Package "linux-oracle-5.15"

 linux-oracle-5.15 (5.15.0-1045.51~20.04.1) focal; urgency=medium
 .
   * focal/linux-oracle-5.15: 5.15.0-1045.51~20.04.1 -proposed tracker
     (LP: #2036567)
 .
   * Jammy update: v5.15.117 upstream stable release (LP: #2030107)
     - [Config] oracle-5.15: Remove sx8 from ABI
 .
   * Jammy update: v5.15.118 upstream stable release (LP: #2030239)
     - [Config] oracle-5.15: Remove decnet and dn_rtmsg from ABI
 .
   * Please enable Renesas RZ platform serial installer (LP: #2022361)
     - [Config] oracle-5.15: Remove sh-sci from ABI
 .
   [ Ubuntu: 5.15.0-1045.51 ]
 .
   * jammy/linux-oracle: 5.15.0-1045.51 -proposed tracker (LP: #2036568)
   * Please enable Renesas RZ platform serial installer (LP: #2022361)
     - [Config] Remove sh-sci from ABI
   * Jammy update: v5.15.118 upstream stable release (LP: #2030239)
     - [Config] Remove decnet and dn_rtmsg from ABI
   * Jammy update: v5.15.117 upstream stable release (LP: #2030107)
     - [Config] Remove sx8 from ABI
   * Packaging resync (LP: #1786013)
     - [Packaging] update variants
     - [Packaging] update helper scripts
   * jammy/linux: 5.15.0-86.96 -proposed tracker (LP: #2036575)
   * 5.15.0-85 live migration regression (LP: #2036675)
     - Revert "KVM: x86: Always enable legacy FP/SSE in allowed user XFEATURES"
     - Revert "x86/kvm/fpu: Limit guest user_xfeatures to supported bits of XCR0"
   * Regression for ubuntu_bpf test build on Jammy 5.15.0-85.95 (LP: #2035181)
     - selftests/bpf: fix static assert compilation issue for test_cls_*.c
   * `refcount_t: underflow; use-after-free.` on hidon w/ 5.15.0-85-generic
     (LP: #2034447)
     - crypto: rsa-pkcs1pad - Use helper to set reqsize
   * jammy/linux: 5.15.0-85.95 -proposed tracker (LP: #2033821)
   * Please enable Renesas RZ platform serial installer (LP: #2022361)
     - [Config] enable hihope RZ/G2M serial console
     - [Config] Mark sh-sci as built-in
   * Request backport of xen timekeeping performance improvements (LP: #2033122)
     - x86/xen/time: prefer tsc as clocksource when it is invariant
   * kdump doesn't work with UEFI secure boot and kernel lockdown enabled on
     ARM64 (LP: #2033007)
     - [Config]: Enable CONFIG_KEXEC_IMAGE_VERIFY_SIG
     - kexec, KEYS: make the code in bzImage64_verify_sig generic
     - arm64: kexec_file: use more system keyrings to verify kernel image signature
   * ubuntu_kernel_selftests:net:vrf-xfrm-tests.sh: 8 failed test cases on
     jammy/fips (LP: #2019880)
     - selftests: net: vrf-xfrm-tests: change authentication and encryption algos
   * ubuntu_kernel_selftests:net:tls: 88 failed test cases on jammy/fips
     (LP: #2019868)
     - selftests/harness: allow tests to be skipped during setup
     - selftests: net: tls: check if FIPS mode is enabled
   * A general-proteciton exception during guest migration to unsupported PKRU
     machine (LP: 2032164, reverted)
     - x86/kvm/fpu: Limit guest user_xfeatures to supported bits of XCR0
     - KVM: x86: Always enable legacy FP/SSE in allowed user XFEATURES
   * CVE-2023-4569
