[Ksplice][Ubuntu-16.04-Updates] New Ksplice updates for Ubuntu 16.04 Xenial (USN-3932-1)
Oracle Ksplice
ksplice-support_ww at oracle.com
Wed May 29 08:51:19 PDT 2019
Synopsis: USN-3932-1 can now be patched using Ksplice
CVEs: CVE-2017-18249 CVE-2017-5753 CVE-2018-13096 CVE-2018-13097 CVE-2018-13099 CVE-2018-13100 CVE-2018-14610 CVE-2018-14611 CVE-2018-14612 CVE-2018-14614 CVE-2019-3459 CVE-2019-3460 CVE-2019-3701 CVE-2019-3819 CVE-2019-6974 CVE-2019-7221 CVE-2019-7222 CVE-2019-9213
Systems running Ubuntu 16.04 Xenial can now use Ksplice to patch
against the latest Ubuntu Security Notice, USN-3932-1.
INSTALLING THE UPDATES
We recommend that all users of Ksplice Uptrack running Ubuntu 16.04
Xenial install these updates.
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.
Alternatively, you can install these updates by running:
# /usr/sbin/uptrack-upgrade -y
DESCRIPTION
* CVE-2019-6974: Use-after-free in KVM device creation.
A reference count manipulation error when creating a KVM device can result in
an early free, leading to a use-after-free. A local user with access to KVM
could use this flaw to cause a kernel crash or potentially escalate privileges.
* CVE-2019-7222: Information disclosure in KVM VMX emulation.
Incorrectly handling a page fault exception while emulating VMX instructions
can result in leaking host stack information to a guest. A guest VM could use
this flaw to facilitate a further attack on the host.
* CVE-2019-3459: Information leak when processing L2CAP options controlled by an attacker.
Missing checks on options lengths when processing L2CAP options could lead
to an information leak. A local attacker could use this flaw to leak
information about running kernel and facilitate an attack.
* CVE-2018-14612: NULL pointer dereference when using btrfs image with missing group items.
A missing check when using a crafted btrfs image with an unbalanced
number of chunks and groups could lead to a NULL pointer dereference. A
local attacker could use this flaw to cause a denial-of-service.
* Out-of-bounds access when locking/unlocking file over CIFS/SMB2.
When modifying lock structures on a CIFS/SMB2 remote mount, an
abnormally small max buffer size provided by the server could result in
an access out-of-bounds, potentially resulting in a denial-of-service.
* Deadlock when using fiemap ioctl on ext4 file with inline data.
When calling the fiemap() ioctl on an ext4 file with inline data, a
potential deadlock can occur if the call happens to generate a page
fault, resulting in a denial-of-service.
* CVE-2019-3701: Denial-of-service in CAN controller.
Missing sanity checking in the Controller Area Network driver can allow
a malicious user to write arbitrary bits into the CAN device's I/O
memory, resulting in a system crash and denial-of-service.
* CVE-2018-13097: Out-of-bounds access in superblock of F2FS filesystem.
A missing check in code handling superblock of F2FS filesystem could
lead to an out-of-bounds access or a divide by zero error. A local
attacker could use this flaw to cause a denial-of-service.
* CVE-2018-13100: Denial-of-service when mounting a crafted F2FS image with an invalid secs_per_zone.
A missing check when mounting a crafted F2FS image with an invalid
secs_per_zone could lead to a divide by zero error. A local attacker
could use this flaw to cause a denial-of-service.
* CVE-2018-13096: Out-of-bounds access when mounting F2FS image.
A logic error when mounting a specially crafted F2FS image with an
abnormal bitmap size could lead to an out-of-bounds access. A local
attacker could use this flaw to cause a denial-of-service.
* CVE-2018-13099: Use-after-free in F2FS inline inodes.
Missing error checking for F2FS inline inodes could result in a
use-after-free and kernel crash. A user with the ability to mount
filesystems could use a maliciously crafted filesystem image to crash
the system or potentially, escalate privileges.
* Information disclosure in IPv6 error reporting.
A failure to clear memory in the IPv6 error reporting implementation can result
in the leak of sensitive kernel information to userspace. A local user could
use this flaw to facilitate a further attack.
* Denial-of-service in AF_PACKET refcount manipulation.
