Change log for linux-lts-xenial package in Ubuntu

175 of 106 results
Published in trusty-security on 2018-11-13
Published in trusty-updates on 2018-11-13
Deleted in trusty-proposed (Reason: moved to -updates)
linux-lts-xenial (4.4.0-139.165~14.04.1) trusty; urgency=medium

  * linux-lts-xenial: 4.4.0-139.165~14.04.1 -proposed tracker (LP: #1799404)

  [ Ubuntu: 4.4.0-139.165 ]

  * linux: 4.4.0-139.165 -proposed tracker (LP: #1799401)
  * Kernel panic after the ubuntu_nbd_smoke_test on Xenial kernel (LP: #1793464)
    - nbd: Remove signal usage
    - nbd: Timeouts are not user requested disconnects
    - nbd: Cleanup reset of nbd and bdev after a disconnect
    - nbd: don't shutdown sock with irq's disabled
    - nbd: fix race in ioctl
  * fscache: bad refcounting in fscache_op_complete leads to OOPS (LP: #1797314)
    - SAUCE: fscache: Fix race in decrementing refcount of op->npages
  * xenial: virtio-scsi: CPU soft lockup due to loop in
    virtscsi_target_destroy() (LP: #1798110)
    - SAUCE: (no-up) virtio-scsi: Decrement reqs counter before SCSI command
      requeue
  * Error reported when creating ZFS pool with "-t" option, despite successful
    pool creation (LP: #1769937)
    - SAUCE: (noup) Update zfs to 0.6.5.6-0ubuntu26
  * Xenial update: 4.4.160 upstream stable release (LP: #1798770)
    - crypto: skcipher - Fix -Wstringop-truncation warnings
    - tsl2550: fix lux1_input error in low light
    - vmci: type promotion bug in qp_host_get_user_memory()
    - x86/numa_emulation: Fix emulated-to-physical node mapping
    - staging: rts5208: fix missing error check on call to rtsx_write_register
    - uwb: hwa-rc: fix memory leak at probe
    - power: vexpress: fix corruption in notifier registration
    - Bluetooth: Add a new Realtek 8723DE ID 0bda:b009
    - USB: serial: kobil_sct: fix modem-status error handling
    - 6lowpan: iphc: reset mac_header after decompress to fix panic
    - md-cluster: clear another node's suspend_area after the copy is finished
    - media: exynos4-is: Prevent NULL pointer dereference in __isp_video_try_fmt()
    - powerpc/kdump: Handle crashkernel memory reservation failure
    - media: fsl-viu: fix error handling in viu_of_probe()
    - x86/tsc: Add missing header to tsc_msr.c
    - x86/entry/64: Add two more instruction suffixes
    - scsi: target/iscsi: Make iscsit_ta_authentication() respect the output
      buffer size
    - scsi: klist: Make it safe to use klists in atomic context
    - scsi: ibmvscsi: Improve strings handling
    - usb: wusbcore: security: cast sizeof to int for comparison
    - powerpc/powernv/ioda2: Reduce upper limit for DMA window size
    - alarmtimer: Prevent overflow for relative nanosleep
    - s390/extmem: fix gcc 8 stringop-overflow warning
    - ALSA: snd-aoa: add of_node_put() in error path
    - media: s3c-camif: ignore -ENOIOCTLCMD from v4l2_subdev_call for s_power
    - media: soc_camera: ov772x: correct setting of banding filter
    - media: omap3isp: zero-initialize the isp cam_xclk{a,b} initial data
    - staging: android: ashmem: Fix mmap size validation
    - drivers/tty: add error handling for pcmcia_loop_config
    - media: tm6000: add error handling for dvb_register_adapter
    - ALSA: hda: Add AZX_DCAPS_PM_RUNTIME for AMD Raven Ridge
    - ath10k: protect ath10k_htt_rx_ring_free with rx_ring.lock
    - rndis_wlan: potential buffer overflow in rndis_wlan_auth_indication()
    - wlcore: Add missing PM call for wlcore_cmd_wait_for_event_or_timeout()
    - ARM: mvebu: declare asm symbols as character arrays in pmsu.c
    - HID: hid-ntrig: add error handling for sysfs_create_group
    - scsi: bnx2i: add error handling for ioremap_nocache
    - EDAC, i7core: Fix memleaks and use-after-free on probe and remove
    - ASoC: dapm: Fix potential DAI widget pointer deref when linking DAIs
    - module: exclude SHN_UNDEF symbols from kallsyms api
    - nfsd: fix corrupted reply to badly ordered compound
    - ARM: dts: dra7: fix DCAN node addresses
    - serial: cpm_uart: return immediately from console poll
    - spi: tegra20-slink: explicitly enable/disable clock
    - spi: sh-msiof: Fix invalid SPI use during system suspend
    - spi: sh-msiof: Fix handling of write value for SISTR register
    - spi: rspi: Fix invalid SPI use during system suspend
    - spi: rspi: Fix interrupted DMA transfers
    - USB: fix error handling in usb_driver_claim_interface()
    - USB: handle NULL config in usb_find_alt_setting()
    - slub: make ->cpu_partial unsigned int
    - Revert "UBUNTU: SAUCE: media: uvcvideo: Support realtek's UVC 1.5 device"
    - media: uvcvideo: Support realtek's UVC 1.5 device
    - USB: usbdevfs: sanitize flags more
    - USB: usbdevfs: restore warning for nonsensical flags
    - Revert "usb: cdc-wdm: Fix a sleep-in-atomic-context bug in
      service_outstanding_interrupt()"
    - USB: remove LPM management from usb_driver_claim_interface()
    - Input: elantech - enable middle button of touchpad on ThinkPad P72
    - IB/srp: Avoid that sg_reset -d ${srp_device} triggers an infinite loop
    - scsi: target: iscsi: Use bin2hex instead of a re-implementation
    - serial: imx: restore handshaking irq for imx1
    - arm64: KVM: Tighten guest core register access from userspace
    - ext4: never move the system.data xattr out of the inode body
    - thermal: of-thermal: disable passive polling when thermal zone is disabled
    - net: hns: fix length and page_offset overflow when CONFIG_ARM64_64K_PAGES
    - e1000: check on netif_running() before calling e1000_up()
    - e1000: ensure to free old tx/rx rings in set_ringparam()
    - hwmon: (ina2xx) fix sysfs shunt resistor read access
    - hwmon: (adt7475) Make adt7475_read_word() return errors
    - i2c: i801: Allow ACPI AML access I/O ports not reserved for SMBus
    - arm64: cpufeature: Track 32bit EL0 support
    - arm64: KVM: Sanitize PSTATE.M when being set from userspace
    - media: v4l: event: Prevent freeing event subscriptions while accessed
    - KVM: PPC: Book3S HV: Don't truncate HPTE index in xlate function
    - mac80211: correct use of IEEE80211_VHT_CAP_RXSTBC_X
    - mac80211_hwsim: correct use of IEEE80211_VHT_CAP_RXSTBC_X
    - gpio: adp5588: Fix sleep-in-atomic-context bug
    - mac80211: mesh: fix HWMP sequence numbering to follow standard
    - cfg80211: nl80211_update_ft_ies() to validate NL80211_ATTR_IE
    - RAID10 BUG_ON in raise_barrier when force is true and conf->barrier is 0
    - i2c: uniphier: issue STOP only for last message or I2C_M_STOP
    - i2c: uniphier-f: issue STOP only for last message or I2C_M_STOP
    - net: cadence: Fix a sleep-in-atomic-context bug in macb_halt_tx()
    - fs/cifs: don't translate SFM_SLASH (U+F026) to backslash
    - cfg80211: fix a type issue in ieee80211_chandef_to_operating_class()
    - mac80211: fix a race between restart and CSA flows
    - mac80211: Fix station bandwidth setting after channel switch
    - mac80211: shorten the IBSS debug messages
    - tools/vm/slabinfo.c: fix sign-compare warning
    - tools/vm/page-types.c: fix "defined but not used" warning
    - mm: madvise(MADV_DODUMP): allow hugetlbfs pages
    - usb: gadget: fotg210-udc: Fix memory leak of fotg210->ep[i]
    - perf probe powerpc: Ignore SyS symbols irrespective of endianness
    - RDMA/ucma: check fd type in ucma_migrate_id()
    - USB: yurex: Check for truncation in yurex_read()
    - drm/nouveau/TBDdevinit: don't fail when PMU/PRE_OS is missing from VBIOS
    - fs/cifs: suppress a string overflow warning
    - dm thin metadata: try to avoid ever aborting transactions
    - arch/hexagon: fix kernel/dma.c build warning
    - hexagon: modify ffs() and fls() to return int
    - arm64: jump_label.h: use asm_volatile_goto macro instead of "asm goto"
    - r8169: Clear RTL_FLAG_TASK_*_PENDING when clearing RTL_FLAG_TASK_ENABLED
    - s390/qeth: don't dump past end of unknown HW header
    - cifs: read overflow in is_valid_oplock_break()
    - xen/manage: don't complain about an empty value in control/sysrq node
    - xen: avoid crash in disable_hotplug_cpu
    - xen: fix GCC warning and remove duplicate EVTCHN_ROW/EVTCHN_COL usage
    - smb2: fix missing files in root share directory listing
    - crypto: mxs-dcp - Fix wait logic on chan threads
    - proc: restrict kernel stack dumps to root
    - ocfs2: fix locking for res->tracking and dlm->tracking_list
    - dm thin metadata: fix __udivdi3 undefined on 32-bit
    - Linux 4.4.160
  * Volume control not working Dell XPS 27 (7760) (LP: #1775068) // Xenial
    update: 4.4.160 upstream stable release (LP: #1798770)
    - ALSA: hda/realtek - Cannot adjust speaker's volume on Dell XPS 27 7760
  * Xenial update: 4.4.160 upstream stable release (LP: #1798770) //
    CVE-2018-7755
    - floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl
  * Xenial update: 4.4.159 upstream stable release (LP: #1798617)
    - NFC: Fix possible memory corruption when handling SHDLC I-Frame commands
    - NFC: Fix the number of pipes
    - ASoC: cs4265: fix MMTLR Data switch control
    - ALSA: bebob: use address returned by kmalloc() instead of kernel stack for
      streaming DMA mapping
    - ALSA: emu10k1: fix possible info leak to userspace on
      SNDRV_EMU10K1_IOCTL_INFO
    - platform/x86: alienware-wmi: Correct a memory leak
    - xen/netfront: don't bug in case of too many frags
    - xen/x86/vpmu: Zero struct pt_regs before calling into sample handling code
    - ring-buffer: Allow for rescheduling when removing pages
    - mm: shmem.c: Correctly annotate new inodes for lockdep
    - gso_segment: Reset skb->mac_len after modifying network header
    - ipv6: fix possible use-after-free in ip6_xmit()
    - net/appletalk: fix minor pointer leak to userspace in SIOCFINDIPDDPRT
    - net: hp100: fix always-true check for link up state
    - neighbour: confirm neigh entries when ARP packet is received
    - ocfs2: fix ocfs2 read block panic
    - drm/nouveau/drm/nouveau: Use pm_runtime_get_noresume() in connector_detect()
    - tty: vt_ioctl: fix potential Spectre v1
    - ext4: avoid divide by zero fault when deleting corrupted inline directories
    - ext4: recalucate superblock checksum after updating free blocks/inodes
    - ext4: fix online resize's handling of a too-small final block group
    - ext4: fix online resizing for bigalloc file systems with a 1k block size
    - ext4: don't mark mmp buffer head dirty
    - arm64: Add trace_hardirqs_off annotation in ret_to_user
    - HID: sony: Update device ids
    - HID: sony: Support DS4 dongle
    - iw_cxgb4: only allow 1 flush on user qps
    - Linux 4.4.159
  * Xenial update: 4.4.158 upstream stable release (LP: #1798587)
    - iommu/arm-smmu-v3: sync the OVACKFLG to PRIQ consumer register
    - ALSA: msnd: Fix the default sample sizes
    - ALSA: usb-audio: Fix multiple definitions in AU0828_DEVICE() macro
    - xfrm: fix 'passing zero to ERR_PTR()' warning
    - gfs2: Special-case rindex for gfs2_grow
    - clk: imx6ul: fix missing of_node_put()
    - kbuild: add .DELETE_ON_ERROR special target
    - dmaengine: pl330: fix irq race with terminate_all
    - MIPS: ath79: fix system restart
    - media: videobuf2-core: check for q->error in vb2_core_qbuf()
    - mtd/maps: fix solutionengine.c printk format warnings
    - fbdev: omapfb: off by one in omapfb_register_client()
    - video: goldfishfb: fix memory leak on driver remove
    - fbdev/via: fix defined but not used warning
    - perf powerpc: Fix callchain ip filtering when return address is in a
      register
    - fbdev: Distinguish between interlaced and progressive modes
    - ARM: exynos: Clear global variable on init error path
    - perf powerpc: Fix callchain ip filtering
    - powerpc/powernv: opal_put_chars partial write fix
    - MIPS: jz4740: Bump zload address
    - mac80211: restrict delayed tailroom needed decrement
    - xen-netfront: fix queue name setting
    - arm64: dts: qcom: db410c: Fix Bluetooth LED trigger
    - s390/qeth: fix race in used-buffer accounting
    - s390/qeth: reset layer2 attribute on layer switch
    - platform/x86: toshiba_acpi: Fix defined but not used build warnings
    - crypto: sharah - Unregister correct algorithms for SAHARA 3
    - xen-netfront: fix warn message as irq device name has '/'
    - RDMA/cma: Protect cma dev list with lock
    - pstore: Fix incorrect persistent ram buffer mapping
    - xen/netfront: fix waiting for xenbus state change
    - IB/ipoib: Avoid a race condition between start_xmit and cm_rep_handler
    - Tools: hv: Fix a bug in the key delete code
    - misc: hmc6352: fix potential Spectre v1
    - usb: Don't die twice if PCI xhci host is not responding in resume
    - USB: Add quirk to support DJI CineSSD
    - usb: Avoid use-after-free by flushing endpoints early in usb_set_interface()
    - usb: host: u132-hcd: Fix a sleep-in-atomic-context bug in u132_get_frame()
    - USB: add quirk for WORLDE Controller KS49 or Prodipe MIDI 49C USB controller
    - USB: net2280: Fix erroneous synchronization change
    - USB: serial: io_ti: fix array underflow in completion handler
    - usb: misc: uss720: Fix two sleep-in-atomic-context bugs
    - USB: yurex: Fix buffer over-read in yurex_write()
    - usb: cdc-wdm: Fix a sleep-in-atomic-context bug in
      service_outstanding_interrupt()
    - cifs: prevent integer overflow in nxt_dir_entry()
    - CIFS: fix wrapping bugs in num_entries()
    - binfmt_elf: Respect error return from `regset->active'
    - audit: fix use-after-free in audit_add_watch
    - mtdchar: fix overflows in adjustment of `count`
    - MIPS: loongson64: cs5536: Fix PCI_OHCI_INT_REG reads
    - ARM: hisi: handle of_iomap and fix missing of_node_put
    - ARM: hisi: fix error handling and missing of_node_put
    - ARM: hisi: check of_iomap and fix missing of_node_put
    - drm/nouveau: tegra: Detach from ARM DMA/IOMMU mapping
    - parport: sunbpp: fix error return code
    - coresight: Handle errors in finding input/output ports
    - coresight: tpiu: Fix disabling timeouts
    - gpiolib: Mark gpio_suffixes array with __maybe_unused
    - drm/amdkfd: Fix error codes in kfd_get_process
    - rtc: bq4802: add error handling for devm_ioremap
    - ALSA: pcm: Fix snd_interval_refine first/last with open min/max
    - selftest: timers: Tweak raw_skew to SKIP when ADJ_OFFSET/other clock
      adjustments are in progress
    - drm/panel: type promotion bug in s6e8aa0_read_mtp_id()
    - pinctrl: qcom: spmi-gpio: Fix pmic_gpio_config_get() to be compliant
    - USB: serial: ti_usb_3410_5052: fix array underflow in completion handler
    - mei: bus: type promotion bug in mei_nfc_if_version()
    - drivers: net: cpsw: fix segfault in case of bad phy-handle
    - MIPS: VDSO: Match data page cache colouring when D$ aliases
    - Linux 4.4.158
  * Xenial update: 4.4.157 upstream stable release (LP: #1798539)
    - i2c: xiic: Make the start and the byte count write atomic
    - i2c: i801: fix DNV's SMBCTRL register offset
    - ALSA: hda - Fix cancel_work_sync() stall from jackpoll work
    - cfq: Give a chance for arming slice idle timer in case of group_idle
    - kthread: Fix use-after-free if kthread fork fails
    - kthread: fix boot hang (regression) on MIPS/OpenRISC
    - staging: rt5208: Fix a sleep-in-atomic bug in xd_copy_page
    - staging/rts5208: Fix read overflow in memcpy
    - block,blkcg: use __GFP_NOWARN for best-effort allocations in blkcg
    - locking/rwsem-xadd: Fix missed wakeup due to reordering of load
    - selinux: use GFP_NOWAIT in the AVC kmem_caches
    - locking/osq_lock: Fix osq_lock queue corruption
    - ARC: [plat-axs*]: Enable SWAP
    - misc: mic: SCIF Fix scif_get_new_port() error handling
    - ethtool: Remove trailing semicolon for static inline
    - gpio: tegra: Move driver registration to subsys_init level
    - scsi: target: fix __transport_register_session locking
    - md/raid5: fix data corruption of replacements after originals dropped
    - misc: ti-st: Fix memory leak in the error path of probe()
    - uio: potential double frees if __uio_register_device() fails
    - tty: rocket: Fix possible buffer overwrite on register_PCI
    - f2fs: do not set free of current section
    - perf tools: Allow overriding MAX_NR_CPUS at compile time
    - NFSv4.0 fix client reference leak in callback
    - macintosh/via-pmu: Add missing mmio accessors
    - ath10k: prevent active scans on potential unusable channels
    - MIPS: Fix ISA virt/bus conversion for non-zero PHYS_OFFSET
    - ata: libahci: Correct setting of DEVSLP register
    - scsi: 3ware: fix return 0 on the error path of probe
    - ath10k: disable bundle mgmt tx completion event support
    - Bluetooth: hidp: Fix handling of strncpy for hid->name information
    - x86/mm: Remove in_nmi() warning from vmalloc_fault()
    - gpio: ml-ioh: Fix buffer underwrite on probe error path
    - net: mvneta: fix mtu change on port without link
    - MIPS: Octeon: add missing of_node_put()
    - net: dcb: For wild-card lookups, use priority -1, not 0
    - Input: atmel_mxt_ts - only use first T9 instance
    - iommu/ipmmu-vmsa: Fix allocation in atomic context
    - mfd: ti_am335x_tscadc: Fix struct clk memory leak
    - f2fs: fix to do sanity check with {sit,nat}_ver_bitmap_bytesize
    - MIPS: WARN_ON invalid DMA cache maintenance, not BUG_ON
    - RDMA/cma: Do not ignore net namespace for unbound cm_id
    - xhci: Fix use-after-free in xhci_free_virt_device
    - vmw_balloon: include asm/io.h
    - netfilter: x_tables: avoid stack-out-of-bounds read in
      xt_copy_counters_from_user
    - drivers: net: cpsw: fix parsing of phy-handle DT property in dual_emac
      config
    - net: ethernet: ti: cpsw: fix mdio device reference leak
    - ethernet: ti: davinci_emac: add missing of_node_put after calling
      of_parse_phandle
    - crypto: vmx - Fix sleep-in-atomic bugs
    - mtd: ubi: wl: Fix error return code in ubi_wl_init()
    - autofs: fix autofs_sbi() does not check super block type
    - Linux 4.4.157
  * Xenial update: 4.4.156 upstream stable release (LP: #1797563)
    - staging: android: ion: fix ION_IOC_{MAP,SHARE} use-after-free
    - net: bcmgenet: use MAC link status for fixed phy
    - qlge: Fix netdev features configuration.
    - tcp: do not restart timewait timer on rst reception
    - vti6: remove !skb->ignore_df check from vti6_xmit()
    - cifs: check if SMB2 PDU size has been padded and suppress the warning
    - hfsplus: don't return 0 when fill_super() failed
    - hfs: prevent crash on exit from failed search
    - fork: don't copy inconsistent signal handler state to child
    - reiserfs: change j_timestamp type to time64_t
    - hfsplus: fix NULL dereference in hfsplus_lookup()
    - fat: validate ->i_start before using
    - scripts: modpost: check memory allocation results
    - mm/fadvise.c: fix signed overflow UBSAN complaint
    - fs/dcache.c: fix kmemcheck splat at take_dentry_name_snapshot()
    - ipvs: fix race between ip_vs_conn_new() and ip_vs_del_dest()
    - mfd: sm501: Set coherent_dma_mask when creating subdevices
    - platform/x86: asus-nb-wmi: Add keymap entry for lid flip action on UX360
    - irqchip/bcm7038-l1: Hide cpu offline callback when building for !SMP
    - net/9p: fix error path of p9_virtio_probe
    - powerpc: Fix size calculation using resource_size()
    - s390/dasd: fix hanging offline processing due to canceled worker
    - scsi: aic94xx: fix an error code in aic94xx_init()
    - PCI: mvebu: Fix I/O space end address calculation
    - dm kcopyd: avoid softlockup in run_complete_job
    - staging: comedi: ni_mio_common: fix subdevice flags for PFI subdevice
    - selftests/powerpc: Kill child processes on SIGINT
    - smb3: fix reset of bytes read and written stats
    - SMB3: Number of requests sent should be displayed for SMB3 not just CIFS
    - powerpc/pseries: Avoid using the size greater than RTAS_ERROR_LOG_MAX.
    - btrfs: replace: Reset on-disk dev stats value after replace
    - btrfs: relocation: Only remove reloc rb_trees if reloc control has been
      initialized
    - btrfs: Don't remove block group that still has pinned down bytes
    - debugobjects: Make stack check warning more informative
    - x86/pae: use 64 bit atomic xchg function in native_ptep_get_and_clear
    - kbuild: make missing $DEPMOD a Warning instead of an Error
    - Revert "ARM: imx_v6_v7_defconfig: Select ULPI support"
    - enic: do not call enic_change_mtu in enic_probe
    - Fixes: Commit cdbf92675fad ("mm: numa: avoid waiting on freed migrated
      pages")
    - genirq: Delay incrementing interrupt count if it's disabled/pending
    - irqchip/gic-v3-its: Recompute the number of pages on page size change
    - irqchip/gicv3-its: Fix memory leak in its_free_tables()
    - irqchip/gicv3-its: Avoid cache flush beyond ITS_BASERn memory size
    - irqchip/gic-v3: Add missing barrier to 32bit version of gic_read_iar()
    - irqchip/gic: Make interrupt ID 1020 invalid
    - ovl: rename is_merge to is_lowest
    - ovl: override creds with the ones from the superblock mounter
    - ovl: proper cleanup of workdir
    - sch_htb: fix crash on init failure
    - sch_multiq: fix double free on init failure
    - sch_hhf: fix null pointer dereference on init failure
    - sch_netem: avoid null pointer deref on init failure
    - sch_tbf: fix two null pointer dereferences on init failure
    - mei: me: allow runtime pm for platform with D0i3
    - ASoC: wm8994: Fix missing break in switch
    - btrfs: use correct compare function of dirty_metadata_bytes
    - Linux 4.4.156

 -- Khalid Elmously <email address hidden>  Wed, 31 Oct 2018 00:06:01 +0000
Superseded in trusty-security on 2018-11-13
Superseded in trusty-updates on 2018-11-13
Deleted in trusty-proposed (Reason: moved to -updates)
linux-lts-xenial (4.4.0-138.164~14.04.1) trusty; urgency=medium

  * linux-lts-xenial: 4.4.0-138.164~14.04.1 -proposed tracker (LP: #1795584)

  * Improvements to the kernel source package preparation (LP: #1793461)
    - Packaging: update-from-master: allow rebase to be skipped

  [ Ubuntu: 4.4.0-138.164 ]

  * linux: 4.4.0-138.164 -proposed tracker (LP: #1795582)
  * Linux 4.4.155 stable release build is broken on ppc64 (LP: #1795662)
    - powerpc/fadump: Return error when fadump registration fails
  * Kernel hang on drive pull caused by regression introduced by commit
    287922eb0b18 (LP: #1791790)
    - block: Fix a race between blk_cleanup_queue() and timeout handling
  * qeth: use vzalloc for QUERY OAT buffer (LP: #1793086)
    - s390/qeth: use vzalloc for QUERY OAT buffer
  * Page leaking in cachefiles_read_backing_file while vmscan is active
    (LP: #1793430)
    - SAUCE: cachefiles: Page leaking in cachefiles_read_backing_file while vmscan
      is active
  * Bugfix for handling of shadow doorbell buffer (LP: #1788222)
    - nvme-pci: add a memory barrier to nvme_dbbuf_update_and_check_event
  * Xenial update to 4.4.155 stable release (LP: #1792419)
    - net: 6lowpan: fix reserved space for single frames
    - net: mac802154: tx: expand tailroom if necessary
    - 9p/net: Fix zero-copy path in the 9p virtio transport
    - net: lan78xx: Fix misplaced tasklet_schedule() call
    - spi: davinci: fix a NULL pointer dereference
    - drm/i915/userptr: reject zero user_size
    - powerpc/fadump: handle crash memory ranges array index overflow
    - powerpc/pseries: Fix endianness while restoring of r3 in MCE handler.
    - fs/9p/xattr.c: catch the error of p9_client_clunk when setting xattr failed
    - 9p/virtio: fix off-by-one error in sg list bounds check
    - net/9p/client.c: version pointer uninitialized
    - net/9p/trans_fd.c: fix race-condition by flushing workqueue before the
      kfree()
    - dm cache metadata: save in-core policy_hint_size to on-disk superblock
    - iio: ad9523: Fix displayed phase
    - iio: ad9523: Fix return value for ad952x_store()
    - vmw_balloon: fix inflation of 64-bit GFNs
    - vmw_balloon: do not use 2MB without batching
    - vmw_balloon: VMCI_DOORBELL_SET does not check status
    - vmw_balloon: fix VMCI use when balloon built into kernel
    - tracing: Do not call start/stop() functions when tracing_on does not change
    - tracing/blktrace: Fix to allow setting same value
    - kthread, tracing: Don't expose half-written comm when creating kthreads
    - uprobes: Use synchronize_rcu() not synchronize_sched()
    - 9p: fix multiple NULL-pointer-dereferences
    - PM / sleep: wakeup: Fix build error caused by missing SRCU support
    - pnfs/blocklayout: off by one in bl_map_stripe()
    - ARM: tegra: Fix Tegra30 Cardhu PCA954x reset
    - mm/tlb: Remove tlb_remove_table() non-concurrent condition
    - iommu/vt-d: Add definitions for PFSID
    - iommu/vt-d: Fix dev iotlb pfsid use
    - osf_getdomainname(): use copy_to_user()
    - sys: don't hold uts_sem while accessing userspace memory
    - userns: move user access out of the mutex
    - ubifs: Fix memory leak in lprobs self-check
    - Revert "UBIFS: Fix potential integer overflow in allocation"
    - ubifs: Check data node size before truncate
    - ubifs: Fix synced_i_size calculation for xattr inodes
    - pwm: tiehrpwm: Fix disabling of output of PWMs
    - fb: fix lost console when the user unplugs a USB adapter
    - udlfb: set optimal write delay
    - getxattr: use correct xattr length
    - bcache: release dc->writeback_lock properly in bch_writeback_thread()
    - perf auxtrace: Fix queue resize
    - fs/quota: Fix spectre gadget in do_quotactl
    - x86/io: add interface to reserve io memtype for a resource range. (v1.1)
    - drm/drivers: add support for using the arch wc mapping API.
    - Linux 4.4.155
  * Xenial update to 4.4.154 stable release (LP: #1792392)
    - sched/sysctl: Check user input value of sysctl_sched_time_avg
    - Cipso: cipso_v4_optptr enter infinite loop
    - vti6: fix PMTU caching and reporting on xmit
    - xfrm: fix missing dst_release() after policy blocking lbcast and multicast
    - xfrm: free skb if nlsk pointer is NULL
    - mac80211: add stations tied to AP_VLANs during hw reconfig
    - nl80211: Add a missing break in parse_station_flags
    - drm/bridge: adv7511: Reset registers on hotplug
    - scsi: libiscsi: fix possible NULL pointer dereference in case of TMF
    - drm/imx: imx-ldb: disable LDB on driver bind
    - drm/imx: imx-ldb: check if channel is enabled before printing warning
    - usb: gadget: r8a66597: Fix two possible sleep-in-atomic-context bugs in
      init_controller()
    - usb: gadget: r8a66597: Fix a possible sleep-in-atomic-context bugs in
      r8a66597_queue()
    - usb/phy: fix PPC64 build errors in phy-fsl-usb.c
    - tools: usb: ffs-test: Fix build on big endian systems
    - usb: gadget: f_uac2: fix endianness of 'struct cntrl_*_lay3'
    - tools/power turbostat: fix -S on UP systems
    - net: caif: Add a missing rcu_read_unlock() in caif_flow_cb
    - qed: Fix possible race for the link state value.
    - atl1c: reserve min skb headroom
    - net: prevent ISA drivers from building on PPC32
    - can: mpc5xxx_can: check of_iomap return before use
    - i2c: davinci: Avoid zero value of CLKH
    - media: staging: omap4iss: Include asm/cacheflush.h after generic includes
    - bnx2x: Fix invalid memory access in rss hash config path.
    - net: axienet: Fix double deregister of mdio
    - selftests/ftrace: Add snapshot and tracing_on test case
    - zswap: re-check zswap_is_full() after do zswap_shrink()
    - tools/power turbostat: Read extended processor family from CPUID
    - Revert "MIPS: BCM47XX: Enable 74K Core ExternalSync for PCIe erratum"
    - enic: handle mtu change for vf properly
    - arc: fix build errors in arc/include/asm/delay.h
    - arc: fix type warnings in arc/mm/cache.c
    - drivers: net: lmc: fix case value for target abort error
    - scsi: fcoe: drop frames in ELS LOGO error path
    - scsi: vmw_pvscsi: Return DID_RESET for status SAM_STAT_COMMAND_TERMINATED
    - mm/memory.c: check return value of ioremap_prot
    - cifs: add missing debug entries for kconfig options
    - cifs: check kmalloc before use
    - smb3: Do not send SMB3 SET_INFO if nothing changed
    - smb3: don't request leases in symlink creation and query
    - btrfs: don't leak ret from do_chunk_alloc
    - s390/kvm: fix deadlock when killed by oom
    - ext4: check for NUL characters in extended attribute's name
    - ext4: sysfs: print ext4_super_block fields as little-endian
    - ext4: reset error code in ext4_find_entry in fallback
    - arm64: mm: check for upper PAGE_SHIFT bits in pfn_valid()
    - KVM: arm/arm64: Skip updating PTE entry if no change
    - KVM: arm/arm64: Skip updating PMD entry if no change
    - x86/speculation/l1tf: Suggest what to do on systems with too much RAM
    - x86/process: Re-export start_thread()
    - fuse: Don't access pipe->buffers without pipe_lock()
    - fuse: fix double request_end()
    - fuse: fix unlocked access to processing queue
    - fuse: umount should wait for all requests
    - fuse: Fix oops at process_init_reply()
    - fuse: Add missed unlock_page() to fuse_readpages_fill()
    - udl-kms: change down_interruptible to down
    - udl-kms: handle allocation failure
    - udl-kms: fix crash due to uninitialized memory
    - ASoC: dpcm: don't merge format from invalid codec dai
    - ASoC: sirf: Fix potential NULL pointer dereference
    - pinctrl: freescale: off by one in imx1_pinconf_group_dbg_show()
    - x86/irqflags: Mark native_restore_fl extern inline
    - s390: fix br_r1_trampoline for machines without exrl
    - s390/qdio: reset old sbal_state flags
    - kprobes: Make list and blacklist root user read only
    - MIPS: Correct the 64-bit DSP accumulator register size
    - MIPS: lib: Provide MIPS64r6 __multi3() for GCC < 7
    - scsi: sysfs: Introduce sysfs_{un,}break_active_protection()
    - scsi: core: Avoid that SCSI device removal through sysfs triggers a deadlock
    - iscsi target: fix session creation failure handling
    - cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status
    - Linux 4.4.154
  * Xenial update to 4.4.153 stable release (LP: #1792383)
    - x86/mm: Fix use-after-free of ldt_struct
    - ovl: Ensure upper filesystem supports d_type
    - ovl: Do d_type check only if work dir creation was successful
    - ovl: warn instead of error if d_type is not supported
    - Linux 4.4.153
  * Xenial update to 4.4.152 stable release (LP: #1792377)
    - ARC: Explicitly add -mmedium-calls to CFLAGS
    - netfilter: ipv6: nf_defrag: reduce struct net memory waste
    - selftests: pstore: return Kselftest Skip code for skipped tests
    - selftests: static_keys: return Kselftest Skip code for skipped tests
    - selftests: user: return Kselftest Skip code for skipped tests
    - selftests: zram: return Kselftest Skip code for skipped tests
    - selftests: sync: add config fragment for testing sync framework
    - ARM: dts: Cygnus: Fix I2C controller interrupt type
    - usb: dwc2: fix isoc split in transfer with no data
    - usb: gadget: composite: fix delayed_status race condition when set_interface
    - usb: gadget: dwc2: fix memory leak in gadget_init()
    - scsi: xen-scsifront: add error handling for xenbus_printf
    - arm64: make secondary_start_kernel() notrace
    - qed: Add sanity check for SIMD fastpath handler.
    - enic: initialize enic->rfs_h.lock in enic_probe
    - net: hamradio: use eth_broadcast_addr
    - net: propagate dev_get_valid_name return code
    - ARC: Enable machine_desc->init_per_cpu for !CONFIG_SMP
    - net: davinci_emac: match the mdio device against its compatible if possible
    - locking/lockdep: Do not record IRQ state within lockdep code
    - ipv6: mcast: fix unsolicited report interval after receiving querys
    - Smack: Mark inode instant in smack_task_to_inode
    - cxgb4: when disabling dcb set txq dcb priority to 0
    - brcmfmac: stop watchdog before detach and free everything
    - ARM: dts: am437x: make edt-ft5x06 a wakeup source
    - usb: xhci: increase CRS timeout value
    - perf test session topology: Fix test on s390
    - perf report powerpc: Fix crash if callchain is empty
    - selftests/x86/sigreturn/64: Fix spurious failures on AMD CPUs
    - ARM: dts: da850: Fix interrups property for gpio
    - dmaengine: k3dma: Off by one in k3_of_dma_simple_xlate()
    - md/raid10: fix that replacement cannot complete recovery after reassemble
    - drm/exynos: gsc: Fix support for NV16/61, YUV420/YVU420 and YUV422 modes
    - drm/exynos: decon5433: Fix per-plane global alpha for XRGB modes
    - drm/exynos: decon5433: Fix WINCONx reset value
    - bnx2x: Fix receiving tx-timeout in error or recovery state.
    - m68k: fix "bad page state" oops on ColdFire boot
    - HID: wacom: Correct touch maximum XY of 2nd-gen Intuos
    - ARM: imx_v6_v7_defconfig: Select ULPI support
    - ARM: imx_v4_v5_defconfig: Select ULPI support
    - tracing: Use __printf markup to silence compiler
    - kasan: fix shadow_size calculation error in kasan_module_alloc
    - smsc75xx: Add workaround for gigabit link up hardware errata.
    - netfilter: x_tables: set module owner for icmp(6) matches
    - ARM: pxa: irq: fix handling of ICMR registers in suspend/resume
    - ieee802154: at86rf230: switch from BUG_ON() to WARN_ON() on problem
    - ieee802154: at86rf230: use __func__ macro for debug messages
    - ieee802154: fakelb: switch from BUG_ON() to WARN_ON() on problem
    - drm/armada: fix colorkey mode property
    - bnxt_en: Fix for system hang if request_irq fails
    - perf llvm-utils: Remove bashism from kernel include fetch script
    - ARM: 8780/1: ftrace: Only set kernel memory back to read-only after boot
    - ARM: dts: am3517.dtsi: Disable reference to OMAP3 OTG controller
    - ixgbe: Be more careful when modifying MAC filters
    - packet: reset network header if packet shorter than ll reserved space
    - qlogic: check kstrtoul() for errors
    - tcp: remove DELAYED ACK events in DCTCP
    - drm/nouveau/gem: off by one bugs in nouveau_gem_pushbuf_reloc_apply()
    - net/ethernet/freescale/fman: fix cross-build error
    - net: usb: rtl8150: demote allmulti message to dev_dbg()
    - net: qca_spi: Avoid packet drop during initial sync
    - net: qca_spi: Make sure the QCA7000 reset is triggered
    - net: qca_spi: Fix log level if probe fails
    - tcp: identify cryptic messages as TCP seq # bugs
    - staging: android: ion: check for kref overflow
    - KVM: irqfd: fix race between EPOLLHUP and irq_bypass_register_consumer
    - ext4: fix spectre gadget in ext4_mb_regular_allocator()
    - parisc: Remove ordered stores from syscall.S
    - xfrm_user: prevent leaking 2 bytes of kernel memory
    - netfilter: conntrack: dccp: treat SYNC/SYNCACK as invalid if no prior state
    - packet: refine ring v3 block size test to hold one frame
    - bridge: Propagate vlan add failure to user
    - parisc: Remove unnecessary barriers from spinlock.h
    - PCI: hotplug: Don't leak pci_slot on registration failure
    - PCI: Skip MPS logic for Virtual Functions (VFs)
    - PCI: pciehp: Fix use-after-free on unplug
    - i2c: imx: Fix race condition in dma read
    - reiserfs: fix broken xattr handling (heap corruption, bad retval)
    - Linux 4.4.152
  * Xenial update to 4.4.151 stable release (LP: #1792340)
    - dccp: fix undefined behavior with 'cwnd' shift in ccid2_cwnd_restart()
    - l2tp: use sk_dst_check() to avoid race on sk->sk_dst_cache
    - llc: use refcount_inc_not_zero() for llc_sap_find()
    - net_sched: Fix missing res info when create new tc_index filter
    - vsock: split dwork to avoid reinitializations
    - net_sched: fix NULL pointer dereference when delete tcindex filter
    - ALSA: hda - Sleep for 10ms after entering D3 on Conexant codecs
    - ALSA: hda - Turn CX8200 into D3 as well upon reboot
    - ALSA: vx222: Fix invalid endian conversions
    - ALSA: virmidi: Fix too long output trigger loop
    - ALSA: cs5535audio: Fix invalid endian conversion
    - ALSA: hda: Correct Asrock B85M-ITX power_save blacklist entry
    - ALSA: memalloc: Don't exceed over the requested size
    - ALSA: vxpocket: Fix invalid endian conversions
    - USB: serial: sierra: fix potential deadlock at close
    - USB: option: add support for DW5821e
    - ACPI: save NVS memory for Lenovo G50-45
    - ACPI / PM: save NVS memory for ASUS 1025C laptop
    - serial: 8250_dw: always set baud rate in dw8250_set_termios
    - Bluetooth: avoid killing an already killed socket
    - isdn: Disable IIOCDBGVAR
    - Linux 4.4.151
  * Xenial update to 4.4.150 stable release (LP: #1792336)
    - x86/speculation/l1tf: Exempt zeroed PTEs from inversion
    - Linux 4.4.150
  * Xenial update to 4.4.149 stable release (LP: #1792310)
    - x86/mm: Disable ioremap free page handling on x86-PAE
    - tcp: Fix missing range_truesize enlargement in the backport
    - kasan: don't emit builtin calls when sanitization is off
    - i2c: ismt: fix wrong device address when unmap the data buffer
    - kbuild: verify that $DEPMOD is installed
    - crypto: vmac - require a block cipher with 128-bit block size
    - crypto: vmac - separate tfm and request context
    - crypto: blkcipher - fix crash flushing dcache in error path
    - crypto: ablkcipher - fix crash flushing dcache in error path
    - ASoC: Intel: cht_bsw_max98090_ti: Fix jack initialization
    - ioremap: Update pgtable free interfaces with addr
    - x86/mm: Add TLB purge to free pmd/pte page interfaces
    - Linux 4.4.149
  * Xenial update to 4.4.149 stable release (LP: #1792310) // CVE-2018-9363
    - Bluetooth: hidp: buffer overflow in hidp_process_report
  * Xenial update to 4.4.148 stable release (LP: #1792174)
    - ext4: fix check to prevent initializing reserved inodes
    - tpm: fix race condition in tpm_common_write()
    - ipv4+ipv6: Make INET*_ESP select CRYPTO_ECHAINIV
    - fork: unconditionally clear stack on fork
    - parisc: Enable CONFIG_MLONGCALLS by default
    - parisc: Define mb() and add memory barriers to assembler unlock sequences
    - xen/netfront: don't cache skb_shinfo()
    - ACPI / LPSS: Add missing prv_offset setting for byt/cht PWM devices
    - scsi: sr: Avoid that opening a CD-ROM hangs with runtime power management
      enabled
    - root dentries need RCU-delayed freeing
    - fix mntput/mntput race
    - fix __legitimize_mnt()/mntput() race
    - IB/core: Make testing MR flags for writability a static inline function
    - IB/mlx4: Mark user MR as writable if actual virtual memory is writable
    - IB/ocrdma: fix out of bounds access to local buffer
    - ARM: dts: imx6sx: fix irq for pcie bridge
    - kprobes/x86: Fix %p uses in error messages
    - x86/irqflags: Provide a declaration for native_save_fl
    - SAUCE: Sync pgtable_64.h with upstream stable
    - mm: x86: move _PAGE_SWP_SOFT_DIRTY from bit 7 to bit 1
    - SAUCE: Sync pgtable-3level.h with upstream stable
    - SAUCE: Sync pgtable.h with upstream stable
    - mm: Add vm_insert_pfn_prot()
    - mm: fix cache mode tracking in vm_insert_mixed()
    - x86/mm/kmmio: Make the tracer robust against L1TF
    - x86/init: fix build with CONFIG_SWAP=n
    - Linux 4.4.148
  * Xenial update to 4.4.147 stable release (LP: #1792109)
    - scsi: qla2xxx: Fix ISP recovery on unload
    - scsi: qla2xxx: Return error when TMF returns
    - genirq: Make force irq threading setup more robust
    - nohz: Fix local_timer_softirq_pending()
    - netlink: Do not subscribe to non-existent groups
    - netlink: Don't shift with UB on nlk->ngroups
    - netlink: Don't shift on 64 for ngroups
    - ACPI / PCI: Bail early in acpi_pci_add_bus() if there is no ACPI handle
    - ring_buffer: tracing: Inherit the tracing setting to next ring buffer
    - i2c: imx: Fix reinit_completion() use
    - Linux 4.4.147
  * Xenial update to 4.4.146 stable release (LP: #1791953)
    - MIPS: Fix off-by-one in pci_resource_to_user()
    - Input: elan_i2c - add ACPI ID for lenovo ideapad 330
    - Input: i8042 - add Lenovo LaVie Z to the i8042 reset list
    - Input: elan_i2c - add another ACPI ID for Lenovo Ideapad 330-15AST
    - tracing: Fix double free of event_trigger_data
    - tracing: Fix possible double free in event_enable_trigger_func()
    - tracing/kprobes: Fix trace_probe flags on enable_trace_kprobe() failure
    - tracing: Quiet gcc warning about maybe unused link variable
    - xen/netfront: raise max number of slots in xennet_get_responses()
    - ALSA: emu10k1: add error handling for snd_ctl_add
    - ALSA: fm801: add error handling for snd_ctl_add
    - nfsd: fix potential use-after-free in nfsd4_decode_getdeviceinfo
    - mm: vmalloc: avoid racy handling of debugobjects in vunmap
    - mm/slub.c: add __printf verification to slab_err()
    - rtc: ensure rtc_set_alarm fails when alarms are not supported
    - netfilter: ipset: List timing out entries with "timeout 1" instead of zero
    - infiniband: fix a possible use-after-free bug
    - hvc_opal: don't set tb_ticks_per_usec in udbg_init_opal_common()
    - powerpc/64s: Fix compiler store ordering to SLB shadow area
    - RDMA/mad: Convert BUG_ONs to error flows
    - disable loading f2fs module on PAGE_SIZE > 4KB
    - f2fs: fix to don't trigger writeback during recovery
    - usbip: usbip_detach: Fix memory, udev context and udev leak
    - perf/x86/intel/uncore: Correct fixed counter index check in generic code
    - perf/x86/intel/uncore: Correct fixed counter index check for NHM
    - iwlwifi: pcie: fix race in Rx buffer allocator
    - Bluetooth: hci_qca: Fix "Sleep inside atomic section" warning
    - Bluetooth: btusb: Add a new Realtek 8723DE ID 2ff8:b011
    - ASoC: dpcm: fix BE dai not hw_free and shutdown
    - mfd: cros_ec: Fail early if we cannot identify the EC
    - mwifiex: handle race during mwifiex_usb_disconnect
    - wlcore: sdio: check for valid platform device data before suspend
    - media: videobuf2-core: don't call memop 'finish' when queueing
    - btrfs: add barriers to btrfs_sync_log before log_commit_wait wakeups
    - btrfs: qgroup: Finish rescan when hit the last leaf of extent tree
    - PCI: Prevent sysfs disable of device while driver is attached
    - ath: Add regulatory mapping for FCC3_ETSIC
    - ath: Add regulatory mapping for ETSI8_WORLD
    - ath: Add regulatory mapping for APL13_WORLD
    - ath: Add regulatory mapping for APL2_FCCA
    - ath: Add regulatory mapping for Uganda
    - ath: Add regulatory mapping for Tanzania
    - ath: Add regulatory mapping for Serbia
    - ath: Add regulatory mapping for Bermuda
    - ath: Add regulatory mapping for Bahamas
    - powerpc/32: Add a missing include header
    - powerpc/chrp/time: Make some functions static, add missing header include
    - powerpc/powermac: Add missing prototype for note_bootable_part()
    - powerpc/powermac: Mark variable x as unused
    - powerpc/8xx: fix invalid register expression in head_8xx.S
    - pinctrl: at91-pio4: add missing of_node_put
    - PCI: pciehp: Request control of native hotplug only if supported
    - mwifiex: correct histogram data with appropriate index
    - scsi: ufs: fix exception event handling
    - ALSA: emu10k1: Rate-limit error messages about page errors
    - regulator: pfuze100: add .is_enable() for pfuze100_swb_regulator_ops
    - md: fix NULL dereference of mddev->pers in remove_and_add_spares()
    - media: smiapp: fix timeout checking in smiapp_read_nvm
    - ALSA: usb-audio: Apply rate limit to warning messages in URB complete
      callback
    - HID: hid-plantronics: Re-resend Update to map button for PTT products
    - drm/radeon: fix mode_valid's return type
    - powerpc/embedded6xx/hlwd-pic: Prevent interrupts from being handled by
      Starlet
    - HID: i2c-hid: check if device is there before really probing
    - tty: Fix data race in tty_insert_flip_string_fixed_flag
    - dma-iommu: Fix compilation when !CONFIG_IOMMU_DMA
    - media: rcar_jpu: Add missing clk_disable_unprepare() on error in jpu_open()
    - libata: Fix command retry decision
    - media: saa7164: Fix driver name in debug output
    - mtd: rawnand: fsl_ifc: fix FSL NAND driver to read all ONFI parameter pages
    - brcmfmac: Add support for bcm43364 wireless chipset
    - s390/cpum_sf: Add data entry sizes to sampling trailer entry
    - perf: fix invalid bit in diagnostic entry
    - scsi: 3w-9xxx: fix a missing-check bug
    - scsi: 3w-xxxx: fix a missing-check bug
    - scsi: megaraid: silence a static checker bug
    - thermal: exynos: fix setting rising_threshold for Exynos5433
    - bpf: fix references to free_bpf_prog_info() in comments
    - media: siano: get rid of __le32/__le16 cast warnings
    - drm/atomic: Handling the case when setting old crtc for plane
    - ALSA: hda/ca0132: fix build failure when a local macro is defined
    - memory: tegra: Do not handle spurious interrupts
    - memory: tegra: Apply interrupts mask per SoC
    - drm/gma500: fix psb_intel_lvds_mode_valid()'s return type
    - ipconfig: Correctly initialise ic_nameservers
    - rsi: Fix 'invalid vdd' warning in mmc
    - audit: allow not equal op for audit by executable
    - microblaze: Fix simpleImage format generation
    - usb: hub: Don't wait for connect state at resume for powered-off ports
    - crypto: authencesn - don't leak pointers to authenc keys
    - crypto: authenc - don't leak pointers to authenc keys
    - media: omap3isp: fix unbalanced dma_iommu_mapping
    - scsi: scsi_dh: replace too broad "TP9" string with the exact models
    - scsi: megaraid_sas: Increase timeout by 1 sec for non-RAID fastpath IOs
    - media: si470x: fix __be16 annotations
    - drm: Add DP PSR2 sink enable bit
    - random: mix rdrand with entropy sent in from userspace
    - squashfs: be more careful about metadata corruption
    - ext4: fix inline data updates with checksums enabled
    - ext4: check for allocation block validity with block group locked
    - dmaengine: pxa_dma: remove duplicate const qualifier
    - ASoC: pxa: Fix module autoload for platform drivers
    - ipv4: remove BUG_ON() from fib_compute_spec_dst
    - net: fix amd-xgbe flow-control issue
    - net: lan78xx: fix rx handling before first packet is send
    - xen-netfront: wait xenbus state change when load module manually
    - NET: stmmac: align DMA stuff to largest cache line length
    - tcp: do not force quickack when receiving out-of-order packets
    - tcp: add max_quickacks param to tcp_incr_quickack and
      tcp_enter_quickack_mode
    - tcp: do not aggressively quick ack after ECN events
    - tcp: refactor tcp_ecn_check_ce to remove sk type cast
    - tcp: add one more quick ack after after ECN events
    - inet: frag: enforce memory limits earlier
    - net: dsa: Do not suspend/resume closed slave_dev
    - netlink: Fix spectre v1 gadget in netlink_create()
    - squashfs: more metadata hardening
    - squashfs: more metadata hardenings
    - can: ems_usb: Fix memory leak on ems_usb_disconnect()
    - net: socket: fix potential spectre v1 gadget in socketcall
    - virtio_balloon: fix another race between migration and ballooning
    - kvm: x86: vmx: fix vpid leak
    - crypto: padlock-aes - Fix Nano workaround data corruption
    - scsi: sg: fix minor memory leak in error path
    - Linux 4.4.146
  * Xenial update to 4.4.145 stable release (LP: #1791942)
    - MIPS: ath79: fix register address in ath79_ddr_wb_flush()
    - ip: hash fragments consistently
    - net/mlx4_core: Save the qpn from the input modifier in RST2INIT wrapper
    - rtnetlink: add rtnl_link_state check in rtnl_configure_link
    - tcp: fix dctcp delayed ACK schedule
    - tcp: helpers to send special DCTCP ack
    - tcp: do not cancel delay-AcK on DCTCP special ACK
    - tcp: do not delay ACK in DCTCP upon CE status change
    - ip: in cmsg IP(V6)_ORIGDSTADDR call pskb_may_pull
    - usb: cdc_acm: Add quirk for Castles VEGA3000
    - usb: core: handle hub C_PORT_OVER_CURRENT condition
    - usb: gadget: f_fs: Only return delayed status when len is 0
    - driver core: Partially revert "driver core: correct device's shutdown order"
    - can: xilinx_can: fix RX loop if RXNEMP is asserted without RXOK
    - can: xilinx_can: fix recovery from error states not being propagated
    - can: xilinx_can: fix device dropping off bus on RX overrun
    - can: xilinx_can: keep only 1-2 frames in TX FIFO to fix TX accounting
    - can: xilinx_can: fix incorrect clear of non-processed interrupts
    - can: xilinx_can: fix RX overflow interrupt not being enabled
    - turn off -Wattribute-alias
    - ARM: fix put_user() for gcc-8
    - Linux 4.4.145
  * kernel panic - null pointer dereference on ipset operations (LP: #1793753)
    - netfilter: ipset: fix race condition in ipset save, swap and delete
    - netfilter: ipset: Fix race between dump and swap
  * Improvements to the kernel source package preparation (LP: #1793461)
    - [Packaging] startnewrelease: add support for backport kernels
  * update ENA driver to latest mainline version (LP: #1792044)
    - net: ena: Remove redundant unlikely()
    - net: ena: reduce the severity of some printouts
    - net: ena: fix rare kernel crash when bar memory remap fails
    - net: ena: fix wrong max Tx/Rx queues on ethtool
    - net: ena: improve ENA driver boot time.
    - net: ena: remove legacy suspend suspend/resume support
    - net: ena: add power management ops to the ENA driver
    - net: ena: add statistics for missed tx packets
    - net: ena: add new admin define for future support of IPv6 RSS
    - net: ena: increase ena driver version to 1.3.0
    - net: ena: fix race condition between device reset and link up setup
    - net: ena: add detection and recovery mechanism for handling missed/misrouted
      MSI-X
    - net: ena: increase ena driver version to 1.5.0
    - net: ena: fix error handling in ena_down() sequence
    - net: ena: Eliminate duplicate barriers on weakly-ordered archs
    - SAUCE: ena: devm_kzalloc() -> devm_kcalloc()
    - net: ena: Fix use of uninitialized DMA address bits field
    - net: ena: fix surprise unplug NULL dereference kernel crash
    - net: ena: fix driver when PAGE_SIZE == 64kB
    - net: ena: fix device destruction to gracefully free resources
    - net: ena: fix potential double ena_destroy_device()
    - net: ena: fix missing lock during device destruction
    - net: ena: fix missing calls to READ_ONCE
    - net: ena: fix incorrect usage of memory barriers

 -- Kleber Sacilotto de Souza <email address hidden>  Thu, 04 Oct 2018 16:55:41 +0000
Superseded in trusty-security on 2018-10-22
Superseded in trusty-updates on 2018-10-22
Deleted in trusty-proposed (Reason: moved to -updates)
linux-lts-xenial (4.4.0-137.163~14.04.1) trusty; urgency=medium

  * CVE-2018-14633
    - iscsi target: Use hex2bin instead of a re-implementation

  * CVE-2018-17182
    - mm: get rid of vmacache_flush_all() entirely

Deleted in trusty-proposed on 2018-09-27 (Reason: NBS)
linux-lts-xenial (4.4.0-136.162~14.04.1) trusty; urgency=medium

  * linux-lts-xenial: 4.4.0-136.162~14.04.1 -proposed tracker (LP: #1791747)

  * linux: 4.4.0-136.162 -proposed tracker (LP: #1791745)

  * CVE-2017-5753
    - bpf: properly enforce index mask to prevent out-of-bounds speculation
    - Revert "UBUNTU: SAUCE: bpf: Use barrier_nospec() instead of osb()"
    - Revert "bpf: prevent speculative execution in eBPF interpreter"

  * L1TF mitigation not effective in some CPU and RAM combinations
    (LP: #1788563) // CVE-2018-3620 // CVE-2018-3646
    - x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit
    - x86/speculation/l1tf: Fix off-by-one error when warning that system has too
      much RAM
    - x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+

  * CVE-2018-15594
    - x86/paravirt: Fix spectre-v2 mitigations for paravirt guests

  * Xenial update to 4.4.144 stable release (LP: #1791080)
    - KVM/Eventfd: Avoid crash when assign and deassign specific eventfd in
      parallel.
    - x86/MCE: Remove min interval polling limitation
    - fat: fix memory allocation failure handling of match_strdup()
    - ALSA: rawmidi: Change resized buffers atomically
    - ARC: Fix CONFIG_SWAP
    - ARC: mm: allow mprotect to make stack mappings executable
    - mm: memcg: fix use after free in mem_cgroup_iter()
    - ipv4: Return EINVAL when ping_group_range sysctl doesn't map to user ns
    - ipv6: fix useless rol32 call on hash
    - lib/rhashtable: consider param->min_size when setting initial table size
    - net/ipv4: Set oif in fib_compute_spec_dst
    - net: phy: fix flag masking in __set_phy_supported
    - ptp: fix missing break in switch
    - tg3: Add higher cpu clock for 5762.
    - net: Don't copy pfmemalloc flag in __copy_skb_header()
    - skbuff: Unconditionally copy pfmemalloc in __skb_clone()
    - xhci: Fix perceived dead host due to runtime suspend race with event handler
    - x86/paravirt: Make native_save_fl() extern inline
    - SAUCE: Add missing CPUID_7_EDX defines
    - SAUCE: x86/speculation: Expose indirect_branch_prediction_barrier()
    - x86/pti: Mark constant arrays as __initconst
    - x86/asm/entry/32: Simplify pushes of zeroed pt_regs->REGs
    - x86/entry/64/compat: Clear registers for compat syscalls, to reduce
      speculation attack surface
    - x86/speculation: Clean up various Spectre related details
    - x86/speculation: Fix up array_index_nospec_mask() asm constraint
    - x86/xen: Zero MSR_IA32_SPEC_CTRL before suspend
    - x86/mm: Factor out LDT init from context init
    - x86/mm: Give each mm TLB flush generation a unique ID
    - SAUCE: x86/speculation: Use Indirect Branch Prediction Barrier in context
      switch
    - x86/speculation: Use IBRS if available before calling into firmware
    - x86/speculation: Move firmware_restrict_branch_speculation_*() from C to CPP
    - selftest/seccomp: Fix the seccomp(2) signature
    - xen: set cpu capabilities from xen_start_kernel()
    - x86/amd: don't set X86_BUG_SYSRET_SS_ATTRS when running under Xen
    - SAUCE: Preserve SPEC_CTRL MSR in new inlines
    - SAUCE: Add Knights Mill to NO SSB list
    - x86/process: Correct and optimize TIF_BLOCKSTEP switch
    - x86/process: Optimize TIF_NOTSC switch
    - Revert "x86/cpufeatures: Add FEATURE_ZEN"
    - Revert "x86/cpu/AMD: Fix erratum 1076 (CPB bit)"
    - x86/cpu/AMD: Fix erratum 1076 (CPB bit)
    - x86/cpufeatures: Add FEATURE_ZEN
    - x86/xen: Add call of speculative_store_bypass_ht_init() to PV paths
    - x86/cpu: Re-apply forced caps every time CPU caps are re-read
    - block: do not use interruptible wait anywhere
    - clk: tegra: Fix PLL_U post divider and initial rate on Tegra30
    - ubi: Introduce vol_ignored()
    - ubi: Rework Fastmap attach base code
    - ubi: Be more paranoid while seaching for the most recent Fastmap
    - ubi: Fix races around ubi_refill_pools()
    - ubi: Fix Fastmap's update_vol()
    - ubi: fastmap: Erase outdated anchor PEBs during attach
    - Linux 4.4.144

  * CVE-2017-5715 (Spectre v2 s390x)
    - s390: detect etoken facility
    - s390/lib: use expoline for all bcr instructions
    - SAUCE: s390: use expoline thunks for all branches generated by the BPF JIT

  * Xenial update to 4.4.143 stable release (LP: #1790884)
    - compiler, clang: suppress warning for unused static inline functions
    - compiler, clang: properly override 'inline' for clang
    - compiler, clang: always inline when CONFIG_OPTIMIZE_INLINING is disabled
    - compiler-gcc.h: Add __attribute__((gnu_inline)) to all inline declarations
    - x86/asm: Add _ASM_ARG* constants for argument registers to <asm/asm.h>
    - ocfs2: subsystem.su_mutex is required while accessing the item->ci_parent
    - bcm63xx_enet: correct clock usage
    - bcm63xx_enet: do not write to random DMA channel on BCM6345
    - crypto: crypto4xx - remove bad list_del
    - crypto: crypto4xx - fix crypto4xx_build_pdr, crypto4xx_build_sdr leak
    - atm: zatm: Fix potential Spectre v1
    - net: dccp: avoid crash in ccid3_hc_rx_send_feedback()
    - net: dccp: switch rx_tstamp_last_feedback to monotonic clock
    - net/mlx5: Fix incorrect raw command length parsing
    - net: sungem: fix rx checksum support
    - qed: Limit msix vectors in kdump kernel to the minimum required count.
    - r8152: napi hangup fix after disconnect
    - tcp: fix Fast Open key endianness
    - tcp: prevent bogus FRTO undos with non-SACK flows
    - vhost_net: validate sock before trying to put its fd
    - net_sched: blackhole: tell upper qdisc about dropped packets
    - net/mlx5: Fix command interface race in polling mode
    - net: cxgb3_main: fix potential Spectre v1
    - rtlwifi: rtl8821ae: fix firmware is not ready to run
    - MIPS: Call dump_stack() from show_regs()
    - MIPS: Use async IPIs for arch_trigger_cpumask_backtrace()
    - netfilter: ebtables: reject non-bridge targets
    - KEYS: DNS: fix parsing multiple options
    - rds: avoid unenecessary cong_update in loop transport
    - net/nfc: Avoid stalls when nfc_alloc_send_skb() returned NULL.
    - Linux 4.4.143

  * Xenial update to 4.4.142 stable release (LP: #1790883)
    - Kbuild: fix # escaping in .cmd files for future Make
    - perf tools: Move syscall number fallbacks from perf-sys.h to
      tools/arch/x86/include/asm/
    - Linux 4.4.142

  * Xenial update to 4.4.141 stable release (LP: #1790620)
    - MIPS: Fix ioremap() RAM check
    - ibmasm: don't write out of bounds in read handler
    - vmw_balloon: fix inflation with batching
    - ahci: Disable LPM on Lenovo 50 series laptops with a too old BIOS
    - USB: serial: ch341: fix type promotion bug in ch341_control_in()
    - USB: serial: cp210x: add another USB ID for Qivicon ZigBee stick
    - USB: serial: keyspan_pda: fix modem-status error handling
    - USB: yurex: fix out-of-bounds uaccess in read handler
    - USB: serial: mos7840: fix status-register error handling
    - usb: quirks: add delay quirks for Corsair Strafe
    - xhci: xhci-mem: off by one in xhci_stream_id_to_ring()
    - HID: usbhid: add quirk for innomedia INNEX GENESIS/ATARI adapter
    - tools build: fix # escaping in .cmd files for future Make
    - iw_cxgb4: correctly enforce the max reg_mr depth
    - x86/cpufeature: Move some of the scattered feature bits to x86_capability
    - x86/cpu: Provide a config option to disable static_cpu_has
    - x86/fpu: Add an XSTATE_OP() macro
    - x86/fpu: Get rid of xstate_fault()
    - x86/headers: Don't include asm/processor.h in asm/atomic.h
    - x86/cpufeature: Replace the old static_cpu_has() with safe variant
    - x86/cpufeature: Get rid of the non-asm goto variant
    - x86/alternatives: Add an auxilary section
    - x86/alternatives: Discard dynamic check after init
    - x86/vdso: Use static_cpu_has()
    - x86/boot: Simplify kernel load address alignment check
    - x86/cpufeature: Speed up cpu_feature_enabled()
    - x86/cpufeature, x86/mm/pkeys: Add protection keys related CPUID definitions
    - x86/mm/pkeys: Fix mismerge of protection keys CPUID bits
    - x86/cpu: Add detection of AMD RAS Capabilities
    - x86/cpufeature, x86/mm/pkeys: Fix broken compile-time disabling of pkeys
    - x86/cpufeature: Make sure DISABLED/REQUIRED macros are updated
    - x86/cpufeature: Add helper macro for mask check macros
    - uprobes/x86: Remove incorrect WARN_ON() in uprobe_init_insn()
    - netfilter: nf_queue: augment nfqa_cfg_policy
    - netfilter: x_tables: initialise match/target check parameter struct
    - loop: add recursion validation to LOOP_CHANGE_FD
    - PM / hibernate: Fix oops at snapshot_write()
    - SAUCE: RDMA/ucm: Blacklist UCM module
    - loop: remember whether sysfs_create_group() was done
    - Linux 4.4.141
    - [Config] Refresh configs for 4.4.141

  * regression with EXT4 file systems and meta_bg flag (LP: #1789653)
    - ext4: fix false negatives *and* false positives in ext4_check_descriptors()

  * CVE-2018-15572
    - x86/speculation: Protect against userspace-userspace spectreRSB

  * random oopses on s390 systems using NVMe devices (LP: #1790480)
    - s390/pci: fix out of bounds access during irq setup

  * CVE-2018-6555
    - SAUCE: irda: Only insert new objects into the global database via setsockopt

  * CVE-2018-6554
    - SAUCE: irda: Fix memory leak caused by repeated binds of irda socket

  * errors when scanning partition table of corrupted AIX disk (LP: #1787281)
    - partitions/aix: fix usage of uninitialized lv_info and lvname structures
    - partitions/aix: append null character to print data from disk

 -- Khalid Elmously <email address hidden>  Wed, 12 Sep 2018 02:24:01 -0400
Superseded in trusty-updates on 2018-10-01
Deleted in trusty-proposed (Reason: moved to -updates)
linux-lts-xenial (4.4.0-135.161~14.04.1) trusty; urgency=medium

  * linux-lts-xenial: 4.4.0-135.161~14.04.1 -proposed tracker (LP: #1788768)

  * linux: 4.4.0-135.161 -proposed tracker (LP: #1788766)

  * [Regression] APM Merlin boards fail to recover link after interface down/up
    (LP: #1785739)
    - net: phylib: fix interrupts re-enablement in phy_start
    - net: phy: fix phy_start to consider PHY_IGNORE_INTERRUPT

  * qeth: don't clobber buffer on async TX completion (LP: #1786057)
    - s390/qeth: don't clobber buffer on async TX completion

  * nvme: avoid cqe corruption (LP: #1788035)
    - nvme: avoid cqe corruption when update at the same time as read

  * CacheFiles: Error: Overlong wait for old active object to go away.
    (LP: #1776254)
    - cachefiles: Fix missing clear of the CACHEFILES_OBJECT_ACTIVE flag
    - cachefiles: Wait rather than BUG'ing on "Unexpected object collision"

  * fscache cookie refcount updated incorrectly during fscache object allocation
    (LP: #1776277) // fscache cookie refcount updated incorrectly during fscache
    object allocation (LP: #1776277)
    - fscache: Fix reference overput in fscache_attach_object() error handling

  * FS-Cache: Assertion failed: FS-Cache: 6 == 5 is false (LP: #1774336)
    - Revert "UBUNTU: SAUCE: CacheFiles: fix a read_waiter/read_copier race"
    - fscache: Allow cancelled operations to be enqueued
    - cachefiles: Fix refcounting bug in backing-file read monitoring

  * linux-cloud-tools-common: Ensure hv-kvp-daemon.service starts before
    walinuxagent.service (LP: #1739107)
    - [Debian] hyper-v -- Ensure that hv-kvp-daemon.service starts before
      walinuxagent.service

 -- Khalid Elmously <email address hidden>  Tue, 28 Aug 2018 01:16:55 -0400
Superseded in trusty-security on 2018-10-01
Superseded in trusty-updates on 2018-09-10
Deleted in trusty-proposed (Reason: moved to -updates)
linux-lts-xenial (4.4.0-134.160~14.04.1) trusty; urgency=medium

  * linux-lts-xenial: 4.4.0-134.160~14.04.1 -proposed tracker (LP: #1787179)

  * linux: 4.4.0-134.160 -proposed tracker (LP: #1787177)

  * locking sockets broken due to missing AppArmor socket mediation patches
    (LP: #1780227)
    - UBUNTU SAUCE: apparmor: fix apparmor mediating locking non-fs, unix sockets

  * Backport namespaced fscaps to xenial 4.4 (LP: #1778286)
    - Introduce v3 namespaced file capabilities
    - commoncap: move assignment of fs_ns to avoid null pointer dereference
    - capabilities: fix buffer overread on very short xattr
    - commoncap: Handle memory allocation failure.

  * Xenial update to 4.4.140 stable release (LP: #1784409)
    - usb: cdc_acm: Add quirk for Uniden UBC125 scanner
    - USB: serial: cp210x: add CESINEL device ids
    - USB: serial: cp210x: add Silicon Labs IDs for Windows Update
    - n_tty: Fix stall at n_tty_receive_char_special().
    - staging: android: ion: Return an ERR_PTR in ion_map_kernel
    - n_tty: Access echo_* variables carefully.
    - x86/boot: Fix early command-line parsing when matching at end
    - ath10k: fix rfc1042 header retrieval in QCA4019 with eth decap mode
    - i2c: rcar: fix resume by always initializing registers before transfer
    - ipv4: Fix error return value in fib_convert_metrics()
    - kprobes/x86: Do not modify singlestep buffer while resuming
    - nvme-pci: initialize queue memory before interrupts
    - netfilter: nf_tables: use WARN_ON_ONCE instead of BUG_ON in nft_do_chain()
    - ARM: dts: imx6q: Use correct SDMA script for SPI5 core
    - ubi: fastmap: Correctly handle interrupted erasures in EBA
    - mm: hugetlb: yield when prepping struct pages
    - tracing: Fix missing return symbol in function_graph output
    - scsi: sg: mitigate read/write abuse
    - s390: Correct register corruption in critical section cleanup
    - drbd: fix access after free
    - cifs: Fix infinite loop when using hard mount option
    - jbd2: don't mark block as modified if the handle is out of credits
    - ext4: make sure bitmaps and the inode table don't overlap with bg
      descriptors
    - ext4: always check block group bounds in ext4_init_block_bitmap()
    - ext4: only look at the bg_flags field if it is valid
    - ext4: verify the depth of extent tree in ext4_find_extent()
    - ext4: include the illegal physical block in the bad map ext4_error msg
    - ext4: clear i_data in ext4_inode_info when removing inline data
    - ext4: add more inode number paranoia checks
    - ext4: add more mount time checks of the superblock
    - ext4: check superblock mapped prior to committing
    - HID: i2c-hid: Fix "incomplete report" noise
    - HID: hiddev: fix potential Spectre v1
    - HID: debug: check length before copy_to_user()
    - x86/mce: Detect local MCEs properly
    - x86/mce: Fix incorrect "Machine check from unknown source" message
    - media: cx25840: Use subdev host data for PLL override
    - mm, page_alloc: do not break __GFP_THISNODE by zonelist reset
    - dm bufio: avoid sleeping while holding the dm_bufio lock
    - dm bufio: drop the lock when doing GFP_NOIO allocation
    - mtd: rawnand: mxc: set spare area size register explicitly
    - dm bufio: don't take the lock in dm_bufio_shrink_count
    - mtd: cfi_cmdset_0002: Change definition naming to retry write operation
    - mtd: cfi_cmdset_0002: Change erase functions to retry for error
    - mtd: cfi_cmdset_0002: Change erase functions to check chip good only
    - netfilter: nf_log: don't hold nf_log_mutex during user access
    - staging: comedi: quatech_daqp_cs: fix no-op loop daqp_ao_insn_write()
    - Linux 4.4.140

  * Xenial update to 4.4.139 stable release (LP: #1784382)
    - xfrm6: avoid potential infinite loop in _decode_session6()
    - netfilter: ebtables: handle string from userspace with care
    - ipvs: fix buffer overflow with sync daemon and service
    - atm: zatm: fix memcmp casting
    - net: qmi_wwan: Add Netgear Aircard 779S
    - net/sonic: Use dma_mapping_error()
    - Revert "Btrfs: fix scrub to repair raid6 corruption"
    - tcp: do not overshoot window_clamp in tcp_rcv_space_adjust()
    - Btrfs: make raid6 rebuild retry more
    - usb: musb: fix remote wakeup racing with suspend
    - bonding: re-evaluate force_primary when the primary slave name changes
    - tcp: verify the checksum of the first data segment in a new connection
    - ext4: update mtime in ext4_punch_hole even if no blocks are released
    - ext4: fix fencepost error in check for inode count overflow during resize
    - driver core: Don't ignore class_dir_create_and_add() failure.
    - btrfs: scrub: Don't use inode pages for device replace
    - ALSA: hda - Handle kzalloc() failure in snd_hda_attach_pcm_stream()
    - ALSA: hda: add dock and led support for HP EliteBook 830 G5
    - ALSA: hda: add dock and led support for HP ProBook 640 G4
    - cpufreq: Fix new policy initialization during limits updates via sysfs
    - libata: zpodd: make arrays cdb static, reduces object code size
    - libata: zpodd: small read overflow in eject_tray()
    - libata: Drop SanDisk SD7UB3Q*G1001 NOLPM quirk
    - w1: mxc_w1: Enable clock before calling clk_get_rate() on it
    - x86/spectre_v1: Disable compiler optimizations over
      array_index_mask_nospec()
    - m68k/mm: Adjust VM area to be unmapped by gap size for __iounmap()
    - serial: sh-sci: Use spin_{try}lock_irqsave instead of open coding version
    - signal/xtensa: Consistenly use SIGBUS in do_unaligned_user
    - usb: do not reset if a low-speed or full-speed device timed out
    - 1wire: family module autoload fails because of upper/lower case mismatch.
    - ASoC: dapm: delete dapm_kcontrol_data paths list before freeing it
    - ASoC: cirrus: i2s: Fix LRCLK configuration
    - ASoC: cirrus: i2s: Fix {TX|RX}LinCtrlData setup
    - lib/vsprintf: Remove atomic-unsafe support for %pCr
    - mips: ftrace: fix static function graph tracing
    - branch-check: fix long->int truncation when profiling branches
    - ipmi:bt: Set the timeout before doing a capabilities check
    - Bluetooth: hci_qca: Avoid missing rampatch failure with userspace fw loader
    - fuse: atomic_o_trunc should truncate pagecache
    - fuse: don't keep dead fuse_conn at fuse_fill_super().
    - fuse: fix control dir setup and teardown
    - powerpc/mm/hash: Add missing isync prior to kernel stack SLB switch
    - powerpc/ptrace: Fix setting 512B aligned breakpoints with
      PTRACE_SET_DEBUGREG
    - powerpc/ptrace: Fix enforcement of DAWR constraints
    - cpuidle: powernv: Fix promotion from snooze if next state disabled
    - powerpc/fadump: Unregister fadump on kexec down path.
    - ARM: 8764/1: kgdb: fix NUMREGBYTES so that gdb_regs[] is the correct size
    - of: unittest: for strings, account for trailing \0 in property length field
    - IB/qib: Fix DMA api warning with debug kernel
    - RDMA/mlx4: Discard unknown SQP work requests
    - mtd: cfi_cmdset_0002: Change write buffer to check correct value
    - mtd: cfi_cmdset_0002: Use right chip in do_ppb_xxlock()
    - mtd: cfi_cmdset_0002: fix SEGV unlocking multiple chips
    - mtd: cfi_cmdset_0002: Fix unlocking requests crossing a chip boudary
    - mtd: cfi_cmdset_0002: Avoid walking all chips when unlocking.
    - MIPS: BCM47XX: Enable 74K Core ExternalSync for PCIe erratum
    - PCI: pciehp: Clear Presence Detect and Data Link Layer Status Changed on
      resume
    - MIPS: io: Add barrier after register read in inX()
    - time: Make sure jiffies_to_msecs() preserves non-zero time periods
    - Btrfs: fix clone vs chattr NODATASUM race
    - iio:buffer: make length types match kfifo types
    - scsi: qla2xxx: Fix setting lower transfer speed if GPSC fails
    - scsi: zfcp: fix missing SCSI trace for result of eh_host_reset_handler
    - scsi: zfcp: fix missing SCSI trace for retry of abort / scsi_eh TMF
    - scsi: zfcp: fix misleading REC trigger trace where erp_action setup failed
    - scsi: zfcp: fix missing REC trigger trace on terminate_rport_io early return
    - scsi: zfcp: fix missing REC trigger trace on terminate_rport_io for
      ERP_FAILED
    - scsi: zfcp: fix missing REC trigger trace for all objects in ERP_FAILED
    - scsi: zfcp: fix missing REC trigger trace on enqueue without ERP thread
    - linvdimm, pmem: Preserve read-only setting for pmem devices
    - md: fix two problems with setting the "re-add" device state.
    - ubi: fastmap: Cancel work upon detach
    - UBIFS: Fix potential integer overflow in allocation
    - xfrm: skip policies marked as dead while rehashing
    - backlight: as3711_bl: Fix Device Tree node lookup
    - backlight: max8925_bl: Fix Device Tree node lookup
    - backlight: tps65217_bl: Fix Device Tree node lookup
    - mfd: intel-lpss: Program REMAP register in PIO mode
    - perf tools: Fix symbol and object code resolution for vdso32 and vdsox32
    - perf intel-pt: Fix sync_switch INTEL_PT_SS_NOT_TRACING
    - perf intel-pt: Fix decoding to accept CBR between FUP and corresponding TIP
    - perf intel-pt: Fix MTC timing after overflow
    - perf intel-pt: Fix "Unexpected indirect branch" error
    - perf intel-pt: Fix packet decoding of CYC packets
    - media: v4l2-compat-ioctl32: prevent go past max size
    - media: dvb_frontend: fix locking issues at dvb_frontend_get_event()
    - nfsd: restrict rd_maxcount to svc_max_payload in nfsd_encode_readdir
    - NFSv4: Fix possible 1-byte stack overflow in
      nfs_idmap_read_and_verify_message
    - video: uvesafb: Fix integer overflow in allocation
    - Input: elan_i2c - add ELAN0618 (Lenovo v330 15IKB) ACPI ID
    - xen: Remove unnecessary BUG_ON from __unbind_from_irq()
    - udf: Detect incorrect directory size
    - Input: elan_i2c_smbus - fix more potential stack buffer overflows
    - Input: elantech - enable middle button of touchpads on ThinkPad P52
    - Input: elantech - fix V4 report decoding for module with middle key
    - ALSA: hda/realtek - Add a quirk for FSC ESPRIMO U9210
    - Btrfs: fix unexpected cow in run_delalloc_nocow
    - spi: Fix scatterlist elements size in spi_map_buf
    - block: Fix transfer when chunk sectors exceeds max
    - dm thin: handle running out of data space vs concurrent discard
    - cdc_ncm: avoid padding beyond end of skb
    - Bluetooth: Fix connection if directed advertising and privacy is used
    - Linux 4.4.139

  * Support AverMedia DVD EZMaker 7 USB video capture dongle (LP: #1620762) //
    Xenial update to 4.4.139 stable release (LP: #1784382)
    - media: cx231xx: Add support for AverMedia DVD EZMaker 7

  * vfio/pci: cannot assign a i40e pf device to a vm using vfio-pci
    (LP: #1779830)
    - vfio/pci: Hide broken INTx support from user

  * Kernel error "task zfs:pid blocked for more than 120 seconds" (LP: #1781364)
    - SAUCE: (noup) zfs to 0.6.5.6-0ubuntu25

  * Allow multiple mounts of zfs datasets (LP: #1759848)
    - SAUCE: Allow mounting datasets more than once (LP: #1759848)

  * CVE-2018-12233
    - jfs: Fix inconsistency between memory allocation and ea_buf->max_size

  * Redpine: Observed kernel panic while running wireless tests in regression
    mode (LP: #1773410) // Redpine: Observed kernel panic while running soft-ap
    tests (LP: #1777850)
    - SAUCE: Redpine: improve cancel_hw_scan handling to fix kernel panic

  * [HMS] Upgrades to Support SocketCAN over USB on Dell IoT 300x Gateways
    (LP: #1783241)
    - SAUCE: (no-up) upgrade IXXAT USB SocketCAN driver

  * CVE-2018-13094
    - xfs: don't call xfs_da_shrink_inode with NULL bp

  * other users' coredumps can be read via setgid directory and killpriv bypass
    (LP: #1779923) // CVE-2018-13405
    - Fix up non-directory creation in SGID directories

  * snapcraft.yaml: missing ubuntu-retpoline-extract-one script breaks the build
    (LP: #1782116)
    - snapcraft.yaml: copy retpoline-extract-one to scripts before build

  * Enable basic support for Solarflare 8000 series NIC (LP: #1783152)
    - sfc: make TSO version a per-queue parameter
    - sfc: Add PCI ID for Solarflare 8000 series 10/40G NIC

  * Redpine: Observed kernel panic while running wireless regressions tests
    (LP: #1777858)
    - SAUCE: Redpine: improve kernel thread handling to fix kernel panic

  * Xenial update to 4.4.138 stable release (LP: #1777389)
    - x86: Remove unused function cpu_has_ht_siblings()
    - x86/cpufeature: Remove unused and seldomly used cpu_has_xx macros
    - x86/fpu: Disable AVX when eagerfpu is off
    - x86/fpu: Revert ("x86/fpu: Disable AVX when eagerfpu is off")
    - x86/fpu: Hard-disable lazy FPU mode
    - af_key: Always verify length of provided sadb_key
    - x86/crypto, x86/fpu: Remove X86_FEATURE_EAGER_FPU #ifdef from the crc32c
      code
    - gpio: No NULL owner
    - Clarify (and fix) MAX_LFS_FILESIZE macros
    - serial: samsung: fix maxburst parameter for DMA transactions
    - vmw_balloon: fixing double free when batching mode is off
    - Input: goodix - add new ACPI id for GPD Win 2 touch screen
    - crypto: vmx - Remove overly verbose printk from AES init routines
    - Linux 4.4.138

  * Redpine: wifi-ap stopped working after restart (LP: #1773400)
    - SAUCE: Redpine: fix soft-ap invisible issue

  * Xenial update to 4.4.137 stable release (LP: #1777063)
    - tpm: do not suspend/resume if power stays on
    - tpm: self test failure should not cause suspend to fail
    - mmap: introduce sane default mmap limits
    - mmap: relax file size limit for regular files
    - kconfig: Avoid format overflow warning from GCC 8.1
    - xfs: fix incorrect log_flushed on fsync
    - drm: set FMODE_UNSIGNED_OFFSET for drm files
    - brcmfmac: Fix check for ISO3166 code
    - bnx2x: use the right constant
    - dccp: don't free ccid2_hc_tx_sock struct in dccp_disconnect()
    - enic: set DMA mask to 47 bit
    - ip6mr: only set ip6mr_table from setsockopt when ip6mr_new_table succeeds
    - ipv4: remove warning in ip_recv_error
    - isdn: eicon: fix a missing-check bug
    - netdev-FAQ: clarify DaveM's position for stable backports
    - net/packet: refine check for priv area size
    - net: usb: cdc_mbim: add flag FLAG_SEND_ZLP
    - packet: fix reserve calculation
    - qed: Fix mask for physical address in ILT entry
    - net/mlx4: Fix irq-unsafe spinlock usage
    - team: use netdev_features_t instead of u32
    - rtnetlink: validate attributes in do_setlink()
    - net: phy: broadcom: Fix bcm_write_exp()
    - net: metrics: add proper netlink validation
    - Linux 4.4.137

  * Xenial update to 4.4.136 stable release (LP: #1776177)
    - arm64: lse: Add early clobbers to some input/output asm operands
    - powerpc/64s: Clear PCR on boot
    - USB: serial: cp210x: use tcflag_t to fix incompatible pointer type
    - sh: New gcc support
    - xfs: detect agfl count corruption and reset agfl
    - Input: elan_i2c_smbus - fix corrupted stack
    - tracing: Fix crash when freeing instances with event triggers
    - selinux: KASAN: slab-out-of-bounds in xattr_getsecurity
    - cfg80211: further limit wiphy names to 64 bytes
    - rtlwifi: rtl8192cu: Remove variable self-assignment in rf.c
    - ASoC: Intel: sst: remove redundant variable dma_dev_name
    - irda: fix overly long udelay()
    - tcp: avoid integer overflows in tcp_rcv_space_adjust()
    - i2c: rcar: make sure clocks are on when doing clock calculation
    - i2c: rcar: rework hw init
    - i2c: rcar: remove unused IOERROR state
    - i2c: rcar: remove spinlock
    - i2c: rcar: refactor setup of a msg
    - i2c: rcar: init new messages in irq
    - i2c: rcar: don't issue stop when HW does it automatically
    - i2c: rcar: check master irqs before slave irqs
    - i2c: rcar: revoke START request early
    - dmaengine: usb-dmac: fix endless loop in usb_dmac_chan_terminate_all()
    - iio:kfifo_buf: check for uint overflow
    - MIPS: ptrace: Fix PTRACE_PEEKUSR requests for 64-bit FGRs
    - MIPS: prctl: Disallow FRE without FR with PR_SET_FP_MODE requests
    - scsi: scsi_transport_srp: Fix shost to rport translation
    - stm class: Use vmalloc for the master map
    - hwtracing: stm: fix build error on some arches
    - drm/i915: Disable LVDS on Radiant P845
    - Kbuild: change CC_OPTIMIZE_FOR_SIZE definition
    - [Config] Add CONFIG_CC_OPTIMIZE_FOR_PERFORMANCE=y
    - fix io_destroy()/aio_complete() race
    - mm: fix the NULL mapping case in __isolate_lru_page()
    - sparc64: Fix build warnings with gcc 7.
    - Linux 4.4.136

  * Xenial update to 4.4.135 stable release (LP: #1776158)
    - Revert "vti4: Don't override MTU passed on link creation via IFLA_MTU"
    - Linux 4.4.135

 -- Khalid Elmously <email address hidden>  Thu, 16 Aug 2018 12:43:49 -0400
Superseded in trusty-updates on 2018-08-23
Superseded in trusty-security on 2018-08-23
Deleted in trusty-proposed (Reason: moved to -updates)
linux-lts-xenial (4.4.0-133.159~14.04.1) trusty; urgency=medium

  * CVE-2018-5390
    - tcp: avoid collapses in tcp_prune_queue() if possible
    - tcp: detect malicious patterns in tcp_collapse_ofo_queue()

  * CVE-2018-5391
    - Revert "net: increase fragment memory usage limits"

  * CVE-2018-3620 // CVE-2018-3646
    - KVM: x86: introduce linear_{read,write}_system
    - KVM: x86: pass kvm_vcpu to kvm_read_guest_virt and
      kvm_write_guest_virt_system
    - kvm: x86: use correct privilege level for sgdt/sidt/fxsave/fxrstor access
    - x86/speculation/l1tf: Increase 32bit PAE __PHYSICAL_PAGE_SHIFT
    - x86/speculation/l1tf: Change order of offset/type in swap entry
    - x86/speculation/l1tf: Protect swap entries against L1TF
    - x86/mm: Simplify p[g4um]d_page() macros
    - x86/speculation/l1tf: Protect PROT_NONE PTEs against speculation
    - x86/speculation/l1tf: Make sure the first page is always reserved
    - SAUCE: x86/cpu: Add Knights Mill/Gemini Lake
    - x86/speculation/l1tf: Add sysfs reporting for l1tf
    - x86/speculation/l1tf: Disallow non privileged high MMIO PROT_NONE mappings
    - x86/speculation/l1tf: Limit swap file size to MAX_PA/2
    - x86/smp: Provide topology_is_primary_thread()
    - x86/topology: Provide topology_smt_supported()
    - cpu/hotplug: Split do_cpu_down()
    - x86/topology: Add topology_max_smt_threads()
    - cpu/hotplug: Provide knobs to control SMT
    - x86/CPU: Modify detect_extended_topology() to return result
    - x86/cpu: Remove the pointless CPU printout
    - x86/cpu/AMD: Remove the pointless detect_ht() call
    - x86/cpu/common: Provide detect_ht_early()
    - x86/cpu/topology: Provide detect_extended_topology_early()
    - x86/cpu/intel: Evaluate smp_num_siblings early
    - x86/cpu/AMD: Evaluate smp_num_siblings early
    - x86/apic: Ignore secondary threads if nosmt=force
    - x86/speculation/l1tf: Extend 64bit swap file size limit
    - x86/CPU/AMD: Move TOPOEXT reenablement before reading smp_num_siblings
    - x86/cpufeatures: Add detection of L1D cache flush support.
    - x86/speculation/l1tf: Protect PAE swap entries against L1TF
    - x86/speculation/l1tf: Fix up pte->pfn conversion for PAE
    - Revert "x86/apic: Ignore secondary threads if nosmt=force"
    - SAUCE: x86/mce: register mce notifier earlier
    - cpu/hotplug: Boot HT siblings at least once
    - KVM: x86: Introducing kvm_x86_ops VM init/destroy hooks
    - x86/KVM: Warn user if KVM is loaded SMT and L1TF CPU bug being present.
    - x86/KVM/VMX: Add module argument for L1TF mitigation
    - x86/KVM/VMX: Add L1D flush algorithm
    - x86/KVM/VMX: Add L1D MSR based flush
    - x86/KVM/VMX: Add L1D flush logic
    - x86/KVM/VMX: Split the VMX MSR LOAD structures to have an host/guest numbers
    - x86/KVM/VMX: Add find_msr() helper function
    - x86/KVM/VMX: Seperate the VMX AUTOLOAD guest/host number accounting.
    - x86/KVM/VMX: Extend add_atomic_switch_msr() to allow VMENTER only MSRs
    - x86/KVM/VMX: Use MSR save list for IA32_FLUSH_CMD if required
    - cpu/hotplug: Online siblings when SMT control is turned on
    - x86/litf: Introduce vmx status variable
    - x86/kvm: Drop L1TF MSR list approach
    - x86/l1tf: Handle EPT disabled state proper
    - x86/kvm: Move l1tf setup function
    - x86/kvm: Add static key for flush always
    - x86/kvm: Serialize L1D flush parameter setter
    - x86/kvm: Allow runtime control of L1D flush
    - cpu/hotplug: Expose SMT control init function
    - cpu/hotplug: Set CPU_SMT_NOT_SUPPORTED early
    - x86/bugs, kvm: Introduce boot-time control of L1TF mitigations
    - Documentation: Add section about CPU vulnerabilities
    - x86/speculation/l1tf: Unbreak !__HAVE_ARCH_PFN_MODIFY_ALLOWED architectures
    - x86/KVM/VMX: Initialize the vmx_l1d_flush_pages' content
    - Documentation/l1tf: Fix typos
    - cpu/hotplug: detect SMT disabled by BIOS
    - x86/KVM/VMX: Don't set l1tf_flush_l1d to true from vmx_l1d_flush()
    - x86/KVM/VMX: Replace 'vmx_l1d_flush_always' with 'vmx_l1d_flush_cond'
    - x86/KVM/VMX: Move the l1tf_flush_l1d test to vmx_l1d_flush()
    - x86/irq: Demote irq_cpustat_t::__softirq_pending to u16
    - x86/KVM/VMX: Introduce per-host-cpu analogue of l1tf_flush_l1d
    - x86: Don't include linux/irq.h from asm/hardirq.h
    - x86/apic: Order irq_enter/exit() calls correctly vs. ack_APIC_irq()
    - x86/irq: Let interrupt handlers set kvm_cpu_l1tf_flush_l1d
    - x86/KVM/VMX: Don't set l1tf_flush_l1d from vmx_handle_external_intr()
    - Documentation/l1tf: Remove Yonah processors from not vulnerable list
    - x86/speculation: Simplify sysfs report of VMX L1TF vulnerability
    - x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on vmentry
    - KVM/VMX: Emulate MSR_IA32_ARCH_CAPABILITIES
    - KVM: x86: Add a framework for supporting MSR-based features
    - KVM: X86: Introduce kvm_get_msr_feature()
    - KVM: VMX: support MSR_IA32_ARCH_CAPABILITIES as a feature MSR
    - KVM: VMX: Tell the nested hypervisor to skip L1D flush on vmentry
    - cpu/hotplug: Fix SMT supported evaluation
    - x86/speculation/l1tf: Invert all not present mappings
    - x86/speculation/l1tf: Make pmd/pud_mknotpresent() invert
    - x86/mm/pat: Ensure cpa->pfn only contains page frame numbers
    - SAUCE: Add pfn_pud() and pud_mkhuge()
    - x86/mm/pat: Make set_memory_np() L1TF safe

 -- Stefan Bader <email address hidden>  Wed, 08 Aug 2018 12:04:38 +0200
Deleted in trusty-proposed on 2018-08-23 (Reason: NBS)
linux-lts-xenial (4.4.0-132.158~14.04.1) trusty; urgency=medium

  * linux-lts-xenial: 4.4.0-132.158~14.04.1 -proposed tracker (LP: #1784304)

  * linux: 4.4.0-132.158 -proposed tracker (LP: #1784302)

  * locking sockets broken due to missing AppArmor socket mediation patches
    (LP: #1780227)
    - UBUNTU SAUCE: apparmor: fix apparmor mediating locking non-fs, unix sockets

  * Backport namespaced fscaps to xenial 4.4 (LP: #1778286)
    - Introduce v3 namespaced file capabilities
    - commoncap: move assignment of fs_ns to avoid null pointer dereference
    - capabilities: fix buffer overread on very short xattr
    - commoncap: Handle memory allocation failure.