     - netfilter: nf_tables: deactivate catchall elements in next generation
   * CVE-2023-20569
     - x86/cpu, kvm: Add support for CPUID_80000021_EAX
     - x86/srso: Add a Speculative RAS Overflow mitigation
     - x86/srso: Add IBPB_BRTYPE support
     - x86/srso: Add SRSO_NO support
     - x86/srso: Add IBPB
     - x86/srso: Add IBPB on VMEXIT
     - x86/srso: Fix return thunks in generated code
     - x86/srso: Tie SBPB bit setting to microcode patch detection
     - x86: fix backwards merge of GDS/SRSO bit
     - x86/srso: Fix build breakage with the LLVM linker
     - x86/cpu: Fix __x86_return_thunk symbol type
     - x86/cpu: Fix up srso_safe_ret() and __x86_return_thunk()
     - x86/alternative: Make custom return thunk unconditional
     - objtool: Add frame-pointer-specific function ignore
     - x86/ibt: Add ANNOTATE_NOENDBR
     - x86/cpu: Clean up SRSO return thunk mess
     - x86/cpu: Rename original retbleed methods
     - x86/cpu: Rename srso_(.*)_alias to srso_alias_\1
     - x86/cpu: Cleanup the untrain mess
     - x86/srso: Explain the untraining sequences a bit more
     - x86/static_call: Fix __static_call_fixup()
     - x86/retpoline: Don't clobber RFLAGS during srso_safe_ret()
     - x86/srso: Disable the mitigation on unaffected configurations
     - x86/retpoline,kprobes: Fix position of thunk sections with CONFIG_LTO_CLANG
     - objtool/x86: Fixup frame-pointer vs rethunk
     - x86/srso: Correct the mitigation status when SMT is disabled
     - objtool/x86: Fix SRSO mess
     - Ubuntu: [Config]: enable Speculative Return Stack Overflow mitigation
   * Fix unreliable ethernet cable detection on I219 NIC (LP: #2028122)
     - e1000e: Use PME poll to circumvent unreliable ACPI wake
   * Need to get fine-grained control for FAN(TFN) Participant. (LP: #2031333)
     - ACPI: fan: Separate file for attributes creation
     - ACPI: fan: Optimize struct acpi_fan_fif
     - ACPI: fan: Properly handle fine grain control
     - ACPI: fan: Add additional attributes for fine grain control
   * [SRU][Ubuntu 22.04.1] Unable to interpret the frequency values in
     cpuinfo_min_freq and cpuino_max_freq sysfs files. (LP: #2030924)
     - cpufreq: intel_pstate: Fix scaling for hybrid-capable
   * CVE-2023-40283
     - Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb
   * CVE-2023-20588
     - x86/bugs: Increase the x86 bugs vector size to two u32s
     - x86/CPU/AMD: Do not leak quotient data after a division by 0
     - x86/CPU/AMD: Fix the DIV(0) initial fix attempt
   * CVE-2023-4194
     - net: tun_chr_open(): set sk_uid from current_fsuid()
     - net: tap_open(): set sk_uid from current_fsuid()
   * CVE-2023-4155
     - KVM: SEV: Refactor out sev_es_state struct
     - KVM: SEV: Fall back to vmalloc for SEV-ES scratch area if necessary
     - KVM: SVM: Do not terminate SEV-ES guests on GHCB validation failure
     - KVM: SVM: Exit to userspace on ENOMEM/EFAULT GHCB e

 linux-oracle-5.15 (5.15.0-1042.48~20.04.1) focal; urgency=medium
 .
   * focal/linux-oracle-5.15: 5.15.0-1042.48~20.04.1 -proposed tracker
     (LP: #2030414)
 .
   [ Ubuntu: 5.15.0-1042.48 ]
 .
