureboot-db from cosmic to apply the August 2016 dbx updates from Microsoft.

mokutil

1797011

Backport mokutil 0.3.0+1538710437.fb6250f-0ubuntu2 to 18.04.

parted

1798675

debian/patches/Read-NVMe-model-names-from-sysfs.patch: Expose NVMe model names when available instead of the generic "NVMe Device" string.

kmod

1786574

Remove i2c_i801 from d/modprobe.d/blacklist.conf.

ubuntu-drivers-common

1797147

Improve pid detection, and restore the default pci power control profile in performance mode.

nvidia-prime

1797147

Give udev the time to add the drm device. Fixes a race condition that causes problems when using lightdm and sddm.

shim-signed

1726803

Don't fail non-interactive upgrade of nvidia module and module removals

linux-oem

1800770

Thunderbolt runtime D3 and PCIe D3 Cold support

linux-azure

1722226

linux-azure: fix systemd ADT test failure

grub2

1784363

debian/default/grub.md5sum: add entry for 2.02-2ubuntu8.7; to force an update of /etc/default/grub back to the correct timeout value of 0 if the file has otherwise not been edited by the user.

grub2

1788727

debian/grub-check-signatures: Handle the case where we have unsigned vmlinuz and signed vmlinuz.efi.signed.

grub2-signed

1784363

Rebuild against grub2 2.02-2ubuntu8.9

grub2-signed

1788727

Rebuild against grub2 2.02-2ubuntu8.9

bolt

1798014

New upstream version

bolt

1800715

use -Dprivileged-group=sudo, the admin group is not 'wheel' for us

linux-aws

1801305

Restore request-based mode to xen-blkfront for AWS kernels

fwupd

1791999 1768627 1719797

Restrict libsmbios-dev to x86 architectures

linux-gcp-edge

1796647

Shared folders cannot be mounted in ubuntu/cosmic64 due to missing vbox modules

open-iscsi

1802354

d/iscsi-disk.rules, d/rules: Add a udev rule so that iscsid.service will be started when iscsi disks are attached.

usbmuxd

1778767

backport some fixes for missing udev events on new kernel which were leading to the service not restarting after disconnecting and reconnecting a device. Thanks Leo Soares for suggesting a first version of the backport

hwdata

1755490

Change PNP vendor name for GSM to LG Electronics

open-iscsi

1807978

debian/iscsi-disk.rules: Fix bug with LVM on top of iscsi devices.

open-iscsi

1806777

debian/extra/initramfs.local-top: handle iSCSI iBFT DHCP to correctly run ipconfig to gather all DHCP config info, including DNS search domain, which iBFT can't provide.

lxd

1804876

New upstream bugfix release

e2fsprogs

1807288

debian/patches/0001-libext2fs-fix-regression-so-we-are-correctly- transla.patch: cherry-pick upstream fix so we are correctly translating acls in mkfs.ext4. Closes

initramfs-tools

1802591

scripts/functions: include a new option to skip enslaved network devices. Include the new variable NETWORK_SKIP_ENSLAVED. When set to a value different than "0", this variable will cause any enslaved network devices to be skipped from the list of netbootable devices. This variable can be set via the configuration files under /etc/initramfs-tools/ or via any configuration file under the initrd directory /conf/conf.d/ via a hook script.

rdma-core

1794825

Drop to avoid issues with the sysV to systemd wrapper starting the service instead of the socket

linux-oracle

1802591

Skip enslaved devices during boot

linux-firmware

1808528

Update linux-firmware in bionic for 18.10 hwe kernel

util-linux

1784347

debian/patches/support_alternate_partition_sep.patch: support alternate partition separators. Common cases of no separator, using "p" only, and "-part" (the only previously supported), are covered now, which should let fdisk show partitions in a way closer to reality on most systems. Patch from Kyle Mahlkuch, with changes by Karel Zak.

irqbalance

1811655

Added aarch64-log-spam preventing syslog spam on small aarch64 systems which lack a PCI bus (e.g. rpi3b, rpi3b+).

flash-kernel

1764491

Add Raspberry Pi 3 Model B+ to the db.

flash-kernel

1811216

Modify the Pi 3 boot.scr addresses to fit a bigger kernel, prepare separate versions for armhf and arm64.

linux-meta-hwe

1798352

linux-snapdragon: missing meta packages for this flavour

livecd-rootfs

1805668

More changes for raspi3 build support:

livecd-rootfs

1805668

Another batch of cherry-picks for raspi3 support

u-boot

1805668

Backport to bionic.

grub2

1789918

debian/grub-check-signatures: check kernel signatures against keys known in firmware, in case a kernel is signed but not using a key that will pass validation, such as when using kernels coming from a PPA.

grub2

1812863

debian/patches/mkconfig_leave_breadcrumbs.patch: make sure grub-mkconfig leaves a trace of what files were sourced to help generate the config we're building.

grub2

1800722

debian/patches/quick-boot-lvm.patch: If we don't have writable grubenv and we're on EFI, always show the menu. Closes

linux

1813663

External monitors does not work anymore 4.15.0-44

thermald

1803360

Honor ACPI _CRT for processor thermal zone There are some new fanless platforms use DPTF's virtual sensor instead of INT340X devices. Because of that, the _PSV is no longer in use, at least not directly, hence its value may set higher then _CRT. To a fanless system that means no cooling device gets activated before _CRT, so the system will be considered overheated by Linux kernel, and gets shutdown by the kernel. Upstream fixes:

kmod

1802689

Add i2c_i801 back to d/modprobe.d/blacklist.conf again due to regressions.

e2fsprogs

1798562

d/patches/0001-resize2fs-update-checksums-in-the-extent-tree-s-relo.patch: do the checksum update later in extent tree relocated block to denote the inode number change, otherwise the checksum update might be done in the old copy of the block.

