# Last update included in this point release is TODO
||<tablestyle="float:right; font-size: 0.9em; width:40%; background:#F1F1ED; margin: 0 0 1em 1em;" style="padding:0.5em;"><<TableOfContents>>||

This is a brief summary of bugs fixed between Ubuntu 18.04.1 and 18.04.2.  '''This summary covers only changes to packages in ''__main__'' and ''__restricted__'', which account for all packages in the officially-supported CD images; there are further changes to various packages in ''universe'' and ''multiverse''.'''  Some of these fixes were by Ubuntu developers directly, while others were by upstream developers and backported to Ubuntu.  For full details, see the individual package changelogs.

In addition to the bugs listed below, this update includes all security updates from the [[https://usn.ubuntu.com/releases/ubuntu-18.04-lts/|Ubuntu Security Notice list]] affecting Ubuntu 18.04 LTS that were released up to and including February 4, 2019.  The last update included was USN-3871-3 (Linux kernel vulnerabilities).

== Installation bug fixes ==

Updated CD images are provided with this release, including fixes for some installation bugs.  (Many installation problems are hardware-specific; for those, see "Hardware support bugs" below.)

|| console-setup || Bug:1762952 || keyboard-configuration.config: While sourcing config files to re-seed debconf, load missing variables as empty values of same ||
|| console-setup || Bug:1762952 || keyboard-configuration.{config,templates}: There is no good default for layout toggling, stop pretending there is.  Console users can set one with dpkg-reconfigure or editing /etc/defaults/keyboard ||
|| livecd-rootfs || Bug:1302192 || generate all tar files with --xattrs.   ||
|| livecd-rootfs || Bug:1585233 || ubuntu-cpc: Reintroduce the -root.tar.xz artifact. ||
|| console-setup || Bug:1788597 || keyboard-configuration.config: Fix exit/return thinko ||
|| livecd-rootfs || Bug:1783129 || Disentangle enabling universe in the final image a little from having PREINSTALLED=true set and enable it for a live-server build. ||
|| livecd-rootfs || Bug:1776891 || Disable journald rate limiting in the live-server live session. ||
|| initramfs-tools || Bug:1769682 || scripts/functions: write netplan config files to /run/netplan for network devices configured with configure_networking. ||
|| initramfs-tools || Bug:1769682 || scripts/functions: add 'critical: true' parameter; requires netplan 0.36.2. ||
|| initramfs-tools || Bug:1661629 || Work out the kernel modules required to support ZFS filesystems and add them as necessary. ||
|| ubiquity || Bug:1749289 || Implement missing reboot and shutdown methods in debconf_ui ||
|| ubiquity || Bug:1777900 || Add systemd-resolved to oem-config.target's Wants ||
|| livecd-rootfs || Bug:1792905 || Ensure /lib/modules exists in root tarballs and sqashfs. ||
|| initramfs-tools || Bug:1667512 || b4804dd] Only sync the filesystem containing the initramfs ||
|| initramfs-tools || Bug:1791959 || debian/initramfs-tools.postinst: remove orphaned old-dkms initrd files in /boot. ||
|| ubiquity || Bug:1789920 || Mask ubiquity.service in a system installed with oem-config/enabled=true, as this prevents getty@tty1.service from running. ||
|| livecd-rootfs || Bug:1805190 || Include grub efi packages in manifests for uefi images. ||
|| livecd-rootfs || Bug:1799773 || Disable checksum generation. ||
|| installation-guide || Bug:1730322 || Describe HWE kernel, point release and url for supported arm64 platforms. ||
|| installation-guide || Bug:1804306 || Move supported arm64 server list to a wiki page to ease maintenance ||
|| debian-installer || Bug:1807023 || build/pkg-lists/base: add ca-certificates-udeb to enable HTTPS without d-i/allow_unauthenticated_ssl in stock initramfs image as in Debian. ||
|| ubiquity || Bug:1768230 || scripts/plugininstall.py: don't hard-code a resume partition in /etc/initramfs-tools/conf.d/resume at install time.  In bionic and later, initramfs-tools will autodetect an appropriate resume partition at initramfs generation time, so ubiquity's resume setting is redundant and possibly wrong.   ||
|| debian-installer || Bug:1809021 || Add HWE variants for all architectures ||
|| partman-efi || Bug:1803031 || check.d/efi: Make sure we block on a missing EFI partition no matter what architecture, not just for ia64. One could attempt to install on EFI x86 and will need an ESP to be able to install GRUB. ||
|| ubiquity || Bug:1772374 || scripts/plugininstall.py: Make sure efivars is bind-mounted when installing the bootloader. ||
|| ubiquity || Bug:1803031 || Automatic update of included source packages: partman-efi 71ubuntu2.2. ||


== Upgrade bug fixes ==

These changes fix upgrade issues, smoothing the way for future upgrades to later releases of Ubuntu.

