Package "linux-kvm"

 linux-kvm (4.4.0-1064.71) xenial; urgency=medium
 .
   * xenial/linux-kvm: 4.4.0-1064.71 -proposed tracker (LP: #1854826)
 .
   * backport DIMLIB (lib/dim/) to pre-5.2 kernels (LP: #1852637)
     - kvm: [CONFIG] updateconfigs for DIMLIB
 .
   [ Ubuntu: 4.4.0-171.200 ]
 .
   * xenial/linux: 4.4.0-171.200 -proposed tracker (LP: #1854835)
   * CVE-2019-14901
     - SAUCE: mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame()
   * CVE-2019-14896 // CVE-2019-14897
     - SAUCE: libertas: Fix two buffer overflows at parsing bss descriptor
   * CVE-2019-14895
     - SAUCE: mwifiex: fix possible heap overflow in mwifiex_process_country_ie()
   * CVE-2019-18660: patches for Ubuntu (LP: #1853142) // CVE-2019-18660
     - powerpc/64s: support nospectre_v2 cmdline option
     - powerpc/book3s64: Fix link stack flush on context switch
     - KVM: PPC: Book3S HV: Flush link stack on guest exit to host kernel
   * cloudimg: no iavf/i40evf module so no network available with SR-IOV enabled
     cloud (LP: #1848481)
     - [Packaging]: include i40evf in generic
   * update ENA driver for DIMLIB dynamic interrupt moderation (LP: #1853180)
     - net: ena: fix bug that might cause hang after consecutive open/close
       interface.
     - net: ena: add intr_moder_rx_interval to struct ena_com_dev and use it
     - net: ena: switch to dim algorithm for rx adaptive interrupt moderation
     - net: ena: reimplement set/get_coalesce()
     - net: ena: enable the interrupt_moderation in driver_supported_features
     - net: ena: remove code duplication in
       ena_com_update_nonadaptive_moderation_interval _*()
     - net: ena: remove old adaptive interrupt moderation code from ena_netdev
     - net: ena: remove ena_restore_ethtool_params() and relevant fields
     - net: ena: remove all old adaptive rx interrupt moderation code from ena_com
     - net: ena: fix update of interrupt moderation register
     - net: ena: fix retrieval of nonadaptive interrupt moderation intervals
     - net: ena: fix incorrect update of intr_delay_resolution
     - net: ena: Select DIMLIB for ENA_ETHERNET
     - SAUCE: net: ena: fix issues in setting interrupt moderation params in
       ethtool
     - SAUCE: net: ena: fix too long default tx interrupt moderation interval
   * backport DIMLIB (lib/dim/) to pre-5.2 kernels (LP: #1852637)
     - include/linux/bitops.h: introduce BITS_PER_TYPE
     - linux/kernel.h: move DIV_ROUND_DOWN_ULL() macro
     - [Config] enable DIMLIB
     - linux/dim: import DIMLIB (lib/dim/)
     - SAUCE: linux/dim: avoid library object filename clash
   * Enable framebuffer fonts auto selection for HighDPI screen (LP: #1851623)
     - fonts: Fix coding style
     - fonts: Prefer a bigger font for high resolution screens
   * Xenial update: 4.4.203 upstream stable release (LP: #1853881)
     - slip: Fix memory leak in slip_open error path
     - ax88172a: fix information leak on short answers
     - ALSA: usb-audio: Fix missing error check at mixer resolution test
     - ALSA: usb-audio: not submit urb for stopped endpoint
     - Input: ff-memless - kill timer in destroy()
     - ecryptfs_lookup_interpose(): lower_dentry->d_inode is not stable
     - ecryptfs_lookup_interpose(): lower_dentry->d_parent is not stable either
     - iommu/vt-d: Fix QI_DEV_IOTLB_PFSID and QI_DEV_EIOTLB_PFSID macros
     - mm: memcg: switch to css_tryget() in get_mem_cgroup_from_mm()
     - mm: hugetlb: switch to css_tryget() in hugetlb_cgroup_charge_cgroup()
     - mmc: sdhci-of-at91: fix quirk2 overwrite
     - iio: dac: mcp4922: fix error handling in mcp4922_write_raw
     - ALSA: pcm: signedness bug in snd_pcm_plug_alloc()
     - ARM: dts: at91/trivial: Fix USART1 definition for at91sam9g45
     - ALSA: seq: Do error checks at creating system ports
     - gfs2: Don't set GFS2_RDF_UPTODATE when the lvb is updated
     - ASoC: dpcm: Properly initialise hw->rate_max
     - MIPS: BCM47XX: Enable USB power on Netgear WNDR3400v3
     - ARM: dts: exynos: Fix sound in Snow-rev5 Chromebook