   * jammy/linux-oracle: 5.15.0-1042.48 -proposed tracker (LP: #2030415)
   * jammy/linux: 5.15.0-83.92 -proposed tracker (LP: #2031132)
   * libgnutls report "trap invalid opcode" when trying to install packages over
     https (LP: #2031093)
     - [Config]: disable CONFIG_GDS_FORCE_MITIGATION
   * jammy/linux: 5.15.0-81.90 -proposed tracker (LP: #2030422)
   * Packaging resync (LP: #1786013)
     - [Packaging] resync update-dkms-versions helper
     - [Packaging] resync getabis
     - debian/dkms-versions -- update from kernel-versions (main/2023.08.07)
   * CVE-2022-40982
     - x86/mm: Initialize text poking earlier
     - x86/mm: fix poking_init() for Xen PV guests
     - x86/mm: Use mm_alloc() in poking_init()
     - mm: Move mm_cachep initialization to mm_init()
     - init: Provide arch_cpu_finalize_init()
     - x86/cpu: Switch to arch_cpu_finalize_init()
     - ARM: cpu: Switch to arch_cpu_finalize_init()
     - sparc/cpu: Switch to arch_cpu_finalize_init()
     - um/cpu: Switch to arch_cpu_finalize_init()
     - init: Remove check_bugs() leftovers
     - init: Invoke arch_cpu_finalize_init() earlier
     - init, x86: Move mem_encrypt_init() into arch_cpu_finalize_init()
     - x86/init: Initialize signal frame size late
     - x86/fpu: Remove cpuinfo argument from init functions
     - x86/fpu: Mark init functions __init
     - x86/fpu: Move FPU initialization into arch_cpu_finalize_init()
     - x86/xen: Fix secondary processors' FPU initialization
     - x86/speculation: Add Gather Data Sampling mitigation
     - x86/speculation: Add force option to GDS mitigation
     - x86/speculation: Add Kconfig option for GDS
     - KVM: Add GDS_NO support to KVM
     - Documentation/x86: Fix backwards on/off logic about YMM support
     - [Config]: Enable CONFIG_ARCH_HAS_CPU_FINALIZE_INIT and
       CONFIG_GDS_FORCE_MITIGATION
   * CVE-2023-3609
     - net/sched: cls_u32: Fix reference counter leak leading to overflow
   * CVE-2023-21400
     - io_uring: ensure IOPOLL locks around deferred work
   * CVE-2023-4015
     - netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound
       set/chain
     - netfilter: nf_tables: unbind non-anonymous set if rule construction fails
     - netfilter: nf_tables: skip immediate deactivate in _PREPARE_ERROR
   * CVE-2023-3995
     - netfilter: nf_tables: disallow rule addition to bound chain via
       NFTA_RULE_CHAIN_ID
   * CVE-2023-3777
     - netfilter: nf_tables: skip bound chain on rule flush
   * losetup with mknod fails on jammy with kernel 5.15.0-69-generic
     (LP: #2015400)
     - loop: do not enforce max_loop hard limit by (new) default
   * Include the MAC address pass through function on RTL8153DD-CG (LP: #2020295)
     - r8152: add USB device driver for config selection
   * Jammy update: v5.15.116 upstream stable release (LP: #2029401)
     - RDMA/bnxt_re: Fix the page_size used during the MR creation
     - RDMA/efa: Fix unsupported page sizes in device
     - RDMA/hns: Fix base address table allocation
     - RDMA/hns: Modify the value of long message loopback slice
     - dmaengine: at_xdmac: Move the free desc to the tail of the desc list
     - dmaengine: at_xdmac: fix potential Oops in at_xdmac_prep_interleaved()
     - RDMA/bnxt_re: Fix a possible memory leak
     - RDMA/bnxt_re: Fix return value of bnxt_re_process_raw_qp_pkt_rx
     - iommu/rockchip: Fix unwind goto issue
     - iommu/amd: Don't block updates to GATag if guest mode is on
     - dmaengine: pl330: rename _start to prevent build error
     - riscv: Fix unused variable warning when BUILTIN_DTB is set
     - net/mlx5: fw_tracer, Fix event handling
     - net/mlx5e: Don't attach netdev profile while handling internal error
     - net: mellanox: mlxbf_gige: Fix skb_panic splat under memory pressure
     - netrom: fix info-leak in nr_write_internal()
     - af_packet: Fix data-races of pkt_sk(sk)->num.