  * Xenial update to 4.4.140 stable release (LP: #1784409)
    - usb: cdc_acm: Add quirk for Uniden UBC125 scanner
    - USB: serial: cp210x: add CESINEL device ids
    - USB: serial: cp210x: add Silicon Labs IDs for Windows Update
    - n_tty: Fix stall at n_tty_receive_char_special().
    - staging: android: ion: Return an ERR_PTR in ion_map_kernel
    - n_tty: Access echo_* variables carefully.
    - x86/boot: Fix early command-line parsing when matching at end
    - ath10k: fix rfc1042 header retrieval in QCA4019 with eth decap mode
    - i2c: rcar: fix resume by always initializing registers before transfer
    - ipv4: Fix error return value in fib_convert_metrics()
    - kprobes/x86: Do not modify singlestep buffer while resuming
    - nvme-pci: initialize queue memory before interrupts
    - netfilter: nf_tables: use WARN_ON_ONCE instead of BUG_ON in nft_do_chain()
    - ARM: dts: imx6q: Use correct SDMA script for SPI5 core
    - ubi: fastmap: Correctly handle interrupted erasures in EBA
    - mm: hugetlb: yield when prepping struct pages
    - tracing: Fix missing return symbol in function_graph output
    - scsi: sg: mitigate read/write abuse
    - s390: Correct register corruption in critical section cleanup
    - drbd: fix access after free
    - cifs: Fix infinite loop when using hard mount option
    - jbd2: don't mark block as modified if the handle is out of credits
    - ext4: make sure bitmaps and the inode table don't overlap with bg
      descriptors
    - ext4: always check block group bounds in ext4_init_block_bitmap()
    - ext4: only look at the bg_flags field if it is valid
    - ext4: verify the depth of extent tree in ext4_find_extent()
    - ext4: include the illegal physical block in the bad map ext4_error msg
    - ext4: clear i_data in ext4_inode_info when removing inline data
    - ext4: add more inode number paranoia checks
    - ext4: add more mount time checks of the superblock
    - ext4: check superblock mapped prior to committing
    - HID: i2c-hid: Fix "incomplete report" noise
    - HID: hiddev: fix potential Spectre v1
    - HID: debug: check length before copy_to_user()
    - x86/mce: Detect local MCEs properly
    - x86/mce: Fix incorrect "Machine check from unknown source" message
    - media: cx25840: Use subdev host data for PLL override
    - mm, page_alloc: do not break __GFP_THISNODE by zonelist reset
    - dm bufio: avoid sleeping while holding the dm_bufio lock
    - dm bufio: drop the lock when doing GFP_NOIO allocation
    - mtd: rawnand: mxc: set spare area size register explicitly
    - dm bufio: don't take the lock in dm_bufio_shrink_count
    - mtd: cfi_cmdset_0002: Change definition naming to retry write operation
    - mtd: cfi_cmdset_0002: Change erase functions to retry for error
    - mtd: cfi_cmdset_0002: Change erase functions to check chip good only
    - netfilter: nf_log: don't hold nf_log_mutex during user access
    - staging: comedi: quatech_daqp_cs: fix no-op loop daqp_ao_insn_write()
    - Linux 4.4.140

  * Xenial update to 4.4.139 stable release (LP: #1784382)
    - xfrm6: avoid potential infinite loop in _decode_session6()
    - netfilter: ebtables: handle string from userspace with care
    - ipvs: fix buffer overflow with sync daemon and service
    - atm: zatm: fix memcmp casting
    - net: qmi_wwan: Add Netgear Aircard 779S
    - net/sonic: Use dma_mapping_error()
    - Revert "Btrfs: fix scrub to repair raid6 corruption"
    - tcp: do not overshoot window_clamp in tcp_rcv_space_adjust()
    - Btrfs: make raid6 rebuild retry more
    - usb: musb: fix remote wakeup racing with suspend
    - bonding: re-evaluate force_primary when the primary slave name changes
    - tcp: verify the checksum of the first data segment in a new connection
    - ext4: update mtime in ext4_punch_hole even if no blocks are released
    - ext4: fix fencepost error in check for inode count overflow during resize
    - driver core: Don't ignore class_dir_create_and_add() failure.
    - btrfs: scrub: Don't use inode pages for device replace
    - ALSA: hda - Handle kzalloc() failure in snd_hda_attach_pcm_stream()
    - ALSA: hda: add dock and led support for HP EliteBook 830 G5
    - ALSA: hda: add dock and led support for HP ProBook 640 G4
    - cpufreq: Fix new policy initialization during limits updates via sysfs
    - libata: zpodd: make arrays cdb static, reduces object code size
    - libata: zpodd: small read overflow in eject_tray()
    - libata: Drop SanDisk SD7UB3Q*G1001 NOLPM quirk
    - w1: mxc_w1: Enable clock before calling clk_get_rate() on it
    - x86/spectre_v1: Disable compiler optimizations over
      array_index_mask_nospec()
    - m68k/mm: Adjust VM area to be unmapped by gap size for __iounmap()
    - serial: sh-sci: Use spin_{try}lock_irqsave instead of open coding version
    - signal/xtensa: Consistenly use SIGBUS in do_unaligned_user
    - usb: do not reset if a low-speed or full-speed device timed out
    - 1wire: family module autoload fails because of upper/lower case mismatch.
    - ASoC: dapm: delete dapm_kcontrol_data paths list before freeing it
    - ASoC: cirrus: i2s: Fix LRCLK configuration
    - ASoC: cirrus: i2s: Fix {TX|RX}LinCtrlData setup
    - lib/vsprintf: Remove atomic-unsafe support for %pCr
    - mips: ftrace: fix static function graph tracing
    - branch-check: fix long->int truncation when profiling branches
    - ipmi:bt: Set the timeout before doing a capabilities check
    - Bluetooth: hci_qca: Avoid missing rampatch failure with userspace fw loader
    - fuse: atomic_o_trunc should truncate pagecache
    - fuse: don't keep dead fuse_conn at fuse_fill_super().
    - fuse: fix control dir setup and teardown
    - powerpc/mm/hash: Add missing isync prior to kernel stack SLB switch
    - powerpc/ptrace: Fix setting 512B aligned breakpoints with
      PTRACE_SET_DEBUGREG
    - powerpc/ptrace: Fix enforcement of DAWR constraints
    - cpuidle: powernv: Fix promotion from snooze if next state disabled
    - powerpc/fadump: Unregister fadump on kexec down path.
    - ARM: 8764/1: kgdb: fix NUMREGBYTES so that gdb_regs[] is the correct size
    - of: unittest: for strings, account for trailing \0 in property length field
    - IB/qib: Fix DMA api warning with debug kernel
    - RDMA/mlx4: Discard unknown SQP work requests
    - mtd: cfi_cmdset_0002: Change write buffer to check correct value
    - mtd: cfi_cmdset_0002: Use right chip in do_ppb_xxlock()
    - mtd: cfi_cmdset_0002: fix SEGV unlocking multiple chips
    - mtd: cfi_cmdset_0002: Fix unlocking requests crossing a chip boudary
    - mtd: cfi_cmdset_0002: Avoid walking all chips when unlocking.
    - MIPS: BCM47XX: Enable 74K Core ExternalSync for PCIe erratum
    - PCI: pciehp: Clear Presence Detect and Data Link Layer Status Changed on
      resume
    - MIPS: io: Add barrier after register read in inX()
    - time: Make sure jiffies_to_msecs() preserves non-zero time periods
    - Btrfs: fix clone vs chattr NODATASUM race
    - iio:buffer: make length types match kfifo types
    - scsi: qla2xxx: Fix setting lower transfer speed if GPSC fails
    - scsi: zfcp: fix missing SCSI trace for result of eh_host_reset_handler
    - scsi: zfcp: fix missing SCSI trace for retry of abort / scsi_eh TMF
    - scsi: zfcp: fix misleading REC trigger trace where erp_action setup failed
    - scsi: zfcp: fix missing REC trigger trace on terminate_rport_io early return
    - scsi: zfcp: fix missing REC trigger trace on terminate_rport_io for
      ERP_FAILED
    - scsi: zfcp: fix missing REC trigger trace for all objects in ERP_FAILED
    - scsi: zfcp: fix missing REC trigger trace on enqueue without ERP thread
    - linvdimm, pmem: Preserve read-only setting for pmem devices
    - md: fix two problems with setting the "re-add" device state.
    - ubi: fastmap: Cancel work upon detach
    - UBIFS: Fix potential integer overflow in allocation
    - xfrm: skip policies marked as dead while rehashing
    - backlight: as3711_bl: Fix Device Tree node lookup
    - backlight: max8925_bl: Fix Device Tree node lookup
    - backlight: tps65217_bl: Fix Device Tree node lookup
    - mfd: intel-lpss: Program REMAP register in PIO mode
    - perf tools: Fix symbol and object code resolution for vdso32 and vdsox32
    - perf intel-pt: Fix sync_switch INTEL_PT_SS_NOT_TRACING
    - perf intel-pt: Fix decoding to accept CBR between FUP and corresponding TIP
    - perf intel-pt: Fix MTC timing after overflow
    - perf intel-pt: Fix "Unexpected indirect branch" error
    - perf intel-pt: Fix packet decoding of CYC packets
    - media: v4l2-compat-ioctl32: prevent go past max size
    - media: dvb_frontend: fix locking issues at dvb_frontend_get_event()
    - nfsd: restrict rd_maxcount to svc_max_payload in nfsd_encode_readdir
    - NFSv4: Fix possible 1-byte stack overflow in
      nfs_idmap_read_and_verify_message
    - video: uvesafb: Fix integer overflow in allocation
    - Input: elan_i2c - add ELAN0618 (Lenovo v330 15IKB) ACPI ID
    - xen: Remove unnecessary BUG_ON from __unbind_from_irq()
    - udf: Detect incorrect directory size
    - Input: elan_i2c_smbus - fix more potential stack buffer overflows
    - Input: elantech - enable middle button of touchpads on ThinkPad P52
    - Input: elantech - fix V4 report decoding for module with middle key
    - ALSA: hda/realtek - Add a quirk for FSC ESPRIMO U9210
    - Btrfs: fix unexpected cow in run_delalloc_nocow
    - spi: Fix scatterlist elements size in spi_map_buf
    - block: Fix transfer when chunk sectors exceeds max
    - dm thin: handle running out of data space vs concurrent discard
    - cdc_ncm: avoid padding beyond end of skb
    - Bluetooth: Fix connection if directed advertising and privacy is used
    - Linux 4.4.139

  * Support AverMedia DVD EZMaker 7 USB video capture dongle (LP: #1620762) //
    Xenial update to 4.4.139 stable release (LP: #1784382)
    - media: cx231xx: Add support for AverMedia DVD EZMaker 7

  * vfio/pci: cannot assign a i40e pf device to a vm using vfio-pci
    (LP: #1779830)
    - vfio/pci: Hide broken INTx support from user

  * Kernel error "task zfs:pid blocked for more than 120 seconds" (LP: #1781364)
    - SAUCE: (noup) zfs to 0.6.5.6-0ubuntu25

  * Allow multiple mounts of zfs datasets (LP: #1759848)
    - SAUCE: Allow mounting datasets more than once (LP: #1759848)

  * CVE-2018-12233
    - jfs: Fix inconsistency between memory allocation and ea_buf->max_size

  * Redpine: Observed kernel panic while running wireless tests in regression
    mode (LP: #1773410) // Redpine: Observed kernel panic while running soft-ap
    tests (LP: #1777850)
    - SAUCE: Redpine: improve cancel_hw_scan handling to fix kernel panic

  * [HMS] Upgrades to Support SocketCAN over USB on Dell IoT 300x Gateways
    (LP: #1783241)
    - SAUCE: (no-up) upgrade IXXAT USB SocketCAN driver

  * CVE-2018-13094
    - xfs: don't call xfs_da_shrink_inode with NULL bp

  * other users' coredumps can be read via setgid directory and killpriv bypass
    (LP: #1779923) // CVE-2018-13405
    - Fix up non-directory creation in SGID directories

  * snapcraft.yaml: missing ubuntu-retpoline-extract-one script breaks the build
    (LP: #1782116)
    - snapcraft.yaml: copy retpoline-extract-one to scripts before build

  * Enable basic support for Solarflare 8000 series NIC (LP: #1783152)
    - sfc: make TSO version a per-queue parameter
    - sfc: Add PCI ID for Solarflare 8000 series 10/40G NIC

  * Redpine: Observed kernel panic while running wireless regressions tests
    (LP: #1777858)
    - SAUCE: Redpine: improve kernel thread handling to fix kernel panic

  * Xenial update to 4.4.138 stable release (LP: #1777389)
    - x86: Remove unused function cpu_has_ht_siblings()
    - x86/cpufeature: Remove unused and seldomly used cpu_has_xx macros
    - x86/fpu: Disable AVX when eagerfpu is off
    - x86/fpu: Revert ("x86/fpu: Disable AVX when eagerfpu is off")
    - x86/fpu: Hard-disable lazy FPU mode
    - af_key: Always verify length of provided sadb_key
    - x86/crypto, x86/fpu: Remove X86_FEATURE_EAGER_FPU #ifdef from the crc32c
      code
    - gpio: No NULL owner
    - Clarify (and fix) MAX_LFS_FILESIZE macros
    - KVM: x86: introduce linear_{read,write}_system
    - KVM: x86: pass kvm_vcpu to kvm_read_guest_virt and
      kvm_write_guest_virt_system
    - serial: samsung: fix maxburst parameter for DMA transactions
    - vmw_balloon: fixing double free when batching mode is off
    - kvm: x86: use correct privilege level for sgdt/sidt/fxsave/fxrstor access
    - Input: goodix - add new ACPI id for GPD Win 2 touch screen
    - crypto: vmx - Remove overly verbose printk from AES init routines
    - Linux 4.4.138

  * Redpine: wifi-ap stopped working after restart (LP: #1773400)
    - SAUCE: Redpine: fix soft-ap invisible issue

  * Xenial update to 4.4.137 stable release (LP: #1777063)
    - tpm: do not suspend/resume if power stays on
    - tpm: self test failure should not cause suspend to fail
    - mmap: introduce sane default mmap limits
    - mmap: relax file size limit for regular files
    - kconfig: Avoid format overflow warning from GCC 8.1
    - xfs: fix incorrect log_flushed on fsync
    - drm: set FMODE_UNSIGNED_OFFSET for drm files
    - brcmfmac: Fix check for ISO3166 code
    - bnx2x: use the right constant
    - dccp: don't free ccid2_hc_tx_sock struct in dccp_disconnect()
    - enic: set DMA mask to 47 bit
    - ip6mr: only set ip6mr_table from setsockopt when ip6mr_new_table succeeds
    - ipv4: remove warning in ip_recv_error
    - isdn: eicon: fix a missing-check bug
    - netdev-FAQ: clarify DaveM's position for stable backports
    - net/packet: refine check for priv area size
    - net: usb: cdc_mbim: add flag FLAG_SEND_ZLP
    - packet: fix reserve calculation
    - qed: Fix mask for physical address in ILT entry
    - net/mlx4: Fix irq-unsafe spinlock usage
    - team: use netdev_features_t instead of u32
    - rtnetlink: validate attributes in do_setlink()
    - net: phy: broadcom: Fix bcm_write_exp()
    - net: metrics: add proper netlink validation
    - Linux 4.4.137

  * Xenial update to 4.4.136 stable release (LP: #1776177)
    - arm64: lse: Add early clobbers to some input/output asm operands
    - powerpc/64s: Clear PCR on boot
    - USB: serial: cp210x: use tcflag_t to fix incompatible pointer type
    - sh: New gcc support
    - xfs: detect agfl count corruption and reset agfl
    - Input: elan_i2c_smbus - fix corrupted stack
    - tracing: Fix crash when freeing instances with event triggers
    - selinux: KASAN: slab-out-of-bounds in xattr_getsecurity
    - cfg80211: further limit wiphy names to 64 bytes
    - rtlwifi: rtl8192cu: Remove variable self-assignment in rf.c
    - ASoC: Intel: sst: remove redundant variable dma_dev_name
    - irda: fix overly long udelay()
    - tcp: avoid integer overflows in tcp_rcv_space_adjust()
    - i2c: rcar: make sure clocks are on when doing clock calculation
    - i2c: rcar: rework hw init
    - i2c: rcar: remove unused IOERROR state
    - i2c: rcar: remove spinlock
    - i2c: rcar: refactor setup of a msg
    - i2c: rcar: init new messages in irq
    - i2c: rcar: don't issue stop when HW does it automatically
    - i2c: rcar: check master irqs before slave irqs
    - i2c: rcar: revoke START request early
    - dmaengine: usb-dmac: fix endless loop in usb_dmac_chan_terminate_all()
    - iio:kfifo_buf: check for uint overflow
    - MIPS: ptrace: Fix PTRACE_PEEKUSR requests for 64-bit FGRs
    - MIPS: prctl: Disallow FRE without FR with PR_SET_FP_MODE requests
    - scsi: scsi_transport_srp: Fix shost to rport translation
    - stm class: Use vmalloc for the master map
    - hwtracing: stm: fix build error on some arches
    - drm/i915: Disable LVDS on Radiant P845
    - Kbuild: change CC_OPTIMIZE_FOR_SIZE definition
    - [Config] Add CONFIG_CC_OPTIMIZE_FOR_PERFORMANCE=y
    - fix io_destroy()/aio_complete() race
    - mm: fix the NULL mapping case in __isolate_lru_page()
    - sparc64: Fix build warnings with gcc 7.
    - Linux 4.4.136

  * Xenial update to 4.4.135 stable release (LP: #1776158)
    - Revert "vti4: Don't override MTU passed on link creation via IFLA_MTU"
    - Linux 4.4.135

 -- Khalid Elmously <email address hidden>  Wed, 01 Aug 2018 02:08:11 -0400
Superseded in trusty-updates on 2018-08-14
Deleted in trusty-proposed (Reason: moved to -updates)
linux-lts-xenial (4.4.0-131.157~14.04.1) trusty; urgency=medium

  * linux-lts-xenial: 4.4.0-131.157~14.04.1 -proposed tracker (LP: #1779378)

  * linux: 4.4.0-131.157 -proposed tracker (LP: #1779376)

  * Cannot set MTU higher than 1500 in Xen instance (LP: #1781413)
    - xen-netfront: Fix mismatched rtnl_unlock
    - xen-netfront: Update features after registering netdev

 -- Khalid Elmously <email address hidden>  Thu, 12 Jul 2018 01:46:32 -0400
Superseded in trusty-security on 2018-08-14
Superseded in trusty-updates on 2018-07-23
Deleted in trusty-proposed (Reason: moved to -updates)
linux-lts-xenial (4.4.0-130.156~14.04.1) trusty; urgency=medium

  * linux-lts-xenial: 4.4.0-130.156~14.04.1 -proposed tracker (LP: #1776823)

  * linux: 4.4.0-130.156 -proposed tracker (LP: #1776822)

  * CVE-2018-3665 (x86)
    - x86/fpu: Fix early FPU command-line parsing
    - x86/fpu: Fix 'no387' regression
    - x86/fpu: Disable MPX when eagerfpu is off
    - x86/fpu: Default eagerfpu=on on all CPUs
    - x86/fpu: Fix FNSAVE usage in eagerfpu mode
    - x86/fpu: Fix math emulation in eager fpu mode
    - x86/fpu: Fix eager-FPU handling on legacy FPU machines

Deleted in trusty-proposed on 2018-06-16 (Reason: NBS)
linux-lts-xenial (4.4.0-129.155~14.04.1) trusty; urgency=medium

  * linux-lts-xenial: 4.4.0-129.155~14.04.1 -proposed tracker (LP: #1776355)

  * linux: 4.4.0-129.155 -proposed tracker (LP: #1776352)

  * Xenial update to 4.4.134 stable release (LP: #1775771)
    - MIPS: ptrace: Expose FIR register through FP regset
    - MIPS: Fix ptrace(2) PTRACE_PEEKUSR and PTRACE_POKEUSR accesses to o32 FGRs
    - KVM: Fix spelling mistake: "cop_unsuable" -> "cop_unusable"
    - affs_lookup(): close a race with affs_remove_link()
    - aio: fix io_destroy(2) vs. lookup_ioctx() race
    - ALSA: timer: Fix pause event notification
    - mmc: sdhci-iproc: fix 32bit writes for TRANSFER_MODE register
    - libata: Blacklist some Sandisk SSDs for NCQ
    - libata: blacklist Micron 500IT SSD with MU01 firmware
    - xen-swiotlb: fix the check condition for xen_swiotlb_free_coherent
    - Revert "ipc/shm: Fix shmat mmap nil-page protection"
    - ipc/shm: fix shmat() nil address after round-down when remapping
    - kasan: fix memory hotplug during boot
    - kernel/sys.c: fix potential Spectre v1 issue
    - kernel/signal.c: avoid undefined behaviour in kill_something_info
    - xfs: remove racy hasattr check from attr ops
    - do d_instantiate/unlock_new_inode combinations safely
    - firewire-ohci: work around oversized DMA reads on JMicron controllers
    - NFSv4: always set NFS_LOCK_LOST when a lock is lost.
    - ALSA: hda - Use IS_REACHABLE() for dependency on input
    - ASoC: au1x: Fix timeout tests in au1xac97c_ac97_read()
    - kvm: x86: fix KVM_XEN_HVM_CONFIG ioctl
    - tracing/hrtimer: Fix tracing bugs by taking all clock bases and modes into
      account
    - PCI: Add function 1 DMA alias quirk for Marvell 9128
    - tools lib traceevent: Simplify pointer print logic and fix %pF
    - perf callchain: Fix attr.sample_max_stack setting
    - tools lib traceevent: Fix get_field_str() for dynamic strings
    - dm thin: fix documentation relative to low water mark threshold
    - nfs: Do not convert nfs_idmap_cache_timeout to jiffies
    - watchdog: sp5100_tco: Fix watchdog disable bit
    - kconfig: Don't leak main menus during parsing
    - kconfig: Fix automatic menu creation mem leak
    - kconfig: Fix expr_free() E_NOT leak
    - ipmi/powernv: Fix error return code in ipmi_powernv_probe()
    - Btrfs: set plug for fsync
    - btrfs: Fix out of bounds access in btrfs_search_slot
    - Btrfs: fix scrub to repair raid6 corruption
    - scsi: fas216: fix sense buffer initialization
    - HID: roccat: prevent an out of bounds read in kovaplus_profile_activated()
    - jffs2: Fix use-after-free bug in jffs2_iget()'s error handling path
    - powerpc/numa: Use ibm,max-associativity-domains to discover possible nodes
    - powerpc/numa: Ensure nodes initialized for hotplug
    - RDMA/mlx5: Avoid memory leak in case of XRCD dealloc failure
    - ntb_transport: Fix bug with max_mw_size parameter
    - ocfs2: return -EROFS to mount.ocfs2 if inode block is invalid
    - ocfs2/acl: use 'ip_xattr_sem' to protect getting extended attribute
    - ocfs2: return error when we attempt to access a dirty bh in jbd2
    - mm/mempolicy: fix the check of nodemask from user
    - mm/mempolicy: add nodes_empty check in SYSC_migrate_pages
    - asm-generic: provide generic_pmdp_establish()
    - mm: pin address_space before dereferencing it while isolating an LRU page
    - IB/ipoib: Fix for potential no-carrier state
    - x86/power: Fix swsusp_arch_resume prototype
    - firmware: dmi_scan: Fix handling of empty DMI strings
    - ACPI: processor_perflib: Do not send _PPC change notification if not ready
    - MIPS: TXx9: use IS_BUILTIN() for CONFIG_LEDS_CLASS
    - xen-netfront: Fix race between device setup and open
    - xen/grant-table: Use put_page instead of free_page
    - RDS: IB: Fix null pointer issue
    - arm64: spinlock: Fix theoretical trylock() A-B-A with LSE atomics
    - proc: fix /proc/*/map_files lookup
    - cifs: silence compiler warnings showing up with gcc-8.0.0
    - bcache: properly set task state in bch_writeback_thread()
    - bcache: fix for allocator and register thread race
    - bcache: fix for data collapse after re-attaching an attached device
    - bcache: return attach error when no cache set exist
    - tools/libbpf: handle issues with bpf ELF objects containing .eh_frames
    - locking/qspinlock: Ensure node->count is updated before initialising node
    - irqchip/gic-v3: Change pr_debug message to pr_devel
    - scsi: ufs: Enable quirk to ignore sending WRITE_SAME command
    - scsi: bnx2fc: Fix check in SCSI completion handler for timed out request
    - scsi: sym53c8xx_2: iterator underflow in sym_getsync()
    - scsi: mptfusion: Add bounds check in mptctl_hp_targetinfo()
    - scsi: qla2xxx: Avoid triggering undefined behavior in
      qla2x00_mbx_completion()
    - ARC: Fix malformed ARC_EMUL_UNALIGNED default
    - usb: gadget: f_uac2: fix bFirstInterface in composite gadget
    - usb: gadget: fsl_udc_core: fix ep valid checks
    - usb: dwc2: Fix dwc2_hsotg_core_init_disconnected()
    - selftests: memfd: add config fragment for fuse
    - scsi: storvsc: Increase cmd_per_lun for higher speed devices
    - scsi: aacraid: fix shutdown crash when init fails
    - scsi: qla4xxx: skip error recovery in case of register disconnect.
    - ARM: OMAP2+: timer: fix a kmemleak caused in omap_get_timer_dt
    - ARM: OMAP3: Fix prm wake interrupt for resume
    - ARM: OMAP1: clock: Fix debugfs_create_*() usage
    - NFC: llcp: Limit size of SDP URI
    - mac80211: round IEEE80211_TX_STATUS_HEADROOM up to multiple of 4
    - md raid10: fix NULL deference in handle_write_completed()
    - drm/exynos: fix comparison to bitshift when dealing with a mask
    - usb: musb: fix enumeration after resume
    - locking/xchg/alpha: Add unconditional memory barrier to cmpxchg()
    - md: raid5: avoid string overflow warning
    - kernel/relay.c: limit kmalloc size to KMALLOC_MAX_SIZE
    - powerpc/bpf/jit: Fix 32-bit JIT for seccomp_data access
    - s390/cio: fix return code after missing interrupt
    - s390/cio: clear timer when terminating driver I/O
    - ARM: OMAP: Fix dmtimer init for omap1
    - smsc75xx: fix smsc75xx_set_features()
    - regulatory: add NUL to request alpha2
    - locking/xchg/alpha: Fix xchg() and cmpxchg() memory ordering bugs
    - x86/topology: Update the 'cpu cores' field in /proc/cpuinfo correctly across
      CPU hotplug operations
    - media: dmxdev: fix error code for invalid ioctls
    - md/raid1: fix NULL pointer dereference
    - batman-adv: fix packet checksum in receive path
    - batman-adv: invalidate checksum on fragment reassembly
    - netfilter: ebtables: convert BUG_ONs to WARN_ONs
    - nvme-pci: Fix nvme queue cleanup if IRQ setup fails
    - clocksource/drivers/fsl_ftm_timer: Fix error return checking
    - r8152: fix tx packets accounting
    - virtio-gpu: fix ioctl and expose the fixed status to userspace.
    - dmaengine: rcar-dmac: fix max_chunk_size for R-Car Gen3
    - bcache: fix kcrashes with fio in RAID5 backend dev
    - sit: fix IFLA_MTU ignored on NEWLINK
    - gianfar: Fix Rx byte accounting for ndev stats
    - net/tcp/illinois: replace broken algorithm reference link
    - xen/pirq: fix error path cleanup when binding MSIs
    - Btrfs: send, fix issuing write op when processing hole in no data mode
    - selftests/powerpc: Skip the subpage_prot tests if the syscall is unavailable
    - KVM: PPC: Book3S HV: Fix VRMA initialization with 2MB or 1GB memory backing
    - watchdog: f71808e_wdt: Fix magic close handling
    - e1000e: Fix check_for_link return value with autoneg off
    - e1000e: allocate ring descriptors with dma_zalloc_coherent
    - usb: musb: call pm_runtime_{get,put}_sync before reading vbus registers
    - scsi: mpt3sas: Do not mark fw_event workqueue as WQ_MEM_RECLAIM
    - scsi: sd: Keep disk read-only when re-reading partition
    - fbdev: Fixing arbitrary kernel leak in case FBIOGETCMAP_SPARC in
      sbusfb_ioctl_helper().
    - xen: xenbus: use put_device() instead of kfree()
    - USB: OHCI: Fix NULL dereference in HCDs using HCD_LOCAL_MEM
    - netfilter: ebtables: fix erroneous reject of last rule
    - bnxt_en: Check valid VNIC ID in bnxt_hwrm_vnic_set_tpa().
    - workqueue: use put_device() instead of kfree()
    - ipv4: lock mtu in fnhe when received PMTU < net.ipv4.route.min_pmtu
    - sunvnet: does not support GSO for sctp
    - net: Fix vlan untag for bridge and vlan_dev with reorder_hdr off
    - batman-adv: fix header size check in batadv_dbg_arp()
    - vti4: Don't count header length twice on tunnel setup
    - vti4: Don't override MTU passed on link creation via IFLA_MTU
    - perf/cgroup: Fix child event counting bug
    - RDMA/ucma: Correct option size check using optlen
    - mm/mempolicy.c: avoid use uninitialized preferred_node
    - selftests: ftrace: Add probe event argument syntax testcase
    - selftests: ftrace: Add a testcase for string type with kprobe_event
    - selftests: ftrace: Add a testcase for probepoint
    - batman-adv: fix multicast-via-unicast transmission with AP isolation
    - batman-adv: fix packet loss for broadcasted DHCP packets to a server
    - ARM: 8748/1: mm: Define vdso_start, vdso_end as array
    - net: qmi_wwan: add BroadMobi BM806U 2020:2033
    - net/usb/qmi_wwan.c: Add USB id for lt4120 modem
    - net-usb: add qmi_wwan if on lte modem wistron neweb d18q1
    - llc: properly handle dev_queue_xmit() return value
    - mm/kmemleak.c: wait for scan completion before disabling free
    - net: Fix untag for vlan packets without ethernet header
    - net: mvneta: fix enable of all initialized RXQs
    - sh: fix debug trap failure to process signals before return to user
    - x86/pgtable: Don't set huge PUD/PMD on non-leaf entries
    - fs/proc/proc_sysctl.c: fix potential page fault while unregistering sysctl
      table
    - swap: divide-by-zero when zero length swap file on ssd
    - sr: get/drop reference to device in revalidate and check_events
    - Force log to disk before reading the AGF during a fstrim
    - cpufreq: CPPC: Initialize shared perf capabilities of CPUs
    - scsi: aacraid: Insure command thread is not recursively stopped
    - dp83640: Ensure against premature access to PHY registers after reset
    - mm/ksm: fix interaction with THP
    - mm: fix races between address_space dereference and free in page_evicatable
    - Btrfs: bail out on error during replay_dir_deletes
    - Btrfs: fix NULL pointer dereference in log_dir_items
    - btrfs: Fix possible softlock on single core machines
    - ocfs2/dlm: don't handle migrate lockres if already in shutdown
    - sched/rt: Fix rq->clock_update_flags < RQCF_ACT_SKIP warning
    - KVM: VMX: raise internal error for exception during invalid protected mode
      state
    - fscache: Fix hanging wait on page discarded by writeback
    - sparc64: Make atomic_xchg() an inline function rather than a macro.
    - rtc: snvs: Fix usage of snvs_rtc_enable
    - net: bgmac: Fix endian access in bgmac_dma_tx_ring_free()
    - Bluetooth: btusb: Add USB ID 7392:a611 for Edimax EW-7611ULB
    - btrfs: tests/qgroup: Fix wrong tree backref level
    - Btrfs: fix copy_items() return value when logging an inode
    - btrfs: fix lockdep splat in btrfs_alloc_subvolume_writers
    - xen/acpi: off by one in read_acpi_id()
    - ACPI: acpi_pad: Fix memory leak in power saving threads
    - powerpc/mpic: Check if cpu_possible() in mpic_physmask()
    - m68k: set dma and coherent masks for platform FEC ethernets
    - parisc/pci: Switch LBA PCI bus from Hard Fail to Soft Fail mode
    - hwmon: (nct6775) Fix writing pwmX_mode
    - rtc: hctosys: Ensure system time doesn't overflow time_t
    - powerpc/perf: Prevent kernel address leak to userspace via BHRB buffer
    - powerpc/perf: Fix kernel address leak via sampling registers
    - tools/thermal: tmon: fix for segfault
    - selftests: Print the test we're running to /dev/kmsg
    - net/mlx5: Protect from command bit overflow
    - ath10k: Fix kernel panic while using worker (ath10k_sta_rc_update_wk)
    - ima: Fix Kconfig to select TPM 2.0 CRB interface
    - [Config] CONFIG_TCG_CRB=y
    - ima: Fallback to the builtin hash algorithm
    - arm: dts: socfpga: fix GIC PPI warning
    - usb: dwc3: Update DWC_usb31 GTXFIFOSIZ reg fields
    - cpufreq: cppc_cpufreq: Fix cppc_cpufreq_init() failure path
    - clk: Don't show the incorrect clock phase
    - zorro: Set up z->dev.dma_mask for the DMA API
    - bcache: quit dc->writeback_thread when BCACHE_DEV_DETACHING is set
    - ACPICA: Events: add a return on failure from acpi_hw_register_read
    - ACPICA: acpi: acpica: fix acpi operand cache leak in nseval.c
    - i2c: mv64xxx: Apply errata delay only in standard mode
    - KVM: lapic: stop advertising DIRECTED_EOI when in-kernel IOAPIC is in use
    - xhci: zero usb device slot_id member when disabling and freeing a xhci slot
    - MIPS: ath79: Fix AR724X_PLL_REG_PCIE_CONFIG offset
    - PCI: Restore config space on runtime resume despite being unbound
    - ipmi_ssif: Fix kernel panic at msg_done_handler
    - usb: dwc2: Fix interval type issue
    - usb: gadget: ffs: Let setup() return USB_GADGET_DELAYED_STATUS
    - usb: gadget: ffs: Execute copy_to_user() with USER_DS set
    - powerpc: Add missing prototype for arch_irq_work_raise()
    - ASoC: topology: create TLV data for dapm widgets
    - perf/core: Fix perf_output_read_group()
    - hwmon: (pmbus/max8688) Accept negative page register values
    - hwmon: (pmbus/adm1275) Accept negative page register values
    - cdrom: do not call check_disk_change() inside cdrom_open()
    - gfs2: Fix fallocate chunk size
    - usb: gadget: udc: change comparison to bitshift when dealing with a mask
    - usb: gadget: composite: fix incorrect handling of OS desc requests
    - x86/devicetree: Initialize device tree before using it
    - x86/devicetree: Fix device IRQ settings in DT
    - ALSA: vmaster: Propagate slave error
    - media: cx23885: Override 888 ImpactVCBe crystal frequency
    - media: cx23885: Set subdev host data to clk_freq pointer
    - media: s3c-camif: fix out-of-bounds array access
    - dmaengine: pl330: fix a race condition in case of threaded irqs
    - media: em28xx: USB bulk packet size fix
    - clk: rockchip: Prevent calculating mmc phase if clock rate is zero
    - enic: enable rq before updating rq descriptors
    - hwrng: stm32 - add reset during probe
    - staging: rtl8192u: return -ENOMEM on failed allocation of priv->oldaddr
    - rtc: tx4939: avoid unintended sign extension on a 24 bit shift
    - serial: xuartps: Fix out-of-bounds access through DT alias
    - serial: samsung: Fix out-of-bounds access through serial port index
    - serial: mxs-auart: Fix out-of-bounds access through serial port index
    - serial: imx: Fix out-of-bounds access through serial port index
    - serial: fsl_lpuart: Fix out-of-bounds access through DT alias
    - serial: arc_uart: Fix out-of-bounds access through DT alias
    - PCI: Add function 1 DMA alias quirk for Marvell 88SE9220
    - udf: Provide saner default for invalid uid / gid
    - media: cx25821: prevent out-of-bounds read on array card
    - clk: samsung: s3c2410: Fix PLL rates
    - clk: samsung: exynos5260: Fix PLL rates
    - clk: samsung: exynos5433: Fix PLL rates
    - clk: samsung: exynos5250: Fix PLL rates
    - clk: samsung: exynos3250: Fix PLL rates
    - crypto: sunxi-ss - Add MODULE_ALIAS to sun4i-ss
    - audit: return on memory error to avoid null pointer dereference
    - MIPS: Octeon: Fix logging messages with spurious periods after newlines
    - drm/rockchip: Respect page offset for PRIME mmap calls
    - x86/apic: Set up through-local-APIC mode on the boot CPU if 'noapic'
      specified
    - perf tests: Use arch__compare_symbol_names to compare symbols
    - perf report: Fix memory corruption in --branch-history mode --branch-history
    - selftests/net: fixes psock_fanout eBPF test case
    - netlabel: If PF_INET6, check sk_buff ip header version
    - scsi: lpfc: Fix issue_lip if link is disabled
    - scsi: lpfc: Fix soft lockup in lpfc worker thread during LIP testing
    - scsi: lpfc: Fix frequency of Release WQE CQEs
    - regulator: of: Add a missing 'of_node_put()' in an error handling path of
      'of_regulator_match()'
    - ASoC: samsung: i2s: Ensure the RCLK rate is properly determined
    - Bluetooth: btusb: Add device ID for RTL8822BE
    - kdb: make "mdr" command repeat
    - s390/ftrace: use expoline for indirect branches
    - Linux 4.4.134

  * Support SocketCAN over USB on Dell IoT 300x Gateways (LP: #1774563)
    - [Config] CONFIG_CAN_HMS_USB=m
    - SAUCE: (no-up) Support IXXAT USB SocketCAN device
    - i386/amd64 -- Add new module ixx_usb

  * Ubuntu 16.04 (4.4.0-127) hangs on boot with virtio-scsi MQ enabled
    (LP: #1775235)
    - SAUCE: (no-up) virtio-scsi: Increment reqs counter.

  * register on binfmt_misc may overflow and crash the system (LP: #1775856)
    - fs/binfmt_misc.c: do not allow offset overflow

  * The kernel NULL pointer dereference happens when accessing the task_struct
    by task_cpu() in function cpuacct_charge() (LP: #1775326)
    - sched/cpuacct: Simplify the cpuacct code

  * Xenial update to 4.4.133 stable release (LP: #1775477)
    - 8139too: Use disable_irq_nosync() in rtl8139_poll_controller()
    - bridge: check iface upper dev when setting master via ioctl
    - dccp: fix tasklet usage
    - ipv4: fix memory leaks in udp_sendmsg, ping_v4_sendmsg
    - llc: better deal with too small mtu
    - net: ethernet: sun: niu set correct packet size in skb
    - net/mlx4_en: Verify coalescing parameters are in range
    - net_sched: fq: take care of throttled flows before reuse
    - net: support compat 64-bit time in {s,g}etsockopt
    - openvswitch: Don't swap table in nlattr_set() after OVS_ATTR_NESTED is found
    - qmi_wwan: do not steal interfaces from class drivers
    - r8169: fix powering up RTL8168h
    - sctp: handle two v4 addrs comparison in sctp_inet6_cmp_addr
    - sctp: use the old asoc when making the cookie-ack chunk in dupcook_d
    - tg3: Fix vunmap() BUG_ON() triggered from tg3_free_consistent().
    - bonding: do not allow rlb updates to invalid mac
    - tcp: ignore Fast Open on repair mode
    - sctp: fix the issue that the cookie-ack with auth can't get processed
    - sctp: delay the authentication for the duplicated cookie-echo chunk
    - ALSA: timer: Call notifier in the same spinlock
    - audit: move calcs after alloc and check when logging set loginuid
    - arm64: introduce mov_q macro to move a constant into a 64-bit register
    - [Config] Add CONFIG_ARM64_ERRATUM_1024718=y
    - arm64: Add work around for Arm Cortex-A55 Erratum 1024718
    - futex: Remove unnecessary warning from get_futex_key
    - futex: Remove duplicated code and fix undefined behaviour
    - xfrm: fix xfrm_do_migrate() with AEAD e.g(AES-GCM)
    - lockd: lost rollback of set_grace_period() in lockd_down_net()
    - Revert "ARM: dts: imx6qdl-wandboard: Fix audio channel swap"
    - l2tp: revert "l2tp: fix missing print session offset info"
    - pipe: cap initial pipe capacity according to pipe-max-size limit
    - futex: futex_wake_op, fix sign_extend32 sign bits
    - kernel/exit.c: avoid undefined behaviour when calling wait4()
    - usbip: usbip_host: refine probe and disconnect debug msgs to be useful
    - usbip: usbip_host: delete device from busid_table after rebind
    - usbip: usbip_host: run rebind from exit when module is removed
    - usbip: usbip_host: fix NULL-ptr deref and use-after-free errors
    - usbip: usbip_host: fix bad unlock balance during stub_probe()
    - ALSA: usb: mixer: volume quirk for CM102-A+/102S+
    - ALSA: hda: Add Lenovo C50 All in one to the power_save blacklist
    - ALSA: control: fix a redundant-copy issue
    - spi: pxa2xx: Allow 64-bit DMA
    - powerpc/powernv: panic() on OPAL < V3
    - powerpc/powernv: Remove OPALv2 firmware define and references
    - powerpc/powernv: remove FW_FEATURE_OPALv3 and just use FW_FEATURE_OPAL
    - cpuidle: coupled: remove unused define cpuidle_coupled_lock
    - powerpc: Don't preempt_disable() in show_cpuinfo()
    - vmscan: do not force-scan file lru if its absolute size is small
    - mm: filemap: remove redundant code in do_read_cache_page
    - mm: filemap: avoid unnecessary calls to lock_page when waiting for IO to
      complete during a read
    - signals: avoid unnecessary taking of sighand->siglock
    - tracing/x86/xen: Remove zero data size trace events
      trace_xen_mmu_flush_tlb{_all}
    - proc read mm's {arg,env}_{start,end} with mmap semaphore taken.
    - powerpc/powernv: Fix NVRAM sleep in invalid context when crashing
    - mm: don't allow deferred pages with NEED_PER_CPU_KM
    - s390/qdio: fix access to uninitialized qdio_q fields
    - s390/qdio: don't release memory in qdio_setup_irq()
    - s390: remove indirect branch from do_softirq_own_stack
    - efi: Avoid potential crashes, fix the 'struct efi_pci_io_protocol_32'
      definition for mixed mode
    - ARM: 8771/1: kprobes: Prohibit kprobes on do_undefinstr
    - tick/broadcast: Use for_each_cpu() specially on UP kernels
    - ARM: 8769/1: kprobes: Fix to use get_kprobe_ctlblk after irq-disabed
    - ARM: 8770/1: kprobes: Prohibit probing on optimized_callback
    - ARM: 8772/1: kprobes: Prohibit kprobes on get_user functions
    - Btrfs: fix xattr loss after power failure
    - btrfs: fix crash when trying to resume balance without the resume flag
    - btrfs: fix reading stale metadata blocks after degraded raid1 mounts
    - net: test tailroom before appending to linear skb
    - packet: in packet_snd start writing at link layer allocation
    - sock_diag: fix use-after-free read in __sk_free
    - tcp: purge write queue in tcp_connect_init()
    - ext2: fix a block leak
    - s390: add assembler macros for CPU alternatives
    - s390: move expoline assembler macros to a header
    - s390/lib: use expoline for indirect branches
    - s390/kernel: use expoline for indirect branches
    - s390: move spectre sysfs attribute code
    - s390: extend expoline to BC instructions
    - s390: use expoline thunks in the BPF JIT
    - scsi: libsas: defer ata device eh commands to libata
    - scsi: sg: allocate with __GFP_ZERO in sg_build_indirect()
    - scsi: zfcp: fix infinite iteration on ERP ready list
    - dmaengine: ensure dmaengine helpers check valid callback
    - time: Fix CLOCK_MONOTONIC_RAW sub-nanosecond accounting
    - gpio: rcar: Add Runtime PM handling for interrupts
    - cfg80211: limit wiphy names to 128 bytes
    - hfsplus: stop workqueue when fill_super() failed
    - x86/kexec: Avoid double free_page() upon do_kexec_load() failure
    - Linux 4.4.133

  * vmxnet3: update to latest ToT (LP: #1768143)
    - vmxnet3: avoid xmit reset due to a race in vmxnet3
    - vmxnet3: use correct flag to indicate LRO feature
    - vmxnet3: fix incorrect dereference when rxvlan is disabled

  * Prevent speculation on user controlled pointer (LP: #1775137)
    - x86: reorganize SMAP handling in user space accesses
    - x86: fix SMAP in 32-bit environments
    - x86: Introduce __uaccess_begin_nospec() and uaccess_try_nospec
    - x86/usercopy: Replace open coded stac/clac with __uaccess_{begin, end}
    - x86/uaccess: Use __uaccess_begin_nospec() and uaccess_try_nospec

  * Xenial update to 4.4.132 stable release (LP: #1774173)
    - perf/core: Fix the perf_cpu_time_max_percent check
    - bpf: map_get_next_key to return first key on NULL
    - percpu: include linux/sched.h for cond_resched()
    - mac80211: allow not sending MIC up from driver for HW crypto
    - mac80211: allow same PN for AMSDU sub-frames
    - mac80211: Add RX flag to indicate ICV stripped
    - ath10k: fix rfc1042 header retrieval in QCA4019 with eth decap mode
    - ath10k: rebuild crypto header in rx data frames
    - gpmi-nand: Handle ECC Errors in erased pages
    - USB: serial: option: Add support for Quectel EP06
    - ALSA: pcm: Check PCM state at xfern compat ioctl
    - ALSA: seq: Fix races at MIDI encoding in snd_virmidi_output_trigger()
    - ALSA: aloop: Mark paused device as inactive
    - ALSA: aloop: Add missing cable lock to ctl API callbacks
    - tracepoint: Do not warn on ENOMEM
    - Input: leds - fix out of bound access
    - Input: atmel_mxt_ts - add touchpad button mapping for Samsung Chromebook Pro
    - xfs: prevent creating negative-sized file via INSERT_RANGE
    - RDMA/ucma: Allow resolving address w/o specifying source address
    - RDMA/mlx5: Protect from shift operand overflow
    - NET: usb: qmi_wwan: add support for ublox R410M PID 0x90b2
    - IB/mlx5: Use unlimited rate when static rate is not supported
    - drm/vmwgfx: Fix a buffer object leak
    - test_firmware: fix setting old custom fw path back on exit, second try
    - USB: serial: visor: handle potential invalid device configuration
    - USB: Accept bulk endpoints with 1024-byte maxpacket
    - USB: serial: option: reimplement interface masking
    - USB: serial: option: adding support for ublox R410M
    - usb: musb: host: fix potential NULL pointer dereference
    - ipvs: fix rtnl_lock lockups caused by start_sync_thread
    - crypto: af_alg - fix possible uninit-value in alg_bind()
    - netlink: fix uninit-value in netlink_sendmsg
    - net: fix rtnh_ok()
    - net: initialize skb->peeked when cloning
    - net: fix uninit-value in __hw_addr_add_ex()
    - dccp: initialize ireq->ir_mark
    - soreuseport: initialise timewait reuseport field
    - perf: Remove superfluous allocation error check
    - tcp: fix TCP_REPAIR_QUEUE bound checking
    - bdi: Fix oops in wb_workfn()
    - f2fs: fix a dead loop in f2fs_fiemap()
    - xfrm_user: fix return value from xfrm_user_rcv_msg
    - rfkill: gpio: fix memory leak in probe error path
    - libata: Apply NOLPM quirk for SanDisk SD7UB3Q*G1001 SSDs
    - tracing: Fix regex_match_front() to not over compare the test string
    - can: kvaser_usb: Increase correct stats counter in kvaser_usb_rx_can_msg()
    - net: atm: Fix potential Spectre v1
    - atm: zatm: Fix potential Spectre v1
    - Revert "Bluetooth: btusb: Fix quirk for Atheros 1525/QCA6174"
    - tracing/uprobe_event: Fix strncpy corner case
    - perf/x86: Fix possible Spectre-v1 indexing for hw_perf_event cache_*
    - perf/x86/cstate: Fix possible Spectre-v1 indexing for pkg_msr
    - perf/x86/msr: Fix possible Spectre-v1 indexing in the MSR driver
    - perf/core: Fix possible Spectre-v1 indexing for ->aux_pages[]
    - perf/x86: Fix possible Spectre-v1 indexing for x86_pmu::event_map()
    - Linux 4.4.132

  * Update to upstream's implementation of Spectre v1 mitigation (LP: #1774181)
    - Documentation: Document array_index_nospec
    - array_index_nospec: Sanitize speculative array de-references
    - x86: Implement array_index_mask_nospec
    - x86: Introduce barrier_nospec
    - x86/get_user: Use pointer masking to limit speculation
    - x86/syscall: Sanitize syscall table de-references under speculation
    - vfs, fdtable: Prevent bounds-check bypass via speculative execution
    - nl80211: Sanitize array index in parse_txq_params
    - x86/spectre: Report get_user mitigation for spectre_v1
    - x86/kvm: Update spectre-v1 mitigation
    - nospec: Allow index argument to have const-qualified type
    - x86/syscall: Sanitize syscall table de-references under speculation fix
    - mpls, nospec: Sanitize array index in mpls_label_ok()
    - nospec: Include <asm/barrier.h> dependency
    - nospec: Move array_index_nospec() parameter checking into separate macro
    - nospec: Kill array_index_nospec_mask_check()
    - ALSA: seq: oss: Hardening for potential Spectre v1
    - ALSA: hda: Hardening for potential Spectre v1
    - SAUCE: Replace osb() calls with array_index_nospec()
    - SAUCE: Rename osb() to barrier_nospec()
    - SAUCE: bpf: Use barrier_nospec() instead of osb()

  * CVE-2018-3639 (x86)
    - KVM: x86: remove magic number with enum cpuid_leafs
    - SAUCE: x86/cpufeatures: Move CPUID_7_EDX CPUID bits to word 18
    - SAUCE: x86: Remove double include
    - SAUCE: x86/pti: Evaluate X86_BUG_CPU_MELTDOWN when pti=auto
    - SAUCE: x86/speculation: Query individual feature flags when reloading
      microcode

  * cpum_sf: ensure sample freq is non-zero (LP: #1772593)
    - s390/cpum_sf: ensure sample frequency of perf event attributes is non-zero

  * ELANPAD ELAN0612 does not work, patch available (LP: #1773509)
    - SAUCE: Input: elan_i2c - add ELAN0612 to the ACPI table

  * FS-Cache: Assertion failed: FS-Cache: 6 == 5 is false (LP: #1774336)
    - SAUCE: CacheFiles: fix a read_waiter/read_copier race

  * Kernel 4.4 NBD size overflow with image size exceeding 1TB (LP: #1772575)
    - nbd: use loff_t for blocksize and nbd_set_size args
    - nbd: fix 64-bit division

  * 4.4.0-127.153 generates many "sit: non-ECT" messages (LP: #1772775)
    - Revert "sit: reload iphdr in ipip6_rcv"

  * Creation of IMA file hashes fails when appraisal is enabled (LP: #1771826)
    - Revert "ima: limit file hash setting by user to fix and log modes"

  * Setting ipv6.disable=1 prevents both IPv4 and IPv6 socket opening for VXLAN
    tunnels (LP: #1771301)
    - vxlan: correctly handle ipv6.disable module parameter

  * CVE-2018-7755
    - SAUCE: floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl

  * Support UVC1.5 Camera for Xenial (LP: #1773905)
    - uvcvideo: Enable UVC 1.5 device detection

  * Kernel produces empty lines in /proc/PID/status (LP: #1772671)
    - SAUCE: seccomp: Remove double newline sequence in /proc/PID/status

  * rfi-flush: Switch to new linear fallback flush (LP: #1744173)
    - powerpc/64s: Improve RFI L1-D cache flush fallback
    - SAUCE: rfi-flush: Make it possible to call setup_rfi_flush() again

 -- Khalid Elmously <email address hidden>  Tue, 12 Jun 2018 04:10:32 -0400
Superseded in trusty-updates on 2018-07-02
Superseded in trusty-security on 2018-07-02
Deleted in trusty-proposed (Reason: NBS)
linux-lts-xenial (4.4.0-128.154~14.04.1) trusty; urgency=medium

  * linux-lts-xenial: 4.4.0-128.154~14.04.1 -proposed tracker (LP: #1772962)

  * linux: 4.4.0-128.154 -proposed tracker (LP: #1772960)

  * CVE-2018-3639 (x86)
    - x86/cpu: Make alternative_msr_write work for 32-bit code
    - x86/bugs: Fix the parameters alignment and missing void
    - KVM: SVM: Move spec control call after restore of GS
    - x86/speculation: Use synthetic bits for IBRS/IBPB/STIBP
    - x86/cpufeatures: Disentangle MSR_SPEC_CTRL enumeration from IBRS
    - x86/cpufeatures: Disentangle SSBD enumeration
    - x86/cpu/AMD: Fix erratum 1076 (CPB bit)
    - x86/cpufeatures: Add FEATURE_ZEN
    - x86/speculation: Handle HT correctly on AMD
    - x86/bugs, KVM: Extend speculation control for VIRT_SPEC_CTRL
    - x86/speculation: Add virtualized speculative store bypass disable support
    - x86/speculation: Rework speculative_store_bypass_update()
    - x86/bugs: Unify x86_spec_ctrl_{set_guest,restore_host}
    - x86/bugs: Expose x86_spec_ctrl_base directly
    - x86/bugs: Remove x86_spec_ctrl_set()
    - x86/bugs: Rework spec_ctrl base and mask logic
    - x86/speculation, KVM: Implement support for VIRT_SPEC_CTRL/LS_CFG
    - KVM: SVM: Implement VIRT_SPEC_CTRL support for SSBD
    - x86/bugs: Rename SSBD_NO to SSB_NO
    - KVM: VMX: Expose SSBD properly to guests.

  * [i915_bpo] Fix flickering issue after panel change (LP: #1770565)
    - drm/i915: Fix iboost setting for DDI with 4 lanes on SKL
    - drm/i915: Name the "iboost bit"
    - drm/i915: Program iboost settings for HDMI/DVI on SKL
    - drm/i915: Move bxt_ddi_vswing_sequence() call into intel_ddi_pre_enable()
      for HDMI
    - drm/i915: Explicitly use ddi buf trans entry 9 for hdmi
    - drm/i915: Split DP/eDP/FDI and HDMI/DVI DDI buffer programming apart
    - drm/i915: Get the iboost setting based on the port type
    - drm/i915: Simplify intel_ddi_get_encoder_port()
    - drm/i915: Fix iboost setting for SKL Y/U DP DDI buffer translation entry 2
    - drm/i915: KBL - Recommended buffer translation programming for DisplayPort
    - drm/i915: Ignore OpRegion panel type except on select machines

  * [SRU][Bionic/Artful] fix false positives in W+X checking (LP: #1769696)
    - init: fix false positives in W+X checking

  * [Ubuntu 16.04] kernel: fix rwlock implementation (LP: #1761674)
    - SAUCE: (no-up) s390: fix rwlock implementation

  * linux < 4.11: unable to use netfilter logging from non-init namespaces
    (LP: #1766573)
    - netfilter: allow logging from non-init namespaces

  * [LTC Test] Ubuntu 18.04:  tm_sigreturn failed on P8 compat mode 16.04.04
    guest (LP: #1771439)
    - powerpc: signals: Discard transaction state from signal frames

  * QCA9377 requires more IRAM banks for its new firmware (LP: #1748345)
    - ath10k: update the IRAM bank number for QCA9377

  * i915/kbl_dmc_ver1.bin failed with error -2 package 1.157.17 kernel
    4.4.0-116-generic (LP: #1752536)
    - ubuntu: i915_bpo - Add MODULE_FIRMWARE for Geminilake's DMC

  * Xenial update to 4.4.131 stable release (LP: #1768825)
    - ext4: prevent right-shifting extents beyond EXT_MAX_BLOCKS
    - ext4: set h_journal if there is a failure starting a reserved handle
    - ext4: add validity checks for bitmap block numbers
    - ext4: fix bitmap position validation
    - usbip: usbip_host: fix to hold parent lock for device_attach() calls
    - usbip: vhci_hcd: Fix usb device and sockfd leaks
    - USB: serial: simple: add libtransistor console
    - USB: serial: ftdi_sio: use jtag quirk for Arrow USB Blaster
    - USB: serial: cp210x: add ID for NI USB serial console
    - usb: core: Add quirk for HP v222w 16GB Mini
    - USB: Increment wakeup count on remote wakeup.
    - ALSA: usb-audio: Skip broken EU on Dell dock USB-audio
    - virtio: add ability to iterate over vqs
    - virtio_console: free buffers after reset
    - drm/virtio: fix vq wait_event condition
    - tty: Don't call panic() at tty_ldisc_init()
    - tty: n_gsm: Fix long delays with control frame timeouts in ADM mode
    - tty: n_gsm: Fix DLCI handling for ADM mode if debug & 2 is not set
    - tty: Use __GFP_NOFAIL for tty_ldisc_get()
    - ALSA: core: Report audio_tstamp in snd_pcm_sync_ptr
    - ALSA: seq: oss: Fix unbalanced use lock for synth MIDI device
    - ALSA: hda/realtek - Add some fixes for ALC233
    - mtd: cfi: cmdset_0001: Do not allow read/write to suspend erase block.
    - mtd: cfi: cmdset_0001: Workaround Micron Erase suspend bug.
    - mtd: cfi: cmdset_0002: Do not allow read/write to suspend erase block.
    - kobject: don't use WARN for registration failures
    - scsi: sd: Defer spinning up drive while SANITIZE is in progress
    - ARM: amba: Make driver_override output consistent with other buses
    - ARM: amba: Fix race condition with driver_override
    - ARM: amba: Don't read past the end of sysfs "driver_override" buffer
    - ASoC: fsl_esai: Fix divisor calculation failure at lower ratio
    - libceph: validate con->state at the top of try_write()
    - x86/ipc: Fix x32 version of shmid64_ds and msqid64_ds
    - x86/smpboot: Don't use mwait_play_dead() on AMD systems
    - serial: mctrl_gpio: export mctrl_gpio_disable_ms and mctrl_gpio_init
    - serial: mctrl_gpio: Add missing module license
    - Linux 4.4.131

  * Xenial update to 4.4.130 stable release (LP: #1768474) // CVE-2017-5715 //
    CVE-2017-5753
    - SAUCE: s390: print messages for gmb and nobp

  * Xenial update to 4.4.130 stable release (LP: #1768474)
    - cifs: do not allow creating sockets except with SMB1 posix exensions
    - x86/tsc: Prevent 32bit truncation in calc_hpet_ref()
    - perf: Return proper values for user stack errors
    - staging: ion : Donnot wakeup kswapd in ion system alloc
    - r8152: add Linksys USB3GIGV1 id
    - Input: drv260x - fix initializing overdrive voltage
    - ath9k_hw: check if the chip failed to wake up
    - jbd2: fix use after free in kjournald2()
    - Revert "ath10k: send (re)assoc peer command when NSS changed"
    - Revert "UBUNTU: SAUCE: s390: print messages for gmb and nobp"
    - Revert "UBUNTU: SAUCE: s390: improve cpu alternative handling for gmb and
      nobp"
    - Revert "s390: add ppa to kernel entry / exit"
    - Revert "s390: introduce CPU alternatives"
    - s390: introduce CPU alternatives
    - s390: enable CPU alternatives unconditionally
    - s390/alternative: use a copy of the facility bit mask
    - s390: add options to change branch prediction behaviour for the kernel
    - s390: scrub registers on kernel entry and KVM exit
    - s390: add optimized array_index_mask_nospec
    - s390: run user space and KVM guests with modified branch prediction
    - s390: introduce execute-trampolines for branches
    - s390: Replace IS_ENABLED(EXPOLINE_*) with IS_ENABLED(CONFIG_EXPOLINE_*)
    - s390: do not bypass BPENTER for interrupt system calls
    - s390/entry.S: fix spurious zeroing of r0
    - s390: move nobp parameter functions to nospec-branch.c
    - s390: add automatic detection of the spectre defense
    - [Config] Add CONFIG_EXPOLINE=y and CONFIG_EXPOLINE_AUTO=y
    - s390: report spectre mitigation via syslog
    - s390: add sysfs attributes for spectre
    - s390: correct nospec auto detection init order
    - s390: correct module section names for expoline code revert
    - bonding: do not set slave_dev npinfo before slave_enable_netpoll in
      bond_enslave
    - KEYS: DNS: limit the length of option strings
    - l2tp: check sockaddr length in pppol2tp_connect()
    - net: validate attribute sizes in neigh_dump_table()
    - llc: delete timers synchronously in llc_sk_free()
    - tcp: don't read out-of-bounds opsize
    - team: avoid adding twice the same option to the event list
    - team: fix netconsole setup over team
    - packet: fix bitfield update race
    - pppoe: check sockaddr length in pppoe_connect()
    - vlan: Fix reading memory beyond skb->tail in skb_vlan_tagged_multi
    - sctp: do not check port in sctp_inet6_cmp_addr
    - llc: hold llc_sap before release_sock()
    - llc: fix NULL pointer deref for SOCK_ZAPPED
    - tipc: add policy for TIPC_NLA_NET_ADDR
    - net: fix deadlock while clearing neighbor proxy table
    - tcp: md5: reject TCP_MD5SIG or TCP_MD5SIG_EXT on established sockets
    - net: af_packet: fix race in PACKET_{R|T}X_RING
    - ipv6: add RTA_TABLE and RTA_PREFSRC to rtm_ipv6_policy
    - scsi: mptsas: Disable WRITE SAME
    - cdrom: information leak in cdrom_ioctl_media_changed()
    - s390/cio: update chpid descriptor after resource accessibility event
    - s390/uprobes: implement arch_uretprobe_is_alive()
    - Linux 4.4.130
    - SAUCE: s390: Add 'nogmb' kernel parameter

  * Xenial update to 4.4.129 stable release (LP: #1768429)
    - media: v4l2-compat-ioctl32: don't oops on overlay
    - parisc: Fix out of array access in match_pci_device()
    - perf intel-pt: Fix overlap detection to identify consecutive buffers
      correctly
    - perf intel-pt: Fix sync_switch
    - perf intel-pt: Fix error recovery from missing TIP packet
    - perf intel-pt: Fix timestamp following overflow
    - radeon: hide pointless #warning when compile testing
    - block/loop: fix deadlock after loop_set_status
    - s390/qdio: don't retry EQBS after CCQ 96
    - s390/qdio: don't merge ERROR output buffers
    - s390/ipl: ensure loadparm valid flag is set
    - getname_kernel() needs to make sure that ->name != ->iname in long case
    - rtl8187: Fix NULL pointer dereference in priv->conf_mutex
    - hwmon: (ina2xx) Fix access to uninitialized mutex
    - cdc_ether: flag the Cinterion AHS8 modem by gemalto as WWAN
    - slip: Check if rstate is initialized before uncompressing
    - lan78xx: Correctly indicate invalid OTP
    - x86/hweight: Get rid of the special calling convention
    - [Config] Remove ARCH_HWEIGHT_CFLAGS
    - x86/hweight: Don't clobber %rdi
    - tty: make n_tty_read() always abort if hangup is in progress
    - ubifs: Check ubifs_wbuf_sync() return code
    - ubi: fastmap: Don't flush fastmap work on detach
    - ubi: Fix error for write access
    - ubi: Reject MLC NAND
    - fs/reiserfs/journal.c: add missing resierfs_warning() arg
    - resource: fix integer overflow at reallocation
    - ipc/shm: fix use-after-free of shm file via remap_file_pages()
    - mm, slab: reschedule cache_reap() on the same CPU
    - usb: musb: gadget: misplaced out of bounds check
    - ARM: dts: at91: at91sam9g25: fix mux-mask pinctrl property
    - ARM: dts: at91: sama5d4: fix pinctrl compatible string
    - xen-netfront: Fix hang on device removal
    - regmap: Fix reversed bounds check in regmap_raw_write()
    - ACPI / video: Add quirk to force acpi-video backlight on Samsung 670Z5E
    - ACPI / hotplug / PCI: Check presence of slot itself in get_slot_status()
    - USB:fix USB3 devices behind USB3 hubs not resuming at hibernate thaw
    - usb: dwc3: pci: Properly cleanup resource
    - HID: i2c-hid: fix size check and type usage
    - powerpc/powernv: Handle unknown OPAL errors in opal_nvram_write()
    - powerpc/64: Fix smp_wmb barrier definition use use lwsync consistently
    - powerpc/powernv: define a standard delay for OPAL_BUSY type retry loops
    - powerpc/powernv: Fix OPAL NVRAM driver OPAL_BUSY loops
    - HID: Fix hid_report_len usage
    - HID: core: Fix size as type u32
    - ASoC: ssm2602: Replace reg_default_raw with reg_default
    - thunderbolt: Resume control channel after hibernation image is created
    - random: use a tighter cap in credit_entropy_bits_safe()
    - jbd2: if the journal is aborted then don't allow update of the log tail
    - ext4: don't update checksum of new initialized bitmaps
    - ext4: fail ext4_iget for root directory if unallocated
    - RDMA/ucma: Don't allow setting RDMA_OPTION_IB_PATH without an RDMA device
    - ALSA: pcm: Fix UAF at PCM release via PCM timer access
    - IB/srp: Fix srp_abort()
    - IB/srp: Fix completion vector assignment algorithm
    - dmaengine: at_xdmac: fix rare residue corruption
    - um: Use POSIX ucontext_t instead of struct ucontext
    - iommu/vt-d: Fix a potential memory leak
    - mmc: jz4740: Fix race condition in IRQ mask update
    - clk: mvebu: armada-38x: add support for 1866MHz variants
    - clk: mvebu: armada-38x: add support for missing clocks
    - clk: bcm2835: De-assert/assert PLL reset signal when appropriate
    - thermal: imx: Fix race condition in imx_thermal_probe()
    - watchdog: f71808e_wdt: Fix WD_EN register read
    - ALSA: oss: consolidate kmalloc/memset 0 call to kzalloc
    - ALSA: pcm: Use ERESTARTSYS instead of EINTR in OSS emulation
    - ALSA: pcm: Avoid potential races between OSS ioctls and read/write
    - ALSA: pcm: Return -EBUSY for OSS ioctls changing busy streams
    - ALSA: pcm: Fix mutex unbalance in OSS emulation ioctls
    - ALSA: pcm: Fix endless loop for XRUN recovery in OSS emulation
    - vfio-pci: Virtualize PCIe & AF FLR
    - vfio/pci: Virtualize Maximum Payload Size
    - vfio/pci: Virtualize Maximum Read Request Size
    - ext4: don't allow r/w mounts if metadata blocks overlap the superblock
    - drm/radeon: Fix PCIe lane width calculation
    - ext4: fix crashes in dioread_nolock mode
    - ext4: fix deadlock between inline_data and ext4_expand_extra_isize_ea()
    - ALSA: line6: Use correct endpoint type for midi output
    - ALSA: rawmidi: Fix missing input substream checks in compat ioctls
    - ALSA: hda - New VIA controller suppor no-snoop path
    - HID: hidraw: Fix crash on HIDIOCGFEATURE with a destroyed device
    - MIPS: uaccess: Add micromips clobbers to bzero invocation
    - MIPS: memset.S: EVA & fault support for small_memset
    - MIPS: memset.S: Fix return of __clear_user from Lpartial_fixup
    - MIPS: memset.S: Fix clobber of v1 in last_fixup
    - powerpc/eeh: Fix enabling bridge MMIO windows
    - powerpc/lib: Fix off-by-one in alternate feature patching
    - jffs2_kill_sb(): deal with failed allocations
    - hypfs_kill_super(): deal with failed allocations
    - rpc_pipefs: fix double-dput()
    - Don't leak MNT_INTERNAL away from internal mounts
    - autofs: mount point create should honour passed in mode
    - mm: allow GFP_{FS,IO} for page_cache_read page cache allocation
    - mm/filemap.c: fix NULL pointer in page_cache_tree_insert()
    - ext4: bugfix for mmaped pages in mpage_release_unused_pages()
    - fanotify: fix logic of events on child
    - writeback: safer lock nesting
    - Linux 4.4.129

  * CVE-2018-8087
    - mac80211_hwsim: fix possible memory leak in hwsim_new_radio_nl()

  * Integrated Webcam Realtek Integrated_Webcam_HD (0bda:58f4) not working in
    DELL XPS 13 9370 with firmware 1.50 (LP: #1763748)
    - SAUCE: media: uvcvideo: Support realtek's UVC 1.5 device

  * [Xenial] Kernels OOPS when mwifiex is in AP mode (LP: #1769671)
    - Revert "UBUNTU: SAUCE: mwifiex: do not dereference invalid pointer"
    - Revert "UBUNTU: SAUCE: net/wireless: do not dereference invalid pointer"
    - mwifiex: cfg80211: do not change virtual interface during scan processing

  * user space process hung in 'D' state waiting for disk io to complete
    (LP: #1750038)
    - NFS: Use GFP_NOIO for two allocations in writeback

  * Acer Swift sf314-52 power button not managed  (LP: #1766054)
    - SAUCE: platform/x86: acer-wmi: add another KEY_POWER keycode

 -- Stefan Bader <email address hidden>  Fri, 25 May 2018 15:58:45 +0200
Superseded in trusty-updates on 2018-06-11
Superseded in trusty-security on 2018-06-11
Deleted in trusty-proposed (Reason: moved to -updates)
linux-lts-xenial (4.4.0-127.153~14.04.1) trusty; urgency=medium

  * CVE-2018-3639 (powerpc)
    - powerpc/pseries: Support firmware disable of RFI flush
    - powerpc/powernv: Support firmware disable of RFI flush
    - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
    - powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again
    - powerpc/rfi-flush: Always enable fallback flush on pseries
    - powerpc/rfi-flush: Differentiate enabled and patched flush types
    - powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration
    - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
    - powerpc: Add security feature flags for Spectre/Meltdown
    - powerpc/pseries: Set or clear security feature flags
    - powerpc/powernv: Set or clear security feature flags
    - powerpc/64s: Move cpu_show_meltdown()
    - powerpc/64s: Enhance the information in cpu_show_meltdown()
    - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
    - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
    - powerpc/64s: Wire up cpu_show_spectre_v1()
    - powerpc/64s: Wire up cpu_show_spectre_v2()
    - powerpc/pseries: Fix clearing of security feature flags
    - powerpc: Move default security feature flags
    - powerpc/pseries: Restore default security feature flags on setup
    - SAUCE: powerpc/64s: Add support for a store forwarding barrier at kernel
      entry/exit

  * CVE-2018-3639 (x86)
    - SAUCE: Clean up IBPB and IBRS control functions and macros
    - SAUCE: Fix up IBPB and IBRS kernel parameters documentation
    - SAUCE: Remove #define X86_FEATURE_PTI
    - x86/cpufeature: Move some of the scattered feature bits to x86_capability
    - x86/cpufeature: Cleanup get_cpu_cap()
    - x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6
    - x86/cpufeatures: Add CPUID_7_EDX CPUID leaf
    - x86/cpufeatures: Add Intel feature bits for Speculation Control
    - SAUCE: x86/kvm: Expose SPEC_CTRL from the leaf
    - x86/cpufeatures: Add AMD feature bits for Speculation Control
    - x86/msr: Add definitions for new speculation control MSRs
    - SAUCE: x86/msr: Rename MSR spec control feature bits
    - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
    - x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 microcodes
    - x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support
    - x86/speculation: Add <asm/msr-index.h> dependency
    - x86/cpufeatures: Clean up Spectre v2 related CPUID flags
    - x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel
    - SAUCE: x86/speculation: Move vendor specific IBRS/IBPB control code
    - SAUCE: x86: Add alternative_msr_write
    - SAUCE: x86/nospec: Simplify alternative_msr_write()
    - SAUCE: x86/bugs: Concentrate bug detection into a separate function
    - SAUCE: x86/bugs: Concentrate bug reporting into a separate function
    - arch: Introduce post-init read-only memory
    - SAUCE: x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
    - SAUCE: x86/bugs, KVM: Support the combination of guest and host IBRS
    - SAUCE: x86/bugs: Expose /sys/../spec_store_bypass
    - SAUCE: x86/cpufeatures: Add X86_FEATURE_RDS
    - SAUCE: x86/bugs: Provide boot parameters for the spec_store_bypass_disable
      mitigation
    - SAUCE: x86/bugs/intel: Set proper CPU features and setup RDS
    - SAUCE: x86/bugs: Whitelist allowed SPEC_CTRL MSR values
    - SAUCE: x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if
      requested
    - SAUCE: x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
    - SAUCE: x86/speculation: Create spec-ctrl.h to avoid include hell
    - SAUCE: prctl: Add speculation control prctls
    - x86/process: Optimize TIF checks in __switch_to_xtra()
    - SAUCE: x86/process: Allow runtime control of Speculative Store Bypass
    - SAUCE: x86/speculation: Add prctl for Speculative Store Bypass mitigation
    - SAUCE: nospec: Allow getting/setting on non-current task
    - SAUCE: proc: Provide details on speculation flaw mitigations
    - SAUCE: seccomp: Enable speculation flaw mitigations
    - SAUCE: x86/bugs: Honour SPEC_CTRL default
    - SAUCE: x86/bugs: Make boot modes __ro_after_init
    - SAUCE: prctl: Add force disable speculation
    - SAUCE: seccomp: Use PR_SPEC_FORCE_DISABLE
    - selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC
    - SAUCE: seccomp: Add filter flag to opt-out of SSB mitigation
    - SAUCE: seccomp: Move speculation migitation control to arch code
    - SAUCE: x86/speculation: Make "seccomp" the default mode for Speculative
      Store Bypass
    - SAUCE: x86/bugs: Rename _RDS to _SSBD
    - SAUCE: proc: Use underscores for SSBD in 'status'
    - SAUCE: Documentation/spec_ctrl: Do some minor cleanups
    - SAUCE: x86/bugs: Fix __ssb_select_mitigation() return type
    - SAUCE: x86/bugs: Make cpu_show_common() static
    - x86/entry: define _TIF_ALLWORK_MASK flags explicitly
    - Revert "x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2
      microcodes"
    - SAUCE: kvm/cpuid: Fix CPUID_7_0.EDX handling

Deleted in trusty-proposed on 2018-05-29 (Reason: NBS)
linux-lts-xenial (4.4.0-125.150~14.04.1) trusty; urgency=medium

  * linux-lts-xenial: 4.4.0-125.150~14.04.1 -proposed tracker (LP: #1770015)

  * linux: 4.4.0-125.150 -proposed tracker (LP: #1770011)

  * Unable to insert test_bpf module on Xenial (LP: #1765698)
    - bpf: fix selftests/bpf test_kmod.sh failure when CONFIG_BPF_JIT_ALWAYS_ON=y
    - test_bpf: Fix testing with CONFIG_BPF_JIT_ALWAYS_ON=y on other arches

  * virtio_scsi race can corrupt memory, panic kernel (LP: #1765241)
    - SAUCE: (no-up) virtio-scsi: Fix race in target free

  * bpf_map_lookup_elem: BUG: unable to handle kernel paging request
    (LP: #1763454) // CVE-2017-17862
    - SAUCE: Add missing hunks from "bpf: fix branch pruning logic"

  * Xenial: rfkill: fix missing return on rfkill_init  (LP: #1764810)
    - rfkill: fix missing return on rfkill_init

  * "ip a" command on a guest VM shows UNKNOWN status (LP: #1761534)
    - virtio-net: Fix operstate for virtio when no VIRTIO_NET_F_STATUS