     - i40e: use correct length for strncpy
     - i40e: hold the rtnl lock on clearing interrupt scheme
     - i40e: Prevent deleting MAC address from VF when set by PF
     - ARM: dts: pxa: fix power i2c base address
     - rtl8187: Fix warning generated when strncpy() destination length matches the
       sixe argument
     - net: lan78xx: Bail out if lan78xx_get_endpoints fails
     - ASoC: sgtl5000: avoid division by zero if lo_vag is zero
     - ath10k: wmi: disable softirq's while calling ieee80211_rx
     - mips: txx9: fix iounmap related issue
     - of: make PowerMac cache node search conditional on CONFIG_PPC_PMAC
     - ARM: dts: omap3-gta04: give spi_lcd node a label so that we can overwrite in
       other DTS files
     - ARM: dts: omap3-gta04: tvout: enable as display1 alias
     - ARM: dts: omap3-gta04: make NAND partitions compatible with recent U-Boot
     - ARM: dts: omap3-gta04: keep vpll2 always on
     - dmaengine: dma-jz4780: Further residue status fix
     - signal: Always ignore SIGKILL and SIGSTOP sent to the global init
     - signal: Properly deliver SIGILL from uprobes
     - signal: Properly deliver SIGSEGV from x86 uprobes
     - scsi: sym53c8xx: fix NULL pointer dereference panic in sym_int_sir()
     - ARM: imx6: register pm_power_off handler if "fsl,pmic-stby-poweroff" is set
     - scsi: pm80xx: Corrected dma_unmap_sg() parameter
     - scsi: pm80xx: Fixed system hang issue during kexec boot
     - kprobes: Don't call BUG_ON() if there is a kprobe in use on free list
     - nvmem: core: return error code instead of NULL from nvmem_device_get
     - media: fix: media: pci: meye: validate offset to avoid arbitrary access
     - ALSA: intel8x0m: Register irq handler after register initializations
     - pinctrl: at91-pio4: fix has_config check in atmel_pctl_dt_subnode_to_map()
     - llc: avoid blocking in llc_sap_close()
     - powerpc/vdso: Correct call frame information
     - ARM: dts: s

 linux-kvm (4.4.0-1063.70) xenial; urgency=medium
 .
   * xenial/linux-kvm: 4.4.0-1063.70 -proposed tracker (LP: #1852298)
 .
   [ Ubuntu: 4.4.0-170.199 ]
 .
   * xenial/linux: 4.4.0-170.199 -proposed tracker (LP: #1852306)
   * update ENA driver to version 2.1.0 (LP: #1850175)
     - net: ena: fix: set freed objects to NULL to avoid failing future allocations
     - net: ena: fix swapped parameters when calling
       ena_com_indirect_table_fill_entry
     - net: ena: fix: Free napi resources when ena_up() fails
     - net: ena: fix incorrect test of supported hash function
     - net: ena: fix return value of ena_com_config_llq_info()
     - net: ena: improve latency by disabling adaptive interrupt moderation by
       default
     - net: ena: fix ena_com_fill_hash_function() implementation
     - net: ena: add handling of llq max tx burst size
     - net: ena: ethtool: add extra properties retrieval via get_priv_flags
     - net: ena: replace free_tx/rx_ids union with single free_ids field in
       ena_ring
     - net: ena: arrange ena_probe() function variables in reverse christmas tree
     - net: ena: add newline at the end of pr_err prints
     - net: ena: allow automatic fallback to polling mode
     - net: ena: add support for changing max_header_size in LLQ mode
     - net: ena: optimise calculations for CQ doorbell
     - net: ena: add good checksum counter
     - net: ena: use dev_info_once instead of static variable
     - net: ena: add MAX_QUEUES_EXT get feature admin command
     - net: ena: enable negotiating larger Rx ring size
     - net: ena: make ethtool show correct current and max queue sizes
     - net: ena: allow queue allocation backoff when low on memory
     - net: ena: add ethtool function for changing io queue sizes
     - net: ena: remove inline keyword from functions in *.c
     - net: ena: update driver version from 2.0.3 to 2.1.0
     - net: ena: Fix bug where ring allocation backoff stopped too late
     - Revert "net: ena: ethtool: add extra properties retrieval via