A failure to correctly decrement a refcount in the AF_PACKET implementation can
result in the inability to unload Infiniband kernel modules.
* Kernel crash in IPv6 header read.
A logic error when reading from queued IPv6 packet headers can result in an
assertion failure, leading to a kernel crash.
* Kernel crash in IPsec authenticated encryption request completion.
A logic error in the authenticated encryption implementation for IPsec can
result in a NULL pointer dereference, leading to a kernel crash.
* Out-of-bounds memory access in authenticated encryption key parsing.
A logic error when reading unaligned keys for authenticated encryption can lead
to an integer underflow and result in a out-of-bounds memory access, leading to
a kernel crash. A local user could use this flaw to cause a denial-of-service.
* Undefined behavior during BTRFS filesystem umount.
A race condition when destroying extents can result in assertion failures when
unmounting a BTRFS filesystem, leading to undefined behavior.
* Use-after-free in Yama ancestry walk.
A race condition in the Yama security module can result in attempting to access
a freed process. A local user could use this flaw to cause a kernel crash or
potentially escalate privileges.
* NULL pointer dereference when freeing credential.
A missing NULL pointer check during a credential free could result in a kernel
crash.
* Use-after-free in V4L2 video buffer management.
A race condition when duplicating a file descriptor for a video buffer can
result in accessing released memory. A local user with access to a V4L2 device
could use this flaw to cause undefined behavior or a kernel crash.
* NULL pointer dereference in sunrpc portmapper request.
A failure to handle a memory allocation failure in the sunrpc implementation
can result in a NULL pointer dereference, leading to a kernel crash.
* Kernel crash during invalid SELinux policy load.
A failure to handle errors during the load of an SELinux policy can result in a
kernel crash.
* Information disclosure in SCTP socket address allocation.
A failure to correctly sanitise an SCTP socket memory allocation can result in
sensitive information being disclosed to userspace. A local user could use this
flaw to facilitate a further attack.
* Denial-of-service in OCFS2 when mounting image with unrecovered alloc.
When mounting an OCFS2 filesystem inage with an unrecovered local alloc
in its journal, an invalid kernel assertion casuses a panic when the
image should actually be recoverable with an ocfs2.fsck run.
* Data loss when performing fsync affecting multiple filesystem.
Incorrect error handling in writeback error when performing fsync on
memory-mapped file results in metadata corruption. This could lead to
inadvertent data loss.
* Use-after-free when packet SKB pointer changes.
If the pskb_trim_rcsum function changes a packet's SKB pointer, certain
fields in the packet header become stale. If the kernel attempts to
access some of these fields, it can result in a use-after-free. This
could potentially be exploited to cause unexpected behavior or a
denial-of-service.
* Out-of-bounds access in Open vSwitch when parsing flow attributes.
A logic error in __parse_flow_nlattrs can result in an out-of-bounds
read. A remote attacker could potentially craft network traffic to
exploit this flaw, which could then cause a system to exhibit unexpected
behavior.
* Memory leak while dismantling network namespaces.
Under certain circumstances, it is possible for the kernel to fail to
properly flush error route objects when tearing down a network
namespace, causing these objects to be leaked. A local attacker could
potentially exploit this flaw to waste system resources and degrade
performance.
* Packet filters break after changing certain settings.
Modifying packet filters in a specific manner can cause some filters
to stop working unexpectedly. This could cause a system to exhibit
undesirable behavior.
* Incorrect MTU limit check in bridge device packet forwarding path.
A logic error in the bridge device packet forwarding path can cause
packets that exceed that device's MTU to be forwarded without first
being split into smaller pieces. This could cause unexpected
behavior for users of the bridge device.
* Improved fix for CVE-2017-5753: Spectre v1 vulnerability in ACP Modem driver.
A user-controlled value is used to index an array in the ACP Modem
driver. This flaw could be exploited using a Spectre v1 style attack to
leak information about the running system.
* Use-after-free when truncating on F2FS object.
When truncating a node on a Flash-Friendly File System, a race condition
result in the use-after-free of a page structure, resulting in potential
memory corruption or a denial-of-service.
* Invalid memory access in L2TP during receive.
A failure to properly account for all optional fields in a L2TPv2
header could result in an out-of-bounds memory access in the L2TP code.
This could be potentially exploited to cause a denial-of-service attack.