  * Xenial update to 4.4.128 stable release (LP: #1765010)
    - cfg80211: make RATE_INFO_BW_20 the default
    - md/raid5: make use of spin_lock_irq over local_irq_disable + spin_lock
    - rtc: snvs: fix an incorrect check of return value
    - x86/asm: Don't use RBP as a temporary register in
      csum_partial_copy_generic()
    - NFSv4.1: RECLAIM_COMPLETE must handle NFS4ERR_CONN_NOT_BOUND_TO_SESSION
    - IB/srpt: Fix abort handling
    - af_key: Fix slab-out-of-bounds in pfkey_compile_policy.
    - mac80211: bail out from prep_connection() if a reconfig is ongoing
    - bna: Avoid reading past end of buffer
    - qlge: Avoid reading past end of buffer
    - ipmi_ssif: unlock on allocation failure
    - net: cdc_ncm: Fix TX zero padding
    - net: ethernet: ti: cpsw: adjust cpsw fifos depth for fullduplex flow control
    - lockd: fix lockd shutdown race
    - drivers/misc/vmw_vmci/vmci_queue_pair.c: fix a couple integer overflow tests
    - pidns: disable pid allocation if pid_ns_prepare_proc() is failed in
      alloc_pid()
    - s390: move _text symbol to address higher than zero
    - net/mlx4_en: Avoid adding steering rules with invalid ring
    - NFSv4.1: Work around a Linux server bug...
    - CIFS: silence lockdep splat in cifs_relock_file()
    - net: qca_spi: Fix alignment issues in rx path
    - netxen_nic: set rcode to the return status from the call to netxen_issue_cmd
    - Input: elan_i2c - check if device is there before really probing
    - Input: elantech - force relative mode on a certain module
    - KVM: PPC: Book3S PR: Check copy_to/from_user return values
    - vmxnet3: ensure that adapter is in proper state during force_close
    - SMB2: Fix share type handling
    - bus: brcmstb_gisb: Use register offsets with writes too
    - bus: brcmstb_gisb: correct support for 64-bit address output
    - PowerCap: Fix an error code in powercap_register_zone()
    - ARM: dts: imx53-qsrb: Pulldown PMIC IRQ pin
    - staging: wlan-ng: prism2mgmt.c: fixed a double endian conversion before
      calling hfa384x_drvr_setconfig16, also fixes relative sparse warning
    - x86/tsc: Provide 'tsc=unstable' boot parameter
    - ARM: dts: imx6qdl-wandboard: Fix audio channel swap
    - ipv6: avoid dad-failures for addresses with NODAD
    - async_tx: Fix DMA_PREP_FENCE usage in do_async_gen_syndrome()
    - usb: dwc3: keystone: check return value
    - btrfs: fix incorrect error return ret being passed to mapping_set_error
    - ata: libahci: properly propagate return value of platform_get_irq()
    - neighbour: update neigh timestamps iff update is effective
    - arp: honour gratuitous ARP _replies_
    - usb: chipidea: properly handle host or gadget initialization failure
    - USB: ene_usb6250: fix first command execution
    - net: x25: fix one potential use-after-free issue
    - USB: ene_usb6250: fix SCSI residue overwriting
    - serial: 8250: omap: Disable DMA for console UART
    - serial: sh-sci: Fix race condition causing garbage during shutdown
    - sh_eth: Use platform device for printing before register_netdev()
    - scsi: csiostor: fix use after free in csio_hw_use_fwconfig()
    - powerpc/mm: Fix virt_addr_valid() etc. on 64-bit hash
    - ath5k: fix memory leak on buf on failed eeprom read
    - selftests/powerpc: Fix TM resched DSCR test with some compilers
    - xfrm: fix state migration copy replay sequence numbers
    - iio: hi8435: avoid garbage event at first enable
    - iio: hi8435: cleanup reset gpio
    - ext4: handle the rest of ext4_mb_load_buddy() ENOMEM errors
    - md-cluster: fix potential lock issue in add_new_disk
    - ARM: davinci: da8xx: Create DSP device only when assigned memory
    - ray_cs: Avoid reading past end of buffer
    - leds: pca955x: Correct I2C Functionality
    - sched/numa: Use down_read_trylock() for the mmap_sem
    - net/mlx5: Tolerate irq_set_affinity_hint() failures
    - selinux: do not check open permission on sockets
    - block: fix an error code in add_partition()
    - mlx5: fix bug reading rss_hash_type from CQE
    - net: ieee802154: fix net_device reference release too early
    - libceph: NULL deref on crush_decode() error path
    - netfilter: ctnetlink: fix incorrect nf_ct_put during hash resize
    - pNFS/flexfiles: missing error code in ff_layout_alloc_lseg()
    - ASoC: rsnd: SSI PIO adjust to 24bit mode
    - scsi: bnx2fc: fix race condition in bnx2fc_get_host_stats()
    - fix race in drivers/char/random.c:get_reg()
    - ext4: fix off-by-one on max nr_pages in ext4_find_unwritten_pgoff()
    - tcp: better validation of received ack sequences
    - net: move somaxconn init from sysctl code
    - Input: elan_i2c - clear INT before resetting controller
    - bonding: Don't update slave->link until ready to commit
    - KVM: nVMX: Fix handling of lmsw instruction
    - net: llc: add lock_sock in llc_ui_bind to avoid a race condition
    - ARM: dts: ls1021a: add "fsl,ls1021a-esdhc" compatible string to esdhc node
    - thermal: power_allocator: fix one race condition issue for thermal_instances
      list
    - perf probe: Add warning message if there is unexpected event name
    - l2tp: fix missing print session offset info
    - rds; Reset rs->rs_bound_addr in rds_add_bound() failure path
    - hwmon: (ina2xx) Make calibration register value fixed
    - media: videobuf2-core: don't go out of the buffer range
    - ASoC: Intel: cht_bsw_rt5645: Analog Mic support
    - scsi: mpt3sas: Proper handling of set/clear of "ATA command pending" flag.
    - vfb: fix video mode and line_length being set when loaded
    - gpio: label descriptors using the device name
    - ASoC: Intel: sst: Fix the return value of 'sst_send_byte_stream_mrfld()'
    - wl1251: check return from call to wl1251_acx_arp_ip_filter
    - hdlcdrv: Fix divide by zero in hdlcdrv_ioctl
    - ovl: filter trusted xattr for non-admin
    - powerpc/[booke|4xx]: Don't clobber TCR[WP] when setting TCR[DIE]
    - dmaengine: imx-sdma: Handle return value of clk_prepare_enable
    - arm64: futex: Fix undefined behaviour with FUTEX_OP_OPARG_SHIFT usage
    - net/mlx5: avoid build warning for uniprocessor
    - cxgb4: FW upgrade fixes
    - rtc: opal: Handle disabled TPO in opal_get_tpo_time()
    - rtc: interface: Validate alarm-time before handling rollover
    - SUNRPC: ensure correct error is reported by xs_tcp_setup_socket()
    - net: freescale: fix potential null pointer dereference
    - KVM: SVM: do not zero out segment attributes if segment is unusable or not
      present
    - clk: scpi: fix return type of __scpi_dvfs_round_rate
    - clk: Fix __set_clk_rates error print-string
    - powerpc/spufs: Fix coredump of SPU contexts
    - perf trace: Add mmap alias for s390
    - qlcnic: Fix a sleep-in-atomic bug in qlcnic_82xx_hw_write_wx_2M and
      qlcnic_82xx_hw_read_wx_2M
    - mISDN: Fix a sleep-in-atomic bug
    - drm/omap: fix tiled buffer stride calculations
    - cxgb4: fix incorrect cim_la output for T6
    - Fix serial console on SNI RM400 machines
    - bio-integrity: Do not allocate integrity context for bio w/o data
    - skbuff: return -EMSGSIZE in skb_to_sgvec to prevent overflow
    - sit: reload iphdr in ipip6_rcv
    - net/mlx4: Fix the check in attaching steering rules
    - net/mlx4: Check if Granular QoS per VF has been enabled before updating QP
      qos_vport
    - perf header: Set proper module name when build-id event found
    - perf report: Ensure the perf DSO mapping matches what libdw sees
    - tags: honor COMPILED_SOURCE with apart output directory
    - e1000e: fix race condition around skb_tstamp_tx()
    - cx25840: fix unchecked return values
    - mceusb: sporadic RX truncation corruption fix
    - net: phy: avoid genphy_aneg_done() for PHYs without clause 22 support
    - ARM: imx: Add MXC_CPU_IMX6ULL and cpu_is_imx6ull
    - e1000e: Undo e1000e_pm_freeze if __e1000_shutdown fails
    - perf/core: Correct event creation with PERF_FORMAT_GROUP
    - MIPS: mm: fixed mappings: correct initialisation
    - MIPS: mm: adjust PKMAP location
    - MIPS: kprobes: flush_insn_slot should flush only if probe initialised
    - Fix loop device flush before configure v3
    - net: emac: fix reset timeout with AR8035 phy
    - skbuff: only inherit relevant tx_flags
    - xen: avoid type warning in xchg_xen_ulong
    - bnx2x: Allow vfs to disable txvlan offload
    - sctp: fix recursive locking warning in sctp_do_peeloff
    - sparc64: ldc abort during vds iso boot
    - iio: magnetometer: st_magn_spi: fix spi_device_id table
    - Bluetooth: Send HCI Set Event Mask Page 2 command only when needed
    - cpuidle: dt: Add missing 'of_node_put()'
    - ACPICA: Events: Add runtime stub support for event APIs
    - ACPICA: Disassembler: Abort on an invalid/unknown AML opcode
    - s390/dasd: fix hanging safe offline
    - vxlan: dont migrate permanent fdb entries during learn
    - bcache: stop writeback thread after detaching
    - bcache: segregate flash only volume write streams
    - scsi: libsas: fix memory leak in sas_smp_get_phy_events()
    - scsi: libsas: fix error when getting phy events
    - scsi: libsas: initialize sas_phy status according to response of DISCOVER
    - blk-mq: fix kernel oops in blk_mq_tag_idle()
    - tty: n_gsm: Allow ADM response in addition to UA for control dlci
    - EDAC, mv64x60: Fix an error handling path
    - cxgb4vf: Fix SGE FL buffer initialization logic for 64K pages
    - perf tools: Fix copyfile_offset update of output offset
    - ipsec: check return value of skb_to_sgvec always
    - rxrpc: check return value of skb_to_sgvec always
    - virtio_net: check return value of skb_to_sgvec always
    - virtio_net: check return value of skb_to_sgvec in one more location
    - random: use lockless method of accessing and updating f->reg_idx
    - futex: Remove requirement for lock_page() in get_futex_key()
    - Kbuild: provide a __UNIQUE_ID for clang
    - arp: fix arp_filter on l3slave devices
    - net: fix possible out-of-bound read in skb_network_protocol()
    - net/ipv6: Fix route leaking between VRFs
    - netlink: make sure nladdr has correct size in netlink_connect()
    - net/sched: fix NULL dereference in the error path of tcf_bpf_init()
    - pptp: remove a buggy dst release in pptp_connect()
    - sctp: do not leak kernel memory to user space
    - sctp: sctp_sockaddr_af must check minimal addr length for AF_INET6
    - vhost: correctly remove wait queue during poll failure
    - vlan: also check phy_driver ts_info for vlan's real device
    - bonding: fix the err path for dev hwaddr sync in bond_enslave
    - bonding: move dev_mc_sync after master_upper_dev_link in bond_enslave
    - bonding: process the err returned by dev_set_allmulti properly in
      bond_enslave
    - net: fool proof dev_valid_name()
    - ip_tunnel: better validate user provided tunnel names
    - ipv6: sit: better validate user provided tunnel names
    - ip6_gre: better validate user provided tunnel names
    - ip6_tunnel: better validate user provided tunnel names
    - vti6: better validate user provided tunnel names
    - r8169: fix setting driver_data after register_netdev
    - net sched actions: fix dumping which requires several messages to user space
    - net/ipv6: Increment OUTxxx counters after netfilter hook
    - ipv6: the entire IPv6 header chain must fit the first fragment
    - vrf: Fix use after free and double free in vrf_finish_output
    - Revert "xhci: plat: Register shutdown for xhci_plat"
    - Linux 4.4.128

  * sky2 gigabit ethernet driver sometimes stops working after lid-open resume
    from sleep (88E8055) (LP: #1758507) // Xenial update to 4.4.128 stable
    release (LP: #1765010)
    - sky2: Increase D3 delay to sky2 stops working after suspend

  * Xenial update to 4.4.127 stable release (LP: #1765007)
    - mtd: jedec_probe: Fix crash in jedec_read_mfr()
    - ALSA: pcm: Use dma_bytes as size parameter in dma_mmap_coherent()
    - ALSA: pcm: potential uninitialized return values
    - partitions/msdos: Unable to mount UFS 44bsd partitions
    - usb: gadget: define free_ep_req as universal function
    - usb: gadget: change len to size_t on alloc_ep_req()
    - usb: gadget: fix usb_ep_align_maybe endianness and new usb_ep_align
    - usb: gadget: align buffer size when allocating for OUT endpoint
    - usb: gadget: f_hid: fix: Prevent accessing released memory
    - kprobes/x86: Fix to set RWX bits correctly before releasing trampoline
    - ACPI, PCI, irq: remove redundant check for null string pointer
    - writeback: fix the wrong congested state variable definition
    - PCI: Make PCI_ROM_ADDRESS_MASK a 32-bit constant
    - dm ioctl: remove double parentheses
    - Input: mousedev - fix implicit conversion warning
    - netfilter: nf_nat_h323: fix logical-not-parentheses warning
    - genirq: Use cpumask_available() for check of cpumask variable
    - cpumask: Add helper cpumask_available()
    - selinux: Remove unnecessary check of array base in selinux_set_mapping()
    - fs: compat: Remove warning from COMPATIBLE_IOCTL
    - jiffies.h: declare jiffies and jiffies_64 with ____cacheline_aligned_in_smp
    - frv: declare jiffies to be located in the .data section
    - audit: add tty field to LOGIN event
    - tty: provide tty_name() even without CONFIG_TTY
    - netfilter: ctnetlink: Make some parameters integer to avoid enum mismatch
    - selinux: Remove redundant check for unknown labeling behavior
    - arm64: avoid overflow in VA_START and PAGE_OFFSET
    - xfrm_user: uncoditionally validate esn replay attribute struct
    - RDMA/ucma: Check AF family prior resolving address
    - RDMA/ucma: Fix use-after-free access in ucma_close
    - RDMA/ucma: Ensure that CM_ID exists prior to access it
    - RDMA/ucma: Check that device is connected prior to access it
    - RDMA/ucma: Check that device exists prior to accessing it
    - RDMA/ucma: Don't allow join attempts for unsupported AF family
    - RDMA/ucma: Introduce safer rdma_addr_size() variants
    - net: xfrm: use preempt-safe this_cpu_read() in ipcomp_alloc_tfms()
    - xfrm: Refuse to insert 32 bit userspace socket policies on 64 bit systems
    - netfilter: bridge: ebt_among: add more missing match size checks
    - netfilter: x_tables: add and use xt_check_proc_name
    - Bluetooth: Fix missing encryption refresh on Security Request
    - llist: clang: introduce member_address_is_nonnull()
    - scsi: virtio_scsi: always read VPD pages for multiqueue too
    - usb: dwc2: Improve gadget state disconnection handling
    - USB: serial: ftdi_sio: add RT Systems VX-8 cable
    - USB: serial: ftdi_sio: add support for Harman FirmwareHubEmulator
    - USB: serial: cp210x: add ELDAT Easywave RX09 id
    - mei: remove dev_err message on an unsupported ioctl
    - media: usbtv: prevent double free in error case
    - parport_pc: Add support for WCH CH382L PCI-E single parallel port card.
    - crypto: ahash - Fix early termination in hash walk
    - crypto: x86/cast5-avx - fix ECB encryption when long sg follows short one
    - fs/proc: Stop trying to report thread stacks
    - staging: comedi: ni_mio_common: ack ai fifo error interrupts.
    - Input: i8042 - add Lenovo ThinkPad L460 to i8042 reset list
    - Input: i8042 - enable MUX on Sony VAIO VGN-CS series to fix touchpad
    - vt: change SGR 21 to follow the standards
    - Documentation: pinctrl: palmas: Add ti,palmas-powerhold-override property
      definition
    - ARM: dts: dra7: Add power hold and power controller properties to palmas
    - ARM: dts: am57xx-beagle-x15-common: Add overide powerhold property
    - md/raid10: reset the 'first' at the end of loop
    - net: hns: Fix ethtool private flags
    - Revert "PCI/MSI: Stop disabling MSI/MSI-X in pci_device_shutdown()"
    - Revert "ARM: dts: am335x-pepper: Fix the audio CODEC's reset pin"
    - Revert "ARM: dts: omap3-n900: Fix the audio CODEC's reset pin"
    - Revert "cpufreq: Fix governor module removal race"
    - Revert "mtip32xx: use runtime tag to initialize command header"
    - spi: davinci: fix up dma_mapping_error() incorrect patch
    - net: cavium: liquidio: fix up "Avoid dma_unmap_single on uninitialized
      ndata"
    - Revert "ip6_vti: adjust vti mtu according to mtu of lower device"
    - Linux 4.4.127

  * Xenial update to 4.4.126 stable release (LP: #1764999)
    - scsi: sg: don't return bogus Sg_requests
    - Revert "genirq: Use irqd_get_trigger_type to compare the trigger type for
      shared IRQs"
    - net: Fix hlist corruptions in inet_evict_bucket()
    - dccp: check sk for closed state in dccp_sendmsg()
    - ipv6: fix access to non-linear packet in ndisc_fill_redirect_hdr_option()
    - l2tp: do not accept arbitrary sockets
    - net: ethernet: arc: Fix a potential memory leak if an optional regulator is
      deferred
    - net: ethernet: ti: cpsw: add check for in-band mode setting with RGMII PHY
      interface
    - net/iucv: Free memory obtained by kzalloc
    - netlink: avoid a double skb free in genlmsg_mcast()
    - net: Only honor ifindex in IP_PKTINFO if non-0
    - skbuff: Fix not waking applications when errors are enqueued
    - team: Fix double free in error path
    - s390/qeth: free netdevice when removing a card
    - s390/qeth: when thread completes, wake up all waiters
    - s390/qeth: lock read device while queueing next buffer
    - s390/qeth: on channel error, reject further cmd requests
    - ieee802154: 6lowpan: fix possible NULL deref in lowpan_device_event()
    - net: fec: Fix unbalanced PM runtime calls
    - net: systemport: Rewrite __bcm_sysport_tx_reclaim()
    - Linux 4.4.126

  * Xenial update to 4.4.125 stable release (LP: #1764973)
    - MIPS: ralink: Remove ralink_halt()
    - iio: st_pressure: st_accel: pass correct platform data to init
    - ALSA: usb-audio: Fix parsing descriptor of UAC2 processing unit
    - ALSA: aloop: Sync stale timer before release
    - ALSA: aloop: Fix access to not-yet-ready substream via cable
    - ALSA: hda/realtek - Always immediately update mute LED with pin VREF
    - mmc: dw_mmc: fix falling from idmac to PIO mode when dw_mci_reset occurs
    - PCI: Add function 1 DMA alias quirk for Highpoint RocketRAID 644L
    - ahci: Add PCI-id for the Highpoint Rocketraid 644L card
    - clk: bcm2835: Protect sections updating shared registers
    - Bluetooth: btusb: Fix quirk for Atheros 1525/QCA6174
    - libata: fix length validation of ATAPI-relayed SCSI commands
    - libata: remove WARN() for DMA or PIO command without data
    - libata: Apply NOLPM quirk to Crucial MX100 512GB SSDs
    - libata: Enable queued TRIM for Samsung SSD 860
    - libata: Apply NOLPM quirk to Crucial M500 480 and 960GB SSDs
    - libata: Make Crucial BX100 500GB LPM quirk apply to all firmware versions
    - libata: Modify quirks for MX100 to limit NCQ_TRIM quirk to MU01 version
    - mm/vmalloc: add interfaces to free unmapped page table
    - x86/mm: implement free pmd/pte page interfaces
    - drm/vmwgfx: Fix a destoy-while-held mutex problem.
    - drm/radeon: Don't turn off DP sink when disconnected
    - drm: udl: Properly check framebuffer mmap offsets
    - acpi, numa: fix pxm to online numa node associations
    - brcmfmac: fix P2P_DEVICE ethernet address generation
    - rtlwifi: rtl8723be: Fix loss of signal
    - tracing: probeevent: Fix to support minus offset from symbol
    - mtd: nand: fsl_ifc: Fix nand waitfunc return value
    - staging: ncpfs: memory corruption in ncp_read_kernel()
    - can: cc770: Fix stalls on rt-linux, remove redundant IRQ ack
    - can: cc770: Fix queue stall & dropped RTR reply
    - can: cc770: Fix use after free in cc770_tx_interrupt()
    - tty: vt: fix up tabstops properly
    - x86/build/64: Force the linker to use 2MB page size
    - x86/boot/64: Verify alignment of the LOAD segment
    - perf/x86/intel: Don't accidentally clear high bits in bdw_limit_period()
    - staging: lustre: ptlrpc: kfree used instead of kvfree
    - kbuild: disable clang's default use of -fmerge-all-constants
    - bpf: skip unnecessary capability check
    - bpf, x64: increase number of passes
    - Linux 4.4.125

  * System fails to start (boot) on battery due to read-only root file-system
    (LP: #1726930) // Xenial update to 4.4.125 stable release (LP: #1764973)
    - libata: disable LPM for Crucial BX100 SSD 500GB drive

  * Xenial update to 4.4.124 stable release (LP: #1764762)
    - tpm: fix potential buffer overruns caused by bit glitches on the bus
    - tpm_tis: fix potential buffer overruns caused by bit glitches on the bus
    - staging: android: ashmem: Fix possible deadlock in ashmem_ioctl
    - platform/x86: asus-nb-wmi: Add wapf4 quirk for the X302UA
    - regulator: anatop: set default voltage selector for pcie
    - x86: i8259: export legacy_pic symbol
    - rtc: cmos: Do not assume irq 8 for rtc when there are no legacy irqs
    - Input: ar1021_i2c - fix too long name in driver's device table
    - time: Change posix clocks ops interfaces to use timespec64
    - ACPI/processor: Fix error handling in __acpi_processor_start()
    - ACPI/processor: Replace racy task affinity logic
    - cpufreq/sh: Replace racy task affinity logic
    - genirq: Use irqd_get_trigger_type to compare the trigger type for shared
      IRQs
    - i2c: i2c-scmi: add a MS HID
    - net: ipv6: send unsolicited NA on admin up
    - media/dvb-core: Race condition when writing to CAM
    - spi: dw: Disable clock after unregistering the host
    - ath: Fix updating radar flags for coutry code India
    - clk: ns2: Correct SDIO bits
    - scsi: virtio_scsi: Always try to read VPD pages
    - KVM: PPC: Book3S PR: Exit KVM on failed mapping
    - ARM: 8668/1: ftrace: Fix dynamic ftrace with DEBUG_RODATA and !FRAME_POINTER
    - iommu/omap: Register driver before setting IOMMU ops
    - md/raid10: wait up frozen array in handle_write_completed
    - NFS: Fix missing pg_cleanup after nfs_pageio_cond_complete()
    - tcp: remove poll() flakes with FastOpen
    - e1000e: fix timing for 82579 Gigabit Ethernet controller
    - ALSA: hda - Fix headset microphone detection for ASUS N551 and N751
    - IB/ipoib: Fix deadlock between ipoib_stop and mcast join flow
    - IB/ipoib: Update broadcast object if PKey value was changed in index 0
    - HSI: ssi_protocol: double free in ssip_pn_xmit()
    - IB/mlx4: Take write semaphore when changing the vma struct
    - IB/mlx4: Change vma from shared to private
    - ASoC: Intel: Skylake: Uninitialized variable in probe_codec()
    - Fix driver usage of 128B WQEs when WQ_CREATE is V1.
    - netfilter: xt_CT: fix refcnt leak on error path
    - openvswitch: Delete conntrack entry clashing with an expectation.
    - mmc: host: omap_hsmmc: checking for NULL instead of IS_ERR()
    - wan: pc300too: abort path on failure
    - qlcnic: fix unchecked return value
    - scsi: mac_esp: Replace bogus memory barrier with spinlock
    - infiniband/uverbs: Fix integer overflows
    - NFS: don't try to cross a mountpount when there isn't one there.
    - Revert "UBUNTU: SAUCE: (no-up) iio: st_pressure: st_accel: Initialise sensor
      platform data properly"
    - iio: st_pressure: st_accel: Initialise sensor platform data properly
    - mt7601u: check return value of alloc_skb
    - rndis_wlan: add return value validation
    - Btrfs: send, fix file hole not being preserved due to inline extent
    - mac80211: don't parse encrypted management frames in ieee80211_frame_acked
    - mfd: palmas: Reset the POWERHOLD mux during power off
    - mtip32xx: use runtime tag to initialize command header
    - staging: unisys: visorhba: fix s-Par to boot with option CONFIG_VMAP_STACK
      set to y
    - staging: wilc1000: fix unchecked return value
    - mmc: sdhci-of-esdhc: limit SD clock for ls1012a/ls1046a
    - ARM: DRA7: clockdomain: Change the CLKTRCTRL of CM_PCIE_CLKSTCTRL to SW_WKUP
    - ipmi/watchdog: fix wdog hang on panic waiting for ipmi response
    - ACPI / PMIC: xpower: Fix power_table addresses
    - drm/nouveau/kms: Increase max retries in scanout position queries.
    - bnx2x: Align RX buffers
    - power: supply: pda_power: move from timer to delayed_work
    - Input: twl4030-pwrbutton - use correct device for irq request
    - md/raid10: skip spare disk as 'first' disk
    - ia64: fix module loading for gcc-5.4
    - tcm_fileio: Prevent information leak for short reads
    - video: fbdev: udlfb: Fix buffer on stack
    - sm501fb: don't return zero on failure path in sm501fb_start()
    - net: hns: fix ethtool_get_strings overflow in hns driver
    - cifs: small underflow in cnvrtDosUnixTm()
    - rtc: ds1374: wdt: Fix issue with timeout scaling from secs to wdt ticks
    - rtc: ds1374: wdt: Fix stop/start ioctl always returning -EINVAL
    - perf tests kmod-path: Don't fail if compressed modules aren't supported
    - Bluetooth: hci_qca: Avoid setup failure on missing rampatch
    - media: c8sectpfe: fix potential NULL pointer dereference in
      c8sectpfe_timer_interrupt
    - drm/msm: fix leak in failed get_pages
    - RDMA/iwpm: Fix uninitialized error code in iwpm_send_mapinfo()
    - rtlwifi: rtl_pci: Fix the bug when inactiveps is enabled.
    - media: bt8xx: Fix err 'bt878_probe()'
    - media: [RESEND] media: dvb-frontends: Add delay to Si2168 restart
    - cros_ec: fix nul-termination for firmware build info
    - platform/chrome: Use proper protocol transfer function
    - mmc: avoid removing non-removable hosts during suspend
    - IB/ipoib: Avoid memory leak if the SA returns a different DGID
    - RDMA/cma: Use correct size when writing netlink stats
    - IB/umem: Fix use of npages/nmap fields
    - vgacon: Set VGA struct resource types
    - drm/omap: DMM: Check for DMM readiness after successful transaction commit
    - pty: cancel pty slave port buf's work in tty_release
    - coresight: Fix disabling of CoreSight TPIU
    - pinctrl: Really force states during suspend/resume
    - iommu/vt-d: clean up pr_irq if request_threaded_irq fails
    - ip6_vti: adjust vti mtu according to mtu of lower device
    - RDMA/ocrdma: Fix permissions for OCRDMA_RESET_STATS
    - nfsd4: permit layoutget of executable-only files
    - clk: si5351: Rename internal plls to avoid name collisions
    - dmaengine: ti-dma-crossbar: Fix event mapping for TPCC_EVT_MUX_60_63
    - RDMA/ucma: Fix access to non-initialized CM_ID object
    - Linux 4.4.124

  * Xenial update to 4.4.123 stable release (LP: #1764666)
    - blkcg: fix double free of new_blkg in blkcg_init_queue
    - Input: tsc2007 - check for presence and power down tsc2007 during probe
    - staging: speakup: Replace BUG_ON() with WARN_ON().
    - staging: wilc1000: add check for kmalloc allocation failure.
    - HID: reject input outside logical range only if null state is set
    - drm: qxl: Don't alloc fbdev if emulation is not supported
    - ath10k: fix a warning during channel switch with multiple vaps
    - PCI/MSI: Stop disabling MSI/MSI-X in pci_device_shutdown()
    - selinux: check for address length in selinux_socket_bind()
    - perf sort: Fix segfault with basic block 'cycles' sort dimension
    - i40e: Acquire NVM lock before reads on all devices
    - i40e: fix ethtool to get EEPROM data from X722 interface
    - perf tools: Make perf_event__synthesize_mmap_events() scale
    - drivers: net: xgene: Fix hardware checksum setting
    - drm: Defer disabling the vblank IRQ until the next interrupt (for instant-
      off)
    - ath10k: disallow DFS simulation if DFS channel is not enabled
    - perf probe: Return errno when not hitting any event
    - HID: clamp input to logical range if no null state
    - net/8021q: create device with all possible features in wanted_features
    - ARM: dts: Adjust moxart IRQ controller and flags
    - batman-adv: handle race condition for claims between gateways
    - of: fix of_device_get_modalias returned length when truncating buffers
    - solo6x10: release vb2 buffers in solo_stop_streaming()
    - scsi: ipr: Fix missed EH wakeup
    - media: i2c/soc_camera: fix ov6650 sensor getting wrong clock
    - timers, sched_clock: Update timeout for clock wrap
    - sysrq: Reset the watchdog timers while displaying high-resolution timers
    - Input: qt1070 - add OF device ID table
    - sched: act_csum: don't mangle TCP and UDP GSO packets
    - ASoC: rcar: ssi: don't set SSICR.CKDV = 000 with SSIWSR.CONT
    - spi: omap2-mcspi: poll OMAP2_MCSPI_CHSTAT_RXS for PIO transfer
    - tcp: sysctl: Fix a race to avoid unexpected 0 window from space
    - dmaengine: imx-sdma: add 1ms delay to ensure SDMA channel is stopped
    - driver: (adm1275) set the m,b and R coefficients correctly for power
    - mm: Fix false-positive VM_BUG_ON() in page_cache_{get,add}_speculative()
    - blk-throttle: make sure expire time isn't too big
    - f2fs: relax node version check for victim data in gc
    - bonding: refine bond_fold_stats() wrap detection
    - braille-console: Fix value returned by _braille_console_setup
    - drm/vmwgfx: Fixes to vmwgfx_fb
    - vxlan: vxlan dev should inherit lowerdev's gso_max_size
    - NFC: nfcmrvl: Include unaligned.h instead of access_ok.h
    - NFC: nfcmrvl: double free on error path
    - ARM: dts: r8a7790: Correct parent of SSI[0-9] clocks
    - ARM: dts: r8a7791: Correct parent of SSI[0-9] clocks
    - powerpc: Avoid taking a data miss on every userspace instruction miss
    - net/faraday: Add missing include of of.h
    - ARM: dts: koelsch: Correct clock frequency of X2 DU clock input
    - reiserfs: Make cancel_old_flush() reliable
    - ALSA: firewire-digi00x: handle all MIDI messages on streaming packets
    - fm10k: correctly check if interface is removed
    - apparmor: Make path_max parameter readonly
    - iommu/iova: Fix underflow bug in __alloc_and_insert_iova_range
    - video: ARM CLCD: fix dma allocation size
    - drm/radeon: Fail fb creation from imported dma-bufs.
    - drm/amdgpu: Fail fb creation from imported dma-bufs. (v2)
    - coresight: Fixes coresight DT parse to get correct output port ID.
    - MIPS: BPF: Quit clobbering callee saved registers in JIT code.
    - MIPS: BPF: Fix multiple problems in JIT skb access helpers.
    - MIPS: r2-on-r6-emu: Fix BLEZL and BGTZL identification
    - MIPS: r2-on-r6-emu: Clear BLTZALL and BGEZALL debugfs counters
    - regulator: isl9305: fix array size
    - md/raid6: Fix anomily when recovering a single device in RAID6.
    - usb: dwc2: Make sure we disconnect the gadget state
    - usb: gadget: dummy_hcd: Fix wrong power status bit clear/reset in
      dummy_hub_control()
    - drivers/perf: arm_pmu: handle no platform_device
    - perf inject: Copy events when reordering events in pipe mode
    - perf session: Don't rely on evlist in pipe mode
    - scsi: sg: check for valid direction before starting the request
    - scsi: sg: close race condition in sg_remove_sfp_usercontext()
    - kprobes/x86: Fix kprobe-booster not to boost far call instructions
    - kprobes/x86: Set kprobes pages read-only
    - pwm: tegra: Increase precision in PWM rate calculation
    - wil6210: fix memory access violation in wil_memcpy_from/toio_32
    - drm/edid: set ELD connector type in drm_edid_to_eld()
    - video/hdmi: Allow "empty" HDMI infoframes
    - HID: elo: clear BTN_LEFT mapping
    - ARM: dts: exynos: Correct Trats2 panel reset line
    - sched: Stop switched_to_rt() from sending IPIs to offline CPUs
    - sched: Stop resched_cpu() from sending IPIs to offline CPUs
    - test_firmware: fix setting old custom fw path back on exit
    - net: xfrm: allow clearing socket xfrm policies.
    - mtd: nand: fix interpretation of NAND_CMD_NONE in nand_command[_lp]()
    - ARM: dts: am335x-pepper: Fix the audio CODEC's reset pin
    - ARM: dts: omap3-n900: Fix the audio CODEC's reset pin
    - ath10k: update tdls teardown state to target
    - cpufreq: Fix governor module removal race
    - clk: qcom: msm8916: fix mnd_width for codec_digcodec
    - ath10k: fix invalid STS_CAP_OFFSET_MASK
    - tools/usbip: fixes build with musl libc toolchain
    - spi: sun6i: disable/unprepare clocks on remove
    - scsi: core: scsi_get_device_flags_keyed(): Always return device flags
    - scsi: devinfo: apply to HP XP the same flags as Hitachi VSP
    - scsi: dh: add new rdac devices
    - media: cpia2: Fix a couple off by one bugs
    - veth: set peer GSO values
    - drm/amdkfd: Fix memory leaks in kfd topology
    - agp/intel: Flush all chipset writes after updating the GGTT
    - mac80211_hwsim: enforce PS_MANUAL_POLL to be set after PS_ENABLED
    - mac80211: remove BUG() when interface type is invalid
    - ASoC: nuc900: Fix a loop timeout test
    - ipvlan: add L2 check for packets arriving via virtual devices
    - rcutorture/configinit: Fix build directory error message
    - ima: relax requiring a file signature for new files with zero length
    - selftests/x86/entry_from_vm86: Exit with 1 if we fail
    - selftests/x86: Add tests for User-Mode Instruction Prevention
    - selftests/x86: Add tests for the STR and SLDT instructions
    - selftests/x86/entry_from_vm86: Add test cases for POPF
    - x86/vm86/32: Fix POPF emulation
    - x86/mm: Fix vmalloc_fault to use pXd_large
    - ALSA: pcm: Fix UAF in snd_pcm_oss_get_formats()
    - ALSA: hda - Revert power_save option default value
    - ALSA: seq: Fix possible UAF in snd_seq_check_queue()
    - ALSA: seq: Clear client entry before deleting else at closing
    - drm/amdgpu/dce: Don't turn off DP sink when disconnected
    - fs: Teach path_connected to handle nfs filesystems with multiple roots.
    - lock_parent() needs to recheck if dentry got __dentry_kill'ed under it
    - fs/aio: Add explicit RCU grace period when freeing kioctx
    - fs/aio: Use RCU accessors for kioctx_table->table[]
    - irqchip/gic-v3-its: Ensure nr_ites >= nr_lpis
    - scsi: sg: fix SG_DXFER_FROM_DEV transfers
    - scsi: sg: fix static checker warning in sg_is_valid_dxfer
    - scsi: sg: only check for dxfer_len greater than 256M
    - ARM: dts: LogicPD Torpedo: Fix I2C1 pinmux
    - btrfs: alloc_chunk: fix DUP stripe size handling
    - btrfs: Fix use-after-free when cleaning up fs_devs with a single stale
      device
    - USB: gadget: udc: Add missing platform_device_put() on error in
      bdc_pci_probe()
    - usb: gadget: bdc: 64-bit pointer capability check
    - Linux 4.4.123

  * Xenial update to 4.4.123 stable release (LP: #1764666) // CVE-2017-16995
    - Revert "bpf: fix incorrect sign extension in check_alu_op()"
    - bpf: fix incorrect sign extension in check_alu_op()

  * Xenial update to 4.4.122 stable release (LP: #1764627)
    - RDMA/ucma: Limit possible option size
    - RDMA/ucma: Check that user doesn't overflow QP state
    - RDMA/mlx5: Fix integer overflow while resizing CQ
    - scsi: qla2xxx: Fix NULL pointer crash due to active timer for ABTS
    - workqueue: Allow retrieval of current task's work struct
    - drm: Allow determining if current task is output poll worker
    - drm/nouveau: Fix deadlock on runtime suspend
    - drm/radeon: Fix deadlock on runtime suspend
    - drm/amdgpu: Fix deadlock on runtime suspend
    - drm/amdgpu: Notify sbios device ready before send request
    - drm/radeon: fix KV harvesting
    - drm/amdgpu: fix KV harvesting
    - MIPS: BMIPS: Do not mask IPIs during suspend
    - MIPS: ath25: Check for kzalloc allocation failure
    - MIPS: OCTEON: irq: Check for null return on kzalloc allocation
    - Input: matrix_keypad - fix race when disabling interrupts
    - loop: Fix lost writes caused by missing flag
    - kbuild: Handle builtin dtb file names containing hyphens
    - bcache: don't attach backing with duplicate UUID
    - x86/MCE: Serialize sysfs changes
    - ALSA: hda/realtek - Fix dock line-out volume on Dell Precision 7520
    - ALSA: seq: More protection for concurrent write and ioctl races
    - ALSA: hda: add dock and led support for HP EliteBook 820 G3
    - ALSA: hda: add dock and led support for HP ProBook 640 G2
    - watchdog: hpwdt: SMBIOS check
    - watchdog: hpwdt: Check source of NMI
    - watchdog: hpwdt: fix unused variable warning
    - netfilter: nfnetlink_queue: fix timestamp attribute
    - Input: tca8418_keypad - remove double read of key event register
    - tc358743: fix register i2c_rd/wr function fix
    - netfilter: add back stackpointer size checks
    - netfilter: x_tables: fix missing timer initialization in xt_LED
    - netfilter: nat: cope with negative port range
    - netfilter: IDLETIMER: be syzkaller friendly
    - netfilter: ebtables: CONFIG_COMPAT: don't trust userland offsets
    - netfilter: bridge: ebt_among: add missing match size checks
    - netfilter: ipv6: fix use-after-free Write in nf_nat_ipv6_manip_pkt
    - netfilter: use skb_to_full_sk in ip_route_me_harder
    - ext4: inplace xattr block update fails to deduplicate blocks
    - ubi: Fix race condition between ubi volume creation and udev
    - scsi: qla2xxx: Replace fcport alloc with qla2x00_alloc_fcport
    - NFS: Fix an incorrect type in struct nfs_direct_req
    - Revert "ARM: dts: LogicPD Torpedo: Fix I2C1 pinmux"
    - x86/module: Detect and skip invalid relocations
    - x86: Treat R_X86_64_PLT32 as R_X86_64_PC32
    - serial: sh-sci: prevent lockup on full TTY buffers
    - tty/serial: atmel: add new version check for usart
    - uas: fix comparison for error code
    - staging: comedi: fix comedi_nsamples_left.
    - staging: android: ashmem: Fix lockdep issue during llseek
    - USB: storage: Add JMicron bridge 152d:2567 to unusual_devs.h
    - usb: quirks: add control message delay for 1b1c:1b20
    - USB: usbmon: remove assignment from IS_ERR argument
    - usb: usbmon: Read text within supplied buffer size
    - usb: gadget: f_fs: Fix use-after-free in ffs_fs_kill_sb()
    - serial: 8250_pci: Add Brainboxes UC-260 4 port serial device
    - fixup: sctp: verify size of a new chunk in _sctp_make_chunk()
    - Linux 4.4.122

  * Xenial update to 4.4.122 stable release (LP: #1764627) // CVE-2018-1000004.
    - ALSA: seq: Don't allow resizing pool in use

  * Xenial update to 4.4.121 stable release (LP: #1764367)
    - tpm: st33zp24: fix potential buffer overruns caused by bit glitches on the
      bus
    - tpm_i2c_infineon: fix potential buffer overruns caused by bit glitches on
      the bus
    - tpm_i2c_nuvoton: fix potential buffer overruns caused by bit glitches on the
      bus
    - ALSA: usb-audio: Add a quirck for B&W PX headphones
    - ALSA: hda: Add a power_save blacklist
    - cpufreq: s3c24xx: Fix broken s3c_cpufreq_init()
    - media: m88ds3103: don't call a non-initalized function
    - ARM: mvebu: Fix broken PL310_ERRATA_753970 selects
    - KVM: mmu: Fix overlap between public and private memslots
    - btrfs: Don't clear SGID when inheriting ACLs
    - ARM: dts: LogicPD Torpedo: Fix I2C1 pinmux
    - x86/apic/vector: Handle legacy irq data correctly
    - leds: do not overflow sysfs buffer in led_trigger_show
    - x86/spectre: Fix an error message
    - bridge: check brport attr show in brport_show
    - fib_semantics: Don't match route with mismatching tclassid
    - hdlc_ppp: carrier detect ok, don't turn off negotiation
    - ipv6 sit: work around bogus gcc-8 -Wrestrict warning
    - net: fix race on decreasing number of TX queues
    - net: ipv4: don't allow setting net.ipv4.route.min_pmtu below 68
    - netlink: ensure to loop over all netns in genlmsg_multicast_allns()
    - ppp: prevent unregistered channels from connecting to PPP units
    - udplite: fix partial checksum initialization
    - sctp: fix dst refcnt leak in sctp_v4_get_dst
    - sctp: fix dst refcnt leak in sctp_v6_get_dst()
    - s390/qeth: fix SETIP command handling
    - s390/qeth: fix IPA command submission race
    - sctp: verify size of a new chunk in _sctp_make_chunk()
    - net: mpls: Pull common label check into helper
    - dm io: fix duplicate bio completion due to missing ref count
    - bpf, x64: implement retpoline for tail call
    - btrfs: preserve i_mode if __btrfs_set_acl() fails
    - Linux 4.4.121

  * Xenial update to 4.4.120 stable release (LP: #1764316)
    - hrtimer: Ensure POSIX compliance (relative CLOCK_REALTIME hrtimers)
    - f2fs: fix a bug caused by NULL extent tree
    - mtd: nand: gpmi: Fix failure when a erased page has a bitflip at BBM
    - ipv6: icmp6: Allow icmp messages to be looped back
    - ARM: 8731/1: Fix csum_partial_copy_from_user() stack mismatch
    - sget(): handle failures of register_shrinker()
    - drm/nouveau/pci: do a msi rearm on init
    - spi: atmel: fixed spin_lock usage inside atmel_spi_remove
    - net: arc_emac: fix arc_emac_rx() error paths
    - scsi: storvsc: Fix scsi_cmd error assignments in storvsc_handle_error
    - ARM: dts: ls1021a: fix incorrect clock references
    - lib/mpi: Fix umul_ppmm() for MIPS64r6
    - tg3: Add workaround to restrict 5762 MRRS to 2048
    - tg3: Enable PHY reset in MTU change path for 5720
    - bnx2x: Improve reliability in case of nested PCI errors
    - s390/dasd: fix wrongly assigned configuration data
    - IB/mlx4: Fix mlx4_ib_alloc_mr error flow
    - IB/ipoib: Fix race condition in neigh creation
    - xfs: quota: fix missed destroy of qi_tree_lock
    - xfs: quota: check result of register_shrinker()
    - e1000: fix disabling already-disabled warning
    - drm/ttm: check the return value of kzalloc
    - mac80211: mesh: drop frames appearing to be from us
    - can: flex_can: Correct the checking for frame length in flexcan_start_xmit()
    - bnxt_en: Fix the 'Invalid VF' id check in bnxt_vf_ndo_prep routine.
    - xen-netfront: enable device after manual module load
    - mdio-sun4i: Fix a memory leak
    - SolutionEngine771x: fix Ether platform data
    - xen/gntdev: Fix off-by-one error when unmapping with holes
    - xen/gntdev: Fix partial gntdev_mmap() cleanup
    - sctp: make use of pre-calculated len
    - net: gianfar_ptp: move set_fipers() to spinlock protecting area
    - MIPS: Implement __multi3 for GCC7 MIPS64r6 builds
    - Linux 4.4.120

  * Xenial update to 4.4.119 stable release (LP: #1762453)
    - netfilter: drop outermost socket lock in getsockopt()
    - powerpc/64s: Fix RFI flush dependency on HARDLOCKUP_DETECTOR
    - PCI: keystone: Fix interrupt-controller-node lookup
    - ip_tunnel: replace dst_cache with generic implementation
    - ip_tunnel: fix preempt warning in ip tunnel creation/updating
    - scsi: ibmvfc: fix misdefined reserved field in ibmvfc_fcp_rsp_info
    - cfg80211: fix cfg80211_beacon_dup
    - iio: buffer: check if a buffer has been set up when poll is called
    - iio: adis_lib: Initialize trigger before requesting interrupt
    - x86/oprofile: Fix bogus GCC-8 warning in nmi_setup()
    - irqchip/gic-v3: Use wmb() instead of smb_wmb() in gic_raise_softirq()
    - usb: ohci: Proper handling of ed_rm_list to handle race condition between
      usb_kill_urb() and finish_unlinks()
    - arm64: Disable unhandled signal log messages by default
    - Add delay-init quirk for Corsair K70 RGB keyboards
    - usb: dwc3: gadget: Set maxpacket size for ep0 IN
    - usb: ldusb: add PIDs for new CASSY devices supported by this driver
    - usb: gadget: f_fs: Process all descriptors during bind
    - usb: renesas_usbhs: missed the "running" flag in usb_dmac with rx path
    - drm/amdgpu: Avoid leaking PM domain on driver unbind (v2)
    - binder: add missing binder_unlock()
    - Linux 4.4.119

  * [regression] Colour banding and artefacts appear system-wide on an Asus
    Zenbook UX303LA with Intel HD 4400 graphics (LP: #1749420) // Xenial update
    to 4.4.119 stable release (LP: #1762453)
    - drm/edid: Add 6 bpc quirk for CPT panel in Asus UX303LA

  * Xenial update to 4.4.118 stable release (LP: #1756866)
    - net: add dst_cache support
    - [Config] Add CONFIG_DST_CACHE=y
    - net: replace dst_cache ip6_tunnel implementation with the generic one
    - cfg80211: check dev_set_name() return value
    - mm,vmscan: Make unregister_shrinker() no-op if register_shrinker() failed.
    - xfrm: Fix stack-out-of-bounds read on socket policy lookup.
    - xfrm: check id proto in validate_tmpl()
    - blktrace: fix unlocked registration of tracepoints
    - drm: Require __GFP_NOFAIL for the legacy drm_modeset_lock_all
    - Provide a function to create a NUL-terminated string from unterminated data
    - selinux: ensure the context is NUL terminated in
      security_context_to_sid_core()
    - selinux: skip bounded transition processing if the policy isn't loaded
    - crypto: x86/twofish-3way - Fix %rbp usage
    - KVM: x86: fix escape of guest dr6 to the host
    - netfilter: x_tables: fix int overflow in xt_alloc_table_info()
    - netfilter: x_tables: avoid out-of-bounds reads in
      xt_request_find_{match|target}
    - netfilter: ipt_CLUSTERIP: fix out-of-bounds accesses in clusterip_tg_check()
    - netfilter: on sockopt() acquire sock lock only in the required scope
    - netfilter: xt_RATEEST: acquire xt_rateest_mutex for hash insert
    - net: avoid skb_warn_bad_offload on IS_ERR
    - ASoC: ux500: add MODULE_LICENSE tag
    - video: fbdev/mmp: add MODULE_LICENSE
    - arm64: dts: add #cooling-cells to CPU nodes
    - Make DST_CACHE a silent config option
    - dn_getsockoptdecnet: move nf_{get/set}sockopt outside sock lock
    - staging: android: ashmem: Fix a race condition in pin ioctls
    - binder: check for binder_thread allocation failure in binder_poll()
    - staging: iio: adc: ad7192: fix external frequency setting
    - usbip: keep usbip_device sockfd state in sync with tcp_socket
    - usb: build drivers/usb/common/ when USB_SUPPORT is set
    - ARM: OMAP2+: Fix SRAM virt to phys translation for save_secure_ram_context
    - ARM: AM33xx: PRM: Remove am33xx_pwrdm_read_prev_pwrst function
    - ARM: dts: Fix omap4 hang with GPS connected to USB by using wakeupgen
    - ARM: dts: am4372: Correct the interrupts_properties of McASP
    - perf top: Fix window dimensions change handling
    - perf bench numa: Fixup discontiguous/sparse numa nodes
    - media: s5k6aa: describe some function parameters
    - pinctrl: sunxi: Fix A80 interrupt pin bank
    - RDMA/cma: Make sure that PSN is not over max allowed
    - scripts/kernel-doc: Don't fail with status != 0 if error encountered with
      -none
    - ipvlan: Add the skb->mark as flow4's member to lookup route
    - powerpc/perf: Fix oops when grouping different pmu events
    - s390/dasd: prevent prefix I/O error
    - gianfar: fix a flooded alignment reports because of padding issue.
    - net_sched: red: Avoid devision by zero
    - net_sched: red: Avoid illegal values
    - btrfs: Fix possible off-by-one in btrfs_search_path_in_tree
    - 509: fix printing uninitialized stack memory when OID is empty
    - dmaengine: ioat: Fix error handling path
    - dmaengine: at_hdmac: fix potential NULL pointer dereference in
      atc_prep_dma_interleaved
    - clk: fix a panic error caused by accessing NULL pointer
    - ASoC: rockchip: disable clock on error
    - spi: sun4i: disable clocks in the remove function
    - xfrm: Fix stack-out-of-bounds with misconfigured transport mode policies.
    - drm/armada: fix leak of crtc structure
    - dmaengine: jz4740: disable/unprepare clk if probe fails
    - mm/early_ioremap: Fix boot hang with earlyprintk=efi,keep
    - x86/mm/kmmio: Fix mmiotrace for page unaligned addresses
    - xen: XEN_ACPI_PROCESSOR is Dom0-only
    - hippi: Fix a Fix a possible sleep-in-atomic bug in rr_close
    - virtio_balloon: prevent uninitialized variable use
    - isdn: icn: remove a #warning
    - vmxnet3: prevent building with 64K pages
    - [Config] ppc64el: Drop vmxnet3 module
    - gpio: intel-mid: Fix build warning when !CONFIG_PM
    - platform/x86: intel_mid_thermal: Fix suspend handlers unused warning
    - video: fbdev: via: remove possibly unused variables
    - scsi: advansys: fix build warning for PCI=n
    - x86/ras/inject: Make it depend on X86_LOCAL_APIC=y
    - arm64: define BUG() instruction without CONFIG_BUG
    - x86/fpu/math-emu: Fix possible uninitialized variable use
    - tools build: Add tools tree support for 'make -s'
    - x86/build: Silence the build with "make -s"
    - thermal: fix INTEL_SOC_DTS_IOSF_CORE dependencies
    - x86: add MULTIUSER dependency for KVM
    - x86/platform: Add PCI dependency for PUNIT_ATOM_DEBUG
    - scsi: advansys: fix uninitialized data access
    - arm64: Kconfig: select COMPAT_BINFMT_ELF only when BINFMT_ELF is set
    - ALSA: hda/ca0132 - fix possible NULL pointer use
    - reiserfs: avoid a -Wmaybe-uninitialized warning
    - ssb: mark ssb_bus_register as __maybe_unused
    - thermal: spear: use __maybe_unused for PM functions
    - x86/boot: Avoid warning for zero-filling .bss
    - scsi: sim710: fix build warning
    - drivers/net: fix eisa_driver probe section mismatch
    - dpt_i2o: fix build warning
    - profile: hide unused functions when !CONFIG_PROC_FS
    - md: avoid warning for 32-bit sector_t
    - mtd: ichxrom: maybe-uninitialized with gcc-4.9
    - mtd: maps: add __init attribute
    - mptfusion: hide unused seq_mpt_print_ioc_summary function
    - scsi: fdomain: drop fdomain_pci_tbl when built-in
    - video: fbdev: sis: remove unused variable
    - staging: ste_rmi4: avoid unused function warnings
    - fbdev: sis: enforce selection of at least one backend
    - video: Use bool instead int pointer for get_opt_bool() argument
    - scsi: mvumi: use __maybe_unused to hide pm functions
    - SCSI: initio: remove duplicate module device table
    - pwc: hide unused label
    - usb: musb/ux500: remove duplicate check for dma_is_compatible
    - tty: hvc_xen: hide xen_console_remove when unused
    - target/user: Fix cast from pointer to phys_addr_t
    - driver-core: use 'dev' argument in dev_dbg_ratelimited stub
    - fbdev: auo_k190x: avoid unused function warnings
    - amd-xgbe: Fix unused suspend handlers build warning
    - mtd: sh_flctl: pass FIFO as physical address
    - mtd: cfi: enforce valid geometry configuration
    - fbdev: s6e8ax0: avoid unused function warnings
    - modsign: hide openssl output in silent builds
    - fbdev: sm712fb: avoid unused function warnings
    - hwrng: exynos - use __maybe_unused to hide pm functions
    - USB: cdc_subset: only build when one driver is enabled
    - [Config] Add CONFIG_USB_NET_CDC_SUBSET_ENABLE=m
    - rtlwifi: fix gcc-6 indentation warning
    - staging: wilc1000: fix kbuild test robot error
    - x86/platform/olpc: Fix resume handler build warning
    - netfilter: ipvs: avoid unused variable warnings
    - ipv4: ipconfig: avoid unused ic_proto_used symbol
    - tc1100-wmi: fix build warning when CONFIG_PM not enabled
    - tlan: avoid unused label with PCI=n
    - drm/vmwgfx: use *_32_bits() macros
    - tty: cyclades: cyz_interrupt is only used for PCI
    - genirq/msi: Add stubs for get_cached_msi_msg/pci_write_msi_msg
    - ASoC: mediatek: add i2c dependency
    - iio: adc: axp288: remove redundant duplicate const on axp288_adc_channels
    - infiniband: cxgb4: use %pR format string for printing resources
    - b2c2: flexcop: avoid unused function warnings
    - i2c: remove __init from i2c_register_board_info()
    - staging: unisys: visorinput depends on INPUT
    - tc358743: fix register i2c_rd/wr functions
    - drm/nouveau: hide gcc-4.9 -Wmaybe-uninitialized
    - Input: tca8418_keypad - hide gcc-4.9 -Wmaybe-uninitialized warning
    - KVM: add X86_LOCAL_APIC dependency
    - go7007: add MEDIA_CAMERA_SUPPORT dependency
    - em28xx: only use mt9v011 if camera support is enabled
    - ISDN: eicon: reduce stack size of sig_ind function
    - ASoC: rockchip: use __maybe_unused to hide st_irq_syscfg_resume
    - serial: 8250_mid: fix broken DMA dependency
    - drm/gma500: Sanity-check pipe index
    - hdpvr: hide unused variable
    - v4l: remove MEDIA_TUNER dependency for VIDEO_TUNER
    - cw1200: fix bogus maybe-uninitialized warning
    - wireless: cw1200: use __maybe_unused to hide pm functions_
    - perf/x86: Shut up false-positive -Wmaybe-uninitialized warning
    - dmaengine: zx: fix build warning
    - net: hp100: remove unnecessary #ifdefs
    - gpio: xgene: mark PM functions as __maybe_unused
    - ncpfs: fix unused variable warning
    - Revert "power: bq27xxx_battery: Remove unneeded dependency in Kconfig"
    - power: bq27xxx_battery: mark some symbols __maybe_unused
    - isdn: sc: work around type mismatch warning
    - binfmt_elf: compat: avoid unused function warning
    - idle: i7300: add PCI dependency
    - usb: phy: msm add regulator dependency
    - ncr5380: shut up gcc indentation warning
    - ARM: tegra: select USB_ULPI from EHCI rather than platform
    - ASoC: Intel: Kconfig: fix build when ACPI is not enabled
    - netlink: fix nla_put_{u8,u16,u32} for KASAN
    - dell-wmi, dell-laptop: depends DMI
    - genksyms: Fix segfault with invalid declarations
    - x86/microcode/AMD: Change load_microcode_amd()'s param to bool to fix
      preemptibility bug
    - drm/gma500: remove helper function
    - kasan: rework Kconfig settings
    - KVM: async_pf: Fix #DF due to inject "Page not Present" and "Page Ready"
      exceptions simultaneously
    - x86/retpoline: Remove the esp/rsp thunk
    - module/retpoline: Warn about missing retpoline in module
    - x86/nospec: Fix header guards names
    - x86/bugs: Drop one "mitigation" from dmesg
    - x86/cpu/bugs: Make retpoline module warning conditional
    - x86/spectre: Check CONFIG_RETPOLINE in command line parser
    - x86/spectre: Fix spelling mistake: "vunerable"-> "vulnerable"
    - x86/paravirt: Remove 'noreplace-paravirt' cmdline option
    - x86/retpoline: Avoid retpolines for built-in __init functions
    - x86/spectre: Simplify spectre_v2 command line parsing
    - x86/speculation: Fix typo IBRS_ATT, which should be IBRS_ALL
    - KVM: nVMX: kmap() can't fail
    - KVM: nVMX: vmx_complete_nested_posted_interrupt() can't fail
    - kvm: nVMX: Fix kernel panics induced by illegal INVEPT/INVVPID types
    - KVM: VMX: clean up declaration of VPID/EPT invalidation types
    - KVM: nVMX: invvpid handling improvements
    - crypto: s5p-sss - Fix kernel Oops in AES-ECB mode
    - net: dst_cache_per_cpu_dst_set() can be static
    - ARM: omap2: hide omap3_save_secure_ram on non-OMAP3 builds
    - Linux 4.4.118

  * ibrs/ibpb fixes result in excessive kernel logging  (LP: #1755627)
    - SAUCE: remove ibrs_dump sysctl interface

 -- Stefan Bader <email address hidden>  Mon, 07 May 2018 09:23:29 +0200
Superseded in trusty-security on 2018-05-22
Superseded in trusty-updates on 2018-05-22
Deleted in trusty-proposed (Reason: moved to -updates)
linux-lts-xenial (4.4.0-124.148~14.04.1) trusty; urgency=medium

  * CVE-2018-8897
    - x86/entry/64: Don't use IST entry for #BP stack

  * CVE-2018-1087
    - kvm/x86: fix icebp instruction handling

  * CVE-2018-1000199
    - perf/hwbp: Simplify the perf-hwbp code, fix documentation

 -- Stefan Bader <email address hidden>  Wed, 02 May 2018 11:37:20 +0200
Deleted in trusty-proposed on 2018-05-11 (Reason: NBS)
linux-lts-xenial (4.4.0-123.147~14.04.1) trusty; urgency=medium

  * linux-lts-xenial: 4.4.0-123.147~14.04.1 -proposed tracker (LP: #1766607)

  * linux: 4.4.0-123.147 -proposed tracker (LP: #1766604)

  * Unable to insert test_bpf module on Xenial (LP: #1765698)
    - bpf: fix selftests/bpf test_kmod.sh failure when CONFIG_BPF_JIT_ALWAYS_ON=y
    - test_bpf: Fix testing with CONFIG_BPF_JIT_ALWAYS_ON=y on other arches

  * virtio_scsi race can corrupt memory, panic kernel (LP: #1765241)
    - SAUCE: (no-up) virtio-scsi: Fix race in target free

  * bpf_map_lookup_elem: BUG: unable to handle kernel paging request
    (LP: #1763454) // CVE-2017-17862
    - SAUCE: Add missing hunks from "bpf: fix branch pruning logic"

  * Xenial: rfkill: fix missing return on rfkill_init  (LP: #1764810)
    - rfkill: fix missing return on rfkill_init

  * "ip a" command on a guest VM shows UNKNOWN status (LP: #1761534)
    - virtio-net: Fix operstate for virtio when no VIRTIO_NET_F_STATUS

  * Xenial update to 4.4.128 stable release (LP: #1765010)
    - cfg80211: make RATE_INFO_BW_20 the default
    - md/raid5: make use of spin_lock_irq over local_irq_disable + spin_lock
    - rtc: snvs: fix an incorrect check of return value
    - x86/asm: Don't use RBP as a temporary register in
      csum_partial_copy_generic()
    - NFSv4.1: RECLAIM_COMPLETE must handle NFS4ERR_CONN_NOT_BOUND_TO_SESSION
    - IB/srpt: Fix abort handling
    - af_key: Fix slab-out-of-bounds in pfkey_compile_policy.
    - mac80211: bail out from prep_connection() if a reconfig is ongoing
    - bna: Avoid reading past end of buffer
    - qlge: Avoid reading past end of buffer
    - ipmi_ssif: unlock on allocation failure
    - net: cdc_ncm: Fix TX zero padding
    - net: ethernet: ti: cpsw: adjust cpsw fifos depth for fullduplex flow control
    - lockd: fix lockd shutdown race
    - drivers/misc/vmw_vmci/vmci_queue_pair.c: fix a couple integer overflow tests
    - pidns: disable pid allocation if pid_ns_prepare_proc() is failed in
      alloc_pid()
    - s390: move _text symbol to address higher than zero
    - net/mlx4_en: Avoid adding steering rules with invalid ring
    - NFSv4.1: Work around a Linux server bug...
    - CIFS: silence lockdep splat in cifs_relock_file()
    - net: qca_spi: Fix alignment issues in rx path
    - netxen_nic: set rcode to the return status from the call to netxen_issue_cmd
    - Input: elan_i2c - check if device is there before really probing
    - Input: elantech - force relative mode on a certain module
    - KVM: PPC: Book3S PR: Check copy_to/from_user return values
    - vmxnet3: ensure that adapter is in proper state during force_close
    - SMB2: Fix share type handling
    - bus: brcmstb_gisb: Use register offsets with writes too
    - bus: brcmstb_gisb: correct support for 64-bit address output
    - PowerCap: Fix an error code in powercap_register_zone()
    - ARM: dts: imx53-qsrb: Pulldown PMIC IRQ pin
    - staging: wlan-ng: prism2mgmt.c: fixed a double endian conversion before
      calling hfa384x_drvr_setconfig16, also fixes relative sparse warning
    - x86/tsc: Provide 'tsc=unstable' boot parameter
    - ARM: dts: imx6qdl-wandboard: Fix audio channel swap
    - ipv6: avoid dad-failures for addresses with NODAD
    - async_tx: Fix DMA_PREP_FENCE usage in do_async_gen_syndrome()
    - usb: dwc3: keystone: check return value
    - btrfs: fix incorrect error return ret being passed to mapping_set_error
    - ata: libahci: properly propagate return value of platform_get_irq()
    - neighbour: update neigh timestamps iff update is effective
    - arp: honour gratuitous ARP _replies_
    - usb: chipidea: properly handle host or gadget initialization failure
    - USB: ene_usb6250: fix first command execution
    - net: x25: fix one potential use-after-free issue
    - USB: ene_usb6250: fix SCSI residue overwriting
    - serial: 8250: omap: Disable DMA for console UART
    - serial: sh-sci: Fix race condition causing garbage during shutdown
    - sh_eth: Use platform device for printing before register_netdev()
    - scsi: csiostor: fix use after free in csio_hw_use_fwconfig()
    - powerpc/mm: Fix virt_addr_valid() etc. on 64-bit hash
    - ath5k: fix memory leak on buf on failed eeprom read
    - selftests/powerpc: Fix TM resched DSCR test with some compilers
    - xfrm: fix state migration copy replay sequence numbers
    - iio: hi8435: avoid garbage event at first enable
    - iio: hi8435: cleanup reset gpio
    - ext4: handle the rest of ext4_mb_load_buddy() ENOMEM errors
    - md-cluster: fix potential lock issue in add_new_disk
    - ARM: davinci: da8xx: Create DSP device only when assigned memory
    - ray_cs: Avoid reading past end of buffer
    - leds: pca955x: Correct I2C Functionality
    - sched/numa: Use down_read_trylock() for the mmap_sem
    - net/mlx5: Tolerate irq_set_affinity_hint() failures
    - selinux: do not check open permission on sockets
    - block: fix an error code in add_partition()
    - mlx5: fix bug reading rss_hash_type from CQE
    - net: ieee802154: fix net_device reference release too early
    - libceph: NULL deref on crush_decode() error path
    - netfilter: ctnetlink: fix incorrect nf_ct_put during hash resize
    - pNFS/flexfiles: missing error code in ff_layout_alloc_lseg()
    - ASoC: rsnd: SSI PIO adjust to 24bit mode
    - scsi: bnx2fc: fix race condition in bnx2fc_get_host_stats()
    - fix race in drivers/char/random.c:get_reg()
    - ext4: fix off-by-one on max nr_pages in ext4_find_unwritten_pgoff()
    - tcp: better validation of received ack sequences
    - net: move somaxconn init from sysctl code
    - Input: elan_i2c - clear INT before resetting controller
    - bonding: Don't update slave->link until ready to commit
    - KVM: nVMX: Fix handling of lmsw instruction
    - net: llc: add lock_sock in llc_ui_bind to avoid a race condition
    - ARM: dts: ls1021a: add "fsl,ls1021a-esdhc" compatible string to esdhc node
    - thermal: power_allocator: fix one race condition issue for thermal_instances
      list
    - perf probe: Add warning message if there is unexpected event name
    - l2tp: fix missing print session offset info
    - rds; Reset rs->rs_bound_addr in rds_add_bound() failure path
    - hwmon: (ina2xx) Make calibration register value fixed
    - media: videobuf2-core: don't go out of the buffer range
    - ASoC: Intel: cht_bsw_rt5645: Analog Mic support
    - scsi: mpt3sas: Proper handling of set/clear of "ATA command pending" flag.
    - vfb: fix video mode and line_length being set when loaded
    - gpio: label descriptors using the device name
    - ASoC: Intel: sst: Fix the return value of 'sst_send_byte_stream_mrfld()'
    - wl1251: check return from call to wl1251_acx_arp_ip_filter
    - hdlcdrv: Fix divide by zero in hdlcdrv_ioctl
    - ovl: filter trusted xattr for non-admin
    - powerpc/[booke|4xx]: Don't clobber TCR[WP] when setting TCR[DIE]
    - dmaengine: imx-sdma: Handle return value of clk_prepare_enable
    - arm64: futex: Fix undefined behaviour with FUTEX_OP_OPARG_SHIFT usage
    - net/mlx5: avoid build warning for uniprocessor
    - cxgb4: FW upgrade fixes
    - rtc: opal: Handle disabled TPO in opal_get_tpo_time()
    - rtc: interface: Validate alarm-time before handling rollover
    - SUNRPC: ensure correct error is reported by xs_tcp_setup_socket()
    - net: freescale: fix potential null pointer dereference
    - KVM: SVM: do not zero out segment attributes if segment is unusable or not
      present
    - clk: scpi: fix return type of __scpi_dvfs_round_rate
    - clk: Fix __set_clk_rates error print-string
    - powerpc/spufs: Fix coredump of SPU contexts
    - perf trace: Add mmap alias for s390
    - qlcnic: Fix a sleep-in-atomic bug in qlcnic_82xx_hw_write_wx_2M and
      qlcnic_82xx_hw_read_wx_2M
    - mISDN: Fix a sleep-in-atomic bug
    - drm/omap: fix tiled buffer stride calculations
    - cxgb4: fix incorrect cim_la output for T6
    - Fix serial console on SNI RM400 machines
    - bio-integrity: Do not allocate integrity context for bio w/o data
    - skbuff: return -EMSGSIZE in skb_to_sgvec to prevent overflow
    - sit: reload iphdr in ipip6_rcv
    - net/mlx4: Fix the check in attaching steering rules
    - net/mlx4: Check if Granular QoS per VF has been enabled before updating QP
      qos_vport
    - perf header: Set proper module name when build-id event found
    - perf report: Ensure the perf DSO mapping matches what libdw sees
    - tags: honor COMPILED_SOURCE with apart output directory
    - e1000e: fix race condition around skb_tstamp_tx()
    - cx25840: fix unchecked return values
    - mceusb: sporadic RX truncation corruption fix
    - net: phy: avoid genphy_aneg_done() for PHYs without clause 22 support
    - ARM: imx: Add MXC_CPU_IMX6ULL and cpu_is_imx6ull
    - e1000e: Undo e1000e_pm_freeze if __e1000_shutdown fails
    - perf/core: Correct event creation with PERF_FORMAT_GROUP
    - MIPS: mm: fixed mappings: correct initialisation
    - MIPS: mm: adjust PKMAP location
    - MIPS: kprobes: flush_insn_slot should flush only if probe initialised
    - Fix loop device flush before configure v3
    - net: emac: fix reset timeout with AR8035 phy
    - skbuff: only inherit relevant tx_flags
    - xen: avoid type warning in xchg_xen_ulong
    - bnx2x: Allow vfs to disable txvlan offload
    - sctp: fix recursive locking warning in sctp_do_peeloff
    - sparc64: ldc abort during vds iso boot
    - iio: magnetometer: st_magn_spi: fix spi_device_id table
    - Bluetooth: Send HCI Set Event Mask Page 2 command only when needed
    - cpuidle: dt: Add missing 'of_node_put()'
    - ACPICA: Events: Add runtime stub support for event APIs
    - ACPICA: Disassembler: Abort on an invalid/unknown AML opcode
    - s390/dasd: fix hanging safe offline
    - vxlan: dont migrate permanent fdb entries during learn
    - bcache: stop writeback thread after detaching
    - bcache: segregate flash only volume write streams
    - scsi: libsas: fix memory leak in sas_smp_get_phy_events()
    - scsi: libsas: fix error when getting phy events
    - scsi: libsas: initialize sas_phy status according to response of DISCOVER
    - blk-mq: fix kernel oops in blk_mq_tag_idle()
    - tty: n_gsm: Allow ADM response in addition to UA for control dlci
    - EDAC, mv64x60: Fix an error handling path
    - cxgb4vf: Fix SGE FL buffer initialization logic for 64K pages
    - perf tools: Fix copyfile_offset update of output offset
    - ipsec: check return value of skb_to_sgvec always
    - rxrpc: check return value of skb_to_sgvec always
    - virtio_net: check return value of skb_to_sgvec always
    - virtio_net: check return value of skb_to_sgvec in one more location
    - random: use lockless method of accessing and updating f->reg_idx
    - futex: Remove requirement for lock_page() in get_futex_key()
    - Kbuild: provide a __UNIQUE_ID for clang
    - arp: fix arp_filter on l3slave devices
    - net: fix possible out-of-bound read in skb_network_protocol()
    - net/ipv6: Fix route leaking between VRFs
    - netlink: make sure nladdr has correct size in netlink_connect()
    - net/sched: fix NULL dereference in the error path of tcf_bpf_init()
    - pptp: remove a buggy dst release in pptp_connect()
    - sctp: do not leak kernel memory to user space
    - sctp: sctp_sockaddr_af must check minimal addr length for AF_INET6
    - vhost: correctly remove wait queue during poll failure
    - vlan: also check phy_driver ts_info for vlan's real device
    - bonding: fix the err path for dev hwaddr sync in bond_enslave
    - bonding: move dev_mc_sync after master_upper_dev_link in bond_enslave
    - bonding: process the err returned by dev_set_allmulti properly in
      bond_enslave
    - net: fool proof dev_valid_name()
    - ip_tunnel: better validate user provided tunnel names
    - ipv6: sit: better validate user provided tunnel names
    - ip6_gre: better validate user provided tunnel names
    - ip6_tunnel: better validate user provided tunnel names
    - vti6: better validate user provided tunnel names
    - r8169: fix setting driver_data after register_netdev
    - net sched actions: fix dumping which requires several messages to user space
    - net/ipv6: Increment OUTxxx counters after netfilter hook
    - ipv6: the entire IPv6 header chain must fit the first fragment
    - vrf: Fix use after free and double free in vrf_finish_output
    - Revert "xhci: plat: Register shutdown for xhci_plat"
    - Linux 4.4.128

  * sky2 gigabit ethernet driver sometimes stops working after lid-open resume
    from sleep (88E8055) (LP: #1758507) // Xenial update to 4.4.128 stable
    release (LP: #1765010)
    - sky2: Increase D3 delay to sky2 stops working after suspend

  * Xenial update to 4.4.127 stable release (LP: #1765007)
    - mtd: jedec_probe: Fix crash in jedec_read_mfr()
    - ALSA: pcm: Use dma_bytes as size parameter in dma_mmap_coherent()
    - ALSA: pcm: potential uninitialized return values
    - perf/hwbp: Simplify the perf-hwbp code, fix documentation
    - partitions/msdos: Unable to mount UFS 44bsd partitions
    - usb: gadget: define free_ep_req as universal function
    - usb: gadget: change len to size_t on alloc_ep_req()
    - usb: gadget: fix usb_ep_align_maybe endianness and new usb_ep_align
    - usb: gadget: align buffer size when allocating for OUT endpoint
    - usb: gadget: f_hid: fix: Prevent accessing released memory
    - kprobes/x86: Fix to set RWX bits correctly before releasing trampoline
    - ACPI, PCI, irq: remove redundant check for null string pointer
    - writeback: fix the wrong congested state variable definition
    - PCI: Make PCI_ROM_ADDRESS_MASK a 32-bit constant
    - dm ioctl: remove double parentheses
    - Input: mousedev - fix implicit conversion warning
    - netfilter: nf_nat_h323: fix logical-not-parentheses warning
    - genirq: Use cpumask_available() for check of cpumask variable
    - cpumask: Add helper cpumask_available()
    - selinux: Remove unnecessary check of array base in selinux_set_mapping()
    - fs: compat: Remove warning from COMPATIBLE_IOCTL
    - jiffies.h: declare jiffies and jiffies_64 with ____cacheline_aligned_in_smp
    - frv: declare jiffies to be located in the .data section
    - audit: add tty field to LOGIN event
    - tty: provide tty_name() even without CONFIG_TTY
    - netfilter: ctnetlink: Make some parameters integer to avoid enum mismatch
    - selinux: Remove redundant check for unknown labeling behavior
    - arm64: avoid overflow in VA_START and PAGE_OFFSET
    - xfrm_user: uncoditionally validate esn replay attribute struct
    - RDMA/ucma: Check AF family prior resolving address
    - RDMA/ucma: Fix use-after-free access in ucma_close
    - RDMA/ucma: Ensure that CM_ID exists prior to access it
    - RDMA/ucma: Check that device is connected prior to access it
    - RDMA/ucma: Check that device exists prior to accessing it
    - RDMA/ucma: Don't allow join attempts for unsupported AF family
    - RDMA/ucma: Introduce safer rdma_addr_size() variants
    - net: xfrm: use preempt-safe this_cpu_read() in ipcomp_alloc_tfms()
    - xfrm: Refuse to insert 32 bit userspace socket policies on 64 bit systems
    - netfilter: bridge: ebt_among: add more missing match size checks
    - netfilter: x_tables: add and use xt_check_proc_name
    - Bluetooth: Fix missing encryption refresh on Security Request
    - llist: clang: introduce member_address_is_nonnull()
    - scsi: virtio_scsi: always read VPD pages for multiqueue too
    - usb: dwc2: Improve gadget state disconnection handling
    - USB: serial: ftdi_sio: add RT Systems VX-8 cable
    - USB: serial: ftdi_sio: add support for Harman FirmwareHubEmulator
    - USB: serial: cp210x: add ELDAT Easywave RX09 id
    - mei: remove dev_err message on an unsupported ioctl
    - media: usbtv: prevent double free in error case
    - parport_pc: Add support for WCH CH382L PCI-E single parallel port card.
    - crypto: ahash - Fix early termination in hash walk
    - crypto: x86/cast5-avx - fix ECB encryption when long sg follows short one
    - fs/proc: Stop trying to report thread stacks
    - staging: comedi: ni_mio_common: ack ai fifo error interrupts.
    - Input: i8042 - add Lenovo ThinkPad L460 to i8042 reset list
    - Input: i8042 - enable MUX on Sony VAIO VGN-CS series to fix touchpad
    - vt: change SGR 21 to follow the standards
    - Documentation: pinctrl: palmas: Add ti,palmas-powerhold-override property
      definition
    - ARM: dts: dra7: Add power hold and power controller properties to palmas
    - ARM: dts: am57xx-beagle-x15-common: Add overide powerhold property
    - md/raid10: reset the 'first' at the end of loop
    - net: hns: Fix ethtool private flags
    - Revert "PCI/MSI: Stop disabling MSI/MSI-X in pci_device_shutdown()"
    - Revert "ARM: dts: am335x-pepper: Fix the audio CODEC's reset pin"
    - Revert "ARM: dts: omap3-n900: Fix the audio CODEC's reset pin"
    - Revert "cpufreq: Fix governor module removal race"
    - Revert "mtip32xx: use runtime tag to initialize command header"
    - spi: davinci: fix up dma_mapping_error() incorrect patch
    - net: cavium: liquidio: fix up "Avoid dma_unmap_single on uninitialized
      ndata"
    - Revert "ip6_vti: adjust vti mtu according to mtu of lower device"
    - Linux 4.4.127

  * Xenial update to 4.4.126 stable release (LP: #1764999)
    - scsi: sg: don't return bogus Sg_requests
    - Revert "genirq: Use irqd_get_trigger_type to compare the trigger type for
      shared IRQs"
    - net: Fix hlist corruptions in inet_evict_bucket()
    - dccp: check sk for closed state in dccp_sendmsg()
    - ipv6: fix access to non-linear packet in ndisc_fill_redirect_hdr_option()
    - l2tp: do not accept arbitrary sockets
    - net: ethernet: arc: Fix a potential memory leak if an optional regulator is
      deferred
    - net: ethernet: ti: cpsw: add check for in-band mode setting with RGMII PHY
      interface
    - net/iucv: Free memory obtained by kzalloc
    - netlink: avoid a double skb free in genlmsg_mcast()
    - net: Only honor ifindex in IP_PKTINFO if non-0
    - skbuff: Fix not waking applications when errors are enqueued
    - team: Fix double free in error path
    - s390/qeth: free netdevice when removing a card
    - s390/qeth: when thread completes, wake up all waiters
    - s390/qeth: lock read device while queueing next buffer
    - s390/qeth: on channel error, reject further cmd requests
    - ieee802154: 6lowpan: fix possible NULL deref in lowpan_device_event()
    - net: fec: Fix unbalanced PM runtime calls
    - net: systemport: Rewrite __bcm_sysport_tx_reclaim()
    - Linux 4.4.126

  * Xenial update to 4.4.125 stable release (LP: #1764973)
    - MIPS: ralink: Remove ralink_halt()
    - iio: st_pressure: st_accel: pass correct platform data to init
    - ALSA: usb-audio: Fix parsing descriptor of UAC2 processing unit
    - ALSA: aloop: Sync stale timer before release
    - ALSA: aloop: Fix access to not-yet-ready substream via cable
    - ALSA: hda/realtek - Always immediately update mute LED with pin VREF
    - mmc: dw_mmc: fix falling from idmac to PIO mode when dw_mci_reset occurs
    - PCI: Add function 1 DMA alias quirk for Highpoint RocketRAID 644L
    - ahci: Add PCI-id for the Highpoint Rocketraid 644L card
    - clk: bcm2835: Protect sections updating shared registers
    - Bluetooth: btusb: Fix quirk for Atheros 1525/QCA6174
    - libata: fix length validation of ATAPI-relayed SCSI commands
    - libata: remove WARN() for DMA or PIO command without data
    - libata: Apply NOLPM quirk to Crucial MX100 512GB SSDs
    - libata: Enable queued TRIM for Samsung SSD 860
    - libata: Apply NOLPM quirk to Crucial M500 480 and 960GB SSDs
    - libata: Make Crucial BX100 500GB LPM quirk apply to all firmware versions
    - libata: Modify quirks for MX100 to limit NCQ_TRIM quirk to MU01 version
    - mm/vmalloc: add interfaces to free unmapped page table
    - x86/mm: implement free pmd/pte page interfaces
    - drm/vmwgfx: Fix a destoy-while-held mutex problem.
    - drm/radeon: Don't turn off DP sink when disconnected
    - drm: udl: Properly check framebuffer mmap offsets
    - acpi, numa: fix pxm to online numa node associations
    - brcmfmac: fix P2P_DEVICE ethernet address generation
    - rtlwifi: rtl8723be: Fix loss of signal
    - tracing: probeevent: Fix to support minus offset from symbol
    - mtd: nand: fsl_ifc: Fix nand waitfunc return value
    - staging: ncpfs: memory corruption in ncp_read_kernel()
    - can: cc770: Fix stalls on rt-linux, remove redundant IRQ ack
    - can: cc770: Fix queue stall & dropped RTR reply
    - can: cc770: Fix use after free in cc770_tx_interrupt()
    - tty: vt: fix up tabstops properly
    - kvm/x86: fix icebp instruction handling
    - x86/build/64: Force the linker to use 2MB page size
    - x86/boot/64: Verify alignment of the LOAD segment
    - x86/entry/64: Don't use IST entry for #BP stack
    - perf/x86/intel: Don't accidentally clear high bits in bdw_limit_period()
    - staging: lustre: ptlrpc: kfree used instead of kvfree
    - kbuild: disable clang's default use of -fmerge-all-constants
    - bpf: skip unnecessary capability check
    - bpf, x64: increase number of passes
    - Linux 4.4.125

  * System fails to start (boot) on battery due to read-only root file-system
    (LP: #1726930) // Xenial update to 4.4.125 stable release (LP: #1764973)
    - libata: disable LPM for Crucial BX100 SSD 500GB drive

  * Xenial update to 4.4.124 stable release (LP: #1764762)
    - tpm: fix potential buffer overruns caused by bit glitches on the bus
    - tpm_tis: fix potential buffer overruns caused by bit glitches on the bus
    - staging: android: ashmem: Fix possible deadlock in ashmem_ioctl
    - platform/x86: asus-nb-wmi: Add wapf4 quirk for the X302UA
    - regulator: anatop: set default voltage selector for pcie
    - x86: i8259: export legacy_pic symbol
    - rtc: cmos: Do not assume irq 8 for rtc when there are no legacy irqs
    - Input: ar1021_i2c - fix too long name in driver's device table
    - time: Change posix clocks ops interfaces to use timespec64
    - ACPI/processor: Fix error handling in __acpi_processor_start()
    - ACPI/processor: Replace racy task affinity logic
    - cpufreq/sh: Replace racy task affinity logic
    - genirq: Use irqd_get_trigger_type to compare the trigger type for shared
      IRQs
    - i2c: i2c-scmi: add a MS HID
    - net: ipv6: send unsolicited NA on admin up
    - media/dvb-core: Race condition when writing to CAM
    - spi: dw: Disable clock after unregistering the host
    - ath: Fix updating radar flags for coutry code India
    - clk: ns2: Correct SDIO bits
    - scsi: virtio_scsi: Always try to read VPD pages
    - KVM: PPC: Book3S PR: Exit KVM on failed mapping
    - ARM: 8668/1: ftrace: Fix dynamic ftrace with DEBUG_RODATA and !FRAME_POINTER
    - iommu/omap: Register driver before setting IOMMU ops
    - md/raid10: wait up frozen array in handle_write_completed
    - NFS: Fix missing pg_cleanup after nfs_pageio_cond_complete()
    - tcp: remove poll() flakes with FastOpen
    - e1000e: fix timing for 82579 Gigabit Ethernet controller
    - ALSA: hda - Fix headset microphone detection for ASUS N551 and N751
    - IB/ipoib: Fix deadlock between ipoib_stop and mcast join flow
    - IB/ipoib: Update broadcast object if PKey value was changed in index 0
    - HSI: ssi_protocol: double free in ssip_pn_xmit()
    - IB/mlx4: Take write semaphore when changing the vma struct
    - IB/mlx4: Change vma from shared to private
    - ASoC: Intel: Skylake: Uninitialized variable in probe_codec()
    - Fix driver usage of 128B WQEs when WQ_CREATE is V1.
    - netfilter: xt_CT: fix refcnt leak on error path
    - openvswitch: Delete conntrack entry clashing with an expectation.
    - mmc: host: omap_hsmmc: checking for NULL instead of IS_ERR()
    - wan: pc300too: abort path on failure
    - qlcnic: fix unchecked return value
    - scsi: mac_esp: Replace bogus memory barrier with spinlock
    - infiniband/uverbs: Fix integer overflows
    - NFS: don't try to cross a mountpount when there isn't one there.
    - Revert "UBUNTU: SAUCE: (no-up) iio: st_pressure: st_accel: Initialise sensor
      platform data properly"
    - iio: st_pressure: st_accel: Initialise sensor platform data properly
    - mt7601u: check return value of alloc_skb
    - rndis_wlan: add return value validation
    - Btrfs: send, fix file hole not being preserved due to inline extent
    - mac80211: don't parse encrypted management frames in ieee80211_frame_acked
    - mfd: palmas: Reset the POWERHOLD mux during power off
    - mtip32xx: use runtime tag to initialize command header
    - staging: unisys: visorhba: fix s-Par to boot with option CONFIG_VMAP_STACK
      set to y
    - staging: wilc1000: fix unchecked return value
    - mmc: sdhci-of-esdhc: limit SD clock for ls1012a/ls1046a
    - ARM: DRA7: clockdomain: Change the CLKTRCTRL of CM_PCIE_CLKSTCTRL to SW_WKUP
    - ipmi/watchdog: fix wdog hang on panic waiting for ipmi response
    - ACPI / PMIC: xpower: Fix power_table addresses
    - drm/nouveau/kms: Increase max retries in scanout position queries.
    - bnx2x: Align RX buffers
    - power: supply: pda_power: move from timer to delayed_work
    - Input: twl4030-pwrbutton - use correct device for irq request
    - md/raid10: skip spare disk as 'first' disk
    - ia64: fix module loading for gcc-5.4
    - tcm_fileio: Prevent information leak for short reads
    - video: fbdev: udlfb: Fix buffer on stack
    - sm501fb: don't return zero on failure path in sm501fb_start()
    - net: hns: fix ethtool_get_strings overflow in hns driver
    - cifs: small underflow in cnvrtDosUnixTm()
    - rtc: ds1374: wdt: Fix issue with timeout scaling from secs to wdt ticks
    - rtc: ds1374: wdt: Fix stop/start ioctl always returning -EINVAL
    - perf tests kmod-path: Don't fail if compressed modules aren't supported
    - Bluetooth: hci_qca: Avoid setup failure on missing rampatch
    - media: c8sectpfe: fix potential NULL pointer dereference in
      c8sectpfe_timer_interrupt
    - drm/msm: fix leak in failed get_pages
    - RDMA/iwpm: Fix uninitialized error code in iwpm_send_mapinfo()
    - rtlwifi: rtl_pci: Fix the bug when inactiveps is enabled.
    - media: bt8xx: Fix err 'bt878_probe()'
    - media: [RESEND] media: dvb-frontends: Add delay to Si2168 restart
    - cros_ec: fix nul-termination for firmware build info
    - platform/chrome: Use proper protocol transfer function
    - mmc: avoid removing non-removable hosts during suspend
    - IB/ipoib: Avoid memory leak if the SA returns a different DGID
    - RDMA/cma: Use correct size when writing netlink stats
    - IB/umem: Fix use of npages/nmap fields
    - vgacon: Set VGA struct resource types
    - drm/omap: DMM: Check for DMM readiness after successful transaction commit
    - pty: cancel pty slave port buf's work in tty_release
    - coresight: Fix disabling of CoreSight TPIU
    - pinctrl: Really force states during suspend/resume
    - iommu/vt-d: clean up pr_irq if request_threaded_irq fails
    - ip6_vti: adjust vti mtu according to mtu of lower device
    - RDMA/ocrdma: Fix permissions for OCRDMA_RESET_STATS
    - nfsd4: permit layoutget of executable-only files
    - clk: si5351: Rename internal plls to avoid name collisions
    - dmaengine: ti-dma-crossbar: Fix event mapping for TPCC_EVT_MUX_60_63
    - RDMA/ucma: Fix access to non-initialized CM_ID object
    - Linux 4.4.124