       get_priv_flags"
     - net: ena: don't wake up tx queue when down
     - net: ena: clean up indentation issue
   * Bionic update: upstream stable patchset 2019-08-01 (LP: #1838700) // update
     ENA driver to version 2.1.0 (LP: #1850175)
     - net: ena: gcc 8: fix compilation warning
   * Skip frame when buffer overflow on UVC camera (LP: #1849871)
     - media: uvcvideo: Mark buffer error where overflow
   * CVE-2018-20784
     - sched/fair: Fix infinite loop in update_blocked_averages() by reverting
       a9e7f6544b9c
     - sched/fair: Fix hierarchical order in rq->leaf_cfs_rq_list
     - sched/fair: Add tmp_alone_branch assertion
     - sched/fair: Fix insertion in rq->leaf_cfs_rq_list
     - sched/fair: Optimize update_blocked_averages()
     - sched/fair: Fix O(nr_cgroups) in the load balancing path
   * Xenial update: 4.4.200 upstream stable release (LP: #1852110)
     - kbuild: add -fcf-protection=none when using retpoline flags
     - regulator: ti-abb: Fix timeout in ti_abb_wait_txdone/ti_abb_clear_all_txdone
     - regulator: pfuze100-regulator: Variable "val" in pfuze100_regulator_probe()
       could be uninitialized
     - ASoc: rockchip: i2s: Fix RPM imbalance
     - ARM: dts: logicpd-torpedo-som: Remove twl_keypad
     - ARM: mm: fix alignment handler faults under memory pressure
     - scsi: sni_53c710: fix compilation error
     - scsi: fix kconfig dependency warning related to 53C700_LE_ON_BE
     - perf kmem: Fix memory leak in compact_gfp_flags()
     - scsi: target: core: Do not overwrite CDB byte 1
     - of: unittest: fix memory leak in unittest_data_add
     - MIPS: bmips: mark exception vectors as char arrays
     - cifs: Fix cifsInodeInfo lock_sem deadlock when reconnect occurs
     - dccp: do not leak jiffies on the wire
     - net: fix sk_page_frag() recursion from memory reclaim
     - net: hisilicon: Fix ping latency when deal with high throughput
     - SAUCE: Revert "net: Zeroing the structure ethtool_wolinfo in
       ethtool_get_wol()"
     - net: Zeroing the structure ethtool_wolinfo in ethtool_get_wol()
     - net: add READ_ONCE() annotation in __skb_wait_for_more_packets()
     - vxlan: check tun_info options_len properly
     - net/mlx4_core: Dynamically set guaranteed amount of counters per VF
     - inet: stop leaking jiffies on the wire
     - net/flow_dissector: switch to siphash
     - dmaengine: qcom: bam_dma: Fix resource leak
     - ARM: 8051/1: put_user: fix possible data corruption in put_user
     - ARM: 8478/2: arm/arm64: add arm-smccc
     - ARM: 8479/2: add implementation for arm-smccc
     - ARM: 8480/2: arm64: add implementation for arm-smccc
     - ARM: 8481/2: drivers: psci: replace psci firmware calls
     - ARM: uaccess: remove put_user() code duplication
     - ARM: Move system register accessors to asm/cp15.h
     - arm/arm64: KVM: Advertise SMCCC v1.1
     - arm64: KVM: Report SMCCC_ARCH_WORKAROUND_1 BP hardening support
     - firmware/psci: Expose PSCI conduit
     - firmware/psci: Expose SMCCC version through psci_ops
     - arm/arm64: smccc: Make function identifiers an unsigned quantity
     - arm/arm64: smccc: Implement SMCCC v1.1 inline primitive
     - arm/arm64: smccc: Add SMCCC-specific return codes
     - arm/arm64: smccc-1.1: Make return values unsigned long
     - arm/arm64: smccc-1.1: Handle function result as parameters
     - ARM: add more CPU part numbers for Cortex and Brahma B15 CPUs
     - ARM: bugs: prepare processor bug infrastructure
     - ARM: bugs: hook processor bug checking into SMP and suspend paths
     - ARM: bugs: add support for per-processor bug checking
     - ARM: spectre: add Kconfig symbol for CPUs vulnerable to Spectre
     - ARM: spectre-v2: harden branch predictor on context switches
     - ARM: spectre-v2: add Cortex A8 and A15 validation of the IBE bit
     - ARM: spectre-v2: harden user aborts in kernel space
     - ARM: spectre-v2: add firmware based hardening
     - AR

 linux-kvm (4.4.0-1061.68) xenial; urgency=medium
 .