* Denial-of-service in ROSE transmit with internally generated frames.
A missed NULL check in the rose transmit code could result in a NULL
pointer access and subsequent kernel panic. This could be used to
cause a denial-of-service.
* Use-after-free in OOM process killing.
A race condition in the OOM code could result in a use-after-free
if the process to be killed exits before it is killed. This could
be exploited for a denial-of-service.
* Improved fix for CVE-2017-5753: Speculative execution in DRM legacy buffer free.
The DRM legacy buffer management implementation is vulnerable to a Spectre
variant 1 side-channel attack. A local user could use this flaw to read
arbitrary kernel memory.
* Information disclosure in Precision Time Protocol offset ioctl.
A failure to handle an error case can result in kernel stack memory being
leaked to userspace. A local user could use this flaw to facilitate a further
attack.
* Denial-of-service in NFSv4 startup.
A race condition between nfsd starting an userspace configuring it can result
in a NULL pointer dereference, leading to a kernel crash. A local user with the
ability to configure NFS could use this flaw to cause a denial-of-service.
* Denial-of-service in UDF extent parsing.
A failure to validate extent information from a UDF filesystem can result in an
assertion failure, leading to a kernel crash. A local user with the ability to
mount a UDF filesystem could use this flaw to cause a denial-of-service.
* Deadlock in DRBD handshake synchronisation.
Incorrect locking when performing a handshake in DRBD can result in a deadlock.
* Information disclosure in seqfile string buffer construction.
A failure to terminate a string buffer in the seqfile buffer interface can
result in disclosure of sensitive information from the kernel stack. A local
user could use this flaw to facilitate a further attack.
* Denial-of-service in CIFS directory opening.
A race condition between multiple threads opening and closing a directory can
result in a NULL pointer derefernce, leading to a kernel crash. A local user
with access to a CIFS filesystem could use this flaw to cause a
denial-of-service.
* Kernel crash due to race condition when reading blocks in OCFS2.
Unnecessary synchronization of buffers when reading blocks in OCFS2
could in fact result in a race condition and kernel assertion failure,
causing a system crash.
* Memory leak in FUSE splice write.
A failure to lock a pipe when performing a splice write in FUSE can result in a
memory leak.
* Denial-of-service in FUSE retrieval notification.
A failure to check for a zero number of pages to retrieve in the FUSE
filesystem can result in a NULL pointer dereference, leading to a kernel crash.
A local user could use this flaw to cause a denial-of-service.
* Denial-of-service when encrypting Wi-Fi packets for transmission.
An out-of-bound write when transmitting encrypted management packet in
the mac80211 subsystem could lead to a denial-of-service on certain
systems where the driver relies on software encryption.
* Denial-of-service in the batman-adv subsystem.
An out-of-bound access in kernel memory is possible when
transmitting packets through raw socket in the batman-adv
routing protocol. An unprivileged local user with CAP_NET_RAW
capability could possibly exploit this flaw to cause a
denial-of-service.
* NULL pointer dereference in VMWare vsock destruction.
A failure to check for initialization failure when destroying a VMWare vsock
can result in a NULL pointer dereference, leading to a kernel crash.
* Kernel crash in IPv4 TCP unreachable destination error handling.
A race condition when processing a destination unreachable ICMP message in a
TCP stream can result in a NULL pointer dereference, leading to a kernel crash.
* Use-after-free during Vxlan device dismantle.
A failure to correctly clear incoming packets from buffers when dismantling a
Vxlan device can result in a use-after-free.
* Kernel crash in STMMAC Energy Efficient Ethernet configuration.
A race condition when enabling Energy Efficient Ethernet in the STMMAC driver
can result in accessing an uninitialized timer, leading to a kernel crash.
* CVE-2019-3460: Information leak when parsing L2CAP options received from userspace.
Missing checks when parsing L2CAP option received from userspace could
lead to an information leak. A local attacker could use this flaw to
leak information about running kernel and facilitate an attack.
* CVE-2019-9213: Bypass of mmap_min_addr restriction.
An incorrect capability check in the mmap memory expansion implementation can
result in applications being able to bypass the minimum mmap address
restriction. A local user on a system without SMAP enabled could use this flaw
to exploit kernel NULL pointer dereferences.
* Incorrect error checking in btrfs_mark_buffer_dirty causes spurious BUG.