|| ubuntu-release-upgrader || Bug:1783589 || make sure that snapd is installed before trying to use it. ||
|| ubuntu-release-upgrader || Bug:1783593 || update the view with information regarding the progress of snaps being installed. ||
|| ubuntu-release-upgrader || Bug:1783738 || when checking for connectivity to the snap store use C.UTF-8 for the language so error message matching works. ||
|| ubuntu-release-upgrader || Bug:1785096 || Remove debs from apt's "Dir::Cache::archives" folder after the upgrade has completed successfully. ||
|| ubuntu-release-upgrader || Bug:1766890 || Upgrade libc6 before other packages to work around trigger issues ||
|| ubuntu-release-upgrader || Bug:1787668 || DistUpgradeQuirks.py: if ubuntu-desktop or snapd isn't in the package cache don't try and run the quirk for installing or upgrading snaps. ||
|| gnome-initial-setup || Bug:1781417 || Display the ubuntu welcome wizard in Unity, don't display the "what's new" page though since Unity didn't change ||
|| ubuntu-release-upgrader || Bug:1787649 || DistUpgradeController.py: If the attempt to only upgrade libc6 ends up creating an issue with apt's problem resolver try the full upgrade. This is what would have happened before the fix for bug 1766890. ||
|| update-manager || Bug:1317164 || Print transaction error and let the user try again applying updates ||
|| update-manager || Bug:1791931 || Don't ask backend to do package operations aready done. Aptdaemon cancels the transaction when asked to remove packages already removed which results the failure being shown to the user. This is unnecessary as update-manager can just filter the package operations to be done using a fresh cache and decrease the likelyhood of hitting a race condition where packages to be removed are already removed. ||
|| ubuntu-release-upgrader || Bug:1797209 || do-release-upgrade: do not run the release upgrade if either not all updates are installed or a reboot is required due to a libc6 upgrade. ||
|| ubuntu-release-upgrader || Bug:1796940 || debian/control: change ubuntu-release-upgrader-core to depend on ca-certificates ||
|| unattended-upgrades || Bug:1789637 || Unlock for dpkg operations with apt_pkg.pkgsystem_unlock_inner() when it is available. Also stop running when reacquiring the lock fails. Thanks to Julian Andres Klode for original partial patch ||
|| unattended-upgrades || Bug:1781586 || Skip rebuilding python-apt in upgrade autopkgtests. Python-apt has a new build dependency making the rebuilding as is failing and the reference handling issue is worked around in unattended-upgrades already. ||
|| unattended-upgrades || Bug:1785093 || Stop trying when no adjustment could be made and adjust package candidates only to lower versions ||
|| unattended-upgrades || Bug:1785093 || Skip already adjusted packages from being checked for readjusting. This makes it clearer that the recursion ends and can also be a bit quicker. ||
|| update-manager || Bug:1072136 || Keep or delete packages after looping over all of them. This prevents the resolver from changing the packages in the loop resulting in not keeping some phased packages back from being upgraded. ||
|| update-manager || Bug:1795898 || Stop lazy import of InstallBackends. Lazy imports made update-manager crash when an update-manager update changed the backend API and an updated incompatible backend was loaded to the not updated running update-manager process. ||
|| update-manager || Bug:1790670 || Cancel transaction on exit only when Cancel button is active. Also ignore exception when cancellation fails. ||
|| ubuntu-release-upgrader || Bug:1799839 || DistUpgrade/DistUpgradeController.py: check all the python symlinks and versions instead of the python one. Thanks to juliank for the assistance. ||
|| ubuntu-release-upgrader || Bug:1799710 || do-release-upgrade: Do not block release upgrades if the installable updates are ones which are not fully phased. ||
|| update-manager || Bug:1787553 || Add a reminder to enable Livepatch. ||
|| ubuntu-release-upgrader || Bug:1797384 || Set icon_name in the dialogs so that there will be an icon in gnome-shell. ||
|| update-notifier || Bug:1800862 || Check if a Livepatch patch has been applied during boot or before update-notifier has started. ||
|| unattended-upgrades || Bug:1778219 || Trigger unattended-upgrade-shutdown actions with PrepareForShutdown() Performing upgrades in service's ExecStop did not work when the upgrades involved restarting services because systemd blocked other stop/start actions making maintainer scripts time out and be killed leaving a broken system behind. Running unattended-upgrades.service before shutdown.target as a oneshot service made it run after unmounting filesystems and scheduling services properly on shutdown is a complex problem and adding more services to the mix make it even more fragile. The solution of monitoring PrepareForShutdown() signal from DBus allows Unattended Upgrade to run _before_ the jobs related to shutdown are queued thus package upgrades can safely restart services without risking causing deadlocks or breaking part of the shutdown actions. Also ask running unattended-upgrades to stop when shutdown starts even in InstallOnShutdown mode and refactor most of unattended-upgrade-shutdown to UnattendedUpgradesShutdown class. ||
|| unattended-upgrades || Bug:1778219 || Increase logind's InhibitDelayMaxSec to 30s. This allows more time for unattended-upgrades to shut down gracefully or even install a few packages in InstallOnShutdown mode, but is still a big step back from the 30 minutes allowed for InstallOnShutdown previously. Users enabling InstallOnShutdown node are advised to increase InhibitDelayMaxSec even further possibly to 30 minutes. ||
|| unattended-upgrades || Bug:1803749 || Stop using ActionGroups, they interfere with apt.Cache.clear() causing all autoremovable packages to be handled as newly autoremovable ones and be removed by default. Dropping ActionGroup usage does not slow down the most frequent case of not having anything to upgrade and when there are packages to upgrade the gain is small compared to the actual package installation. Also collect autoremovable packages before adjusting candidates because that also changed .is_auto_removable attribute of some of them. ||
|| update-manager || Bug:1805118 || Do not show the livepatch reminder if update-manager is running on a distribution without software-properties-gtk. ||
|| update-manager || Bug:1787553 || Add a reminder to enable Livepatch. ||
|| software-properties || Bug:1805436 || cloudarchive: Enable support for the Stein Ubuntu Cloud Archive on 18.04. ||
|| shotwell || Bug:1802895 || New bugfix update ||
|| shotwell || Bug:1606491 || Fix "Out of memory" issues when scrolling through large collections ||
|| shotwell || Bug:1723181 || direct: Fix crash when dismissing modifications ||
|| libreoffice || Bug:1799230 || New upstream release ||
|| libreoffice-l10n || Bug:1799230 || New upstream release ||
|| unattended-upgrades || Bug:1806487 || Start service after systemd-logind.service to be able to take inhibition lock ||
|| unattended-upgrades || Bug:1806487 || Handle gracefully when logind is down ||
|| update-notifier || Bug:1809505 || src/update-notifier.c: Don't use G_SPAWN_DO_NOT_REAP_CHILD in order to avoid zombie processes. ||
|| update-manager || Bug:1798618 || UpdateManager/Core/MetaRelease.py: set prompt in MetaReleaseCore so that do-release-upgrade can provide more informative error messages. ||
|| update-manager || Bug:1795024 || UpdateManager/Core/MetaRelease.py: set prompt in MetaReleaseCore so that do-release-upgrade can provide more informative error messages. ||
|| ubuntu-release-upgrader || Bug:1795024 || data/release-upgrades: Clarify documentation regarding the behavior for different Prompt settings. ||
|| ubuntu-release-upgrader || Bug:1798618 || do-release-upgrade: Utilize information regarding what Prompt is set to so that a more informative error message can be displayed. ||
|| ubuntu-release-upgrader || Bug:1795024 || do-release-upgrade: Utilize information regarding what Prompt is set to so that a more informative error message can be displayed. ||
|| ubuntu-release-upgrader || Bug:1786484 || DistUpgrade/DistUpgradeCache.py: When calculating free space needed for mount points don't use a negative number as the buffer. ||
|| ubuntu-release-upgrader || Bug:1807043 || DistUpgrade/DistUpgradeController.py: When rewriting sources.list entries check to see if the source provides packages for the release to which the upgrade is occurring. If it doesn't the entry is disabled thereby improving upgrades with PPAs. ||
|| ubuntu-release-upgrader || Bug:1807032 || do-release-upgrade: add a parameter to allow third party mirrors and repositories, additionally pass along the environmental variable RELEASE_UPGRADER_ALLOW_THIRD_PARTY via pkexec and sudo. ||
|| ubuntu-release-upgrader || Bug:1771387 || DistUpgrade/DistUpgradeCache.py: in the event there is a failure to calculate the upgrade provide information about the log files in /var/log/dist-upgrade. ||
|| ubuntu-release-upgrader || Bug:1773637 || DistUpgrade/xorg_fix_proprietary.py: modify how the system is checked to see if nvidia is being used, drop fglrx check since it has been deprecated. ||


== Desktop fixes ==

These changes mainly affect desktop installations of Ubuntu, Kubuntu, Edubuntu and other Ubuntu-based systems.