   * xenial/linux-kvm: 4.4.0-1061.68 -proposed tracker (LP: #1849042)
 .
   [ Ubuntu: 4.4.0-167.196 ]
 .
   * xenial/linux: 4.4.0-167.196 -proposed tracker (LP: #1849051)
   * Xenial update: 4.4.197 upstream stable release (LP: #1848780)
     - KVM: s390: Test for bad access register and size at the start of S390_MEM_OP
     - s390/topology: avoid firing events before kobjs are created
     - s390/cio: avoid calling strlen on null pointer
     - s390/cio: exclude subchannels with no parent from pseudo check
     - KVM: nVMX: handle page fault in vmread fix
     - ASoC: Define a set of DAPM pre/post-up events
     - powerpc/powernv: Restrict OPAL symbol map to only be readable by root
     - can: mcp251x: mcp251x_hw_reset(): allow more time after a reset
     - crypto: qat - Silence smp_processor_id() warning
     - ieee802154: atusb: fix use-after-free at disconnect
     - cfg80211: initialize on-stack chandefs
     - ima: always return negative code for error
     - fs: nfs: Fix possible null-pointer dereferences in encode_attrs()
     - 9p: avoid attaching writeback_fid on mmap with type PRIVATE
     - xen/pci: reserve MCFG areas earlier
     - ceph: fix directories inode i_blkbits initialization
     - drm/amdgpu: Check for valid number of registers to read
     - thermal: Fix use-after-free when unregistering thermal zone device
     - fuse: fix memleak in cuse_channel_open
     - kernel/elfcore.c: include proper prototypes
     - tools lib traceevent: Do not free tep->cmdlines in add_new_comm() on failure
     - perf stat: Fix a segmentation fault when using repeat forever
     - crypto: caam - fix concurrency issue in givencrypt descriptor
     - cfg80211: add and use strongly typed element iteration macros
     - cfg80211: Use const more consistently in for_each_element macros
     - nl80211: validate beacon head
     - ASoC: sgtl5000: Improve VAG power and mute control
     - panic: ensure preemption is disabled during panic()
     - [Config] updateconfigs for USB_RIO500
     - USB: rio500: Remove Rio 500 kernel driver
     - USB: yurex: Don't retry on unexpected errors
     - USB: yurex: fix NULL-derefs on disconnect
     - USB: usb-skeleton: fix runtime PM after driver unbind
     - USB: usb-skeleton: fix NULL-deref on disconnect
     - xhci: Prevent device initiated U1/U2 link pm if exit latency is too long
     - xhci: Check all endpoints for LPM timeout
     - usb: xhci: wait for CNR controller not ready bit in xhci resume
     - USB: adutux: remove redundant variable minor
     - USB: adutux: fix use-after-free on disconnect
     - USB: adutux: fix NULL-derefs on disconnect
     - USB: adutux: fix use-after-free on release
     - USB: iowarrior: fix use-after-free on disconnect
     - USB: iowarrior: fix use-after-free on release
     - USB: iowarrior: fix use-after-free after driver unbind
     - USB: usblp: fix runtime PM after driver unbind
     - USB: chaoskey: fix use-after-free on release
     - USB: ldusb: fix NULL-derefs on driver unbind
     - serial: uartlite: fix exit path null pointer
     - USB: serial: keyspan: fix NULL-derefs on open() and write()
     - USB: serial: ftdi_sio: add device IDs for Sienna and Echelon PL-20
     - USB: serial: option: add Telit FN980 compositions
     - USB: serial: option: add support for Cinterion CLS8 devices
     - USB: serial: fix runtime PM after driver unbind
     - USB: usblcd: fix I/O after disconnect
     - USB: microtek: fix info-leak at probe
     - USB: dummy-hcd: fix power budget for SuperSpeed mode
     - usb: renesas_usbhs: gadget: Do not discard queues in
       usb_ep_set_{halt,wedge}()
     - usb: renesas_usbhs: gadget: Fix usb_ep_set_{halt,wedge}() behavior
     - USB: legousbtower: fix slab info leak at probe
     - USB: legousbtower: fix deadlock on disconnect
     - USB: legousbtower: fix potential NULL-deref on disconnect
     - USB: legousbtower: fix open after failed reset request
     - USB: legousbtower: fix use-after-free on release
     - staging: vt6655: Fix memory leak in vt6655_probe
     - iio: adc: ad799x: fix probe error handling