  * Xenial update to 4.4.123 stable release (LP: #1764666)
    - blkcg: fix double free of new_blkg in blkcg_init_queue
    - Input: tsc2007 - check for presence and power down tsc2007 during probe
    - staging: speakup: Replace BUG_ON() with WARN_ON().
    - staging: wilc1000: add check for kmalloc allocation failure.
    - HID: reject input outside logical range only if null state is set
    - drm: qxl: Don't alloc fbdev if emulation is not supported
    - ath10k: fix a warning during channel switch with multiple vaps
    - PCI/MSI: Stop disabling MSI/MSI-X in pci_device_shutdown()
    - selinux: check for address length in selinux_socket_bind()
    - perf sort: Fix segfault with basic block 'cycles' sort dimension
    - i40e: Acquire NVM lock before reads on all devices
    - i40e: fix ethtool to get EEPROM data from X722 interface
    - perf tools: Make perf_event__synthesize_mmap_events() scale
    - drivers: net: xgene: Fix hardware checksum setting
    - drm: Defer disabling the vblank IRQ until the next interrupt (for instant-
      off)
    - ath10k: disallow DFS simulation if DFS channel is not enabled
    - perf probe: Return errno when not hitting any event
    - HID: clamp input to logical range if no null state
    - net/8021q: create device with all possible features in wanted_features
    - ARM: dts: Adjust moxart IRQ controller and flags
    - batman-adv: handle race condition for claims between gateways
    - of: fix of_device_get_modalias returned length when truncating buffers
    - solo6x10: release vb2 buffers in solo_stop_streaming()
    - scsi: ipr: Fix missed EH wakeup
    - media: i2c/soc_camera: fix ov6650 sensor getting wrong clock
    - timers, sched_clock: Update timeout for clock wrap
    - sysrq: Reset the watchdog timers while displaying high-resolution timers
    - Input: qt1070 - add OF device ID table
    - sched: act_csum: don't mangle TCP and UDP GSO packets
    - ASoC: rcar: ssi: don't set SSICR.CKDV = 000 with SSIWSR.CONT
    - spi: omap2-mcspi: poll OMAP2_MCSPI_CHSTAT_RXS for PIO transfer
    - tcp: sysctl: Fix a race to avoid unexpected 0 window from space
    - dmaengine: imx-sdma: add 1ms delay to ensure SDMA channel is stopped
    - driver: (adm1275) set the m,b and R coefficients correctly for power
    - mm: Fix false-positive VM_BUG_ON() in page_cache_{get,add}_speculative()
    - blk-throttle: make sure expire time isn't too big
    - f2fs: relax node version check for victim data in gc
    - bonding: refine bond_fold_stats() wrap detection
    - braille-console: Fix value returned by _braille_console_setup
    - drm/vmwgfx: Fixes to vmwgfx_fb
    - vxlan: vxlan dev should inherit lowerdev's gso_max_size
    - NFC: nfcmrvl: Include unaligned.h instead of access_ok.h
    - NFC: nfcmrvl: double free on error path
    - ARM: dts: r8a7790: Correct parent of SSI[0-9] clocks
    - ARM: dts: r8a7791: Correct parent of SSI[0-9] clocks
    - powerpc: Avoid taking a data miss on every userspace instruction miss
    - net/faraday: Add missing include of of.h
    - ARM: dts: koelsch: Correct clock frequency of X2 DU clock input
    - reiserfs: Make cancel_old_flush() reliable
    - ALSA: firewire-digi00x: handle all MIDI messages on streaming packets
    - fm10k: correctly check if interface is removed
    - apparmor: Make path_max parameter readonly
    - iommu/iova: Fix underflow bug in __alloc_and_insert_iova_range
    - video: ARM CLCD: fix dma allocation size
    - drm/radeon: Fail fb creation from imported dma-bufs.
    - drm/amdgpu: Fail fb creation from imported dma-bufs. (v2)
    - coresight: Fixes coresight DT parse to get correct output port ID.
    - MIPS: BPF: Quit clobbering callee saved registers in JIT code.
    - MIPS: BPF: Fix multiple problems in JIT skb access helpers.
    - MIPS: r2-on-r6-emu: Fix BLEZL and BGTZL identification
    - MIPS: r2-on-r6-emu: Clear BLTZALL and BGEZALL debugfs counters
    - regulator: isl9305: fix array size
    - md/raid6: Fix anomily when recovering a single device in RAID6.
    - usb: dwc2: Make sure we disconnect the gadget state
    - usb: gadget: dummy_hcd: Fix wrong power status bit clear/reset in
      dummy_hub_control()
    - drivers/perf: arm_pmu: handle no platform_device
    - perf inject: Copy events when reordering events in pipe mode
    - perf session: Don't rely on evlist in pipe mode
    - scsi: sg: check for valid direction before starting the request
    - scsi: sg: close race condition in sg_remove_sfp_usercontext()
    - kprobes/x86: Fix kprobe-booster not to boost far call instructions
    - kprobes/x86: Set kprobes pages read-only
    - pwm: tegra: Increase precision in PWM rate calculation
    - wil6210: fix memory access violation in wil_memcpy_from/toio_32
    - drm/edid: set ELD connector type in drm_edid_to_eld()
    - video/hdmi: Allow "empty" HDMI infoframes
    - HID: elo: clear BTN_LEFT mapping
    - ARM: dts: exynos: Correct Trats2 panel reset line
    - sched: Stop switched_to_rt() from sending IPIs to offline CPUs
    - sched: Stop resched_cpu() from sending IPIs to offline CPUs
    - test_firmware: fix setting old custom fw path back on exit
    - net: xfrm: allow clearing socket xfrm policies.
    - mtd: nand: fix interpretation of NAND_CMD_NONE in nand_command[_lp]()
    - ARM: dts: am335x-pepper: Fix the audio CODEC's reset pin
    - ARM: dts: omap3-n900: Fix the audio CODEC's reset pin
    - ath10k: update tdls teardown state to target
    - cpufreq: Fix governor module removal race
    - clk: qcom: msm8916: fix mnd_width for codec_digcodec
    - ath10k: fix invalid STS_CAP_OFFSET_MASK
    - tools/usbip: fixes build with musl libc toolchain
    - spi: sun6i: disable/unprepare clocks on remove
    - scsi: core: scsi_get_device_flags_keyed(): Always return device flags
    - scsi: devinfo: apply to HP XP the same flags as Hitachi VSP
    - scsi: dh: add new rdac devices
    - media: cpia2: Fix a couple off by one bugs
    - veth: set peer GSO values
    - drm/amdkfd: Fix memory leaks in kfd topology
    - agp/intel: Flush all chipset writes after updating the GGTT
    - mac80211_hwsim: enforce PS_MANUAL_POLL to be set after PS_ENABLED
    - mac80211: remove BUG() when interface type is invalid
    - ASoC: nuc900: Fix a loop timeout test
    - ipvlan: add L2 check for packets arriving via virtual devices
    - rcutorture/configinit: Fix build directory error message
    - ima: relax requiring a file signature for new files with zero length
    - selftests/x86/entry_from_vm86: Exit with 1 if we fail
    - selftests/x86: Add tests for User-Mode Instruction Prevention
    - selftests/x86: Add tests for the STR and SLDT instructions
    - selftests/x86/entry_from_vm86: Add test cases for POPF
    - x86/vm86/32: Fix POPF emulation
    - x86/mm: Fix vmalloc_fault to use pXd_large
    - ALSA: pcm: Fix UAF in snd_pcm_oss_get_formats()
    - ALSA: hda - Revert power_save option default value
    - ALSA: seq: Fix possible UAF in snd_seq_check_queue()
    - ALSA: seq: Clear client entry before deleting else at closing
    - drm/amdgpu/dce: Don't turn off DP sink when disconnected
    - fs: Teach path_connected to handle nfs filesystems with multiple roots.
    - lock_parent() needs to recheck if dentry got __dentry_kill'ed under it
    - fs/aio: Add explicit RCU grace period when freeing kioctx
    - fs/aio: Use RCU accessors for kioctx_table->table[]
    - irqchip/gic-v3-its: Ensure nr_ites >= nr_lpis
    - scsi: sg: fix SG_DXFER_FROM_DEV transfers
    - scsi: sg: fix static checker warning in sg_is_valid_dxfer
    - scsi: sg: only check for dxfer_len greater than 256M
    - ARM: dts: LogicPD Torpedo: Fix I2C1 pinmux
    - btrfs: alloc_chunk: fix DUP stripe size handling
    - btrfs: Fix use-after-free when cleaning up fs_devs with a single stale
      device
    - USB: gadget: udc: Add missing platform_device_put() on error in
      bdc_pci_probe()
    - usb: gadget: bdc: 64-bit pointer capability check
    - Linux 4.4.123

  * Xenial update to 4.4.123 stable release (LP: #1764666) // CVE-2017-16995
    - Revert "bpf: fix incorrect sign extension in check_alu_op()"
    - bpf: fix incorrect sign extension in check_alu_op()

  * Xenial update to 4.4.122 stable release (LP: #1764627)
    - RDMA/ucma: Limit possible option size
    - RDMA/ucma: Check that user doesn't overflow QP state
    - RDMA/mlx5: Fix integer overflow while resizing CQ
    - scsi: qla2xxx: Fix NULL pointer crash due to active timer for ABTS
    - workqueue: Allow retrieval of current task's work struct
    - drm: Allow determining if current task is output poll worker
    - drm/nouveau: Fix deadlock on runtime suspend
    - drm/radeon: Fix deadlock on runtime suspend
    - drm/amdgpu: Fix deadlock on runtime suspend
    - drm/amdgpu: Notify sbios device ready before send request
    - drm/radeon: fix KV harvesting
    - drm/amdgpu: fix KV harvesting
    - MIPS: BMIPS: Do not mask IPIs during suspend
    - MIPS: ath25: Check for kzalloc allocation failure
    - MIPS: OCTEON: irq: Check for null return on kzalloc allocation
    - Input: matrix_keypad - fix race when disabling interrupts
    - loop: Fix lost writes caused by missing flag
    - kbuild: Handle builtin dtb file names containing hyphens
    - bcache: don't attach backing with duplicate UUID
    - x86/MCE: Serialize sysfs changes
    - ALSA: hda/realtek - Fix dock line-out volume on Dell Precision 7520
    - ALSA: seq: More protection for concurrent write and ioctl races
    - ALSA: hda: add dock and led support for HP EliteBook 820 G3
    - ALSA: hda: add dock and led support for HP ProBook 640 G2
    - watchdog: hpwdt: SMBIOS check
    - watchdog: hpwdt: Check source of NMI
    - watchdog: hpwdt: fix unused variable warning
    - netfilter: nfnetlink_queue: fix timestamp attribute
    - Input: tca8418_keypad - remove double read of key event register
    - tc358743: fix register i2c_rd/wr function fix
    - netfilter: add back stackpointer size checks
    - netfilter: x_tables: fix missing timer initialization in xt_LED
    - netfilter: nat: cope with negative port range
    - netfilter: IDLETIMER: be syzkaller friendly
    - netfilter: ebtables: CONFIG_COMPAT: don't trust userland offsets
    - netfilter: bridge: ebt_among: add missing match size checks
    - netfilter: ipv6: fix use-after-free Write in nf_nat_ipv6_manip_pkt
    - netfilter: use skb_to_full_sk in ip_route_me_harder
    - ext4: inplace xattr block update fails to deduplicate blocks
    - ubi: Fix race condition between ubi volume creation and udev
    - scsi: qla2xxx: Replace fcport alloc with qla2x00_alloc_fcport
    - NFS: Fix an incorrect type in struct nfs_direct_req
    - Revert "ARM: dts: LogicPD Torpedo: Fix I2C1 pinmux"
    - x86/module: Detect and skip invalid relocations
    - x86: Treat R_X86_64_PLT32 as R_X86_64_PC32
    - serial: sh-sci: prevent lockup on full TTY buffers
    - tty/serial: atmel: add new version check for usart
    - uas: fix comparison for error code
    - staging: comedi: fix comedi_nsamples_left.
    - staging: android: ashmem: Fix lockdep issue during llseek
    - USB: storage: Add JMicron bridge 152d:2567 to unusual_devs.h
    - usb: quirks: add control message delay for 1b1c:1b20
    - USB: usbmon: remove assignment from IS_ERR argument
    - usb: usbmon: Read text within supplied buffer size
    - usb: gadget: f_fs: Fix use-after-free in ffs_fs_kill_sb()
    - serial: 8250_pci: Add Brainboxes UC-260 4 port serial device
    - fixup: sctp: verify size of a new chunk in _sctp_make_chunk()
    - Linux 4.4.122

  * Xenial update to 4.4.122 stable release (LP: #1764627) // CVE-2018-1000004.
    - ALSA: seq: Don't allow resizing pool in use

  * Xenial update to 4.4.121 stable release (LP: #1764367)
    - tpm: st33zp24: fix potential buffer overruns caused by bit glitches on the
      bus
    - tpm_i2c_infineon: fix potential buffer overruns caused by bit glitches on
      the bus
    - tpm_i2c_nuvoton: fix potential buffer overruns caused by bit glitches on the
      bus
    - ALSA: usb-audio: Add a quirck for B&W PX headphones
    - ALSA: hda: Add a power_save blacklist
    - cpufreq: s3c24xx: Fix broken s3c_cpufreq_init()
    - media: m88ds3103: don't call a non-initalized function
    - ARM: mvebu: Fix broken PL310_ERRATA_753970 selects
    - KVM: mmu: Fix overlap between public and private memslots
    - btrfs: Don't clear SGID when inheriting ACLs
    - ARM: dts: LogicPD Torpedo: Fix I2C1 pinmux
    - x86/apic/vector: Handle legacy irq data correctly
    - leds: do not overflow sysfs buffer in led_trigger_show
    - x86/spectre: Fix an error message
    - bridge: check brport attr show in brport_show
    - fib_semantics: Don't match route with mismatching tclassid
    - hdlc_ppp: carrier detect ok, don't turn off negotiation
    - ipv6 sit: work around bogus gcc-8 -Wrestrict warning
    - net: fix race on decreasing number of TX queues
    - net: ipv4: don't allow setting net.ipv4.route.min_pmtu below 68
    - netlink: ensure to loop over all netns in genlmsg_multicast_allns()
    - ppp: prevent unregistered channels from connecting to PPP units
    - udplite: fix partial checksum initialization
    - sctp: fix dst refcnt leak in sctp_v4_get_dst
    - sctp: fix dst refcnt leak in sctp_v6_get_dst()
    - s390/qeth: fix SETIP command handling
    - s390/qeth: fix IPA command submission race
    - sctp: verify size of a new chunk in _sctp_make_chunk()
    - net: mpls: Pull common label check into helper
    - dm io: fix duplicate bio completion due to missing ref count
    - bpf, x64: implement retpoline for tail call
    - btrfs: preserve i_mode if __btrfs_set_acl() fails
    - Linux 4.4.121

  * Xenial update to 4.4.120 stable release (LP: #1764316)
    - hrtimer: Ensure POSIX compliance (relative CLOCK_REALTIME hrtimers)
    - f2fs: fix a bug caused by NULL extent tree
    - mtd: nand: gpmi: Fix failure when a erased page has a bitflip at BBM
    - ipv6: icmp6: Allow icmp messages to be looped back
    - ARM: 8731/1: Fix csum_partial_copy_from_user() stack mismatch
    - sget(): handle failures of register_shrinker()
    - drm/nouveau/pci: do a msi rearm on init
    - spi: atmel: fixed spin_lock usage inside atmel_spi_remove
    - net: arc_emac: fix arc_emac_rx() error paths
    - scsi: storvsc: Fix scsi_cmd error assignments in storvsc_handle_error
    - ARM: dts: ls1021a: fix incorrect clock references
    - lib/mpi: Fix umul_ppmm() for MIPS64r6
    - tg3: Add workaround to restrict 5762 MRRS to 2048
    - tg3: Enable PHY reset in MTU change path for 5720
    - bnx2x: Improve reliability in case of nested PCI errors
    - s390/dasd: fix wrongly assigned configuration data
    - IB/mlx4: Fix mlx4_ib_alloc_mr error flow
    - IB/ipoib: Fix race condition in neigh creation
    - xfs: quota: fix missed destroy of qi_tree_lock
    - xfs: quota: check result of register_shrinker()
    - e1000: fix disabling already-disabled warning
    - drm/ttm: check the return value of kzalloc
    - mac80211: mesh: drop frames appearing to be from us
    - can: flex_can: Correct the checking for frame length in flexcan_start_xmit()
    - bnxt_en: Fix the 'Invalid VF' id check in bnxt_vf_ndo_prep routine.
    - xen-netfront: enable device after manual module load
    - mdio-sun4i: Fix a memory leak
    - SolutionEngine771x: fix Ether platform data
    - xen/gntdev: Fix off-by-one error when unmapping with holes
    - xen/gntdev: Fix partial gntdev_mmap() cleanup
    - sctp: make use of pre-calculated len
    - net: gianfar_ptp: move set_fipers() to spinlock protecting area
    - MIPS: Implement __multi3 for GCC7 MIPS64r6 builds
    - Linux 4.4.120

  * Xenial update to 4.4.119 stable release (LP: #1762453)
    - netfilter: drop outermost socket lock in getsockopt()
    - powerpc/64s: Fix RFI flush dependency on HARDLOCKUP_DETECTOR
    - PCI: keystone: Fix interrupt-controller-node lookup
    - ip_tunnel: replace dst_cache with generic implementation
    - ip_tunnel: fix preempt warning in ip tunnel creation/updating
    - scsi: ibmvfc: fix misdefined reserved field in ibmvfc_fcp_rsp_info
    - cfg80211: fix cfg80211_beacon_dup
    - iio: buffer: check if a buffer has been set up when poll is called
    - iio: adis_lib: Initialize trigger before requesting interrupt
    - x86/oprofile: Fix bogus GCC-8 warning in nmi_setup()
    - irqchip/gic-v3: Use wmb() instead of smb_wmb() in gic_raise_softirq()
    - usb: ohci: Proper handling of ed_rm_list to handle race condition between
      usb_kill_urb() and finish_unlinks()
    - arm64: Disable unhandled signal log messages by default
    - Add delay-init quirk for Corsair K70 RGB keyboards
    - usb: dwc3: gadget: Set maxpacket size for ep0 IN
    - usb: ldusb: add PIDs for new CASSY devices supported by this driver
    - usb: gadget: f_fs: Process all descriptors during bind
    - usb: renesas_usbhs: missed the "running" flag in usb_dmac with rx path
    - drm/amdgpu: Avoid leaking PM domain on driver unbind (v2)
    - binder: add missing binder_unlock()
    - Linux 4.4.119

  * [regression] Colour banding and artefacts appear system-wide on an Asus
    Zenbook UX303LA with Intel HD 4400 graphics (LP: #1749420) // Xenial update
    to 4.4.119 stable release (LP: #1762453)
    - drm/edid: Add 6 bpc quirk for CPT panel in Asus UX303LA

  * Xenial update to 4.4.118 stable release (LP: #1756866)
    - net: add dst_cache support
    - [Config] Add CONFIG_DST_CACHE=y
    - net: replace dst_cache ip6_tunnel implementation with the generic one
    - cfg80211: check dev_set_name() return value
    - mm,vmscan: Make unregister_shrinker() no-op if register_shrinker() failed.
    - xfrm: Fix stack-out-of-bounds read on socket policy lookup.
    - xfrm: check id proto in validate_tmpl()
    - blktrace: fix unlocked registration of tracepoints
    - drm: Require __GFP_NOFAIL for the legacy drm_modeset_lock_all
    - Provide a function to create a NUL-terminated string from unterminated data
    - selinux: ensure the context is NUL terminated in
      security_context_to_sid_core()
    - selinux: skip bounded transition processing if the policy isn't loaded
    - crypto: x86/twofish-3way - Fix %rbp usage
    - KVM: x86: fix escape of guest dr6 to the host
    - netfilter: x_tables: fix int overflow in xt_alloc_table_info()
    - netfilter: x_tables: avoid out-of-bounds reads in
      xt_request_find_{match|target}
    - netfilter: ipt_CLUSTERIP: fix out-of-bounds accesses in clusterip_tg_check()
    - netfilter: on sockopt() acquire sock lock only in the required scope
    - netfilter: xt_RATEEST: acquire xt_rateest_mutex for hash insert
    - net: avoid skb_warn_bad_offload on IS_ERR
    - ASoC: ux500: add MODULE_LICENSE tag
    - video: fbdev/mmp: add MODULE_LICENSE
    - arm64: dts: add #cooling-cells to CPU nodes
    - Make DST_CACHE a silent config option
    - dn_getsockoptdecnet: move nf_{get/set}sockopt outside sock lock
    - staging: android: ashmem: Fix a race condition in pin ioctls
    - binder: check for binder_thread allocation failure in binder_poll()
    - staging: iio: adc: ad7192: fix external frequency setting
    - usbip: keep usbip_device sockfd state in sync with tcp_socket
    - usb: build drivers/usb/common/ when USB_SUPPORT is set
    - ARM: OMAP2+: Fix SRAM virt to phys translation for save_secure_ram_context
    - ARM: AM33xx: PRM: Remove am33xx_pwrdm_read_prev_pwrst function
    - ARM: dts: Fix omap4 hang with GPS connected to USB by using wakeupgen
    - ARM: dts: am4372: Correct the interrupts_properties of McASP
    - perf top: Fix window dimensions change handling
    - perf bench numa: Fixup discontiguous/sparse numa nodes
    - media: s5k6aa: describe some function parameters
    - pinctrl: sunxi: Fix A80 interrupt pin bank
    - RDMA/cma: Make sure that PSN is not over max allowed
    - scripts/kernel-doc: Don't fail with status != 0 if error encountered with
      -none
    - ipvlan: Add the skb->mark as flow4's member to lookup route
    - powerpc/perf: Fix oops when grouping different pmu events
    - s390/dasd: prevent prefix I/O error
    - gianfar: fix a flooded alignment reports because of padding issue.
    - net_sched: red: Avoid devision by zero
    - net_sched: red: Avoid illegal values
    - btrfs: Fix possible off-by-one in btrfs_search_path_in_tree
    - 509: fix printing uninitialized stack memory when OID is empty
    - dmaengine: ioat: Fix error handling path
    - dmaengine: at_hdmac: fix potential NULL pointer dereference in
      atc_prep_dma_interleaved
    - clk: fix a panic error caused by accessing NULL pointer
    - ASoC: rockchip: disable clock on error
    - spi: sun4i: disable clocks in the remove function
    - xfrm: Fix stack-out-of-bounds with misconfigured transport mode policies.
    - drm/armada: fix leak of crtc structure
    - dmaengine: jz4740: disable/unprepare clk if probe fails
    - mm/early_ioremap: Fix boot hang with earlyprintk=efi,keep
    - x86/mm/kmmio: Fix mmiotrace for page unaligned addresses
    - xen: XEN_ACPI_PROCESSOR is Dom0-only
    - hippi: Fix a Fix a possible sleep-in-atomic bug in rr_close
    - virtio_balloon: prevent uninitialized variable use
    - isdn: icn: remove a #warning
    - vmxnet3: prevent building with 64K pages
    - [Config] ppc64el: Drop vmxnet3 module
    - gpio: intel-mid: Fix build warning when !CONFIG_PM
    - platform/x86: intel_mid_thermal: Fix suspend handlers unused warning
    - video: fbdev: via: remove possibly unused variables
    - scsi: advansys: fix build warning for PCI=n
    - x86/ras/inject: Make it depend on X86_LOCAL_APIC=y
    - arm64: define BUG() instruction without CONFIG_BUG
    - x86/fpu/math-emu: Fix possible uninitialized variable use
    - tools build: Add tools tree support for 'make -s'
    - x86/build: Silence the build with "make -s"
    - thermal: fix INTEL_SOC_DTS_IOSF_CORE dependencies
    - x86: add MULTIUSER dependency for KVM
    - x86/platform: Add PCI dependency for PUNIT_ATOM_DEBUG
    - scsi: advansys: fix uninitialized data access
    - arm64: Kconfig: select COMPAT_BINFMT_ELF only when BINFMT_ELF is set
    - ALSA: hda/ca0132 - fix possible NULL pointer use
    - reiserfs: avoid a -Wmaybe-uninitialized warning
    - ssb: mark ssb_bus_register as __maybe_unused
    - thermal: spear: use __maybe_unused for PM functions
    - x86/boot: Avoid warning for zero-filling .bss
    - scsi: sim710: fix build warning
    - drivers/net: fix eisa_driver probe section mismatch
    - dpt_i2o: fix build warning
    - profile: hide unused functions when !CONFIG_PROC_FS
    - md: avoid warning for 32-bit sector_t
    - mtd: ichxrom: maybe-uninitialized with gcc-4.9
    - mtd: maps: add __init attribute
    - mptfusion: hide unused seq_mpt_print_ioc_summary function
    - scsi: fdomain: drop fdomain_pci_tbl when built-in
    - video: fbdev: sis: remove unused variable
    - staging: ste_rmi4: avoid unused function warnings
    - fbdev: sis: enforce selection of at least one backend
    - video: Use bool instead int pointer for get_opt_bool() argument
    - scsi: mvumi: use __maybe_unused to hide pm functions
    - SCSI: initio: remove duplicate module device table
    - pwc: hide unused label
    - usb: musb/ux500: remove duplicate check for dma_is_compatible
    - tty: hvc_xen: hide xen_console_remove when unused
    - target/user: Fix cast from pointer to phys_addr_t
    - driver-core: use 'dev' argument in dev_dbg_ratelimited stub
    - fbdev: auo_k190x: avoid unused function warnings
    - amd-xgbe: Fix unused suspend handlers build warning
    - mtd: sh_flctl: pass FIFO as physical address
    - mtd: cfi: enforce valid geometry configuration
    - fbdev: s6e8ax0: avoid unused function warnings
    - modsign: hide openssl output in silent builds
    - fbdev: sm712fb: avoid unused function warnings
    - hwrng: exynos - use __maybe_unused to hide pm functions
    - USB: cdc_subset: only build when one driver is enabled
    - [Config] Add CONFIG_USB_NET_CDC_SUBSET_ENABLE=m
    - rtlwifi: fix gcc-6 indentation warning
    - staging: wilc1000: fix kbuild test robot error
    - x86/platform/olpc: Fix resume handler build warning
    - netfilter: ipvs: avoid unused variable warnings
    - ipv4: ipconfig: avoid unused ic_proto_used symbol
    - tc1100-wmi: fix build warning when CONFIG_PM not enabled
    - tlan: avoid unused label with PCI=n
    - drm/vmwgfx: use *_32_bits() macros
    - tty: cyclades: cyz_interrupt is only used for PCI
    - genirq/msi: Add stubs for get_cached_msi_msg/pci_write_msi_msg
    - ASoC: mediatek: add i2c dependency
    - iio: adc: axp288: remove redundant duplicate const on axp288_adc_channels
    - infiniband: cxgb4: use %pR format string for printing resources
    - b2c2: flexcop: avoid unused function warnings
    - i2c: remove __init from i2c_register_board_info()
    - staging: unisys: visorinput depends on INPUT
    - tc358743: fix register i2c_rd/wr functions
    - drm/nouveau: hide gcc-4.9 -Wmaybe-uninitialized
    - Input: tca8418_keypad - hide gcc-4.9 -Wmaybe-uninitialized warning
    - KVM: add X86_LOCAL_APIC dependency
    - go7007: add MEDIA_CAMERA_SUPPORT dependency
    - em28xx: only use mt9v011 if camera support is enabled
    - ISDN: eicon: reduce stack size of sig_ind function
    - ASoC: rockchip: use __maybe_unused to hide st_irq_syscfg_resume
    - serial: 8250_mid: fix broken DMA dependency
    - drm/gma500: Sanity-check pipe index
    - hdpvr: hide unused variable
    - v4l: remove MEDIA_TUNER dependency for VIDEO_TUNER
    - cw1200: fix bogus maybe-uninitialized warning
    - wireless: cw1200: use __maybe_unused to hide pm functions_
    - perf/x86: Shut up false-positive -Wmaybe-uninitialized warning
    - dmaengine: zx: fix build warning
    - net: hp100: remove unnecessary #ifdefs
    - gpio: xgene: mark PM functions as __maybe_unused
    - ncpfs: fix unused variable warning
    - Revert "power: bq27xxx_battery: Remove unneeded dependency in Kconfig"
    - power: bq27xxx_battery: mark some symbols __maybe_unused
    - isdn: sc: work around type mismatch warning
    - binfmt_elf: compat: avoid unused function warning
    - idle: i7300: add PCI dependency
    - usb: phy: msm add regulator dependency
    - ncr5380: shut up gcc indentation warning
    - ARM: tegra: select USB_ULPI from EHCI rather than platform
    - ASoC: Intel: Kconfig: fix build when ACPI is not enabled
    - netlink: fix nla_put_{u8,u16,u32} for KASAN
    - dell-wmi, dell-laptop: depends DMI
    - genksyms: Fix segfault with invalid declarations
    - x86/microcode/AMD: Change load_microcode_amd()'s param to bool to fix
      preemptibility bug
    - drm/gma500: remove helper function
    - kasan: rework Kconfig settings
    - KVM: async_pf: Fix #DF due to inject "Page not Present" and "Page Ready"
      exceptions simultaneously
    - x86/retpoline: Remove the esp/rsp thunk
    - module/retpoline: Warn about missing retpoline in module
    - x86/nospec: Fix header guards names
    - x86/bugs: Drop one "mitigation" from dmesg
    - x86/cpu/bugs: Make retpoline module warning conditional
    - x86/spectre: Check CONFIG_RETPOLINE in command line parser
    - x86/spectre: Fix spelling mistake: "vunerable"-> "vulnerable"
    - x86/paravirt: Remove 'noreplace-paravirt' cmdline option
    - x86/retpoline: Avoid retpolines for built-in __init functions
    - x86/spectre: Simplify spectre_v2 command line parsing
    - x86/speculation: Fix typo IBRS_ATT, which should be IBRS_ALL
    - KVM: nVMX: kmap() can't fail
    - KVM: nVMX: vmx_complete_nested_posted_interrupt() can't fail
    - kvm: nVMX: Fix kernel panics induced by illegal INVEPT/INVVPID types
    - KVM: VMX: clean up declaration of VPID/EPT invalidation types
    - KVM: nVMX: invvpid handling improvements
    - crypto: s5p-sss - Fix kernel Oops in AES-ECB mode
    - net: dst_cache_per_cpu_dst_set() can be static
    - ARM: omap2: hide omap3_save_secure_ram on non-OMAP3 builds
    - Linux 4.4.118

  * ibrs/ibpb fixes result in excessive kernel logging  (LP: #1755627)
    - SAUCE: remove ibrs_dump sysctl interface

 -- Stefan Bader <email address hidden>  Tue, 24 Apr 2018 17:54:06 +0200
Superseded in trusty-security on 2018-05-08
Superseded in trusty-updates on 2018-05-08
Deleted in trusty-proposed (Reason: moved to -updates)
linux-lts-xenial (4.4.0-121.145~14.04.1) trusty; urgency=medium

  * linux-lts-xenial: 4.4.0-121.145~14.04.1 -proposed tracker (LP: #1763688)

  * linux: 4.4.0-121.145 -proposed tracker (LP: #1763687)

  * Ubuntu-4.4.0-120.144 fails to boot on arm64* hardware (LP: #1763644)
    - [Config] arm64: disable BPF_JIT_ALWAYS_ON

Deleted in trusty-proposed on 2018-04-18 (Reason: NBS)
linux-lts-xenial (4.4.0-120.144~14.04.1) trusty; urgency=medium

  * linux-lts-xenial: 4.4.0-120.144~14.04.1 -proposed tracker (LP: #1761441)

  * linux: 4.4.0-120.144 -proposed tracker (LP: #1761438)

  * intel-microcode 3.20180312.0 causes lockup at login screen(w/ linux-
    image-4.13.0-37-generic) (LP: #1759920) // CVE-2017-5715 (Spectre v2 Intel)
    - Revert "x86/mm: Only set IBPB when the new thread cannot ptrace current
      thread"
    - x86/speculation: Use Indirect Branch Prediction Barrier in context switch

  * DKMS driver builds fail with: Cannot use CONFIG_STACK_VALIDATION=y, please
    install libelf-dev, libelf-devel or elfutils-libelf-devel (LP: #1760876)
    - [Packaging] include the retpoline extractor in the headers

  * retpoline hints: primary infrastructure and initial hints (LP: #1758856)
    - [Packaging] retpoline-extract: flag *0xNNN(%reg) branches
    - x86/speculation, objtool: Annotate indirect calls/jumps for objtool
    - x86/speculation, objtool: Annotate indirect calls/jumps for objtool on 32bit
    - x86/paravirt, objtool: Annotate indirect calls
    - x86/asm: Stop depending on ptrace.h in alternative.h
    - [Packaging] retpoline -- add safe usage hint support
    - [Packaging] retpoline-check -- only report additions
    - [Packaging] retpoline -- widen indirect call/jmp detection
    - [Packaging] retpoline -- elide %rip relative indirections
    - [Packaging] retpoline -- clear hint information from packages
    - SAUCE: modpost: add discard to non-allocatable whitelist
    - KVM: x86: Make indirect calls in emulator speculation safe
    - KVM: VMX: Make indirect call speculation safe
    - x86/boot, objtool: Annotate indirect jump in secondary_startup_64()
    - SAUCE: early/late -- annotate indirect calls in early/late initialisation
      code
    - SAUCE: vga_set_mode -- avoid jump tables
    - [Config] retpoline -- switch to new format
    - [Packaging] final-checks -- remove check for empty retpoline files

  * Xenial update to 4.4.117 stable release (LP: #1756860)
    - IB/mlx4: Fix incorrectly releasing steerable UD QPs when have only ETH ports
    - PM / devfreq: Propagate error from devfreq_add_device()
    - s390: fix handling of -1 in set{,fs}[gu]id16 syscalls
    - ARM: dts: STi: Add gpio polarity for "hdmi,hpd-gpio" property
    - arm: spear600: Add missing interrupt-parent of rtc
    - arm: spear13xx: Fix dmas cells
    - arm: spear13xx: Fix spics gpio controller's warning
    - ALSA: seq: Fix regression by incorrect ioctl_mutex usages
    - KVM/x86: Reduce retpoline performance impact in slot_handle_level_range(),
      by always inlining iterator helper methods
    - x86/cpu: Change type of x86_cache_size variable to unsigned int
    - drm/radeon: adjust tested variable
    - rtc-opal: Fix handling of firmware error codes, prevent busy loops
    - ext4: save error to disk in __ext4_grp_locked_error()
    - ext4: correct documentation for grpid mount option
    - mm: hide a #warning for COMPILE_TEST
    - video: fbdev: atmel_lcdfb: fix display-timings lookup
    - console/dummy: leave .con_font_get set to NULL
    - rtlwifi: rtl8821ae: Fix connection lost problem correctly
    - Btrfs: fix deadlock in run_delalloc_nocow
    - Btrfs: fix crash due to not cleaning up tree log block's dirty bits
    - Btrfs: fix unexpected -EEXIST when creating new inode
    - ALSA: hda - Fix headset mic detection problem for two Dell machines
    - ALSA: usb-audio: Fix UAC2 get_ctl request with a RANGE attribute
    - ALSA: hda/realtek: PCI quirk for Fujitsu U7x7
    - ALSA: usb-audio: add implicit fb quirk for Behringer UFX1204
    - ALSA: seq: Fix racy pool initializations
    - mvpp2: fix multicast address filter
    - dm: correctly handle chained bios in dec_pending()
    - x86: fix build warnign with 32-bit PAE
    - vfs: don't do RCU lookup of empty pathnames
    - ARM: pxa/tosa-bt: add MODULE_LICENSE tag
    - ARM: dts: s5pv210: add interrupt-parent for ohci
    - media: r820t: fix r820t_write_reg for KASAN
    - Linux 4.4.117

  * zfs system process hung on container stop/delete (LP: #1754584)
    - SAUCE: (noup) zfs to 0.6.5.6-0ubuntu19
    - SAUCE: Fix non-prefaulted page deadlock (LP: #1754584)

  * apparmor: fix bad __initdata tagging on, apparmor_initialized (LP: #1758471)
    - SAUCE: apparmor: fix bad __initdata tagging on, apparmor_initialized

  * Xenial update to 4.4.116 stable release (LP: #1756121)
    - powerpc/bpf/jit: Disable classic BPF JIT on ppc64le
    - powerpc/64: Fix flush_(d|i)cache_range() called from modules
    - powerpc: Fix VSX enabling/flushing to also test MSR_FP and MSR_VEC
    - powerpc: Simplify module TOC handling
    - ASoC: pcm512x: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE
    - usbip: vhci_hcd: clear just the USB_PORT_STAT_POWER bit
    - usbip: fix 3eee23c3ec14 tcp_socket address still in the status file
    - net: cdc_ncm: initialize drvflags before usage
    - ASoC: simple-card: Fix misleading error message
    - ASoC: rsnd: don't call free_irq() on Parent SSI
    - ASoC: rsnd: avoid duplicate free_irq()
    - drm: rcar-du: Use the VBK interrupt for vblank events
    - drm: rcar-du: Fix race condition when disabling planes at CRTC stop
    - x86/asm: Fix inline asm call constraints for GCC 4.4
    - ip6mr: fix stale iterator
    - net: igmp: add a missing rcu locking section
    - qlcnic: fix deadlock bug
    - r8169: fix RTL8168EP take too long to complete driver initialization.
    - tcp: release sk_frag.page in tcp_disconnect
    - vhost_net: stop device during reset owner
    - media: soc_camera: soc_scale_crop: add missing
      MODULE_DESCRIPTION/AUTHOR/LICENSE
    - KEYS: encrypted: fix buffer overread in valid_master_desc()
    - don't put symlink bodies in pagecache into highmem
    - crypto: tcrypt - fix S/G table for test_aead_speed()
    - x86/microcode: Do the family check first
    - powerpc/pseries: include linux/types.h in asm/hvcall.h
    - cifs: Fix missing put_xid in cifs_file_strict_mmap
    - cifs: Fix autonegotiate security settings mismatch
    - CIFS: zero sensitive data when freeing
    - dmaengine: dmatest: fix container_of member in dmatest_callback
    - x86/kaiser: fix build error with KASAN && !FUNCTION_GRAPH_TRACER
    - kaiser: fix compile error without vsyscall
    - netfilter: nf_queue: Make the queue_handler pernet
    - posix-timer: Properly check sigevent->sigev_notify
    - usb: gadget: uvc: Missing files for configfs interface
    - sched/rt: Use container_of() to get root domain in rto_push_irq_work_func()
    - sched/rt: Up the root domain ref count when passing it around via IPIs
    - media: dvb-usb-v2: lmedm04: Improve logic checking of warm start
    - media: dvb-usb-v2: lmedm04: move ts2020 attach to dm04_lme2510_tuner
    - mtd: cfi: convert inline functions to macros
    - mtd: nand: brcmnand: Disable prefetch by default
    - mtd: nand: Fix nand_do_read_oob() return value
    - mtd: nand: sunxi: Fix ECC strength choice
    - ubi: block: Fix locking for idr_alloc/idr_remove
    - nfs/pnfs: fix nfs_direct_req ref leak when i/o falls back to the mds
    - NFS: Add a cond_resched() to nfs_commit_release_pages()
    - NFS: commit direct writes even if they fail partially
    - NFS: reject request for id_legacy key without auxdata
    - kernfs: fix regression in kernfs_fop_write caused by wrong type
    - ahci: Annotate PCI ids for mobile Intel chipsets as such
    - ahci: Add PCI ids for Intel Bay Trail, Cherry Trail and Apollo Lake AHCI
    - ahci: Add Intel Cannon Lake PCH-H PCI ID
    - crypto: hash - introduce crypto_hash_alg_has_setkey()
    - crypto: cryptd - pass through absence of ->setkey()
    - crypto: poly1305 - remove ->setkey() method
    - nsfs: mark dentry with DCACHE_RCUACCESS
    - media: v4l2-ioctl.c: don't copy back the result for -ENOTTY
    - vb2: V4L2_BUF_FLAG_DONE is set after DQBUF
    - media: v4l2-compat-ioctl32.c: add missing VIDIOC_PREPARE_BUF
    - media: v4l2-compat-ioctl32.c: fix the indentation
    - media: v4l2-compat-ioctl32.c: move 'helper' functions to
      __get/put_v4l2_format32
    - media: v4l2-compat-ioctl32.c: avoid sizeof(type)
    - media: v4l2-compat-ioctl32.c: copy m.userptr in put_v4l2_plane32
    - media: v4l2-compat-ioctl32.c: fix ctrl_is_pointer
    - media: v4l2-compat-ioctl32.c: make ctrl_is_pointer work for subdevs
    - media: v4l2-compat-ioctl32: Copy v4l2_window->global_alpha
    - media: v4l2-compat-ioctl32.c: copy clip list in put_v4l2_window32
    - media: v4l2-compat-ioctl32.c: drop pr_info for unknown buffer type
    - media: v4l2-compat-ioctl32.c: don't copy back the result for certain errors
    - media: v4l2-compat-ioctl32.c: refactor compat ioctl32 logic
    - crypto: caam - fix endless loop when DECO acquire fails
    - arm: KVM: Fix SMCCC handling of unimplemented SMC/HVC calls
    - KVM: nVMX: Fix races when sending nested PI while dest enters/leaves L2
    - watchdog: imx2_wdt: restore previous timeout after suspend+resume
    - media: ts2020: avoid integer overflows on 32 bit machines
    - media: cxusb, dib0700: ignore XC2028_I2C_FLUSH
    - kernel/async.c: revert "async: simplify lowest_in_progress()"
    - HID: quirks: Fix keyboard + touchpad on Toshiba Click Mini not working
    - Bluetooth: btsdio: Do not bind to non-removable BCM43341
    - Bluetooth: btusb: Restore QCA Rome suspend/resume fix with a "rewritten"
      version
    - signal/openrisc: Fix do_unaligned_access to send the proper signal
    - signal/sh: Ensure si_signo is initialized in do_divide_error
    - alpha: fix crash if pthread_create races with signal delivery
    - alpha: fix reboot on Avanti platform
    - xtensa: fix futex_atomic_cmpxchg_inatomic
    - EDAC, octeon: Fix an uninitialized variable warning
    - pktcdvd: Fix pkt_setup_dev() error path
    - btrfs: Handle btrfs_set_extent_delalloc failure in fixup worker
    - ACPI: sbshc: remove raw pointer from printk() message
    - ovl: fix failure to fsync lower dir
    - mn10300/misalignment: Use SIGSEGV SEGV_MAPERR to report a failed user copy
    - ftrace: Remove incorrect setting of glob search field
    - Linux 4.4.116

  * Xenial update to 4.4.116 stable release (LP: #1756121) // CVE-2017-5754
    - Revert "UBUNTU: SAUCE: UBUNTU: [Config] Disable CONFIG_PPC_DEBUG_RFI"
    - Revert "UBUNTU: SAUCE: rfi-flush: Fix some RFI conversions in the KVM code"
    - Revert "UBUNTU: SAUCE: rfi-flush: Fix the 32-bit KVM build"
    - Revert "UBUNTU: SAUCE: rfi-flush: Fallback flush add load dependency"
    - Revert "UBUNTU: SAUCE: rfi-flush: Use rfi-flush in printks"
    - Revert "UBUNTU: SAUCE: rfi-flush: Add no_rfi_flush and nopti comandline
      options"
    - Revert "UBUNTU: SAUCE: rfi-flush: Refactor the macros so the nops are
      defined once"
    - Revert "UBUNTU: SAUCE: rfi-flush: Fix HRFI_TO_UNKNOWN"
    - Revert "UBUNTU: SAUCE: rfi-flush: Fix the fallback flush to actually
      activate"
    - Revert "UBUNTU: SAUCE: rfi-flush: Rework pseries logic to be more cautious"
    - Revert "UBUNTU: SAUCE: rfi-flush: Rework powernv logic to be more cautious"
    - Revert "UBUNTU: SAUCE: rfi-flush: Add barriers to the fallback L1D flushing"
    - Revert "UBUNTU: SAUCE: Fix compilation errors for arch/powerpc/lib/feature-
      fixups.c"
    - Revert "UBUNTU: SAUCE: Remove setup.h include file otherwise compilation
      complains about missing header file."
    - Revert "UBUNTU: SAUCE: powerpc/asm: Allow including ppc_asm.h in asm files"
    - Revert "UBUNTU: SAUCE: rfi-flush: Add speculation barrier before ori 30,30,0
      flush"
    - Revert "UBUNTU: SAUCE: rfi-flush: Allow HV to advertise multiple flush
      types"
    - Revert "UBUNTU: SAUCE: rfi-flush: Support more than one flush type at once"
    - Revert "UBUNTU: SAUCE: rfi-flush: Expand the RFI section to two nop slots"
    - Revert "UBUNTU: SAUCE: rfi-flush: Push the instruction selection down to the
      patching routine"
    - Revert "UBUNTU: SAUCE: rfi-flush: Make l1d_flush_type bit flags"
    - Revert "UBUNTU: SAUCE: rfi-flush: Implement congruence-first fallback flush"
    - Revert "UBUNTU: SAUCE: KVM: Revert the implementation of
      H_GET_CPU_CHARACTERISTICS"
    - Revert "UBUNTU: SAUCE: rfi-flush: kvmppc_skip_(H)interrupt returns to host"
    - Revert "UBUNTU: SAUCE: Fixup rfid in kvmppc_skip_Hinterrupt should be hrfid"
    - Revert "UBUNTU: SAUCE: rfi-flush: Add HRFI_TO_UNKNOWN and use it in denorm"
    - Revert "UBUNTU: SAUCE: rfi-flush: Make DEBUG_RFI a CONFIG option"
    - Revert "UBUNTU: SAUCE: powerpc: Secure memory rfi flush"
    - powerpc/pseries: Add H_GET_CPU_CHARACTERISTICS flags & wrapper
    - powerpc/64: Add macros for annotating the destination of rfid/hrfid
    - powerpc/64s: Simple RFI macro conversions
    - powerpc/64: Convert fast_exception_return to use RFI_TO_USER/KERNEL
    - powerpc/64: Convert the syscall exit path to use RFI_TO_USER/KERNEL
    - powerpc/64s: Convert slb_miss_common to use RFI_TO_USER/KERNEL
    - powerpc/64s: Add support for RFI flush of L1-D cache
    - powerpc/64s: Support disabling RFI flush with no_rfi_flush and nopti
    - powerpc/pseries: Query hypervisor for RFI flush settings
    - powerpc/powernv: Check device-tree for RFI flush settings
    - powerpc/64s: Wire up cpu_show_meltdown()
    - powerpc/64s: Allow control of RFI flush via debugfs

  * Intel i40e PF reset due to incorrect MDD detection (continues...)
    (LP: #1723127)
    - i40e/i40evf: Account for frags split over multiple descriptors in check
      linearize
    - i40e/i40evf: Allow up to 12K bytes of data per Tx descriptor instead of 8K

  * Xenial update to 4.4.115 stable release (LP: #1755509)
    - x86: bpf_jit: small optimization in emit_bpf_tail_call()
    - bpf: fix bpf_tail_call() x64 JIT
    - [Config] CONFIG_BPF_JIT_ALWAYS_ON=y
    - bpf: introduce BPF_JIT_ALWAYS_ON config
    - bpf: arsh is not supported in 32 bit alu thus reject it
    - bpf: avoid false sharing of map refcount with max_entries
    - bpf: fix divides by zero
    - bpf: fix 32-bit divide by zero
    - bpf: reject stores into ctx via st and xadd
    - x86/pti: Make unpoison of pgd for trusted boot work for real
    - kaiser: fix intel_bts perf crashes
    - ALSA: seq: Make ioctls race-free
    - crypto: aesni - handle zero length dst buffer
    - crypto: af_alg - whitelist mask and type
    - power: reset: zx-reboot: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE
    - gpio: iop: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE
    - gpio: ath79: add missing MODULE_DESCRIPTION/LICENSE
    - mtd: nand: denali_pci: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE
    - igb: Free IRQs when device is hotplugged
    - KVM: x86: emulator: Return to user-mode on L1 CPL=0 emulation failure
    - KVM: x86: Don't re-execute instruction when not passing CR2 value
    - KVM: X86: Fix operand/address-size during instruction decoding
    - KVM: x86: ioapic: Fix level-triggered EOI and IOAPIC reconfigure race
    - KVM: x86: ioapic: Clear Remote IRR when entry is switched to edge-triggered
    - KVM: x86: ioapic: Preserve read-only values in the redirection table
    - ACPI / bus: Leave modalias empty for devices which are not present
    - cpufreq: Add Loongson machine dependencies
    - bcache: check return value of register_shrinker
    - drm/amdgpu: Fix SDMA load/unload sequence on HWS disabled mode
    - drm/amdkfd: Fix SDMA ring buffer size calculation
    - drm/amdkfd: Fix SDMA oversubsription handling
    - openvswitch: fix the incorrect flow action alloc size
    - mac80211: fix the update of path metric for RANN frame
    - btrfs: fix deadlock when writing out space cache
    - KVM: VMX: Fix rflags cache during vCPU reset
    - xen-netfront: remove warning when unloading module
    - nfsd: CLOSE SHOULD return the invalid special stateid for NFSv4.x (x>0)
    - nfsd: Ensure we check stateid validity in the seqid operation checks
    - grace: replace BUG_ON by WARN_ONCE in exit_net hook
    - nfsd: check for use of the closed special stateid
    - lockd: fix "list_add double add" caused by legacy signal interface
    - hwmon: (pmbus) Use 64bit math for DIRECT format values
    - powerpc/ppc64el -- Remove ll_temac module from 64-bit builds
    - net: ethernet: xilinx: Mark XILINX_LL_TEMAC broken on 64-bit
    - quota: Check for register_shrinker() failure.
    - SUNRPC: Allow connect to return EHOSTUNREACH
    - kmemleak: add scheduling point to kmemleak_scan()
    - drm/omap: Fix error handling path in 'omap_dmm_probe()'
    - xfs: ubsan fixes
    - scsi: aacraid: Prevent crash in case of free interrupt during scsi EH path
    - scsi: ufs: ufshcd: fix potential NULL pointer dereference in
      ufshcd_config_vreg
    - media: usbtv: add a new usbid
    - usb: gadget: don't dereference g until after it has been null checked
    - staging: rtl8188eu: Fix incorrect response to SIOCGIWESSID
    - usb: option: Add support for FS040U modem
    - USB: serial: pl2303: new device id for Chilitag
    - USB: cdc-acm: Do not log urb submission errors on disconnect
    - CDC-ACM: apply quirk for card reader
    - USB: serial: io_edgeport: fix possible sleep-in-atomic
    - usbip: prevent bind loops on devices attached to vhci_hcd
    - usbip: list: don't list devices attached to vhci_hcd
    - USB: serial: simple: add Motorola Tetra driver
    - usb: f_fs: Prevent gadget unbind if it is already unbound
    - usb: uas: unconditionally bring back host after reset
    - selinux: general protection fault in sock_has_perm
    - serial: imx: Only wakeup via RTSDEN bit if the system has RTS/CTS
    - spi: imx: do not access registers while clocks disabled
    - Linux 4.4.115

  * retpoline: ignore %cs:0xNNN constant indirections (LP: #1752655)
    - [Packaging] retpoline -- elide %cs:0xNNNN constants on i386

 -- Kleber Sacilotto de Souza <email address hidden>  Fri, 06 Apr 2018 08:35:46 +0200
Superseded in trusty-security on 2018-04-23
Superseded in trusty-updates on 2018-04-23
Deleted in trusty-proposed (Reason: moved to -updates)
linux-lts-xenial (4.4.0-119.143~14.04.1) trusty; urgency=medium

  * linux-lts-xenial: 4.4.0-119.143~14.04.1 -proposed tracker (LP: #1760641)

  * linux: 4.4.0-119.143 -proposed tracker (LP: #1760327)

  * Dell XPS 13 9360 bluetooth scan can not detect any device (LP: #1759821)
    - Revert "Bluetooth: btusb: fix QCA Rome suspend/resume"

Deleted in trusty-proposed on 2018-04-04 (Reason: NBS)
linux-lts-xenial (4.4.0-117.141~14.04.1) trusty; urgency=medium

  * linux-lts-xenial: 4.4.0-117.141~14.04.1 -proposed tracker (LP: #1755209)

  * linux: 4.4.0-117.141 -proposed tracker (LP: #1755208)

  * Xenial update to 4.4.114 stable release (LP: #1754592)
    - x86/asm/32: Make sync_core() handle missing CPUID on all 32-bit kernels
    - usbip: prevent vhci_hcd driver from leaking a socket pointer address
    - usbip: Fix implicit fallthrough warning
    - usbip: Fix potential format overflow in userspace tools
    - x86/microcode/intel: Fix BDW late-loading revision check
    - x86/retpoline: Fill RSB on context switch for affected CPUs
    - sched/deadline: Use the revised wakeup rule for suspending constrained dl
      tasks
    - can: af_can: can_rcv(): replace WARN_ONCE by pr_warn_once
    - can: af_can: canfd_rcv(): replace WARN_ONCE by pr_warn_once
    - PM / sleep: declare __tracedata symbols as char[] rather than char
    - time: Avoid undefined behaviour in ktime_add_safe()
    - timers: Plug locking race vs. timer migration
    - Prevent timer value 0 for MWAITX
    - drivers: base: cacheinfo: fix x86 with CONFIG_OF enabled
    - drivers: base: cacheinfo: fix boot error message when acpi is enabled
    - PCI: layerscape: Add "fsl,ls2085a-pcie" compatible ID
    - PCI: layerscape: Fix MSG TLP drop setting
    - mmc: sdhci-of-esdhc: add/remove some quirks according to vendor version
    - fs/select: add vmalloc fallback for select(2)
    - hwpoison, memcg: forcibly uncharge LRU pages
    - cma: fix calculation of aligned offset
    - mm, page_alloc: fix potential false positive in __zone_watermark_ok
    - ipc: msg, make msgrcv work with LONG_MIN
    - x86/ioapic: Fix incorrect pointers in ioapic_setup_resources()
    - ACPI / processor: Avoid reserving IO regions too early
    - ACPI / scan: Prefer devices without _HID/_CID for _ADR matching
    - ACPICA: Namespace: fix operand cache leak
    - netfilter: x_tables: speed up jump target validation
    - netfilter: arp_tables: fix invoking 32bit "iptable -P INPUT ACCEPT" failed
      in 64bit kernel
    - netfilter: nf_dup_ipv6: set again FLOWI_FLAG_KNOWN_NH at flowi6_flags
    - netfilter: nf_ct_expect: remove the redundant slash when policy name is
      empty
    - netfilter: nfnetlink_queue: reject verdict request from different portid
    - netfilter: restart search if moved to other chain
    - netfilter: nf_conntrack_sip: extend request line validation
    - netfilter: use fwmark_reflect in nf_send_reset
    - ext2: Don't clear SGID when inheriting ACLs
    - reiserfs: fix race in prealloc discard
    - reiserfs: don't preallocate blocks for extended attributes
    - reiserfs: Don't clear SGID when inheriting ACLs
    - fs/fcntl: f_setown, avoid undefined behaviour
    - scsi: libiscsi: fix shifting of DID_REQUEUE host byte
    - Input: trackpoint - force 3 buttons if 0 button is reported
    - usb: usbip: Fix possible deadlocks reported by lockdep
    - usbip: fix stub_rx: get_pipe() to validate endpoint number
    - usbip: fix stub_rx: harden CMD_SUBMIT path to handle malicious input
    - usbip: prevent leaking socket pointer address in messages
    - um: link vmlinux with -no-pie
    - vsyscall: Fix permissions for emulate mode with KAISER/PTI
    - eventpoll.h: add missing epoll event masks
    - x86/microcode/intel: Extend BDW late-loading further with LLC size check
    - hrtimer: Reset hrtimer cpu base proper on CPU hotplug
    - dccp: don't restart ccid2_hc_tx_rto_expire() if sk in closed state
    - ipv6: Fix getsockopt() for sockets with default IPV6_AUTOFLOWLABEL
    - ipv6: fix udpv6 sendmsg crash caused by too small MTU
    - ipv6: ip6_make_skb() needs to clear cork.base.dst
    - lan78xx: Fix failure in USB Full Speed
    - net: igmp: fix source address check for IGMPv3 reports
    - tcp: __tcp_hdrlen() helper
    - net: qdisc_pkt_len_init() should be more robust
    - pppoe: take ->needed_headroom of lower device into account on xmit
    - r8169: fix memory corruption on retrieval of hardware statistics.
    - sctp: do not allow the v4 socket to bind a v4mapped v6 address
    - sctp: return error if the asoc has been peeled off in sctp_wait_for_sndbuf
    - vmxnet3: repair memory leak
    - net: Allow neigh contructor functions ability to modify the primary_key
    - ipv4: Make neigh lookup keys for loopback/point-to-point devices be
      INADDR_ANY
    - flow_dissector: properly cap thoff field
    - net: tcp: close sock if net namespace is exiting
    - nfsd: auth: Fix gid sorting when rootsquash enabled
    - Linux 4.4.114

  * Xenial update to 4.4.113 stable release (LP: #1754375)
    - gcov: disable for COMPILE_TEST
    - scsi: sg: disable SET_FORCE_LOW_DMA
    - futex: Prevent overflow by strengthen input validation
    - ALSA: pcm: Remove yet superfluous WARN_ON()
    - ALSA: hda - Apply headphone noise quirk for another Dell XPS 13 variant
    - ALSA: hda - Apply the existing quirk to iMac 14,1
    - af_key: fix buffer overread in verify_address_len()
    - af_key: fix buffer overread in parse_exthdrs()
    - scsi: hpsa: fix volume offline state
    - sched/deadline: Zero out positive runtime after throttling constrained tasks
    - pipe: avoid round_pipe_size() nr_pages overflow on 32-bit
    - x86/apic/vector: Fix off by one in error path
    - Input: 88pm860x-ts - fix child-node lookup
    - Input: twl6040-vibra - fix DT node memory management
    - Input: twl6040-vibra - fix child-node lookup
    - Input: twl4030-vibra - fix sibling-node lookup
    - tracing: Fix converting enum's from the map in trace_event_eval_update()
    - phy: work around 'phys' references to usb-nop-xceiv devices
    - ARM: dts: kirkwood: fix pin-muxing of MPP7 on OpenBlocks A7
    - can: peak: fix potential bug in packet fragmentation
    - dm btree: fix serious bug in btree_split_beneath()
    - dm thin metadata: THIN_MAX_CONCURRENT_LOCKS should be 6
    - arm64: KVM: Fix SMCCC handling of unimplemented SMC/HVC calls
    - kbuild: modversions for EXPORT_SYMBOL() for asm
    - x86/pti: Document fix wrong index
    - MIPS: AR7: ensure the port type's FCR value is used
    - Linux 4.4.113

  * Xenial update to 4.4.113 stable release (LP: #1754375) // CVE-2017-5753
    (Spectre v1 Intel -> upstream)
    - Revert "x86/cpu/AMD: Make the LFENCE instruction serialized"
    - x86/cpu/AMD: Make LFENCE a serializing instruction
    - x86/cpu/AMD: Use LFENCE_RDTSC in preference to MFENCE_RDTSC

  * i2c-thunderx: erroneous error message "unhandled state: 0" (LP: #1754076)
    - i2c: octeon: Prevent error message on bus error

  * qeth: fix calculation of required buffer elements for skb (LP: #1750810)
    - s390/qeth: fix underestimated count of buffer elements

  * Support rfkill-any led trigger for Fujitsu u727 (LP: #1745130)
    - rfkill: Add rfkill-any LED trigger

  * Redpine: Sometimes Wi-Fi connection shows "unavailable" after resume from
    WoWLAN S4. WLAN can be recover after reboot or reloading WIFI driver.
    (LP: #1753438) // Redpine: BLE scanning for nearby beacons per second is too
    low and result high loss rate. (LP: #1753439)
    - SAUCE: Redpine: resolve race while resuming from S4
    - SAUCE: Redpine: Fix card write failure issue at S4 restore
    - SAUCE: Redpine: Add deep sleep enable before connection
    - SAUCE: Redpine: resolve power save issue after S4 resume

  * qeth: check not more than 16 SBALEs on the completion queue (LP: #1750568)
    - qeth: check not more than 16 SBALEs on the completion queue

  * qeth: fix L3 next-hop im xmit qeth hdr (LP: #1750813)
    - s390/qeth: fix L3 next-hop in xmit qeth hdr

  * qemu-efi-aarch64 in >= artful can't boot xenial cloud images (LP: #1744754)
    - irqchip/gic-v3: Refactor gic_of_init() for GICv3 driver
    - irqchip/gic-v3: Add ACPI support for GICv3/4 initialization
    - irqchip/gic-v3: ACPI: Add redistributor support via GICC structures
    - irqchip/gic-v3: Remove gic_root_node variable from the ITS code
    - irqchip/gic-v3-its: Mark its_init() and its children as __init
    - ACPICA: Headers: Add new constants for the DBG2 ACPI table
    - of/serial: move earlycon early_param handling to serial
    - ACPI: parse SPCR and enable matching console
    - [Config] CONFIG_ACPI_SPCR_TABLE=y
    - ARM64: ACPI: enable ACPI_SPCR_TABLE
    - serial: pl011: add console matching function

  * OOM and High CPU utilization in update_blocked_averages because of too many
    cfs_rqs in rq->leaf_cfs_rq_list (LP: #1747896)
    - sched/fair: Fix O(nr_cgroups) in load balance path

  * linux-tools: perf incorrectly linking libbfd (LP: #1748922)
    - SAUCE: tools -- add ability to disable libbfd
    - [Packaging] correct disablement of libbfd

  * retpoline abi files are empty on i386 (LP: #1751021)
    - [Packaging] retpoline-extract -- instantiate retpoline files for i386
    - [Packaging] final-checks -- sanity checking ABI contents
    - [Packaging] final-checks -- check for empty retpoline files

  * bnx2x_attn_int_deasserted3:4323 MC assert! (LP: #1715519) //
    CVE-2018-1000026
    - net: create skb_gso_validate_mac_len()
    - bnx2x: disable GSO where gso_size is too big for hardware

  * CVE-2017-17448
    - netfilter: nfnetlink_cthelper: Add missing permission checks

  * TB16 dock ethernet corrupts data with hw checksum silently failing
    (LP: #1729674)
    - r8152: disable RX aggregation on Dell TB16 dock

  * linux < 4.8: x-netns vti is broken (LP: #1744078)
    - net: l3mdev: Add master device lookup by index
    - xfrm: Only add l3mdev oif to dst lookups

  * Xenial update to 4.4.112 stable release (LP: #1745266)
    - dm bufio: fix shrinker scans when (nr_to_scan < retain_target)
    - can: gs_usb: fix return value of the "set_bittiming" callback
    - IB/srpt: Disable RDMA access by the initiator
    - MIPS: Validate PR_SET_FP_MODE prctl(2) requests against the ABI of the task
    - MIPS: Factor out NT_PRFPREG regset access helpers
    - MIPS: Guard against any partial write attempt with PTRACE_SETREGSET
    - MIPS: Consistently handle buffer counter with PTRACE_SETREGSET
    - MIPS: Fix an FCSR access API regression with NT_PRFPREG and MSA
    - MIPS: Also verify sizeof `elf_fpreg_t' with PTRACE_SETREGSET
    - MIPS: Disallow outsized PTRACE_SETREGSET NT_PRFPREG regset accesses
    - net/mac80211/debugfs.c: prevent build failure with CONFIG_UBSAN=y
    - x86/vsdo: Fix build on PARAVIRT_CLOCK=y, KVM_GUEST=n
    - x86/acpi: Handle SCI interrupts above legacy space gracefully
    - iommu/arm-smmu-v3: Don't free page table ops twice
    - ALSA: pcm: Remove incorrect snd_BUG_ON() usages
    - ALSA: pcm: Add missing error checks in OSS emulation plugin builder
    - ALSA: pcm: Abort properly at pending signal in OSS read/write loops
    - ALSA: pcm: Allow aborting mutex lock at OSS read/write loops
    - ALSA: aloop: Release cable upon open error path
    - ALSA: aloop: Fix inconsistent format due to incomplete rule
    - ALSA: aloop: Fix racy hw constraints adjustment
    - x86/acpi: Reduce code duplication in mp_override_legacy_irq()
    - mm/compaction: fix invalid free_pfn and compact_cached_free_pfn
    - mm/compaction: pass only pageblock aligned range to pageblock_pfn_to_page
    - mm/page-writeback: fix dirty_ratelimit calculation
    - mm/zswap: use workqueue to destroy pool
    - zswap: don't param_set_charp while holding spinlock
    - locks: don't check for race with close when setting OFD lock
    - futex: Replace barrier() in unqueue_me() with READ_ONCE()
    - locking/mutex: Allow next waiter lockless wakeup
    - usbvision fix overflow of interfaces array
    - usb: musb: ux500: Fix NULL pointer dereference at system PM
    - r8152: fix the wake event
    - r8152: use test_and_clear_bit
    - r8152: adjust ALDPS function
    - lan78xx: use skb_cow_head() to deal with cloned skbs
    - sr9700: use skb_cow_head() to deal with cloned skbs
    - smsc75xx: use skb_cow_head() to deal with cloned skbs
    - cx82310_eth: use skb_cow_head() to deal with cloned skbs
    - x86/mm/pat, /dev/mem: Remove superfluous error message
    - hwrng: core - sleep interruptible in read
    - sysrq: Fix warning in sysrq generated crash.
    - xhci: Fix ring leak in failure path of xhci_alloc_virt_device()
    - Revert "userfaultfd: selftest: vm: allow to build in vm/ directory"
    - x86/pti/efi: broken conversion from efi to kernel page table
    - 8021q: fix a memory leak for VLAN 0 device
    - ip6_tunnel: disable dst caching if tunnel is dual-stack
    - net: core: fix module type in sock_diag_bind
    - RDS: Heap OOB write in rds_message_alloc_sgs()
    - sh_eth: fix TSU resource handling
    - sh_eth: fix SH7757 GEther initialization
    - net: stmmac: enable EEE in MII, GMII or RGMII only
    - ipv6: fix possible mem leaks in ipv6_make_skb()
    - crypto: algapi - fix NULL dereference in crypto_remove_spawns()
    - rbd: set max_segments to USHRT_MAX
    - x86/microcode/intel: Extend BDW late-loading with a revision check
    - KVM: x86: Add memory barrier on vmcs field lookup
    - drm/vmwgfx: Potential off by one in vmw_view_add()
    - kaiser: Set _PAGE_NX only if supported
    - bpf: don't (ab)use instructions to store state
    - bpf: move fixup_bpf_calls() function
    - bpf: refactor fixup_bpf_calls()
    - bpf: adjust insn_aux_data when patching insns
    - bpf: prevent out-of-bounds speculation
    - bpf, array: fix overflow in max_entries and undefined behavior in index_mask
    - iscsi-target: Make TASK_REASSIGN use proper se_cmd->cmd_kref
    - target: Avoid early CMD_T_PRE_EXECUTE failures during ABORT_TASK
    - USB: serial: cp210x: add IDs for LifeScan OneTouch Verio IQ
    - USB: serial: cp210x: add new device ID ELV ALC 8xxx
    - usb: misc: usb3503: make sure reset is low for at least 100us
    - USB: fix usbmon BUG trigger
    - usbip: remove kernel addresses from usb device and urb debug msgs
    - staging: android: ashmem: fix a race condition in ASHMEM_SET_SIZE ioctl
    - Bluetooth: Prevent stack info leak from the EFS element.
    - uas: ignore UAS for Norelsys NS1068(X) chips
    - e1000e: Fix e1000_check_for_copper_link_ich8lan return value.
    - x86/Documentation: Add PTI description
    - sysfs/cpu: Fix typos in vulnerability documentation
    - x86/alternatives: Fix optimize_nops() checking
    - selftests/x86: Add test_vsyscall
    - Linux 4.4.112

  * Xenial update to 4.4.111 stable release (LP: #1745263)
    - x86/kasan: Write protect kasan zero shadow
    - kernel/acct.c: fix the acct->needcheck check in check_free_space()
    - crypto: n2 - cure use after free
    - crypto: chacha20poly1305 - validate the digest size
    - crypto: pcrypt - fix freeing pcrypt instances
    - sunxi-rsb: Include OF based modalias in device uevent
    - fscache: Fix the default for fscache_maybe_release_page()
    - kernel: make groups_sort calling a responsibility group_info allocators
    - kernel/signal.c: protect the traced SIGNAL_UNKILLABLE tasks from SIGKILL
    - kernel/signal.c: protect the SIGNAL_UNKILLABLE tasks from !sig_kernel_only()
      signals
    - kernel/signal.c: remove the no longer needed SIGNAL_UNKILLABLE check in
      complete_signal()
    - ARC: uaccess: dont use "l" gcc inline asm constraint modifier
    - parisc: Fix alignment of pa_tlb_lock in assembly on 32-bit SMP kernel
    - genksyms: Handle string literals with spaces in reference files
    - module: Issue warnings when tainting kernel
    - proc: much faster /proc/vmstat
    - Fix build error in vma.c
    - Linux 4.4.111

  * x86/net/bpf: return statement missing value (LP: #1745364)
    - SAUCE: (no-up) arch/x86/bpf: Fix missed return statement

  * Ubuntu 16.04 - s390/cpuinfo: show facilities as reported by stfle
    (LP: #1744736)
    - s390/bitops: add for_each_set_bit_inv helper
    - s390/cpuinfo: show facilities as reported by stfle

  * Xenial update to 4.4.110 stable release (LP: #1745071)
    - KPTI: Rename to PAGE_TABLE_ISOLATION
    - SAUCE: Replace CONFIG_KAISER with CONFIG_PAGE_TABLE_ISOLATION
    - Linux 4.4.110

  * Xenial update to 4.4.109 stable release (LP: #1745069)
    - ACPI: APEI / ERST: Fix missing error handling in erst_reader()
    - crypto: mcryptd - protect the per-CPU queue with a lock
    - mfd: cros ec: spi: Don't send first message too soon
    - mfd: twl4030-audio: Fix sibling-node lookup
    - mfd: twl6040: Fix child-node lookup
    - ALSA: rawmidi: Avoid racy info ioctl via ctl device
    - ALSA: usb-audio: Fix the missing ctl name suffix at parsing SU
    - PCI / PM: Force devices to D0 in pci_pm_thaw_noirq()
    - parisc: Hide Diva-built-in serial aux and graphics card
    - spi: xilinx: Detect stall with Unknown commands
    - KVM: X86: Fix load RFLAGS w/o the fixed bit
    - powerpc/perf: Dereference BHRB entries safely
    - net: mvneta: clear interface link status on port disable
    - tracing: Remove extra zeroing out of the ring buffer page
    - tracing: Fix possible double free on failure of allocating trace buffer
    - tracing: Fix crash when it fails to alloc ring buffer
    - ring-buffer: Mask out the info bits when returning buffer page length
    - iw_cxgb4: Only validate the MSN for successful completions
    - ASoC: fsl_ssi: AC'97 ops need regmap, clock and cleaning up on failure
    - ASoC: twl4030: fix child-node lookup
    - ALSA: hda: Drop useless WARN_ON()
    - ALSA: hda - fix headset mic detection issue on a Dell machine
    - x86/vm86/32: Switch to flush_tlb_mm_range() in mark_screen_rdonly()
    - x86/mm: Remove flush_tlb() and flush_tlb_current_task()
    - x86/mm: Make flush_tlb_mm_range() more predictable
    - x86/mm: Reimplement flush_tlb_page() using flush_tlb_mm_range()
    - x86/mm: Remove the UP asm/tlbflush.h code, always use the (formerly) SMP
      code
    - x86/mm: Add the 'nopcid' boot option to turn off PCID
    - x86/mm/64: Fix reboot interaction with CR4.PCIDE
    - kbuild: add '-fno-stack-check' to kernel build options
    - ipv4: igmp: guard against silly MTU values
    - ipv6: mcast: better catch silly mtu values
    - net: igmp: Use correct source address on IGMPv3 reports
    - netlink: Add netns check on taps
    - net: qmi_wwan: add Sierra EM7565 1199:9091
    - net: reevalulate autoflowlabel setting after sysctl setting
    - tcp md5sig: Use skb's saddr when replying to an incoming segment
    - tg3: Fix rx hang on MTU change with 5717/5719
    - net: mvmdio: disable/unprepare clocks in EPROBE_DEFER case
    - sctp: Replace use of sockets_allocated with specified macro.
    - ipv4: Fix use-after-free when flushing FIB tables
    - net: bridge: fix early call to br_stp_change_bridge_id and plug newlink
      leaks
    - net: phy: micrel: ksz9031: reconfigure autoneg after phy autoneg workaround
    - sock: free skb in skb_complete_tx_timestamp on error
    - usbip: fix usbip bind writing random string after command in match_busid
    - usbip: stub: stop printing kernel pointer addresses in messages
    - usbip: vhci: stop printing kernel pointer addresses in messages
    - USB: serial: ftdi_sio: add id for Airbus DS P8GR
    - USB: serial: qcserial: add Sierra Wireless EM7565
    - USB: serial: option: add support for Telit ME910 PID 0x1101
    - USB: serial: option: adding support for YUGA CLM920-NC5
    - usb: Add device quirk for Logitech HD Pro Webcam C925e
    - usb: add RESET_RESUME for ELSA MicroLink 56K
    - USB: Fix off by one in type-specific length check of BOS SSP capability
    - usb: xhci: Add XHCI_TRUST_TX_LENGTH for Renesas uPD720201
    - nohz: Prevent a timer interrupt storm in tick_nohz_stop_sched_tick()
    - x86/smpboot: Remove stale TLB flush invocations
    - n_tty: fix EXTPROC vs ICANON interaction with TIOCINQ (aka FIONREAD)
    - mm/vmstat: Make NR_TLB_REMOTE_FLUSH_RECEIVED available even on UP
    - Linux 4.4.109

  * Xenial update to 4.4.108 stable release (LP: #1745054)
    - arm64: Initialise high_memory global variable earlier
    - cxl: Check if vphb exists before iterating over AFU devices
    - x86/mm: Fix INVPCID asm constraint
    - x86/mm: Add a 'noinvpcid' boot option to turn off INVPCID
    - mm/rmap: batched invalidations should use existing api
    - mm/mmu_context, sched/core: Fix mmu_context.h assumption
    - sched/core: Add switch_mm_irqs_off() and use it in the scheduler
    - x86/mm, sched/core: Turn off IRQs in switch_mm()
    - ARM: Hide finish_arch_post_lock_switch() from modules
    - sched/core: Idle_task_exit() shouldn't use switch_mm_irqs_off()
    - x86/irq: Do not substract irq_tlb_count from irq_call_count
    - ALSA: hda - add support for docking station for HP 820 G2
    - ALSA: hda - add support for docking station for HP 840 G3
    - arm: kprobes: Fix the return address of multiple kretprobes
    - arm: kprobes: Align stack to 8-bytes in test code
    - cpuidle: Validate cpu_dev in cpuidle_add_sysfs()
    - crypto: deadlock between crypto_alg_sem/rtnl_mutex/genl_mutex
    - sch_dsmark: fix invalid skb_cow() usage
    - bna: integer overflow bug in debugfs
    - net: qmi_wwan: Add USB IDs for MDM6600 modem on Motorola Droid 4
    - usb: gadget: f_uvc: Sanity check wMaxPacketSize for SuperSpeed
    - usb: gadget: udc: remove pointer dereference after free
    - netfilter: nfnl_cthelper: fix runtime expectation policy updates
    - netfilter: nfnl_cthelper: Fix memory leak
    - inet: frag: release spinlock before calling icmp_send()
    - pinctrl: st: add irq_request/release_resources callbacks
    - scsi: lpfc: Fix PT2PT PRLI reject
    - KVM: x86: correct async page present tracepoint
    - KVM: VMX: Fix enable VPID conditions
    - ARM: dts: ti: fix PCI bus dtc warnings
    - hwmon: (asus_atk0110) fix uninitialized data access
    - HID: xinmo: fix for out of range for THT 2P arcade controller.
    - r8152: prevent the driver from transmitting packets with carrier off
    - s390/qeth: no ETH header for outbound AF_IUCV
    - bna: avoid writing uninitialized data into hw registers
    - net: Do not allow negative values for busy_read and busy_poll sysctl
      interfaces
    - i40e: Do not enable NAPI on q_vectors that have no rings
    - RDMA/iser: Fix possible mr leak on device removal event
    - irda: vlsi_ir: fix check for DMA mapping errors
    - netfilter: nfnl_cthelper: fix a race when walk the nf_ct_helper_hash table
    - netfilter: nf_nat_snmp: Fix panic when snmp_trap_helper fails to register
    - ARM: dts: am335x-evmsk: adjust mmc2 param to allow suspend
    - KVM: pci-assign: do not map smm memory slot pages in vt-d page tables
    - isdn: kcapi: avoid uninitialized data
    - xhci: plat: Register shutdown for xhci_plat
    - netfilter: nfnetlink_queue: fix secctx memory leak
    - ARM: dma-mapping: disallow dma_get_sgtable() for non-kernel managed memory
    - cpuidle: powernv: Pass correct drv->cpumask for registration
    - bnxt_en: Fix NULL pointer dereference in reopen failure path
    - backlight: pwm_bl: Fix overflow condition
    - crypto: crypto4xx - increase context and scatter ring buffer elements
    - rtc: pl031: make interrupt optional
    - net: phy: at803x: Change error to EINVAL for invalid MAC
    - PCI: Avoid bus reset if bridge itself is broken
    - scsi: cxgb4i: fix Tx skb leak
    - scsi: mpt3sas: Fix IO error occurs on pulling out a drive from RAID1 volume
      created on two SATA drive
    - PCI: Create SR-IOV virtfn/physfn links before attaching driver
    - igb: check memory allocation failure
    - ixgbe: fix use of uninitialized padding
    - PCI/AER: Report non-fatal errors only to the affected endpoint
    - scsi: lpfc: Fix secure firmware updates
    - scsi: lpfc: PLOGI failures during NPIV testing
    - fm10k: ensure we process SM mbx when processing VF mbx
    - tcp: fix under-evaluated ssthresh in TCP Vegas
    - rtc: set the alarm to the next expiring timer
    - cpuidle: fix broadcast control when broadcast can not be entered
    - thermal: hisilicon: Handle return value of clk_prepare_enable
    - MIPS: math-emu: Fix final emulation phase for certain instructions
    - Revert "Bluetooth: btusb: driver to enable the usb-wakeup feature"
    - ALSA: hda - Clear the leftover component assignment at snd_hdac_i915_exit()
    - ALSA: hda - Degrade i915 binding failure message
    - ALSA: hda - Fix yet another i915 pointer leftover in error path
    - alpha: fix build failures
    - Linux 4.4.108

  * Xenial update to 4.4.107 stable release (LP: #1745052)
    - crypto: hmac - require that the underlying hash algorithm is unkeyed
    - crypto: salsa20 - fix blkcipher_walk API usage
    - autofs: fix careless error in recent commit
    - tracing: Allocate mask_str buffer dynamically
    - USB: uas and storage: Add US_FL_BROKEN_FUA for another JMicron JMS567 ID
    - USB: core: prevent malicious bNumInterfaces overflow
    - usbip: fix stub_send_ret_submit() vulnerability to null transfer_buffer
    - ceph: drop negative child dentries before try pruning inode's alias
    - Bluetooth: btusb: driver to enable the usb-wakeup feature
    - xhci: Don't add a virt_dev to the devs array before it's fully allocated
    - sched/rt: Do not pull from current CPU if only one CPU to pull
    - dmaengine: dmatest: move callback wait queue to thread context
    - ext4: fix fdatasync(2) after fallocate(2) operation
    - ext4: fix crash when a directory's i_size is too small
    - KEYS: add missing permission check for request_key() destination
    - mac80211: Fix addition of mesh configuration element
    - usb: phy: isp1301: Add OF device ID table
    - md-cluster: free md_cluster_info if node leave cluster
    - userfaultfd: shmem: __do_fault requires VM_FAULT_NOPAGE
    - userfaultfd: selftest: vm: allow to build in vm/ directory
    - net: initialize msg.msg_flags in recvfrom
    - net: bcmgenet: correct the RBUF_OVFL_CNT and RBUF_ERR_CNT MIB values
    - net: bcmgenet: correct MIB access of UniMAC RUNT counters
    - net: bcmgenet: reserved phy revisions must be checked first
    - net: bcmgenet: power down internal phy if open or resume fails
    - net: bcmgenet: Power up the internal PHY before probing the MII
    - NFSD: fix nfsd_minorversion(.., NFSD_AVAIL)
    - NFSD: fix nfsd_reset_versions for NFSv4.
    - Input: i8042 - add TUXEDO BU1406 (N24_25BU) to the nomux list
    - drm/omap: fix dmabuf mmap for dma_alloc'ed buffers
    - netfilter: bridge: honor frag_max_size when refragmenting
    - writeback: fix memory leak in wb_queue_work()
    - net: wimax/i2400m: fix NULL-deref at probe
    - dmaengine: Fix array index out of bounds warning in __get_unmap_pool()
    - net: Resend IGMP memberships upon peer notification.
    - mlxsw: reg: Fix SPVM max record count
    - mlxsw: reg: Fix SPVMLR max record count
    - intel_th: pci: Add Gemini Lake support
    - openrisc: fix issue handling 8 byte get_user calls
    - scsi: hpsa: update check for logical volume status
    - scsi: hpsa: limit outstanding rescans
    - fjes: Fix wrong netdevice feature flags
    - drm/radeon/si: add dpm quirk for Oland
    - sched/deadline: Make sure the replenishment timer fires in the next period
    - sched/deadline: Throttle a constrained deadline task activated after the
      deadline
    - sched/deadline: Use deadline instead of period when calculating overflow
    - mmc: mediatek: Fixed bug where clock frequency could be set wrong
    - drm/radeon: reinstate oland workaround for sclk
    - afs: Fix missing put_page()
    - afs: Populate group ID from vnode status
    - afs: Adjust mode bits processing
    - afs: Flush outstanding writes when an fd is closed
    - afs: Migrate vlocation fields to 64-bit
    - afs: Prevent callback expiry timer overflow
    - afs: Fix the maths in afs_fs_store_data()
    - afs: Populate and use client modification time
    - afs: Fix page leak in afs_write_begin()
    - afs: Fix afs_kill_pages()
    - perf symbols: Fix symbols__fixup_end heuristic for corner cases
    - efi/esrt: Cleanup bad memory map log messages
    - NFSv4.1 respect server's max size in CREATE_SESSION
    - btrfs: add missing memset while reading compressed inline extents
    - target: Use system workqueue for ALUA transitions
    - target: fix ALUA transition timeout handling
    - target: fix race during implicit transition work flushes
    - sfc: don't warn on successful change of MAC
    - fbdev: controlfb: Add missing modes to fix out of bounds access
    - video: udlfb: Fix read EDID timeout
    - video: fbdev: au1200fb: Release some resources if a memory allocation fails
    - video: fbdev: au1200fb: Return an error code if a memory allocation fails
    - rtc: pcf8563: fix output clock rate
    - dmaengine: ti-dma-crossbar: Correct am335x/am43xx mux value type
    - PCI/PME: Handle invalid data when reading Root Status
    - powerpc/powernv/cpufreq: Fix the frequency read by /proc/cpuinfo
    - netfilter: ipvs: Fix inappropriate output of procfs
    - powerpc/opal: Fix EBUSY bug in acquiring tokens
    - powerpc/ipic: Fix status get and status clear
    - target/iscsi: Fix a race condition in iscsit_add_reject_from_cmd()
    - iscsi-target: fix memory leak in lio_target_tiqn_addtpg()
    - target:fix condition return in core_pr_dump_initiator_port()
    - target/file: Do not return error for UNMAP if length is zero
    - arm-ccn: perf: Prevent module unload while PMU is in use
    - crypto: tcrypt - fix buffer lengths in test_aead_speed()
    - mm: Handle 0 flags in _calc_vm_trans() macro
    - clk: mediatek: add the option for determining PLL source clock
    - clk: imx6: refine hdmi_isfr's parent to make HDMI work on i.MX6 SoCs w/o VPU
    - clk: tegra: Fix cclk_lp divisor register
    - ppp: Destroy the mutex when cleanup
    - thermal/drivers/step_wise: Fix temperature regulation misbehavior
    - GFS2: Take inode off order_write list when setting jdata flag
    - bcache: explicitly destroy mutex while exiting
    - bcache: fix wrong cache_misses statistics
    - l2tp: cleanup l2tp_tunnel_delete calls
    - xfs: fix log block underflow during recovery cycle verification
    - xfs: fix incorrect extent state in xfs_bmap_add_extent_unwritten_real
    - PCI: Detach driver before procfs & sysfs teardown on device remove
    - scsi: hpsa: cleanup sas_phy structures in sysfs when unloading
    - scsi: hpsa: destroy sas transport properties before scsi_host
    - powerpc/perf/hv-24x7: Fix incorrect comparison in memord
    - tty fix oops when rmmod 8250
    - usb: musb: da8xx: fix babble condition handling
    - pinctrl: adi2: Fix Kconfig build problem
    - raid5: Set R5_Expanded on parity devices as well as data.
    - scsi: scsi_devinfo: Add REPORTLUN2 to EMC SYMMETRIX blacklist entry
    - vt6655: Fix a possible sleep-in-atomic bug in vt6655_suspend
    - scsi: sd: change manage_start_stop to bool in sysfs interface
    - scsi: sd: change allow_restart to bool in sysfs interface
    - scsi: bfa: integer overflow in debugfs
    - udf: Avoid overflow when session starts at large offset
    - macvlan: Only deliver one copy of the frame to the macvlan interface
    - RDMA/cma: Avoid triggering undefined behavior
    - IB/ipoib: Grab rtnl lock on heavy flush when calling ndo_open/stop
    - ath9k: fix tx99 potential info leak
    - Linux 4.4.107