     - amd-xgbe: fix the false linkup in xgbe_phy_status
     - mtd: rawnand: ingenic: fix empty stub helper definitions
     - RDMA/irdma: Add SW mechanism to generate completions on error
     - RDMA/irdma: Prevent QP use after free
     - RDMA/irdma: Fix Local Invalidate fencing
     - af_packet: do not use READ_ONCE() in packet_bind()
     - tcp: deny tcp_disconnect() when threads are waiting
     - tcp: Return user_mss for TCP_MAXSEG in CLOSE/LISTEN state if user_mss set
     - net/sched: sch_ingress: Only create under TC_H_INGRESS
     - net/sched: sch_clsact: Only create under TC_H_CLSACT
     - net/sched: Reserve TC_H_INGRESS (TC_H_CLSACT) for ingress (clsact) Qdiscs
     - net/sched: Prohibit regrafting ingress or clsact Qdiscs
     - net: sched: fix NULL pointer dereference in mq_attach
     - net/netlink: fix NETLINK_LIST_MEMBERSHIPS length report
     - udp6: Fix race condition in udp6_sendmsg & connect
     - net/mlx5e: Fix error handling in mlx5e_refresh_tirs
     - net/mlx5: Read embedded cpu after init bit cleared
     - net: dsa: mv88e6xxx: Increase wait after reset deactivation
     - mtd: rawnand: marvell: ensure timing values are written
     - mtd: rawnand: marvell: don't set the NAND frequency select
     - rtnetlink: call validate_linkmsg in rtnl_create_link
     - drm/amdgpu: release gpu full access after "amdgpu_device_ip_late_init"
     - watchdog: menz069_wdt: fix watchdog initialisation
     - ALSA: hda: Glenfly: add HD Audio PCI IDs and HDMI Codec Vendor IDs.
     - drm/amdgpu: Use the default reset when loading or reloading the driver
     - mailbox: mailbox-test: Fix potential double-free in
       mbox_test_message_write()
     - drm/ast: Fix ARM compatibility
     - btrfs: abort transaction when sibling keys check fails for leaves
     - ARM: 9295/1: unwind:fix unwind abort for uleb128 case
     - media: rcar-vin: Select co

 linux-oracle-5.15 (5.15.0-1040.46~20.04.1) focal; urgency=medium
 .
   * focal/linux-oracle-5.15: 5.15.0-1040.46~20.04.1 -proposed tracker
     (LP: #2026523)
 .
   [ Ubuntu: 5.15.0-1040.46 ]
 .
   * jammy/linux-oracle: 5.15.0-1040.46 -proposed tracker (LP: #2026524)
   * jammy/linux: 5.15.0-79.86 -proposed tracker (LP: #2026531)
   * Jammy update: v5.15.111 upstream stable release (LP: #2025095)
     - ASOC: Intel: sof_sdw: add quirk for Intel 'Rooks County' NUC M15
     - ASoC: soc-pcm: fix hw->formats cleared by soc_pcm_hw_init() for dpcm
     - x86/hyperv: Block root partition functionality in a Confidential VM
     - iio: adc: palmas_gpadc: fix NULL dereference on rmmod
     - ASoC: Intel: bytcr_rt5640: Add quirk for the Acer Iconia One 7 B1-750
     - selftests mount: Fix mount_setattr_test builds failed
     - asm-generic/io.h: suppress endianness warnings for readq() and writeq()
     - x86/cpu: Add model number for Intel Arrow Lake processor
     - wireguard: timers: cast enum limits members to int in prints
     - wifi: mt76: mt7921e: Set memory space enable in PCI_COMMAND if unset
     - arm64: Always load shadow stack pointer directly from the task struct
     - arm64: Stash shadow stack pointer in the task struct on interrupt
     - PCI: pciehp: Fix AB-BA deadlock between reset_lock and device_lock
     - PCI: qcom: Fix the incorrect register usage in v2.7.0 config
     - IMA: allow/fix UML builds
     - USB: dwc3: fix runtime pm imbalance on probe errors
     - USB: dwc3: fix runtime pm imbalance on unbind
     - hwmon: (k10temp) Check range scale when CUR_TEMP register is read-write
     - hwmon: (adt7475) Use device_property APIs when configuring polarity
     - posix-cpu-timers: Implement the missing timer_wait_running callback
     - blk-mq: release crypto keyslot before reporting I/O complete
     - blk-crypto: make blk_crypto_evict_key() return void
     - blk-crypto: make blk_crypto_evict_key() more robust
     - ext4: use ext4_journal_start/stop for fast commit transactions
     - staging: iio: resolver: ads1210: fix config mode
     - tty: Prevent writing chars during tcsetattr TCSADRAIN/FLUSH
     - xhci: fix debugfs register accesses while suspended
     - tick/nohz: Fix cpu_is_hotpluggable() by checking with nohz subsystem
     - MIPS: fw: Allow firmware to pass a empty env
     - ipmi:ssif: Add send_retries increment
     - ipmi: fix SSIF not responding under certain cond.