     - iio: light: opt3001: fix mutex unlock race
     - perf llvm: Don't access out-of-scope array
     - CIFS: Gracefully handle QueryInfo errors during open
     - CIFS: Force reval dentry if LOOKUP_REVAL flag is set
     - kernel/sysctl.c: do not override max_threads provided by userspace
     - arm64: capabilities: Handle sign of the feature bit
     - arm64: Rename cpuid_feature field extract routines
     - Staging: fbtft: fix memory leak in fbtft_framebuffer_alloc
     - cifs: Check uniqueid for SMB2+ and return -ESTALE if necessary
     - CIFS: Force revalidate inode when dentry is stale
     - media: stkwebcam: fix runtime PM after driver unbind
     - tracing: Get trace_array reference for available_tracers files
     - x86/asm: Fix MWAITX C-state hint value
     - Linux 4.4.197
     - [Config] updateconfigs for USB_RIO500
   * CVE-2019-17666
     - SAUCE: rtlwifi: Fix potential overflow on P2P code
   * Suspend stopped working from 4.4.0-157 onwards (LP: #1844021) // Xenial
     update: 4.4.197 upstream stable release (LP: #1848780)
     - xhci: Increase STS_SAVE timeout in xhci_suspend()
   * Ubuntu 16.04.6 - Shared CEX7C cards defined in z/VM guest not established by
     zcrypt device driver (LP: #1848173)
     - SAUCE: s390/zcrypt: CEX7 toleration support
   * Xenial update: 4.4.196 upstream stable release (LP: #1848598)
     - video: ssd1307fb: Start page range at page_offset
     - gpu: drm: radeon: Fix a possible null-pointer dereference in
       radeon_connector_set_property()
     - ipmi_si: Only schedule continuously in the thread in maintenance mode
     - clk: qoriq: Fix -Wunused-const-variable
     - clk: sirf: Don't reference clk_init_data after registration
     - powerpc/rtas: use device model APIs and serialization during LPM
     - powerpc/futex: Fix warning: 'oldval' may be used uni

 linux-kvm (4.4.0-1060.67) xenial; urgency=medium
 .
   * xenial/linux-kvm: 4.4.0-1060.67 -proposed tracker (LP: #1846060)
 .
   * Xenial update: 4.4.190 upstream stable release (LP: #1845038)
     - [config] Update CONFIG_ISCSI_IBFT_FIND option name
 .
   * ubuntu_quota_smoke_test failed with KVM kernel (LP: #1784535)
     - [Config] Enable quota module support
 .
   [ Ubuntu: 4.4.0-166.195 ]
 .
   * xenial/linux: 4.4.0-166.195 -proposed tracker (LP: #1846069)
   * Packaging resync (LP: #1786013)
     - [Packaging] update helper scripts
   * CVE-2017-18232
     - scsi: libsas: direct call probe and destruct
   * CVE-2018-21008
     - rsi: add fix for crash during assertions
   * Xenial update: 4.4.194 upstream stable release (LP: #1845405)
     - bridge/mdb: remove wrong use of NLM_F_MULTI
     - cdc_ether: fix rndis support for Mediatek based smartphones
     - ipv6: Fix the link time qualifier of 'ping_v6_proc_exit_net()'
     - isdn/capi: check message length in capi_write()
     - net: Fix null de-reference of device refcount
     - sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
     - sctp: Fix the link time qualifier of 'sctp_ctrlsock_exit()'
     - sctp: use transport pf_retrans in sctp_do_8_2_transport_strike
     - tcp: fix tcp_ecn_withdraw_cwr() to clear TCP_ECN_QUEUE_CWR
     - tipc: add NULL pointer check before calling kfree_rcu
     - tun: fix use-after-free when register netdev failed
     - Revert "MIPS: SiByte: Enable swiotlb for SWARM, LittleSur and BigSur"
     - Btrfs: fix assertion failure during fsync and use of stale transaction
     - genirq: Prevent NULL pointer dereference in resend_irqs()
     - KVM: s390: Do not leak kernel stack data in the KVM_S390_INTERRUPT ioctl
     - KVM: x86: work around leak of uninitialized stack contents
     - KVM: nVMX: handle page fault in vmread
     - MIPS: VDSO: Prevent use of smp_processor_id()
     - MIPS: VDSO: Use same -m%-float cflag as the kernel proper
     - clk: rockchip: Don't yell about bad mmc phases when getting
     - driver core: Fix use-after-free and double free on glue directory
     - crypto: talitos - check AES key size
     - crypto: talitos - check data blocksize in ablkcipher.