Overzealous error checking in btrfs_mark_buffer_dirty can cause a BUG
and denial-of-service when the system was in fact operating correctly.
* CVE-2018-14610: Denial-of-service due to invalid BTRFS chunk block mappings.
A failure to validate chunk and block mappings during mount of a BTRFS
filesystem can result in a kernel crash. A local user with the ability
to mount a BTRFS filesystem could use this flaw to cause a
denial-of-service.
* CVE-2018-14611: Use-after-free when reading invalid BTRFS chunk.
A failure to validate the type of a BTRFS chunk can result in a
use-after-free. A local user with the ability to mount a crafted BTRFS
filesystem could use this flaw to potentially escalate privileges.
* Denial-of-service when reading from corrupted Btrfs filesystem.
Lack of validation when reading data into readahead cache from a
corrupted Btrfs filesystem could trigger a kernel panic. An
attacker can craft a malicious Btrfs image to exploit this
vulnerability and cause a denial-of-service.
* CVE-2018-14614: Out-of-bounds access when removing dirty segment in F2FS filesystem.
A logic error when removing dirty segment in F2FS filesystem could lead
to an out-of-bounds access. A local attacker could use this flaw to
cause a denial-of-service.
* CVE-2017-18249: Denial-of-service when handling node ids in F2FS filesystem.
A race condition in the way node ids are handled in F2FS filesystem
could lead to a denial-of-service. A local attacker could use this flaw
to cause a denial-of-service.
* Denial-of-service when building SIT entries in F2FS filesystem.
A missing check when building SIT entries in F2FS filesystem could lead
to an invalid memory access. A local attacker could use this flaw to
cause a denial-of-service.
* Undefined behavior in Transparent Interprocess Communication Protocol implementation.
Multiple instances of validation failures in the TIPC driver can result in the
kernel operating on uninitialized memory, leading to undefined behaviour or a
kernel crash. A local user could use this flaw to cause a denial-of-service.
* Kernel crash in loopback device file descriptor configuration.
A locking error in the loopback device implementation can lead to a NULL
pointer dereference, leading to a kernel crash. A local user with access to a
loopback device could use this flaw to cause a denial-of-service.
* Use-after-free during modular ISDN device close.
A race condition when removing timers during close of a modular ISDN device
could result in a use-after-free. A local user with the ability to configure a
modular ISDN device could use this flaw to cause a kernel crash or potentially
escalate privileges.
* Denial-of-service in the KVM subsystem.
A bug in the timer interrupt handling in KVM LAPIC subsystem
allows a guest VM to cause large amount of delay in the host
system. A malicious user with control over a guest VM could
exploit this vulnerability to cause a denial-of-service.
* Denial-of-service during block cipher encryption.
Out-of-bound access in the crypto subsystem when encrypting a block
leads to a kernel crash. An unprivileged local user could exploit this
using the userspace crypto API and cause a denial-of-service.
* Denial-of-service when configuring capture from Vivid device.
A missing validation during the configuration of Vivid video input
device leads to a division-by-zero error. An unprivileged local
attacker could exploit this to cause a denial-of-service.
* Denial-of-service in DCCP socket options.
A NULL pointer dereference in the Datagram Congestion Control
Protocol (DCCP) implementation could allow a local user to cause
a denial-of-service and, when combined with other vulnerabilities,
escalate privilege.
* Denial-of-service in smsc95xx USB ethernet driver.
A buffer overflow when transmitting a packet in the smsc95xx
USB ethernet driver could lead to kernel panic and cause a
denial-of-service.
* Packet loss on ingress on an unmanaged L2TP over IP tunnel interface.
A missing check when receiving packets on an unmanaged L2TP over IP
tunnel interface could lead to packet loss.
* CVE-2019-3819: Deadlock in HID debug events read.
A logic error when reading HID debug events can result in the kernel entering
an infinite loop, leading to a system lock up. A privileged user could use this
flaw to cause a denial-of-service.
* CVE-2019-7221: Use-after-free in nested KVM preemption timer.
A failure to cancel a nested KVM timer before freeing it can result in a
use-after-free. A guest VM could use this flaw to crash the host.
* Double free when setting termios and modem status in Old ISDN4Linux driver.