  * Xenial update to 4.4.106 stable release (LP: #1745047)
    - can: ti_hecc: Fix napi poll return value for repoll
    - can: kvaser_usb: free buf in error paths
    - can: kvaser_usb: Fix comparison bug in kvaser_usb_read_bulk_callback()
    - can: kvaser_usb: ratelimit errors if incomplete messages are received
    - can: kvaser_usb: cancel urb on -EPIPE and -EPROTO
    - can: ems_usb: cancel urb on -EPIPE and -EPROTO
    - can: esd_usb2: cancel urb on -EPIPE and -EPROTO
    - can: usb_8dev: cancel urb on -EPIPE and -EPROTO
    - virtio: release virtio index when fail to device_register
    - hv: kvp: Avoid reading past allocated blocks from KVP file
    - isa: Prevent NULL dereference in isa_bus driver callbacks
    - scsi: libsas: align sata_device's rps_resp on a cacheline
    - efi: Move some sysfs files to be read-only by root
    - ASN.1: fix out-of-bounds read when parsing indefinite length item
    - ASN.1: check for error from ASN1_OP_END__ACT actions
    - X.509: reject invalid BIT STRING for subjectPublicKey
    - x86/PCI: Make broadcom_postcore_init() check acpi_disabled
    - ALSA: pcm: prevent UAF in snd_pcm_info
    - ALSA: seq: Remove spurious WARN_ON() at timer check
    - ALSA: usb-audio: Fix out-of-bound error
    - ALSA: usb-audio: Add check return value for usb_string()
    - iommu/vt-d: Fix scatterlist offset handling
    - s390: fix compat system call table
    - kdb: Fix handling of kallsyms_symbol_next() return value
    - drm: extra printk() wrapper macros
    - drm/exynos: gem: Drop NONCONTIG flag for buffers allocated without IOMMU
    - media: dvb: i2c transfers over usb cannot be done from stack
    - arm64: KVM: fix VTTBR_BADDR_MASK BUG_ON off-by-one
    - KVM: VMX: remove I/O port 0x80 bypass on Intel hosts
    - arm64: fpsimd: Prevent registers leaking from dead tasks
    - ARM: BUG if jumping to usermode address in kernel mode
    - ARM: avoid faulting on qemu
    - thp: reduce indentation level in change_huge_pmd()
    - thp: fix MADV_DONTNEED vs. numa balancing race
    - mm: drop unused pmdp_huge_get_and_clear_notify()
    - Revert "drm/armada: Fix compile fail"
    - Revert "spi: SPI_FSL_DSPI should depend on HAS_DMA"
    - Revert "s390/kbuild: enable modversions for symbols exported from asm"
    - vti6: Don't report path MTU below IPV6_MIN_MTU.
    - ARM: OMAP2+: gpmc-onenand: propagate error on initialization failure
    - x86/hpet: Prevent might sleep splat on resume
    - selftest/powerpc: Fix false failures for skipped tests
    - module: set __jump_table alignment to 8
    - ARM: OMAP2+: Fix device node reference counts
    - ARM: OMAP2+: Release device node after it is no longer needed.
    - gpio: altera: Use handle_level_irq when configured as a level_high
    - HID: chicony: Add support for another ASUS Zen AiO keyboard
    - usb: gadget: configs: plug memory leak
    - USB: gadgetfs: Fix a potential memory leak in 'dev_config()'
    - kvm: nVMX: VMCLEAR should not cause the vCPU to shut down
    - libata: drop WARN from protocol error in ata_sff_qc_issue()
    - workqueue: trigger WARN if queue_delayed_work() is called with NULL @wq
    - scsi: lpfc: Fix crash during Hardware error recovery on SLI3 adapters
    - irqchip/crossbar: Fix incorrect type of register size
    - KVM: nVMX: reset nested_run_pending if the vCPU is going to be reset
    - arm: KVM: Survive unknown traps from guests
    - arm64: KVM: Survive unknown traps from guests
    - spi_ks8995: fix "BUG: key accdaa28 not in .data!"
    - bnx2x: prevent crash when accessing PTP with interface down
    - bnx2x: fix possible overrun of VFPF multicast addresses array
    - bnx2x: do not rollback VF MAC/VLAN filters we did not configure
    - ipv6: reorder icmpv6_init() and ip6_mr_init()
    - crypto: s5p-sss - Fix completing crypto request in IRQ handler
    - i2c: riic: fix restart condition
    - zram: set physical queue limits to avoid array out of bounds accesses
    - netfilter: don't track fragmented packets
    - axonram: Fix gendisk handling
    - drm/amd/amdgpu: fix console deadlock if late init failed
    - powerpc/powernv/ioda2: Gracefully fail if too many TCE levels requested
    - EDAC, i5000, i5400: Fix use of MTR_DRAM_WIDTH macro
    - EDAC, i5000, i5400: Fix definition of NRECMEMB register
    - kbuild: pkg: use --transform option to prefix paths in tar
    - mac80211_hwsim: Fix memory leak in hwsim_new_radio_nl()
    - route: also update fnhe_genid when updating a route cache
    - route: update fnhe_expires for redirect when the fnhe exists
    - lib/genalloc.c: make the avail variable an atomic_long_t
    - dynamic-debug-howto: fix optional/omitted ending line number to be LARGE
      instead of 0
    - NFS: Fix a typo in nfs_rename()
    - sunrpc: Fix rpc_task_begin trace point
    - block: wake up all tasks blocked in get_request()
    - sparc64/mm: set fields in deferred pages
    - sctp: do not free asoc when it is already dead in sctp_sendmsg
    - sctp: use the right sk after waking up from wait_buf sleep
    - atm: horizon: Fix irq release error
    - jump_label: Invoke jump_label_test() via early_initcall()
    - xfrm: Copy policy family in clone_policy
    - IB/mlx4: Increase maximal message size under UD QP
    - IB/mlx5: Assign send CQ and recv CQ of UMR QP
    - afs: Connect up the CB.ProbeUuid
    - ipvlan: fix ipv6 outbound device
    - audit: ensure that 'audit=1' actually enables audit for PID 1
    - ipmi: Stop timers before cleaning up the module
    - s390: always save and restore all registers on context switch
    - tipc: fix memory leak in tipc_accept_from_sock()
    - rds: Fix NULL pointer dereference in __rds_rdma_map
    - sit: update frag_off info
    - packet: fix crash in fanout_demux_rollover()
    - net/packet: fix a race in packet_bind() and packet_notifier()
    - Revert "x86/efi: Build our own page table structures"
    - Revert "x86/efi: Hoist page table switching code into efi_call_virt()"
    - Revert "x86/mm/pat: Ensure cpa->pfn only contains page frame numbers"
    - arm: KVM: Fix VTTBR_BADDR_MASK BUG_ON off-by-one
    - usb: gadget: ffs: Forbid usb_ep_alloc_request from sleeping
    - Linux 4.4.106

  * Xenial update to 4.4.105 stable release (LP: #1745046)
    - bcache: only permit to recovery read error when cache device is clean
    - bcache: recover data from backing when data is clean
    - uas: Always apply US_FL_NO_ATA_1X quirk to Seagate devices
    - usb: quirks: Add no-lpm quirk for KY-688 USB 3.1 Type-C Hub
    - serial: 8250_pci: Add Amazon PCI serial device ID
    - s390/runtime instrumentation: simplify task exit handling
    - USB: serial: option: add Quectel BG96 id
    - ima: fix hash algorithm initialization
    - s390/pci: do not require AIS facility
    - selftests/x86/ldt_get: Add a few additional tests for limits
    - serial: 8250_fintek: Fix rs485 disablement on invalid ioctl()
    - spi: sh-msiof: Fix DMA transfer size check
    - usb: phy: tahvo: fix error handling in tahvo_usb_probe()
    - serial: 8250: Preserve DLD[7:4] for PORT_XR17V35X
    - x86/entry: Use SYSCALL_DEFINE() macros for sys_modify_ldt()
    - EDAC, sb_edac: Fix missing break in switch
    - sysrq : fix Show Regs call trace on ARM
    - perf test attr: Fix ignored test case result
    - kprobes/x86: Disable preemption in ftrace-based jprobes
    - net: systemport: Utilize skb_put_padto()
    - net: systemport: Pad packet before inserting TSB
    - ARM: OMAP1: DMA: Correct the number of logical channels
    - vti6: fix device register to report IFLA_INFO_KIND
    - net/appletalk: Fix kernel memory disclosure
    - ravb: Remove Rx overflow log messages
    - nfs: Don't take a reference on fl->fl_file for LOCK operation
    - KVM: arm/arm64: Fix occasional warning from the timer work function
    - NFSv4: Fix client recovery when server reboots multiple times
    - drm/exynos/decon5433: set STANDALONE_UPDATE_F on output enablement
    - net: sctp: fix array overrun read on sctp_timer_tbl
    - tipc: fix cleanup at module unload
    - dmaengine: pl330: fix double lock
    - tcp: correct memory barrier usage in tcp_check_space()
    - mm: avoid returning VM_FAULT_RETRY from ->page_mkwrite handlers
    - xen-netfront: Improve error handling during initialization
    - net: fec: fix multicast filtering hardware setup
    - Revert "ocfs2: should wait dio before inode lock in ocfs2_setattr()"
    - usb: hub: Cycle HUB power when initialization fails
    - usb: xhci: fix panic in xhci_free_virt_devices_depth_first
    - usb: ch9: Add size macro for SSP dev cap descriptor
    - USB: core: Add type-specific length check of BOS descriptors
    - USB: Increase usbfs transfer limit
    - USB: devio: Prevent integer overflow in proc_do_submiturb()
    - USB: usbfs: Filter flags passed in from user space
    - usb: host: fix incorrect updating of offset
    - xen-netfront: avoid crashing on resume after a failure in talk_to_netback()
    - Linux 4.4.105

  * Xenial update to 4.4.104 stable release (LP: #1745043)
    - x86/mm/pat: Ensure cpa->pfn only contains page frame numbers
    - x86/efi: Hoist page table switching code into efi_call_virt()
    - x86/efi: Build our own page table structures
    - ARM: dts: omap3: logicpd-torpedo-37xx-devkit: Fix MMC1 cd-gpio
    - x86/efi-bgrt: Fix kernel panic when mapping BGRT data
    - x86/efi-bgrt: Replace early_memremap() with memremap()
    - mm/madvise.c: fix madvise() infinite loop under special circumstances
    - btrfs: clear space cache inode generation always
    - KVM: x86: pvclock: Handle first-time write to pvclock-page contains random
      junk
    - KVM: x86: Exit to user-mode on #UD intercept when emulator requires
    - KVM: x86: inject exceptions produced by x86_decode_insn
    - mmc: core: Do not leave the block driver in a suspended state
    - eeprom: at24: check at24_read/write arguments
    - bcache: Fix building error on MIPS
    - Revert "drm/radeon: dont switch vt on suspend"
    - drm/radeon: fix atombios on big endian
    - drm/panel: simple: Add missing panel_simple_unprepare() calls
    - mtd: nand: Fix writing mtdoops to nand flash.
    - NFS: revalidate "." etc correctly on "open".
    - drm/i915: Don't try indexed reads to alternate slave addresses
    - drm/i915: Prevent zero length "index" write
    - nfsd: Make init_open_stateid() a bit more whole
    - nfsd: Fix stateid races between OPEN and CLOSE
    - nfsd: Fix another OPEN stateid race
    - Linux 4.4.104

  * Xenial update to 4.4.103 stable release (LP: #1744873)
    - s390: fix transactional execution control register handling
    - s390/runtime instrumention: fix possible memory corruption
    - s390/disassembler: add missing end marker for e7 table
    - s390/disassembler: increase show_code buffer size
    - AF_VSOCK: Shrink the area influenced by prepare_to_wait
    - vsock: use new wait API for vsock_stream_sendmsg()
    - sched: Make resched_cpu() unconditional
    - lib/mpi: call cond_resched() from mpi_powm() loop
    - x86/decoder: Add new TEST instruction pattern
    - ARM: 8722/1: mm: make STRICT_KERNEL_RWX effective for LPAE
    - ARM: 8721/1: mm: dump: check hardware RO bit for LPAE
    - MIPS: ralink: Fix MT7628 pinmux
    - MIPS: ralink: Fix typo in mt7628 pinmux function
    - ALSA: hda: Add Raven PCI ID
    - dm bufio: fix integer overflow when limiting maximum cache size
    - dm: fix race between dm_get_from_kobject() and __dm_destroy()
    - MIPS: Fix an n32 core file generation regset support regression
    - MIPS: BCM47XX: Fix LED inversion for WRT54GSv1
    - autofs: don't fail mount for transient error
    - nilfs2: fix race condition that causes file system corruption
    - eCryptfs: use after free in ecryptfs_release_messaging()
    - bcache: check ca->alloc_thread initialized before wake up it
    - isofs: fix timestamps beyond 2027
    - NFS: Fix typo in nomigration mount option
    - nfs: Fix ugly referral attributes
    - nfsd: deal with revoked delegations appropriately
    - rtlwifi: rtl8192ee: Fix memory leak when loading firmware
    - rtlwifi: fix uninitialized rtlhal->last_suspend_sec time
    - ata: fixes kernel crash while tracing ata_eh_link_autopsy event
    - ext4: fix interaction between i_size, fallocate, and delalloc after a crash
    - ALSA: pcm: update tstamp only if audio_tstamp changed
    - ALSA: usb-audio: Add sanity checks to FE parser
    - ALSA: usb-audio: Fix potential out-of-bound access at parsing SU
    - ALSA: usb-audio: Add sanity checks in v2 clock parsers
    - ALSA: timer: Remove kernel warning at compat ioctl error paths
    - ALSA: hda/realtek - Fix ALC700 family no sound issue
    - fix a page leak in vhost_scsi_iov_to_sgl() error recovery
    - fs/9p: Compare qid.path in v9fs_test_inode
    - iscsi-target: Fix non-immediate TMR reference leak
    - target: Fix QUEUE_FULL + SCSI task attribute handling
    - KVM: nVMX: set IDTR and GDTR limits when loading L1 host state
    - KVM: SVM: obey guest PAT
    - SUNRPC: Fix tracepoint storage issues with svc_recv and svc_rqst_status
    - clk: ti: dra7-atl-clock: Fix of_node reference counting
    - clk: ti: dra7-atl-clock: fix child-node lookups
    - libnvdimm, namespace: fix label initialization to use valid seq numbers
    - libnvdimm, namespace: make 'resource' attribute only readable by root
    - IB/srpt: Do not accept invalid initiator port names
    - IB/srp: Avoid that a cable pull can trigger a kernel crash
    - NFC: fix device-allocation error return
    - i40e: Use smp_rmb rather than read_barrier_depends
    - igb: Use smp_rmb rather than read_barrier_depends
    - igbvf: Use smp_rmb rather than read_barrier_depends
    - ixgbevf: Use smp_rmb rather than read_barrier_depends
    - i40evf: Use smp_rmb rather than read_barrier_depends
    - fm10k: Use smp_rmb rather than read_barrier_depends
    - ixgbe: Fix skb list corruption on Power systems
    - parisc: Fix validity check of pointer size argument in new CAS
      implementation
    - powerpc/signal: Properly handle return value from uprobe_deny_signal()
    - media: Don't do DMA on stack for firmware upload in the AS102 driver
    - media: rc: check for integer overflow
    - cx231xx-cards: fix NULL-deref on missing association descriptor
    - media: v4l2-ctrl: Fix flags field on Control events
    - sched/rt: Simplify the IPI based RT balancing logic
    - fscrypt: lock mutex before checking for bounce page pool
    - net/9p: Switch to wait_event_killable()
    - PM / OPP: Add missing of_node_put(np)
    - e1000e: Fix error path in link detection
    - e1000e: Fix return value test
    - RDS: RDMA: return appropriate error on rdma map failures
    - PCI: Apply _HPX settings only to relevant devices
    - dmaengine: zx: set DMA_CYCLIC cap_mask bit
    - net: Allow IP_MULTICAST_IF to set index to L3 slave
    - net: 3com: typhoon: typhoon_init_one: make return values more specific
    - net: 3com: typhoon: typhoon_init_one: fix incorrect return values
    - drm/armada: Fix compile fail
    - ath10k: fix incorrect txpower set by P2P_DEVICE interface
    - ath10k: ignore configuring the incorrect board_id
    - ath10k: fix potential memory leak in ath10k_wmi_tlv_op_pull_fw_stats()
    - ath10k: set CTS protection VDEV param only if VDEV is up
    - ALSA: hda - Apply ALC269_FIXUP_NO_SHUTUP on HDA_FIXUP_ACT_PROBE
    - drm: Apply range restriction after color adjustment when allocation
    - mac80211: Remove invalid flag operations in mesh TSF synchronization
    - mac80211: Suppress NEW_PEER_CANDIDATE event if no room
    - iio: light: fix improper return value
    - staging: iio: cdc: fix improper return value
    - spi: SPI_FSL_DSPI should depend on HAS_DMA
    - netfilter: nft_queue: use raw_smp_processor_id()
    - netfilter: nf_tables: fix oob access
    - ASoC: rsnd: don't double free kctrl
    - btrfs: return the actual error value from from btrfs_uuid_tree_iterate
    - ASoC: wm_adsp: Don't overrun firmware file buffer when reading region data
    - s390/kbuild: enable modversions for symbols exported from asm
    - xen: xenbus driver must not accept invalid transaction ids
    - Revert "sctp: do not peel off an assoc from one netns to another one"
    - Linux 4.4.103

  * ppc64el: Do not call ibm,os-term on panic (LP: #1736954)
    - powerpc: Do not call ppc_md.panic in fadump panic notifier

  * Xenial update to 4.4.102 stable release (LP: #1744870)
    - mm, hwpoison: fixup "mm: check the return value of lookup_page_ext for all
      call sites"
    - Linux 4.4.102

  * Xenial update to 4.4.101 stable release (LP: #1744794)
    - tcp: do not mangle skb->cb[] in tcp_make_synack()
    - netfilter/ipvs: clear ipvs_property flag when SKB net namespace changed
    - bonding: discard lowest hash bit for 802.3ad layer3+4
    - vlan: fix a use-after-free in vlan_device_event()
    - af_netlink: ensure that NLMSG_DONE never fails in dumps
    - sctp: do not peel off an assoc from one netns to another one
    - fealnx: Fix building error on MIPS
    - net/sctp: Always set scope_id in sctp_inet6_skb_msgname
    - ima: do not update security.ima if appraisal status is not INTEGRITY_PASS
    - serial: omap: Fix EFR write on RTS deassertion
    - arm64: fix dump_instr when PAN and UAO are in use
    - ocfs2: should wait dio before inode lock in ocfs2_setattr()
    - ipmi: fix unsigned long underflow
    - mm/page_alloc.c: broken deferred calculation
    - coda: fix 'kernel memory exposure attempt' in fsync
    - mm: check the return value of lookup_page_ext for all call sites
    - mm/page_ext.c: check if page_ext is not prepared
    - mm/pagewalk.c: report holes in hugetlb ranges
    - Linux 4.4.101

  * Xenial update to 4.4.100 stable release (LP: #1744639)
    - media: imon: Fix null-ptr-deref in imon_probe
    - media: dib0700: fix invalid dvb_detach argument
    - KVM: x86: fix singlestepping over syscall
    - net: cdc_ether: fix divide by 0 on bad descriptors
    - net: qmi_wwan: fix divide by 0 on bad descriptors
    - arm: crypto: reduce priority of bit-sliced AES cipher
    - Bluetooth: btusb: fix QCA Rome suspend/resume
    - dmaengine: dmatest: warn user when dma test times out
    - extcon: palmas: Check the parent instance to prevent the NULL
    - fm10k: request reset when mbx->state changes
    - ARM: dts: Fix compatible for ti81xx uarts for 8250
    - ARM: dts: Fix am335x and dm814x scm syscon to probe children
    - ARM: OMAP2+: Fix init for multiple quirks for the same SoC
    - ARM: dts: Fix omap3 off mode pull defines
    - ata: ATA_BMDMA should depend on HAS_DMA
    - ata: SATA_HIGHBANK should depend on HAS_DMA
    - ata: SATA_MV should depend on HAS_DMA
    - drm/sti: sti_vtg: Handle return NULL error from devm_ioremap_nocache
    - igb: reset the PHY before reading the PHY ID
    - igb: close/suspend race in netif_device_detach
    - igb: Fix hw_dbg logging in igb_update_flash_i210
    - scsi: ufs-qcom: Fix module autoload
    - scsi: ufs: add capability to keep auto bkops always enabled
    - staging: rtl8188eu: fix incorrect ERROR tags from logs
    - scsi: lpfc: FCoE VPort enable-disable does not bring up the VPort
    - scsi: lpfc: Correct host name in symbolic_name field
    - scsi: lpfc: Correct issue leading to oops during link reset
    - scsi: lpfc: Clear the VendorVersion in the PLOGI/PLOGI ACC payload
    - ALSA: vx: Don't try to update capture stream before running
    - ALSA: vx: Fix possible transfer overflow
    - backlight: lcd: Fix race condition during register
    - backlight: adp5520: Fix error handling in adp5520_bl_probe()
    - gpu: drm: mgag200: mgag200_main:- Handle error from pci_iomap
    - ALSA: hda/realtek - Add new codec ID ALC299
    - arm64: dts: NS2: reserve memory for Nitro firmware
    - ixgbe: fix AER error handling
    - ixgbe: handle close/suspend race with netif_device_detach/present
    - ixgbe: Reduce I2C retry count on X550 devices
    - ixgbe: add mask for 64 RSS queues
    - ixgbe: do not disable FEC from the driver
    - staging: rtl8712: fixed little endian problem
    - MIPS: End asm function prologue macros with .insn
    - mm: add PHYS_PFN, use it in __phys_to_pfn()
    - MIPS: init: Ensure bootmem does not corrupt reserved memory
    - MIPS: init: Ensure reserved memory regions are not added to bootmem
    - MIPS: Netlogic: Exclude netlogic,xlp-pic code from XLR builds
    - Revert "crypto: xts - Add ECB dependency"
    - Revert "uapi: fix linux/rds.h userspace compilation errors"
    - uapi: fix linux/rds.h userspace compilation error
    - uapi: fix linux/rds.h userspace compilation errors
    - USB: usbfs: compute urb->actual_length for isochronous
    - USB: Add delay-init quirk for Corsair K70 LUX keyboards
    - USB: serial: qcserial: add pid/vid for Sierra Wireless EM7355 fw update
    - USB: serial: garmin_gps: fix I/O after failed probe and remove
    - USB: serial: garmin_gps: fix memory leak on probe errors
    - Linux 4.4.100

  * Xenial update to 4.4.99 stable release (LP: #1744636)
    - mac80211: accept key reinstall without changing anything
    - mac80211: use constant time comparison with keys
    - mac80211: don't compare TKIP TX MIC key in reinstall prevention
    - usb: usbtest: fix NULL pointer dereference
    - Input: ims-psu - check if CDC union descriptor is sane
    - ALSA: seq: Cancel pending autoload work at unbinding device
    - tun/tap: sanitize TUNSETSNDBUF input
    - tcp: fix tcp_mtu_probe() vs highest_sack
    - l2tp: check ps->sock before running pppol2tp_session_ioctl()
    - tun: call dev_get_valid_name() before register_netdevice()
    - sctp: add the missing sock_owned_by_user check in sctp_icmp_redirect
    - packet: avoid panic in packet_getsockopt()
    - ipv6: flowlabel: do not leave opt->tot_len with garbage
    - net/unix: don't show information about sockets from other namespaces
    - ip6_gre: only increase err_count for some certain type icmpv6 in ip6gre_err
    - tun: allow positive return values on dev_get_valid_name() call
    - sctp: reset owner sk for data chunks on out queues when migrating a sock
    - ppp: fix race in ppp device destruction
    - ipip: only increase err_count for some certain type icmp in ipip_err
    - tcp/dccp: fix ireq->opt races
    - tcp/dccp: fix lockdep splat in inet_csk_route_req()
    - tcp/dccp: fix other lockdep splats accessing ireq_opt
    - security/keys: add CONFIG_KEYS_COMPAT to Kconfig
    - tipc: fix link attribute propagation bug
    - brcmfmac: remove setting IBSS mode when stopping AP
    - target/iscsi: Fix iSCSI task reassignment handling
    - target: Fix node_acl demo-mode + uncached dynamic shutdown regression
    - misc: panel: properly restore atomic counter on error path
    - Linux 4.4.99

  * elantech touchpad of Lenovo L480/580 failed to detect hw_version
    (LP: #1733605)
    - Input: elantech - add new icbody type 15

  * Disabling zfs does not always disable module checks for the zfs modules
    (LP: #1737176)
    - [Packaging] disable zfs module checks when zfs is disabled

  * Using asymmetric key for IMA appraisal crashes the system in Ubuntu 16.04
    (LP: #1735977)
    - integrity: convert digsig to akcipher api

  * CVE-2017-17450
    - netfilter: xt_osf: Add missing permission checks

  * CVE-2017-15129
    - net: Fix double free and memory corruption in get_net_ns_by_id()

  * CVE-2018-5344
    - loop: fix concurrent lo_open/lo_release

  * [KVM] Lower the default for halt_poll_ns to 200000 ns (LP: #1724614)
    - KVM: x86: lower default for halt_poll_ns

  * $(LOCAL_ENV_CC) and $(LOCAL_ENV_DISTCC_HOSTS) should be properly quoted
    (LP: #1744077)
    - [Debian] pass LOCAL_ENV_CC and LOCAL_ENV_DISTCC_HOSTS properly

  * Redpine: Wifi/BT not functioning after s3 resume (LP: #1742090) //
    [16.04][classic] Redpine: wowlan feature doesn't work (LP: #1742094)
    - SAUCE: Redpine: fix for wowlan wakeup failure
    - SAUCE: Redpine: fix data issue with non-uapsd APs
    - SAUCE: Redpine: fix reset card issue
    - SAUCE: Redpine: fix wowlan issue

  * Using an NVMe drive causes huge power drain (LP: #1664602) // Samsung SSD
    960 EVO 500GB refused to change power state (LP: #1705748)
    - nvme-pci: disable APST on Samsung SSD 960 EVO + ASUS PRIME B350M-A

  * Using an NVMe drive causes huge power drain (LP: #1664602)
    - nvme/scsi: Remove power management support
    - nvme: return the whole CQE through the request passthrough interface
    - nvme: factor out a add nvme_is_write helper
    - nvme: Modify and export sync command submission for fabrics
    - nvme: Fix nvme_get/set_features() with a NULL result pointer
    - nvme: Pass pointers, not dma addresses, to nvme_get/set_features()
    - nvme: Add a quirk mechanism that uses identify_ctrl
    - nvme: Enable autonomous power state transitions
    - nvme: Adjust the Samsung APST quirk
    - nvme: Quirk APST off on "THNSF5256GPUK TOSHIBA"
    - nvme: only consider exit latency when choosing useful non-op power states
    - nvme: relax APST default max latency to 100ms
    - nvme: Quirk APST on Intel 600P/P3100 devices

  * CVE-2017-17862
    - bpf: fix branch pruning logic

  * CVE-2017-16995
    - bpf: fix incorrect sign extension in check_alu_op()

  * CVE-2017-17741
    - KVM: Fix stack-out-of-bounds read in write_mmio

  * CVE-2018-5333
    - RDS: null pointer dereference in rds_atomic_free_op

  * the kernel is blackholing IPv6 packets to linkdown nexthops (LP: #1738219)
    - ipv6: Do not consider linkdown nexthops during multipath

  * /dev/bcache/by-uuid links not created after reboot (LP: #1729145)
    - SAUCE: (no-up) bcache: decouple emitting a cached_dev CHANGE uevent

  * e1000e in 4.4.0-97-generic breaks 82574L under heavy load. (LP: #1730550)
    - e1000e: Avoid receiver overrun interrupt bursts
    - e1000e: Separate signaling for link check/link up

  * ath10k: enhance rf signal strength (LP: #1736317)
    - ath10k: add max_tx_power for QCA6174 WLAN.RM.2.0 firmware

  * User reports excessive ALUA retry messages (LP: #1720228)
    - scsi_dh_alua: uninitialized variable in alua_rtpg()

  * Add installer support for new Broadcom network drivers.  (LP: #1734757)
    - d-i: Add bnxt_en_bpo to nic-modules.

  * Transparent hugepages should default to enabled=madvise (LP: #1703742)
    - SAUCE: use CONFIG_TRANSPARENT_HUGEPAGE_MADVISE=y as default

 -- Kleber Sacilotto de Souza <email address hidden>  Tue, 13 Mar 2018 11:55:32 +0100
Superseded in trusty-security on 2018-04-05
Superseded in trusty-updates on 2018-04-05
Deleted in trusty-proposed (Reason: moved to -updates)
linux-lts-xenial (4.4.0-116.140~14.04.1) trusty; urgency=medium

  * linux-lts-xenial: 4.4.0-116.140~14.04.1 -proposed tracker (LP: #1749091)

  * linux: 4.4.0-116.140 -proposed tracker (LP: #1748990)

  * BUG: unable to handle kernel NULL pointer dereference at 0000000000000009
    (LP: #1748671)
    - SAUCE: net: ipv4: fix for a race condition in raw_sendmsg -- fix backport

Deleted in trusty-proposed on 2018-02-19 (Reason: NBS)
linux-lts-xenial (4.4.0-113.136~14.04.1) trusty; urgency=low

  * linux-lts-xenial: 4.4.0-113.136~14.04.1 -proposed tracker (LP: #1746938)

  * linux: 4.4.0-113.136 -proposed tracker (LP: #1746936)

  [ Stefan Bader ]
  * Missing install-time driver for QLogic QED 25/40/100Gb Ethernet NIC
    (LP: #1743638)
    - [d-i] Add qede to nic-modules udeb

  * CVE-2017-5753 (Spectre v1 Intel)
    - x86/cpu/AMD: Make the LFENCE instruction serialized
    - x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature
    - SAUCE: reinstate MFENCE_RDTSC feature definition
    - locking/barriers: introduce new observable speculation barrier
    - bpf: prevent speculative execution in eBPF interpreter
    - x86, bpf, jit: prevent speculative execution when JIT is enabled
    - SAUCE: FIX: x86, bpf, jit: prevent speculative execution when JIT is enabled
    - carl9170: prevent speculative execution
    - qla2xxx: prevent speculative execution
    - Thermal/int340x: prevent speculative execution
    - ipv4: prevent speculative execution
    - ipv6: prevent speculative execution
    - fs: prevent speculative execution
    - net: mpls: prevent speculative execution
    - udf: prevent speculative execution
    - userns: prevent speculative execution
    - SAUCE: claim mitigation via observable speculation barrier
    - SAUCE: powerpc: add osb barrier
    - SAUCE: s390/spinlock: add osb memory barrier
    - SAUCE: arm64: no osb() implementation yet
    - SAUCE: arm: no osb() implementation yet

  * CVE-2017-5715 (Spectre v2 retpoline)
    - x86/cpuid: Provide get_scattered_cpuid_leaf()
    - x86/cpu: Factor out application of forced CPU caps
    - x86/cpufeatures: Make CPU bugs sticky
    - x86/cpufeatures: Add X86_BUG_CPU_INSECURE
    - x86/cpu, x86/pti: Do not enable PTI on AMD processors
    - x86/pti: Rename BUG_CPU_INSECURE to BUG_CPU_MELTDOWN
    - x86/cpufeatures: Add X86_BUG_SPECTRE_V[12]
    - x86/cpu: Merge bugs.c and bugs_64.c
    - sysfs/cpu: Add vulnerability folder
    - x86/cpu: Implement CPU vulnerabilites sysfs functions
    - x86/alternatives: Add missing '\n' at end of ALTERNATIVE inline asm
    - x86/mm/32: Move setup_clear_cpu_cap(X86_FEATURE_PCID) earlier
    - x86/asm: Use register variable to get stack pointer value
    - x86/kbuild: enable modversions for symbols exported from asm
    - x86/asm: Make asm/alternative.h safe from assembly
    - EXPORT_SYMBOL() for asm
    - kconfig.h: use __is_defined() to check if MODULE is defined
    - x86/retpoline: Add initial retpoline support
    - x86/spectre: Add boot time option to select Spectre v2 mitigation
    - x86/retpoline/crypto: Convert crypto assembler indirect jumps
    - x86/retpoline/entry: Convert entry assembler indirect jumps
    - x86/retpoline/ftrace: Convert ftrace assembler indirect jumps
    - x86/retpoline/hyperv: Convert assembler indirect jumps
    - x86/retpoline/xen: Convert Xen hypercall indirect jumps
    - x86/retpoline/checksum32: Convert assembler indirect jumps
    - x86/retpoline/irq32: Convert assembler indirect jumps
    - x86/retpoline: Fill return stack buffer on vmexit
    - x86/retpoline: Remove compile time warning
    - x86/retpoline: Add LFENCE to the retpoline/RSB filling RSB macros
    - module: Add retpoline tag to VERMAGIC
    - x86/mce: Make machine check speculation protected
    - retpoline: Introduce start/end markers of indirect thunk
    - kprobes/x86: Blacklist indirect thunk functions for kprobes
    - kprobes/x86: Disable optimizing on the function jumps to indirect thunk
    - x86/retpoline: Optimize inline assembler for vmexit_fill_RSB
    - [Config] CONFIG_RETPOLINE=y
    - [Packaging] retpoline -- add call site validation
    - [Config] disable retpoline checks for first upload

  * CVE-2017-5715 (revert embargoed) // CVE-2017-5753 (revert embargoed)
    - Revert "UBUNTU: SAUCE: Fix spec_ctrl support in KVM"
    - Revert "x86/cpuid: Provide get_scattered_cpuid_leaf()"
    - Revert "kvm: vmx: Scrub hardware GPRs at VM-exit"
    - Revert "Revert "x86/svm: Add code to clear registers on VM exit""
    - Revert "UBUNTU: SAUCE: x86/microcode: Extend post microcode reload to
      support IBPB feature -- repair missmerge"
    - Revert "arm: no gmb() implementation yet"
    - Revert "arm64: no gmb() implementation yet"
    - Revert "UBUNTU: SAUCE: x86/kvm: Fix stuff_RSB() for 32-bit"
    - Revert "s390/spinlock: add gmb memory barrier"
    - Revert "powerpc: add gmb barrier"
    - Revert "x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature"
    - Revert "x86/cpu/AMD: Make the LFENCE instruction serialized"
    - Revert "x86/svm: Add code to clear registers on VM exit"
    - Revert "x86/svm: Add code to clobber the RSB on VM exit"
    - Revert "KVM: x86: Add speculative control CPUID support for guests"
    - Revert "x86/svm: Set IBPB when running a different VCPU"
    - Revert "x86/svm: Set IBRS value on VM entry and exit"
    - Revert "KVM: SVM: Do not intercept new speculative control MSRs"
    - Revert "x86/microcode: Extend post microcode reload to support IBPB feature"
    - Revert "x86/cpu/AMD: Add speculative control support for AMD"
    - Revert "x86/cpu/amd, kvm: Satisfy guest kernel reads of IC_CFG MSR"
    - Revert "x86/entry: Use retpoline for syscall's indirect calls"
    - Revert "x86/syscall: Clear unused extra registers on 32-bit compatible
      syscall entrance"
    - Revert "x86/syscall: Clear unused extra registers on syscall entrance"
    - Revert "x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb
      control"
    - Revert "x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature"
    - Revert "x86/kvm: Pad RSB on VM transition"
    - Revert "x86/kvm: Toggle IBRS on VM entry and exit"
    - Revert "x86/kvm: Set IBPB when switching VM"
    - Revert "x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm"
    - Revert "x86/entry: Stuff RSB for entry to kernel for non-SMEP platform"
    - Revert "x86/mm: Only set IBPB when the new thread cannot ptrace current
      thread"
    - Revert "x86/mm: Set IBPB upon context switch"
    - Revert "x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup"
    - Revert "x86/idle: Disable IBRS entering idle and enable it on wakeup"
    - Revert "x86/enter: Use IBRS on syscall and interrupts"
    - Revert "x86/enter: MACROS to set/clear IBRS and set IBPB"
    - Revert "x86/feature: Report presence of IBPB and IBRS control"
    - Revert "x86/feature: Enable the x86 feature to control Speculation"
    - Revert "udf: prevent speculative execution"
    - Revert "net: mpls: prevent speculative execution"
    - Revert "fs: prevent speculative execution"
    - Revert "ipv6: prevent speculative execution"
    - Revert "userns: prevent speculative execution"
    - Revert "Thermal/int340x: prevent speculative execution"
    - Revert "qla2xxx: prevent speculative execution"
    - Revert "carl9170: prevent speculative execution"
    - Revert "uvcvideo: prevent speculative execution"
    - Revert "x86, bpf, jit: prevent speculative execution when JIT is enabled"
    - Revert "bpf: prevent speculative execution in eBPF interpreter"

  * CVE-2017-17712
    - net: ipv4: fix for a race condition in raw_sendmsg

  * upload urgency should be medium by default (LP: #1745338)
    - [Packaging] update urgency to medium by default

  * CVE-CVE-2017-12190
    - more bio_map_user_iov() leak fixes

  * CVE-2015-8952
    - mbcache2: reimplement mbcache
    - ext2: convert to mbcache2
    - ext4: convert to mbcache2
    - mbcache2: limit cache size
    - mbcache2: Use referenced bit instead of LRU
    - ext4: kill ext4_mballoc_ready
    - ext4: shortcut setting of xattr to the same value
    - mbcache: remove mbcache
    - mbcache2: rename to mbcache
    - mbcache: get rid of _e_hash_list_head
    - mbcache: add reusable flag to cache entries

  * CVE-2017-15115
    - sctp: do not peel off an assoc from one netns to another one

  * CVE-2017-8824
    - dccp: CVE-2017-8824: use-after-free in DCCP code

 -- Kleber Sacilotto de Souza <email address hidden>  Thu, 08 Feb 2018 15:09:41 +0100
Superseded in trusty-security on 2018-02-21
Superseded in trusty-updates on 2018-02-21
Deleted in trusty-proposed (Reason: moved to -updates)
linux-lts-xenial (4.4.0-112.135~14.04.1) trusty; urgency=low

  * linux-lts-xenial: 4.4.0-112.135~14.04.1 -proposed tracker (LP: #1745011)

  * linux: 4.4.0-112.135 -proposed tracker (LP: #1744244)

  * CVE-2017-5715 // CVE-2017-5753
    - x86/cpuid: Provide get_scattered_cpuid_leaf()
    - SAUCE: Fix spec_ctrl support in KVM
    - SAUCE: s390: improve cpu alternative handling for gmb and nobp
    - SAUCE: s390: print messages for gmb and nobp
    - [Config] KERNEL_NOBP=y

Superseded in trusty-security on 2018-02-05
Superseded in trusty-updates on 2018-02-05
Deleted in trusty-proposed (Reason: NBS)
linux-lts-xenial (4.4.0-111.134~14.04.1) trusty; urgency=low

  * linux-lts-xenial: 4.4.0-111.134~14.04.1 -proposed tracker (LP: #1743364)

  * linux: 4.4.0-111.134 -proposed tracker (LP: #1743362)

  * Do not duplicate changelog entries assigned to more than one bug or CVE
    (LP: #1743383)
    - [Packaging] git-ubuntu-log -- handle multiple bugs/cves better

  * CVE-2017-5715 // CVE-2017-5753
    - SAUCE: x86/microcode: Extend post microcode reload to support IBPB feature
      -- repair missmerge
    - Revert "x86/svm: Add code to clear registers on VM exit"
    - kvm: vmx: Scrub hardware GPRs at VM-exit

  * CVE-2017-5754
    - SAUCE: powerpc: use sync instead of hwsync mnemonic

Deleted in trusty-proposed on 2018-01-17 (Reason: NBS)
linux-lts-xenial (4.4.0-110.133~14.04.2) trusty; urgency=low

  * linux-lts-xenial: 4.4.0-110.133~14.04.2 -proposed tracker (LP: #1742996)

  * linux: 4.4.0-110.133 -proposed tracker (LP: #1742995)

  * CVE-2017-5753
    - x86/microcode/AMD: Add support for fam17h microcode loading
    - bpf: add bpf_patch_insn_single helper
    - bpf: prepare bpf_int_jit_compile/bpf_prog_select_runtime apis
    - bpf: add generic constant blinding for use in jits
    - locking/barriers: introduce new memory barrier gmb()
    - bpf: prevent speculative execution in eBPF interpreter
    - x86, bpf, jit: prevent speculative execution when JIT is enabled
    - uvcvideo: prevent speculative execution
    - carl9170: prevent speculative execution
    - qla2xxx: prevent speculative execution
    - Thermal/int340x: prevent speculative execution
    - userns: prevent speculative execution
    - ipv6: prevent speculative execution
    - fs: prevent speculative execution
    - net: mpls: prevent speculative execution
    - udf: prevent speculative execution
    - x86/feature: Enable the x86 feature to control Speculation
    - x86/feature: Report presence of IBPB and IBRS control
    - x86/enter: MACROS to set/clear IBRS and set IBPB
    - x86/enter: Use IBRS on syscall and interrupts
    - x86/idle: Disable IBRS entering idle and enable it on wakeup
    - x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup
    - x86/mm: Set IBPB upon context switch
    - x86/mm: Only set IBPB when the new thread cannot ptrace current thread
    - x86/entry: Stuff RSB for entry to kernel for non-SMEP platform
    - x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm
    - x86/kvm: Set IBPB when switching VM
    - x86/kvm: Toggle IBRS on VM entry and exit
    - x86/kvm: Pad RSB on VM transition
    - x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature
    - x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb control
    - x86/syscall: Clear unused extra registers on syscall entrance
    - x86/syscall: Clear unused extra registers on 32-bit compatible syscall
      entrance
    - x86/entry: Use retpoline for syscall's indirect calls
    - x86/cpu/amd, kvm: Satisfy guest kernel reads of IC_CFG MSR
    - x86/cpu/AMD: Add speculative control support for AMD
    - x86/microcode: Extend post microcode reload to support IBPB feature
    - KVM: SVM: Do not intercept new speculative control MSRs
    - x86/svm: Set IBRS value on VM entry and exit
    - x86/svm: Set IBPB when running a different VCPU
    - KVM: x86: Add speculative control CPUID support for guests
    - x86/svm: Add code to clobber the RSB on VM exit
    - x86/svm: Add code to clear registers on VM exit
    - x86/cpu/AMD: Make the LFENCE instruction serialized
    - x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature
    - powerpc: add gmb barrier
    - s390/spinlock: add gmb memory barrier
    - SAUCE: x86/kvm: Fix stuff_RSB() for 32-bit
    - arm64: no gmb() implementation yet
    - arm: no gmb() implementation yet

  * CVE-2017-5715
    - x86/microcode/AMD: Add support for fam17h microcode loading
    - bpf: add bpf_patch_insn_single helper
    - bpf: prepare bpf_int_jit_compile/bpf_prog_select_runtime apis
    - bpf: add generic constant blinding for use in jits
    - locking/barriers: introduce new memory barrier gmb()
    - bpf: prevent speculative execution in eBPF interpreter
    - x86, bpf, jit: prevent speculative execution when JIT is enabled
    - uvcvideo: prevent speculative execution
    - carl9170: prevent speculative execution
    - qla2xxx: prevent speculative execution
    - Thermal/int340x: prevent speculative execution
    - userns: prevent speculative execution
    - ipv6: prevent speculative execution
    - fs: prevent speculative execution
    - net: mpls: prevent speculative execution
    - udf: prevent speculative execution
    - x86/feature: Enable the x86 feature to control Speculation
    - x86/feature: Report presence of IBPB and IBRS control
    - x86/enter: MACROS to set/clear IBRS and set IBPB
    - x86/enter: Use IBRS on syscall and interrupts
    - x86/idle: Disable IBRS entering idle and enable it on wakeup
    - x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup
    - x86/mm: Set IBPB upon context switch
    - x86/mm: Only set IBPB when the new thread cannot ptrace current thread
    - x86/entry: Stuff RSB for entry to kernel for non-SMEP platform
    - x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm
    - x86/kvm: Set IBPB when switching VM
    - x86/kvm: Toggle IBRS on VM entry and exit
    - x86/kvm: Pad RSB on VM transition
    - x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature
    - x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb control
    - x86/syscall: Clear unused extra registers on syscall entrance
    - x86/syscall: Clear unused extra registers on 32-bit compatible syscall
      entrance
    - x86/entry: Use retpoline for syscall's indirect calls
    - x86/cpu/amd, kvm: Satisfy guest kernel reads of IC_CFG MSR
    - x86/cpu/AMD: Add speculative control support for AMD
    - x86/microcode: Extend post microcode reload to support IBPB feature
    - KVM: SVM: Do not intercept new speculative control MSRs
    - x86/svm: Set IBRS value on VM entry and exit
    - x86/svm: Set IBPB when running a different VCPU
    - KVM: x86: Add speculative control CPUID support for guests
    - x86/svm: Add code to clobber the RSB on VM exit
    - x86/svm: Add code to clear registers on VM exit
    - x86/cpu/AMD: Make the LFENCE instruction serialized
    - x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature
    - powerpc: add gmb barrier
    - s390/spinlock: add gmb memory barrier
    - SAUCE: x86/kvm: Fix stuff_RSB() for 32-bit
    - arm64: no gmb() implementation yet
    - arm: no gmb() implementation yet

  * powerpc: flush L1D on return to use (LP: #1742772)
    - SAUCE: powerpc: Secure memory rfi flush
    - SAUCE: rfi-flush: Make DEBUG_RFI a CONFIG option
    - SAUCE: rfi-flush: Add HRFI_TO_UNKNOWN and use it in denorm
    - SAUCE: Fixup rfid in kvmppc_skip_Hinterrupt should be hrfid
    - SAUCE: rfi-flush: kvmppc_skip_(H)interrupt returns to host
    - SAUCE: KVM: Revert the implementation of H_GET_CPU_CHARACTERISTICS
    - SAUCE: rfi-flush: Implement congruence-first fallback flush
    - SAUCE: rfi-flush: Make l1d_flush_type bit flags
    - SAUCE: rfi-flush: Push the instruction selection down to the patching
      routine
    - SAUCE: rfi-flush: Expand the RFI section to two nop slots
    - SAUCE: rfi-flush: Support more than one flush type at once
    - SAUCE: rfi-flush: Allow HV to advertise multiple flush types
    - SAUCE: rfi-flush: Add speculation barrier before ori 30,30,0 flush
    - SAUCE: powerpc/asm: Allow including ppc_asm.h in asm files
    - SAUCE: Remove setup.h include file otherwise compilation complains about
      missing header file.
    - SAUCE: Fix compilation errors for arch/powerpc/lib/feature-fixups.c
    - SAUCE: rfi-flush: Add barriers to the fallback L1D flushing
    - SAUCE: rfi-flush: Rework powernv logic to be more cautious
    - SAUCE: rfi-flush: Rework pseries logic to be more cautious
    - SAUCE: rfi-flush: Fix the fallback flush to actually activate
    - SAUCE: rfi-flush: Fix HRFI_TO_UNKNOWN
    - SAUCE: rfi-flush: Refactor the macros so the nops are defined once
    - SAUCE: rfi-flush: Add no_rfi_flush and nopti comandline options
    - SAUCE: rfi-flush: Use rfi-flush in printks
    - SAUCE: rfi-flush: Fallback flush add load dependency
    - SAUCE: rfi-flush: Fix the 32-bit KVM build
    - SAUCE: rfi-flush: Fix some RFI conversions in the KVM code
    - SAUCE: UBUNTU: [Config] Disable CONFIG_PPC_DEBUG_RFI

  * s390: add ppa to kernel entry/exit (LP: #1742771)
    - s390: introduce CPU alternatives
    - s390: add ppa to kernel entry / exit

  * CVE-2017-5754
    - x86/tlb: Drop the _GPL from the cpu_tlbstate export
    - Map the vsyscall page with _PAGE_USER
    - s390: introduce CPU alternatives
    - s390: add ppa to kernel entry / exit
    - SAUCE: powerpc: Secure memory rfi flush
    - SAUCE: rfi-flush: Make DEBUG_RFI a CONFIG option
    - SAUCE: rfi-flush: Add HRFI_TO_UNKNOWN and use it in denorm
    - SAUCE: Fixup rfid in kvmppc_skip_Hinterrupt should be hrfid
    - SAUCE: rfi-flush: kvmppc_skip_(H)interrupt returns to host
    - SAUCE: KVM: Revert the implementation of H_GET_CPU_CHARACTERISTICS
    - SAUCE: rfi-flush: Implement congruence-first fallback flush
    - SAUCE: rfi-flush: Make l1d_flush_type bit flags
    - SAUCE: rfi-flush: Push the instruction selection down to the patching
      routine
    - SAUCE: rfi-flush: Expand the RFI section to two nop slots
    - SAUCE: rfi-flush: Support more than one flush type at once
    - SAUCE: rfi-flush: Allow HV to advertise multiple flush types
    - SAUCE: rfi-flush: Add speculation barrier before ori 30,30,0 flush
    - SAUCE: powerpc/asm: Allow including ppc_asm.h in asm files
    - SAUCE: Remove setup.h include file otherwise compilation complains about
      missing header file.
    - SAUCE: Fix compilation errors for arch/powerpc/lib/feature-fixups.c
    - SAUCE: rfi-flush: Add barriers to the fallback L1D flushing
    - SAUCE: rfi-flush: Rework powernv logic to be more cautious
    - SAUCE: rfi-flush: Rework pseries logic to be more cautious
    - SAUCE: rfi-flush: Fix the fallback flush to actually activate
    - SAUCE: rfi-flush: Fix HRFI_TO_UNKNOWN
    - SAUCE: rfi-flush: Refactor the macros so the nops are defined once
    - SAUCE: rfi-flush: Add no_rfi_flush and nopti comandline options
    - SAUCE: rfi-flush: Use rfi-flush in printks
    - SAUCE: rfi-flush: Fallback flush add load dependency
    - SAUCE: rfi-flush: Fix the 32-bit KVM build
    - SAUCE: rfi-flush: Fix some RFI conversions in the KVM code
    - SAUCE: UBUNTU: [Config] Disable CONFIG_PPC_DEBUG_RFI
    - UBUNTU: SAUCE: powerpc: use sync instead of hwsync mnemonic

 -- Seth Forshee <email address hidden>  Fri, 12 Jan 2018 14:54:58 -0600
Superseded in trusty-security on 2018-01-22
Superseded in trusty-updates on 2018-01-22
Deleted in trusty-proposed (Reason: moved to -updates)
linux-lts-xenial (4.4.0-109.132~14.04.1) trusty; urgency=low

  * linux-lts-xenial: 4.4.0-109.132~14.04.1 -proposed tracker (LP: #1742255)

  * linux: 4.4.0-109.132 -proposed tracker (LP: #1742252)

  * Kernel trace with xenial 4.4  (4.4.0-108.131, Candidate kernels for PTI fix)
    (LP: #1741934)
    - SAUCE: kaiser: fix perf crashes - fix to original commit

Superseded in trusty-updates on 2018-01-10
Superseded in trusty-security on 2018-01-10
Deleted in trusty-proposed (Reason: NBS)
linux-lts-xenial (4.4.0-108.131~14.04.1) trusty; urgency=low

  * linux-lts-xenial: 4.4.0-108.131~14.04.1 -proposed tracker (LP: #1741729)

  * linux: 4.4.0-108.131 -proposed tracker (LP: #1741727)

  * CVE-2017-5754
    - x86/mm: Disable PCID on 32-bit kernels

Deleted in trusty-proposed on 2018-01-10 (Reason: NBS)
linux-lts-xenial (4.4.0-105.128~14.04.1) trusty; urgency=low

  * linux-lts-xenial: 4.4.0-105.128~14.04.1 -proposed tracker (LP: #1737919)

  * linux: 4.4.0-105.128 -proposed tracker (LP: #1737916)

  * CVE-CVE-2017-12190
    - more bio_map_user_iov() leak fixes

  * CVE-2015-8952
    - mbcache2: reimplement mbcache
    - ext2: convert to mbcache2
    - ext4: convert to mbcache2
    - mbcache2: limit cache size
    - mbcache2: Use referenced bit instead of LRU
    - ext4: kill ext4_mballoc_ready
    - ext4: shortcut setting of xattr to the same value
    - mbcache: remove mbcache
    - mbcache2: rename to mbcache
    - mbcache: get rid of _e_hash_list_head
    - mbcache: add reusable flag to cache entries

  * CVE-2017-15115
    - sctp: do not peel off an assoc from one netns to another one

  * CVE-2017-8824
    - dccp: CVE-2017-8824: use-after-free in DCCP code

 -- Thadeu Lima de Souza Cascardo <email address hidden>  Wed, 13 Dec 2017 15:02:45 -0200
Superseded in trusty-security on 2018-01-09
Superseded in trusty-updates on 2018-01-09
Deleted in trusty-proposed (Reason: NBS)
linux-lts-xenial (4.4.0-104.127~14.04.1) trusty; urgency=low

  * linux-lts-xenial: 4.4.0-104.127~14.04.1 -proposed tracker (LP: #1737514)

  * linux: 4.4.0-104.127 -proposed tracker (LP: #1737511)

  * upgrading linux-image package to 4.4.0-103.126 breaks Ceph network file
    system connection (LP: #1737033)
    - Revert "libceph: MOSDOpReply v7 encoding"
    - Revert "libceph: advertise support for TUNABLES5"
    - Revert "crush: decode and initialize chooseleaf_stable"
    - Revert "crush: add chooseleaf_stable tunable"
    - Revert "crush: ensure take bucket value is valid"
    - Revert "crush: ensure bucket id is valid before indexing buckets array"

 -- Kleber Sacilotto de Souza <email address hidden>  Mon, 11 Dec 2017 12:20:36 +0100
Superseded in trusty-security on 2017-12-14
Superseded in trusty-updates on 2017-12-14
Deleted in trusty-proposed (Reason: moved to -updates)
linux-lts-xenial (4.4.0-103.126~14.04.1) trusty; urgency=low

  * linux-lts-xenial: 4.4.0-103.126~14.04.1 -proposed tracker (LP: #1736183)

  * linux: 4.4.0-103.126 -proposed tracker (LP: #1736181)

  * CVE-2017-1000405
    - mm, thp: Do not make page table dirty unconditionally in touch_p[mu]d()

  * CVE-2017-16939
    - netlink: add a start callback for starting a netlink dump
    - ipsec: Fix aborted xfrm policy dump crash

Deleted in trusty-proposed on 2017-12-06 (Reason: NBS)
linux-lts-xenial (4.4.0-102.125~14.04.1) trusty; urgency=low

  * linux-lts-xenial: 4.4.0-102.125~14.04.1 -proposed tracker (LP: #1733542)

  * linux: 4.4.0-102.125 -proposed tracker (LP: #1733541)

  * tar -x sometimes fails on overlayfs (LP: #1728489)
    - ovl: check if all layers are on the same fs
    - ovl: persistent inode number for directories

  * NVMe timeout is too short (LP: #1729119)
    - nvme: update timeout module parameter type

  * Set PANIC_TIMEOUT=10 on Power Systems (LP: #1730660)
    - [Config]: Set PANIC_TIMEOUT=10 on ppc64el

  * Cannot pair BLE remote devices when using combo BT SoC (LP: #1731467)
    - Bluetooth: increase timeout for le auto connections

  * CIFS errors on 4.4.0-98, but not on 4.4.0-97 with same config (LP: #1729337)
    - SMB3: Validate negotiate request must always be signed

  * Plantronics P610 does not support sample rate reading (LP: #1719853)
    - ALSA: usb-audio: Add sample rate quirk for Plantronics P610

  * Invalid btree pointer causes the kernel NULL pointer dereference
    (LP: #1729256)
    - xfs: reinit btree pointer on attr tree inactivation walk

  * Samba mount/umount in docker container triggers kernel Oops (LP: #1729637)
    - ipv6: only call ip6_route_dev_notify() once for NETDEV_UNREGISTER
    - ipv6: fix NULL dereference in ip6_route_dev_notify()

  * [kernel] tty/hvc: Use opal irqchip interface if available (LP: #1728098)
    - tty/hvc: Use opal irqchip interface if available

  * Device hotplugging with MPT SAS cannot work for VMWare ESXi (LP: #1730852)
    - scsi: mptsas: Fixup device hotplug for VMWare ESXi

  * NMI watchdog: BUG: soft lockup on Guest upon boot (KVM) (LP: #1727331)
    - KVM: PPC: Book3S: Treat VTB as a per-subcore register, not per-thread

  * Attempt to map rbd image from ceph jewel/luminous hangs (LP: #1728739)
    - crush: ensure bucket id is valid before indexing buckets array
    - crush: ensure take bucket value is valid
    - crush: add chooseleaf_stable tunable
    - crush: decode and initialize chooseleaf_stable
    - libceph: advertise support for TUNABLES5
    - libceph: MOSDOpReply v7 encoding

  * Xenial update to 4.4.98 stable release (LP: #1732698)
    - adv7604: Initialize drive strength to default when using DT
    - video: fbdev: pmag-ba-fb: Remove bad `__init' annotation
    - PCI: mvebu: Handle changes to the bridge windows while enabled
    - xen/netback: set default upper limit of tx/rx queues to 8
    - drm: drm_minor_register(): Clean up debugfs on failure
    - KVM: PPC: Book 3S: XICS: correct the real mode ICP rejecting counter
    - iommu/arm-smmu-v3: Clear prior settings when updating STEs
    - powerpc/corenet: explicitly disable the SDHC controller on kmcoge4
    - ARM: omap2plus_defconfig: Fix probe errors on UARTs 5 and 6
    - crypto: vmx - disable preemption to enable vsx in aes_ctr.c
    - iio: trigger: free trigger resource correctly
    - phy: increase size of MII_BUS_ID_SIZE and bus_id
    - serial: sh-sci: Fix register offsets for the IRDA serial port
    - usb: hcd: initialize hcd->flags to 0 when rm hcd
    - netfilter: nft_meta: deal with PACKET_LOOPBACK in netdev family
    - IPsec: do not ignore crypto err in ah4 input
    - Input: mpr121 - handle multiple bits change of status register
    - Input: mpr121 - set missing event capability
    - IB/ipoib: Change list_del to list_del_init in the tx object
    - s390/qeth: issue STARTLAN as first IPA command
    - (config) Add NET_DSA=n
    - net: dsa: select NET_SWITCHDEV
    - platform/x86: hp-wmi: Fix detection for dock and tablet mode
    - cdc_ncm: Set NTB format again after altsetting switch for Huawei devices
    - KEYS: trusted: sanitize all key material
    - KEYS: trusted: fix writing past end of buffer in trusted_read()
    - platform/x86: hp-wmi: Fix error value for hp_wmi_tablet_state
    - platform/x86: hp-wmi: Do not shadow error values
    - x86/uaccess, sched/preempt: Verify access_ok() context
    - workqueue: Fix NULL pointer dereference
    - crypto: x86/sha1-mb - fix panic due to unaligned access
    - KEYS: fix NULL pointer dereference during ASN.1 parsing [ver #2]
    - ARM: 8720/1: ensure dump_instr() checks addr_limit
    - ALSA: seq: Fix OSS sysex delivery in OSS emulation
    - ALSA: seq: Avoid invalid lockdep class warning
    - MIPS: microMIPS: Fix incorrect mask in insn_table_MM
    - MIPS: Fix CM region target definitions
    - MIPS: SMP: Use a completion event to signal CPU up
    - MIPS: Fix race on setting and getting cpu_online_mask
    - MIPS: SMP: Fix deadlock & online race
    - test: firmware_class: report errors properly on failure
    - selftests: firmware: add empty string and async tests
    - selftests: firmware: send expected errors to /dev/null
    - tools: firmware: check for distro fallback udev cancel rule
    - MIPS: AR7: Defer registration of GPIO
    - MIPS: AR7: Ensure that serial ports are properly set up
    - Input: elan_i2c - add ELAN060C to the ACPI table
    - drm/vmwgfx: Fix Ubuntu 17.10 Wayland black screen issue
    - rbd: use GFP_NOIO for parent stat and data requests
    - can: sun4i: handle overrun in RX FIFO
    - can: c_can: don't indicate triple sampling support for D_CAN
    - x86/oprofile/ppro: Do not use __this_cpu*() in preemptible context
    - PKCS#7: fix unitialized boolean 'want'
    - Linux 4.4.98

  * ELANTECH Touchpad is not detected in 'Lenovo Ideapad 320 14AST' after fresh
    install (LP: #1727544)
    - Input: elan_i2c - add ELAN060C to the ACPI table

  * Xenial update to 4.4.97 stable release (LP: #1731915)
    - ALSA: timer: Add missing mutex lock for compat ioctls
    - ALSA: seq: Fix nested rwsem annotation for lockdep splat
    - cifs: check MaxPathNameComponentLength != 0 before using it
    - KEYS: return full count in keyring_read() if buffer is too small
    - KEYS: fix out-of-bounds read during ASN.1 parsing
    - ASoC: adau17x1: Workaround for noise bug in ADC
    - arm64: ensure __dump_instr() checks addr_limit
    - ARM: dts: mvebu: pl310-cache disable double-linefill
    - ARM: 8715/1: add a private asm/unaligned.h
    - ocfs2: fstrim: Fix start offset of first cluster group during fstrim
    - perf tools: Fix build failure on perl script context
    - drm/msm: Fix potential buffer overflow issue
    - drm/msm: fix an integer overflow test
    - tracing/samples: Fix creation and deletion of simple_thread_fn creation
    - Fix tracing sample code warning.
    - PM / wakeirq: report a wakeup_event on dedicated wekup irq
    - mmc: s3cmci: include linux/interrupt.h for tasklet_struct
    - ARM: pxa: Don't rely on public mmc header to include leds.h
    - mfd: ab8500-sysctrl: Handle probe deferral
    - mfd: axp20x: Fix axp288 PEK_DBR and PEK_DBF irqs being swapped
    - staging: rtl8712u: Fix endian settings for structs describing network
      packets
    - ext4: fix stripe-unaligned allocations
    - ext4: do not use stripe_width if it is not set
    - i2c: riic: correctly finish transfers
    - drm/amdgpu: when dpm disabled, also need to stop/start vce.
    - perf tools: Only increase index if perf_evsel__new_idx() succeeds
    - cx231xx: Fix I2C on Internal Master 3 Bus
    - xen/manage: correct return value check on xenbus_scanf()
    - scsi: aacraid: Process Error for response I/O
    - platform/x86: intel_mid_thermal: Fix module autoload
    - staging: lustre: llite: don't invoke direct_IO for the EOF case
    - staging: lustre: hsm: stack overrun in hai_dump_data_field
    - staging: lustre: ptlrpc: skip lock if export failed
    - exynos4-is: fimc-is: Unmap region obtained by of_iomap()
    - mei: return error on notification request to a disconnected client
    - s390/dasd: check for device error pointer within state change interrupts
    - bt8xx: fix memory leak
    - xen: don't print error message in case of missing Xenstore entry
    - staging: r8712u: Fix Sparse warning in rtl871x_xmit.c
    - Linux 4.4.97

  * Xenial update to 4.4.96 stable release (LP: #1731882)
    - workqueue: replace pool->manager_arb mutex with a flag
    - ALSA: hda/realtek - Add support for ALC236/ALC3204
    - ALSA: hda - fix headset mic problem for Dell machines with alc236
    - ceph: unlock dangling spinlock in try_flush_caps()
    - usb: xhci: Handle error condition in xhci_stop_device()
    - spi: uapi: spidev: add missing ioctl header
    - fuse: fix READDIRPLUS skipping an entry
    - xen/gntdev: avoid out of bounds access in case of partial gntdev_mmap()
    - Input: elan_i2c - add ELAN0611 to the ACPI table
    - Input: gtco - fix potential out-of-bound access
    - assoc_array: Fix a buggy node-splitting case
    - scsi: zfcp: fix erp_action use-before-initialize in REC action trace
    - scsi: sg: Re-fix off by one in sg_fill_request_table()
    - can: sun4i: fix loopback mode
    - can: kvaser_usb: Correct return value in printout
    - can: kvaser_usb: Ignore CMD_FLUSH_QUEUE_REPLY messages
    - regulator: fan53555: fix I2C device ids
    - x86/microcode/intel: Disable late loading on model 79
    - ecryptfs: fix dereference of NULL user_key_payload
    - Revert "drm: bridge: add DT bindings for TI ths8135"
    - Linux 4.4.96

  * Touchpad not detected - Lenovo ideapad 320-15IKB (LP: #1723736)
    - Input: elan_i2c - add ELAN0611 to the ACPI table

 -- Stefan Bader <email address hidden>  Tue, 21 Nov 2017 15:37:52 +0100
Superseded in trusty-security on 2017-12-07
Superseded in trusty-updates on 2017-12-07
Deleted in trusty-proposed (Reason: moved to -updates)
linux-lts-xenial (4.4.0-101.124~14.04.1) trusty; urgency=low

  * linux-lts-xenial: 4.4.0-101.124~14.04.1 -proposed tracker (LP: #1731266)

  * linux: 4.4.0-101.124 -proposed tracker (LP: #1731264)

  * s390/mm: fix write access check in gup_huge_pmd() (LP: #1730596)
    - s390/mm: fix write access check in gup_huge_pmd()

Deleted in trusty-proposed on 2017-11-14 (Reason: NBS)
linux-lts-xenial (4.4.0-100.123~14.04.1) trusty; urgency=low

  * linux-lts-xenial: 4.4.0-100.123~14.04.1 -proposed tracker (LP: #1729275)

  * linux: 4.4.0-100.123 -proposed tracker (LP: #1729273)

  * Xenial update to 4.4.95 stable release (LP: #1729107)
    - USB: devio: Revert "USB: devio: Don't corrupt user memory"
    - USB: core: fix out-of-bounds access bug in usb_get_bos_descriptor()
    - USB: serial: metro-usb: add MS7820 device id
    - usb: cdc_acm: Add quirk for Elatec TWN3
    - usb: quirks: add quirk for WORLDE MINI MIDI keyboard
    - usb: hub: Allow reset retry for USB2 devices on connect bounce
    - ALSA: usb-audio: Add native DSD support for Pro-Ject Pre Box S2 Digital
    - can: gs_usb: fix busy loop if no more TX context is available
    - usb: musb: sunxi: Explicitly release USB PHY on exit
    - usb: musb: Check for host-mode using is_host_active() on reset interrupt
    - can: esd_usb2: Fix can_dlc value for received RTR, frames
    - drm/nouveau/bsp/g92: disable by default
    - drm/nouveau/mmu: flush tlbs before deleting page tables
    - ALSA: seq: Enable 'use' locking in all configurations
    - ALSA: hda: Remove superfluous '-' added by printk conversion
    - i2c: ismt: Separate I2C block read from SMBus block read
    - brcmsmac: make some local variables 'static const' to reduce stack size
    - bus: mbus: fix window size calculation for 4GB windows
    - clockevents/drivers/cs5535: Improve resilience to spurious interrupts
    - rtlwifi: rtl8821ae: Fix connection lost problem
    - KEYS: encrypted: fix dereference of NULL user_key_payload
    - lib/digsig: fix dereference of NULL user_key_payload
    - KEYS: don't let add_key() update an uninstantiated key
    - pkcs7: Prevent NULL pointer dereference, since sinfo is not always set.
    - parisc: Avoid trashing sr2 and sr3 in LWS code
    - parisc: Fix double-word compare and exchange in LWS code on 32-bit kernels
    - sched/autogroup: Fix autogroup_move_group() to never skip sched_move_task()
    - f2fs crypto: replace some BUG_ON()'s with error checks
    - f2fs crypto: add missing locking for keyring_key access
    - fscrypt: fix dereference of NULL user_key_payload
    - KEYS: Fix race between updating and finding a negative key
    - fscrypto: require write access to mount to set encryption policy
    - FS-Cache: fix dereference of NULL user_key_payload
    - Linux 4.4.95

  * Xenial update to 4.4.94 stable release (LP: #1729105)
    - percpu: make this_cpu_generic_read() atomic w.r.t. interrupts
    - drm/dp/mst: save vcpi with payloads
    - MIPS: Fix minimum alignment requirement of IRQ stack
    - sctp: potential read out of bounds in sctp_ulpevent_type_enabled()
    - bpf/verifier: reject BPF_ALU64|BPF_END
    - udpv6: Fix the checksum computation when HW checksum does not apply
    - ip6_gre: skb_push ipv6hdr before packing the header in ip6gre_header
    - net: emac: Fix napi poll list corruption
    - packet: hold bind lock when rebinding to fanout hook
    - bpf: one perf event close won't free bpf program attached by another perf
      event
    - isdn/i4l: fetch the ppp_write buffer in one shot
    - vti: fix use after free in vti_tunnel_xmit/vti6_tnl_xmit
    - l2tp: Avoid schedule while atomic in exit_net
    - l2tp: fix race condition in l2tp_tunnel_delete
    - tun: bail out from tun_get_user() if the skb is empty
    - packet: in packet_do_bind, test fanout with bind_lock held
    - packet: only test po->has_vnet_hdr once in packet_snd
    - net: Set sk_prot_creator when cloning sockets to the right proto
    - tipc: use only positive error codes in messages
    - Revert "bsg-lib: don't free job in bsg_prepare_job"
    - locking/lockdep: Add nest_lock integrity test
    - watchdog: kempld: fix gcc-4.3 build
    - irqchip/crossbar: Fix incorrect type of local variables
    - mac80211_hwsim: check HWSIM_ATTR_RADIO_NAME length
    - mac80211: fix power saving clients handling in iwlwifi
    - net/mlx4_en: fix overflow in mlx4_en_init_timestamp()
    - netfilter: nf_ct_expect: Change __nf_ct_expect_check() return value.
    - iio: adc: xilinx: Fix error handling
    - Btrfs: send, fix failure to rename top level inode due to name collision
    - f2fs: do not wait for writeback in write_begin
    - md/linear: shutup lockdep warnning
    - sparc64: Migrate hvcons irq to panicked cpu
    - net/mlx4_core: Fix VF overwrite of module param which disables DMFS on new
      probed PFs
    - crypto: xts - Add ECB dependency
    - ocfs2/dlmglue: prepare tracking logic to avoid recursive cluster lock
    - slub: do not merge cache if slub_debug contains a never-merge flag
    - scsi: scsi_dh_emc: return success in clariion_std_inquiry()
    - net: mvpp2: release reference to txq_cpu[] entry after unmapping
    - i2c: at91: ensure state is restored after suspending
    - ceph: clean up unsafe d_parent accesses in build_dentry_path
    - uapi: fix linux/rds.h userspace compilation errors
    - uapi: fix linux/mroute6.h userspace compilation errors
    - target/iscsi: Fix unsolicited data seq_end_offset calculation
    - nfsd/callback: Cleanup callback cred on shutdown
    - cpufreq: CPPC: add ACPI_PROCESSOR dependency
    - Revert "tty: goldfish: Fix a parameter of a call to free_irq"
    - Linux 4.4.94

Superseded in trusty-security on 2017-11-20
Superseded in trusty-updates on 2017-11-20
Deleted in trusty-proposed (Reason: moved to -updates)
linux-lts-xenial (4.4.0-98.121~14.04.1) trusty; urgency=low

  * linux-lts-xenial: 4.4.0-98.121~14.04.1 -proposed tracker (LP: #1722301)

  * linux: 4.4.0-98.121 -proposed tracker (LP: #1722299)

  * Controller lockup detected on ProLiant DL380 Gen9 with P440 Controller
    (LP: #1720359)
    - scsi: hpsa: limit transfer length to 1MB

  * [Dell Docking IE][0bda:8153] Realtek USB Ethernet leads to system hang
    (LP: #1720977)
    - r8152: fix the list rx_done may be used without initialization

  * Add installer support for Broadcom BCM573xx network drivers. (LP: #1720466)
    - d-i: Add bnxt_en to nic-modules.