|| xorg || Bug:1768610 || Rename nux config leftovers which might change the environment even when not running an unity session ||
|| vte2.91 || Bug:1780501 || Revert the changes to revert-pcre2.patch in the previous SRU since they introduced API incompatibilies which aren't OK in an SRU. ||
|| gnome-menus || Bug:1765799 || Fix app menus not updating correctly after app install or removal. This patch was accidentally dropped in previous merge. ||
|| gnome-shell-extension-ubuntu-dock || Bug:1712661 || Fix crash connecting/disconnecting monitors ||
|| gnome-shell-extension-ubuntu-dock || Bug:1784920 || Fix showApps button label position ||
|| gnome-control-center || Bug:1779051 || Fix crash when settings changed after panel closed ||
|| gnome-software || Bug:1778160 || Fix crash when have plugs with multiple slots available ||
|| gnome-software || Bug:1781996 || don't segfault on null snap installation date ||
|| gnome-shell || Bug:1718931 || New upstream release ||
|| gnome-shell || Bug:1782614 || New upstream release ||
|| gnome-shell || Bug:1784671 || Don't handle key presses directly if there are modifiers ||
|| mutter || Bug:1754949 || Avoid crashing when warning about wrongly set crtc mode ||
|| mutter || Bug:1767956 || Don't crash if drmModeGetResources returns NULL  ||
|| mutter || Bug:1784398 || Always update monitor in wayland, avoiding crash ||
|| mutter || Bug:1772831 || Don't return screen resolutions that can't be applied ||
|| mutter || Bug:1422253 || Don't crash if a modal dialog closes while being dragged ||
|| mutter || Bug:1723615 || Don't try to use an invalid monitor mode to figure out scaling ||
|| mutter || Bug:1783311 || No-change backport to bionic ||
|| gnome-software || Bug:1775226 || also disable offline updates in refresh plugin ||
|| ubuntu-report || Bug:1786432 || Include optional DCD OEM file ||
|| ubuntu-report || Bug:1784383 || Collect number of disks and their sizes ||
|| apport || Bug:1778497 || Add a remember option to whoopsie so that users can diminish crash interactions ||
|| apport || Bug:1778694 || Move apport autoreport service files to apport binary package. Having them in apport-noui was creating a bug where autoreport wasn't working on desktop. As we check in the launched script for whoopsie and autoreport file, we don't autoreport by default. apport-noui still touches the file to enable autoreport on install. ||
|| apport || Bug:1778694 || Start apport-autoreport after installing apport-noui which is part of improving apport's automatic crash reporing feature. ||
|| software-properties || Bug:1770686 || SoftwarePropertiesGtk.py: Hide livepatch widgets in flavors without an online account panel in gnome-control-center ||
|| glib2.0 || Bug:1789472 || New upstream release ||
|| ubuntu-settings || Bug:1782190 || revert in communitheme session default font size to 11, as it creates rendering issues in GNOME Shell ||
|| firefox || Bug:1791789 || Fix : Mark distribution search engines as read-only, so that they are marked as hidden in rather than removed from the search engine cache when a user "removes" them (they can't actually be removed from disk). This stops them from reappearing on cache rebuilds ||
|| firefox || Bug:1791789 || Backport upstream change to the search service to not handle locale changes on shutdown. As well as resulting in en-US search engines being added to the search engine cache for all locales, it was resulting in a cache rebuild on every restart, making the above bug worse (fixes another part of ) ||
|| firefox || Bug:1791789 || Set "spellchecker.dictionary_path" by default to point to /usr/share/hunspell so that system dictionaries are loaded again, now that Firefox no longer loads them from its own install directory. Fixes another part of  ||
|| firefox || Bug:1791789 || Final part of the fix for : Cleanup extra Amazon.com search engine in locales that have their own Amazon search engine ||
|| fonts-liberation || Bug:1769654 || Backport to bionic to fix skewed font metrics ||
|| fonts-liberation2 || Bug:1769654 || Backport to bionic to fix skewed font metrics ||
|| libreoffice || Bug:1785679 || New upstream release ||
|| libreoffice-l10n || Bug:1785679 || New upstream release ||
|| evolution-data-server || Bug:1784514 || New upstream release ||
|| apport || Bug:1791324 || Handle old reports generated pre-apport with "remember" option. If the option isn't there, consider as false. ||
|| nautilus || Bug:1782681 || New upstream release: 3.26.4 ||
|| nautilus || Bug:1765776 || New upstream release: 3.26.4 ||
|| nautilus || Bug:1767027 || Follow nautilus settings to search only in current folder. This doesn't apply to gnome-shell search provider for indexed searches. ||
|| nautilus || Bug:1764779 || don't crash if selecting a volume that is not mounted ||
|| nautilus || Bug:1713581 || don't crash when try to select a file multiple times in a single run ||
|| nvidia-graphics-drivers-340 || Bug:1791542 || Use diversions for "libGLESv1_CM.so" "libGLESv1_CM.so.1". ||
|| nvidia-graphics-drivers-340 || Bug:1761593 || Install the modprobe file in /lib, and remove the blacklist file manually. ||
|| gnome-mines || Bug:1772191 || Backport fix from 3.30 for missing high resolution app icon ||
|| gnome-software || Bug:1789336 || Show verified developers ||
|| gnome-software || Bug:1789338 || Use wide scope searching ||
|| gnome-software || Bug:1756379 || Delay startup of service to allow the shell to load first ||
|| ubuntu-themes || Bug:1773045 || Remove nonexistent gnome-builder.css ||
|| ubuntu-themes || Bug:1781736 || Radiance: fix typo in assets link for focused buttons ||
|| ubuntu-themes || Bug:1781736 || Radiance: Use scaled image for buttons border ||
|| ubuntu-themes || Bug:1782038 || Ambiance, Radiance: don't use padding on window buttons for chromium ||
|| ubuntu-themes || Bug:1758841 || Ambiance: use default foreground color for toolbar menus ||
|| ubuntu-themes || Bug:1743373 || Ambiance, Radiance: show proper arrow in combobox ||
|| ubuntu-themes || Bug:1785699 || Ambiance, Radiance: use default disabled color for actions headerbar buttons ||
|| ubuntu-themes || Bug:1761684 || Ambiance, Radiance: fix list selected color for gnome-boxes ||
|| ubuntu-themes || Bug:1795895 || Ambiance, Radiance: properly theme disabled and hovered accelerators ||
|| xorg-server || Bug:1789913 || prime-sync-refactor.diff: Fix crash on modesetting+amdgpu hybrid. ||
|| nautilus || Bug:1795028 || Fix remote filesystem check on file during search ||
|| nautilus || Bug:1798426 || Refreshed to add memory leak and potential crash fixes ||
|| gnome-settings-daemon || Bug:1797322 || backport fix from upstream to resolve suspend/resume rfk issues ||
|| xdg-utils || Bug:1743216 || Use perl's decode() to ensure we don't pass invalid UTF-8 to D-Bus, as doing so triggers an assertion from libdbus which makes us crash. ||
|| fonts-noto-color-emoji || Bug:1788256 || New upstream release ||
|| evince || Bug:1790609 || New upstream release ||
|| apport || Bug:1760220 || apport/ui.py: when using ubuntu-bug properly handle executables which start with /snap/bin. ||
|| apport || Bug:1780767 || test/test_ui_gtk.py: Increase the timeout so that when the autopkgtest infrastructure is busy the tests should not fail. ||
|| gnome-shell || Bug:1739931 || use defined color for menu separators ||
|| gnome-shell || Bug:1743058 || set StEntry minimun height to work properly with Ubuntu font ||
|| gnome-shell || Bug:1745888 || Don't emit two click events on touch under X11 ||
|| gnome-shell || Bug:1725312 || Handle NULL scroll bars in st-scroll-view ||
|| gnome-calculator || Bug:1790876 || New upstream stable release ||
|| mutter || Bug:1727356 || Create back buffers in early intel GPU generations ||
|| mutter || Bug:1730211 || Fix typing capital letters when using OSD keyboard ||
|| gnome-initial-setup || Bug:1789925 || rework the patch from the previous upload to change the right reference this time ||
|| gnome-initial-setup || Bug:1764723 || Show an error message in case livepatch setup fails. This also will make sure that gnome-intial-setup does not quit before livepatch responds back. ||
|| totem || Bug:1433984 || backport fix for nautilus sometime crashing when closing the video properties dialog ||
|| totem || Bug:1798399 || backport fixes to make the gallery plugin work again ||
|| desktop-file-utils || Bug:1768271 || backport debian change to fix update-desktop-error with gnome-font-viewer 3.28 ||
|| gnome-desktop3 || Bug:1795668 || Enable bubblewrap hardening for thumnbailers ||
|| ghostscript || Bug:1806517 || SECURITY REGRESSION: multiple regressions ||
|| libgnomekbd || Bug:1721893 || backport a patch available on bugzilla to fix a segfault in the keyboard layout preview code. The most common case seems to be g-c-c trying to preview a 'default' layout which was working before some other fixes landed, that fixes the regression. ||
|| gnome-software || Bug:1552792 || Build with PackageKit autoremove support ||
|| gnome-software || Bug:1785240 || Stop cancelling snapd authorization triggers error notification ||
|| gnome-software || Bug:1754864 || Pull related flatpak refs ||
|| gnome-software || Bug:1798228 || Fix snap search result ordering ||
|| gnome-software || Bug:1719797 || Stop reboot notification from timing out ||
|| gnome-software || Bug:1798470 || Support composite CAB files ||
|| gnome-desktop3 || Bug:1807127 || Fix thumbnailer on 32-bit systems where /lib64 is not available. This fixes a regression introduced in the previous update. ||
|| gedit || Bug:1800179 || 'document selector: make search caseless', it makes the filter in the open document dialog work in a more logical way ||
|| gnome-shell || Bug:1765304 || Cherry-pick upstream commit to prevent focus stealing on password fields in firefox when ibus is used ||
|| libgweather || Bug:1803487 || New upstream release: 3.28.2 ||
|| nautilus || Bug:1804685 || 'preferences-window: Fix icon views captions order' ||
|| software-properties || Bug:1807373 || SoftwarePropertiesGtk.py: when checking a package's depends for DKMS also pass on an AttributeError ||
|| gvfs || Bug:1803158 || Use O_RDWR to fix fstat when writing ||
|| gvfs || Bug:1798725 || common: Prevent crashes on invalid autorun file ||
|| gvfs || Bug:1630905 || daemon: Prevent deadlock and invalid read when closing channels ||
|| gvfs || Bug:1792878 || workaround libsoup limitation to prevent dav lockups ||
|| gvfs || Bug:1778322 || smbbrowse: Force NT1 protocol version for workgroup support ||
|| gvfs || Bug:1803190 || smb: Add workaround to fix removal of non-empty dir ||
|| gjs || Bug:1809181 || New upstream release ||
|| gjs || Bug:1803271 || New upstream release ||
|| gparted || Bug:1779292 || d/patches/lvm2_prompt_patch.patch: Apply upstream patch to fix pvresize compatibility with LVM2 >= 2.02.171, which broke LVM PV resizing due to the addition of a confirmation dialogue for the resize. ||
|| cups || Bug:1804576 || fix-handling-of-MaxJobTime.patch: Fix handling of MaxJobTime 0 ||
|| totem || Bug:1726688 || Together, these patches fix the right-click .desktop actions ||
|| gnome-shell-extension-ubuntu-dock || Bug:1743976 || Avoid repainting an unchanging dock. ||
|| gnome-shell-extension-ubuntu-dock || Bug:1769383 || theming: Ensure _trackingWindows contains valid windows ||
|| gnome-shell-extension-ubuntu-dock || Bug:1769383 || extension: Ensure signal disconnection ||
|| firefox || Bug:1808980 || Build with --enable-rust-simd (except on i386 and armhf) ||
|| libdrm || Bug:1798597 || Backport to bionic for 18.04.2 HWE stack update. ||
|| wayland || Bug:1798597 || Backport for 18.04.2 HWE stack update. ||
|| wayland || Bug:1781440 || control: Bump Breaks/Replaces again to match reality. ||
|| mesa || Bug:1798597 || Backport for 18.04.2 HWE stack update. ||
|| xf86-input-wacom-hwe-18.04 || Bug:1798597 || Backport for 18.04.2 HWE stack update. ||
|| xorg-server-hwe-18.04 || Bug:1798597 || Backport for 18.04.2 HWE stack update. ||
|| xserver-xorg-input-libinput-hwe-18.04 || Bug:1798597 || Backport for 18.04.2 HWE stack update. ||
|| xserver-xorg-video-amdgpu-hwe-18.04 || Bug:1798597 || Backport for 18.04.2 HWE stack update. ||
|| xserver-xorg-video-ati-hwe-18.04 || Bug:1798597 || Backport for 18.04.2 HWE stack update. ||
|| xserver-xorg-video-vesa-hwe-18.04 || Bug:1798597 || Backport for 18.04.2 HWE stack update. ||
|| xserver-xorg-video-vmware-hwe-18.04 || Bug:1798597 || Backport for 18.04.2 HWE stack update. ||
|| xserver-xorg-video-nouveau-hwe-18.04 || Bug:1798597 || Backport for 18.04.2 HWE stack update. ||
|| xserver-xorg-video-fbdev-hwe-18.04 || Bug:1798597 || Backport for 18.04.2 HWE stack update. ||
|| xserver-xorg-video-qxl-hwe-18.04 || Bug:1798597 || Backport for 18.04.2 HWE stack update. ||
|| xserver-xorg-video-dummy-hwe-18.04 || Bug:1798597 || Backport for 18.04.2 HWE stack update. ||
|| xorg-hwe-18.04 || Bug:1798597 || Backport for 18.04.2 HWE stack update. ||
|| cairo || Bug:1560286 || "Revert "Correctly decode Adobe CMYK JPEGs in PDF export" From further testing and investigation it appears that many PDF viewers already have a workaround to invert Adobe CMYK JPEGs, so our generated PDFs display incorrectly with those viewers due to double-inversion. ||
|| xserver-xorg-video-intel-hwe-18.04 || Bug:1798597 || Backport for 18.04.2 HWE stack update. ||