A locking error when setting termios and modem status in Old ISDN4Linux
driver could lead to a double free. A local attacker could use this flaw
to cause a denial-of-service.
* NULL pointer dereference when resetting InfiniBand SCSI RDMA devices.
A logic error when resetting InfiniBand SCSI RDMA devices could lead to
a NULL pointer dereference. A local attacker could use this flaw to cause a
denial-of-service.
* Denial-of-service when a process request a key without subscribing to any keyring.
A missing initialization when a process request a key without
subscribing to any keyring could lead to a kernel assert. A local
attacker could use this flaw to cause a denial-of-service.
* NULL pointer dereference when using SIT driver with IPV6 disabled.
A missing check when using SIT driver with IPV6 disabled could lead to a
NULL pointer dereference. A local attacker could use this flaw to cause
a denial-of-service.
* Information disclosure in ALSA SoC dynamic power management debugfs interface.
Incorrect string handling in the ALSA SoC dynamic power management debugfs
interface can result in the copy of uninitialised kernel memory to userspace.
* Kernel crash in Chelsio FCoE remote port registration.
A race condition between allocating a virtual node port and setting its state
can result in a NULL pointer dereference, leading to a kernel crash.
* Denial-of-service in mac80211 Tunneled Direct Link Setup.
A race condition between associating a station with an Access Point and
initializing a Tunneled Direct Link Setup can result in a warning. A local user
with the ability to configure a mac80211 device could use this flaw to flood
the kernel message buffer, leading to a denial-of-service.
* SMAP bypass during user memory copy.
A logic error when copying information to userspace can result in kernel code
executing without SMAP protection.
* Memory leak when registering a kobject associated to a net device.
A missing free of resources when registering a kobject for a net device
fails could lead to a memory leak. A local attacker could use this flaw
to exhaust kernel memory and cause a denial-of-service.
* Memory leak when unregistering an Ethernet team driver.
A missing free of a BPF filter when unregistering an Ethernet team
driver could lead to a memory leak. A local attacker could use this flaw
to exhaust kernel memory and cause a denial-of-service.
* NULL pointer dereference when registering an NFC device.
A missing check when registering an NFC device could lead to a NULL
pointer dereference. A local attacker could use this flaw to cause a
denial-of-service.
* Out-of-bounds memory accesses when using netlabel subsystem.
Logic errors when using netlabel subsystem could lead to out-of-bounds
memory accesses. A local attacker could use this flaw to cause a
denial-of-service.
* Denial-of-service when adding a multicast forwarding entry in IPV6.
A logic error when adding a multicast forwarding entry in IPV6 could
lead to a deadlock. A local attacker could use this flaw to cause a
denial-of-service.
* Integer overflow when setting socket timeout while IP virtual server is enabled.
The setsockopt syscall can accept negative values for timeout,
potentially resulting in an integer overflow and undefined behavior
while IP virtual server is enabled.
* Data corruption when terminating VM attached to IOMMU.
When terminating a virtual machine using an IOMMU device, the device's
memory page entries are not properly marked as invalid, potentially
resulting in corruption.
* NULL-pointer dereference when mounting NFS filesystem with missing device name.
Mounting an NFS filesystem with a missing device name could result in
the NULL device name pointer being dereferenced, resulting in a kernel
oops and denial-of-service.
* Memory leak when creating client in Plan 9 Resource Sharing Support driver.
A wrong error handling when creating client in Plan 9 Resource Sharing
Support driver could lead to a memory leak. A local attacker could use
this flaw to cause a denial-of-service.
* Use-after-free when opening trace_pipe in trace filesystem.
A logic error in error path when opening trace_pipe in trace filesystem
could lead to a use-after-free. A local attacker could use this flaw to
cause a denial-of-service.
* Deadlock when releasing commands in Linux-iSCSI.org iSCSI Target Mode Stack driver.
A locking error when releasing commands in Linux-iSCSI.org iSCSI Target
Mode Stack driver could lead to a deadlock. A local attacker could use
this flaw to cause a denial-of-service.
* Divide by zero error when mounting a corrupted BTRFS image.
A logic error when mounting a corrupted BTRFS image could lead to a
divide by zero error. A local attacker could use this flaw with a
crafted BTRFS image to cause a denial-of-service.
* Denial-of-service during online resizing with EXT4 filesystems.