linux-oem

1813663

External monitors does not work anymore 4.15.0-44

linux-oem

1811777

Fix non-working pinctrl-intel

linux-oem

1811929

Fix not working Goodix touchpad

Unsorted changes

python-wadllib

1729754

Fix MIME encoding of binary parts.

guile-2.0

1780996

Convert triggers to noawait (Closes: #903915)

dpdk

1784816

Make DPDK LTS release available in Bionic

open-vm-tools

1784638

Merge with Upstream Tag stable-10.3.0 from https://github.com/vmware/open-vm-tools/releases/tag/stable-10.3.0 Remaining changes:

gpgme1.0

1762384

Make debian/libgpgme-dev.links executable, it uses dh-exec

packagekit

1722185

Fix debconf interaction

base-files

1134036

Install locale-check command to /usr/bin and invoke it from /etc/profile.d/01-locale-fix.sh to ensure locale related environment variables are set to valid values.

cryptsetup

1651818

Apply patch from Trent Nelson to fix cryptroot-unlock for busybox compatibility.

clamav

1792051

debian/clamav-daemon.config.in: fix infinite loop during dpkg-reconfigure

python3.6

1792143

SRU: Update Python 3.6 to the recent subminor release.

python3.6

1768644

Don't inject dpkg's compiler specs into distutils.

python-pylxd

1775238

d/control: Add python(3)-requests-toolbelt to python(3)-pylxd Depends and python3-requests-unixsocket to python3-pylxd Depends. Also set min version of toolbelt globally.

appstream

1792537

cache-explicit-variants.patch: fix crash when upgrading from bionic to cosmic

gcc-defaults

1769657

SRU: Bump GCC 8 based versions to 8.2.0.

gcc-8-cross

1769657

SRU: Build using gcc 8.2.0-1ubuntu2

gcc-8

1769657

SRU: Update the package to the current version in cosmic.

gcc-7

1769657

SRU: Update the package to the current version in cosmic.

gcc-7

1721355

Update the gcc-foffload-default patch.

cross-toolchain-base

1769657

SRU:

gcc-7-cross

1769657

SRU: Build using 7.3.0-18ubuntu0.1.

binutils

1769657

SRU:

binutils

1763098

Fix PR gprof/23056, memory corruption in gprof.

binutils

1763096

Fix PR binutils/23054, memory corruption in as.

binutils

1763094

Fix PR ld/23055, memory corruption in ld.

plymouth

1767918

debian/patches/git_ensure_tty_closed_0a662723.patch: ensure tty is closed on deactivate.

apparmor

1788929

disallow writes to thumbnailer dir

apparmor

1794848

disallow access to the dirs of private files

apturl

1338482

really* work

golang-1.10

1794395

Backport to 18.04.

man-db

1785414

Backport seccomp sandbox improvements from 2.8.4:

packagekit

1790613

Pass --no-restart-after-upgrade to dh_installsystemd to avoid PackageKit restarting while upgrading under PackageKit

packagekit

1795614

debian/patches/frontend-locking.diff: Implement frontend locking in a simple way. Will need some more work to upstream, and possibly some error checking.

packagekit

1790671

debian/patches/aptcc-Fix-invalid-version-dereference-in-AptInf-prov.patch, aptcc-removing-duplicate-delete-call.patch: Fix invalid dereference and delete wrong (duplicate) "delete" statement in providesCodec

apt

1796808

Set DPKG_FRONTEND_LOCKED when running {pre,post}-invoke scripts. Some post-invoke scripts install packages, which fails because the environment variable is not set. This sets the variable for all three kinds of scripts {pre,post-}invoke and pre-install-pkgs, but we will only allow post-invoke at a later time.

apt

1787120

Support records larger than 32kb in 'apt show' (Closes: #905527)

apt

1781169

Add support for dpkg frontend lock (Closes: #869546)

apt

1794957

http: Stop pipeline after close only if it was not filled before

apt

1794053

pkgCacheFile: Only unlock in destructor if locked before

python-apt

1795407

Frontend locking and related locking improvements

dpkg

1796081

Apply patch from upstream to add frontend locking:

distro-info-data

1800656

Add Ubuntu 19.04 Disco Dingo.

valgrind

1781128

Apply post 3.13 PPC64 related patches.

clamav

1783632

SECURITY REGRESSION: clamav-daemon fails to start due to options removed in new version and manually edited configuration file.

packagekit

1552792

Correct autoremove behaviour to only autoremove packages that relate to the current transaction

sosreport

1803735

d/p/dont-collect-some-tracing-instance-files.patch:

sosreport

1775195

New 3.6 upstream release. major enhancements to core features and existing plugins:

dh-golang

1794936

d/patches/0001-Fix-index-out-of-range-when-using-gccgo.-Closes-9072.patch: backport fix for building with gccgo from debian.

python-wsme

1805125

d/control: Correct dependency on python3-netaddr for python3-wsme, avoiding needless install of Python 2.

python-memcache

1802487

d/p/py2-perf.patch: Cherry pick fix to use native C implementation for pickle under Python 2, resolving issues with performance degradation.

tmux

1766942

d/p/tmux-pane-border-status-leak.patch: Fixed memory leak in screen_redraw_make_pane_status (upstream fix).

livecd-rootfs

1805497

Include snaps in image manifests

debootstrap

1773496

For (Ubuntu) releases disco+ default to MERGED_USR=yes, -k extract option.

tar

1809827

backport "Fix the --add-file option." upstream commit, thanks Martin Vogt

llvm-toolchain-7

1798597

Backport to bionic for 18.04.2 HWE stack update.