  * snapcraft.yaml: add dpkg-dev to the build deps (LP: #1718886)
    - snapcraft.yaml: add dpkg-dev to the build deps

  * Support setting I2C_TIMEOUT via ioctl for i2c-designware (LP: #1718578)
    - i2c: designware: Use transfer timeout from ioctl I2C_TIMEOUT

  * 5U84 - ses driver isn't binding right - cannot blink lights on 1 of the 2
    5u84 (LP: #1693369)
    - scsi_transport_sas: add function to get SAS endpoint address
    - ses: fix discovery of SATA devices in SAS enclosures
    - scsi: sas: provide stub implementation for scsi_is_sas_rphy
    - scsi: ses: Fix SAS device detection in enclosure

  * multipath -ll is not showing the disks which are actually multipath
    (LP: #1718397)
    - fs: aio: fix the increment of aio-nr and counting against aio-max-nr

  * Support Dell Wireless DW5819/5818 WWAN devices (LP: #1721455)
    - SAUCE: USB: serial: qcserial: add Dell DW5818, DW5819

  * CVE-2017-10911
    - xen-blkback: don't leak stack data via response ring

  * implement 'complain mode' in seccomp for developer mode with snaps
    (LP: #1567597)
    - seccomp: Provide matching filter for introspection
    - seccomp: Sysctl to display available actions
    - seccomp: Operation for checking if an action is available
    - seccomp: Sysctl to configure actions that are allowed to be logged
    - seccomp: Selftest for detection of filter flag support
    - seccomp: Action to log before allowing

  * implement errno action logging in seccomp for strict mode with snaps
    (LP: #1721676)
    - seccomp: Provide matching filter for introspection
    - seccomp: Sysctl to display available actions
    - seccomp: Operation for checking if an action is available
    - seccomp: Sysctl to configure actions that are allowed to be logged
    - seccomp: Selftest for detection of filter flag support
    - seccomp: Filter flag to log all actions except SECCOMP_RET_ALLOW

  * [Xenial] update OpenNSL kernel modules to 6.5.10 (LP: #1721511)
    - SAUCE: update OpenNSL kernel modules to 6.5.10

  * Xenial update to 4.4.90 stable release (LP: #1721550)
    - cifs: release auth_key.response for reconnect.
    - mac80211: flush hw_roc_start work before cancelling the ROC
    - KVM: PPC: Book3S: Fix race and leak in kvm_vm_ioctl_create_spapr_tce()
    - tracing: Fix trace_pipe behavior for instance traces
    - tracing: Erase irqsoff trace with empty write
    - md/raid5: fix a race condition in stripe batch
    - md/raid5: preserve STRIPE_ON_UNPLUG_LIST in break_stripe_batch_list
    - scsi: scsi_transport_iscsi: fix the issue that iscsi_if_rx doesn't parse
      nlmsg properly
    - crypto: talitos - Don't provide setkey for non hmac hashing algs.
    - crypto: talitos - fix sha224
    - KEYS: fix writing past end of user-supplied buffer in keyring_read()
    - KEYS: prevent creating a different user's keyrings
    - KEYS: prevent KEYCTL_READ on negative key
    - powerpc/pseries: Fix parent_dn reference leak in add_dt_node()
    - Fix SMB3.1.1 guest authentication to Samba
    - SMB: Validate negotiate (to protect against downgrade) even if signing off
    - SMB3: Don't ignore O_SYNC/O_DSYNC and O_DIRECT flags
    - vfs: Return -ENXIO for negative SEEK_HOLE / SEEK_DATA offsets
    - nl80211: check for the required netlink attributes presence
    - bsg-lib: don't free job in bsg_prepare_job
    - seccomp: fix the usage of get/put_seccomp_filter() in seccomp_get_filter()
    - arm64: Make sure SPsel is always set
    - arm64: fault: Route pte translation faults via do_translation_fault
    - KVM: VMX: Do not BUG() on out-of-bounds guest IRQ
    - kvm: nVMX: Don't allow L2 to access the hardware CR8
    - PCI: Fix race condition with driver_override
    - btrfs: fix NULL pointer dereference from free_reloc_roots()
    - btrfs: propagate error to btrfs_cmp_data_prepare caller
    - btrfs: prevent to set invalid default subvolid
    - x86/fpu: Don't let userspace set bogus xcomp_bv
    - gfs2: Fix debugfs glocks dump
    - timer/sysclt: Restrict timer migration sysctl values to 0 and 1
    - KVM: VMX: do not change SN bit in vmx_update_pi_irte()
    - KVM: VMX: remove WARN_ON_ONCE in kvm_vcpu_trigger_posted_interrupt
    - cxl: Fix driver use count
    - dmaengine: mmp-pdma: add number of requestors
    - ARM: pxa: add the number of DMA requestor lines
    - ARM: pxa: fix the number of DMA requestor lines
    - KVM: VMX: use cmpxchg64
    - video: fbdev: aty: do not leak uninitialized padding in clk to userspace
    - swiotlb-xen: implement xen_swiotlb_dma_mmap callback
    - fix xen_swiotlb_dma_mmap prototype
    - Linux 4.4.90

  * Xenial update to 4.4.89 stable release (LP: #1721477)
    - ipv6: accept 64k - 1 packet length in ip6_find_1stfragopt()
    - ipv6: add rcu grace period before freeing fib6_node
    - ipv6: fix sparse warning on rt6i_node
    - qlge: avoid memcpy buffer overflow
    - Revert "net: phy: Correctly process PHY_HALTED in phy_stop_machine()"
    - Revert "net: use lib/percpu_counter API for fragmentation mem accounting"
    - Revert "net: fix percpu memory leaks"
    - gianfar: Fix Tx flow control deactivation
    - ipv6: fix memory leak with multiple tables during netns destruction
    - ipv6: fix typo in fib6_net_exit()
    - f2fs: check hot_data for roll-forward recovery
    - x86/fsgsbase/64: Report FSBASE and GSBASE correctly in core dumps
    - md/raid5: release/flush io in raid5_do_work()
    - nfsd: Fix general protection fault in release_lock_stateid()
    - mm: prevent double decrease of nr_reserved_highatomic
    - tty: improve tty_insert_flip_char() fast path
    - tty: improve tty_insert_flip_char() slow path
    - tty: fix __tty_insert_flip_char regression
    - Input: i8042 - add Gigabyte P57 to the keyboard reset table
    - MIPS: math-emu: <MAX|MAXA|MIN|MINA>.<D|S>: Fix quiet NaN propagation
    - MIPS: math-emu: <MAX|MAXA|MIN|MINA>.<D|S>: Fix cases of both inputs zero
    - MIPS: math-emu: <MAX|MIN>.<D|S>: Fix cases of both inputs negative
    - MIPS: math-emu: <MAXA|MINA>.<D|S>: Fix cases of input values with opposite
      signs
    - MIPS: math-emu: <MAXA|MINA>.<D|S>: Fix cases of both infinite inputs
    - MIPS: math-emu: MINA.<D|S>: Fix some cases of infinity and zero inputs
    - crypto: AF_ALG - remove SGL terminator indicator when chaining
    - ext4: fix incorrect quotaoff if the quota feature is enabled
    - ext4: fix quota inconsistency during orphan cleanup for read-only mounts
    - powerpc: Fix DAR reporting when alignment handler faults
    - block: Relax a check in blk_start_queue()
    - md/bitmap: disable bitmap_resize for file-backed bitmaps.
    - skd: Avoid that module unloading triggers a use-after-free
    - skd: Submit requests to firmware before triggering the doorbell
    - scsi: zfcp: fix queuecommand for scsi_eh commands when DIX enabled
    - scsi: zfcp: add handling for FCP_RESID_OVER to the fcp ingress path
    - scsi: zfcp: fix capping of unsuccessful GPN_FT SAN response trace records
    - scsi: zfcp: fix passing fsf_req to SCSI trace on TMF to correlate with HBA
    - scsi: zfcp: fix missing trace records for early returns in TMF eh handlers
    - scsi: zfcp: fix payload with full FCP_RSP IU in SCSI trace records
    - scsi: zfcp: trace HBA FSF response by default on dismiss or timedout late
      response
    - scsi: zfcp: trace high part of "new" 64 bit SCSI LUN
    - scsi: megaraid_sas: Check valid aen class range to avoid kernel panic
    - scsi: megaraid_sas: Return pended IOCTLs with cmd_status
      MFI_STAT_WRONG_STATE in case adapter is dead
    - scsi: storvsc: fix memory leak on ring buffer busy
    - scsi: sg: remove 'save_scat_len'
    - scsi: sg: use standard lists for sg_requests
    - scsi: sg: off by one in sg_ioctl()
    - scsi: sg: factor out sg_fill_request_table()
    - scsi: sg: fixup infoleak when using SG_GET_REQUEST_TABLE
    - scsi: qla2xxx: Fix an integer overflow in sysfs code
    - ftrace: Fix selftest goto location on error
    - tracing: Apply trace_clock changes to instance max buffer
    - ARC: Re-enable MMU upon Machine Check exception
    - PCI: shpchp: Enable bridge bus mastering if MSI is enabled
    - media: v4l2-compat-ioctl32: Fix timespec conversion
    - media: uvcvideo: Prevent heap overflow when accessing mapped controls
    - bcache: initialize dirty stripes in flash_dev_run()
    - bcache: Fix leak of bdev reference
    - bcache: do not subtract sectors_to_gc for bypassed IO
    - bcache: correct cache_dirty_target in __update_writeback_rate()
    - bcache: Correct return value for sysfs attach errors
    - bcache: fix for gc and write-back race
    - bcache: fix bch_hprint crash and improve output
    - ftrace: Fix memleak when unregistering dynamic ops when tracing disabled
    - Linux 4.4.89

  * ETPS/2 Elantech Touchpad inconsistently detected (Gigabyte P57W laptop)
    (LP: #1594214)
    - Input: i8042 - add Gigabyte P57 to the keyboard reset table

  * Xenial update to 4.4.88 stable release (LP: #1718195)
    - usb: quirks: add delay init quirk for Corsair Strafe RGB keyboard
    - USB: serial: option: add support for D-Link DWM-157 C1
    - usb: Add device quirk for Logitech HD Pro Webcam C920-C
    - usb:xhci:Fix regression when ATI chipsets detected
    - USB: core: Avoid race of async_completed() w/ usbdev_release()
    - staging/rts5208: fix incorrect shift to extract upper nybble
    - driver core: bus: Fix a potential double free
    - intel_th: pci: Add Cannon Lake PCH-H support
    - intel_th: pci: Add Cannon Lake PCH-LP support
    - ath10k: fix memory leak in rx ring buffer allocation
    - rtlwifi: rtl_pci_probe: Fix fail path of _rtl_pci_find_adapter
    - Bluetooth: Add support of 13d3:3494 RTL8723BE device
    - dlm: avoid double-free on error path in dlm_device_{register,unregister}
    - mwifiex: correct channel stat buffer overflows
    - drm/nouveau/pci/msi: disable MSI on big-endian platforms by default
    - workqueue: Fix flag collision
    - cs5536: add support for IDE controller variant
    - scsi: sg: protect against races between mmap() and SG_SET_RESERVED_SIZE
    - scsi: sg: recheck MMAP_IO request length with lock held
    - drm: adv7511: really enable interrupts for EDID detection
    - drm/bridge: adv7511: Fix mutex deadlock when interrupts are disabled
    - drm/bridge: adv7511: Use work_struct to defer hotplug handing to out of irq
      context
    - drm/bridge: adv7511: Switch to using drm_kms_helper_hotplug_event()
    - drm/bridge: adv7511: Re-write the i2c address before EDID probing
    - btrfs: resume qgroup rescan on rw remount
    - locktorture: Fix potential memory leak with rw lock test
    - ALSA: msnd: Optimize / harden DSP and MIDI loops
    - ARM: 8692/1: mm: abort uaccess retries upon fatal signal
    - NFS: Fix 2 use after free issues in the I/O code
    - xfs: XFS_IS_REALTIME_INODE() should be false if no rt device present
    - Linux 4.4.88

  * Kernel has troule recognizing Corsair Strafe RGB keyboard (LP: #1678477)
    - usb: quirks: add delay init quirk for Corsair Strafe RGB keyboard

 -- Thadeu Lima de Souza Cascardo <email address hidden>  Tue, 10 Oct 2017 08:52:24 -0300
Superseded in trusty-security on 2017-10-30
Superseded in trusty-updates on 2017-10-30
Deleted in trusty-proposed (Reason: moved to -updates)
linux-lts-xenial (4.4.0-97.120~14.04.1) trusty; urgency=low

  * linux-lts-xenial: 4.4.0-97.120~14.04.1 -proposed tracker (LP: #1718151)

  * linux: 4.4.0-97.120 -proposed tracker (LP: #1718149)

  * blk-mq: possible deadlock on CPU hot(un)plug (LP: #1670634)
    - [Config] s390x -- disable CONFIG_{DM, SCSI}_MQ_DEFAULT

  * Xenial update to 4.4.87 stable release (LP: #1715678)
    - irqchip: mips-gic: SYNC after enabling GIC region
    - i2c: ismt: Don't duplicate the receive length for block reads
    - i2c: ismt: Return EMSGSIZE for block reads with bogus length
    - ceph: fix readpage from fscache
    - cpumask: fix spurious cpumask_of_node() on non-NUMA multi-node configs
    - cpuset: Fix incorrect memory_pressure control file mapping
    - alpha: uapi: Add support for __SANE_USERSPACE_TYPES__
    - CIFS: remove endian related sparse warning
    - wl1251: add a missing spin_lock_init()
    - xfrm: policy: check policy direction value
    - drm/ttm: Fix accounting error when fail to get pages for pool
    - kvm: arm/arm64: Fix race in resetting stage2 PGD
    - kvm: arm/arm64: Force reading uncached stage2 PGD
    - epoll: fix race between ep_poll_callback(POLLFREE) and ep_free()/ep_remove()
    - crypto: algif_skcipher - only call put_page on referenced and used pages
    - Linux 4.4.87

  * Xenial update to 4.4.86 stable release (LP: #1715430)
    - scsi: isci: avoid array subscript warning
    - ALSA: au88x0: Fix zero clear of stream->resources
    - btrfs: remove duplicate const specifier
    - i2c: jz4780: drop superfluous init
    - gcov: add support for gcc version >= 6
    - gcov: support GCC 7.1
    - lightnvm: initialize ppa_addr in dev_to_generic_addr()
    - p54: memset(0) whole array
    - lpfc: Fix Device discovery failures during switch reboot test.
    - arm64: mm: abort uaccess retries upon fatal signal
    - x86/io: Add "memory" clobber to insb/insw/insl/outsb/outsw/outsl
    - arm64: fpsimd: Prevent registers leaking across exec
    - scsi: sg: protect accesses to 'reserved' page array
    - scsi: sg: reset 'res_in_use' after unlinking reserved array
    - drm/i915: fix compiler warning in drivers/gpu/drm/i915/intel_uncore.c
    - Linux 4.4.86

  * Xenial update to 4.4.85 stable release (LP: #1714298)
    - af_key: do not use GFP_KERNEL in atomic contexts
    - dccp: purge write queue in dccp_destroy_sock()
    - dccp: defer ccid_hc_tx_delete() at dismantle time
    - ipv4: fix NULL dereference in free_fib_info_rcu()
    - net_sched/sfq: update hierarchical backlog when drop packet
    - ipv4: better IP_MAX_MTU enforcement
    - sctp: fully initialize the IPv6 address in sctp_v6_to_addr()
    - tipc: fix use-after-free
    - ipv6: reset fn->rr_ptr when replacing route
    - ipv6: repair fib6 tree in failure case
    - tcp: when rearming RTO, if RTO time is in past then fire RTO ASAP
    - irda: do not leak initialized list.dev to userspace
    - net: sched: fix NULL pointer dereference when action calls some targets
    - net_sched: fix order of queue length updates in qdisc_replace()
    - mei: me: add broxton pci device ids
    - mei: me: add lewisburg device ids
    - Input: trackpoint - add new trackpoint firmware ID
    - Input: elan_i2c - add ELAN0602 ACPI ID to support Lenovo Yoga310
    - ALSA: core: Fix unexpected error at replacing user TLV
    - ALSA: hda - Add stereo mic quirk for Lenovo G50-70 (17aa:3978)
    - ARCv2: PAE40: Explicitly set MSB counterpart of SLC region ops addresses
    - i2c: designware: Fix system suspend
    - drm: Release driver tracking before making the object available again
    - drm/atomic: If the atomic check fails, return its value first
    - drm: rcar-du: lvds: Fix PLL frequency-related configuration
    - drm: rcar-du: lvds: Rename PLLEN bit to PLLON
    - drm: rcar-du: Fix crash in encoder failure error path
    - drm: rcar-du: Fix display timing controller parameter
    - drm: rcar-du: Fix H/V sync signal polarity configuration
    - tracing: Fix freeing of filter in create_filter() when set_str is false
    - cifs: Fix df output for users with quota limits
    - cifs: return ENAMETOOLONG for overlong names in cifs_open()/cifs_lookup()
    - nfsd: Limit end of page list when decoding NFSv4 WRITE
    - perf/core: Fix group {cpu,task} validation
    - Bluetooth: hidp: fix possible might sleep error in hidp_session_thread
    - Bluetooth: cmtp: fix possible might sleep error in cmtp_session
    - Bluetooth: bnep: fix possible might sleep error in bnep_session
    - binder: use group leader instead of open thread
    - binder: Use wake up hint for synchronous transactions.
    - ANDROID: binder: fix proc->tsk check.
    - iio: imu: adis16480: Fix acceleration scale factor for adis16480
    - iio: hid-sensor-trigger: Fix the race with user space powering up sensors
    - staging: rtl8188eu: add RNX-N150NUB support
    - ASoC: simple-card: don't fail if sysclk setting is not supported
    - ASoC: rsnd: disable SRC.out only when stop timing
    - ASoC: rsnd: avoid pointless loop in rsnd_mod_interrupt()
    - ASoC: rsnd: Add missing initialization of ADG req_rate
    - ASoC: rsnd: ssi: 24bit data needs right-aligned settings
    - ASoC: rsnd: don't call update callback if it was NULL
    - ntb_transport: fix qp count bug
    - ntb_transport: fix bug calculating num_qps_mw
    - ACPI: ioapic: Clear on-stack resource before using it
    - ACPI / APEI: Add missing synchronize_rcu() on NOTIFY_SCI removal
    - Linux 4.4.85

  * Xenial update to 4.4.84 stable release (LP: #1713729)
    - audit: Fix use after free in audit_remove_watch_rule()
    - parisc: pci memory bar assignment fails with 64bit kernels on dino/cujo
    - crypto: x86/sha1 - Fix reads beyond the number of blocks passed
    - Input: elan_i2c - Add antoher Lenovo ACPI ID for upcoming Lenovo NB
    - ALSA: seq: 2nd attempt at fixing race creating a queue
    - Revert "UBUNTU: SAUCE: (no-up) ALSA: usb-audio: Add quirk for sennheiser
      officerunner"
    - ALSA: usb-audio: Apply sample rate quirk to Sennheiser headset
    - ALSA: usb-audio: Add mute TLV for playback volumes on C-Media devices
    - mm/mempolicy: fix use after free when calling get_mempolicy
    - xen: fix bio vec merging
    - x86/asm/64: Clear AC on NMI entries
    - irqchip/atmel-aic: Fix unbalanced of_node_put() in aic_common_irq_fixup()
    - irqchip/atmel-aic: Fix unbalanced refcount in aic_common_rtc_irq_fixup()
    - Sanitize 'move_pages()' permission checks
    - pids: make task_tgid_nr_ns() safe
    - perf/x86: Fix LBR related crashes on Intel Atom
    - usb: optimize acpi companion search for usb port devices
    - usb: qmi_wwan: add D-Link DWM-222 device ID
    - Linux 4.4.84

  * Intel i40e PF reset due to incorrect MDD detection (LP: #1713553)
    - i40e: Limit TX descriptor count in cases where frag size is greater than 16K

  * Neighbour confirmation broken, breaks ARP cache aging (LP: #1715812)
    - sock: add sk_dst_pending_confirm flag
    - net: add dst_pending_confirm flag to skbuff
    - sctp: add dst_pending_confirm flag
    - tcp: replace dst_confirm with sk_dst_confirm
    - net: add confirm_neigh method to dst_ops
    - net: use dst_confirm_neigh for UDP, RAW, ICMP, L2TP
    - net: pending_confirm is not used anymore

  * CVE-2017-14106
    - tcp: initialize rcv_mss to TCP_MIN_MSS instead of 0

  * [CIFS] Fix maximum SMB2 header size (LP: #1713884)
    - CIFS: Fix maximum SMB2 header size

  * Middle button of trackpoint doesn't work (LP: #1715271)
    - Input: trackpoint - assume 3 buttons when buttons detection fails

  * kernel BUG at /build/linux-lts-xenial-_hWfOZ/linux-lts-
    xenial-4.4.0/security/apparmor/include/context.h:69! (LP: #1626984)
    - SAUCE: fix oops when disabled and module parameters, are accessed

  * Touchpad not detected (LP: #1708852)
    - Input: elan_i2c - add ELAN0608 to the ACPI table

 -- Kleber Sacilotto de Souza <email address hidden>  Wed, 20 Sep 2017 17:10:46 +0200
Superseded in trusty-security on 2017-10-10
Superseded in trusty-updates on 2017-10-10
Deleted in trusty-proposed (Reason: moved to -updates)
linux-lts-xenial (4.4.0-96.119~14.04.1) trusty; urgency=low

  * linux-lts-xenial: 4.4.0-96.119~14.04.1 -proposed tracker (LP: #1716614)

  * linux: 4.4.0-96.119 -proposed tracker (LP: #1716613)

  * kernel panic -not syncing: Fatal exception: panic_on_oops (LP: #1708399)
    - s390/mm: no local TLB flush for clearing-by-ASCE IDTE
    - SAUCE: s390/mm: fix local TLB flushing vs. detach of an mm address space
    - SAUCE: s390/mm: fix race on mm->context.flush_mm

  * CVE-2017-1000251
    - Bluetooth: Properly check L2CAP config option output buffer length

Deleted in trusty-proposed on 2017-09-15 (Reason: NBS)
linux-lts-xenial (4.4.0-95.118~14.04.1) trusty; urgency=low

  * linux-lts-xenial: 4.4.0-95.118~14.04.1 -proposed tracker (LP: #1715652)

  * linux: 4.4.0-95.118 -proposed tracker (LP: #1715651)

  * Xenial update to 4.4.78 stable release broke Address Sanitizer
    (LP: #1715636)
    - mm: revert x86_64 and arm64 ELF_ET_DYN_BASE base changes

Deleted in trusty-proposed on 2017-09-12 (Reason: NBS)
linux-lts-xenial (4.4.0-94.117~14.04.1) trusty; urgency=low

  * linux-lts-xenial: 4.4.0-94.117~14.04.1 -proposed tracker (LP: #1713463)

  * linux: 4.4.0-94.117 -proposed tracker (LP: #1713462)

  * mwifiex causes kernel oops when AP mode is enabled (LP: #1712746)
    - SAUCE: net/wireless: do not dereference invalid pointer
    - SAUCE: mwifiex: do not dereference invalid pointer

  * Backport more recent Broadcom bnxt_en driver (LP: #1711056)
    - SAUCE: bnxt_en_bpo: Import bnxt_en driver version 1.8.1
    - SAUCE: bnxt_en_bpo: Drop distro out-of-tree detection logic
    - SAUCE: bnxt_en_bpo: Remove unnecessary compile flags
    - SAUCE: bnxt_en_bpo: Move config settings to Kconfig
    - SAUCE: bnxt_en_bpo: Remove PCI_IDs handled by the regular driver
    - SAUCE: bnxt_en_bpo: Rename the backport driver to bnxt_en_bpo
    - bnxt_en_bpo: [Config] Enable CONFIG_BNXT_BPO=m

  * HID: multitouch: Support ALPS PTP Stick and Touchpad devices (LP: #1712481)
    - HID: multitouch: Support PTP Stick and Touchpad device
    - SAUCE: HID: multitouch: Support ALPS PTP stick with pid 0x120A

  * igb: Support using Broadcom 54616 as PHY (LP: #1712024)
    - SAUCE: igb: add support for using Broadcom 54616 as PHY

  * IPR driver causes multipath to fail paths/stuck IO on Medium Errors
    (LP: #1682644)
    - scsi: ipr: do not set DID_PASSTHROUGH on CHECK CONDITION

  * accessing /dev/hvc1 with stress-ng on Ubuntu xenial causes crash
    (LP: #1711401)
    - tty/hvc: Use IRQF_SHARED for OPAL hvc consoles

  * memory-hotplug test needs to be fixed (LP: #1710868)
    - selftests: typo correction for memory-hotplug test
    - selftests: check hot-pluggagble memory for memory-hotplug test
    - selftests: check percentage range for memory-hotplug test
    - selftests: add missing test name in memory-hotplug test
    - selftests: fix memory-hotplug test

  * HP lt4132 LTE/HSPA+ 4G Module (03f0:a31d) does not work (LP: #1707643)
    - net: cdc_mbim: apply "NDP to end" quirk to HP lt4132

  * Migrating KSM page causes the VM lock up as the KSM page merging list is too
    large (LP: #1680513)
    - ksm: introduce ksm_max_page_sharing per page deduplication limit
    - ksm: fix use after free with merge_across_nodes = 0
    - ksm: cleanup stable_node chain collapse case
    - ksm: swap the two output parameters of chain/chain_prune
    - ksm: optimize refile of stable_node_dup at the head of the chain

  * sort ABI files with C.UTF-8 locale (LP: #1712345)
    - [Packaging] sort ABI files with C.UTF-8 locale

  * Include Broadcom GPL modules in Xenial Kernel (LP: #1665783)
    - [Config] OpenNSL Kconfig/Makefile
    - Import OpenNSL v3.1.0.17
    - [Config] CONFIG_OPENNSL=y for amd64
    - OpenNSL: Enable Kconfig and build
    - SAUCE: opennsl: add proper CFLAGS

  * Xenial update to 4.4.83 stable release (LP: #1711557)
    - cpuset: fix a deadlock due to incomplete patching of cpusets_enabled()
    - mm: ratelimit PFNs busy info message
    - iscsi-target: fix memory leak in iscsit_setup_text_cmd()
    - iscsi-target: Fix iscsi_np reset hung task during parallel delete
    - fuse: initialize the flock flag in fuse_file on allocation
    - nfs/flexfiles: fix leak of nfs4_ff_ds_version arrays
    - USB: serial: option: add D-Link DWM-222 device ID
    - USB: serial: cp210x: add support for Qivicon USB ZigBee dongle
    - USB: serial: pl2303: add new ATEN device id
    - usb: musb: fix tx fifo flush handling again
    - USB: hcd: Mark secondary HCD as dead if the primary one died
    - staging:iio:resolver:ad2s1210 fix negative IIO_ANGL_VEL read
    - iio: accel: bmc150: Always restore device to normal mode after suspend-
      resume
    - iio: light: tsl2563: use correct event code
    - uas: Add US_FL_IGNORE_RESIDUE for Initio Corporation INIC-3069
    - USB: Check for dropped connection before switching to full speed
    - usb: core: unlink urbs from the tail of the endpoint's urb_list
    - usb: quirks: Add no-lpm quirk for Moshi USB to Ethernet Adapter
    - usb:xhci:Add quirk for Certain failing HP keyboard on reset after resume
    - iio: adc: vf610_adc: Fix VALT selection value for REFSEL bits
    - pnfs/blocklayout: require 64-bit sector_t
    - pinctrl: sunxi: add a missing function of A10/A20 pinctrl driver
    - pinctrl: samsung: Remove bogus irq_[un]mask from resource management
    - Linux 4.4.83

  * Xenial update to 4.4.82 stable release (LP: #1711535)
    - tcp: avoid setting cwnd to invalid ssthresh after cwnd reduction states
    - net: fix keepalive code vs TCP_FASTOPEN_CONNECT
    - bpf, s390: fix jit branch offset related to ldimm64
    - net: sched: set xt_tgchk_param par.nft_compat as 0 in ipt_init_target
    - tcp: fastopen: tcp_connect() must refresh the route
    - net: avoid skb_warn_bad_offload false positives on UFO
    - sparc64: Prevent perf from running during super critical sections
    - KVM: arm/arm64: Handle hva aging while destroying the vm
    - mm/mempool: avoid KASAN marking mempool poison checks as use-after-free
    - Linux 4.4.82

  * Xenial update to 4.4.81 stable release (LP: #1711526)
    - libata: array underflow in ata_find_dev()
    - workqueue: restore WQ_UNBOUND/max_active==1 to be ordered
    - ALSA: hda - Fix speaker output from VAIO VPCL14M1R
    - ASoC: do not close shared backend dailink
    - KVM: async_pf: make rcu irq exit if not triggered from idle task
    - mm/page_alloc: Remove kernel address exposure in free_reserved_area()
    - ext4: fix SEEK_HOLE/SEEK_DATA for blocksize < pagesize
    - ext4: fix overflow caused by missing cast in ext4_resize_fs()
    - ARM: dts: armada-38x: Fix irq type for pca955
    - media: platform: davinci: return -EINVAL for VPFE_CMD_S_CCDC_RAW_PARAMS
      ioctl
    - target: Avoid mappedlun symlink creation during lun shutdown
    - iscsi-target: Always wait for kthread_should_stop() before kthread exit
    - iscsi-target: Fix early sk_data_ready LOGIN_FLAGS_READY race
    - iscsi-target: Fix initial login PDU asynchronous socket close OOPs
    - iscsi-target: Fix delayed logout processing greater than
      SECONDS_FOR_LOGOUT_COMP
    - iser-target: Avoid isert_conn->cm_id dereference in isert_login_recv_done
    - mm, mprotect: flush TLB if potentially racing with a parallel reclaim
      leaving stale TLB entries
    - media: lirc: LIRC_GET_REC_RESOLUTION should return microseconds
    - f2fs: sanity check checkpoint segno and blkoff
    - drm: rcar-du: fix backport bug
    - saa7164: fix double fetch PCIe access condition
    - ipv4: ipv6: initialize treq->txhash in cookie_v[46]_check()
    - net: Zero terminate ifr_name in dev_ifname().
    - ipv6: avoid overflow of offset in ip6_find_1stfragopt
    - ipv4: initialize fib_trie prior to register_netdev_notifier call.
    - rtnetlink: allocate more memory for dev_set_mac_address()
    - mcs7780: Fix initialization when CONFIG_VMAP_STACK is enabled
    - openvswitch: fix potential out of bound access in parse_ct
    - packet: fix use-after-free in prb_retire_rx_blk_timer_expired()
    - ipv6: Don't increase IPSTATS_MIB_FRAGFAILS twice in ip6_fragment()
    - net: ethernet: nb8800: Handle all 4 RGMII modes identically
    - dccp: fix a memleak that dccp_ipv6 doesn't put reqsk properly
    - dccp: fix a memleak that dccp_ipv4 doesn't put reqsk properly
    - dccp: fix a memleak for dccp_feat_init err process
    - sctp: don't dereference ptr before leaving _sctp_walk_{params, errors}()
    - sctp: fix the check for _sctp_walk_params and _sctp_walk_errors
    - net/mlx5: Fix command bad flow on command entry allocation failure
    - net: phy: Correctly process PHY_HALTED in phy_stop_machine()
    - net: phy: Fix PHY unbind crash
    - xen-netback: correctly schedule rate-limited queues
    - sparc64: Measure receiver forward progress to avoid send mondo timeout
    - wext: handle NULL extra data in iwe_stream_add_point better
    - sh_eth: R8A7740 supports packet shecksumming
    - net: phy: dp83867: fix irq generation
    - tg3: Fix race condition in tg3_get_stats64().
    - x86/boot: Add missing declaration of string functions
    - phy state machine: failsafe leave invalid RUNNING state
    - scsi: qla2xxx: Get mutex lock before checking optrom_state
    - drm/virtio: fix framebuffer sparse warning
    - virtio_blk: fix panic in initialization error path
    - ARM: 8632/1: ftrace: fix syscall name matching
    - mm, slab: make sure that KMALLOC_MAX_SIZE will fit into MAX_ORDER
    - lib/Kconfig.debug: fix frv build failure
    - signal: protect SIGNAL_UNKILLABLE from unintentional clearing.
    - mm: don't dereference struct page fields of invalid pages
    - workqueue: implicit ordered attribute should be overridable
    - Linux 4.4.81

  * Xenial update to 4.4.80 stable release (LP: #1710646)
    - af_key: Add lock to key dump
    - pstore: Make spinlock per zone instead of global
    - powerpc/pseries: Fix of_node_put() underflow during reconfig remove
    - crypto: authencesn - Fix digest_null crash
    - md/raid5: add thread_group worker async_tx_issue_pending_all
    - drm/vmwgfx: Fix gcc-7.1.1 warning
    - drm/nouveau/bar/gf100: fix access to upper half of BAR2
    - KVM: PPC: Book3S HV: Context-switch EBB registers properly
    - KVM: PPC: Book3S HV: Restore critical SPRs to host values on guest exit
    - KVM: PPC: Book3S HV: Reload HTM registers explicitly
    - KVM: PPC: Book3S HV: Save/restore host values of debug registers
    - Revert "powerpc/numa: Fix percpu allocations to be NUMA aware"
    - Staging: comedi: comedi_fops: Avoid orphaned proc entry
    - drm/rcar: Nuke preclose hook
    - drm: rcar-du: Perform initialization/cleanup at probe/remove time
    - drm: rcar-du: Simplify and fix probe error handling
    - perf intel-pt: Fix ip compression
    - perf intel-pt: Fix last_ip usage
    - perf intel-pt: Use FUP always when scanning for an IP
    - perf intel-pt: Ensure never to set 'last_ip' when packet 'count' is zero
    - xfs: don't BUG() on mixed direct and mapped I/O
    - nfc: fdp: fix NULL pointer dereference
    - net: phy: Do not perform software reset for Generic PHY
    - isdn: Fix a sleep-in-atomic bug
    - isdn/i4l: fix buffer overflow
    - ath10k: fix null deref on wmi-tlv when trying spectral scan
    - wil6210: fix deadlock when using fw_no_recovery option
    - mailbox: always wait in mbox_send_message for blocking Tx mode
    - mailbox: skip complete wait event if timer expired
    - mailbox: handle empty message in tx_tick
    - mpt3sas: Don't overreach ioc->reply_post[] during initialization
    - kaweth: fix firmware download
    - kaweth: fix oops upon failed memory allocation
    - sched/cgroup: Move sched_online_group() back into css_online() to fix crash
    - PM / Domains: defer dev_pm_domain_set() until genpd->attach_dev succeeds if
      present
    - RDMA/uverbs: Fix the check for port number
    - libnvdimm, btt: fix btt_rw_page not returning errors
    - ipmi/watchdog: fix watchdog timeout set on reboot
    - v4l: s5c73m3: fix negation operator
    - pstore: Allow prz to control need for locking
    - pstore: Correctly initialize spinlock and flags
    - pstore: Use dynamic spinlock initializer
    - net: skb_needs_check() accepts CHECKSUM_NONE for tx
    - sched/cputime: Fix prev steal time accouting during CPU hotplug
    - xen/blkback: don't free be structure too early
    - xen/blkback: don't use xen_blkif_get() in xen-blkback kthread
    - tpm: fix a kernel memory leak in tpm-sysfs.c
    - tpm: Replace device number bitmap with IDR
    - x86/mce/AMD: Make the init code more robust
    - r8169: add support for RTL8168 series add-on card.
    - ARM: dts: n900: Mark eMMC slot with no-sdio and no-sd flags
    - net/mlx4: Remove BUG_ON from ICM allocation routine
    - drm/msm: Ensure that the hardware write pointer is valid
    - drm/msm: Verify that MSM_SUBMIT_BO_FLAGS are set
    - vfio-pci: use 32-bit comparisons for register address for gcc-4.5
    - irqchip/keystone: Fix "scheduling while atomic" on rt
    - ASoC: tlv320aic3x: Mark the RESET register as volatile
    - spi: dw: Make debugfs name unique between instances
    - ASoC: nau8825: fix invalid configuration in Pre-Scalar of FLL
    - irqchip/mxs: Enable SKIP_SET_WAKE and MASK_ON_SUSPEND
    - openrisc: Add _text symbol to fix ksym build error
    - dmaengine: ioatdma: Add Skylake PCI Dev ID
    - dmaengine: ioatdma: workaround SKX ioatdma version
    - dmaengine: ti-dma-crossbar: Add some 'of_node_put()' in error path.
    - ARM64: zynqmp: Fix W=1 dtc 1.4 warnings
    - ARM64: zynqmp: Fix i2c node's compatible string
    - ARM: s3c2410_defconfig: Fix invalid values for NF_CT_PROTO_*
    - ACPI / scan: Prefer devices without _HID/_CID for _ADR matching
    - usb: gadget: Fix copy/pasted error message
    - Btrfs: adjust outstanding_extents counter properly when dio write is split
    - tools lib traceevent: Fix prev/next_prio for deadline tasks
    - xfrm: Don't use sk_family for socket policy lookups
    - perf tools: Install tools/lib/traceevent plugins with install-bin
    - perf symbols: Robustify reading of build-id from sysfs
    - video: fbdev: cobalt_lcdfb: Handle return NULL error from devm_ioremap
    - vfio-pci: Handle error from pci_iomap
    - arm64: mm: fix show_pte KERN_CONT fallout
    - nvmem: imx-ocotp: Fix wrong register size
    - sh_eth: enable RX descriptor word 0 shift on SH7734
    - ALSA: usb-audio: test EP_FLAG_RUNNING at urb completion
    - HID: ignore Petzl USB headlamp
    - scsi: fnic: Avoid sending reset to firmware when another reset is in
      progress
    - scsi: snic: Return error code on memory allocation failure
    - ASoC: dpcm: Avoid putting stream state to STOP when FE stream is paused
    - Linux 4.4.80

  * Please only recommend or suggest initramfs-tools | linux-initramfs-tool for
    kernels able to boot without initramfs (LP: #1700972)
    - [Debian] Don't depend on initramfs-tools

 -- Kleber Sacilotto de Souza <email address hidden>  Mon, 28 Aug 2017 17:07:08 +0200
Superseded in trusty-security on 2017-09-18
Superseded in trusty-updates on 2017-09-18
Deleted in trusty-proposed (Reason: moved to -updates)
linux-lts-xenial (4.4.0-93.116~14.04.1) trusty; urgency=low

  * linux-lts-xenial: 4.4.0-93.116~14.04.1 -proposed tracker (LP: #1709297)

  * linux: 4.4.0-93.116 -proposed tracker (LP: #1709296)

  * Creating conntrack entry failure with kernel 4.4.0-89 (LP: #1709032)
    - Revert "Revert "netfilter: synproxy: fix conntrackd interaction""
    - netfilter: nf_ct_ext: fix possible panic after nf_ct_extend_unregister

  * CVE-2017-1000112
    - Revert "udp: consistently apply ufo or fragmentation"
    - udp: consistently apply ufo or fragmentation

  * CVE-2017-1000111
    - Revert "net-packet: fix race in packet_set_ring on PACKET_RESERVE"
    - packet: fix tp_reserve race in packet_set_ring

  * kernel BUG at [tty_ldisc_reinit] mm/slub.c! (LP: #1709126)
    - tty: Simplify tty_set_ldisc() exit handling
    - tty: Reset c_line from driver's init_termios
    - tty: Handle NULL tty->ldisc
    - tty: Move tty_ldisc_kill()
    - tty: Use 'disc' for line discipline index name
    - tty: Refactor tty_ldisc_reinit() for reuse
    - tty: Destroy ldisc instance on hangup

  * atheros bt failed after S3 (LP: #1706833)
    - SAUCE: Bluetooth: Make request workqueue freezable

  * The Precision Touchpad(PTP) button sends incorrect event code (LP: #1708372)
    - HID: multitouch: handle external buttons for Precision Touchpads

  * Set CONFIG_SATA_HIGHBANK=y on armhf (LP: #1703430)
    - [Config] CONFIG_SATA_HIGHBANK=y

  * xfs slab objects (memory) leak when xfs shutdown is called (LP: #1706132)
    - xfs: fix xfs_log_ticket leak in xfs_end_io() after fs shutdown

  * Adt tests of src:linux time out often on armhf lxc containers (LP: #1705495)
    - [Packaging] tests -- reduce rebuild test to one flavour

  * CVE-2017-7495
    - ext4: fix data exposure after a crash

  * ubuntu/rsi driver downlink wifi throughput drops to 5-6 Mbps when BT
    keyboard is connected (LP: #1706991)
    - SAUCE: Redpine: enable power save by default for coex mode
    - SAUCE: Redpine: uapsd configuration changes

  * [Hyper-V] hv_netvsc: Exclude non-TCP port numbers from vRSS hashing
    (LP: #1690174)
    - hv_netvsc: Exclude non-TCP port numbers from vRSS hashing

  * ath10k doesn't report full RSSI information (LP: #1706531)
    - ath10k: add per chain RSSI reporting

  * ideapad_laptop don't support v310-14isk (LP: #1705378)
    - platform/x86: ideapad-laptop: Add several models to no_hw_rfkill

  * [8087:0a2b] Failed to load bluetooth firmware(might affect some other Intel
    bt devices) (LP: #1705633)
    - Bluetooth: btintel: Create common Intel Version Read function
    - Bluetooth: Use switch statement for Intel hardware variants
    - Bluetooth: Replace constant hw_variant from Intel Bluetooth firmware
      filename
    - Bluetooth: hci_intel: Fix firmware file name to use hw_variant
    - Bluetooth: btintel: Add MODULE_FIRMWARE entries for iBT 3.5 controllers

  * xhci_hcd: ERROR Transfer event TRB DMA ptr not part of current TD ep_index 2
    comp_code 13 (LP: #1667750)
    - xhci: Bad Ethernet performance plugged in ASM1042A host

  * OpenPower: Some multipaths temporarily have only a single path
    (LP: #1696445)
    - scsi: ses: don't get power status of SES device slot on probe

  * Hotkeys on new Thinkpad systems aren't working (LP: #1705169)
    - platform/x86: thinkpad_acpi: Adding new hotkey ID for Lenovo thinkpad
    - platform/x86: thinkpad_acpi: guard generic hotkey case
    - platform/x86: thinkpad_acpi: add mapping for new hotkeys

  * CVE-2015-7837
    - SAUCE: (no-up) kexec/uefi: copy secure_boot flag in boot params across kexec
      reboot

  * misleading kernel warning skb_warn_bad_offload during checksum calculation
    (LP: #1705447)
    - net: reduce skb_warn_bad_offload() noise

  * bonding: stack dump when unregistering a netdev (LP: #1704102)
    - bonding: avoid NETDEV_CHANGEMTU event when unregistering slave

  * Ubuntu 16.04 IOB Error when the Mustang board rebooted (LP: #1693673)
    - drivers: net: xgene: Fix redundant prefetch buffer cleanup

  * Ubuntu16.04: NVMe 4K+T10 DIF/DIX format returns I/O error on dd with split
    op (LP: #1689946)
    - blk-mq: NVMe 512B/4K+T10 DIF/DIX format returns I/O error on dd with split
      op

  * linux >= 4.2: bonding 802.3ad does not work with 5G, 25G and 50G link speeds
    (LP: #1697892)
    - bonding: add 802.3ad support for 100G speeds
    - bonding: fix 802.3ad aggregator reselection
    - bonding: add 802.3ad support for 25G speeds
    - bonding: fix 802.3ad support for 5G and 50G speeds

  * Xenial update to 4.4.79 stable release (LP: #1707233)
    - disable new gcc-7.1.1 warnings for now
    - ir-core: fix gcc-7 warning on bool arithmetic
    - s5p-jpeg: don't return a random width/height
    - thermal: cpu_cooling: Avoid accessing potentially freed structures
    - ath9k: fix tx99 use after free
    - ath9k: fix tx99 bus error
    - NFC: fix broken device allocation
    - NFC: nfcmrvl_uart: add missing tty-device sanity check
    - NFC: nfcmrvl: do not use device-managed resources
    - NFC: nfcmrvl: use nfc-device for firmware download
    - NFC: nfcmrvl: fix firmware-management initialisation
    - nfc: Ensure presence of required attributes in the activate_target handler
    - nfc: Fix the sockaddr length sanitization in llcp_sock_connect
    - NFC: Add sockaddr length checks before accessing sa_family in bind handlers
    - perf intel-pt: Move decoder error setting into one condition
    - perf intel-pt: Improve sample timestamp
    - perf intel-pt: Fix missing stack clear
    - perf intel-pt: Ensure IP is zero when state is INTEL_PT_STATE_NO_IP
    - perf intel-pt: Clear FUP flag on error
    - Bluetooth: use constant time memory comparison for secret values
    - wlcore: fix 64K page support
    - ASoC: compress: Derive substream from stream based on direction
    - PM / Domains: Fix unsafe iteration over modified list of device links
    - PM / Domains: Fix unsafe iteration over modified list of domain providers
    - scsi: ses: do not add a device to an enclosure if enclosure_add_links()
      fails.
    - iscsi-target: Add login_keys_workaround attribute for non RFC initiators
    - powerpc/64: Fix atomic64_inc_not_zero() to return an int
    - powerpc: Fix emulation of mcrf in emulate_step()
    - powerpc: Fix emulation of mfocrf in emulate_step()
    - powerpc/asm: Mark cr0 as clobbered in mftb()
    - af_key: Fix sadb_x_ipsecrequest parsing
    - PCI/PM: Restore the status of PCI devices across hibernation
    - ipvs: SNAT packet replies only for NATed connections
    - xhci: fix 20000ms port resume timeout
    - xhci: Fix NULL pointer dereference when cleaning up streams for removed host
    - usb: storage: return on error to avoid a null pointer dereference
    - USB: cdc-acm: add device-id for quirky printer
    - usb: renesas_usbhs: fix usbhsc_resume() for !USBHSF_RUNTIME_PWCTRL
    - usb: renesas_usbhs: gadget: disable all eps when the driver stops
    - md: don't use flush_signals in userspace processes
    - x86/xen: allow userspace access during hypercalls
    - cx88: Fix regression in initial video standard setting
    - Raid5 should update rdev->sectors after reshape
    - s390/syscalls: Fix out of bounds arguments access
    - drm/amd/amdgpu: Return error if initiating read out of range on vram
    - drm/radeon/ci: disable mclk switching for high refresh rates (v2)
    - drm/radeon: Fix eDP for single-display iMac10,1 (v2)
    - ipmi: use rcu lock around call to intf->handlers->sender()
    - ipmi:ssif: Add missing unlock in error branch
    - f2fs: Don't clear SGID when inheriting ACLs
    - vfio: Fix group release deadlock
    - vfio: New external user group/file match
    - ftrace: Fix uninitialized variable in match_records()
    - MIPS: Fix mips_atomic_set() retry condition
    - MIPS: Fix mips_atomic_set() with EVA
    - MIPS: Negate error syscall return in trace
    - x86/acpi: Prevent out of bound access caused by broken ACPI tables
    - x86/ioapic: Pass the correct data to unmask_ioapic_irq()
    - MIPS: Fix MIPS I ISA /proc/cpuinfo reporting
    - MIPS: Save static registers before sysmips
    - MIPS: Actually decode JALX in `__compute_return_epc_for_insn'
    - MIPS: Fix unaligned PC interpretation in `compute_return_epc'
    - MIPS: math-emu: Prevent wrong ISA mode instruction emulation
    - MIPS: Send SIGILL for BPOSGE32 in `__compute_return_epc_for_insn'
    - MIPS: Rename `sigill_r6' to `sigill_r2r6' in `__compute_return_epc_for_insn'
    - MIPS: Send SIGILL for linked branches in `__compute_return_epc_for_insn'
    - MIPS: Fix a typo: s/preset/present/ in r2-to-r6 emulation error message
    - Input: i8042 - fix crash at boot time
    - NFS: only invalidate dentrys that are clearly invalid.
    - udf: Fix deadlock between writeback and udf_setsize()
    - target: Fix COMPARE_AND_WRITE caw_sem leak during se_cmd quiesce
    - perf annotate: Fix broken arrow at row 0 connecting jmp instruction to its
      target
    - Revert "perf/core: Drop kernel samples even though :u is specified"
    - staging: rtl8188eu: add TL-WN722N v2 support
    - ceph: fix race in concurrent readdir
    - RDMA/core: Initialize port_num in qp_attr
    - drm/mst: Fix error handling during MST sideband message reception
    - drm/mst: Avoid dereferencing a NULL mstb in drm_dp_mst_handle_up_req()
    - drm/mst: Avoid processing partially received up/down message transactions
    - of: device: Export of_device_{get_modalias, uvent_modalias} to modules
    - spmi: Include OF based modalias in device uevent
    - tracing: Fix kmemleak in instance_rmdir
    - alarmtimer: don't rate limit one-shot timers
    - Linux 4.4.79

  * Xenial update to 4.4.78 stable release (LP: #1705707)
    - net_sched: fix error recovery at qdisc creation
    - net: sched: Fix one possible panic when no destroy callback
    - net/phy: micrel: configure intterupts after autoneg workaround
    - ipv6: avoid unregistering inet6_dev for loopback
    - net: dp83640: Avoid NULL pointer dereference.
    - tcp: reset sk_rx_dst in tcp_disconnect()
    - net: prevent sign extension in dev_get_stats()
    - bpf: prevent leaking pointer via xadd on unpriviledged
    - net: handle NAPI_GRO_FREE_STOLEN_HEAD case also in napi_frags_finish()
    - ipv6: dad: don't remove dynamic addresses if link is down
    - net: ipv6: Compare lwstate in detecting duplicate nexthops
    - vrf: fix bug_on triggered by rx when destroying a vrf
    - rds: tcp: use sock_create_lite() to create the accept socket
    - brcmfmac: fix possible buffer overflow in brcmf_cfg80211_mgmt_tx()
    - cfg80211: Define nla_policy for NL80211_ATTR_LOCAL_MESH_POWER_MODE
    - cfg80211: Validate frequencies nested in NL80211_ATTR_SCAN_FREQUENCIES
    - cfg80211: Check if PMKID attribute is of expected size
    - irqchip/gic-v3: Fix out-of-bound access in gic_set_affinity
    - parisc: Report SIGSEGV instead of SIGBUS when running out of stack
    - parisc: use compat_sys_keyctl()
    - parisc: DMA API: return error instead of BUG_ON for dma ops on non dma devs
    - parisc/mm: Ensure IRQs are off in switch_mm()
    - tools/lib/lockdep: Reduce MAX_LOCK_DEPTH to avoid overflowing lock_chain/:
      Depth
    - kernel/extable.c: mark core_kernel_text notrace
    - mm/list_lru.c: fix list_lru_count_node() to be race free
    - fs/dcache.c: fix spin lockup issue on nlru->lock
    - checkpatch: silence perl 5.26.0 unescaped left brace warnings
    - binfmt_elf: use ELF_ET_DYN_BASE only for PIE
    - arm: move ELF_ET_DYN_BASE to 4MB
    - arm64: move ELF_ET_DYN_BASE to 4GB / 4MB
    - powerpc: move ELF_ET_DYN_BASE to 4GB / 4MB
    - s390: reduce ELF_ET_DYN_BASE
    - exec: Limit arg stack to at most 75% of _STK_LIM
    - vt: fix unchecked __put_user() in tioclinux ioctls
    - mnt: In umount propagation reparent in a separate pass
    - mnt: In propgate_umount handle visiting mounts in any order
    - mnt: Make propagate_umount less slow for overlapping mount propagation trees
    - selftests/capabilities: Fix the test_execve test
    - tpm: Get rid of chip->pdev
    - tpm: Provide strong locking for device removal
    - Add "shutdown" to "struct class".
    - tpm: Issue a TPM2_Shutdown for TPM2 devices.
    - mm: fix overflow check in expand_upwards()
    - crypto: talitos - Extend max key length for SHA384/512-HMAC and AEAD
    - crypto: atmel - only treat EBUSY as transient if backlog
    - crypto: sha1-ssse3 - Disable avx2
    - crypto: caam - fix signals handling
    - sched/topology: Fix overlapping sched_group_mask
    - sched/topology: Optimize build_group_mask()
    - PM / wakeirq: Convert to SRCU
    - PM / QoS: return -EINVAL for bogus strings
    - tracing: Use SOFTIRQ_OFFSET for softirq dectection for more accurate results
    - KVM: x86: disable MPX if host did not enable MPX XSAVE features
    - kvm: vmx: Do not disable intercepts for BNDCFGS
    - kvm: x86: Guest BNDCFGS requires guest MPX support
    - kvm: vmx: Check value written to IA32_BNDCFGS
    - kvm: vmx: allow host to access guest MSR_IA32_BNDCFGS
    - Linux 4.4.78

  * Xenial update to 4.4.77 stable release (LP: #1705238)
    - fs: add a VALID_OPEN_FLAGS
    - fs: completely ignore unknown open flags
    - driver core: platform: fix race condition with driver_override
    - bgmac: reset & enable Ethernet core before using it
    - mm: fix classzone_idx underflow in shrink_zones()
    - tracing/kprobes: Allow to create probe with a module name starting with a
      digit
    - usb: dwc3: replace %p with %pK
    - USB: serial: cp210x: add ID for CEL EM3588 USB ZigBee stick
    - Add USB quirk for HVR-950q to avoid intermittent device resets
    - usb: usbip: set buffer pointers to NULL after free
    - usb: Fix typo in the definition of Endpoint[out]Request
    - mac80211_hwsim: Replace bogus hrtimer clockid
    - sysctl: don't print negative flag for proc_douintvec
    - sysctl: report EINVAL if value is larger than UINT_MAX for proc_douintvec
    - pinctrl: sh-pfc: r8a7791: Fix SCIF2 pinmux data
    - pinctrl: meson: meson8b: fix the NAND DQS pins
    - pinctrl: sunxi: Fix SPDIF function name for A83T
    - pinctrl: mxs: atomically switch mux and drive strength config
    - pinctrl: sh-pfc: Update info pointer after SoC-specific init
    - USB: serial: option: add two Longcheer device ids
    - USB: serial: qcserial: new Sierra Wireless EM7305 device ID
    - gfs2: Fix glock rhashtable rcu bug
    - x86/tools: Fix gcc-7 warning in relocs.c
    - x86/uaccess: Optimize copy_user_enhanced_fast_string() for short strings
    - ath10k: override CE5 config for QCA9377
    - KEYS: Fix an error code in request_master_key()
    - RDMA/uverbs: Check port number supplied by user verbs cmds
    - mqueue: fix a use-after-free in sys_mq_notify()
    - tools include: Add a __fallthrough statement
    - tools string: Use __fallthrough in perf_atoll()
    - tools strfilter: Use __fallthrough
    - perf top: Use __fallthrough
    - perf intel-pt: Use __fallthrough
    - perf thread_map: Correctly size buffer used with dirent->dt_name
    - perf scripting perl: Fix compile error with some perl5 versions
    - perf tests: Avoid possible truncation with dirent->d_name + snprintf
    - perf bench numa: Avoid possible truncation when using snprintf()
    - perf tools: Use readdir() instead of deprecated readdir_r()
    - perf thread_map: Use readdir() instead of deprecated readdir_r()
    - perf script: Use readdir() instead of deprecated readdir_r()
    - perf tools: Remove duplicate const qualifier
    - perf annotate browser: Fix behaviour of Shift-Tab with nothing focussed
    - perf pmu: Fix misleadingly indented assignment (whitespace)
    - perf dwarf: Guard !x86_64 definitions under #ifdef else clause
    - perf trace: Do not process PERF_RECORD_LOST twice
    - perf tests: Remove wrong semicolon in while loop in CQM test
    - perf tools: Use readdir() instead of deprecated readdir_r() again
    - md: fix incorrect use of lexx_to_cpu in does_sb_need_changing
    - md: fix super_offset endianness in super_1_rdev_size_change
    - tcp: fix tcp_mark_head_lost to check skb len before fragmenting
    - staging: vt6556: vnt_start Fix missing call to vnt_key_init_table.
    - staging: comedi: fix clean-up of comedi_class in comedi_init()
    - ext4: check return value of kstrtoull correctly in reserved_clusters_store
    - x86/mm/pat: Don't report PAT on CPUs that don't support it
    - saa7134: fix warm Medion 7134 EEPROM read
    - Linux 4.4.77

 -- Kleber Sacilotto de Souza <email address hidden>  Mon, 14 Aug 2017 16:32:51 +0200
Superseded in trusty-security on 2017-08-28
Superseded in trusty-updates on 2017-08-28
Deleted in trusty-proposed (Reason: moved to -updates)
linux-lts-xenial (4.4.0-92.115~14.04.1) trusty; urgency=low

  * linux-lts-xenial: 4.4.0-92.115~14.04.1 -proposed tracker (LP: #1709813)

  * linux: 4.4.0-92.115 -proposed tracker (LP: #1709812)

  * Creating conntrack entry failure with kernel 4.4.0-89 (LP: #1709032)
    - Revert "netfilter: synproxy: fix conntrackd interaction"

 -- Kleber Sacilotto de Souza <email address hidden>  Thu, 10 Aug 2017 10:29:51 +0200
Superseded in trusty-security on 2017-08-15
Superseded in trusty-updates on 2017-08-15
Deleted in trusty-proposed (Reason: NBS)
linux-lts-xenial (4.4.0-91.114~14.04.1) trusty; urgency=low

  * CVE-2017-1000112
    - ipv4: Should use consistent conditional judgement for ip fragment in
      __ip_append_data and ip_finish_output
    - ipv6: Don't use ufo handling on later transformed packets
    - udp: avoid ufo handling on IP payload compression packets
    - ipv6: Should use consistent conditional judgement for ip6 fragment between
      __ip6_append_data and ip6_finish_output
    - net: account for current skb length when deciding about UFO
    - udp: consistently apply ufo or fragmentation

  * CVE-2017-1000111
    - net-packet: fix race in packet_set_ring on PACKET_RESERVE

 -- Stefan Bader <email address hidden>  Mon, 07 Aug 2017 13:14:36 +0200
Superseded in trusty-security on 2017-08-10
Superseded in trusty-updates on 2017-08-10
Deleted in trusty-proposed (Reason: moved to -updates)
linux-lts-xenial (4.4.0-89.112~14.04.1) trusty; urgency=low

  * CVE-2017-7533
    - dentry name snapshots

Deleted in trusty-proposed on 2017-08-03 (Reason: NBS)
linux-lts-xenial (4.4.0-88.111~14.04.1) trusty; urgency=low

  * linux-lts-xenial: 4.4.0-88.111~14.04.1 -proposed tracker (LP: #1705272)

  * linux: 4.4.0-88.111 -proposed tracker (LP: #1705270)

  * [Xenial] nvme: Quirks for PM1725 controllers (LP: #1704435)
    - nvme: Quirks for PM1725 controllers

  * Upgrade Redpine WLAN/BT driver to ver. 1.2 (production release)
    (LP: #1697829)
    - SAUCE: Redpine: Upgrade to ver. 1.2 production release

  * ubuntu/rsi driver has several issues as picked up by static analysis
    (LP: #1694733)
    - SAUCE: Redpine: Upgrade to ver. 1.2 production release

  * Redpine vendor driver - Switching to AP mode causes kernel panic
    (LP: #1700941)
    - SAUCE: Redpine: Upgrade to ver. 1.2 production release

  * CVE-2017-10810
    - drm/virtio: don't leak bo on drm_gem_object_init failure

  * Ath10k to read different board data file if specify in SMBIOS (LP: #1666742)
    - ath10k: search SMBIOS for OEM board file extension

  * make snap-pkg support (LP: #1700747)
    - SAUCE: make snap-pkg support

  * ISST-LTE: Briggs:Stratton:UbuntuKVM:  ics_opal_set_affinity on host kernel
    log using Intel X710 (i40e driver) (LP: #1703663)
    - i40e: use valid online CPU on q_vector initialization

  * Update snapcraft.yaml (LP: #1700480)
    - snapcraft.yaml: various improvements

  * Xenial update to 4.4.76 stable release (LP: #1702863)
    - ipv6: release dst on error in ip6_dst_lookup_tail
    - net: don't call strlen on non-terminated string in dev_set_alias()
    - decnet: dn_rtmsg: Improve input length sanitization in
      dnrmg_receive_user_skb
    - net: Zero ifla_vf_info in rtnl_fill_vfinfo()
    - af_unix: Add sockaddr length checks before accessing sa_family in bind and
      connect handlers
    - Fix an intermittent pr_emerg warning about lo becoming free.
    - net: caif: Fix a sleep-in-atomic bug in cfpkt_create_pfx
    - igmp: acquire pmc lock for ip_mc_clear_src()
    - igmp: add a missing spin_lock_init()
    - ipv6: fix calling in6_ifa_hold incorrectly for dad work
    - net/mlx5: Wait for FW readiness before initializing command interface
    - decnet: always not take dst->__refcnt when inserting dst into hash table
    - net: 8021q: Fix one possible panic caused by BUG_ON in free_netdev
    - sfc: provide dummy definitions of vswitch functions
    - ipv6: Do not leak throw route references
    - rtnetlink: add IFLA_GROUP to ifla_policy
    - netfilter: xt_TCPMSS: add more sanity tests on tcph->doff
    - netfilter: synproxy: fix conntrackd interaction
    - NFSv4: fix a reference leak caused WARNING messages
    - drm/ast: Handle configuration without P2A bridge
    - mm, swap_cgroup: reschedule when neeed in swap_cgroup_swapoff()
    - MIPS: Avoid accidental raw backtrace
    - MIPS: pm-cps: Drop manual cache-line alignment of ready_count
    - MIPS: Fix IRQ tracing & lockdep when rescheduling
    - ALSA: hda - Fix endless loop of codec configure
    - ALSA: hda - set input_path bitmap to zero after moving it to new place
    - drm/vmwgfx: Free hash table allocated by cmdbuf managed res mgr
    - usb: gadget: f_fs: Fix possibe deadlock
    - sysctl: enable strict writes
    - mm: numa: avoid waiting on freed migrated pages
    - KVM: x86: fix fixing of hypercalls
    - scsi: sd: Fix wrong DPOFUA disable in sd_read_cache_type
    - scsi: lpfc: Set elsiocb contexts to NULL after freeing it
    - qla2xxx: Fix erroneous invalid handle message
    - ARM: dts: BCM5301X: Correct GIC_PPI interrupt flags
    - net: mvneta: Fix for_each_present_cpu usage
    - MIPS: ath79: fix regression in PCI window initialization
    - net: korina: Fix NAPI versus resources freeing
    - MIPS: ralink: MT7688 pinmux fixes
    - MIPS: ralink: fix USB frequency scaling
    - MIPS: ralink: Fix invalid assignment of SoC type
    - MIPS: ralink: fix MT7628 pinmux typos
    - MIPS: ralink: fix MT7628 wled_an pinmux gpio
    - mtd: bcm47xxpart: limit scanned flash area on BCM47XX (MIPS) only
    - bgmac: fix a missing check for build_skb
    - mtd: bcm47xxpart: don't fail because of bit-flips
    - bgmac: Fix reversed test of build_skb() return value.
    - net: bgmac: Fix SOF bit checking
    - net: bgmac: Start transmit queue in bgmac_open
    - net: bgmac: Remove superflous netif_carrier_on()
    - powerpc/eeh: Enable IO path on permanent error
    - gianfar: Do not reuse pages from emergency reserve
    - Btrfs: fix truncate down when no_holes feature is enabled
    - virtio_console: fix a crash in config_work_handler
    - swiotlb-xen: update dev_addr after swapping pages
    - xen-netfront: Fix Rx stall during network stress and OOM
    - scsi: virtio_scsi: Reject commands when virtqueue is broken
    - platform/x86: ideapad-laptop: handle ACPI event 1
    - amd-xgbe: Check xgbe_init() return code
    - net: dsa: Check return value of phy_connect_direct()
    - drm/amdgpu: check ring being ready before using
    - vfio/spapr: fail tce_iommu_attach_group() when iommu_data is null
    - virtio_net: fix PAGE_SIZE > 64k
    - vxlan: do not age static remote mac entries
    - ibmveth: Add a proper check for the availability of the checksum features
    - kernel/panic.c: add missing \n
    - HID: i2c-hid: Add sleep between POWER ON and RESET
    - scsi: lpfc: avoid double free of resource identifiers
    - spi: davinci: use dma_mapping_error()
    - mac80211: initialize SMPS field in HT capabilities
    - x86/mpx: Use compatible types in comparison to fix sparse error
    - coredump: Ensure proper size of sparse core files
    - swiotlb: ensure that page-sized mappings are page-aligned
    - s390/ctl_reg: make __ctl_load a full memory barrier
    - be2net: fix status check in be_cmd_pmac_add()
    - perf probe: Fix to show correct locations for events on modules
    - net/mlx4_core: Eliminate warning messages for SRQ_LIMIT under SRIOV
    - sctp: check af before verify address in sctp_addr_id2transport
    - ravb: Fix use-after-free on `ifconfig eth0 down`
    - jump label: fix passing kbuild_cflags when checking for asm goto support
    - xfrm: fix stack access out of bounds with CONFIG_XFRM_SUB_POLICY
    - xfrm: NULL dereference on allocation failure
    - xfrm: Oops on error in pfkey_msg2xfrm_state()
    - watchdog: bcm281xx: Fix use of uninitialized spinlock.
    - sched/loadavg: Avoid loadavg spikes caused by delayed NO_HZ accounting
    - ARM64/ACPI: Fix BAD_MADT_GICC_ENTRY() macro implementation
    - ARM: 8685/1: ensure memblock-limit is pmd-aligned
    - x86/mpx: Correctly report do_mpx_bt_fault() failures to user-space
    - x86/mm: Fix flush_tlb_page() on Xen
    - ocfs2: o2hb: revert hb threshold to keep compatible
    - iommu/vt-d: Don't over-free page table directories
    - iommu: Handle default domain attach failure
    - iommu/amd: Fix incorrect error handling in amd_iommu_bind_pasid()
    - cpufreq: s3c2416: double free on driver init error path
    - KVM: x86: fix emulation of RSM and IRET instructions
    - KVM: x86/vPMU: fix undefined shift in intel_pmu_refresh()
    - KVM: x86: zero base3 of unusable segments
    - KVM: nVMX: Fix exception injection
    - Linux 4.4.76

  * Xenial update to 4.4.75 stable release (LP: #1702118)
    - fs/exec.c: account for argv/envp pointers
    - autofs: sanity check status reported with AUTOFS_DEV_IOCTL_FAIL
    - lib/cmdline.c: fix get_options() overflow while parsing ranges
    - KVM: PPC: Book3S HV: Preserve userspace HTM state properly
    - CIFS: Improve readdir verbosity
    - HID: Add quirk for Dell PIXART OEM mouse
    - signal: Only reschedule timers on signals timers have sent
    - powerpc/kprobes: Pause function_graph tracing during jprobes handling
    - Input: i8042 - add Fujitsu Lifebook AH544 to notimeout list
    - time: Fix clock->read(clock) race around clocksource changes
    - target: Fix kref->refcount underflow in transport_cmd_finish_abort
    - iscsi-target: Reject immediate data underflow larger than SCSI transfer
      length
    - drm/radeon: add a PX quirk for another K53TK variant
    - drm/radeon: add a quirk for Toshiba Satellite L20-183
    - drm/amdgpu/atom: fix ps allocation size for EnableDispPowerGating
    - drm/amdgpu: adjust default display clock
    - USB: usbip: fix nonconforming hub descriptor
    - rxrpc: Fix several cases where a padded len isn't checked in ticket decode
    - of: Add check to of_scan_flat_dt() before accessing initial_boot_params
    - mtd: spi-nor: fix spansion quad enable
    - powerpc/slb: Force a full SLB flush when we insert for a bad EA
    - usb: gadget: f_fs: avoid out of bounds access on comp_desc
    - net: phy: Initialize mdio clock at probe function
    - net: phy: fix marvell phy status reading
    - Linux 4.4.75

  * Xenial update to 4.4.74 stable release (LP: #1702104)
    - configfs: Fix race between create_link and configfs_rmdir
    - can: gs_usb: fix memory leak in gs_cmd_reset()
    - cpufreq: conservative: Allow down_threshold to take values from 1 to 10
    - vb2: Fix an off by one error in 'vb2_plane_vaddr'
    - mac80211: don't look at the PM bit of BAR frames
    - mac80211/wpa: use constant time memory comparison for MACs
    - mac80211: fix CSA in IBSS mode
    - mac80211: fix IBSS presp allocation size
    - serial: efm32: Fix parity management in 'efm32_uart_console_get_options()'
    - x86/mm/32: Set the '__vmalloc_start_set' flag in initmem_init()
    - mfd: omap-usb-tll: Fix inverted bit use for USB TLL mode
    - staging: rtl8188eu: prevent an underflow in rtw_check_beacon_data()
    - iio: proximity: as3935: recalibrate RCO after resume
    - USB: hub: fix SS max number of ports
    - usb: core: fix potential memory leak in error path during hcd creation
    - pvrusb2: reduce stack usage pvr2_eeprom_analyze()
    - USB: gadget: dummy_hcd: fix hub-descriptor removable fields
    - usb: r8a66597-hcd: select a different endpoint on timeout
    - usb: r8a66597-hcd: decrease timeout
    - drivers/misc/c2port/c2port-duramar2150.c: checking for NULL instead of
      IS_ERR()
    - usb: xhci: ASMedia ASM1042A chipset need shorts TX quirk
    - USB: gadgetfs, dummy-hcd, net2280: fix locking for callbacks
    - mm/memory-failure.c: use compound_head() flags for huge pages
    - swap: cond_resched in swap_cgroup_prepare()
    - genirq: Release resources in __setup_irq() error path
    - alarmtimer: Prevent overflow of relative timers
    - usb: dwc3: exynos fix axius clock error path to do cleanup
    - MIPS: Fix bnezc/jialc return address calculation
    - alarmtimer: Rate limit periodic intervals
    - Linux 4.4.74

  * Side Button (Display Toggle) fails on Dell AIO systems (LP: #1702541)
    - dell-wmi: Add a WMI event code for display on/off

  * Intel i40e PF reset under load (LP: #1700834)
    - i40e/i40evf: Limit TSO to 7 descriptors for payload instead of 8 per packet

  * update ENA driver to 1.2.0k from net-next (LP: #1701575)
    - net: ena: remove superfluous check in ena_remove()
    - net: ena: fix rare uncompleted admin command false alarm
    - net: ena: add missing return when ena_com_get_io_handlers() fails
    - net: ena: fix race condition between submit and completion admin command
    - net: ena: add missing unmap bars on device removal
    - net: ena: fix theoretical Rx hang on low memory systems
    - net: ena: disable admin msix while working in polling mode
    - net: ena: bug fix in lost tx packets detection mechanism
    - net: ena: update ena driver to version 1.1.7
    - net: ena: change return value for unsupported features unsupported return
      value
    - net: ena: add hardware hints capability to the driver
    - net: ena: change sizeof() argument to be the type pointer
    - net: ena: add reset reason for each device FLR
    - net: ena: add support for out of order rx buffers refill
    - net: ena: use napi_schedule_irqoff when possible
    - net: ena: separate skb allocation to dedicated function
    - net: ena: use lower_32_bits()/upper_32_bits() to split dma address
    - net: ena: update driver's rx drop statistics
    - net: ena: update ena driver to version 1.2.0

 -- Stefan Bader <email address hidden>  Thu, 20 Jul 2017 09:25:21 +0200
Superseded in trusty-security on 2017-08-03
Superseded in trusty-updates on 2017-08-03
Deleted in trusty-proposed (Reason: NBS)
linux-lts-xenial (4.4.0-87.110~14.04.1) trusty; urgency=low

  * linux-lts-xenial: 4.4.0-87.110~14.04.1 -proposed tracker (LP: #1704985)

  * linux: 4.4.0-87.110 -proposed tracker (LP: #1704982)

  * CVE-2017-1000364
    - mm/mmap.c: do not blow on PROT_NONE MAP_FIXED holes in the stack
    - mm/mmap.c: expand_downwards: don't require the gap if !vm_prev

  * CIFS causes oops (LP: #1704857)
    - CIFS: Fix null pointer deref during read resp processing
    - CIFS: Fix some return values in case of error in 'crypt_message'

 -- Kleber Sacilotto de Souza <email address hidden>  Tue, 18 Jul 2017 13:58:43 +0200
Deleted in trusty-proposed on 2017-07-19 (Reason: NBS)
linux-lts-xenial (4.4.0-86.109~14.04.1) trusty; urgency=low

  * linux-lts-xenial: 4.4.0-86.109~14.04.1 -proposed tracker (LP: #1703996)

  * linux: 4.4.0-86.109 -proposed tracker (LP: #1703995)

  * sock_recvmsg has dropped size argument (LP: #1701697)
    - Packaging: Breaks unfixed iscsitarget versions

Deleted in trusty-proposed on 2017-07-17 (Reason: NBS)
linux-lts-xenial (4.4.0-85.108~14.04.1) trusty; urgency=low

  * linux-lts-xenial: 4.4.0-85.108~14.04.1 -proposed tracker (LP: #1702105)

  * linux: 4.4.0-85.108 -proposed tracker (LP: #1702103)

  * [Hyper-V] Implement Hyper-V PTP Source (LP: #1676635)
    - SAUCE: hv: make clocksource available for PTP device supporting
    - Drivers: hv: util: Use hv_get_current_tick() to get current tick
    - hv_util: switch to using timespec64
    - hv_utils: implement Hyper-V PTP source
    - Drivers: hv: util: Fix a typo
    - Drivers: hv: util: don't forget to init host_ts.lock
    - hv_utils: drop .getcrosststamp() support from PTP driver
    - hv_utils: fix TimeSync work on pre-TimeSync-v4 hosts

Deleted in trusty-proposed on 2017-07-06 (Reason: NBS)
linux-lts-xenial (4.4.0-84.107~14.04.1) trusty; urgency=low

  * linux-lts-xenial: 4.4.0-84.107~14.04.1 -proposed tracker (LP: #1701025)

  * linux: 4.4.0-84.107 -proposed tracker (LP: #1701024)

  * Can't disable USB port from BIOS (LP: #1695216)
    - SAUCE: xhci: AMD Promontory USB disable port support

  * KILLER1435-S[0489:e0a2] BT cannot search BT 4.0 device (LP: #1699651)
    - Bluetooth: btusb: Add support for 0489:e0a2 QCA_ROME device

  * CIFS: Enable encryption for SMB3 (LP: #1670508)
    - Revert "Handle mismatched open calls"
    - Revert "Call echo service immediately after socket reconnect"
    - cifs: Make echo interval tunable
    - Prepare for encryption support (first part). Add decryption and encryption
      key generation. Thanks to Metze for helping with this.
    - [net] drop 'size' argument of sock_recvmsg()
    - cifs: merge the hash calculation helpers
    - cifs: no need to wank with copying and advancing iovec on recvmsg side
      either
    - cifs: don't bother with kmap on read_pages side
    - cifs_readv_receive: use cifs_read_from_socket()
    - Fix memory leaks in cifs_do_mount()
    - SMB3: Add mount parameter to allow user to override max credits
    - SMB2: Separate Kerberos authentication from SMB2_sess_setup
    - SMB2: Separate RawNTLMSSP authentication from SMB2_sess_setup
    - SMB3: parsing for new snapshot timestamp mount parm
    - cifs: Simplify SMB2 and SMB311 dependencies
    - cifs: Only select the required crypto modules
    - cifs: Add soft dependencies
    - CIFS: Separate SMB2 header structure
    - CIFS: Make SendReceive2() takes resp iov
    - CIFS: Make send_cancel take rqst as argument
    - CIFS: Send RFC1001 length in a separate iov
    - CIFS: Separate SMB2 sync header processing
    - CIFS: Separate RFC1001 length processing for SMB2 read
    - CIFS: Add capability to transform requests before sending
    - CIFS: Enable encryption during session setup phase
    - CIFS: Encrypt SMB3 requests before sending
    - CIFS: Add transform header handling callbacks
    - CIFS: Add mid handle callback
    - CIFS: Add copy into pages callback for a read operation
    - CIFS: Decrypt and process small encrypted packets
    - CIFS: Add capability to decrypt big read responses
    - CIFS: Allow to switch on encryption with seal mount option
    - CIFS: Fix possible use after free in demultiplex thread
    - Call echo service immediately after socket reconnect
    - Handle mismatched open calls

  * CVE-2017-9150
    - bpf: don't let ldimm64 leak map addresses on unprivileged

  * CVE-2015-8944
    - Make file credentials available to the seqfile interfaces
    - /proc/iomem: only expose physical resource addresses to privileged users

  * Xenial update to 4.4.73 stable release (LP: #1698817)
    - s390/vmem: fix identity mapping
    - partitions/msdos: FreeBSD UFS2 file systems are not recognized
    - ARM: dts: imx6dl: Fix the VDD_ARM_CAP voltage for 396MHz operation
    - staging: rtl8192e: rtl92e_fill_tx_desc fix write to mapped out memory.
    - net: xilinx_emaclite: fix freezes due to unordered I/O
    - net: xilinx_emaclite: fix receive buffer overflow
    - ipv6: Handle IPv4-mapped src to in6addr_any dst.
    - ipv6: Inhibit IPv4-mapped src address on the wire.
    - NET: Fix /proc/net/arp for AX.25
    - NET: mkiss: Fix panic
    - net: hns: Fix the device being used for dma mapping during TX
    - sierra_net: Skip validating irrelevant fields for IDLE LSIs
    - sierra_net: Add support for IPv6 and Dual-Stack Link Sense Indications
    - i2c: piix4: Fix request_region size
    - ipv6: Fix IPv6 packet loss in scenarios involving roaming + snooping
      switches
    - PM / runtime: Avoid false-positive warnings from might_sleep_if()
    - jump label: pass kbuild_cflags when checking for asm goto support
    - kasan: respect /proc/sys/kernel/traceoff_on_warning
    - log2: make order_base_2() behave correctly on const input value zero
    - ethtool: do not vzalloc(0) on registers dump
    - fscache: Fix dead object requeue
    - fscache: Clear outstanding writes when disabling a cookie
    - FS-Cache: Initialise stores_lock in netfs cookie
    - ipv6: fix flow labels when the traffic class is non-0
    - drm/nouveau: prevent userspace from deleting client object
    - drm/nouveau/fence/g84-: protect against concurrent access to semaphore
      buffers
    - gianfar: synchronize DMA API usage by free_skb_rx_queue w/ gfar_new_page
    - pinctrl: berlin-bg4ct: fix the value for "sd1a" of pin SCRD0_CRD_PRES
    - net: adaptec: starfire: add checks for dma mapping errors
    - parisc, parport_gsc: Fixes for printk continuation lines
    - drm/nouveau: Don't enabling polling twice on runtime resume
    - drm/ast: Fixed system hanged if disable P2A
    - ravb: unmap descriptors when freeing rings
    - nfs: Fix "Don't increment lock sequence ID after NFS4ERR_MOVED"
    - r8152: re-schedule napi for tx
    - r8152: fix rtl8152_post_reset function
    - r8152: avoid start_xmit to schedule napi when napi is disabled
    - sctp: sctp_addr_id2transport should verify the addr before looking up assoc
    - romfs: use different way to generate fsid for BLOCK or MTD
    - proc: add a schedule point in proc_pid_readdir()
    - tipc: ignore requests when the connection state is not CONNECTED
    - xtensa: don't use linux IRQ #0
    - s390/kvm: do not rely on the ILC on kvm host protection fauls
    - sparc64: make string buffers large enough
    - Linux 4.4.73

  * Xenial update to 4.4.72 stable release (LP: #1698799)
    - bnx2x: Fix Multi-Cos
    - ipv6: xfrm: Handle errors reported by xfrm6_find_1stfragopt()
    - cxgb4: avoid enabling napi twice to the same queue
    - tcp: disallow cwnd undo when switching congestion control
    - vxlan: fix use-after-free on deletion
    - ipv6: Fix leak in ipv6_gso_segment().
    - net: ping: do not abuse udp_poll()
    - net: ethoc: enable NAPI before poll may be scheduled
    - net: bridge: start hello timer only if device is up
    - sparc64: mm: fix copy_tsb to correctly copy huge page TSBs
    - sparc: Machine description indices can vary
    - sparc64: reset mm cpumask after wrap
    - sparc64: combine activate_mm and switch_mm
    - sparc64: redefine first version
    - sparc64: add per-cpu mm of secondary contexts
    - sparc64: new context wrap
    - sparc64: delete old wrap code
    - arch/sparc: support NR_CPUS = 4096
    - serial: ifx6x60: fix use-after-free on module unload
    - ptrace: Properly initialize ptracer_cred on fork
    - KEYS: fix dereferencing NULL payload with nonzero length
    - KEYS: fix freeing uninitialized memory in key_update()
    - crypto: gcm - wait for crypto op not signal safe
    - drm/amdgpu/ci: disable mclk switching for high refresh rates (v2)
    - nfsd4: fix null dereference on replay
    - nfsd: Fix up the "supattr_exclcreat" attributes
    - kvm: async_pf: fix rcu_irq_enter() with irqs enabled
    - KVM: cpuid: Fix read/write out-of-bounds vulnerability in cpuid emulation
    - arm: KVM: Allow unaligned accesses at HYP
    - KVM: async_pf: avoid async pf injection when in guest mode
    - dmaengine: usb-dmac: Fix DMAOR AE bit definition
    - dmaengine: ep93xx: Always start from BASE0
    - xen/privcmd: Support correctly 64KB page granularity when mapping memory
    - xen-netfront: do not cast grant table reference to signed short
    - xen-netfront: cast grant table reference first to type int
    - ext4: fix SEEK_HOLE
    - ext4: keep existing extra fields when inode expands
    - ext4: fix fdatasync(2) after extent manipulation operations
    - usb: gadget: f_mass_storage: Serialize wake and sleep execution
    - usb: chipidea: udc: fix NULL pointer dereference if udc_start failed
    - usb: chipidea: debug: check before accessing ci_role
    - staging/lustre/lov: remove set_fs() call from lov_getstripe()
    - iio: light: ltr501 Fix interchanged als/ps register field
    - iio: proximity: as3935: fix AS3935_INT mask
    - drivers: char: random: add get_random_long()
    - random: properly align get_random_int_hash
    - stackprotector: Increase the per-task stack canary's random range from 32
      bits to 64 bits on 64-bit platforms
    - cpufreq: cpufreq_register_driver() should return -ENODEV if init fails
    - target: Re-add check to reject control WRITEs with overflow data
    - drm/msm: Expose our reservation object when exporting a dmabuf.
    - Input: elantech - add Fujitsu Lifebook E546/E557 to force crc_enabled
    - cpuset: consider dying css as offline
    - fs: add i_blocksize()
    - ufs: restore proper tail allocation
    - fix ufs_isblockset()
    - ufs: restore maintaining ->i_blocks
    - ufs: set correct ->s_maxsize
    - ufs_extend_tail(): fix the braino in calling conventions of
      ufs_new_fragments()
    - ufs_getfrag_block(): we only grab ->truncate_mutex on block creation path
    - cxl: Fix error path on bad ioctl
    - btrfs: use correct types for page indices in btrfs_page_exists_in_range
    - btrfs: fix memory leak in update_space_info failure path
    - KVM: arm/arm64: Handle possible NULL stage2 pud when ageing pages
    - scsi: qla2xxx: don't disable a not previously enabled PCI device
    - powerpc/eeh: Avoid use after free in eeh_handle_special_event()
    - powerpc/numa: Fix percpu allocations to be NUMA aware
    - powerpc/hotplug-mem: Fix missing endian conversion of aa_index
    - perf/core: Drop kernel samples even though :u is specified
    - drm/vmwgfx: Handle vmalloc() failure in vmw_local_fifo_reserve()
    - drm/vmwgfx: Make sure backup_handle is always valid
    - drm/nouveau/tmr: fully separate alarm execution/pending lists
    - ALSA: timer: Fix race between read and ioctl
    - ALSA: timer: Fix missing queue indices reset at SNDRV_TIMER_IOCTL_SELECT
    - ASoC: Fix use-after-free at card unregistration
    - drivers: char: mem: Fix wraparound check to allow mappings up to the end
    - tty: Drop krefs for interrupted tty lock
    - serial: sh-sci: Fix panic when serial console and DMA are enabled
    - mm: consider memblock reservations for deferred memory initialization sizing
    - NFS: Ensure we revalidate attributes before using execute_ok()
    - NFSv4: Don't perform cached access checks before we've OPENed the file
    - Make __xfs_xattr_put_listen preperly report errors.
    - arm64: hw_breakpoint: fix watchpoint matching for tagged pointers
    - arm64: entry: improve data abort handling of tagged pointers
    - RDMA/qib,hfi1: Fix MR reference count leak on write with immediate
    - usercopy: Adjust tests to deal with SMAP/PAN
    - arm64: armv8_deprecated: ensure extension of addr
    - arm64: ensure extension of smp_store_release value
    - Linux 4.4.72

  * Xenial update to 4.4.71 stable release (LP: #1697001)
    - sparc: Fix -Wstringop-overflow warning
    - s390/qeth: handle sysfs error during initialization
    - s390/qeth: unbreak OSM and OSN support
    - s390/qeth: avoid null pointer dereference on OSN
    - tcp: avoid fragmenting peculiar skbs in SACK
    - sctp: fix src address selection if using secondary addresses for ipv6
    - tcp: eliminate negative reordering in tcp_clean_rtx_queue
    - net: Improve handling of failures on link and route dumps
    - bridge: netlink: check vlan_default_pvid range
    - qmi_wwan: add another Lenovo EM74xx device ID
    - bridge: start hello_timer when enabling KERNEL_STP in br_stp_start
    - be2net: Fix offload features for Q-in-Q packets
    - virtio-net: enable TSO/checksum offloads for Q-in-Q vlans
    - tcp: avoid fastopen API to be used on AF_UNSPEC
    - sctp: fix ICMP processing if skb is non-linear
    - ipv4: add reference counting to metrics
    - netem: fix skb_orphan_partial()
    - net: phy: marvell: Limit errata to 88m1101
    - vlan: Fix tcp checksum offloads in Q-in-Q vlans
    - i2c: i2c-tiny-usb: fix buffer not being DMA capable
    - mmc: sdhci-iproc: suppress spurious interrupt with Multiblock read
    - HID: wacom: Have wacom_tpc_irq guard against possible NULL dereference
    - scsi: mpt3sas: Force request partial completion alignment
    - drm/radeon/ci: disable mclk switching for high refresh rates (v2)
    - drm/radeon: Unbreak HPD handling for r600+
    - pcmcia: remove left-over %Z format
    - ALSA: hda - apply STAC_9200_DELL_M22 quirk for Dell Latitude D430
    - slub/memcg: cure the brainless abuse of sysfs attributes
    - drm/gma500/psb: Actually use VBT mode when it is found
    - mm/migrate: fix refcount handling when !hugepage_migration_supported()
    - mlock: fix mlock count can not decrease in race condition
    - xfs: Fix missed holes in SEEK_HOLE implementation
    - xfs: fix off-by-one on max nr_pages in xfs_find_get_desired_pgoff()
    - xfs: fix over-copying of getbmap parameters from userspace
    - xfs: handle array index overrun in xfs_dir2_leaf_readbuf()
    - xfs: prevent multi-fsb dir readahead from reading random blocks
    - xfs: fix up quotacheck buffer list error handling
    - xfs: support ability to wait on new inodes
    - xfs: update ag iterator to support wait on new inodes
    - xfs: wait on new inodes during quotaoff dquot release
    - xfs: fix indlen accounting error on partial delalloc conversion
    - xfs: bad assertion for delalloc an extent that start at i_size
    - xfs: fix unaligned access in xfs_btree_visit_blocks
    - xfs: in _attrlist_by_handle, copy the cursor back to userspace
    - xfs: only return -errno or success from attr ->put_listent
    - Linux 4.4.71

  * CVE-2017-7346
    - drm/vmwgfx: limit the number of mip levels in vmw_gb_surface_define_ioctl()

  * Power button does not work on Latitude 7480 (LP: #1697116)
    - intel-hid: Remove duplicated acpi_remove_notify_handler
    - platform/x86: intel-hid: Support 5 button array

  * CVE-2017-9074
    - ipv6: Check ip6_find_1stfragopt() return value properly.