A missing check during online resizing with EXT4 filesystems could lead
to a kernel assert. A local attacker could use this flaw to cause a
denial-of-service.
* Invalid memory access when mapping vmalloc pages to userspace.
A logic error when mapping vmalloc pages to userspace while guard page
is enabled could lead to an invalid memory access. A local attacker
could use this flaw to cause a denial-of-service.
* Memory corruption during NFSv3 readdir request.
A logic error during NFSv3 readdir request could lead to a memory
corruption or an invalid memory access. A local attacker could use this
flaw to cause a denial-of-service.
* Out-of-bounds access when getting netfilter tables entries.
A missing null termination of strings when getting netfilter tables
entries could lead to an out-of-bounds access. A local attacker could
use this flaw to cause a denial-of-service.
* Memory leak when failing to add NFS requests to the I/O queue.
Missing free of resources when failing to add NFS requests to the I/O
queue could lead to a memory leak. A local attacker could use this flaw
to exhaust kernel memory and cause a denial-of-service.
* Improved fix for Spectre v1: Bounds-check bypass when using Applicom intelligent fieldbus card.
An array access when using Applicom intelligent fieldbus card driver
could lead to userspace controlled arbitrary out-of-bounds speculation.
This could serve as a side-channel leaking privileged memory into
userspace.
* NULL pointer dereference when allocating a Netfilter NFACCT over NFNETLINK interface.
A missing check when allocating a Netfilter NFACCT over NFNETLINK
interface could lead to a NULL pointer dereference. A local attacker
could use this flaw to cause a denial-of-service.
* Out-of-bounds access when parsing TCP options in netfilter TCP connection tracking driver.
A missing check when parsing TCP options in netfilter TCP connection
tracking driver could lead to an out-of-bounds access. A local
attacker could use this flaw to cause a denial-of-service.
* Information leak when checking keys through /proc/keys.
An invalid check on current credentials when checking /proc/keys could
let an user list all the keys of the system. A local attacker could use
this flaw to facilitate an attack.
* Undefined behavior when using IPv6 Rapid Deployment.
A missing check when using IPv6 Rapid Deployment could lead to an
undefined behavior. A local attacker could use this flaw to cause a
denial-of-service.
* Use-after-free when handling device status changes in X.25 Packet Layer.
A logic error when handling device status changes in X.25 Packet Layer
could lead to a use-after-free. A local attacker could use this flaw to
cause a denial-of-service.
* Denial-of-service when binding sockets in X.25 Packet Layer driver.
A logic error when binding sockets in X.25 Packet Layer driver could lead to a
deadlock. A local attacker could use this flaw to cause a denial-of-service.
* Memory leak when destructing PPP over IPv4 socket.
A reference count issue when destructing PPP over IPv4 socket could lead
to a memory leak. A local attacker could use this flaw to exhaust kernel
memory and cause a denial-of-service.
* Resource leak when deleting FIB nexthop exception.
When removing an entry from the FIB nexthop exception table, a race
condition might cause the destination device structure to become leaked,
potentially resulting in system instability or a denial-of-service.
* Permissions bypass setting mode on ipvlan slave devices.
The CAP_NET_ADMIN permission is not properly enforced for some on ipvlan
slave devices, potentially allowing a malicious user to change device
mode for other devices in the same ipvlan group.
* Denial-of-service when deleting VXLAN device.
If a packet is received on a VXLAN device while it is being deleted, a
race condition might cause an invalid pointer dereference, resulting in
a kernel crash and denial-of-service.
* Denial-of-service when using High-availability Seamless Redundancy driver.
A wrong usage of kernel timers when using High-availability Seamless
Redundancy driver could lead to a kernel assert. A local attacker could
use this flaw to cause a denial-of-service.
* Denial-of-service when using System Trace Module driver.
Multiple errors when using System Trace Module driver could lead to a
divide by zero or deadlock. A local attacker could use this flaw to
cause a denial-of-service.
* NULL pointer dereference when using Intel(R) Trace Hub controller.
A logic error when using Intel(R) Trace Hub controller could lead to a
NULL pointer dereference. A local attacker could use this flaw to cause
a denial-of-service.
SUPPORT
Ksplice support is available at ksplice-support_ww at oracle.com.
More information about the Ksplice-Ubuntu-16.04-updates
mailing list