== Server and Cloud related fixes ==

These changes mainly affect installations of Ubuntu on server systems and clouds.

|| keepalived || Bug:1744062 || d/p/fix-removing-left-over-addresses-if-keepalived-abort.patch: Cherry-picked from upstream to ensure left-over VIPs and eVIPs are properly removed on restart if keepalived terminates abonormally. This fix is from the upstream 1.4.0 release. ||
|| cloud-init || Bug:1784685 || cherry-pick 3cee0bf8: oracle: fix detect_openstack to report True on ||
|| cloud-init || Bug:1777912 || New upstream snapshot. ||
|| cloud-init || Bug:1770712 || debian/rules: update version.version_string to contain packaged version. ||
|| cloud-init || Bug:1777912 || New upstream release. ||
|| aodh || Bug:1776375 || Support same projects in different domain ||
|| maas || Bug:1773201 || Stable Release Update. New upstream release, MAAS 2.4.0 ||
|| freeipmi || Bug:1784926 || Cherry-pick patches from upstream that add support to ipmi-locate for parsing ACPI/SPMI tables out of sysfs: ||
|| rax-nova-agent || Bug:1783614 || New upstream version 2.1.15 ||
|| libvirt || Bug:1788226 || Fix an issue where guests with plenty of hostdevs attached where detected as not shut down due to the kernel needing more time to free up resources ||
|| apache2 || Bug:1750356 || d/p/balance-member-long-hostname-part{1,2}.patch: Provide an RFC1035 compliant version of the hostname in the proxy_worker_shared structure. A hostname that is too long is no longer a fatal error. ||
|| chrony || Bug:1787366 || d/p/lp-1787366-fall-back-to-urandom.patch: avoid hangs when starting the service on newer kernels by falling back to urandom. ||
|| avahi || Bug:1752411 || debian/avahi-daemon-check-dns.sh: On some hardware, the 'host' command gets stuck and does not timeout as it should leaving this script and boot-up hanging indefinitely. Launch host with 'timeout' to kill it after 5 seconds in these cases as a workaround. ||
|| unbound || Bug:1788622 || d/p/lp-1788622-fix-systemd-reload.patch: Fix hang due to all worker threads stopping on reload ||
|| maas || Bug:1788641 || Stable Release Update. New upstream release, MAAS 2.4.2 ||
|| postfix || Bug:1753470 || debian/patches/fix-postconf-segfault.diff: Fix a postconf segfault when map file cannot be read.  Thanks to Viktor Dukhovni <postfix- users@dukhovni.org>. ||
|| qemu || Bug:1755912 || d/p/lp-1755912-qxl-fix-local-renderer-crash.patch: Fix an issue triggered by migrations with UI frontends or frequent guest resolution changes ||
|| qemu || Bug:1787408 || d/p/ubuntu/target-ppc-extend-eieio-for-POWER9.patch: Backport to extend eieio for POWER9 emulation. ||
|| rax-nova-agent || Bug:1788716 || Use DefaultDependencies=no to prevent forming service ordering cycles ||
|| openjdk-lts || Bug:1788250 || debian/rules: by default leave atk disabled, move accessibility bridge to recommends.   ||
|| openjdk-lts || Bug:1788267 || debian/rules: by default leave atk disabled, move accessibility bridge to recommends.   ||
|| openvpn || Bug:1787208 || d/openvpn@.service: Add CAP_AUDIT_WRITE to avoid issues with callout scripts breaking due to sudo/pam being unable to audit the action. Fixed in upstream issue #918, suggested to Debian in #868806 ||
|| libvirt || Bug:1788603 || d/p/ubuntu-aa/lp-1788603-fix-ptrace-rules-with-kernel-4.18.patch: avoid issues with newer kernels >=4.18 ||
|| libvirt || Bug:1789659 || d/p/ubuntu/lp-1789659-don-t-check-for-parallel-iteration-in-hash.patch: remove broken and redundant check for parallel iteration in hash functions ||
|| nova-lxd || Bug:1789427 || New upstream stable point release for OpenStack Queens. ||
|| nginx || Bug:1782226 || Stable Release Update. Do not attempt to start nginx if other daemon is binding to port 80, to prevent install failure: ||
|| open-vm-tools || Bug:1791220 || d/p/ubuntu/lp-1791220-Disable-hgfsServer-not-VMware.patch: avoid crashing with segfaults when force starting the service in non VMWare environments. ||
|| open-vm-tools || Bug:1790145 || d/p/debian/scsi-udev-rule: fix applying of the scsi timeout ||
|| horizon || Bug:1790189 || d/theme/ubuntu/_styles.scss: Ensure btn-danger rules are preferred when used with a, a:link, a:visited and dropdown-menu.li. ||
|| nova || Bug:1761140 || d/control: Drop circular dependencies. nova-compute depends on nova-compute-* packages. nova-compute-* packages shouldn't depend on nova-compute. nova-compute-* should however depend on nova-common.. ||
|| cloud-initramfs-tools || Bug:1792905 || copymods: Take ownership of lib/modules ||
|| squid3 || Bug:1792728 || d/usr.sbin.squid: Update apparmor profile to grant read access to squid binary ||
|| webkit2gtk || Bug:1795901 || Install missing headers ||
|| lxcfs || Bug:1788232 || New upstream bugfix release: ||
|| lxc || Bug:1788457 || New upstream bugfix release: ||
|| snapd-glib || Bug:1785240 || Support auth cancelled error ||
|| snapd-glib || Bug:1789338 || Support wide scope searches ||
|| snapd-glib || Bug:1789336 || Support publisher information ||
|| snapd-glib || Bug:1789335 || Support refresh information ||
|| networkd-dispatcher || Bug:1797884 || Allow overriding /usr/lib scripts in /etc/networkd-dispatcher. Replaces our patch to use /usr/lib/networkd-dispatcher with the solution contributed upstream that has a search path with both /usr/lib/ and /etc locations. ||
|| qemu || Bug:1790901 || Update pxe netboot images for KVM s390x to qemu 3.0 level The SLOF source pieces in src:qemu are only used for s390x netboot, which are independent ROMs (no linking). All other binaries out of this are part of src:slof and independent. ||
|| cloud-init || Bug:1795953 || New upstream release. ||
|| horizon || Bug:1778771 || d/p/add-enabled-check-in-backups-panel.patch: Cherry-picked from https://review.openstack.org/#/c/605994/ to ensure Volume Backups panel is disabled if enable_backup is False. ||
|| lxd || Bug:1788280 || New upstream bugfix release: ||
|| lxd || Bug:1788314 || Temporarily disable ZFS tests on s390x due to conflict between zfsutils-linux and s390-tools ||
|| netplan.io || Bug:1770082 || Fix typo breaking rename on 'netplan apply'. ||
|| netplan.io || Bug:1793309 || Backport netplan 0.40.1 to 18.04. ||
|| netplan.io || Bug:1795343 || Deal gracefully with empty files on 'netplan apply' ||
|| netplan.io || Bug:1786726 || Don't render ipv4 dns-search unless we have an ipv4 address. ||
|| netplan.io || Bug:1736965 || Set permissive umask on networkd .network, .link and .netdev files ||
|| netplan.io || Bug:1768560 || Set permissive umask on networkd .network, .link and .netdev files ||
|| netplan.io || Bug:1747455 || Fix support for link-scope routes. ||
|| netplan.io || Bug:1756701 || Spell Gratuitous ARP correctly and make it work. ||
|| netplan.io || Bug:1783940 || Many typo fixes for documentation. ||
|| netplan.io || Bug:1771704 || Allow link-local addresses to be configured. ||
|| netplan.io || Bug:1736975 || Forces bridges with no addresses to be brought online. ||
|| netplan.io || Bug:1770082 || Write udev .rules files to /run/udev/rules.d to enforce interface renaming. ||
|| netplan.io || Bug:1768823 || Don't traceback for 'netplan ip leases' when iface is not managed or doesn't DHCP ||
|| netplan.io || Bug:1771440 || Fix duplicate "/" path separator in error messages ||
|| netplan.io || Bug:1768798 || Fix incorrect terminal reset in 'netplan try' on Ctrl-C. ||
|| netplan.io || Bug:1768783 || Updated doc entries: mtu, fix fwmark->mark, cleanup optional. ||
|| netplan.io || Bug:1770082 || Generate udev rules files to rename devices Due to a systemd issue[1], using link files to rename interfaces doesn't work as expected. Link files will not rename an interface if it was already renamed, and interfaces are renamed in initrd, so set-name will often not work as expected when rebooting. However, rules files will cause a renaming, even if the interface has been renamed in initrd. ||
|| amavisd-new || Bug:1792293 || d/p/100_more_amavisd_helpers_fixes: Fix Debian/Ubuntu pathing in amavisd-release ||