     - kheaders: Use array declaration instead of char
     - wifi: mt76: add missing locking to protect against concurrent rx/status
       calls
     - pwm: meson: Fix axg ao mux parents
     - pwm: meson: Fix g12a ao clk81 name
     - soundwire: qcom: correct setting ignore bit on v1.5.1
     - pinctrl: qcom: lpass-lpi: set output value before enabling output
     - ring-buffer: Sync IRQ works before buffer destruction
     - crypto: api - Demote BUG_ON() in crypto_unregister_alg() to a WARN_ON()
     - crypto: safexcel - Cleanup ring IRQ workqueues on load failure
     - rcu: Avoid stack overflow due to __rcu_irq_enter_check_tick() being kprobe-
       ed
     - reiserfs: Add security prefix to xattr name in reiserfs_security_write()
     - KVM: nVMX: Emulate NOPs in L2, and PAUSE if it's not intercepted
     - relayfs: fix out-of-bounds access in relay_file_read
     - writeback, cgroup: fix null-ptr-deref write in bdi_split_work_to_wbs
     - ksmbd: call rcu_barrier() in ksmbd_server_exit()
     - ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()
     - ksmbd: fix memleak in session setup
     - i2c: omap: Fix standard mode false ACK readings
     - riscv: mm: remove redundant parameter of create_fdt_early_page_table
     - tracing: Fix permissions for the buffer_percent file
     - iommu/amd: Fix "Guest Virtual APIC Table Root Pointer" configuration in IRTE
     - ubifs: Fix memleak when insert_old_idx() failed
     - ubi: Fix return value overwrite issue in try_write_vid_and_data()
     - ubifs: Free memory for tmpfile name
     - xfs: don't consider future format versions valid
     - sound/oss/dmasound: fix build when drivers are mixed =y/=m
     - rcu: Fix missing TICK_DEP_MASK_RCU_EXP dependency check
     - selftests/resctrl: Return NULL if malloc_and_init_memory() did not alloc mem
     - selftests/resctrl: Extend CPU vendor detection
     - selftests/resctrl: Move ->setup() call outside of test specific branches
     - selftests/resctrl: Allow ->setup() to return errors
     - selftests/resctrl: Check for return value after write_schemata()
     - selinux: fix Makefile dependencies of flask.h
     - selinux: ensure av_permissions.h is built when needed
     - tpm, tpm_tis: Do not skip reset of original interrupt vector
     - tpm, tpm_tis: Claim locality before writing TPM_INT_ENABLE register
     - tpm, tpm_tis: Disable interrupts if tpm_tis_probe_irq() failed
     - tpm, tpm_tis: Claim locality before writing interrupt registers
     - tpm, tpm: Implement usage counter for locality
     - tpm, tpm_tis: Claim locality when interrupts are reenabled on resume
     - erofs: stop parsing non-compact HEAD index if clusterofs is invalid
     - erofs: fix potential overflow calculating xattr_isize
     - drm/rockchip: Drop unbalanced obj unref
     - drm/vgem: add missing mutex_destroy
     - drm/probe-helper: Cancel previous job before starting new one
     - tools/x86/kcpuid: Fix avx512bw and avx512lvl fields in Fn00000007
     - soc: ti: pm33xx: Fix refcount leak in am33xx_pm_probe
     - arm64: dts: renesas: r8a77990: Remove bogus voltages from OPP table
     - arm64: dts: renesas: r8a774c0: Remove bogus voltages from OPP table
     - drm/msm/disp/dpu: check for crtc enable rather than crtc active to release
       shared resources
     - EDAC/skx: Fix overflows on the DRAM row address mapping arrays
     - regulator: core: Shorten off-on-delay-us for always-on/boot-on by time since
       booted
     - arm64: dts: ti: k3-j721e-main: Remove ti,strobe-sel

 linux-oracle-5.15 (5.15.0-1037.43~20.04.1) focal; urgency=medium
 .