  * CVE-2014-9900
    - net: Zeroing the structure ethtool_wolinfo in ethtool_get_wol()

 -- Thadeu Lima de Souza Cascardo <email address hidden>  Wed, 28 Jun 2017 14:47:02 -0300
Superseded in trusty-security on 2017-07-24
Superseded in trusty-updates on 2017-07-24
Deleted in trusty-proposed (Reason: moved to -updates)
linux-lts-xenial (4.4.0-83.106~14.04.1) trusty; urgency=low

  * linux-lts-xenial: 4.4.0-83.106~14.04.1 -proposed tracker (LP: #1700542)

  * linux: 4.4.0-83.106 -proposed tracker (LP: #1700541)

  * CVE-2017-1000364
    - Revert "UBUNTU: SAUCE: mm: Only expand stack if guard area is hit"
    - Revert "mm: do not collapse stack gap into THP"
    - Revert "mm: enlarge stack guard gap"
    - mm: vma_adjust: remove superfluous confusing update in remove_next == 1 case
    - mm: larger stack guard gap, between vmas
    - mm: fix new crash in unmapped_area_topdown()
    - Allow stack to grow up to address space limit

Deleted in trusty-proposed on 2017-06-27 (Reason: NBS)
linux-lts-xenial (4.4.0-82.105~14.04.1) trusty; urgency=low

  * linux-lts-xenial: 4.4.0-82.105~14.04.1 -proposed tracker (LP: #1699066)

  * linux: 4.4.0-82.105 -proposed tracker (LP: #1699064)

  * CVE-2017-1000364
    - SAUCE: mm: Only expand stack if guard area is hit

  * linux-aws/linux-gke incorrectly producing and using linux-*-tools-
    common/linux-*-cloud-tools-common (LP: #1688579)
    - [Config] make linux-tools-common and linux-cloud-tools-common protection
      consistent

  * CVE-2017-9242
    - ipv6: fix out of bound writes in __ip6_append_data()

  * CVE-2017-9075
    - sctp: do not inherit ipv6_{mc|ac|fl}_list from parent

  * CVE-2017-9074
    - ipv6: Prevent overrun when parsing v6 header options

  * CVE-2017-9076
    - ipv6/dccp: do not inherit ipv6_mc_list from parent

  * CVE-2017-9077
    - ipv6/dccp: do not inherit ipv6_mc_list from parent

  * CVE-2017-8890
    - dccp/tcp: do not inherit mc_list from parent

  * Module signing exclusion for staging drivers does not work properly
    (LP: #1690908)
    - SAUCE: Fix module signing exclusion in package builds

  * extend-diff-ignore should use exact matches (LP: #1693504)
    - [Packaging] exact extend-diff-ignore matches

  * Dell XPS 9360 wifi 5G performance is poor (LP: #1692836)
    - SAUCE: ath10k: fix the wifi speed issue for kill 1535

  *  Upgrade Redpine WLAN/BT driver to ver. 1.2.RC12 (LP: #1694607)
    - SAUCE: Redpine: Upgrade to ver. 1.2.RC12

  * [DP MST] No audio output through HDMI/DP/mDP ports in Dell WD15 and TB15
    docking stations (LP: #1694665)
    - drm/i915: Store port enum in intel_encoder
    - drm/i915: Eliminate redundant local variable definition
    - drm/i915: Switch to using port stored in intel_encoder
    - drm/i915: Move audio_connector to intel_encoder
    - drm/i915/dp: DP audio API changes for MST
    - drm/i915: abstract ddi being audio enabled
    - drm/i915/audio: extend get_saved_enc() to support more scenarios
    - drm/i915: enable dp mst audio

  * Xenial update to 4.4.70 stable release (LP: #1694621)
    - usb: misc: legousbtower: Fix buffers on stack
    - usb: misc: legousbtower: Fix memory leak
    - USB: ene_usb6250: fix DMA to the stack
    - watchdog: pcwd_usb: fix NULL-deref at probe
    - char: lp: fix possible integer overflow in lp_setup()
    - USB: core: replace %p with %pK
    - ARM: tegra: paz00: Mark panel regulator as enabled on boot
    - tpm_crb: check for bad response size
    - infiniband: call ipv6 route lookup via the stub interface
    - dm btree: fix for dm_btree_find_lowest_key()
    - dm raid: select the Kconfig option CONFIG_MD_RAID0
    - dm bufio: avoid a possible ABBA deadlock
    - dm bufio: check new buffer allocation watermark every 30 seconds
    - dm cache metadata: fail operations if fail_io mode has been established
    - dm bufio: make the parameter "retain_bytes" unsigned long
    - dm thin metadata: call precommit before saving the roots
    - dm space map disk: fix some book keeping in the disk space map
    - md: update slab_cache before releasing new stripes when stripes resizing
    - rtlwifi: rtl8821ae: setup 8812ae RFE according to device type
    - mwifiex: pcie: fix cmd_buf use-after-free in remove/reset
    - ima: accept previously set IMA_NEW_FILE
    - KVM: x86: Fix load damaged SSEx MXCSR register
    - KVM: X86: Fix read out-of-bounds vulnerability in kvm pio emulation
    - regulator: tps65023: Fix inverted core enable logic.
    - s390/kdump: Add final note
    - s390/cputime: fix incorrect system time
    - ath9k_htc: Add support of AirTies 1eda:2315 AR9271 device
    - ath9k_htc: fix NULL-deref at probe
    - drm/amdgpu: Avoid overflows/divide-by-zero in latency_watermark
      calculations.
    - drm/amdgpu: Make display watermark calculations more accurate
    - drm/nouveau/therm: remove ineffective workarounds for alarm bugs
    - drm/nouveau/tmr: ack interrupt before processing alarms
    - drm/nouveau/tmr: fix corruption of the pending list when rescheduling an
      alarm
    - drm/nouveau/tmr: avoid processing completed alarms when adding a new one
    - drm/nouveau/tmr: handle races with hw when updating the next alarm time
    - cdc-acm: fix possible invalid access when processing notification
    - proc: Fix unbalanced hard link numbers
    - of: fix sparse warning in of_pci_range_parser_one
    - iio: dac: ad7303: fix channel description
    - pid_ns: Sleep in TASK_INTERRUPTIBLE in zap_pid_ns_processes
    - pid_ns: Fix race between setns'ed fork() and zap_pid_ns_processes()
    - USB: serial: ftdi_sio: fix setting latency for unprivileged users
    - USB: serial: ftdi_sio: add Olimex ARM-USB-TINY(H) PIDs
    - ext4 crypto: don't let data integrity writebacks fail with ENOMEM
    - ext4 crypto: fix some error handling
    - net: qmi_wwan: Add SIMCom 7230E
    - fscrypt: fix context consistency check when key(s) unavailable
    - f2fs: check entire encrypted bigname when finding a dentry
    - fscrypt: avoid collisions when presenting long encrypted filenames
    - usb: host: xhci-plat: propagate return value of platform_get_irq()
    - xhci: apply PME_STUCK_QUIRK and MISSING_CAS quirk for Denverton
    - usb: host: xhci-mem: allocate zeroed Scratchpad Buffer
    - net: irda: irda-usb: fix firmware name on big-endian hosts
    - usbvision: fix NULL-deref at probe
    - mceusb: fix NULL-deref at probe
    - ttusb2: limit messages to buffer size
    - usb: musb: tusb6010_omap: Do not reset the other direction's packet size
    - USB: iowarrior: fix info ioctl on big-endian hosts
    - usb: serial: option: add Telit ME910 support
    - USB: serial: qcserial: add more Lenovo EM74xx device IDs
    - USB: serial: mct_u232: fix big-endian baud-rate handling
    - USB: serial: io_ti: fix div-by-zero in set_termios
    - USB: hub: fix SS hub-descriptor handling
    - USB: hub: fix non-SS hub-descriptor handling
    - ipx: call ipxitf_put() in ioctl error path
    - iio: proximity: as3935: fix as3935_write
    - ceph: fix recursion between ceph_set_acl() and __ceph_setattr()
    - gspca: konica: add missing endpoint sanity check
    - s5p-mfc: Fix unbalanced call to clock management
    - dib0700: fix NULL-deref at probe
    - zr364xx: enforce minimum size when reading header
    - dvb-frontends/cxd2841er: define symbol_rate_min/max in T/C fe-ops
    - cx231xx-audio: fix init error path
    - cx231xx-audio: fix NULL-deref at probe
    - cx231xx-cards: fix NULL-deref at probe
    - powerpc/book3s/mce: Move add_taint() later in virtual mode
    - powerpc/pseries: Fix of_node_put() underflow during DLPAR remove
    - powerpc/64e: Fix hang when debugging programs with relocated kernel
    - ARM: dts: at91: sama5d3_xplained: fix ADC vref
    - ARM: dts: at91: sama5d3_xplained: not all ADC channels are available
    - arm64: xchg: hazard against entire exchange variable
    - arm64: uaccess: ensure extension of access_ok() addr
    - arm64: documentation: document tagged pointer stack constraints
    - xc2028: Fix use-after-free bug properly
    - Revert "UBUNTU: SAUCE: mm: Respect FOLL_FORCE/FOLL_COW for thp"
    - mm/huge_memory.c: respect FOLL_FORCE/FOLL_COW for thp
    - staging: rtl8192e: fix 2 byte alignment of register BSSIDR.
    - staging: rtl8192e: rtl92e_get_eeprom_size Fix read size of EPROM_CMD.
    - iommu/vt-d: Flush the IOTLB to get rid of the initial kdump mappings
    - metag/uaccess: Fix access_ok()
    - metag/uaccess: Check access_ok in strncpy_from_user
    - uwb: fix device quirk on big-endian hosts
    - genirq: Fix chained interrupt data ordering
    - osf_wait4(): fix infoleak
    - tracing/kprobes: Enforce kprobes teardown after testing
    - PCI: Fix pci_mmap_fits() for HAVE_PCI_RESOURCE_TO_USER platforms
    - PCI: Freeze PME scan before suspending devices
    - drm/edid: Add 10 bpc quirk for LGD 764 panel in HP zBook 17 G2
    - nfsd: encoders mustn't use unitialized values in error cases
    - drivers: char: mem: Check for address space wraparound with mmap()
    - Linux 4.4.70

  * Xenial update to 4.4.69 stable release (LP: #1692900)
    - xen: adjust early dom0 p2m handling to xen hypervisor behavior
    - target: Fix compare_and_write_callback handling for non GOOD status
    - target/fileio: Fix zero-length READ and WRITE handling
    - target: Convert ACL change queue_depth se_session reference usage
    - iscsi-target: Set session_fall_back_to_erl0 when forcing reinstatement
    - usb: host: xhci: print correct command ring address
    - USB: serial: ftdi_sio: add device ID for Microsemi/Arrow SF2PLUS Dev Kit
    - USB: Proper handling of Race Condition when two USB class drivers try to
      call init_usb_class simultaneously
    - staging: vt6656: use off stack for in buffer USB transfers.
    - staging: vt6656: use off stack for out buffer USB transfers.
    - staging: gdm724x: gdm_mux: fix use-after-free on module unload
    - staging: comedi: jr3_pci: fix possible null pointer dereference
    - staging: comedi: jr3_pci: cope with jiffies wraparound
    - usb: misc: add missing continue in switch
    - usb: Make sure usb/phy/of gets built-in
    - usb: hub: Fix error loop seen after hub communication errors
    - usb: hub: Do not attempt to autosuspend disconnected devices
    - x86/boot: Fix BSS corruption/overwrite bug in early x86 kernel startup
    - selftests/x86/ldt_gdt_32: Work around a glibc sigaction() bug
    - x86, pmem: Fix cache flushing for iovec write < 8 bytes
    - um: Fix PTRACE_POKEUSER on x86_64
    - KVM: x86: fix user triggerable warning in kvm_apic_accept_events()
    - KVM: arm/arm64: fix races in kvm_psci_vcpu_on
    - block: fix blk_integrity_register to use template's interval_exp if not 0
    - crypto: algif_aead - Require setkey before accept(2)
    - dm era: save spacemap metadata root after the pre-commit
    - vfio/type1: Remove locked page accounting workqueue
    - IB/core: Fix sysfs registration error flow
    - IB/IPoIB: ibX: failed to create mcg debug file
    - IB/mlx4: Fix ib device initialization error flow
    - IB/mlx4: Reduce SRIOV multicast cleanup warning message to debug level
    - ext4: evict inline data when writing to memory map
    - fs/xattr.c: zero out memory copied to userspace in getxattr
    - ceph: fix memory leak in __ceph_setxattr()
    - fs/block_dev: always invalidate cleancache in invalidate_bdev()
    - Set unicode flag on cifs echo request to avoid Mac error
    - SMB3: Work around mount failure when using SMB3 dialect to Macs
    - CIFS: fix mapping of SFM_SPACE and SFM_PERIOD
    - cifs: fix CIFS_IOC_GET_MNT_INFO oops
    - CIFS: add misssing SFM mapping for doublequote
    - padata: free correct variable
    - arm64: KVM: Fix decoding of Rt/Rt2 when trapping AArch32 CP accesses
    - serial: samsung: Use right device for DMA-mapping calls
    - serial: omap: fix runtime-pm handling on unbind
    - serial: omap: suspend device on probe errors
    - tty: pty: Fix ldisc flush after userspace become aware of the data already
    - Bluetooth: Fix user channel for 32bit userspace on 64bit kernel
    - Bluetooth: hci_bcm: add missing tty-device sanity check
    - Bluetooth: hci_intel: add missing tty-device sanity check
    - mac80211: pass RX aggregation window size to driver
    - mac80211: pass block ack session timeout to to driver
    - mac80211: RX BA support for sta max_rx_aggregation_subframes
    - wlcore: Pass win_size taken from ieee80211_sta to FW
    - wlcore: Add RX_BA_WIN_SIZE_CHANGE_EVENT event
    - ipmi: Fix kernel panic at ipmi_ssif_thread()
    - Linux 4.4.69

  * Support IPMI system interface on Cavium ThunderX (LP: #1688132)
    - i2c: octeon: Cleanup kerneldoc comments
    - i2c: octeon: Cleanup i2c-octeon driver
    - i2c: octeon: Cleanup resource allocation code
    - i2c: octeon: Support I2C_M_RECV_LEN
    - i2c: octeon: Increase retry default and use fixed timeout value
    - i2c: octeon: Move set-clock and init-lowlevel upward
    - i2c: octeon: Rename [read|write]_sw to reg_[read|write]
    - i2c: octeon: Introduce helper functions for register access
    - i2c: octeon: Remove superfluous check in octeon_i2c_test_iflg
    - i2c: octeon: Improve error status checking
    - i2c: octeon: Use i2c recovery framework
    - i2c: octeon: Add flush writeq helper function
    - i2c: octeon: Enable High-Level Controller
    - i2c: octeon: Add support for cn78xx chips
    - i2c: octeon: Remove zero-length message support
    - i2c: octeon: Improve performance if interrupt is early
    - i2c: octeon: Add workaround for broken irqs on CN3860
    - i2c: octeon: Missing AAK flag in case of I2C_M_RECV_LEN
    - i2c: octeon: Avoid printk after too long SMBUS message
    - i2c: octeon: Rename driver to prepare for split
    - i2c: octeon: Split the driver into two parts
    - [Config] CONFIG_I2C_THUNDERX=m
    - i2c: thunderx: Add i2c driver for ThunderX SOC
    - i2c: thunderx: Add SMBUS alert support
    - i2c: octeon,thunderx: Move register offsets to struct
    - i2c: octeon: Sort include files alphabetically
    - i2c: octeon: Use booleon values for booleon variables
    - i2c: octeon: thunderx: Add MAINTAINERS entry
    - i2c: octeon: Fix set SCL recovery function
    - i2c: octeon: Avoid sending STOP during recovery
    - i2c: octeon: Fix high-level controller status check
    - i2c: octeon: thunderx: TWSI software reset in recovery
    - i2c: octeon: thunderx: Remove double-check after interrupt
    - i2c: octeon: thunderx: Limit register access retries
    - i2c: thunderx: Enable HWMON class probing

  * Xenial update to 4.4.68 stable release (LP: #1691418)
    - 9p: fix a potential acl leak
    - ARM: 8452/3: PJ4: make coprocessor access sequences buildable in Thumb2 mode
    - cpupower: Fix turbo frequency reporting for pre-Sandy Bridge cores
    - powerpc/powernv: Fix opal_exit tracepoint opcode
    - power: supply: bq24190_charger: Fix irq trigger to IRQF_TRIGGER_FALLING
    - power: supply: bq24190_charger: Call set_mode_host() on pm_resume()
    - power: supply: bq24190_charger: Install irq_handler_thread() at end of
      probe()
    - power: supply: bq24190_charger: Call power_supply_changed() for relevant
      component
    - power: supply: bq24190_charger: Don't read fault register outside
      irq_handle_thread()
    - power: supply: bq24190_charger: Handle fault before status on interrupt
    - leds: ktd2692: avoid harmless maybe-uninitialized warning
    - ARM: OMAP5 / DRA7: Fix HYP mode boot for thumb2 build
    - mwifiex: debugfs: Fix (sometimes) off-by-1 SSID print
    - mwifiex: remove redundant dma padding in AMSDU
    - mwifiex: Avoid skipping WEP key deletion for AP
    - x86/ioapic: Restore IO-APIC irq_chip retrigger callback
    - x86/pci-calgary: Fix iommu_free() comparison of unsigned expression >= 0
    - clk: Make x86/ conditional on CONFIG_COMMON_CLK
    - kprobes/x86: Fix kernel panic when certain exception-handling addresses are
      probed
    - x86/platform/intel-mid: Correct MSI IRQ line for watchdog device
    - Revert "KVM: nested VMX: disable perf cpuid reporting"
    - KVM: nVMX: initialize PML fields in vmcs02
    - KVM: nVMX: do not leak PML full vmexit to L1
    - usb: host: ehci-exynos: Decrese node refcount on exynos_ehci_get_phy() error
      paths
    - usb: host: ohci-exynos: Decrese node refcount on exynos_ehci_get_phy() error
      paths
    - usb: chipidea: Only read/write OTGSC from one place
    - usb: chipidea: Handle extcon events properly
    - USB: serial: keyspan_pda: fix receive sanity checks
    - USB: serial: digi_acceleport: fix incomplete rx sanity check
    - USB: serial: ssu100: fix control-message error handling
    - USB: serial: io_edgeport: fix epic-descriptor handling
    - USB: serial: ti_usb_3410_5052: fix control-message error handling
    - USB: serial: ark3116: fix open error handling
    - USB: serial: ftdi_sio: fix latency-timer error handling
    - USB: serial: quatech2: fix control-message error handling
    - USB: serial: mct_u232: fix modem-status error handling
    - USB: serial: io_edgeport: fix descriptor error handling
    - phy: qcom-usb-hs: Add depends on EXTCON
    - serial: 8250_omap: Fix probe and remove for PM runtime
    - scsi: mac_scsi: Fix MAC_SCSI=m option when SCSI=m
    - MIPS: R2-on-R6 MULTU/MADDU/MSUBU emulation bugfix
    - brcmfmac: Ensure pointer correctly set if skb data location changes
    - brcmfmac: Make skb header writable before use
    - staging: wlan-ng: add missing byte order conversion
    - staging: emxx_udc: remove incorrect __init annotations
    - ALSA: hda - Fix deadlock of controller device lock at unbinding
    - tcp: do not underestimate skb->truesize in tcp_trim_head()
    - bpf, arm64: fix jit branch offset related to ldimm64
    - tcp: fix wraparound issue in tcp_lp
    - tcp: do not inherit fastopen_req from parent
    - ipv4, ipv6: ensure raw socket message is big enough to hold an IP header
    - rtnetlink: NUL-terminate IFLA_PHYS_PORT_NAME string
    - ipv6: initialize route null entry in addrconf_init()
    - ipv6: reorder ip6_route_dev_notifier after ipv6_dev_notf
    - bnxt_en: allocate enough space for ->ntp_fltr_bmap
    - f2fs: sanity check segment count
    - drm/ttm: fix use-after-free races in vm fault handling
    - block: get rid of blk_integrity_revalidate()
    - Linux 4.4.68

  * Keyboard backlight control does not work on some dell laptops.
    (LP: #1693126)
    - platform/x86: dell-laptop: Add Latitude 7480 and others to the DMI whitelist
    - platform/x86: dell-laptop: Add keyboard backlight timeout AC settings

  * Upgrade Redpine WLAN/BT driver to ver. 1.2.RC9 (LP: #1690498)
    - SAUCE: Redpine: Upgrade to ver. 1.2.RC9

  * exec'ing a setuid binary from a threaded program sometimes fails to setuid
    (LP: #1672819)
    - SAUCE: exec: ensure file system accounting in check_unsafe_exec is correct

  * attempts to rename vlans / vlans have addr_assign_type of 0 on kernel 4.4
    (LP: #1682871)
    - vlan: Propagate MAC address to VLANs

  * Exar usb-serial doesn't restore baud rate after resume from S3/S4
    (LP: #1690362)
    - SAUCE: xr-usb-serial: re-initialise baudrate after resume from S3/S4

  * st_pressure, st_accel IIO drivers fail to detect sensors after reloading
    kernel modules (LP: #1690310)
    - SAUCE: (no-up) iio: st_pressure: st_accel: Initialise sensor platform data
      properly

  * nvidia-docker on ppc64le-ubuntu16.04  issue due to cross-thread naming if
    !PR_DUMPABLE (LP: #1690225)
    - procfs: fix pthread cross-thread naming if !PR_DUMPABLE

  * linux xenial derivatives fail to build (LP: #1691814)
    - [Packaging] Set do_tools_common in common vars

 -- Juerg Haefliger <email address hidden>  Fri, 23 Jun 2017 10:15:57 +0200
Superseded in trusty-security on 2017-06-28
Superseded in trusty-updates on 2017-06-28
Deleted in trusty-proposed (Reason: moved to -updates)
linux-lts-xenial (4.4.0-81.104~14.04.1) trusty; urgency=low

  * CVE-2017-1000364
    - mm: enlarge stack guard gap
    - mm: do not collapse stack gap into THP

 -- Stefan Bader <email address hidden>  Thu, 08 Jun 2017 15:19:41 +0200
Deleted in trusty-proposed on 2017-06-26 (Reason: NBS)
linux-lts-xenial (4.4.0-80.101~14.04.1) trusty; urgency=low

  * linux-lts-xenial: 4.4.0-80.101~14.04.1 -proposed tracker (LP: #1696358)

  * linux: 4.4.0-80.101 -proposed tracker (LP: #1696357)

  * linux-aws/linux-gke incorrectly producing and using linux-*-tools-
    common/linux-*-cloud-tools-common (LP: #1688579)
    - [Config] make linux-tools-common and linux-cloud-tools-common protection
      consistent

  * CVE-2017-9242
    - ipv6: fix out of bound writes in __ip6_append_data()

  * CVE-2017-9075
    - sctp: do not inherit ipv6_{mc|ac|fl}_list from parent

  * CVE-2017-9074
    - ipv6: Prevent overrun when parsing v6 header options

  * CVE-2017-9076
    - ipv6/dccp: do not inherit ipv6_mc_list from parent

  * CVE-2017-9077
    - ipv6/dccp: do not inherit ipv6_mc_list from parent

  * CVE-2017-8890
    - dccp/tcp: do not inherit mc_list from parent

  * Module signing exclusion for staging drivers does not work properly
    (LP: #1690908)
    - SAUCE: Fix module signing exclusion in package builds

  * extend-diff-ignore should use exact matches (LP: #1693504)
    - [Packaging] exact extend-diff-ignore matches

  * Dell XPS 9360 wifi 5G performance is poor (LP: #1692836)
    - SAUCE: ath10k: fix the wifi speed issue for kill 1535

  *  Upgrade Redpine WLAN/BT driver to ver. 1.2.RC12 (LP: #1694607)
    - SAUCE: Redpine: Upgrade to ver. 1.2.RC12

  * [DP MST] No audio output through HDMI/DP/mDP ports in Dell WD15 and TB15
    docking stations (LP: #1694665)
    - drm/i915: Store port enum in intel_encoder
    - drm/i915: Eliminate redundant local variable definition
    - drm/i915: Switch to using port stored in intel_encoder
    - drm/i915: Move audio_connector to intel_encoder
    - drm/i915/dp: DP audio API changes for MST
    - drm/i915: abstract ddi being audio enabled
    - drm/i915/audio: extend get_saved_enc() to support more scenarios
    - drm/i915: enable dp mst audio

  * Xenial update to 4.4.70 stable release (LP: #1694621)
    - usb: misc: legousbtower: Fix buffers on stack
    - usb: misc: legousbtower: Fix memory leak
    - USB: ene_usb6250: fix DMA to the stack
    - watchdog: pcwd_usb: fix NULL-deref at probe
    - char: lp: fix possible integer overflow in lp_setup()
    - USB: core: replace %p with %pK
    - ARM: tegra: paz00: Mark panel regulator as enabled on boot
    - tpm_crb: check for bad response size
    - infiniband: call ipv6 route lookup via the stub interface
    - dm btree: fix for dm_btree_find_lowest_key()
    - dm raid: select the Kconfig option CONFIG_MD_RAID0
    - dm bufio: avoid a possible ABBA deadlock
    - dm bufio: check new buffer allocation watermark every 30 seconds
    - dm cache metadata: fail operations if fail_io mode has been established
    - dm bufio: make the parameter "retain_bytes" unsigned long
    - dm thin metadata: call precommit before saving the roots
    - dm space map disk: fix some book keeping in the disk space map
    - md: update slab_cache before releasing new stripes when stripes resizing
    - rtlwifi: rtl8821ae: setup 8812ae RFE according to device type
    - mwifiex: pcie: fix cmd_buf use-after-free in remove/reset
    - ima: accept previously set IMA_NEW_FILE
    - KVM: x86: Fix load damaged SSEx MXCSR register
    - KVM: X86: Fix read out-of-bounds vulnerability in kvm pio emulation
    - regulator: tps65023: Fix inverted core enable logic.
    - s390/kdump: Add final note
    - s390/cputime: fix incorrect system time
    - ath9k_htc: Add support of AirTies 1eda:2315 AR9271 device
    - ath9k_htc: fix NULL-deref at probe
    - drm/amdgpu: Avoid overflows/divide-by-zero in latency_watermark
      calculations.
    - drm/amdgpu: Make display watermark calculations more accurate
    - drm/nouveau/therm: remove ineffective workarounds for alarm bugs
    - drm/nouveau/tmr: ack interrupt before processing alarms
    - drm/nouveau/tmr: fix corruption of the pending list when rescheduling an
      alarm
    - drm/nouveau/tmr: avoid processing completed alarms when adding a new one
    - drm/nouveau/tmr: handle races with hw when updating the next alarm time
    - cdc-acm: fix possible invalid access when processing notification
    - proc: Fix unbalanced hard link numbers
    - of: fix sparse warning in of_pci_range_parser_one
    - iio: dac: ad7303: fix channel description
    - pid_ns: Sleep in TASK_INTERRUPTIBLE in zap_pid_ns_processes
    - pid_ns: Fix race between setns'ed fork() and zap_pid_ns_processes()
    - USB: serial: ftdi_sio: fix setting latency for unprivileged users
    - USB: serial: ftdi_sio: add Olimex ARM-USB-TINY(H) PIDs
    - ext4 crypto: don't let data integrity writebacks fail with ENOMEM
    - ext4 crypto: fix some error handling
    - net: qmi_wwan: Add SIMCom 7230E
    - fscrypt: fix context consistency check when key(s) unavailable
    - f2fs: check entire encrypted bigname when finding a dentry
    - fscrypt: avoid collisions when presenting long encrypted filenames
    - usb: host: xhci-plat: propagate return value of platform_get_irq()
    - xhci: apply PME_STUCK_QUIRK and MISSING_CAS quirk for Denverton
    - usb: host: xhci-mem: allocate zeroed Scratchpad Buffer
    - net: irda: irda-usb: fix firmware name on big-endian hosts
    - usbvision: fix NULL-deref at probe
    - mceusb: fix NULL-deref at probe
    - ttusb2: limit messages to buffer size
    - usb: musb: tusb6010_omap: Do not reset the other direction's packet size
    - USB: iowarrior: fix info ioctl on big-endian hosts
    - usb: serial: option: add Telit ME910 support
    - USB: serial: qcserial: add more Lenovo EM74xx device IDs
    - USB: serial: mct_u232: fix big-endian baud-rate handling
    - USB: serial: io_ti: fix div-by-zero in set_termios
    - USB: hub: fix SS hub-descriptor handling
    - USB: hub: fix non-SS hub-descriptor handling
    - ipx: call ipxitf_put() in ioctl error path
    - iio: proximity: as3935: fix as3935_write
    - ceph: fix recursion between ceph_set_acl() and __ceph_setattr()
    - gspca: konica: add missing endpoint sanity check
    - s5p-mfc: Fix unbalanced call to clock management
    - dib0700: fix NULL-deref at probe
    - zr364xx: enforce minimum size when reading header
    - dvb-frontends/cxd2841er: define symbol_rate_min/max in T/C fe-ops
    - cx231xx-audio: fix init error path
    - cx231xx-audio: fix NULL-deref at probe
    - cx231xx-cards: fix NULL-deref at probe
    - powerpc/book3s/mce: Move add_taint() later in virtual mode
    - powerpc/pseries: Fix of_node_put() underflow during DLPAR remove
    - powerpc/64e: Fix hang when debugging programs with relocated kernel
    - ARM: dts: at91: sama5d3_xplained: fix ADC vref
    - ARM: dts: at91: sama5d3_xplained: not all ADC channels are available
    - arm64: xchg: hazard against entire exchange variable
    - arm64: uaccess: ensure extension of access_ok() addr
    - arm64: documentation: document tagged pointer stack constraints
    - xc2028: Fix use-after-free bug properly
    - Revert "UBUNTU: SAUCE: mm: Respect FOLL_FORCE/FOLL_COW for thp"
    - mm/huge_memory.c: respect FOLL_FORCE/FOLL_COW for thp
    - staging: rtl8192e: fix 2 byte alignment of register BSSIDR.
    - staging: rtl8192e: rtl92e_get_eeprom_size Fix read size of EPROM_CMD.
    - iommu/vt-d: Flush the IOTLB to get rid of the initial kdump mappings
    - metag/uaccess: Fix access_ok()
    - metag/uaccess: Check access_ok in strncpy_from_user
    - uwb: fix device quirk on big-endian hosts
    - genirq: Fix chained interrupt data ordering
    - osf_wait4(): fix infoleak
    - tracing/kprobes: Enforce kprobes teardown after testing
    - PCI: Fix pci_mmap_fits() for HAVE_PCI_RESOURCE_TO_USER platforms
    - PCI: Freeze PME scan before suspending devices
    - drm/edid: Add 10 bpc quirk for LGD 764 panel in HP zBook 17 G2
    - nfsd: encoders mustn't use unitialized values in error cases
    - drivers: char: mem: Check for address space wraparound with mmap()
    - Linux 4.4.70

  * Xenial update to 4.4.69 stable release (LP: #1692900)
    - xen: adjust early dom0 p2m handling to xen hypervisor behavior
    - target: Fix compare_and_write_callback handling for non GOOD status
    - target/fileio: Fix zero-length READ and WRITE handling
    - target: Convert ACL change queue_depth se_session reference usage
    - iscsi-target: Set session_fall_back_to_erl0 when forcing reinstatement
    - usb: host: xhci: print correct command ring address
    - USB: serial: ftdi_sio: add device ID for Microsemi/Arrow SF2PLUS Dev Kit
    - USB: Proper handling of Race Condition when two USB class drivers try to
      call init_usb_class simultaneously
    - staging: vt6656: use off stack for in buffer USB transfers.
    - staging: vt6656: use off stack for out buffer USB transfers.
    - staging: gdm724x: gdm_mux: fix use-after-free on module unload
    - staging: comedi: jr3_pci: fix possible null pointer dereference
    - staging: comedi: jr3_pci: cope with jiffies wraparound
    - usb: misc: add missing continue in switch
    - usb: Make sure usb/phy/of gets built-in
    - usb: hub: Fix error loop seen after hub communication errors
    - usb: hub: Do not attempt to autosuspend disconnected devices
    - x86/boot: Fix BSS corruption/overwrite bug in early x86 kernel startup
    - selftests/x86/ldt_gdt_32: Work around a glibc sigaction() bug
    - x86, pmem: Fix cache flushing for iovec write < 8 bytes
    - um: Fix PTRACE_POKEUSER on x86_64
    - KVM: x86: fix user triggerable warning in kvm_apic_accept_events()
    - KVM: arm/arm64: fix races in kvm_psci_vcpu_on
    - block: fix blk_integrity_register to use template's interval_exp if not 0
    - crypto: algif_aead - Require setkey before accept(2)
    - dm era: save spacemap metadata root after the pre-commit
    - vfio/type1: Remove locked page accounting workqueue
    - IB/core: Fix sysfs registration error flow
    - IB/IPoIB: ibX: failed to create mcg debug file
    - IB/mlx4: Fix ib device initialization error flow
    - IB/mlx4: Reduce SRIOV multicast cleanup warning message to debug level
    - ext4: evict inline data when writing to memory map
    - fs/xattr.c: zero out memory copied to userspace in getxattr
    - ceph: fix memory leak in __ceph_setxattr()
    - fs/block_dev: always invalidate cleancache in invalidate_bdev()
    - Set unicode flag on cifs echo request to avoid Mac error
    - SMB3: Work around mount failure when using SMB3 dialect to Macs
    - CIFS: fix mapping of SFM_SPACE and SFM_PERIOD
    - cifs: fix CIFS_IOC_GET_MNT_INFO oops
    - CIFS: add misssing SFM mapping for doublequote
    - padata: free correct variable
    - arm64: KVM: Fix decoding of Rt/Rt2 when trapping AArch32 CP accesses
    - serial: samsung: Use right device for DMA-mapping calls
    - serial: omap: fix runtime-pm handling on unbind
    - serial: omap: suspend device on probe errors
    - tty: pty: Fix ldisc flush after userspace become aware of the data already
    - Bluetooth: Fix user channel for 32bit userspace on 64bit kernel
    - Bluetooth: hci_bcm: add missing tty-device sanity check
    - Bluetooth: hci_intel: add missing tty-device sanity check
    - mac80211: pass RX aggregation window size to driver
    - mac80211: pass block ack session timeout to to driver
    - mac80211: RX BA support for sta max_rx_aggregation_subframes
    - wlcore: Pass win_size taken from ieee80211_sta to FW
    - wlcore: Add RX_BA_WIN_SIZE_CHANGE_EVENT event
    - ipmi: Fix kernel panic at ipmi_ssif_thread()
    - Linux 4.4.69

  * Support IPMI system interface on Cavium ThunderX (LP: #1688132)
    - i2c: octeon: Cleanup kerneldoc comments
    - i2c: octeon: Cleanup i2c-octeon driver
    - i2c: octeon: Cleanup resource allocation code
    - i2c: octeon: Support I2C_M_RECV_LEN
    - i2c: octeon: Increase retry default and use fixed timeout value
    - i2c: octeon: Move set-clock and init-lowlevel upward
    - i2c: octeon: Rename [read|write]_sw to reg_[read|write]
    - i2c: octeon: Introduce helper functions for register access
    - i2c: octeon: Remove superfluous check in octeon_i2c_test_iflg
    - i2c: octeon: Improve error status checking
    - i2c: octeon: Use i2c recovery framework
    - i2c: octeon: Add flush writeq helper function
    - i2c: octeon: Enable High-Level Controller
    - i2c: octeon: Add support for cn78xx chips
    - i2c: octeon: Remove zero-length message support
    - i2c: octeon: Improve performance if interrupt is early
    - i2c: octeon: Add workaround for broken irqs on CN3860
    - i2c: octeon: Missing AAK flag in case of I2C_M_RECV_LEN
    - i2c: octeon: Avoid printk after too long SMBUS message
    - i2c: octeon: Rename driver to prepare for split
    - i2c: octeon: Split the driver into two parts
    - [Config] CONFIG_I2C_THUNDERX=m
    - i2c: thunderx: Add i2c driver for ThunderX SOC
    - i2c: thunderx: Add SMBUS alert support
    - i2c: octeon,thunderx: Move register offsets to struct
    - i2c: octeon: Sort include files alphabetically
    - i2c: octeon: Use booleon values for booleon variables
    - i2c: octeon: thunderx: Add MAINTAINERS entry
    - i2c: octeon: Fix set SCL recovery function
    - i2c: octeon: Avoid sending STOP during recovery
    - i2c: octeon: Fix high-level controller status check
    - i2c: octeon: thunderx: TWSI software reset in recovery
    - i2c: octeon: thunderx: Remove double-check after interrupt
    - i2c: octeon: thunderx: Limit register access retries
    - i2c: thunderx: Enable HWMON class probing

  * Xenial update to 4.4.68 stable release (LP: #1691418)
    - 9p: fix a potential acl leak
    - ARM: 8452/3: PJ4: make coprocessor access sequences buildable in Thumb2 mode
    - cpupower: Fix turbo frequency reporting for pre-Sandy Bridge cores
    - powerpc/powernv: Fix opal_exit tracepoint opcode
    - power: supply: bq24190_charger: Fix irq trigger to IRQF_TRIGGER_FALLING
    - power: supply: bq24190_charger: Call set_mode_host() on pm_resume()
    - power: supply: bq24190_charger: Install irq_handler_thread() at end of
      probe()
    - power: supply: bq24190_charger: Call power_supply_changed() for relevant
      component
    - power: supply: bq24190_charger: Don't read fault register outside
      irq_handle_thread()
    - power: supply: bq24190_charger: Handle fault before status on interrupt
    - leds: ktd2692: avoid harmless maybe-uninitialized warning
    - ARM: OMAP5 / DRA7: Fix HYP mode boot for thumb2 build
    - mwifiex: debugfs: Fix (sometimes) off-by-1 SSID print
    - mwifiex: remove redundant dma padding in AMSDU
    - mwifiex: Avoid skipping WEP key deletion for AP
    - x86/ioapic: Restore IO-APIC irq_chip retrigger callback
    - x86/pci-calgary: Fix iommu_free() comparison of unsigned expression >= 0
    - clk: Make x86/ conditional on CONFIG_COMMON_CLK
    - kprobes/x86: Fix kernel panic when certain exception-handling addresses are
      probed
    - x86/platform/intel-mid: Correct MSI IRQ line for watchdog device
    - Revert "KVM: nested VMX: disable perf cpuid reporting"
    - KVM: nVMX: initialize PML fields in vmcs02
    - KVM: nVMX: do not leak PML full vmexit to L1
    - usb: host: ehci-exynos: Decrese node refcount on exynos_ehci_get_phy() error
      paths
    - usb: host: ohci-exynos: Decrese node refcount on exynos_ehci_get_phy() error
      paths
    - usb: chipidea: Only read/write OTGSC from one place
    - usb: chipidea: Handle extcon events properly
    - USB: serial: keyspan_pda: fix receive sanity checks
    - USB: serial: digi_acceleport: fix incomplete rx sanity check
    - USB: serial: ssu100: fix control-message error handling
    - USB: serial: io_edgeport: fix epic-descriptor handling
    - USB: serial: ti_usb_3410_5052: fix control-message error handling
    - USB: serial: ark3116: fix open error handling
    - USB: serial: ftdi_sio: fix latency-timer error handling
    - USB: serial: quatech2: fix control-message error handling
    - USB: serial: mct_u232: fix modem-status error handling
    - USB: serial: io_edgeport: fix descriptor error handling
    - phy: qcom-usb-hs: Add depends on EXTCON
    - serial: 8250_omap: Fix probe and remove for PM runtime
    - scsi: mac_scsi: Fix MAC_SCSI=m option when SCSI=m
    - MIPS: R2-on-R6 MULTU/MADDU/MSUBU emulation bugfix
    - brcmfmac: Ensure pointer correctly set if skb data location changes
    - brcmfmac: Make skb header writable before use
    - staging: wlan-ng: add missing byte order conversion
    - staging: emxx_udc: remove incorrect __init annotations
    - ALSA: hda - Fix deadlock of controller device lock at unbinding
    - tcp: do not underestimate skb->truesize in tcp_trim_head()
    - bpf, arm64: fix jit branch offset related to ldimm64
    - tcp: fix wraparound issue in tcp_lp
    - tcp: do not inherit fastopen_req from parent
    - ipv4, ipv6: ensure raw socket message is big enough to hold an IP header
    - rtnetlink: NUL-terminate IFLA_PHYS_PORT_NAME string
    - ipv6: initialize route null entry in addrconf_init()
    - ipv6: reorder ip6_route_dev_notifier after ipv6_dev_notf
    - bnxt_en: allocate enough space for ->ntp_fltr_bmap
    - f2fs: sanity check segment count
    - drm/ttm: fix use-after-free races in vm fault handling
    - block: get rid of blk_integrity_revalidate()
    - Linux 4.4.68

  * Keyboard backlight control does not work on some dell laptops.
    (LP: #1693126)
    - platform/x86: dell-laptop: Add Latitude 7480 and others to the DMI whitelist
    - platform/x86: dell-laptop: Add keyboard backlight timeout AC settings

  * Upgrade Redpine WLAN/BT driver to ver. 1.2.RC9 (LP: #1690498)
    - SAUCE: Redpine: Upgrade to ver. 1.2.RC9

  * exec'ing a setuid binary from a threaded program sometimes fails to setuid
    (LP: #1672819)
    - SAUCE: exec: ensure file system accounting in check_unsafe_exec is correct

  * attempts to rename vlans / vlans have addr_assign_type of 0 on kernel 4.4
    (LP: #1682871)
    - vlan: Propagate MAC address to VLANs

  * Exar usb-serial doesn't restore baud rate after resume from S3/S4
    (LP: #1690362)
    - SAUCE: xr-usb-serial: re-initialise baudrate after resume from S3/S4

  * st_pressure, st_accel IIO drivers fail to detect sensors after reloading
    kernel modules (LP: #1690310)
    - SAUCE: (no-up) iio: st_pressure: st_accel: Initialise sensor platform data
      properly

  * nvidia-docker on ppc64le-ubuntu16.04  issue due to cross-thread naming if
    !PR_DUMPABLE (LP: #1690225)
    - procfs: fix pthread cross-thread naming if !PR_DUMPABLE

  * linux xenial derivatives fail to build (LP: #1691814)
    - [Packaging] Set do_tools_common in common vars

 -- Kleber Sacilotto de Souza <email address hidden>  Thu, 08 Jun 2017 15:16:48 +0200
Superseded in trusty-security on 2017-06-19
Superseded in trusty-updates on 2017-06-19
Deleted in trusty-proposed (Reason: moved to -updates)
linux-lts-xenial (4.4.0-79.100~14.04.1) trusty; urgency=low

  * linux-lts-xenial: 4.4.0-79.100~14.04.1 -proposed tracker (LP: #1691181)

  * linux xenial derivatives fail to build (LP: #1691814)
    - [Packaging] Set do_tools_common in common vars

  * linux: 4.4.0-79.100 -proposed tracker (LP: #1691180)

  * linux-aws/linux-gke incorrectly producing and using linux-*-tools-
    common/linux-*-cloud-tools-common (LP: #1688579)
    - [Config] make linux-tools-common and linux-cloud-tools-common provide linux-
      gke versions
    - [Config] make linux-tools-common and linux-cloud-tools-common provide linux-
      aws versions
    - [Packaging] prevent linux-*-tools-common from being produced from non linux
      packages

  * CVE-2017-0605
    - tracing: Use strlcpy() instead of strcpy() in __trace_find_cmdline()

  * i915-bpo crashes on external hdmi input (LP: #1580272)
    - SAUCE: i915_bpo: Silence the warning about watermark entries not changing

  * Kernel panics on Xenial when using cgroups and strict CFS limits
    (LP: #1687512)
    - sched/fair: Initialize throttle_count for new task-groups lazily
    - sched/fair: Do not announce throttled next buddy in dequeue_task_fair()

  * bonding - mlx5 - speed changed to 0 after changing ring size  (LP: #1687877)
    - bonding: allow notifications for bond_set_slave_link_state

  * Xenial update to 4.4.67 stable release (LP: #1689296)
    - timerfd: Protect the might cancel mechanism proper
    - Handle mismatched open calls
    - ASoC: intel: Fix PM and non-atomic crash in bytcr drivers
    - ALSA: ppc/awacs: shut up maybe-uninitialized warning
    - drbd: avoid redefinition of BITS_PER_PAGE
    - mtd: avoid stack overflow in MTD CFI code
    - net: tg3: avoid uninitialized variable warning
    - netlink: Allow direct reclaim for fallback allocation
    - IB/qib: rename BITS_PER_PAGE to RVT_BITS_PER_PAGE
    - IB/ehca: fix maybe-uninitialized warnings
    - ext4: require encryption feature for EXT4_IOC_SET_ENCRYPTION_POLICY
    - ext4 crypto: revalidate dentry after adding or removing the key
    - ext4 crypto: use dget_parent() in ext4_d_revalidate()
    - ext4/fscrypto: avoid RCU lookup in d_revalidate
    - nfsd4: minor NFSv2/v3 write decoding cleanup
    - nfsd: stricter decoding of write-like NFSv2/v3 ops
    - dm ioctl: prevent stack leak in dm ioctl call
    - Linux 4.4.67

  * Precision Rack failed to resume from S4 (LP: #1686061)
    - x86 / hibernate: Use hlt_play_dead() when resuming from hibernation
    - x86/boot: Split out kernel_ident_mapping_init()
    - x86/power/64: Always create temporary identity mapping correctly

  * Xenial update to 4.4.66 stable release (LP: #1688505)
    - f2fs: do more integrity verification for superblock
    - xc2028: unlock on error in xc2028_set_config()
    - ARM: OMAP2+: timer: add probe for clocksources
    - clk: sunxi: Add apb0 gates for H3
    - crypto: testmgr - fix out of bound read in __test_aead()
    - drm/amdgpu: fix array out of bounds
    - ext4: check if in-inode xattr is corrupted in ext4_expand_extra_isize_ea()
    - md:raid1: fix a dead loop when read from a WriteMostly disk
    - MIPS: Fix crash registers on non-crashing CPUs
    - net: cavium: liquidio: Avoid dma_unmap_single on uninitialized ndata
    - net_sched: close another race condition in tcf_mirred_release()
    - RDS: Fix the atomicity for congestion map update
    - regulator: core: Clear the supply pointer if enabling fails
    - usb: gadget: f_midi: Fixed a bug when buflen was smaller than wMaxPacketSize
    - xen/x86: don't lose event interrupts
    - sparc64: kern_addr_valid regression
    - sparc64: Fix kernel panic due to erroneous #ifdef surrounding pmd_write()
    - net: neigh: guard against NULL solicit() method
    - net: phy: handle state correctly in phy_stop_machine
    - l2tp: purge socket queues in the .destruct() callback
    - l2tp: take reference on sessions being dumped
    - l2tp: fix PPP pseudo-wire auto-loading
    - net: ipv4: fix multipath RTM_GETROUTE behavior when iif is given
    - sctp: listen on the sock only when it's state is listening or closed
    - tcp: clear saved_syn in tcp_disconnect()
    - dp83640: don't recieve time stamps twice
    - net: ipv6: RTF_PCPU should not be settable from userspace
    - netpoll: Check for skb->queue_mapping
    - ip6mr: fix notification device destruction
    - macvlan: Fix device ref leak when purging bc_queue
    - ipv6: check skb->protocol before lookup for nexthop
    - ipv6: check raw payload size correctly in ioctl
    - ALSA: firewire-lib: fix inappropriate assignment between signed/unsigned
      type
    - ALSA: seq: Don't break snd_use_lock_sync() loop by timeout
    - MIPS: KGDB: Use kernel context for sleeping threads
    - MIPS: Avoid BUG warning in arch_check_elf
    - p9_client_readdir() fix
    - Input: i8042 - add Clevo P650RS to the i8042 reset list
    - nfsd: check for oversized NFSv2/v3 arguments
    - ARCv2: save r30 on kernel entry as gcc uses it for code-gen
    - ftrace/x86: Fix triple fault with graph tracing and suspend-to-ram
    - Linux 4.4.66

  * Xenial update to 4.4.65 stable release (LP: #1688483)
    - tipc: make sure IPv6 header fits in skb headroom
    - tipc: make dist queue pernet
    - tipc: re-enable compensation for socket receive buffer double counting
    - tipc: correct error in node fsm
    - tty: nozomi: avoid a harmless gcc warning
    - hostap: avoid uninitialized variable use in hfa384x_get_rid
    - gfs2: avoid uninitialized variable warning
    - tipc: fix random link resets while adding a second bearer
    - tipc: fix socket timer deadlock
    - xc2028: avoid use after free
    - netfilter: nfnetlink: correctly validate length of batch messages
    - tipc: check minimum bearer MTU
    - vfio/pci: Fix integer overflows, bitmask check
    - staging/android/ion : fix a race condition in the ion driver
    - ping: implement proper locking
    - perf/core: Fix concurrent sys_perf_event_open() vs. 'move_group' race
    - Linux 4.4.65

  * Xenial update to 4.4.64 stable release (LP: #1687638)
    - KEYS: Disallow keyrings beginning with '.' to be joined as session keyrings
    - KEYS: Change the name of the dead type to ".dead" to prevent user access
    - KEYS: fix keyctl_set_reqkey_keyring() to not leak thread keyrings
    - tracing: Allocate the snapshot buffer before enabling probe
    - ring-buffer: Have ring_buffer_iter_empty() return true when empty
    - cifs: Do not send echoes before Negotiate is complete
    - CIFS: remove bad_network_name flag
    - s390/mm: fix CMMA vs KSM vs others
    - VSOCK: Detach QP check should filter out non matching QPs.
    - Input: elantech - add Fujitsu Lifebook E547 to force crc_enabled
    - ACPI / power: Avoid maybe-uninitialized warning
    - mmc: sdhci-esdhc-imx: increase the pad I/O drive strength for DDR50 card
    - mac80211: reject ToDS broadcast data frames
    - ubi/upd: Always flush after prepared for an update
    - powerpc/kprobe: Fix oops when kprobed on 'stdu' instruction
    - x86/mce/AMD: Give a name to MCA bank 3 when accessed with legacy MSRs
    - kvm: arm/arm64: Fix locking for kvm_free_stage2_pgd
    - x86, pmem: fix broken __copy_user_nocache cache-bypass assumptions
    - block: fix del_gendisk() vs blkdev_ioctl crash
    - tipc: fix crash during node removal
    - Linux 4.4.64

  * Xenial update to 4.4.63 stable release (LP: #1687629)
    - cgroup, kthread: close race window where new kthreads can be migrated to
      non-root cgroups
    - thp: fix MADV_DONTNEED vs clear soft dirty race
    - drm/nouveau/mpeg: mthd returns true on success now
    - drm/nouveau/mmu/nv4a: use nv04 mmu rather than the nv44 one
    - CIFS: store results of cifs_reopen_file to avoid infinite wait
    - Input: xpad - add support for Razer Wildcat gamepad
    - perf/x86: Avoid exposing wrong/stale data in intel_pmu_lbr_read_32()
    - x86/vdso: Ensure vdso32_enabled gets set to valid values only
    - x86/vdso: Plug race between mapping and ELF header setup
    - acpi, nfit, libnvdimm: fix interleave set cookie calculation (64-bit
      comparison)
    - iscsi-target: Fix TMR reference leak during session shutdown
    - iscsi-target: Drop work-around for legacy GlobalSAN initiator
    - scsi: sr: Sanity check returned mode data
    - scsi: sd: Consider max_xfer_blocks if opt_xfer_blocks is unusable
    - scsi: sd: Fix capacity calculation with 32-bit sector_t
    - xen, fbfront: fix connecting to backend
    - libnvdimm: fix reconfig_mutex, mmap_sem, and jbd2_handle lockdep splat
    - irqchip/irq-imx-gpcv2: Fix spinlock initialization
    - ftrace: Fix removing of second function probe
    - char: Drop bogus dependency of DEVPORT on !M68K
    - char: lack of bool string made CONFIG_DEVPORT always on
    - Revert "MIPS: Lantiq: Fix cascaded IRQ setup"
    - kvm: fix page struct leak in handle_vmon
    - zram: do not use copy_page with non-page aligned address
    - powerpc: Disable HFSCR[TM] if TM is not supported
    - crypto: ahash - Fix EINPROGRESS notification callback
    - ath9k: fix NULL pointer dereference
    - dvb-usb-v2: avoid use-after-free
    - ext4: fix inode checksum calculation problem if i_extra_size is small
    - platform/x86: acer-wmi: setup accelerometer when machine has appropriate
      notify event
    - rtc: tegra: Implement clock handling
    - mm: Tighten x86 /dev/mem with zeroing reads
    - dvb-usb: don't use stack for firmware load
    - dvb-usb-firmware: don't do DMA on stack
    - virtio-console: avoid DMA from stack
    - pegasus: Use heap buffers for all register access
    - rtl8150: Use heap buffers for all register access
    - catc: Combine failure cleanup code in catc_probe()
    - catc: Use heap buffer for memory size test
    - tty/serial: atmel: RS485 half duplex w/DMA: enable RX after TX is done
    - net: ipv6: check route protocol when deleting routes
    - MIPS: fix Select HAVE_IRQ_EXIT_ON_IRQ_STACK patch.
    - Linux 4.4.63

 -- Thadeu Lima de Souza Cascardo <email address hidden>  Fri, 19 May 2017 15:16:43 -0300
Superseded in trusty-security on 2017-06-06
Superseded in trusty-updates on 2017-06-06
Deleted in trusty-proposed (Reason: moved to -updates)
linux-lts-xenial (4.4.0-78.99~14.04.2) trusty; urgency=low

  * linux-lts-xenial: 4.4.0-78.99~14.04.2 -proposed tracker (LP: #1686646)

Superseded in trusty-security on 2017-05-17
Superseded in trusty-updates on 2017-05-17
Deleted in trusty-proposed (Reason: moved to -updates)
linux-lts-xenial (4.4.0-75.96~14.04.1) trusty; urgency=low

  * linux-lts-xenial: 4.4.0-75.96~14.04.1 -proposed tracker (LP: #1684443)

  * linux: 4.4.0-75.96 -proposed tracker (LP: #1684441)

  * [Hyper-V] hv: util: move waiting for release to hv_utils_transport itself
    (LP: #1682561)
    - Drivers: hv: util: move waiting for release to hv_utils_transport itself

Deleted in trusty-proposed on 2017-04-24 (Reason: NBS)
linux-lts-xenial (4.4.0-74.95~14.04.1) trusty; urgency=low

  * linux-lts-xenial: 4.4.0-74.95~14.04.1 -proposed tracker (LP: #1682042)

  * linux: 4.4.0-74.95 -proposed tracker (LP: #1682041)

  * [Hyper-V] hv: vmbus: Raise retry/wait limits in vmbus_post_msg()
    (LP: #1681893)
    - Drivers: hv: vmbus: Raise retry/wait limits in vmbus_post_msg()

Deleted in trusty-proposed on 2017-04-18 (Reason: NBS)
linux-lts-xenial (4.4.0-73.94~14.04.1) trusty; urgency=low

  * linux-lts-xenial: 4.4.0-73.94~14.04.1 -proposed tracker (LP: #1680418)

  * CVE-2017-6353
    - sctp: deny peeloff operation on asocs with threads sleeping on it

  * vfat: missing iso8859-1 charset (LP: #1677230)
    - [Config] NLS_ISO8859_1=y

  * Regression: KVM modules should be on main kernel package (LP: #1678099)
    - [Config] powerpc: Add kvm-hv and kvm-pr to the generic inclusion list

  * linux-lts-xenial 4.4.0-63.84~14.04.2 ADT test failure with linux-lts-xenial
    4.4.0-63.84~14.04.2 (LP: #1664912)
    - SAUCE: apparmor: fix link auditing failure due to, uninitialized var

  * regession tests failing after stackprofile test is run (LP: #1661030)
    - SAUCE: fix regression with domain change in complain mode

  * Permission denied and inconsistent behavior in complain mode with 'ip netns
    list' command (LP: #1648903)
    - SAUCE: fix regression with domain change in complain mode

  * unexpected errno=13 and disconnected path when trying to open /proc/1/ns/mnt
    from a unshared mount namespace (LP: #1656121)
    - SAUCE: apparmor: null profiles should inherit parent control flags

  * apparmor refcount leak of profile namespace when removing profiles
    (LP: #1660849)
    - SAUCE: apparmor: fix ns ref count link when removing profiles from policy

  * tor in lxd: apparmor="DENIED" operation="change_onexec"
    namespace="root//CONTAINERNAME_<var-lib-lxd>" profile="unconfined"
    name="system_tor" (LP: #1648143)
    - SAUCE: apparmor: Fix no_new_privs blocking change_onexec when using stacked
      namespaces

  * apparmor oops in bind_mnt when dev_path lookup fails (LP: #1660840)
    - SAUCE: apparmor: fix oops in bind_mnt when dev_path lookup fails

  * apparmor  auditing denied access of special apparmor .null fi\ le
    (LP: #1660836)
    - SAUCE: apparmor: Don't audit denied access of special apparmor .null file

  * apparmor label leak when new label is unused (LP: #1660834)
    - SAUCE: apparmor: fix label leak when new label is unused

  * apparmor reference count bug in label_merge_insert() (LP: #1660833)
    - SAUCE: apparmor: fix reference count bug in label_merge_insert()

  * apparmor's raw_data file in securityfs is sometimes truncated (LP: #1638996)
    - SAUCE: apparmor: fix replacement race in reading rawdata

  * unix domain socket cross permission check failing with nested namespaces
    (LP: #1660832)
    - SAUCE: apparmor: fix cross ns perm of unix domain sockets

  * Xenial update to v4.4.59 stable release (LP: #1678960)
    - xfrm: policy: init locks early
    - virtio_balloon: init 1st buffer in stats vq
    - pinctrl: qcom: Don't clear status bit on irq_unmask
    - c6x/ptrace: Remove useless PTRACE_SETREGSET implementation
    - h8300/ptrace: Fix incorrect register transfer count
    - mips/ptrace: Preserve previous registers for short regset write
    - sparc/ptrace: Preserve previous registers for short regset write
    - metag/ptrace: Preserve previous registers for short regset write
    - metag/ptrace: Provide default TXSTATUS for short NT_PRSTATUS
    - metag/ptrace: Reject partial NT_METAG_RPIPE writes
    - fscrypt: remove broken support for detecting keyring key revocation
    - sched/rt: Add a missing rescheduling point
    - Linux 4.4.59

  * Update ENA driver to 1.1.2 from net-next (LP: #1664312)
    - net: ena: Remove unnecessary pci_set_drvdata()
    - net: ena: Fix error return code in ena_device_init()
    - net: ena: change the return type of ena_set_push_mode() to be void.
    - net: ena: use setup_timer() and mod_timer()
    - net/ena: remove ntuple filter support from device feature list
    - net/ena: fix queues number calculation
    - net/ena: fix ethtool RSS flow configuration
    - net/ena: fix RSS default hash configuration
    - net/ena: fix NULL dereference when removing the driver after device reset
      failed
    - net/ena: refactor ena_get_stats64 to be atomic context safe
    - net/ena: fix potential access to freed memory during device reset
    - net/ena: use READ_ONCE to access completion descriptors
    - net/ena: reduce the severity of ena printouts
    - net/ena: change driver's default timeouts
    - net/ena: change condition for host attribute configuration
    - net/ena: update driver version to 1.1.2

  * Xenial update to v4.4.58 stable release (LP: #1677600)
    - net/openvswitch: Set the ipv6 source tunnel key address attribute correctly
    - net: bcmgenet: Do not suspend PHY if Wake-on-LAN is enabled
    - net: properly release sk_frag.page
    - amd-xgbe: Fix jumbo MTU processing on newer hardware
    - net: unix: properly re-increment inflight counter of GC discarded candidates
    - net/mlx5: Increase number of max QPs in default profile
    - net/mlx5e: Count LRO packets correctly
    - net: bcmgenet: remove bcmgenet_internal_phy_setup()
    - ipv4: provide stronger user input validation in nl_fib_input()
    - socket, bpf: fix sk_filter use after free in sk_clone_lock
    - tcp: initialize icsk_ack.lrcvtime at session start time
    - Input: elan_i2c - add ASUS EeeBook X205TA special touchpad fw
    - Input: i8042 - add noloop quirk for Dell Embedded Box PC 3000
    - Input: iforce - validate number of endpoints before using them
    - Input: ims-pcu - validate number of endpoints before using them
    - Input: hanwang - validate number of endpoints before using them
    - Input: yealink - validate number of endpoints before using them
    - Input: cm109 - validate number of endpoints before using them
    - Input: kbtab - validate number of endpoints before using them
    - Input: sur40 - validate number of endpoints before using them
    - ALSA: seq: Fix racy cell insertions during snd_seq_pool_done()
    - ALSA: ctxfi: Fix the incorrect check of dma_set_mask() call
    - ALSA: hda - Adding a group of pin definition to fix headset problem
    - USB: serial: option: add Quectel UC15, UC20, EC21, and EC25 modems
    - USB: serial: qcserial: add Dell DW5811e
    - ACM gadget: fix endianness in notifications
    - usb: gadget: f_uvc: Fix SuperSpeed companion descriptor's wBytesPerInterval
    - usb-core: Add LINEAR_FRAME_INTR_BINTERVAL USB quirk
    - USB: uss720: fix NULL-deref at probe
    - USB: lvtest: fix NULL-deref at probe
    - USB: idmouse: fix NULL-deref at probe
    - USB: wusbcore: fix NULL-deref at probe
    - usb: musb: cppi41: don't check early-TX-interrupt for Isoch transfer
    - usb: hub: Fix crash after failure to read BOS descriptor
    - uwb: i1480-dfu: fix NULL-deref at probe
    - uwb: hwa-rc: fix NULL-deref at probe
    - mmc: ushc: fix NULL-deref at probe
    - iio: adc: ti_am335x_adc: fix fifo overrun recovery
    - iio: hid-sensor-trigger: Change get poll value function order to avoid
      sensor properties losing after resume from S3
    - parport: fix attempt to write duplicate procfiles
    - ext4: mark inode dirty after converting inline directory
    - mmc: sdhci: Do not disable interrupts while waiting for clock
    - xen/acpi: upload PM state from init-domain to Xen
    - iommu/vt-d: Fix NULL pointer dereference in device_to_iommu
    - ARM: at91: pm: cpu_idle: switch DDR to power-down mode
    - ARM: dts: at91: sama5d2: add dma properties to UART nodes
    - cpufreq: Restore policy min/max limits on CPU online
    - raid10: increment write counter after bio is split
    - libceph: don't set weight to IN when OSD is destroyed
    - xfs: don't allow di_size with high bit set
    - xfs: fix up xfs_swap_extent_forks inline extent handling
    - nl80211: fix dumpit error path RTNL deadlocks
    - USB: usbtmc: add missing endpoint sanity check
    - xfs: clear _XBF_PAGES from buffers when readahead page
    - igb: add i211 to i210 PHY workaround
    - vfio/spapr: Postpone allocation of userspace version of TCE table
    - block: allow WRITE_SAME commands with the SG_IO ioctl
    - fbcon: Fix vc attr at deinit
    - crypto: algif_hash - avoid zero-sized array
    - Linux 4.4.58

  * PS/2 mouse does not work on Dell embedded computer (LP: #1591053)
    - Input: i8042 - add noloop quirk for Dell Embedded Box PC 3000

  * Xenial update to v4.4.57 stable release (LP: #1676424)
    - give up on gcc ilog2() constant optimizations
    - perf/core: Fix event inheritance on fork()
    - cpufreq: Fix and clean up show_cpuinfo_cur_freq()
    - powerpc/boot: Fix zImage TOC alignment
    - md/raid1/10: fix potential deadlock
    - target/pscsi: Fix TYPE_TAPE + TYPE_MEDIMUM_CHANGER export
    - scsi: lpfc: Add shutdown method for kexec
    - scsi: libiscsi: add lock around task lists to fix list corruption regression
    - target: Fix VERIFY_16 handling in sbc_parse_cdb
    - isdn/gigaset: fix NULL-deref at probe
    - gfs2: Avoid alignment hole in struct lm_lockname
    - percpu: acquire pcpu_lock when updating pcpu_nr_empty_pop_pages
    - ext4: fix fencepost in s_first_meta_bg validation
    - Linux 4.4.57

  * Xenial update to v4.4.56 stable release (LP: #1675789)
    - netlink: remove mmapped netlink support
    - [Config] CONFIG_NETLINK_MMAP disappeared
    - vxlan: correctly validate VXLAN ID against VXLAN_N_VID
    - vti6: return GRE_KEY for vti6
    - ipv4: mask tos for input route
    - l2tp: avoid use-after-free caused by l2tp_ip_backlog_recv
    - net: don't call strlen() on the user buffer in packet_bind_spkt()
    - net: net_enable_timestamp() can be called from irq contexts
    - dccp: Unlock sock before calling sk_free()
    - tcp: fix various issues for sockets morphing to listen state
    - net: fix socket refcounting in skb_complete_wifi_ack()
    - net: fix socket refcounting in skb_complete_tx_timestamp()
    - dccp: fix use-after-free in dccp_feat_activate_values
    - vrf: Fix use-after-free in vrf_xmit
    - uapi: fix linux/packet_diag.h userspace compilation error
    - act_connmark: avoid crashing on malformed nlattrs with null parms
    - mpls: Send route delete notifications when router module is unloaded
    - ipv6: make ECMP route replacement less greedy
    - ipv6: avoid write to a possibly cloned skb
    - dccp/tcp: fix routing redirect race
    - dccp: fix memory leak during tear-down of unsuccessful connection request
    - net sched actions: decrement module reference count after table flush.
    - fscrypt: fix renaming and linking special files
    - fscrypto: lock inode while setting encryption policy
    - x86/kasan: Fix boot with KASAN=y and PROFILE_ANNOTATED_BRANCHES=y
    - x86/perf: Fix CR4.PCE propagation to use active_mm instead of mm
    - futex: Fix potential use-after-free in FUTEX_REQUEUE_PI
    - futex: Add missing error handling to FUTEX_REQUEUE_PI
    - Linux 4.4.56

  * Kernel linux-image-4.4.0-67-generic prevent the boot on Microsoft Hyper-v
    2012r2 Gen2 VM (LP: #1674635)
    - scsi: storvsc: Workaround for virtual DVD SCSI version

  * [Hyper-V][Mellanox] net/mlx4_core: Avoid delays during VF driver device
    shutdown (LP: #1672785)
    - net/mlx4_core: Avoid delays during VF driver device shutdown

  * Channel data values for IIO based st_sensors (st_accel, st_pressure) are
    incorrect (LP: #1676356)
    - iio: core: added support for IIO_VAL_INT
    - iio: st_sensors: simplify buffer address handling
    - iio: st_sensors: read each channel individually
    - iio:st_sensors: emulate SMBus block read if needed
    - iio:st_sensors: align on storagebits boundaries
    - iio:st_pressure: temperature triggered buffering
    - iio:st_pressure: clean useless static channel initializers
    - iio: st_pressure: Fix data sign

  * Enable lspcon on i915 (LP: #1676747)
    - drm: Helper for lspcon in drm_dp_dual_mode
    - drm/i915: Add lspcon support for I915 driver
    - drm/i915: Parse VBT data for lspcon
    - drm/i915: Enable lspcon initialization
    - drm/i915: Add lspcon resume function

  * stress_smoke_test passing and exiting rc=9 (linux 4.9.0-12.13 ADT test
    failure with linux 4.9.0-12.13) (LP: #1658633)
    - ext4: lock the xattr block before checksuming it

  * Fix line-out port noise on Baytrail-I with RT5660 based sound card
    (LP: #1675327)
    - SAUCE: (no-up): ASoC: Intel: bytcr-rt5660: Fix noise in line-out

  * Kernel 4.4.0-67 Defaults to ACPI-cpufreq rather than P-State - Dell
    Precision 5520  (LP: #1674390)
    - cpufreq: intel_pstate: Enable HWP by default

  * ip_rcv_finish() NULL pointer kernel panic (LP: #1672470)
    - bridge: drop netfilter fake rtable unconditionally

  * dm-queue-length module is not included in installer/initramfs (LP: #1673350)
    - d-i: Also add dm-queue-length to multipath modules

  * Broadcom bluetooth modules sometimes fail to initialize (LP: #1483101)
    - Bluetooth: btbcm: Add a delay for module reset

  * Need support of Broadcom bluetooth device [413c:8143] (LP: #1166113)
    - Bluetooth: btusb: Add support for 413c:8143

  * i40e Intel X710 error during device probe prevents link set up and ip
    association (LP: #1672550)
    - i40e: check for and deal with non-contiguous TCs

  * CIFS: Call echo service immediately after socket reconnect (LP: #1669941)
    - Call echo service immediately after socket reconnect

  * FC Adapter (LPe32000-based) prints "iotag out of range", goes offline, and
    delays boot a lot (Ubuntu17.04/Emulex/lpfc)) (LP: #1670490)
    - scsi: lpfc: Add missing memory barrier

  * No C-State Deeper than C3 utilized by Kaby Lake 7820HQ in Precision 5520
    (LP: #1672439)
    - intel_idle: Add KBL support

  * [Hyper-V] Missing PCI patches breaking SR-IOV hot remove (LP: #1670518)
    - PCI: hv: Fix hv_pci_remove() for hot-remove
    - PCI: hv: Delete the device earlier from hbus->children for hot-remove
    - PCI: hv: Make unnecessarily global IRQ masking functions static
    - PCI: hv: Allocate physically contiguous hypercall params buffer

  * Xenial update to v4.4.55 stable release (LP: #1674292)
    - USB: serial: digi_acceleport: fix OOB data sanity check
    - USB: serial: digi_acceleport: fix OOB-event processing
    - crypto: improve gcc optimization flags for serpent and wp512
    - MIPS: Update defconfigs for NF_CT_PROTO_DCCP/UDPLITE change
    - MIPS: ip27: Disable qlge driver in defconfig
    - MIPS: Update ip27_defconfig for SCSI_DH change
    - MIPS: ip22: Fix ip28 build for modern gcc
    - MIPS: Update lemote2f_defconfig for CPU_FREQ_STAT change
    - mtd: pmcmsp: use kstrndup instead of kmalloc+strncpy
    - MIPS: ralink: Cosmetic change to prom_init().
    - MIPS: ralink: Remove unused rt*_wdt_reset functions
    - cpmac: remove hopeless #warning
    - mm: memcontrol: avoid unused function warning
    - MIPS: DEC: Avoid la pseudo-instruction in delay slots
    - MIPS: Netlogic: Fix CP0_EBASE redefinition warnings
    - tracing: Add #undef to fix compile error
    - powerpc: Emulation support for load/store instructions on LE
    - usb: gadget: dummy_hcd: clear usb_gadget region before registration
    - usb: dwc3: gadget: make Set Endpoint Configuration macros safe
    - usb: gadget: function: f_fs: pass companion descriptor along
    - usb: host: xhci-dbg: HCIVERSION should be a binary number
    - usb: host: xhci-plat: Fix timeout on removal of hot pluggable xhci
      controllers
    - USB: serial: safe_serial: fix information leak in completion handler
    - USB: serial: omninet: fix reference leaks at open
    - USB: iowarrior: fix NULL-deref at probe
    - USB: iowarrior: fix NULL-deref in write
    - USB: serial: io_ti: fix NULL-deref in interrupt callback
    - USB: serial: io_ti: fix information leak in completion handler
    - serial: samsung: Continue to work if DMA request fails
    - mvsas: fix misleading indentation
    - KVM: s390: Fix guest migration for huge guests resulting in panic
    - s390/kdump: Use "LINUX" ELF note name instead of "CORE"
    - nfit, libnvdimm: fix interleave set cookie calculation
    - dm: flush queued bios when process blocks to avoid deadlock
    - ext4: don't BUG when truncating encrypted inodes on the orphan list
    - Linux 4.4.55

  * Xenial update to v4.4.54 stable release (LP: #1673541)
    - serial: 8250_pci: Add MKS Tenta SCOM-0800 and SCOM-0801 cards
    - KVM: s390: Disable dirty log retrieval for UCONTROL guests
    - KVM: VMX: use correct vmcs_read/write for guest segment selector/base
    - Bluetooth: Add another AR3012 04ca:3018 device
    - s390/qdio: clear DSCI prior to scanning multiple input queues
    - s390/dcssblk: fix device size calculation in dcssblk_direct_access()
    - s390: TASK_SIZE for kernel threads
    - s390: make setup_randomness work
    - s390: use correct input data address for setup_randomness
    - net: mvpp2: fix DMA address calculation in mvpp2_txq_inc_put()
    - mnt: Tuck mounts under others instead of creating shadow/side mounts.
    - IB/ipoib: Fix deadlock between rmmod and set_mode
    - IB/IPoIB: Add destination address when re-queue packet
    - IB/srp: Avoid that duplicate responses trigger a kernel bug
    - IB/srp: Fix race conditions related to task management
    - ktest: Fix child exit code processing
    - ceph: remove req from unsafe list when unregistering it
    - target: Fix NULL dereference during LUN lookup + active I/O shutdown
    - nlm: Ensure callback code also checks that the files match
    - pwm: pca9685: Fix period change with same duty cycle
    - xtensa: move parse_tag_fdt out of #ifdef CONFIG_BLK_DEV_INITRD
    - mac80211: flush delayed work when entering suspend
    - drm/amdgpu: add more cases to DCE11 possible crtc mask setup
    - drm/ast: Fix test for VGA enabled
    - drm/ast: Call open_key before enable_mmio in POST code
    - drm/ast: Fix AST2400 POST failure without BMC FW or VBIOS
    - drm/edid: Add EDID_QUIRK_FORCE_8BPC quirk for Rotel RSX-1058
    - drm/ttm: Make sure BOs being swapped out are cacheable
    - drm/atomic: fix an error code in mode_fixup()
    - fakelb: fix schedule while atomic
    - drm/i915/dsi: Do not clear DPOUNIT_CLOCK_GATE_DISABLE from
      vlv_init_display_clock_gating
    - libceph: use BUG() instead of BUG_ON(1)
    - fat: fix using uninitialized fields of fat_inode/fsinfo_inode
    - drivers: hv: Turn off write permission on the hypercall page
    - Linux 4.4.54

  * Xenial update to v4.4.53 stable release (LP: #1673538)
    - samples: move mic/mpssd example code from Documentation
    - MIPS: Fix special case in 64 bit IP checksumming.
    - MIPS: BCM47XX: Fix button inversion for Asus WL-500W
    - MIPS: OCTEON: Fix copy_from_user fault handling for large buffers
    - MIPS: Lantiq: Keep ethernet enabled during boot
    - MIPS: Clear ISA bit correctly in get_frame_info()
    - MIPS: Prevent unaligned accesses during stack unwinding
    - MIPS: Fix get_frame_info() handling of microMIPS function size
    - MIPS: Fix is_jump_ins() handling of 16b microMIPS instructions
    - MIPS: Calculate microMIPS ra properly when unwinding the stack
    - MIPS: Handle microMIPS jumps in the same way as MIPS32/MIPS64 jumps
    - am437x-vpfe: always assign bpp variable
    - uvcvideo: Fix a wrong macro
    - media: fix dm1105.c build error
    - ARM: at91: define LPDDR types
    - ARM: dts: at91: Enable DMA on sama5d4_xplained console
    - ARM: dts: at91: Enable DMA on sama5d2_xplained console
    - ALSA: hda/realtek - Cannot adjust speaker's volume on a Dell AIO
    - ALSA: hda - fix Lewisburg audio issue
    - ALSA: timer: Reject user params with too small ticks
    - ALSA: ctxfi: Fallback DMA mask to 32bit
    - ALSA: seq: Fix link corruption by event error handling
    - ALSA: hda - Add subwoofer support for Dell Inspiron 17 7000 Gaming
    - ALSA: hda - Fix micmute hotkey problem for a lenovo AIO machine
    - staging: rtl: fix possible NULL pointer dereference
    - regulator: Fix regulator_summary for deviceless consumers
    - iommu/vt-d: Fix some macros that are incorrectly specified in intel-iommu
    - iommu/vt-d: Tylersburg isoch identity map check is done too late.
    - mm/page_alloc: fix nodes for reclaim in fast path
    - mm: vmpressure: fix sending wrong events on underflow
    - mm: do not access page->mapping directly on page_endio
    - ipc/shm: Fix shmat mmap nil-page protection
    - dm cache: fix corruption seen when using cache > 2TB
    - dm stats: fix a leaked s->histogram_boundaries array
    - Revert "scsi: storvsc: properly set residual data length on errors"
    - scsi: storvsc: properly set residual data length on errors
    - scsi: aacraid: Reorder Adapter status check
    - scsi: use 'scsi_device_from_queue()' for scsi_dh
    - sd: get disk reference in sd_check_events()
    - Fix: Disable sys_membarrier when nohz_full is enabled
    - jbd2: don't leak modified metadata buffers on an aborted journal
    - block/loop: fix race between I/O and set_status
    - loop: fix LO_FLAGS_PARTSCAN hang
    - ext4: Include forgotten start block on fallocate insert range
    - ext4: do not polute the extents cache while shifting extents
    - ext4: trim allocation requests to group size
    - ext4: fix data corruption in data=journal mode
    - ext4: fix inline data error paths
    - ext4: preserve the needs_recovery flag when the journal is aborted
    - ext4: return EROFS if device is r/o and journal replay is needed
    - samples/seccomp: fix 64-bit comparison macros
    - target: Obtain se_node_acl->acl_kref during get_initiator_node_acl
    - target: Fix multi-session dynamic se_node_acl double free OOPs
    - ath5k: drop bogus warning on drv_set_key with unsupported cipher
    - ath9k: fix race condition in enabling/disabling IRQs
    - ath9k: use correct OTP register offsets for the AR9340 and AR9550
    - crypto: testmgr - Pad aes_ccm_enc_tv_template vector
    - fuse: add missing FR_FORCE
    - arm/arm64: KVM: Enforce unconditional flush to PoC when mapping to stage-2
    - iio: pressure: mpl115: do not rely on structure field ordering
    - iio: pressure: mpl3115: do not rely on structure field ordering
    - can: usb_8dev: Fix memory leak of priv->cmd_msg_buffer
    - w1: don't leak refcount on slave attach failure in w1_attach_slave_device()
    - w1: ds2490: USB transfer buffers need to be DMAable
    - usb: musb: da8xx: Remove CPPI 3.0 quirk and methods
    - usb: host: xhci: plat: check hcc_params after add hcd
    - usb: gadget: udc: fsl: Add missing complete function.
    - hv: allocate synic pages for all present CPUs
    - hv: init percpu_list in hv_synic_alloc()
    - Drivers: hv: util: kvp: Fix a rescind processing issue
    - Drivers: hv: util: Fcopy: Fix a rescind processing issue
    - Drivers: hv: util: Backup: Fix a rescind processing issue
    - RDMA/core: Fix incorrect structure packing for booleans
    - rdma_cm: fail iwarp accepts w/o connection params
    - gfs2: Add missing rcu locking for glock lookup
    - rtlwifi: Fix alignment issues
    - rtlwifi: rtl8192c-common: Fix "BUG: KASAN:
    - nfsd: minor nfsd_setattr cleanup
    - nfsd: special case truncates some more
    - NFSv4: Fix memory and state leak in _nfs4_open_and_get_state
    - NFSv4: fix getacl head length estimation
    - NFSv4: fix getacl ERANGE for some ACL buffer sizes
    - rtc: sun6i: Add some locking
    - rtc: sun6i: Switch to the external oscillator
    - md linear: fix a race between linear_add() and linear_congested()
    - bcma: use (get|put)_device when probing/removing device driver
    - dmaengine: ipu: Make sure the interrupt routine checks all interrupts.
    - powerpc/xmon: Fix data-breakpoint
    - MIPS: IP22: Reformat inline assembler code to modern standards.
    - MIPS: IP22: Fix build error due to binutils 2.25 uselessnes.
    - scsi: lpfc: Correct WQ creation for pagesize
    - Linux 4.4.53

  * move aufs.ko from -extra to linux-image package (LP: #1673498)
    - [config] aufs.ko moved to linux-image package

  * [Xenial] net: better skb->sender_cpu and skb->napi_id cohabitation
    (LP: #1673303)
    - net: better skb->sender_cpu and skb->napi_id cohabitation

  * lsattr 32bit does not work on 64bit kernel (Inappropriate ioctl error)
    (LP: #1619918)
    - btrfs: fix btrfs_compat_ioctl failures on non-compat ioctls

  * linux-tools-common should Depends: lsb-release (LP: #1667571)
    - [Config] linux-tools-common depends on lsb-release

  * Add Use-After-Free Patch for Ubuntu16.10 - EEH on BELL3 adapter fails to
    recover (serial/tty) (LP: #1669153)
    - 8250_pci: Fix potential use-after-free in error path

  * [Hyper-V] pci-hyperv: Use device serial number as PCI domain (LP: #1667527)
    - net/mlx4_core: Use cq quota in SRIOV when creating completion EQs
    - PCI: hv: Use device serial number as PCI domain

  * [Xenial - 16.04 ]Bonding driver - stack corruption when trying to copy 20
    bytes to a sockaddr (LP: #1668042)
    - net/bonding: Enforce active-backup policy for IPoIB bonds

  * Request to backport cxlflash patches to Xenial SRU stream (LP: #1623750)
    - scsi: cxlflash: Scan host only after the port is ready for I/O
    - scsi: cxlflash: Remove the device cleanly in the system shutdown path
    - scsi: cxlflash: Fix to avoid EEH and host reset collisions
    - scsi: cxlflash: Improve EEH recovery time

  * Xenial update to v4.4.52 stable release (LP: #1669016)
    - net/llc: avoid BUG_ON() in skb_orphan()
    - packet: fix races in fanout_add()
    - packet: Do not call fanout_release from atomic contexts
    - irda: Fix lockdep annotations in hashbin_delete().
    - ip: fix IP_CHECKSUM handling
    - net: socket: fix recvmmsg not returning error from sock_error
    - tty: serial: msm: Fix module autoload
    - USB: serial: mos7840: fix another NULL-deref at open
    - USB: serial: cp210x: add new IDs for GE Bx50v3 boards
    - USB: serial: ftdi_sio: fix modem-status error handling
    - USB: serial: ftdi_sio: fix extreme low-latency setting
    - USB: serial: ftdi_sio: fix line-status over-reporting
    - USB: serial: spcp8x5: fix modem-status handling
    - USB: serial: opticon: fix CTS retrieval at open
    - USB: serial: ark3116: fix register-accessor error handling
    - x86/platform/goldfish: Prevent unconditional loading
    - goldfish: Sanitize the broken interrupt handler
    - block: fix double-free in the failure path of cgwb_bdi_init()
    - rtlwifi: rtl_usb: Fix for URB leaking when doing ifconfig up/down
    - Revert "usb: chipidea: imx: enable CI_HDRC_SET_NON_ZERO_TTHA"
    - kvm: vmx: ensure VMCS is current while enabling PML
    - Linux 4.4.52

  * Xenial update to v4.4.51 stable release (LP: #1669015)
    - vfs: fix uninitialized flags in splice_to_pipe()
    - siano: make it work again with CONFIG_VMAP_STACK
    - fuse: fix use after free issue in fuse_dev_do_read()
    - scsi: don't BUG_ON() empty DMA transfers
    - Fix missing sanity check in /dev/sg
    - Input: elan_i2c - add ELAN0605 to the ACPI table
    - drm/radeon: Use mode h/vdisplay fields to hide out of bounds HW cursor
    - drm/dp/mst: fix kernel oops when turning off secondary monitor
    - futex: Move futex_init() to core_initcall
    - ARM: 8658/1: uaccess: fix zeroing of 64-bit get_user()
    - printk: use rcuidle console tracepoint
    - NTB: ntb_transport: fix debugfs_remove_recursive
    - ntb_transport: Pick an unused queue
    - bcache: Make gc wakeup sane, remove set_task_state()
    - mmc: core: fix multi-bit bus width without high-speed mode
    - Linux 4.4.51

  * Xenial update to v4.4.50 stable release (LP: #1666324)
    - can: Fix kernel panic at security_sock_rcv_skb
    - ipv6: fix ip6_tnl_parse_tlv_enc_lim()
    - ipv6: pointer math error in ip6_tnl_parse_tlv_enc_lim()
    - tcp: fix 0 divide in __tcp_select_window()
    - net: use a work queue to defer net_disable_timestamp() work
    - ipv4: keep skb->dst around in presence of IP options
    - netlabel: out of bound access in cipso_v4_validate()
    - ip6_gre: fix ip6gre_err() invalid reads
    - ipv6: tcp: add a missing tcp_v6_restore_cb()
    - tcp: avoid infinite loop in tcp_splice_read()
    - tun: read vnet_hdr_sz once
    - macvtap: read vnet_hdr_size once
    - mlx4: Invoke softirqs after napi_reschedule
    - sctp: avoid BUG_ON on sctp_wait_for_sndbuf
    - sit: fix a double free on error path
    - net: introduce device min_header_len
    - packet: round up linear to header len
    - ping: fix a null pointer dereference
    - l2tp: do not use udp_ioctl()
    - Linux 4.4.50

  * FlashGT Integration and Setup: fsbmc30: After 17th reboot of soft bootme,
    HTX & Linux errors seen with 256 virtual LUNs (LP: #1667239)
    - cxl: Fix coredump generation when cxl_get_fd() is used

  * [Hyper-V] Ubuntu 14.04.2 LTS Generation 2 SCSI Errors on VSS Based Backups
    (LP: #1470250)
    - Drivers: hv: vss: Operation timeouts should match host expectation
    - SAUCE: Tools: hv: vss: Thaw the filesystem and continue after freeze fails

  * kernel 4.4.0-63 with USB WLAN RTL8192CU freezes desktop (LP: #1666421)
    - rtlwifi: rtl_usb: Fix missing entry in USB driver's private data

  * Export symbol "dev_pm_qos_update_user_latency_tolerance" (LP: #1666401)
    - PM / QoS: Export dev_pm_qos_update_user_latency_tolerance

  * Linux ZFS port doesn't respect RLIMIT_FSIZE (LP: #1656259)
    - SAUCE: (noup) Update zfs to 0.6.5.6-0ubuntu16

Superseded in trusty-security on 2017-04-24
Superseded in trusty-updates on 2017-04-24
Deleted in trusty-proposed (Reason: moved to -updates)
linux-lts-xenial (4.4.0-72.93~14.04.1) trusty; urgency=low

  * linux-lts-xenial: 4.4.0-72.93~14.04.1 -proposed tracker (LP: #1678080)

  * linux: 4.4.0-72.93 -proposed tracker (LP: #1678078)

  * Fix CVE-2017-7308 (LP: #1678009)
    - net/packet: fix overflow in check for priv area size
    - net/packet: fix overflow in check for tp_frame_nr
    - net/packet: fix overflow in check for tp_reserve

 -- Stefan Bader <email address hidden>  Fri, 31 Mar 2017 09:20:03 +0200
Superseded in trusty-security on 2017-04-04
Superseded in trusty-updates on 2017-04-04
Deleted in trusty-proposed (Reason: moved to -updates)
linux-lts-xenial (4.4.0-71.92~14.04.1) trusty; urgency=low

  * CVE-2017-7184
    - xfrm_user: validate XFRM_MSG_NEWAE XFRMA_REPLAY_ESN_VAL replay_window
    - xfrm_user: validate XFRM_MSG_NEWAE incoming ESN size harder

 -- Thadeu Lima de Souza Cascardo <email address hidden>  Fri, 24 Mar 2017 09:32:49 -0300
Superseded in trusty-security on 2017-03-29
Superseded in trusty-updates on 2017-03-29
Deleted in trusty-proposed (Reason: Clearing way for security update)
linux-lts-xenial (4.4.0-70.91~14.04.1) trusty; urgency=low

  * linux-lts-xenial: 4.4.0-70.91~14.04.1 -proposed tracker (LP: #1674939)

  * linux: 4.4.0-70.91 -proposed tracker (LP: #1674938)

  * snaps with classic + jailmode confinement started to fail on zesty
    (LP: #1666897)
    - Revert "UBUNTU: SAUCE: apparmor: fix link auditing failure due to,
      uninitialized var"
    - Revert "UBUNTU: SAUCE: fix regression with domain change in complain mode"
    - Revert "UBUNTU: SAUCE: apparmor: flock mediation is not being enforced on
      cache check"
    - Revert "UBUNTU: SAUCE: apparmor: null profiles should inherit parent control
      flags"
    - Revert "UBUNTU: SAUCE: apparmor: fix ns ref count link when removing
      profiles from policy"
    - Revert "UBUNTU: SAUCE: apparmor: Fix no_new_privs blocking change_onexec
      when using stacked namespaces"
    - Revert "UBUNTU: SAUCE: apparmor: fix oops in bind_mnt when dev_path lookup
      fails"
    - Revert "UBUNTU: SAUCE: apparmor: Don't audit denied access of special
      apparmor .null file"
    - Revert "UBUNTU: SAUCE: apparmor: fix label leak when new label is unused"
    - Revert "UBUNTU: SAUCE: apparmor: fix reference count bug in
      label_merge_insert()"
    - Revert "UBUNTU: SAUCE: apparmor: fix replacement race in reading rawdata"
    - Revert "UBUNTU: SAUCE: apparmor: fix cross ns perm of unix domain sockets"

 -- Stefan Bader <email address hidden>  Wed, 22 Mar 2017 09:28:43 +0100
Deleted in trusty-proposed on 2017-04-04 (Reason: NBS)
linux-lts-xenial (4.4.0-69.90~14.04.1) trusty; urgency=low

  * linux-lts-xenial: 4.4.0-69.90~14.04.1 -proposed tracker (LP: #1673216)

  * linux: 4.4.0-69.90 -proposed tracker (LP: #1673213)

  * [Xenial] net: better skb->sender_cpu and skb->napi_id cohabitation
    (LP: #1673303)
    - net: better skb->sender_cpu and skb->napi_id cohabitation

Superseded in trusty-security on 2017-03-27
Superseded in trusty-updates on 2017-03-27
Deleted in trusty-proposed (Reason: NBS)
linux-lts-xenial (4.4.0-67.88~14.04.1) trusty; urgency=low

  [ Thadeu Lima de Souza Cascardo ]

  * linux-lts-xenial: 4.4.0-67.88~14.04.1 -proposed tracker (LP: #1671412)

  * Recent KVM RTC cherry-picks break (some) Windows Live-Migrations
    (LP: #1668594)
    - kvm: x86: correctly reset dest_map->vector when restoring LAPIC state

  * Regression in 4.4.0-65-generic causes very frequent system crashes
    (LP: #1669611)
    - Revert "UBUNTU: SAUCE: apparmor: fix lock ordering for mkdir"
    - Revert "UBUNTU: SAUCE: apparmor: fix leak on securityfs pin count"
    - Revert "UBUNTU: SAUCE: apparmor: fix reference count leak when
      securityfs_setup_d_inode() fails"
    - Revert "UBUNTU: SAUCE: apparmor: fix not handling error case when
      securityfs_pin_fs() fails"

  * Upgrade Redpine RS9113 driver to support AP mode (LP: #1665211)
    - SAUCE: Redpine driver to support Host AP mode

  * NFS client : permission denied when trying to access subshare, since kernel
    4.4.0-31 (LP: #1649292)
    - fs: Better permission checking for submounts

  * [Hyper-V] SAUCE: pci-hyperv fixes for SR-IOV on Azure (LP: #1665097)
    - SAUCE: PCI: hv: Fix wslot_to_devfn() to fix warnings on device removal
    - SAUCE: pci-hyperv: properly handle pci bus remove
    - SAUCE: pci-hyperv: lock pci bus on device eject

  * [Hyper-V/Azure] Please include Mellanox OFED drivers in Azure kernel and
    image (LP: #1650058)
    - net/mlx4_en: Fix bad WQE issue
    - net/mlx4_core: Fix racy CQ (Completion Queue) free
    - net/mlx4_core: Fix when to save some qp context flags for dynamic VST to VGT
      transitions
    - net/mlx4_core: Avoid command timeouts during VF driver device shutdown

  * Xenial update to v4.4.49 stable release (LP: #1664960)
    - ARC: [arcompact] brown paper bag bug in unaligned access delay slot fixup
    - selinux: fix off-by-one in setprocattr
    - Revert "x86/ioapic: Restore IO-APIC irq_chip retrigger callback"
    - cpumask: use nr_cpumask_bits for parsing functions
    - hns: avoid stack overflow with CONFIG_KASAN
    - ARM: 8643/3: arm/ptrace: Preserve previous registers for short regset write
    - target: Don't BUG_ON during NodeACL dynamic -> explicit conversion
    - target: Use correct SCSI status during EXTENDED_COPY exception
    - target: Fix early transport_generic_handle_tmr abort scenario
    - target: Fix COMPARE_AND_WRITE ref leak for non GOOD status
    - ARM: 8642/1: LPAE: catch pending imprecise abort on unmask
    - mac80211: Fix adding of mesh vendor IEs
    - netvsc: Set maximum GSO size in the right place
    - scsi: zfcp: fix use-after-free by not tracing WKA port open/close on failed
      send
    - scsi: aacraid: Fix INTx/MSI-x issue with older controllers
    - scsi: mpt3sas: disable ASPM for MPI2 controllers
    - xen-netfront: Delete rx_refill_timer in xennet_disconnect_backend()
    - ALSA: seq: Fix race at creating a queue
    - ALSA: seq: Don't handle loop timeout at snd_seq_pool_done()
    - drm/i915: fix use-after-free in page_flip_completed()
    - Linux 4.4.49

  * NFS client : kernel 4.4.0-57 crash with nfsv4 enries in /etc/fstab
    (LP: #1650336)
    - SUNRPC: fix refcounting problems with auth_gss messages.