|| amavisd-new || Bug:1770532 || d/p/105_amavisd_fix_originating_dkim_signing.patch: Fix DKIM signing in 2.11.0 ||
|| nova || Bug:1795424 || New stable point release for OpenStack Queens. ||
|| heat || Bug:1795424 || New stable point release for OpenStack Queens. ||
|| keystone || Bug:1795424 || New stable point release for OpenStack Queens. ||
|| python-openstackclient || Bug:1800490 || New stable point release for OpenStack Queens. ||
|| open-vm-tools || Bug:1793219 || d/p/lp-1793219-fix-stats-overflow.patch: fix potential overflow of 32 bit /proc values ||
|| bind9 || Bug:1769440 || d/p/skip-rtld-deepbind-for-dyndb.diff: fix named-pkcs11 crashing on startup. Thanks to Petr Menšík <pemensik@redhat.com> ||
|| neutron || Bug:1795424 || New stable point release for OpenStack Queens. ||
|| neutron || Bug:1790598 || d/p/metadata-use-requests-for-comms-with-nova-api.patch: Cherry-picked from https://review.openstack.org/#/c/599541/ to enable cert management where IP addresses are used in subject alternate names. ||
|| openldap || Bug:1783183 || d/apparmor-profile: update apparmor profile to allow reading of files needed when slapd is behaving as a kerberos/gssapi client and acquiring its own ticket. ||
|| samba || Bug:1795772 || d/p/fix-rmdir.patch: fix the patch to not apply with offset, which previously made it change the wrong, almost identical, function. ||
|| samba || Bug:1795772 || d/p/fix-rmdir.patch: Fix to make smbclient report directory-not-empty errors ||
|| ca-certificates-java || Bug:1770553 || Backport from Cosmic. ||
|| ca-certificates-java || Bug:1771815 || Merge from Debian unstable. Remaining changes: ||
|| ca-certificates-java || Bug:1771363 || debian/postinst.in: Detect PKCS12 cacert keystore generated by previous ca-certificates-java and convert them to JKS. ||
|| ca-certificates-java || Bug:1769013 || Merge from debian unstable. Remaining changes: ||
|| ca-certificates-java || Bug:1739631 || Merge from debian unstable. Remaining changes: ||
|| apache2 || Bug:1782806 || d/debhelper/apache2-maintscript-helper: fix typo in apache2_switch_mpm()'s a2query call. ||
|| openjdk-lts || Bug:1800792 || debian/patches/sec-webrev-11.0.1-b21-S8211731.patch: apply missing patch from the security update. ||
|| bubblewrap || Bug:1795668 || Don't install setuid on Ubuntu & derivatives since Ubuntu's kernel enables unprivileged user namespaces ||
|| ubuntu-keyring || Bug:1798073 || Validate that all shipped fragments are signed.  ||
|| netplan.io || Bug:1802322 || Fix idempotency in renaming: bond members should be exempt from rename, as they may all share a single MAC for the bond device. ||
|| netplan.io || Bug:1770082 || Fix typo breaking rename on 'netplan apply'. ||
|| netplan.io || Bug:1793309 || Backport netplan 0.40.1 to 18.04. ||
|| netplan.io || Bug:1795343 || Deal gracefully with empty files on 'netplan apply' ||
|| netplan.io || Bug:1786726 || Don't render ipv4 dns-search unless we have an ipv4 address. ||
|| netplan.io || Bug:1736965 || Set permissive umask on networkd .network, .link and .netdev files ||
|| netplan.io || Bug:1768560 || Set permissive umask on networkd .network, .link and .netdev files ||
|| netplan.io || Bug:1747455 || Fix support for link-scope routes. ||
|| netplan.io || Bug:1756701 || Spell Gratuitous ARP correctly and make it work. ||
|| netplan.io || Bug:1783940 || Many typo fixes for documentation. ||
|| netplan.io || Bug:1771704 || Allow link-local addresses to be configured. ||
|| netplan.io || Bug:1736975 || Forces bridges with no addresses to be brought online. ||
|| netplan.io || Bug:1770082 || Write udev .rules files to /run/udev/rules.d to enforce interface renaming. ||
|| netplan.io || Bug:1768823 || Don't traceback for 'netplan ip leases' when iface is not managed or doesn't DHCP ||
|| netplan.io || Bug:1771440 || Fix duplicate "/" path separator in error messages ||
|| netplan.io || Bug:1768798 || Fix incorrect terminal reset in 'netplan try' on Ctrl-C. ||
|| netplan.io || Bug:1768783 || Updated doc entries: mtu, fix fwmark->mark, cleanup optional. ||
|| rax-nova-agent || Bug:1804445 || New upstream version 2.1.18 ||
|| rax-nova-agent || Bug:1788716 || Use DefaultDependencies=no to prevent forming service ordering cycles ||
|| libvirt || Bug:1801666 || d/control: explicitly Build-dep on libwiretap-dev to fix FTBFS since libwireshark 2.6.x SRU upload ||
|| exim4 || Bug:1786508 || d/p/eximstats_unitialized_value.patch: Fix uninitialized value error in eximstats. ||
|| postfix || Bug:1791139 || d/postfix-{cdb,ldap,lmdb,mysql,pcre,pgsql}.postinst, d/postfix.postinst: Handle empty alias_database field in main.cf ||
|| lxc || Bug:1804755 || New upstream bugfix release: ||
|| lxcfs || Bug:1804753 || New upstream bugfix release: ||
|| barbican || Bug:1806043 || New stable point release for OpenStack Queens. ||
|| neutron-fwaas || Bug:1806043 || New stable point release for OpenStack Queens. ||
|| keystone || Bug:1806043 || New stable point release for OpenStack Queens. ||
|| nova || Bug:1744079 || d/p/disk-size-live-migration-overcommit.patch: Cherry-picked from https://review.openstack.org/#/c/602478 to ensure proper disk calculation during live migration with over-commit. ||
|| nova || Bug:1806043 || New stable point release for OpenStack Queens. ||
|| horizon || Bug:1802226 || d/openstack-dashboard.postinst: Ensure that if memcached is installed it is restarted in post-install script after collecting/compressing static assets, enabling refresh of memcached static assets after upgrade. ||
|| psmisc || Bug:1806060 || fix killall option parsing ||
|| walinuxagent || Bug:1799498 || New upstream release. ||
|| ceph || Bug:1796645 || New upstream point release. ||
|| cinder || Bug:1806043 || New stable point release for OpenStack Queens. ||
|| netplan.io || Bug:1811210 || No change rebuild in -security pocket to fix dependency issue ||
|| samba || Bug:1801227 || d/p/auth-fail-eexist.diff: smbc_opendir should not return EEXIST with invalid login credentials. Thanks to David Mulder. ||
|| network-manager-applet || Bug:1807460 || 'libnma: unescape certificate paths in URIs', that fixes selecting files with a space in their name ||
|| openvswitch || Bug:1780752 || New upstream point release: ||
|| sssd || Bug:1807246 || d/p/fix-id-out-of-range-lookup.patch: CACHE_REQ: Do not fail the domain locator plugin if ID outside the domain range is looked up.  Thanks to Jakub Hrozek <jhrozek@redhat.com>. ||
|| sssd || Bug:1793882 || d/t/common-tests, d/t/control, d/t/ldap-user-group-krb5-auth, d/t/ldap-user-group-ldap-auth, d/t/login.exp, d/t/util: add DEP8 tests for kerberos and LDAP ||
|| deja-dup || Bug:1804744 || Fix bug preventing restore on a fresh install if you don't also set your current backup location to the old backup.  ||
|| snapd || Bug:1811233 || New upstream release,  ||
|| snapd || Bug:1779403 || New upstream release,  ||
|| snapd || Bug:1814355 || disable systemd environment generator on bionic to fix  ||
|| ceph || Bug:1813582 || d/p/lp1813582.patch: Cherry pick fix for crash in rados py binding under gnocchi (LP: #1813582). ||
|| libmemcached || Bug:1573594 || Fix missing null termination in PROTOCOL_BINARY_CMD_SASL_LIST_MECHS response handling (LP: #1573594) ||
|| haproxy || Bug:1804069 || d/p/stksess-align.patch: Make sure stksess is properly aligned. (LP: #1804069) ||
|| landscape-client || Bug:1788219 || debian/patches/nutanix-kvm.patch: Update vm_info.py to include Nutanix hypervisor. (LP: #1788219) ||
|| landscape-client || Bug:1670291 || debian/patches/release-upgrade-success.patch: Enable landscape-client to survive trusty upgrade. (LP: #1670291) ||
|| landscape-client || Bug:1670291 || debian/patches/post-upgrade-reboot.patch: Force reboot operation in case systemd fails. (LP: #1670291) ||
|| landscape-client || Bug:1765518 || debian/patches/unicode-tags-script.patch: Permit environments containing unicode chars for script execution. (LP: #1765518) ||
|| landscape-client || Bug:1616116 || debian/patches/1616116-resync-loop.patch: Clear hash id database on package resync. (LP: #1616116) ||