   * focal/linux-oracle-5.15: 5.15.0-1037.43~20.04.1 -proposed tracker
     (LP: #2019412)
 .
   * Use new annotations model (LP: #2019000)
     - [Config] oracle-5.15: migrate all configs into annotations
 .
   * Packaging resync (LP: #1786013)
     - [Packaging] resync git-ubuntu-log
 .
   [ Ubuntu: 5.15.0-1037.43 ]
 .
   * jammy/linux-oracle: 5.15.0-1037.43 -proposed tracker (LP: #2019413)
   * Use new annotations model (LP: #2019000)
     - [Config] oracle: migrate all configs into annotations
   * Packaging resync (LP: #1786013)
     - [Packaging] resync getabis
     - [Packaging] resync annotations
   * Jammy update: v5.15.99 upstream stable release (LP: #2018438)
     - [Config] oracle: Drop MICROCODE_OLD_INTERFACE
   * fix typo in config-checks invocation (LP: #2020413)
     - [Packaging] fix typo when calling the old config-check
     - [Packaging] fix typo in 4-checks.mk
   * support python < 3.9 with annotations (LP: #2020531)
     - [Packaging] kconfig/annotations.py: support older way of merging dicts
   * jammy/linux: 5.15.0-74.81 -proposed tracker (LP: #2019420)
   * smartpqi: Update 22.04 driver to include recent bug fixes and support
     current generation devices (LP: #1998643)
     - scsi: smartpqi: Switch to attribute groups
     - scsi: smartpqi: Fix rmmod stack trace
     - scsi: smartpqi: Add PCI IDs
     - scsi: smartpqi: Enable SATA NCQ priority in sysfs
     - scsi: smartpqi: Eliminate drive spin down on warm boot
     - scsi: smartpqi: Quickly propagate path failures to SCSI midlayer
     - scsi: smartpqi: Fix a name typo and cleanup code
     - scsi: smartpqi: Fix a typo in func pqi_aio_submit_io()
     - scsi: smartpqi: Resolve delay issue with PQI_HZ value
     - scsi: smartpqi: Avoid drive spin-down during suspend
     - scsi: smartpqi: Update volume size after expansion
     - scsi: smartpqi: Speed up RAID 10 sequential reads
     - scsi: smartpqi: Expose SAS address for SATA drives
     - scsi: smartpqi: Fix NUMA node not updated during init
     - scsi: smartpqi: Fix BUILD_BUG_ON() statements
     - scsi: smartpqi: Fix hibernate and suspend
     - scsi: smartpqi: Fix lsscsi -t SAS addresses
     - scsi: smartpqi: Update version to 2.1.14-035
     - scsi: smartpqi: Fix unused variable pqi_pm_ops for clang
     - scsi: smartpqi: Stop using the SCSI pointer
     - scsi: smartpqi: Fix typo in comment
     - scsi: smartpqi: Shorten drive visibility after removal
     - scsi: smartpqi: Add controller fw version to console log
     - scsi: smartpqi: Add PCI IDs for ramaxel controllers
     - scsi: smartpqi: Close write read holes
     - scsi: smartpqi: Add driver support for multi-LUN devices
     - scsi: smartpqi: Fix PCI control linkdown system hang
     - scsi: smartpqi: Add PCI ID for Adaptec SmartHBA 2100-8i
     - scsi: smartpqi: Add PCI IDs for Lenovo controllers
     - scsi: smartpqi: Stop logging spurious PQI reset failures
     - scsi: smartpqi: Fix RAID map race condition
     - scsi: smartpqi: Add module param to disable managed ints
     - scsi: smartpqi: Update deleting a LUN via sysfs
     - scsi: smartpqi: Add ctrl ready timeout module parameter
     - scsi: smartpqi: Update copyright to current year
     - scsi: smartpqi: Update version to 2.1.18-045
     - scsi: smartpqi: Convert to host_tagset
     - scsi: smartpqi: Add new controller PCI IDs
     - scsi: smartpqi: Correct max LUN number