  * [0bda:0328] Card reader failed after S3 (LP: #1664809)
    - usb: hub: Wait for connection to be reestablished after port reset

  * linux-lts-xenial 4.4.0-63.84~14.04.2 ADT test failure with linux-lts-xenial
    4.4.0-63.84~14.04.2 (LP: #1664912)
    - SAUCE: apparmor: fix link auditing failure due to, uninitialized var

  * ibmvscsis: Add SGL LIMIT (LP: #1662551)
    - ibmvscsis: Add SGL limit

  * [Hyper-V] Bug fixes for storvsc (tagged queuing, error conditions)
    (LP: #1663687)
    - scsi: storvsc: Enable tracking of queue depth
    - scsi: storvsc: Remove the restriction on max segment size
    - scsi: storvsc: Enable multi-queue support
    - scsi: storvsc: use tagged SRB requests if supported by the device
    - scsi: storvsc: properly handle SRB_ERROR when sense message is present
    - scsi: storvsc: properly set residual data length on errors

  * ISST-LTE:pNV: ppc64_cpu command is hung w HDs, SSDs and NVMe (LP: #1662666)
    - blk-mq: Avoid memory reclaim when remapping queues
    - blk-mq: Fix failed allocation path when mapping queues

  * Possible missing firmware /lib/firmware/i915/kbl_dmc_ver1.bin for module
    i915_bpo (LP: #1624164)
    - SAUCE: i915_bpo: Remove MODULE_FIRMWARE statement for i915/kbl_dmc_ver1.bin

  *  Intel I210 ethernet does not work both after S3 (LP: #1662763)
    - igb: implement igb_ptp_suspend
    - igb: call igb_ptp_suspend during suspend/resume cycle

  * [Hyper-V] Fix ring buffer handling to avoid host throttling (LP: #1661430)
    - Drivers: hv: vmbus: On write cleanup the logic to interrupt the host
    - Drivers: hv: vmbus: On the read path cleanup the logic to interrupt the host
    - Drivers: hv: vmbus: finally fix hv_need_to_signal_on_read()

  * brd module compiled as built-in (LP: #1593293)
    - [Config] CONFIG_BLK_DEV_RAM=m

  * regession tests failing after stackprofile test is run (LP: #1661030)
    - SAUCE: fix regression with domain change in complain mode

  * Permission denied and inconsistent behavior in complain mode with 'ip netns
    list' command (LP: #1648903)
    - SAUCE: fix regression with domain change in complain mode

  * flock not mediated by 'k' (LP: #1658219)
    - SAUCE: apparmor: flock mediation is not being enforced on cache check

  * unexpected errno=13 and disconnected path when trying to open /proc/1/ns/mnt
    from a unshared mount namespace (LP: #1656121)
    - SAUCE: apparmor: null profiles should inherit parent control flags

  * apparmor refcount leak of profile namespace when removing profiles
    (LP: #1660849)
    - SAUCE: apparmor: fix ns ref count link when removing profiles from policy

  * tor in lxd: apparmor="DENIED" operation="change_onexec"
    namespace="root//CONTAINERNAME_<var-lib-lxd>" profile="unconfined"
    name="system_tor" (LP: #1648143)
    - SAUCE: apparmor: Fix no_new_privs blocking change_onexec when using stacked
      namespaces

  * apparmor_parser hangs indefinitely when called by multiple threads
    (LP: #1645037)
    - SAUCE: apparmor: fix lock ordering for mkdir

  * apparmor leaking securityfs pin count (LP: #1660846)
    - SAUCE: apparmor: fix leak on securityfs pin count

  * apparmor reference count leak when securityfs_setup_d_inode\ () fails
    (LP: #1660845)
    - SAUCE: apparmor: fix reference count leak when securityfs_setup_d_inode()
      fails

  * apparmor not checking error if security_pin_fs() fails (LP: #1660842)
    - SAUCE: apparmor: fix not handling error case when securityfs_pin_fs() fails

  * apparmor oops in bind_mnt when dev_path lookup fails (LP: #1660840)
    - SAUCE: apparmor: fix oops in bind_mnt when dev_path lookup fails

  * apparmor  auditing denied access of special apparmor .null fi\ le
    (LP: #1660836)
    - SAUCE: apparmor: Don't audit denied access of special apparmor .null file

  * apparmor label leak when new label is unused (LP: #1660834)
    - SAUCE: apparmor: fix label leak when new label is unused

  * apparmor reference count bug in label_merge_insert() (LP: #1660833)
    - SAUCE: apparmor: fix reference count bug in label_merge_insert()

  * apparmor's raw_data file in securityfs is sometimes truncated (LP: #1638996)
    - SAUCE: apparmor: fix replacement race in reading rawdata

  * unix domain socket cross permission check failing with nested namespaces
    (LP: #1660832)
    - SAUCE: apparmor: fix cross ns perm of unix domain sockets

  * docker permission issues with overlay2 storage driver (LP: #1659417)
    - SAUCE: overlayfs: Replace ovl_prepare_creds() with ovl_override_creds()
    - Revert "UBUNTU: SAUCE: cred: Add clone_cred() interface"
    - ovl: check mounter creds on underlying lookup

  * Enable CONFIG_NET_DROP_MONITOR=m in Ubuntu Kernel (LP: #1660634)
    - [Config] CONFIG_NET_DROP_MONITOR=m

  * Xenial update to v4.4.48 stable release (LP: #1663657)
    - PCI/ASPM: Handle PCI-to-PCIe bridges as roots of PCIe hierarchies
    - ext4: validate s_first_meta_bg at mount time
    - drm/nouveau/disp/gt215: Fix HDA ELD handling (thus, HDMI audio) on gt215
    - drm/nouveau/nv1a,nv1f/disp: fix memory clock rate retrieval
    - crypto: api - Clear CRYPTO_ALG_DEAD bit before registering an alg
    - crypto: arm64/aes-blk - honour iv_out requirement in CBC and CTR modes
    - perf/core: Fix PERF_RECORD_MMAP2 prot/flags for anonymous memory
    - ata: sata_mv:- Handle return value of devm_ioremap.
    - libata: apply MAX_SEC_1024 to all CX1-JB*-HP devices
    - powerpc/eeh: Fix wrong flag passed to eeh_unfreeze_pe()
    - powerpc: Add missing error check to prom_find_boot_cpu()
    - NFSD: Fix a null reference case in find_or_create_lock_stateid()
    - svcrpc: fix oops in absence of krb5 module
    - zswap: disable changing params if init fails
    - cifs: initialize file_info_lock
    - mm/memory_hotplug.c: check start_pfn in test_pages_in_a_zone()
    - mm, fs: check for fatal signals in do_generic_file_read()
    - can: bcm: fix hrtimer/tasklet termination in bcm op removal
    - mmc: sdhci: Ignore unexpected CARD_INT interrupts
    - percpu-refcount: fix reference leak during percpu-atomic transition
    - HID: wacom: Fix poor prox handling in 'wacom_pl_irq'
    - KVM: x86: do not save guest-unsupported XSAVE state
    - USB: serial: qcserial: add Dell DW5570 QDL
    - USB: serial: pl2303: add ATEN device ID
    - USB: Add quirk for WORLDE easykey.25 MIDI keyboard
    - usb: gadget: f_fs: Assorted buffer overflow checks.
    - USB: serial: option: add device ID for HP lt2523 (Novatel E371)
    - x86/irq: Make irq activate operations symmetric
    - base/memory, hotplug: fix a kernel oops in show_valid_zones()
    - Linux 4.4.48

  * Xenial update to v4.4.47 stable release (LP: #1662507)
    - r8152: fix the sw rx checksum is unavailable
    - mlxsw: spectrum: Fix memory leak at skb reallocation
    - mlxsw: switchx2: Fix memory leak at skb reallocation
    - mlxsw: pci: Fix EQE structure definition
    - net: lwtunnel: Handle lwtunnel_fill_encap failure
    - net: ipv4: fix table id in getroute response
    - net: systemport: Decouple flow control from __bcm_sysport_tx_reclaim
    - tcp: fix tcp_fastopen unaligned access complaints on sparc
    - openvswitch: maintain correct checksum state in conntrack actions
    - ravb: do not use zero-length alignment DMA descriptor
    - ax25: Fix segfault after sock connection timeout
    - net: fix harmonize_features() vs NETIF_F_HIGHDMA
    - net: phy: bcm63xx: Utilize correct config_intr function
    - ipv6: addrconf: Avoid addrconf_disable_change() using RCU read-side lock
    - tcp: initialize max window for a new fastopen socket
    - bridge: netlink: call br_changelink() during br_dev_newlink()
    - r8152: don't execute runtime suspend if the tx is not empty
    - af_unix: move unix_mknod() out of bindlock
    - qmi_wwan/cdc_ether: add device ID for HP lt2523 (Novatel E371) WWAN card
    - net: dsa: Bring back device detaching in dsa_slave_suspend()
    - Linux 4.4.47

  * Xenial update to v4.4.46 stable release (LP: #1660994)
    - fbdev: color map copying bounds checking
    - tile/ptrace: Preserve previous registers for short regset write
    - drm: Fix broken VT switch with video=1366x768 option
    - mm/mempolicy.c: do not put mempolicy before using its nodemask
    - sysctl: fix proc_doulongvec_ms_jiffies_minmax()
    - ISDN: eicon: silence misleading array-bounds warning
    - RDMA/cma: Fix unknown symbol when CONFIG_IPV6 is not enabled
    - s390/ptrace: Preserve previous registers for short regset write
    - can: c_can_pci: fix null-pointer-deref in c_can_start() - set device pointer
    - can: ti_hecc: add missing prepare and unprepare of the clock
    - ARC: udelay: fix inline assembler by adding LP_COUNT to clobber list
    - ARC: [arcompact] handle unaligned access delay slot corner case
    - parisc: Don't use BITS_PER_LONG in userspace-exported swab.h header
    - nfs: Don't increment lock sequence ID after NFS4ERR_MOVED
    - NFSv4.0: always send mode in SETATTR after EXCLUSIVE4
    - SUNRPC: cleanup ida information when removing sunrpc module
    - drm/i915: Don't leak edid in intel_crt_detect_ddc()
    - IB/ipoib: move back IB LL address into the hard header
    - IB/umem: Release pid in error and ODP flow
    - s5k4ecgx: select CRC32 helper
    - pinctrl: broxton: Use correct PADCFGLOCK offset
    - platform/x86: intel_mid_powerbtn: Set IRQ_ONESHOT
    - mm, memcg: do not retry precharge charges
    - Linux 4.4.46

  * Xenial update to v4.4.45 stable release (LP: #1660993)
    - ftrace/x86: Set ftrace_stub to weak to prevent gcc from using short jumps to
      it
    - IB/mlx5: Wait for all async command completions to complete
    - IB/mlx4: Set traffic class in AH
    - IB/mlx4: Fix out-of-range array index in destroy qp flow
    - IB/mlx4: Fix port query for 56Gb Ethernet links
    - IB/mlx4: When no DMFS for IPoIB, don't allow NET_IF QPs
    - IB/IPoIB: Remove can't use GFP_NOIO warning
    - perf scripting: Avoid leaking the scripting_context variable
    - ARM: dts: imx31: fix clock control module interrupts description
    - ARM: dts: imx31: move CCM device node to AIPS2 bus devices
    - ARM: dts: imx31: fix AVIC base address
    - tmpfs: clear S_ISGID when setting posix ACLs
    - x86/PCI: Ignore _CRS on Supermicro X8DTH-i/6/iF/6F
    - svcrpc: don't leak contexts on PROC_DESTROY
    - fuse: clear FR_PENDING flag when moving requests out of pending queue
    - PCI: Enumerate switches below PCI-to-PCIe bridges
    - HID: corsair: fix DMA buffers on stack
    - HID: corsair: fix control-transfer error handling
    - mmc: mxs-mmc: Fix additional cycles after transmission stop
    - ieee802154: atusb: do not use the stack for buffers to make them DMA able
    - mtd: nand: xway: disable module support
    - x86/ioapic: Restore IO-APIC irq_chip retrigger callback
    - qla2xxx: Fix crash due to null pointer access
    - ubifs: Fix journal replay wrt. xattr nodes
    - clocksource/exynos_mct: Clear interrupt when cpu is shut down
    - svcrdma: avoid duplicate dma unmapping during error recovery
    - ARM: 8634/1: hw_breakpoint: blacklist Scorpion CPUs
    - ceph: fix bad endianness handling in parse_reply_info_extra
    - ARM: dts: da850-evm: fix read access to SPI flash
    - arm64/ptrace: Preserve previous registers for short regset write
    - arm64/ptrace: Preserve previous registers for short regset write - 2
    - arm64/ptrace: Preserve previous registers for short regset write - 3
    - arm64/ptrace: Avoid uninitialised struct padding in fpr_set()
    - arm64/ptrace: Reject attempts to set incomplete hardware breakpoint fields
    - ARM: dts: imx6qdl-nitrogen6_max: fix sgtl5000 pinctrl init
    - ARM: ux500: fix prcmu_is_cpu_in_wfi() calculation
    - ARM: 8613/1: Fix the uaccess crash on PB11MPCore
    - blackfin: check devm_pinctrl_get() for errors
    - ite-cir: initialize use_demodulator before using it
    - dmaengine: pl330: Fix runtime PM support for terminated transfers
    - selftest/powerpc: Wrong PMC initialized in pmc56_overflow test
    - arm64: avoid returning from bad_mode
    - Linux 4.4.45

 -- Thadeu Lima de Souza Cascardo <email address hidden>  Wed, 08 Mar 2017 11:47:26 -0300
Superseded in trusty-security on 2017-03-15
Superseded in trusty-updates on 2017-03-15
Deleted in trusty-proposed (Reason: moved to -updates)
linux-lts-xenial (4.4.0-66.87~14.04.1) trusty; urgency=low

  * CVE-2017-2636
    - TTY: n_hdlc, fix lockdep false positive
    - tty: n_hdlc: get rid of racy n_hdlc.tbuf

 -- Stefan Bader <email address hidden>  Fri, 03 Mar 2017 12:01:27 +0100
Deleted in trusty-proposed on 2017-03-10 (Reason: NBS)
linux-lts-xenial (4.4.0-65.86~14.04.1) trusty; urgency=low

  * linux-lts-xenial: 4.4.0-65.86~14.04.1 -proposed tracker (LP: #1667054)

  [ Stefan Bader ]
  * Upgrade Redpine RS9113 driver to support AP mode (LP: #1665211)
    - SAUCE: Redpine driver to support Host AP mode

  * NFS client : permission denied when trying to access subshare, since kernel
    4.4.0-31 (LP: #1649292)
    - fs: Better permission checking for submounts

  * [Hyper-V] SAUCE: pci-hyperv fixes for SR-IOV on Azure (LP: #1665097)
    - SAUCE: PCI: hv: Fix wslot_to_devfn() to fix warnings on device removal
    - SAUCE: pci-hyperv: properly handle pci bus remove
    - SAUCE: pci-hyperv: lock pci bus on device eject

  * [Hyper-V/Azure] Please include Mellanox OFED drivers in Azure kernel and
    image (LP: #1650058)
    - net/mlx4_en: Fix bad WQE issue
    - net/mlx4_core: Fix racy CQ (Completion Queue) free
    - net/mlx4_core: Fix when to save some qp context flags for dynamic VST to VGT
      transitions
    - net/mlx4_core: Avoid command timeouts during VF driver device shutdown

  * Xenial update to v4.4.49 stable release (LP: #1664960)
    - ARC: [arcompact] brown paper bag bug in unaligned access delay slot fixup
    - selinux: fix off-by-one in setprocattr
    - Revert "x86/ioapic: Restore IO-APIC irq_chip retrigger callback"
    - cpumask: use nr_cpumask_bits for parsing functions
    - hns: avoid stack overflow with CONFIG_KASAN
    - ARM: 8643/3: arm/ptrace: Preserve previous registers for short regset write
    - target: Don't BUG_ON during NodeACL dynamic -> explicit conversion
    - target: Use correct SCSI status during EXTENDED_COPY exception
    - target: Fix early transport_generic_handle_tmr abort scenario
    - target: Fix COMPARE_AND_WRITE ref leak for non GOOD status
    - ARM: 8642/1: LPAE: catch pending imprecise abort on unmask
    - mac80211: Fix adding of mesh vendor IEs
    - netvsc: Set maximum GSO size in the right place
    - scsi: zfcp: fix use-after-free by not tracing WKA port open/close on failed
      send
    - scsi: aacraid: Fix INTx/MSI-x issue with older controllers
    - scsi: mpt3sas: disable ASPM for MPI2 controllers
    - xen-netfront: Delete rx_refill_timer in xennet_disconnect_backend()
    - ALSA: seq: Fix race at creating a queue
    - ALSA: seq: Don't handle loop timeout at snd_seq_pool_done()
    - drm/i915: fix use-after-free in page_flip_completed()
    - Linux 4.4.49

  * NFS client : kernel 4.4.0-57 crash with nfsv4 enries in /etc/fstab
    (LP: #1650336)
    - SUNRPC: fix refcounting problems with auth_gss messages.

  * [0bda:0328] Card reader failed after S3 (LP: #1664809)
    - usb: hub: Wait for connection to be reestablished after port reset

  * linux-lts-xenial 4.4.0-63.84~14.04.2 ADT test failure with linux-lts-xenial
    4.4.0-63.84~14.04.2 (LP: #1664912)
    - SAUCE: apparmor: fix link auditing failure due to, uninitialized var

  * ibmvscsis: Add SGL LIMIT (LP: #1662551)
    - ibmvscsis: Add SGL limit

  * [Hyper-V] Bug fixes for storvsc (tagged queuing, error conditions)
    (LP: #1663687)
    - scsi: storvsc: Enable tracking of queue depth
    - scsi: storvsc: Remove the restriction on max segment size
    - scsi: storvsc: Enable multi-queue support
    - scsi: storvsc: use tagged SRB requests if supported by the device
    - scsi: storvsc: properly handle SRB_ERROR when sense message is present
    - scsi: storvsc: properly set residual data length on errors

  * ISST-LTE:pNV: ppc64_cpu command is hung w HDs, SSDs and NVMe (LP: #1662666)
    - blk-mq: Avoid memory reclaim when remapping queues
    - blk-mq: Fix failed allocation path when mapping queues

  * Possible missing firmware /lib/firmware/i915/kbl_dmc_ver1.bin for module
    i915_bpo (LP: #1624164)
    - SAUCE: i915_bpo: Remove MODULE_FIRMWARE statement for i915/kbl_dmc_ver1.bin

  *  Intel I210 ethernet does not work both after S3 (LP: #1662763)
    - igb: implement igb_ptp_suspend
    - igb: call igb_ptp_suspend during suspend/resume cycle

  * [Hyper-V] Fix ring buffer handling to avoid host throttling (LP: #1661430)
    - Drivers: hv: vmbus: On write cleanup the logic to interrupt the host
    - Drivers: hv: vmbus: On the read path cleanup the logic to interrupt the host
    - Drivers: hv: vmbus: finally fix hv_need_to_signal_on_read()

  * brd module compiled as built-in (LP: #1593293)
    - [Config] CONFIG_BLK_DEV_RAM=m

  * regession tests failing after stackprofile test is run (LP: #1661030)
    - SAUCE: fix regression with domain change in complain mode

  * Permission denied and inconsistent behavior in complain mode with 'ip netns
    list' command (LP: #1648903)
    - SAUCE: fix regression with domain change in complain mode

  * flock not mediated by 'k' (LP: #1658219)
    - SAUCE: apparmor: flock mediation is not being enforced on cache check

  * unexpected errno=13 and disconnected path when trying to open /proc/1/ns/mnt
    from a unshared mount namespace (LP: #1656121)
    - SAUCE: apparmor: null profiles should inherit parent control flags

  * apparmor refcount leak of profile namespace when removing profiles
    (LP: #1660849)
    - SAUCE: apparmor: fix ns ref count link when removing profiles from policy

  * tor in lxd: apparmor="DENIED" operation="change_onexec"
    namespace="root//CONTAINERNAME_<var-lib-lxd>" profile="unconfined"
    name="system_tor" (LP: #1648143)
    - SAUCE: apparmor: Fix no_new_privs blocking change_onexec when using stacked
      namespaces

  * apparmor_parser hangs indefinitely when called by multiple threads
    (LP: #1645037)
    - SAUCE: apparmor: fix lock ordering for mkdir

  * apparmor leaking securityfs pin count (LP: #1660846)
    - SAUCE: apparmor: fix leak on securityfs pin count

  * apparmor reference count leak when securityfs_setup_d_inode\ () fails
    (LP: #1660845)
    - SAUCE: apparmor: fix reference count leak when securityfs_setup_d_inode()
      fails

  * apparmor not checking error if security_pin_fs() fails (LP: #1660842)
    - SAUCE: apparmor: fix not handling error case when securityfs_pin_fs() fails

  * apparmor oops in bind_mnt when dev_path lookup fails (LP: #1660840)
    - SAUCE: apparmor: fix oops in bind_mnt when dev_path lookup fails

  * apparmor  auditing denied access of special apparmor .null fi\ le
    (LP: #1660836)
    - SAUCE: apparmor: Don't audit denied access of special apparmor .null file

  * apparmor label leak when new label is unused (LP: #1660834)
    - SAUCE: apparmor: fix label leak when new label is unused

  * apparmor reference count bug in label_merge_insert() (LP: #1660833)
    - SAUCE: apparmor: fix reference count bug in label_merge_insert()

  * apparmor's raw_data file in securityfs is sometimes truncated (LP: #1638996)
    - SAUCE: apparmor: fix replacement race in reading rawdata

  * unix domain socket cross permission check failing with nested namespaces
    (LP: #1660832)
    - SAUCE: apparmor: fix cross ns perm of unix domain sockets

  * docker permission issues with overlay2 storage driver (LP: #1659417)
    - SAUCE: overlayfs: Replace ovl_prepare_creds() with ovl_override_creds()
    - Revert "UBUNTU: SAUCE: cred: Add clone_cred() interface"
    - ovl: check mounter creds on underlying lookup

  * Enable CONFIG_NET_DROP_MONITOR=m in Ubuntu Kernel (LP: #1660634)
    - [Config] CONFIG_NET_DROP_MONITOR=m

  * Xenial update to v4.4.48 stable release (LP: #1663657)
    - PCI/ASPM: Handle PCI-to-PCIe bridges as roots of PCIe hierarchies
    - ext4: validate s_first_meta_bg at mount time
    - drm/nouveau/disp/gt215: Fix HDA ELD handling (thus, HDMI audio) on gt215
    - drm/nouveau/nv1a,nv1f/disp: fix memory clock rate retrieval
    - crypto: api - Clear CRYPTO_ALG_DEAD bit before registering an alg
    - crypto: arm64/aes-blk - honour iv_out requirement in CBC and CTR modes
    - perf/core: Fix PERF_RECORD_MMAP2 prot/flags for anonymous memory
    - ata: sata_mv:- Handle return value of devm_ioremap.
    - libata: apply MAX_SEC_1024 to all CX1-JB*-HP devices
    - powerpc/eeh: Fix wrong flag passed to eeh_unfreeze_pe()
    - powerpc: Add missing error check to prom_find_boot_cpu()
    - NFSD: Fix a null reference case in find_or_create_lock_stateid()
    - svcrpc: fix oops in absence of krb5 module
    - zswap: disable changing params if init fails
    - cifs: initialize file_info_lock
    - mm/memory_hotplug.c: check start_pfn in test_pages_in_a_zone()
    - mm, fs: check for fatal signals in do_generic_file_read()
    - can: bcm: fix hrtimer/tasklet termination in bcm op removal
    - mmc: sdhci: Ignore unexpected CARD_INT interrupts
    - percpu-refcount: fix reference leak during percpu-atomic transition
    - HID: wacom: Fix poor prox handling in 'wacom_pl_irq'
    - KVM: x86: do not save guest-unsupported XSAVE state
    - USB: serial: qcserial: add Dell DW5570 QDL
    - USB: serial: pl2303: add ATEN device ID
    - USB: Add quirk for WORLDE easykey.25 MIDI keyboard
    - usb: gadget: f_fs: Assorted buffer overflow checks.
    - USB: serial: option: add device ID for HP lt2523 (Novatel E371)
    - x86/irq: Make irq activate operations symmetric
    - base/memory, hotplug: fix a kernel oops in show_valid_zones()
    - Linux 4.4.48

  * Xenial update to v4.4.47 stable release (LP: #1662507)
    - r8152: fix the sw rx checksum is unavailable
    - mlxsw: spectrum: Fix memory leak at skb reallocation
    - mlxsw: switchx2: Fix memory leak at skb reallocation
    - mlxsw: pci: Fix EQE structure definition
    - net: lwtunnel: Handle lwtunnel_fill_encap failure
    - net: ipv4: fix table id in getroute response
    - net: systemport: Decouple flow control from __bcm_sysport_tx_reclaim
    - tcp: fix tcp_fastopen unaligned access complaints on sparc
    - openvswitch: maintain correct checksum state in conntrack actions
    - ravb: do not use zero-length alignment DMA descriptor
    - ax25: Fix segfault after sock connection timeout
    - net: fix harmonize_features() vs NETIF_F_HIGHDMA
    - net: phy: bcm63xx: Utilize correct config_intr function
    - ipv6: addrconf: Avoid addrconf_disable_change() using RCU read-side lock
    - tcp: initialize max window for a new fastopen socket
    - bridge: netlink: call br_changelink() during br_dev_newlink()
    - r8152: don't execute runtime suspend if the tx is not empty
    - af_unix: move unix_mknod() out of bindlock
    - qmi_wwan/cdc_ether: add device ID for HP lt2523 (Novatel E371) WWAN card
    - net: dsa: Bring back device detaching in dsa_slave_suspend()
    - Linux 4.4.47

  * Xenial update to v4.4.46 stable release (LP: #1660994)
    - fbdev: color map copying bounds checking
    - tile/ptrace: Preserve previous registers for short regset write
    - drm: Fix broken VT switch with video=1366x768 option
    - mm/mempolicy.c: do not put mempolicy before using its nodemask
    - sysctl: fix proc_doulongvec_ms_jiffies_minmax()
    - ISDN: eicon: silence misleading array-bounds warning
    - RDMA/cma: Fix unknown symbol when CONFIG_IPV6 is not enabled
    - s390/ptrace: Preserve previous registers for short regset write
    - can: c_can_pci: fix null-pointer-deref in c_can_start() - set device pointer
    - can: ti_hecc: add missing prepare and unprepare of the clock
    - ARC: udelay: fix inline assembler by adding LP_COUNT to clobber list
    - ARC: [arcompact] handle unaligned access delay slot corner case
    - parisc: Don't use BITS_PER_LONG in userspace-exported swab.h header
    - nfs: Don't increment lock sequence ID after NFS4ERR_MOVED
    - NFSv4.0: always send mode in SETATTR after EXCLUSIVE4
    - SUNRPC: cleanup ida information when removing sunrpc module
    - drm/i915: Don't leak edid in intel_crt_detect_ddc()
    - IB/ipoib: move back IB LL address into the hard header
    - IB/umem: Release pid in error and ODP flow
    - s5k4ecgx: select CRC32 helper
    - pinctrl: broxton: Use correct PADCFGLOCK offset
    - platform/x86: intel_mid_powerbtn: Set IRQ_ONESHOT
    - mm, memcg: do not retry precharge charges
    - Linux 4.4.46

  * Xenial update to v4.4.45 stable release (LP: #1660993)
    - ftrace/x86: Set ftrace_stub to weak to prevent gcc from using short jumps to
      it
    - IB/mlx5: Wait for all async command completions to complete
    - IB/mlx4: Set traffic class in AH
    - IB/mlx4: Fix out-of-range array index in destroy qp flow
    - IB/mlx4: Fix port query for 56Gb Ethernet links
    - IB/mlx4: When no DMFS for IPoIB, don't allow NET_IF QPs
    - IB/IPoIB: Remove can't use GFP_NOIO warning
    - perf scripting: Avoid leaking the scripting_context variable
    - ARM: dts: imx31: fix clock control module interrupts description
    - ARM: dts: imx31: move CCM device node to AIPS2 bus devices
    - ARM: dts: imx31: fix AVIC base address
    - tmpfs: clear S_ISGID when setting posix ACLs
    - x86/PCI: Ignore _CRS on Supermicro X8DTH-i/6/iF/6F
    - svcrpc: don't leak contexts on PROC_DESTROY
    - fuse: clear FR_PENDING flag when moving requests out of pending queue
    - PCI: Enumerate switches below PCI-to-PCIe bridges
    - HID: corsair: fix DMA buffers on stack
    - HID: corsair: fix control-transfer error handling
    - mmc: mxs-mmc: Fix additional cycles after transmission stop
    - ieee802154: atusb: do not use the stack for buffers to make them DMA able
    - mtd: nand: xway: disable module support
    - x86/ioapic: Restore IO-APIC irq_chip retrigger callback
    - qla2xxx: Fix crash due to null pointer access
    - ubifs: Fix journal replay wrt. xattr nodes
    - clocksource/exynos_mct: Clear interrupt when cpu is shut down
    - svcrdma: avoid duplicate dma unmapping during error recovery
    - ARM: 8634/1: hw_breakpoint: blacklist Scorpion CPUs
    - ceph: fix bad endianness handling in parse_reply_info_extra
    - ARM: dts: da850-evm: fix read access to SPI flash
    - arm64/ptrace: Preserve previous registers for short regset write
    - arm64/ptrace: Preserve previous registers for short regset write - 2
    - arm64/ptrace: Preserve previous registers for short regset write - 3
    - arm64/ptrace: Avoid uninitialised struct padding in fpr_set()
    - arm64/ptrace: Reject attempts to set incomplete hardware breakpoint fields
    - ARM: dts: imx6qdl-nitrogen6_max: fix sgtl5000 pinctrl init
    - ARM: ux500: fix prcmu_is_cpu_in_wfi() calculation
    - ARM: 8613/1: Fix the uaccess crash on PB11MPCore
    - blackfin: check devm_pinctrl_get() for errors
    - ite-cir: initialize use_demodulator before using it
    - dmaengine: pl330: Fix runtime PM support for terminated transfers
    - selftest/powerpc: Wrong PMC initialized in pmc56_overflow test
    - arm64: avoid returning from bad_mode
    - Linux 4.4.45

 -- Thadeu Lima de Souza Cascardo <email address hidden>  Fri, 24 Feb 2017 11:09:07 -0300
Superseded in trusty-security on 2017-03-07
Superseded in trusty-updates on 2017-03-07
Deleted in trusty-proposed (Reason: moved to -updates)
linux-lts-xenial (4.4.0-64.85~14.04.1) trusty; urgency=low

  * CVE-2017-6074 (LP: #1665935)
    - dccp: fix freeing skb too early for IPV6_RECVPKTINFO

 -- Stefan Bader <email address hidden>  Mon, 20 Feb 2017 11:06:47 +0100
Superseded in trusty-security on 2017-02-21
Superseded in trusty-updates on 2017-02-21
Deleted in trusty-proposed (Reason: moved to -updates)
linux-lts-xenial (4.4.0-63.84~14.04.2) trusty; urgency=low

  [ Thadeu Lima de Souza Cascardo ]

  * Release Tracking Bug
    - LP: #1663662

  * linux headers packages empty (LP: #1663558)
    - Revert "UBUNTU: [debian] derive indep_hdrs_pkg_name from src_pkg_name"

Superseded in trusty-proposed on 2017-02-13
linux-lts-xenial (4.4.0-63.84~14.04.1) trusty; urgency=low

  [ Thadeu Lima de Souza Cascardo ]

  * Release Tracking Bug
    - LP: #1660729

  * Backport Dirty COW patch to prevent wineserver freeze (LP: #1658270)
    - SAUCE: mm: Respect FOLL_FORCE/FOLL_COW for thp

  * Kdump through NMI SMP and single core not working on Ubuntu16.10
    (LP: #1630924)
    - x86/hyperv: Handle unknown NMIs on one CPU when unknown_nmi_panic
    - SAUCE: hv: don't reset hv_context.tsc_page on crash

  * [regression 4.8.0-14 -> 4.8.0-17] keyboard and touchscreen lost on Acer
    Chromebook R11 (LP: #1630238)
    - [Config] CONFIG_PINCTRL_CHERRYVIEW=y

  * Call trace when testing fstat stressor on ppc64el with virtual  keyboard and
    mouse present (LP: #1652132)
    - SAUCE: HID: usbhid: Quirk a AMI virtual mouse and keyboard with ALWAYS_POLL

  * VLAN SR-IOV regression for IXGBE driver (LP: #1658491)
    - ixgbe: Force VLNCTRL.VFE to be set in all VMDq paths

  * "Out of memory" errors after upgrade to 4.4.0-59 (LP: #1655842)
    - mm, page_alloc: convert alloc_flags to unsigned
    - mm, compaction: change COMPACT_ constants into enum
    - mm, compaction: distinguish COMPACT_DEFERRED from COMPACT_SKIPPED
    - mm, compaction: simplify __alloc_pages_direct_compact feedback interface
    - mm, compaction: distinguish between full and partial COMPACT_COMPLETE
    - mm, compaction: abstract compaction feedback to helpers
    - mm, oom: protect !costly allocations some more
    - mm: consider compaction feedback also for costly allocation
    - mm, oom, compaction: prevent from should_compact_retry looping for ever for
      costly orders
    - mm, oom: protect !costly allocations some more for !CONFIG_COMPACTION
    - mm, oom: prevent premature OOM killer invocation for high order request

  * Backport 3 patches to fix bugs with AIX clients using IBMVSCSI Target Driver
    (LP: #1657194)
    - SAUCE: ibmvscsis: Fix max transfer length
    - SAUCE: ibmvscsis: fix sleeping in interrupt context
    - SAUCE: ibmvscsis: Fix srp_transfer_data fail return code

  * NVMe: adapter is missing after abnormal shutdown followed by quick reboot,
    quirk needed (LP: #1656913)
    - nvme: apply DELAY_BEFORE_CHK_RDY quirk at probe time too

  * Ubuntu 16.10 KVM SRIOV: if enable sriov while ping flood is running ping
    will stop working (LP: #1625318)
    - PCI: Do any VF BAR updates before enabling the BARs
    - PCI: Ignore BAR updates on virtual functions
    - PCI: Update BARs using property bits appropriate for type
    - PCI: Separate VF BAR updates from standard BAR updates
    - PCI: Don't update VF BARs while VF memory space is enabled
    - PCI: Remove pci_resource_bar() and pci_iov_resource_bar()
    - PCI: Decouple IORESOURCE_ROM_ENABLE and PCI_ROM_ADDRESS_ENABLE
    - PCI: Add comments about ROM BAR updating

  * Linux rtc self test fails in a VM under xenial (LP: #1649718)
    - kvm: x86: Convert ioapic->rtc_status.dest_map to a struct
    - kvm: x86: Track irq vectors in ioapic->rtc_status.dest_map
    - kvm: x86: Check dest_map->vector to match eoi signals for rtc

  * Xenial update to v4.4.44 stable release (LP: #1658091)
    - Input: xpad - use correct product id for x360w controllers
    - Input: i8042 - add Pegatron touchpad to noloop table
    - selftests: do not require bash to run netsocktests testcase
    - selftests: do not require bash for the generated test
    - mm: fix devm_memremap_pages crash, use mem_hotplug_{begin, done}
    - ocfs2: fix crash caused by stale lvb with fsdlm plugin
    - mm/hugetlb.c: fix reservation race when freeing surplus pages
    - KVM: x86: fix emulation of "MOV SS, null selector"
    - KVM: eventfd: fix NULL deref irqbypass consumer
    - jump_labels: API for flushing deferred jump label updates
    - KVM: x86: flush pending lapic jump label updates on module unload
    - KVM: x86: add Align16 instruction flag
    - KVM: x86: add asm_safe wrapper
    - KVM: x86: emulate FXSAVE and FXRSTOR
    - KVM: x86: Introduce segmented_write_std
    - nl80211: fix sched scan netlink socket owner destruction
    - USB: serial: kl5kusb105: fix line-state error handling
    - USB: serial: ch341: fix initial modem-control state
    - USB: serial: ch341: fix open error handling
    - USB: serial: ch341: fix control-message error handling
    - USB: serial: ch341: fix open and resume after B0
    - Input: elants_i2c - avoid divide by 0 errors on bad touchscreen data
    - i2c: print correct device invalid address
    - i2c: fix kernel memory disclosure in dev interface
    - xhci: fix deadlock at host remove by running watchdog correctly
    - vme: Fix wrong pointer utilization in ca91cx42_slave_get
    - mnt: Protect the mountpoint hashtable with mount_lock
    - tty/serial: atmel_serial: BUG: stop DMA from transmitting in stop_tx
    - sysrq: attach sysrq handler correctly for 32-bit kernel
    - sysctl: Drop reference added by grab_header in proc_sys_readdir
    - drm/radeon: drop verde dpm quirks
    - USB: serial: ch341: fix resume after reset
    - USB: serial: ch341: fix modem-control and B0 handling
    - x86/cpu: Fix bootup crashes by sanitizing the argument of the 'clearcpuid='
      command-line option
    - btrfs: fix locking when we put back a delayed ref that's too new
    - btrfs: fix error handling when run_delayed_extent_op fails
    - pinctrl: meson: fix gpio request disabling other modes
    - pNFS: Fix race in pnfs_wait_on_layoutreturn
    - NFS: Fix a performance regression in readdir
    - NFSv4.1: nfs4_fl_prepare_ds must be careful about reporting success.
    - cpufreq: powernv: Disable preemption while checking CPU throttling state
    - block: cfq_cpd_alloc() should use @gfp
    - ACPI / APEI: Fix NMI notification handling
    - blk-mq: Always schedule hctx->next_cpu
    - bus: vexpress-config: fix device reference leak
    - powerpc/ibmebus: Fix further device reference leaks
    - powerpc/ibmebus: Fix device reference leaks in sysfs interface
    - pinctrl: sh-pfc: Do not unconditionally support PIN_CONFIG_BIAS_DISABLE
    - Linux 4.4.44

  * Add support for RT5660 codec based sound cards on Baytrail (LP: #1657674)
    - ASoC: rt5660: add rt5660 codec driver
    - ASoC: rt5660: enable MCLK detection
    - ASoC: Intel: Atom: flip logic for gain Switch
    - SAUCE: (no-up) ASoC: rt5660: Add ACPI support
    - SAUCE: (no-up) ASoC: Intel: Support machine driver for RT5660 on Baytrail
    - [Config] CONFIG_SND_SOC_INTEL_BYTCR_RT5660_MACH=m, CONFIG_SND_SOC_RT5660=m

  * Support latest Redpine WLAN/BT RS9113 driver (LP: #1657682)
    - SAUCE: Support Redpine RS9113 WLAN/BT
    - SAUCE: Separate Redpine RS9113 WLAN/BT vendor and kernel drivers
    - SAUCE: Redpine RS9113 WLAN/BT driver ver. 0.9.7
    - SAUCE: RS9113: Use vendor driver to support WLAN/BT card on Caracalla HW
      only
    - SAUCE: RS9113: Comment out IDs from upstream driver
    - [Config] Enable CONFIG_VEN_RSI_* configs

  * [Hyper-V] netvsc: add rcu_read locked to netvsc callback (LP: #1657540)
    - netvsc: add rcu_read locking to netvsc callback

  * [Hyper-V] Rebase Hyper-V in 16.04 and 16.10 to the the upstream 4.9 kernel
    (LP: #1650059)
    - memory-hotplug: add automatic onlining policy for the newly added memory
    - hv_netvsc: Add query for initial physical link speed
    - hv_netvsc: Add handler for physical link speed change
    - hv_netvsc: Implement batching of receive completions
    - PCI: hv: Use list_move_tail() instead of list_del() + list_add_tail()
    - hv_netvsc: fix rtnl locking in callback
    - hv_netvsc: make RSS hash key static
    - hv_netvsc: use kcalloc
    - hv_netvsc: style cleanups
    - hv_netvsc: make inline functions static
    - hv_netvsc: use ARRAY_SIZE() for NDIS versions
    - hv_netvsc: make device_remove void
    - hv_netvsc: init completion during alloc
    - hv_netvsc: rearrange start_xmit
    - hv_netvsc: refactor completion function
    - hv_netvsc: make netvsc_destroy_buf void
    - hv_netvsc: make variable local
    - hv_netvsc: report vmbus name in ethtool
    - hv_netvsc: add ethtool statistics for tx packet issues
    - Drivers: hv: get rid of redundant messagecount in create_gpadl_header()
    - Drivers: hv: don't leak memory in vmbus_establish_gpadl()
    - Drivers: hv: get rid of timeout in vmbus_open()
    - Drivers: hv: utils: fix a race on userspace daemons registration
    - Drivers: hv: vmbus: fix the race when querying & updating the percpu list
    - Drivers: hv: vmbus: Enable explicit signaling policy for NIC channels
    - Drivers: hv: vmbus: Reduce the delay between retries in vmbus_post_msg()
    - Drivers: hv: vmbus: Implement a mechanism to tag the channel for low latency
    - Tools: hv: kvp: ensure kvp device fd is closed on exec
    - Drivers: hv: balloon: keep track of where ha_region starts
    - Drivers: hv: balloon: account for gaps in hot add regions
    - Drivers: hv: balloon: don't wait for ol_waitevent when memhp_auto_online is
      enabled
    - Drivers: hv: balloon: replace ha_region_mutex with spinlock
    - Drivers: hv: balloon: Use available memory value in pressure report
    - Drivers: hv: cleanup vmbus_open() for wrap around mappings
    - Drivers: hv: ring_buffer: wrap around mappings for ring buffers
    - Drivers: hv: ring_buffer: use wrap around mappings in hv_copy{from,
      to}_ringbuffer()
    - Drivers: hv: ring_buffer: count on wrap around mappings in
      get_next_pkt_raw()
    - Drivers: hv: Introduce a policy for controlling channel affinity
    - Drivers: hv: utils: Continue to poll VSS channel after handling requests.
    - Drivers: hv: utils: Check VSS daemon is listening before a hot backup
    - PCI: hv: Use zero-length array in struct pci_packet
    - PCI: hv: Use pci_function_description[0] in struct definitions
    - PCI: hv: Remove the unused 'wrk' in struct hv_pcibus_device
    - PCI: hv: Handle vmbus_sendpacket() failure in hv_compose_msi_msg()
    - PCI: hv: Handle hv_pci_generic_compl() error case
    - Revert "Drivers: hv: ring_buffer: count on wrap around mappings in
      get_next_pkt_raw()"
    - Driver: hv: vmbus: Make mmio resource local
    - Drivers: hv: vmbus: suppress some "hv_vmbus: Unknown GUID" warnings
    - Drivers: hv: utils: Rename version definitions to reflect protocol version.
    - Drivers: hv: utils: Use TimeSync samples to adjust the clock after boot.
    - Drivers: hv: utils: Support TimeSync version 4.0 protocol samples.
    - Drivers: hv: hv_util: Avoid dynamic allocation in time synch
    - Revert "hv_netvsc: make inline functions static"
    - hv_netvsc: use consume_skb
    - hv_netvsc: dev hold/put reference to VF
    - hv_netvsc: simplify callback event code
    - hv_netvsc: improve VF device matching
    - hv_netvsc: use RCU to protect vf_netdev
    - hv_netvsc: remove VF in flight counters
    - hv_netvsc: count multicast packets received
    - hv_netvsc: fix comments
    - Drivers: hv: make VMBus bus ids persistent
    - Drivers: hv: get rid of id in struct vmbus_channel
    - netvsc: fix checksum on UDP IPV6
    - netvsc: Remove mistaken udp.h inclusion.
    - net/hyperv: avoid uninitialized variable
    - Revert "hv_netvsc: report vmbus name in ethtool"
    - vmbus: make sysfs names consistent with PCI
    - netvsc: reduce maximum GSO size
    - Drivers: hv: vmbus: Base host signaling strictly on the ring state
    - tools: hv: Add a script to help bonding synthetic and VF NICs

  * Ubuntu - ibmveth: abnormally large TCP MSS value caused a TCP session to
    hang with a zero window (LP: #1655420)
    - ibmveth: set correct gso_size and gso_type
    - ibmveth: calculate gso_segs for large packets

  * netfilter regression introducing a performance slowdown in binary
    arp/ip/ip6tables (LP: #1640786)
    - netfilter: x_tables: pass xt_counters struct instead of packet counter
    - netfilter: x_tables: pass xt_counters struct to counter allocator
    - netfilter: x_tables: pack percpu counter allocations

  * Move some kernel modules to the main kernel package (part 2) (LP: #1655002)
    - [Config] Add IBM power drivers to the inclusion list

  * Xenial update to v4.4.43 stable release (LP: #1656876)
    - netvsc: reduce maximum GSO size
    - ser_gigaset: return -ENOMEM on error instead of success
    - net: vrf: Drop conntrack data after pass through VRF device on Tx
    - ipv6: handle -EFAULT from skb_copy_bits
    - net, sched: fix soft lockup in tc_classify
    - net: stmmac: Fix race between stmmac_drv_probe and stmmac_open
    - net/mlx5: Check FW limitations on log_max_qp before setting it
    - net/mlx5: Avoid shadowing numa_node
    - drop_monitor: add missing call to genlmsg_end
    - drop_monitor: consider inserted data in genlmsg_end
    - igmp: Make igmp group member RFC 3376 compliant
    - ipv4: Do not allow MAIN to be alias for new LOCAL w/ custom rules
    - r8152: split rtl8152_suspend function
    - r8152: fix rx issue for runtime suspend
    - gro: Enter slow-path if there is no tailroom
    - gro: use min_t() in skb_gro_reset_offset()
    - gro: Disable frag0 optimization on IPv6 ext headers
    - net: ipv4: Fix multipath selection with vrf
    - net: vrf: do not allow table id 0
    - HID: hid-cypress: validate length of report
    - ALSA: firewire-tascam: Fix to handle error from initialization of stream
      data
    - powerpc: Fix build warning on 32-bit PPC
    - ARM: zynq: Reserve correct amount of non-DMA RAM
    - ARM: OMAP4+: Fix bad fallthrough for cpuidle
    - spi: mvebu: fix baudrate calculation for armada variant
    - ALSA: usb-audio: Add a quirk for Plantronics BT600
    - mm/init: fix zone boundary creation
    - Linux 4.4.43

  * Xenial update to v4.4.42 stable release (LP: #1655969)
    - ALSA: hda - Fix up GPIO for ASUS ROG Ranger
    - ALSA: hda - Apply asus-mode8 fixup to ASUS X71SL
    - ALSA: usb-audio: Fix irq/process data synchronization
    - ARM: davinci: da850: don't add emac clock to lookup table twice
    - mac80211: initialize fast-xmit 'info' later
    - KVM: x86: reset MMU on KVM_SET_VCPU_EVENTS
    - KVM: MIPS: Flush KVM entry code from icache globally
    - usb: musb: core: add clear_ep_rxintr() to musb_platform_ops
    - usb: musb: dsps: implement clear_ep_rxintr() callback
    - usb: storage: unusual_uas: Add JMicron JMS56x to unusual device
    - usb: gadgetfs: restrict upper bound on device configuration size
    - USB: gadgetfs: fix unbounded memory allocation bug
    - USB: gadgetfs: fix use-after-free bug
    - USB: gadgetfs: fix checks of wTotalLength in config descriptors
    - USB: fix problems with duplicate endpoint addresses
    - USB: dummy-hcd: fix bug in stop_activity (handle ep0)
    - usb: gadget: composite: Test get_alt() presence instead of set_alt()
    - usb: dwc3: core: avoid Overflow events
    - usb: xhci: fix possible wild pointer
    - xhci: workaround for hosts missing CAS bit
    - usb: xhci: apply XHCI_PME_STUCK_QUIRK to Intel Apollo Lake
    - xhci: free xhci virtual devices with leaf nodes first
    - usb: xhci: fix return value of xhci_setup_device()
    - usb: host: xhci: Fix possible wild pointer when handling abort command
    - xhci: Handle command completion and timeout race
    - usb: xhci: hold lock over xhci_abort_cmd_ring()
    - USB: serial: omninet: fix NULL-derefs at open and disconnect
    - USB: serial: quatech2: fix sleep-while-atomic in close
    - USB: serial: pl2303: fix NULL-deref at open
    - USB: serial: keyspan_pda: verify endpoints at probe
    - USB: serial: spcp8x5: fix NULL-deref at open
    - USB: serial: io_ti: fix NULL-deref at open
    - USB: serial: io_ti: fix another NULL-deref at open
    - USB: serial: io_ti: fix I/O after disconnect
    - USB: serial: iuu_phoenix: fix NULL-deref at open
    - USB: serial: garmin_gps: fix memory leak on failed URB submit
    - USB: serial: ti_usb_3410_5052: fix NULL-deref at open
    - USB: serial: io_edgeport: fix NULL-deref at open
    - USB: serial: oti6858: fix NULL-deref at open
    - USB: serial: cyberjack: fix NULL-deref at open
    - USB: serial: kobil_sct: fix NULL-deref in write
    - USB: serial: mos7840: fix NULL-deref at open
    - USB: serial: mos7720: fix NULL-deref at open
    - USB: serial: mos7720: fix use-after-free on probe errors
    - USB: serial: mos7720: fix parport use-after-free on probe errors
    - USB: serial: mos7720: fix parallel probe
    - usb: xhci-mem: use passed in GFP flags instead of GFP_KERNEL
    - xhci: Use delayed_work instead of timer for command timeout
    - xhci: Fix race related to abort operation
    - usb: dwc3: pci: add Intel Gemini Lake PCI ID
    - usb: musb: Fix trying to free already-free IRQ 4
    - usb: hub: Move hub_port_disable() to fix warning if PM is disabled
    - usb: musb: blackfin: add bfin_fifo_offset in bfin_ops
    - ALSA: usb-audio: Fix bogus error return in snd_usb_create_stream()
    - USB: serial: kl5kusb105: abort on open exception path
    - ARM: dts: r8a7794: Correct hsusb parent clock
    - USB: phy: am335x-control: fix device and of_node leaks
    - USB: serial: io_ti: bind to interface after fw download
    - mei: bus: fix mei_cldev_enable KDoc
    - staging: iio: ad7606: fix improper setting of oversampling pins
    - usb: dwc3: gadget: always unmap EP0 requests
    - usb: dwc3: ep0: add dwc3_ep0_prepare_one_trb()
    - usb: dwc3: ep0: explicitly call dwc3_ep0_prepare_one_trb()
    - stable-fixup: hotplug: fix unused function warning
    - ath10k: use the right length of "background"
    - cris: Only build flash rescue image if CONFIG_ETRAX_AXISFLASHMAP is selected
    - hwmon: (scpi) Fix module autoload
    - hwmon: (amc6821) sign extension temperature
    - hwmon: (ds620) Fix overflows seen when writing temperature limits
    - hwmon: (nct7802) Fix overflows seen when writing into limit attributes
    - hwmon: (g762) Fix overflows and crash seen when writing limit attributes
    - clk: clk-wm831x: fix a logic error
    - clk: imx31: fix rewritten input argument of mx31_clocks_init()
    - iommu/amd: Missing error code in amd_iommu_init_device()
    - iommu/amd: Fix the left value check of cmd buffer
    - iommu/vt-d: Fix pasid table size encoding
    - iommu/vt-d: Flush old iommu caches for kdump when the device gets context
      mapped
    - ASoC: samsung: i2s: Fixup last IRQ unsafe spin lock call
    - scsi: mvsas: fix command_active typo
    - target/iscsi: Fix double free in lio_target_tiqn_addtpg()
    - irqchip/bcm7038-l1: Implement irq_cpu_offline() callback
    - PM / wakeirq: Fix dedicated wakeirq for drivers not using autosuspend
    - mmc: mmc_test: Uninitialized return value
    - s390/crypto: unlock on error in prng_tdes_read()
    - crypto: arm64/sha2-ce - fix for big endian
    - crypto: arm64/ghash-ce - fix for big endian
    - crypto: arm/aes-ce - fix for big endian
    - crypto: arm64/aes-ccm-ce: fix for big endian
    - crypto: arm64/aes-neon - fix for big endian
    - crypto: arm64/sha1-ce - fix for big endian
    - crypto: arm64/aes-xts-ce: fix for big endian
    - crypto: arm64/aes-ce - fix for big endian
    - md: MD_RECOVERY_NEEDED is set for mddev->recovery
    - powerpc/pci/rpadlpar: Fix device reference leaks
    - staging: comedi: dt282x: tidy up register bit defines
    - cred/userns: define current_user_ns() as a function
    - net: ti: cpmac: Fix compiler warning due to type confusion
    - net: vxge: avoid unused function warnings
    - cx23885-dvb: move initialization of a8293_pdata
    - drm/radeon: Always store CRTC relative radeon_crtc->cursor_x/y values
    - tick/broadcast: Prevent NULL pointer dereference
    - Revert "usb: gadget: composite: always set ep->mult to a sensible value"
    - usb: gadget: composite: always set ep->mult to a sensible value
    - Linux 4.4.42

  * Xenial update to v4.4.41 stable release (LP: #1655041)
    - ssb: Fix error routine when fallback SPROM fails
    - rtlwifi: Fix enter/exit power_save
    - cfg80211/mac80211: fix BSS leaks when abandoning assoc attempts
    - ath9k: Really fix LED polarity for some Mini PCI AR9220 MB92 cards.
    - mmc: sdhci: Fix recovery from tuning timeout
    - regulator: stw481x-vmmc: fix ages old enable error
    - timekeeping_Force_unsigned_clocksource_to_nanoseconds_conversion
    - clk: bcm2835: Avoid overwriting the div info when disabling a pll_div clk
    - thermal: hwmon: Properly report critical temperature in sysfs
    - staging: comedi: ni_mio_common: fix M Series ni_ai_insn_read() data mask
    - staging: comedi: ni_mio_common: fix E series ni_ai_insn_read() data
    - ACPI / video: Add force_native quirk for Dell XPS 17 L702X
    - ACPI / video: Add force_native quirk for HP Pavilion dv6
    - drm/nouveau/kms: lvds panel strap moved again on maxwell
    - drm/nouveau/bios: require checksum to match for fast acpi shadow method
    - drm/nouveau/ltc: protect clearing of comptags with mutex
    - drm/nouveau/fifo/gf100-: protect channel preempt with subdev mutex
    - drm/nouveau/i2c/gk110b,gm10x: use the correct implementation
    - drm/radeon: Also call cursor_move_locked when the cursor size changes
    - drm/radeon: Hide the HW cursor while it's out of bounds
    - drm/radeon: add additional pci revision to dpm workaround
    - drm/gma500: Add compat ioctl
    - drivers/gpu/drm/ast: Fix infinite loop if read fails
    - mei: request async autosuspend at the end of enumeration
    - block: protect iterate_bdevs() against concurrent close
    - vt: fix Scroll Lock LED trigger name
    - scsi: megaraid_sas: For SRIOV enabled firmware, ensure VF driver waits for
      30secs before reset
    - scsi: megaraid_sas: Do not set MPI2_TYPE_CUDA for JBOD FP path for FW which
      does not support JBOD sequence map
    - scsi: zfcp: fix use-after-"free" in FC ingress path after TMF
    - scsi: zfcp: do not trace pure benign residual HBA responses at default level
    - scsi: zfcp: fix rport unblock race with LUN recovery
    - scsi: avoid a permanent stop of the scsi device's request queue
    - ARC: mm: arc700: Don't assume 2 colours for aliasing VIPT dcache
    - firmware: fix usermode helper fallback loading
    - s390/vmlogrdr: fix IUCV buffer allocation
    - sc16is7xx: Drop bogus use of IRQF_ONESHOT
    - md/raid5: limit request size according to implementation limits
    - KVM: PPC: Book3S HV: Save/restore XER in checkpointed register state
    - KVM: PPC: Book3S HV: Don't lose hardware R/C bit updates in H_PROTECT
    - kvm: nVMX: Allow L1 to intercept software exceptions (#BP and #OF)
    - platform/x86: asus-nb-wmi.c: Add X45U quirk
    - fgraph: Handle a case where a tracer ignores set_graph_notrace
    - IB/mad: Fix an array index check
    - IPoIB: Avoid reading an uninitialized member variable
    - IB/multicast: Check ib_find_pkey() return value
    - IB/cma: Fix a race condition in iboe_addr_get_sgid()
    - media: solo6x10: fix lockup by avoiding delayed register write
    - Input: drv260x - fix input device's parent assignment
    - PCI: Check for PME in targeted sleep state
    - libceph: verify authorize reply on connect
    - nfs_write_end(): fix handling of short copies
    - powerpc/ps3: Fix system hang with GCC 5 builds
    - powerpc: Convert cmp to cmpd in idle enter sequence
    - kconfig/nconf: Fix hang when editing symbol with a long prompt
    - sg_write()/bsg_write() is not fit to be called under KERNEL_DS
    - net: mvpp2: fix dma unmapping of TX buffers for fragments
    - Linux 4.4.41

 -- Thadeu Lima de Souza Cascardo <email address hidden>  Thu, 02 Feb 2017 07:38:05 -0200
Superseded in trusty-security on 2017-02-20
Superseded in trusty-updates on 2017-02-20
Deleted in trusty-proposed (Reason: moved to -updates)
linux-lts-xenial (4.4.0-62.83~14.04.1) trusty; urgency=low

  [ Thadeu Lima de Souza Cascardo ]

  * Release Tracking Bug
    - LP: #1657434

  * Backport DP MST fixes to i915 (LP: #1657353)
    - SAUCE: i915_bpo: Fix DP link rate math
    - SAUCE: i915_bpo: Validate mode against max. link data rate for DP MST

  * Ubuntu xenial - 4.4.0-59-generic i3 I/O performance issue (LP: #1657281)
    - blk-mq: really fix plug list flushing for nomerge queues

Superseded in trusty-updates on 2017-02-02
Superseded in trusty-security on 2017-02-02
Deleted in trusty-proposed (Reason: moved to -updates)
linux-lts-xenial (4.4.0-59.80~14.04.1) trusty; urgency=low

  [ John Donnelly ]

  * Release Tracking Bug
    - LP: #1654286

  * [2.1.1] MAAS has nvme0n1 set as boot disk, curtin fails (LP: #1651602)
    - (fix) nvme: only require 1 interrupt vector, not 2+

Deleted in trusty-proposed on 2017-01-09 (Reason: NBS)
linux-lts-xenial (4.4.0-58.79~14.04.1) trusty; urgency=low

  [ Luis Henriques ]

  * Release Tracking Bug
    - LP: #1651406

  * Support ACPI probe for IIO sensor drivers from ST Micro (LP: #1650123)
    - SAUCE: iio: st_sensors: match sensors using ACPI handle
    - SAUCE: iio: st_accel: Support sensor i2c probe using acpi
    - SAUCE: iio: st_pressure: Support i2c probe using acpi
    - [Config] CONFIG_HTS221=m, CONFIG_HTS221_I2C=m, CONFIG_HTS221_SPI=m

  * Fix channel data parsing in ST Micro sensor IIO drivers (LP: #1650189)
    - SAUCE: iio: common: st_sensors: fix channel data parsing

  * ST Micro lng2dm 3-axis "femto" accelerometer support (LP: #1650112)
    - SAUCE: iio: st-accel: add support for lis2dh12
    - SAUCE: iio: st_sensors: support active-low interrupts
    - SAUCE: iio: accel: Add support for the h3lis331dl accelerometer
    - SAUCE: iio: st_sensors: verify interrupt event to status
    - SAUCE: iio: st_sensors: support open drain mode
    - SAUCE: iio:st_sensors: fix power regulator usage
    - SAUCE: iio: st_sensors: switch to a threaded interrupt
    - SAUCE: iio: accel: st_accel: Add lis3l02dq support
    - SAUCE: iio: st_sensors: fix scale configuration for h3lis331dl
    - SAUCE: iio: accel: st_accel: add support to lng2dm
    - SAUCE: iio: accel: st_accel: inline per-sensor data
    - SAUCE: Documentation: dt: iio: accel: add lng2dm sensor device binding

  * ST Micro hts221 relative humidity sensor support (LP: #1650116)
    - SAUCE: iio: humidity: add support to hts221 rh/temp combo device
    - SAUCE: Documentation: dt: iio: humidity: add hts221 sensor device binding
    - SAUCE: iio: humidity: remove
    - SAUCE: iio: humidity: Support acpi probe for hts211

  * crypto : tolerate new crypto hardware for z Systems (LP: #1644557)
    - s390/zcrypt: Introduce CEX6 toleration

  * Acer, Inc ID 5986:055a is useless after 14.04.2 installed. (LP: #1433906)
    - uvcvideo: uvc_scan_fallback() for webcams with broken chain

  * vmxnet3 driver could causes kernel panic with v4.4 if LRO enabled.
    (LP: #1650635)
    - vmxnet3: segCnt can be 1 for LRO packets

  * system freeze when swapping to encrypted swap partition (LP: #1647400)
    - mm, oom: rework oom detection
    - mm: throttle on IO only when there are too many dirty and writeback pages

  * Kernel Fixes to get TCMU File Backed Optical to work (LP: #1646204)
    - target/user: Use sense_reason_t in tcmu_queue_cmd_ring
    - target/user: Return an error if cmd data size is too large
    - target/user: Fix comments to not refer to data ring
    - SAUCE: (no-up) target/user: Fix use-after-free of tcmu_cmds if they are
      expired

  * CVE-2016-9756
    - KVM: x86: drop error recovery in em_jmp_far and em_ret_far

  * Dell Precision 5520 & 3520 freezes at login screent (LP: #1650054)
    - ACPI / blacklist: add _REV quirks for Dell Precision 5520 and 3520

  * CVE-2016-9794
    - ALSA: pcm : Call kill_fasync() in stream lock

  * Allow fuse user namespace mounts by default in xenial (LP: #1634964)
    - (namespace) mnt: Move the FS_USERNS_MOUNT check into sget_userns
    - (namespace) Revert "UBUNTU: SAUCE: fs: Refuse uid/gid changes which don't
      map into s_user_ns"
    - (namespace) fs: Refuse uid/gid changes which don't map into s_user_ns
    - (namespace) Revert "UBUNTU: SAUCE: fs: Update posix_acl support to handle
      user namespace mounts"
    - (namespace) vfs: Verify acls are valid within superblock's s_user_ns.
    - SAUCE: (namespace) posix_acl: Export posix_acl_fix_xattr_userns() to modules
    - SAUCE: (namespace) fuse: Translate ids in posix acl xattrs
    - (namespace) vfs: Don't modify inodes with a uid or gid unknown to the vfs
    - (namespace) vfs: Don't create inodes with a uid or gid unknown to the vfs
    - (namespace) Revert "UBUNTU: SAUCE: quota: Require that qids passed to
      dqget() be valid and map into s_user_ns"
    - (namespace) Revert "UBUNTU: SAUCE: quota: Convert ids relative to s_user_ns"
    - (namespace) quota: Ensure qids map to the filesystem
    - (namespace) quota: Handle quota data stored in s_user_ns in quota_setxquota
    - (namespace) dquot: For now explicitly don't support filesystems outside of
      init_user_ns
    - (namespace) Revert "UBUNTU: SAUCE: ima/evm: Allow root in s_user_ns to set
      xattrs"
    - SAUCE: (namespace) security/integrity: Harden against malformed xattrs
    - (namespace) Revert "UBUNTU: SAUCE: fs: Allow superblock owner to change
      ownership of inodes with unmappable ids"
    - SAUCE: (namespace) fs: Allow superblock owner to change ownership of inodes
    - (namespace) Revert "UBUNTU: SAUCE: fs: Don't remove suid for CAP_FSETID in
      s_user_ns"
    - SAUCE: (namespace) fs: Don't remove suid for CAP_FSETID for userns root
    - SAUCE: (namespace) fuse: Allow user namespace mounts by default

  * Boot crash in xen_send_IPI_one (LP: #1649821)
    - xen/qspinlock: Don't kick CPU if IRQ is not initialized

  * linux: Staging modules should be unsigned (LP: #1642368)
    - [Debian] Suppress module signing for staging drivers
    - SAUCE: Add rtl drivers to signature inclusion list

  * Ethernet not work after upgrade from kernel 3.19 to 4.4 [10ec:8168]
    (LP: #1648279)
    - ACPI / blacklist: Make Dell Latitude 3350 ethernet work

  * CVE-2016-9793
    - net: avoid signed overflows for SO_{SND|RCV}BUFFORCE

  * [Hyper-V] Kernel panic not functional on 32bit Ubuntu 14.10, 15.04, and
    15.10 (LP: #1400319)
    - Drivers: hv: avoid vfree() on crash

  * [Hyper-V] netvsc: fix incorrect receive checksum offloading (LP: #1636656)
    - netvsc: fix incorrect receive checksum offloading

 -- Luis Henriques <email address hidden>  Tue, 20 Dec 2016 15:38:57 +0000
Superseded in trusty-security on 2017-01-10
Superseded in trusty-updates on 2017-01-10
Deleted in trusty-proposed (Reason: moved to -updates)
linux-lts-xenial (4.4.0-57.78~14.04.1) trusty; urgency=low

  * Release Tracking Bug
    - LP: #1648876

  * Miscellaneous Ubuntu changes
    - SAUCE: Do not build the xr-usb-serial driver for s390

Superseded in trusty-security on 2016-12-20
Superseded in trusty-updates on 2016-12-20
Deleted in trusty-proposed (Reason: moved to -updates)
linux-lts-xenial (4.4.0-53.74~14.04.1) trusty; urgency=low

  * CVE-2016-8655 (LP: #1646318)
    - packet: fix race condition in packet_set_ring

 -- Brad Figg <email address hidden>  Thu, 01 Dec 2016 10:54:01 -0800

Available diffs

Deleted in trusty-proposed on 2017-01-04 (Reason: NBS)
linux-lts-xenial (4.4.0-52.73~14.04.1) trusty; urgency=low

  [ Luis Henriques ]

  * Release Tracking Bug
    - LP: #1646157

  * linux: Enable live patching for all supported architectures (LP: #1633577)
    - [Config] CONFIG_LIVEPATCH=y for s390x

  * Botched backport breaks level triggered EOIs in QEMU guests with --machine
    kernel_irqchip=split (LP: #1644394)
    - kvm/irqchip: kvm_arch_irq_routing_update renaming split

  * Xenial update to v4.4.35 stable release (LP: #1645453)
    - x86/cpu/AMD: Fix cpu_llc_id for AMD Fam17h systems
    - KVM: x86: fix missed SRCU usage in kvm_lapic_set_vapic_addr
    - KVM: Disable irq while unregistering user notifier
    - fuse: fix fuse_write_end() if zero bytes were copied
    - mfd: intel-lpss: Do not put device in reset state on suspend
    - can: bcm: fix warning in bcm_connect/proc_register
    - i2c: mux: fix up dependencies
    - kbuild: add -fno-PIE
    - scripts/has-stack-protector: add -fno-PIE
    - x86/kexec: add -fno-PIE
    - kbuild: Steal gcc's pie from the very beginning
    - ext4: sanity check the block and cluster size at mount time
    - crypto: caam - do not register AES-XTS mode on LP units
    - drm/amdgpu: Attach exclusive fence to prime exported bo's. (v5)
    - clk: mmp: pxa910: fix return value check in pxa910_clk_init()
    - clk: mmp: pxa168: fix return value check in pxa168_clk_init()
    - clk: mmp: mmp2: fix return value check in mmp2_clk_init()
    - rtc: omap: Fix selecting external osc
    - iwlwifi: pcie: fix SPLC structure parsing
    - mfd: core: Fix device reference leak in mfd_clone_cell
    - uwb: fix device reference leaks
    - PM / sleep: fix device reference leak in test_suspend
    - PM / sleep: don't suspend parent when async child suspend_{noirq, late}
      fails
    - IB/mlx4: Check gid_index return value
    - IB/mlx4: Fix create CQ error flow
    - IB/mlx5: Use cache line size to select CQE stride
    - IB/mlx5: Fix fatal error dispatching
    - IB/core: Avoid unsigned int overflow in sg_alloc_table
    - IB/uverbs: Fix leak of XRC target QPs
    - IB/cm: Mark stale CM id's whenever the mad agent was unregistered
    - netfilter: nft_dynset: fix element timeout for HZ != 1000
    - Linux 4.4.35

  * Upstream stable 4.4.34 and 4.8.10 regression (LP: #1645278)
    - flow_dissect: call init_default_flow_dissectors() earlier

  * AD5593R configurable multi-channel converter support (LP: #1644726)
    - iio: dac: Add support for the AD5592R/AD5593R ADCs/DACs
    - iio: dac: ad5592r: Off by one bug in ad5592r_alloc_channels()
    - [Config] CONFIG_AD5592R/AD5593R=m

  * ST Micro lps22hb pressure sensor support (LP: #1642258)
    - iio:st_pressure:initial lps22hb sensor support
    - iio:st_pressure: align storagebits on power of 2
    - iio:st_pressure: document sampling gains
    - iio:st_pressure:lps22hb: temperature support

  * Fix Kernel Crashing under IBM Virtual Scsi Driver (LP: #1642299)
    - SAUCE: ibmvscsis: Rearrange functions for future patches
    - SAUCE: ibmvscsis: Synchronize cmds at tpg_enable_store time
    - SAUCE: ibmvscsis: Synchronize cmds at remove time
    - SAUCE: ibmvscsis: Clean up properly if target_submit_cmd/tmr fails
    - SAUCE: ibmvscsis: Return correct partition name/# to client
    - SAUCE: ibmvscsis: Issues from Dan Carpenter/Smatch

  * System stalls when creating device node on booting (LP: #1643797)
    - sched/fair: Fix new task's load avg removed from source CPU in
      wake_up_new_task()

  * nvme: improve performance for virtual Google NVMe devices (LP: #1637565)
    - blk-mq: add blk_mq_alloc_request_hctx
    - nvme.h: add NVMe over Fabrics definitions
    - [Config] CONFIG_NVME_VENDOR_EXT_GOOGLE=y
    - SAUCE: nvme: improve performance for virtual NVMe devices

  * Move some kernel modules to the main kernel package (LP: #1642228)
    - [Config] Move some powerpc kernel modules to the main kernel package

  * sched: Match-all classifier is missing in xenial (LP: #1642514)
    - [Config] CONFIG_NET_CLS_MATCHALL=m
    - net/sched: introduce Match-all classifier

  * Xenial update to 4.4.34 stable release (LP: #1643637)
    - dctcp: avoid bogus doubling of cwnd after loss
    - net: clear sk_err_soft in sk_clone_lock()
    - net: mangle zero checksum in skb_checksum_help()
    - bgmac: stop clearing DMA receive control register right after it is set
    - ip6_tunnel: Clear IP6CB in ip6tunnel_xmit()
    - tcp: fix potential memory corruption
    - dccp: do not send reset to already closed sockets
    - dccp: fix out of bound access in dccp_v4_err()
    - ipv6: dccp: fix out of bound access in dccp_v6_err()
    - ipv6: dccp: add missing bind_conflict to dccp_ipv6_mapped
    - sctp: assign assoc_id earlier in __sctp_connect
    - fib_trie: Correct /proc/net/route off by one error
    - sock: fix sendmmsg for partial sendmsg
    - net: __skb_flow_dissect() must cap its return value
    - ipv4: use new_gw for redirect neigh lookup
    - tcp: take care of truncations done by sk_filter()
    - tty: Prevent ldisc drivers from re-using stale tty fields
    - sparc: Don't leak context bits into thread->fault_address
    - sparc: serial: sunhv: fix a double lock bug
    - sparc64 mm: Fix base TSB sizing when hugetlb pages are used
    - sparc: Handle negative offsets in arch_jump_label_transform
    - sparc64: Handle extremely large kernel TSB range flushes sanely.
    - sparc64: Fix illegal relative branches in hypervisor patched TLB code.
    - sparc64: Fix instruction count in comment for
      __hypervisor_flush_tlb_pending.
    - sparc64: Fix illegal relative branches in hypervisor patched TLB cross-call
      code.
    - sparc64: Handle extremely large kernel TLB range flushes more gracefully.
    - sparc64: Delete __ret_efault.
    - sparc64: Prepare to move to more saner user copy exception handling.
    - sparc64: Convert copy_in_user to accurate exception reporting.
    - sparc64: Convert GENcopy_{from,to}_user to accurate exception reporting.
    - sparc64: Convert U1copy_{from,to}_user to accurate exception reporting.
    - sparc64: Convert NG4copy_{from,to}_user to accurate exception reporting.
    - sparc64: Convert NGcopy_{from,to}_user to accurate exception reporting.
    - sparc64: Convert NG2copy_{from,to}_user to accurate exception reporting.
    - sparc64: Convert U3copy_{from,to}_user to accurate exception reporting.
    - sparc64: Delete now unused user copy assembler helpers.
    - sparc64: Delete now unused user copy fixup functions.
    - Linux 4.4.34

  * Xenial update to v4.4.33 stable release (LP: #1642968)
    - ALSA: info: Return error for invalid read/write
    - ALSA: info: Limit the proc text input size
    - ASoC: cs4270: fix DAPM stream name mismatch
    - dib0700: fix nec repeat handling
    - swapfile: fix memory corruption via malformed swapfile
    - coredump: fix unfreezable coredumping task
    - s390/hypfs: Use get_free_page() instead of kmalloc to ensure page alignment
    - ARC: timer: rtc: implement read loop in "C" vs. inline asm
    - pinctrl: cherryview: Serialize register access in suspend/resume
    - pinctrl: cherryview: Prevent possible interrupt storm on resume
    - staging: iio: ad5933: avoid uninitialized variable in error case
    - drivers: staging: nvec: remove bogus reset command for PS/2 interface
    - Revert "staging: nvec: ps2: change serio type to passthrough"
    - staging: nvec: remove managed resource from PS2 driver
    - USB: cdc-acm: fix TIOCMIWAIT
    - usb: gadget: u_ether: remove interrupt throttling
    - drbd: Fix kernel_sendmsg() usage - potential NULL deref
    - toshiba-wmi: Fix loading the driver on non Toshiba laptops
    - clk: qoriq: Don't allow CPU clocks higher than starting value
    - iio: hid-sensors: Increase the precision of scale to fix wrong reading
      interpretation.
    - iio: orientation: hid-sensor-rotation: Add PM function (fix non working
      driver)
    - scsi: qla2xxx: Fix scsi scan hang triggered if adapter fails during init
    - scsi: mpt3sas: Fix for block device of raid exists even after deleting raid
      disk
    - KVM: MIPS: Precalculate MMIO load resume PC
    - drm/i915: Respect alternate_ddc_pin for all DDI ports
    - dmaengine: at_xdmac: fix spurious flag status for mem2mem transfers
    - tty/serial: at91: fix hardware handshake on Atmel platforms
    - iommu/amd: Free domain id when free a domain of struct dma_ops_domain
    - iommu/vt-d: Fix dead-locks in disable_dmar_iommu() path
    - mei: bus: fix received data size check in NFC fixup
    - lib/genalloc.c: start search from start of chunk
    - hwrng: core - Don't use a stack buffer in add_early_randomness()
    - i40e: fix call of ndo_dflt_bridge_getlink()
    - ACPI / APEI: Fix incorrect return value of ghes_proc()
    - ASoC: sun4i-codec: return error code instead of NULL when create_card fails
    - mmc: mxs: Initialize the spinlock prior to using it
    - btrfs: qgroup: Prevent qgroup->reserved from going subzero
    - netfilter: fix namespace handling in nf_log_proc_dostring
    - Linux 4.4.33

  * Xenial update to 4.4.32 stable release (LP: #1642573)
    - tcp: fix overflow in __tcp_retransmit_skb()
    - net: avoid sk_forward_alloc overflows
    - tcp: fix wrong checksum calculation on MTU probing
    - tcp: fix a compile error in DBGUNDO()
    - ip6_gre: fix flowi6_proto value in ip6gre_xmit_other()
    - ipmr, ip6mr: fix scheduling while atomic and a deadlock with ipmr_get_route
    - tg3: Avoid NULL pointer dereference in tg3_io_error_detected()
    - net: fec: set mac address unconditionally
    - net: pktgen: fix pkt_size
    - net/sched: act_vlan: Push skb->data to mac_header prior calling skb_vlan_*()
      functions
    - net: Add netdev all_adj_list refcnt propagation to fix panic
    - packet: call fanout_release, while UNREGISTERING a netdev
    - netlink: do not enter direct reclaim from netlink_dump()
    - ipv6: tcp: restore IP6CB for pktoptions skbs
    - ip6_tunnel: fix ip6_tnl_lookup
    - net: pktgen: remove rcu locking in pktgen_change_name()
    - bridge: multicast: restore perm router ports on multicast enable
    - rtnetlink: Add rtnexthop offload flag to compare mask
    - net: add recursion limit to GRO
    - ipv4: disable BH in set_ping_group_range()
    - ipv4: use the right lock for ping_group_range
    - net: sctp, forbid negative length
    - udp: fix IP_CHECKSUM handling
    - net sched filters: fix notification of filter delete with proper handle
    - sctp: validate chunk len before actually using it
    - packet: on direct_xmit, limit tso and csum to supported devices
    - of: silence warnings due to max() usage
    - Revert KVM: MIPS: Drop other CPU ASIDs on guest MMU changes
    - KVM: MIPS: Drop other CPU ASIDs on guest MMU changes
    - drm/amdgpu/dp: add back special handling for NUTMEG
    - drm/amdgpu: fix DP mode validation
    - drm/radeon: fix DP mode validation
    - scsi: megaraid_sas: fix macro MEGASAS_IS_LOGICAL to avoid regression
    - Linux 4.4.32

  * Xenial update to 4.4.31 stable release (LP: #1642572)
    - i2c: xgene: Avoid dma_buffer overrun
    - i2c: core: fix NULL pointer dereference under race condition
    - drm/dp/mst: Clear port->pdt when tearing down the i2c adapter
    - h8300: fix syscall restarting
    - libxfs: clean up _calc_dquots_per_chunk
    - mm/list_lru.c: avoid error-path NULL pointer deref
    - mm: memcontrol: do not recurse in direct reclaim
    - ALSA: usb-audio: Add quirk for Syntek STK1160
    - ALSA: hda - Merge RIRB_PRE_DELAY into CTX_WORKAROUND caps
    - ALSA: hda - Raise AZX_DCAPS_RIRB_DELAY handling into top drivers
    - ALSA: hda - allow 40 bit DMA mask for NVidia devices
    - ALSA: hda - Adding a new group of pin cfg into ALC295 pin quirk table
    - ALSA: hda - Fix headset mic detection problem for two Dell laptops
    - ANDROID: binder: Add strong ref checks
    - ANDROID: binder: Clear binder and cookie when setting handle in flat binder
      struct
    - btrfs: fix races on root_log_ctx lists
    - ubifs: Abort readdir upon error
    - ubifs: Fix regression in ubifs_readdir()
    - mei: txe: don't clean an unprocessed interrupt cause.
    - usb: gadget: function: u_ether: don't starve tx request queue
    - USB: serial: fix potential NULL-dereference at probe
    - USB: serial: ftdi_sio: add support for Infineon TriBoard TC2X7
    - xhci: use default USB_RESUME_TIMEOUT when resuming ports.
    - usb: increase ohci watchdog delay to 275 msec
    - Fix potential infoleak in older kernels
    - vt: clear selection before resizing
    - xhci: add restart quirk for Intel Wildcatpoint PCH
    - tty: limit terminal size to 4M chars
    - USB: serial: cp210x: fix tiocmget error handling
    - dm: free io_barrier after blk_cleanup_queue call
    - KVM: x86: fix wbinvd_dirty_mask use-after-free
    - KVM: MIPS: Make ERET handle ERL before EXL
    - ovl: fsync after copy-up
    - parisc: Ensure consistent state when switching to kernel stack at syscall
      entry
    - virtio_ring: Make interrupt suppression spec compliant
    - virtio: console: Unlock vqs while freeing buffers
    - dm mirror: fix read error on recovery after default leg failure
    - Input: i8042 - add XMG C504 to keyboard reset table
    - firewire: net: guard against rx buffer overflows
    - firewire: net: fix fragmented datagram_size off-by-one
    - mac80211: discard multicast and 4-addr A-MSDUs
    - scsi: megaraid_sas: Fix data integrity failure for JBOD (passthrough)
      devices
    - scsi: scsi_debug: Fix memory leak if LBP enabled and module is unloaded
    - scsi: arcmsr: Send SYNCHRONIZE_CACHE command to firmware
    - mmc: dw_mmc-pltfm: fix the potential NULL pointer dereference
    - Revert "drm/radeon: fix DP link training issue with second 4K monitor"
    - drm/radeon/si_dpm: Limit clocks on HD86xx part
    - drm/radeon/si_dpm: workaround for SI kickers
    - drm/radeon: drop register readback in cayman_cp_int_cntl_setup
    - drm/dp/mst: Check peer device type before attempting EDID read
    - perf build: Fix traceevent plugins build race
    - x86/xen: fix upper bound of pmd loop in xen_cleanhighmap()
    - powerpc/ptrace: Fix out of bounds array access warning
    - ARM: 8584/1: floppy: avoid gcc-6 warning
    - mm/cma: silence warnings due to max() usage
    - drm/exynos: fix error handling in exynos_drm_subdrv_open
    - cgroup: avoid false positive gcc-6 warning
    - smc91x: avoid self-comparison warning
    - Disable "frame-address" warning
    - UBI: fastmap: scrub PEB when bitflips are detected in a free PEB EC header
    - pwm: Unexport children before chip removal
    - usb: dwc3: Fix size used in dma_free_coherent()
    - tty: vt, fix bogus division in csi_J
    - kvm: x86: Check memopp before dereference (CVE-2016-8630)
    - ubi: fastmap: Fix add_vol() return value test in ubi_attach_fastmap()
    - HID: usbhid: add ATEN CS962 to list of quirky devices
    - Linux 4.4.31

  * CVE-2016-6213
    - mnt: Add a per mount namespace limit on the number of mounts

  * ThinkPad T460 hotkeys stop working in Ubuntu 16.04 (LP: #1642114)
    - thinkpad_acpi: Add support for HKEY version 0x200

  * CVE-2016-4568
    - videobuf2-v4l2: Verify planes array in buffer dequeueing

  * [SRU] Add 0cf3:e009 to btusb (LP: #1641562)
    - Bluetooth: btusb: Add support for 0cf3:e009

  * Fix resource leak in btusb (LP: #1641569)
    - SAUCE: Bluetooth: decrease refcount after use

  * WiFi LED doesn't work on some Edge Gateway units (LP: #1640418)
    - SAUCE: mwifiex: Use PCI ID instead of DMI ID to identify Edge Gateways

  * [Hyper-V] do not lose pending heartbeat vmbus packets (LP: #1632786)
    - hv: do not lose pending heartbeat vmbus packets

  * ipv6: connected routes are missing after a down/up cycle on the loopback
    (LP: #1634545)
    - ipv6: correctly add local routes when lo goes up

  * audit: prevent a new auditd to stop an old auditd still alive (LP: #1633404)
    - audit: stop an old auditd being starved out by a new auditd

  * hv_set_ifconfig script parsing fails for certain configuration
    (LP: #1640109)
    - hv_set_ifconfig -- handle DHCP interfaces correctly
    - hv_set_ifconfig -- ensure we include the last stanza

  * CVE-2016-7039 and CVE-2016-8666 (LP: #1631287)
    - Revert "UBUNTU: SAUCE: net: add recursion limit to GRO"

 -- Luis Henriques <email address hidden>  Wed, 30 Nov 2016 16:40:16 +0000
Superseded in trusty-updates on 2016-12-05
Superseded in trusty-security on 2016-12-05
Deleted in trusty-proposed (Reason: moved to -updates)
linux-lts-xenial (4.4.0-51.72~14.04.1) trusty; urgency=low

  [ Luis Henriques ]

  * Release Tracking Bug
    - LP: #1644616

  * 4.4.0-1037-snapdragon #41: kernel panic on boot (LP: #1644596)
    - Revert "dma-mapping: introduce the DMA_ATTR_NO_WARN attribute"
    - Revert "powerpc: implement the DMA_ATTR_NO_WARN attribute"
    - Revert "nvme: use the DMA_ATTR_NO_WARN attribute"

Available diffs

Deleted in trusty-proposed on 2017-01-04 (Reason: NBS)
linux-lts-xenial (4.4.0-49.70~14.04.1) trusty; urgency=low

  [ Luis Henriques ]

  * Release Tracking Bug
    - LP: #1640929

  * Infiniband driver (kernel module) needed for Azure (LP: #1641139)
    - SAUCE: RDMA Infiniband for Windows Azure
    - [Config] CONFIG_HYPERV_INFINIBAND_ND=m
    - SAUCE: Makefile RDMA infiniband driver for Windows Azure
    - [Config] Add hv_network_direct.ko to generic inclusion list
    - SAUCE: RDMA Infiniband for Windows Azure is dependent on amd64

Available diffs

  • diff from 4.4.0-47.68~14.04.1 to 4.4.0-49.70~14.04.1 (pending)
Superseded in trusty-security on 2016-11-30
Superseded in trusty-updates on 2016-11-30
Deleted in trusty-proposed (Reason: moved to -updates)
linux-lts-xenial (4.4.0-47.68~14.04.1) trusty; urgency=low

  [ Kamal Mostafa ]

  * Release Tracking Bug
    - LP: #1636951

  * Add a driver for Amazon Elastic Network Adapters (ENA) (LP: #1635721)
    - lib/bitmap.c: conversion routines to/from u32 array
    - net: ethtool: add new ETHTOOL_xLINKSETTINGS API
    - net: ena: Add a driver for Amazon Elastic Network Adapters (ENA)
    - [config] enable CONFIG_ENA_ETHERNET=m (Amazon ENA driver)

  * unexpectedly large memory usage of mounted snaps (LP: #1636847)
    - [Config] switch squashfs to single threaded decode

 -- Kamal Mostafa <email address hidden>  Wed, 26 Oct 2016 10:47:55 -0700
175 of 106 results