== Kernel and Hardware support updates ==

Considerable work has been done in Ubuntu 18.04.2 on improving support for many specific items of hardware.

|| intel-microcode || Bug:1778738 || Default to early instead of auto, and install all of the microcode, not just the one matching the current CPU, if MODULES=most is set in the initramfs-tools config ||
|| amd64-microcode || Bug:1778738 || Default to 'early' instead of 'auto' in the initramfs-tools hook when building with MODULES=most ||
|| lshw || Bug:1752523 || d/patches/lshw-fix-unknown-version-issue.patch: Cherry pick from upstream. ||
|| open-iscsi || Bug:1785108 || d/net-interface-handler: Apply changes only for the iscsi-root ||
|| grub2 || Bug:1786491 || Verify that the current and newer kernels are signed when grub is updated, to make sure people do not accidentally shutdown without a signed kernel. ||
|| grub2-signed || Bug:1786491 || Rebuild against grub2 2.02-2ubuntu8.3 and check kernel is signed on amd64 EFI before installing grub. ||
|| linux-meta-gcp || Bug:1780923 || linux-gcp: add a meta package for the extra modules ||
|| linux-oem || Bug:1781895 || Bluetooth: Redpine: Bionics: L2test transfer is failed to start in Ubuntu 18.04 ||
|| linux-oem || Bug:1782070 || Redpine]  Upgrades to improve throughput and stability ||
|| grub2-signed || Bug:1785859 || Rebuild against grub2 2.02-2ubuntu8.4 ||
|| grub2 || Bug:1785859 || debian/patches/ofnet-init-structs-in-bootpath-parser.patch: initialize structs in bootpath parser. Fixes netboot issues on ppc64el. ||
|| gnu-efi || Bug:1790709 || New upstream version 3.0.8. ||
|| shim-signed || Bug:1790724 || Backport shim-signed 1.37 to Ubuntu 18.04. ||
|| shim-signed || Bug:1778848 || debian/shim-signed.postinst: use --auto-nvram with grub-install in case we're installing on a NVRAM-unavailable platform. ||
|| shim-signed || Bug:1778848 || debian/control: bump the dependency for grub2-common to make sure grub-install supports --auto-nvram. ||
|| shim-signed || Bug:1778848 || debian/control: switch the grub-efi-amd64-bin dependency to grub-efi-amd64-signed. ||
|| ipxe || Bug:1789319 || Build ROMs for QEMU with CONFIG=qemu ||
|| libglvnd || Bug:1782285 || rules, libgles2: Add GLESv1 support. ||
|| libglvnd || Bug:1780039 || Always return an error from eglMakeCurrent if EGLDisplay is invalid. ||
|| bolt || Bug:1786265 || New upstream version ||
|| bolt || Bug:1778020 || should resolve issues with devices not being authorized on initial boot e.g in lightdm ||
|| open-iscsi || Bug:1755858 || make iscsid socket activated to only activate it as-needed ||
|| ubuntu-drivers-common || Bug:1789201 || Start before oem-config.service. ||
|| open-iscsi || Bug:1791108 || d/net-interface-handler: replace 'domainsearch' with the correct configuration option 'search' in net-interface-handler ||
|| shim-signed || Bug:1792575 || debian/control: add Breaks: grub-efi-amd64-signed (<< 1.93.7), as the new version of shim exercises a bug in relocation code for chainload that was fixed in that upload of grub, affecting Windows 7, Windows 10, and some netboot scenarios where chainloading is required. ||
|| shim-signed || Bug:1790724 || Backport shim-signed 1.37 to Ubuntu 18.04. ||
|| grub2-signed || Bug:1792575 || Rebuild against grub2 2.02-2ubuntu8.6 ||
|| grub2-signed || Bug:788298 || Rebuild against grub2 2.02-2ubuntu8.5 ||
|| grub2 || Bug:1792575 || debian/patches/linuxefi_fix_relocate_coff.patch: fix typo in relocate_coff() causing issues with relocation of code in chainload. ||
|| grub2 || Bug:1792575 || debian/patches/linuxefi_truncate_overlong_reloc_section.patch: The Windows 7 bootloader has inconsistent headers; truncate to the smaller, correct size to fix chainloading Windows 7. ||
|| grub2 || Bug:788298 || debian/patches/grub-reboot-warn.patch: Warn when "for the next boot only" promise cannot be kept. ||
|| util-linux || Bug:1783810 || Use getrandom() with GRND_NONBLOCK to avoid hangs in early boot when e.g. the partition is resized. Cherry picked from upstream. ||
|| skiboot || Bug:1785026 || d/opal-prd.logrotate: fix ownership of /var/log/opal-prd.log. ||
|| friendly-recovery || Bug:1766872 || Cleanup lintian warnings. ||
|| linux || Bug:1796542 || Silent data corruption in Linux kernel 4.15 ||
|| linux || Bug:1789746 || getxattr: always handle namespaced attributes ||
|| linux || Bug:1789118 || Fails to boot under Xen PV: BUG: unable to handle kernel paging request at edc21fd9 ||
|| linux || Bug:1791569 || some nvidia p1000 graphic cards hang during the boot ||
|| linux || Bug:1783746 || ipmmu is always registered ||
|| linux || Bug:1794889 || Bionic update: upstream stable patchset 2018-09-27 ||
|| linux-kvm || Bug:1796542 || Silent data corruption in Linux kernel 4.15 ||
|| linux-kvm || Bug:1793841 || IP_SET modules not included in kernel build, prevents container functionality ||
|| linux-kvm || Bug:1789746 || getxattr: always handle namespaced attributes ||
|| linux-kvm || Bug:1789118 || Fails to boot under Xen PV: BUG: unable to handle kernel paging request at edc21fd9 ||
|| linux-kvm || Bug:1791569 || some nvidia p1000 graphic cards hang during the boot ||
|| linux-kvm || Bug:1783746 || ipmmu is always registered ||
|| linux-kvm || Bug:1794889 || Bionic update: upstream stable patchset 2018-09-27 ||
|| gdm3 || Bug:1780076 || Add utils-add-new-gdm-disable-wayland-binary.patch, cherry-picked from cosmic. ||
|| linux-aws || Bug:1796542 || Silent data corruption in Linux kernel 4.15 ||
|| linux-aws || Bug:1794175 || kyber-iosched module missing from linux-modules package ||
|| linux-aws || Bug:1789746 || getxattr: always handle namespaced attributes ||
|| linux-aws || Bug:1789118 || Fails to boot under Xen PV: BUG: unable to handle kernel paging request at edc21fd9 ||
|| linux-aws || Bug:1791569 || some nvidia p1000 graphic cards hang during the boot ||
|| linux-aws || Bug:1783746 || ipmmu is always registered ||
|| linux-aws || Bug:1794889 || Bionic update: upstream stable patchset 2018-09-27 ||
|| linux-gcp || Bug:1796542 || Silent data corruption in Linux kernel 4.15 ||
|| linux-gcp || Bug:1789746 || getxattr: always handle namespaced attributes ||
|| linux-gcp || Bug:1789118 || Fails to boot under Xen PV: BUG: unable to handle kernel paging request at edc21fd9 ||
|| linux-gcp || Bug:1791569 || some nvidia p1000 graphic cards hang during the boot ||
|| linux-gcp || Bug:1783746 || ipmmu is always registered ||
|| linux-gcp || Bug:1794889 || Bionic update: upstream stable patchset 2018-09-27 ||
|| linux-oem || Bug:1796542 || Silent data corruption in Linux kernel 4.15 ||
|| grub2 || Bug:1785033 || debian/patches/0001-i386-linux-Add-support-for-ext_lfb_base.patch: Add support for ext_lfb_base. ||
|| grub2-signed || Bug:1785033 || Rebuild against grub2 2.02-2ubuntu8.7 ||
|| linux-azure || Bug:1798185 || Enable CONFIG_INFINIBAND_USER_MAD ||
|| linux-azure || Bug:1798185 || Enable CONFIG_INFINIBAND_USER_MAD ||
|| linux-azure || Bug:1796542 || Silent data corruption in Linux kernel 4.15 ||
|| linux-azure || Bug:1789746 || getxattr: always handle namespaced attributes ||
|| linux-azure || Bug:1789118 || Fails to boot under Xen PV: BUG: unable to handle kernel paging request at edc21fd9 ||
|| linux-azure || Bug:1791569 || some nvidia p1000 graphic cards hang during the boot ||
|| linux-azure || Bug:1783746 || ipmmu is always registered ||
|| linux-azure || Bug:1794889 || Bionic update: upstream stable patchset 2018-09-27 ||
|| s390-tools || Bug:1777600 || zdev: Adjust zdev modprobe path to be compatible with split-usr systems. ||
|| s390-tools || Bug:1794308 || zdev: Trigger generic_ccw devices on any kernel module loads. ||