     - scsi: smartpqi: Change sysfs raid_level attribute to N/A for controllers
     - scsi: smartpqi: Correct device removal for multi-actuator devices
     - scsi: smartpqi: Add controller cache flush during rmmod
     - scsi: smartpqi: Initialize feature section info
     - scsi: smartpqi: Change version to 2.1.20-035
   * CVE-2023-32233
     - netfilter: nf_tables: deactivate anonymous set from preparation phase
   * CVE-2023-2612
     - SAUCE: shiftfs: prevent lock unbalance in shiftfs_create_object()
   * CVE-2023-31436
     - net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
   * CVE-2023-1380
     - wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()
   * Add PPIN support for Intel EMR cpu (LP: #2019131)
     - x86/cpu: Merge Intel and AMD ppin_init() functions
     - x86/cpu: Add Xeon Emerald Rapids to list of CPUs that support PPIN
   * conntrack mark is not advertised via netlink (LP: #2016269)
     - netfilter: ctnetlink: revert to dumping mark regardless of event type
   * [SRU] Backport request for hpwdt from upstream 6.1 to Jammy (LP: #2008751)
     - watchdog/hpwdt: Enable HP_WATCHDOG for ARM64 systems.
     - watchdog/hpwdt: Include nmi.h only if CONFIG_HPWDT_NMI_DECODING
     - [Config] Add arm64 option to CONFIG_HP_WATCHDOG
   * Ubuntu 22.04 raise abnormal NIC MSI-X requests with larger CPU cores (256)
     (LP: #2012335)
     - ice: Allow operation with reduced device MSI-X
   * Dell: Enable speaker mute hotkey LED indicator (LP: #2015972)
     - platform/x86: dell-laptop: Register ctl-led for speaker-mute
   * [SRU]With "Performance per Watt (DAPC)" enabled in the BIOS, Bootup time is
     taking longer than expected (LP: #2008527)
     - cpufreq: ACPI: Defer setting boost MSRs
   * [SRU][Jammy] CONFIG_PCI_MESON is not enabled (LP: #2007745)
     - [Config] arm64: Enable PCI_MESON module
   * Jammy update: v5.15.99 upstream stable release (LP: #2018438)
     - HID: asus: use spinlock to protect concurrent accesses
     - HID: asus: use spinlock to safely schedule workers
     - powerpc/mm: Rearrange if-else block to avoid clang warning
     - ARM: OMAP2+: Fix memory leak in realtime_counter_init()
     - arm64: dts: qcom: qcs404: use symbol names for PCIe resets
     - arm64: dts: qcom: msm8996-tone: Fix USB taking 6 minutes to wake up
     - arm64: dts: qcom: sm8150-kumano: Panel framebuffer is 2.5k instead of 4k
     - arm64: dts: qcom: sm6125: Reorder HSUSB PHY clocks to match bindings
     - arm64: dts: imx8m: Align SoC unique ID n

 linux-oracle-5.15 (5.15.0-1036.42~20.04.1) focal; urgency=medium
 .
   * focal/linux-oracle-5.15: 5.15.0-1036.42~20.04.1 -proposed tracker
     (LP: #2019639)
 .
   [ Ubuntu: 5.15.0-1036.42 ]
 .
   * jammy/linux-oracle: 5.15.0-1036.42 -proposed tracker (LP: #2019640)
   * jammy/linux: 5.15.0-73.80 -proposed tracker (LP: #2019647)
   * CVE-2023-32233
     - netfilter: nf_tables: deactivate anonymous set from preparation phase
   * CVE-2023-2612
     - SAUCE: shiftfs: prevent lock unbalance in shiftfs_create_object()
   * CVE-2023-31436
     - net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
   * CVE-2023-1380
     - wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()
   * CVE-2023-30456
     - KVM: nVMX: add missing consistency checks for CR0 and CR4
   * Packaging resync (LP: #1786013)
     - [Packaging] update helper scripts