|| secureboot-db || Bug:1776996 || Backport secureboot-db from cosmic to apply the August 2016 dbx updates from Microsoft.   ||
|| mokutil || Bug:1797011 || Backport mokutil 0.3.0+1538710437.fb6250f-0ubuntu2 to 18.04. ||
|| parted || Bug:1798675 || debian/patches/Read-NVMe-model-names-from-sysfs.patch: Expose NVMe model names when available instead of the generic "NVMe Device" string.  ||
|| kmod || Bug:1786574 || Remove i2c_i801 from d/modprobe.d/blacklist.conf. ||
|| ubuntu-drivers-common || Bug:1797147 || Improve pid detection, and restore the default pci power control profile in performance mode. ||
|| nvidia-prime || Bug:1797147 || Give udev the time to add the drm device. Fixes a race condition that causes problems when using lightdm and sddm. ||
|| shim-signed || Bug:1726803 || Don't fail non-interactive upgrade of nvidia module and module removals ||
|| linux-oem || Bug:1800770 || Thunderbolt runtime D3 and PCIe D3 Cold support ||
|| linux-azure || Bug:1722226 || linux-azure: fix systemd ADT test failure ||
|| grub2 || Bug:1784363 || debian/default/grub.md5sum: add entry for 2.02-2ubuntu8.7; to force an update of /etc/default/grub back to the correct timeout value of 0 if the file has otherwise not been edited by the user. ||
|| grub2 || Bug:1788727 || debian/grub-check-signatures: Handle the case where we have unsigned vmlinuz and signed vmlinuz.efi.signed. ||
|| grub2-signed || Bug:1784363 || Rebuild against grub2 2.02-2ubuntu8.9 ||
|| grub2-signed || Bug:1788727 || Rebuild against grub2 2.02-2ubuntu8.9 ||
|| bolt || Bug:1798014 || New upstream version ||
|| bolt || Bug:1800715 || use -Dprivileged-group=sudo, the admin group is not 'wheel' for us ||
|| linux-aws || Bug:1801305 || Restore request-based mode to xen-blkfront for AWS kernels ||
|| fwupd || Bug:1791999 Bug:1768627 Bug:1719797 || Restrict libsmbios-dev to x86 architectures ||
|| linux-gcp-edge || Bug:1796647 || Shared folders cannot be mounted in ubuntu/cosmic64 due to missing vbox modules ||
|| open-iscsi || Bug:1802354 || d/iscsi-disk.rules, d/rules: Add a udev rule so that iscsid.service will be started when iscsi disks are attached.  ||
|| usbmuxd || Bug:1778767 || backport some fixes for missing udev events on new kernel which were leading to the service not restarting after disconnecting and reconnecting a device. Thanks Leo Soares for suggesting a first version of the backport ||
|| hwdata || Bug:1755490 || Change PNP vendor name for GSM to LG Electronics ||
|| open-iscsi || Bug:1807978 || debian/iscsi-disk.rules: Fix bug with LVM on top of iscsi devices. ||
|| open-iscsi || Bug:1806777 || debian/extra/initramfs.local-top: handle iSCSI iBFT DHCP to correctly run ipconfig to gather all DHCP config info, including DNS search domain, which iBFT can't provide.  ||
|| lxd || Bug:1804876 || New upstream bugfix release ||
|| e2fsprogs || Bug:1807288 || debian/patches/0001-libext2fs-fix-regression-so-we-are-correctly- transla.patch: cherry-pick upstream fix so we are correctly translating acls in mkfs.ext4.  Closes  ||
|| initramfs-tools || Bug:1802591 || scripts/functions: include a new option to skip enslaved network devices. Include the new variable NETWORK_SKIP_ENSLAVED. When set to a value different than "0", this variable will cause any enslaved network devices to be skipped from the list of netbootable devices. This variable can be set via the configuration files under /etc/initramfs-tools/ or via any configuration file under the initrd directory /conf/conf.d/ via a hook script. ||
|| rdma-core || Bug:1794825 || Drop to avoid issues with the sysV to systemd wrapper starting the service instead of the socket ||
|| linux-oracle || Bug:1802591 || Skip enslaved devices during boot ||
|| linux-firmware || Bug:1808528 || Update linux-firmware in bionic for 18.10 hwe kernel ||
|| util-linux || Bug:1784347 || debian/patches/support_alternate_partition_sep.patch: support alternate partition separators. Common cases of no separator, using "p" only, and "-part" (the only previously supported), are covered now, which should let fdisk show partitions in a way closer to reality on most systems. Patch from Kyle Mahlkuch, with changes by Karel Zak. ||
|| irqbalance || Bug:1811655 || Added aarch64-log-spam preventing syslog spam on small aarch64 systems which lack a PCI bus (e.g. rpi3b, rpi3b+). ||
|| flash-kernel || Bug:1764491 || Add Raspberry Pi 3 Model B+ to the db. ||
|| flash-kernel || Bug:1811216 || Modify the Pi 3 boot.scr addresses to fit a bigger kernel, prepare separate versions for armhf and arm64. ||
|| linux-meta-hwe || Bug:1798352 || linux-snapdragon: missing meta packages for this flavour ||
|| livecd-rootfs || Bug:1805668 || More changes for raspi3 build support: ||
|| livecd-rootfs || Bug:1805668 || Another batch of cherry-picks for raspi3 support ||
|| u-boot || Bug:1805668 || Backport to bionic. ||
|| grub2 || Bug:1789918 || debian/grub-check-signatures: check kernel signatures against keys known in firmware, in case a kernel is signed but not using a key that will pass validation, such as when using kernels coming from a PPA. ||
|| grub2 || Bug:1812863 || debian/patches/mkconfig_leave_breadcrumbs.patch: make sure grub-mkconfig leaves a trace of what files were sourced to help generate the config we're building. ||
|| grub2 || Bug:1800722 || debian/patches/quick-boot-lvm.patch: If we don't have writable grubenv and we're on EFI, always show the menu.  Closes  ||
|| linux || Bug:1813663 || External monitors does not work anymore 4.15.0-44 ||
|| thermald || Bug:1803360 || Honor ACPI _CRT for processor thermal zone There are some new fanless platforms use DPTF's virtual sensor instead of INT340X devices. Because of that, the _PSV is no longer in use, at least not directly, hence its value may set higher then _CRT. To a fanless system that means no cooling device gets activated before _CRT, so the system will be considered overheated by Linux kernel, and gets shutdown by the kernel.  Upstream fixes: ||
|| kmod || Bug:1802689 || Add i2c_i801 back to d/modprobe.d/blacklist.conf again due to regressions. ||
|| e2fsprogs || Bug:1798562 || d/patches/0001-resize2fs-update-checksums-in-the-extent-tree-s-relo.patch: do the checksum update later in extent tree relocated block to denote the inode number change, otherwise the checksum update might be done in the old copy of the block. ||
|| linux-oem || Bug:1813663 || External monitors does not work anymore 4.15.0-44 ||
|| linux-oem || Bug:1811777 || Fix non-working pinctrl-intel ||
|| linux-oem || Bug:1811929 || Fix not working Goodix touchpad ||
|| linux-hwe || Bug:1814555 || Ubuntu boot failure. 4.18.0-14 boot stalls. (does not boot) ||
|| linux-hwe || Bug:1813873 || Userspace break as a result of missing patch backport ||
|| grub2 || Bug:1814575 || debian/grub-check-signatures: properly account for DB showing as empty on some broken firmwares: Guard against mokutil --export --db failing, and do a better job at finding the DER certs for conversion to PEM format. ||
|| grub2 || Bug:1401532 || debian/patches/linuxefi_disable_sb_fallback.patch: Disallow unsigned kernels if UEFI Secure Boot is enabled.  If UEFI Secure Boot is enabled and kernel signature verification fails, do not boot the kernel. Patch from Linn Crosetto. ||
|| grub2 || Bug:1814403 || debian/patches/quick-boot-lvm.patch: checking the return value of 'lsefi' when the command doesn't exist does not do what's expected, so instead check the value of $grub_platform which is simpler anyway. ||
|| grub2-signed || Bug:1401532 || Rebuild against grub2 2.02-2ubuntu8.11. ||


== Unsorted changes ==

|| python-wadllib || Bug:1729754 || Fix MIME encoding of binary parts. ||
|| guile-2.0 || Bug:1780996 || Convert triggers to noawait (Closes: #903915) ||
|| dpdk || Bug:1784816 || Make DPDK LTS release available in Bionic ||
|| open-vm-tools || Bug:1784638 || Merge with Upstream Tag stable-10.3.0 from https://github.com/vmware/open-vm-tools/releases/tag/stable-10.3.0 Remaining changes: ||
|| gpgme1.0 || Bug:1762384 || Make debian/libgpgme-dev.links executable, it uses dh-exec ||
|| packagekit || Bug:1722185 || Fix debconf interaction ||
|| base-files || Bug:1134036 || Install locale-check command to /usr/bin and invoke it from /etc/profile.d/01-locale-fix.sh to ensure locale related environment variables are set to valid values. ||
|| cryptsetup || Bug:1651818 || Apply patch from Trent Nelson to fix cryptroot-unlock for busybox compatibility.  ||
|| clamav || Bug:1792051 || debian/clamav-daemon.config.in: fix infinite loop during dpkg-reconfigure ||
|| python3.6 || Bug:1792143 || SRU:  Update Python 3.6 to the recent subminor release. ||
|| python3.6 || Bug:1768644 || Don't inject dpkg's compiler specs into distutils.  ||
|| python-pylxd || Bug:1775238 || d/control: Add python(3)-requests-toolbelt to python(3)-pylxd Depends and python3-requests-unixsocket to python3-pylxd Depends. Also set min version of toolbelt globally. ||
|| appstream || Bug:1792537 || cache-explicit-variants.patch: fix crash when upgrading from bionic to cosmic ||
|| gcc-defaults || Bug:1769657 || SRU:  Bump GCC 8 based versions to 8.2.0. ||
|| gcc-8-cross || Bug:1769657 || SRU:  Build using gcc 8.2.0-1ubuntu2 ||
|| gcc-8 || Bug:1769657 || SRU:  Update the package to the current version in cosmic. ||
|| gcc-7 || Bug:1769657 || SRU:  Update the package to the current version in cosmic. ||
|| gcc-7 || Bug:1721355 || Update the gcc-foffload-default patch.  ||
|| cross-toolchain-base || Bug:1769657 || SRU:  ||
|| gcc-7-cross || Bug:1769657 || SRU:  Build using 7.3.0-18ubuntu0.1. ||
|| binutils || Bug:1769657 || SRU:  ||
|| binutils || Bug:1763098 || Fix PR gprof/23056, memory corruption in gprof.  ||
|| binutils || Bug:1763096 || Fix PR binutils/23054, memory corruption in as.  ||
|| binutils || Bug:1763094 || Fix PR ld/23055, memory corruption in ld.  ||
|| plymouth || Bug:1767918 || debian/patches/git_ensure_tty_closed_0a662723.patch: ensure tty is closed on deactivate. ||
|| apparmor || Bug:1788929 || disallow writes to thumbnailer dir ||
|| apparmor || Bug:1794848 || disallow access to the dirs of private files ||
|| apturl || Bug:1338482 || really* work ||
|| golang-1.10 || Bug:1794395 || Backport to 18.04. ||
|| man-db || Bug:1785414 || Backport seccomp sandbox improvements from 2.8.4: ||
|| packagekit || Bug:1790613 || Pass --no-restart-after-upgrade to dh_installsystemd to avoid PackageKit restarting while upgrading under PackageKit ||
|| packagekit || Bug:1795614 || debian/patches/frontend-locking.diff: Implement frontend locking in a simple way. Will need some more work to upstream, and possibly some error checking. ||
|| packagekit || Bug:1790671 || debian/patches/aptcc-Fix-invalid-version-dereference-in-AptInf-prov.patch, aptcc-removing-duplicate-delete-call.patch: Fix invalid dereference and delete wrong (duplicate) "delete" statement in providesCodec ||
|| apt || Bug:1796808 || Set DPKG_FRONTEND_LOCKED when running {pre,post}-invoke scripts. Some post-invoke scripts install packages, which fails because the environment variable is not set. This sets the variable for all three kinds of scripts {pre,post-}invoke and pre-install-pkgs, but we will only allow post-invoke at a later time. ||
|| apt || Bug:1787120 || Support records larger than 32kb in 'apt show' (Closes: #905527) ||
|| apt || Bug:1781169 || Add support for dpkg frontend lock (Closes: #869546) ||
|| apt || Bug:1794957 || http: Stop pipeline after close only if it was not filled before ||
|| apt || Bug:1794053 || pkgCacheFile: Only unlock in destructor if locked before ||
|| python-apt || Bug:1795407 || Frontend locking and related locking improvements ||
|| dpkg || Bug:1796081 || Apply patch from upstream to add frontend locking: ||
|| distro-info-data || Bug:1800656 || Add Ubuntu 19.04 Disco Dingo. ||
|| valgrind || Bug:1781128 || Apply post 3.13 PPC64 related patches.  ||
|| clamav || Bug:1783632 || SECURITY REGRESSION: clamav-daemon fails to start due to options removed in new version and manually edited configuration file. ||
|| packagekit || Bug:1552792 || Correct autoremove behaviour to only autoremove packages that relate to the current transaction ||
|| sosreport || Bug:1803735 || d/p/dont-collect-some-tracing-instance-files.patch: ||
|| sosreport || Bug:1775195 || New 3.6 upstream release. major enhancements to core features and existing plugins: ||
|| dh-golang || Bug:1794936 || d/patches/0001-Fix-index-out-of-range-when-using-gccgo.-Closes-9072.patch: backport fix for building with gccgo from debian. ||
|| python-wsme || Bug:1805125 || d/control: Correct dependency on python3-netaddr for python3-wsme, avoiding needless install of Python 2. ||
|| python-memcache || Bug:1802487 || d/p/py2-perf.patch: Cherry pick fix to use native C implementation for pickle under Python 2, resolving issues with performance degradation. ||
|| tmux || Bug:1766942 || d/p/tmux-pane-border-status-leak.patch: Fixed memory leak in screen_redraw_make_pane_status (upstream fix). ||
|| livecd-rootfs || Bug:1805497 || Include snaps in image manifests ||
|| debootstrap || Bug:1773496 || For (Ubuntu) releases disco+ default to MERGED_USR=yes, -k extract option.  ||
|| tar || Bug:1809827 || backport "Fix the --add-file option." upstream commit, thanks Martin Vogt ||
|| llvm-toolchain-7 || Bug:1798597 || Backport to bionic for 18.04.2 HWE stack update. ||
|| systemd || Bug:1811471 || d/p/resolve-enable-EDNS0-towards-the-127.0.0.53-stub-res.patch getaddrinfo() failures when fallback to dns tcp queries, so enable edns0 in resolv.conf  ||
|| systemd || Bug:1804487 || d/p/resolved-Increase-size-of-TCP-stub-replies.patch dns failures with edns0 disabled and truncated response ||