     - x86/build: Add -Wnoaddress-of-packed-member to REALMODE_CFLAGS, to silence
       GCC9 build warning
     - MIPS: netlogic: xlr: Remove erroneous check in nlm_fmn_send()
     - ARC: configs: Remove CONFIG_INITRAMFS_SOURCE from defconfigs
     - USB: usbcore: Fix slab-out-of-bounds bug during device reset
     - media: tm6000: double free if usb disconnect while streaming
     - x86/boot: Add missing bootparam that breaks boot on some platforms
     - xen-netfront: do not assume sk_buff_head list is empty in error handling
     - serial: sprd: correct the wrong sequence of arguments
     - tty/serial: atmel: reschedule TX after RX was started
     - mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings
     - s390/bpf: fix lcgr instruction encoding
     - ARM: OMAP2+: Fix omap4 errata warning on other SoCs
     - s390/bpf: use 32-bit index for tail calls
     - NFSv4: Fix return values for nfs4_file_open()
     - NFS: Fix initialisation of I/O result struct in nfs_pgio_rpcsetup
     - Kconfig: Fix the reference to the IDT77105 Phy driver in the description of
       ATM_NICSTAR_USE_IDT77105
     - ARM: 8874/1: mm: only adjust sections of valid mm structures
     - r8152: Set memory to all 0xFFs on failed reg reads
     - x86/apic: Fix arch_dynirq_lower_bound() bug for DT enabled machines
     - netfilter: nf_conntrack_ftp: Fix debug output
     - NFSv2: Fix eof handling
     - NFSv2: Fix write regression
     - cifs: set domainName when a domain-key is used in multiuser
     - cifs: Use kzfree() to zero out the password
     - sky2: Disable MSI on yet another ASUS boards (P6Xxxx)
     - tools/power turbostat: fix buffer overrun
     - net: seeq: Fix the function used to release some memory in an error handling
       path
     - dmaengine: ti: omap-dma: Add cleanup in omap_dma_probe()
     - keys: Fix missing null pointer check in request_key_auth_describe()
     - floppy: fix usercopy direction
     - media: technisat-usb2: break out of loop at end of buffer
     - ARC: export "abort" for modules
     - net_sched: let qdisc_put() accept NULL pointer
     - Linux 4.4.194
   * CVE-2019-14821
     - KVM: coalesced_mmio: add bounds checking
   * Xenial update: 4.4.193 upstream stable release (LP: #1845395)
     - ALSA: hda - Fix potential endless loop at applying quirks
     - ALSA: hda/realtek - Fix overridden device-specific initialization
     - xfrm: clean up xfrm protocol checks
     - vhost/test: fix build for vhost test
     - scripts/decode_stacktrace: match basepath using shell prefix operator, not
       regex
     - clk: s2mps11: Add used attribute to s2mps11_dt_match
     - x86, boot: Remove multiple copy of static function sanitize_boot_params()
     - af_packet: tone down the Tx-ring unsupported spew.
     - Linux 4.4.193
   * Xenial update: 4.4.192 upstream stable release (LP: #1845374)
     - net: tundra: tsi108: use spin_lock_irqsave instead of spin_lock_irq in IRQ
       context
     - net: tc35815: Explicitly check NET_IP_ALIGN is not zero in tc35815_rx
     - Bluetooth: btqca: Add a short delay before downloading the NVM
     - ibmveth: Convert multicast list size for little-endian system
     - gpio: Fix build error of function redefinition
     - cxgb4: fix a memory leak bug
     - net: myri10ge: fix memory leaks
     - cx82310_eth: fix a memory leak bug
     - net: kalmia: fix memory leaks
     - wimax/i2400m: fix a memory leak bug
     - ravb: Fix use-after-free ravb_tstamp_skb
     - Tools: hv: kvp: eliminate 'may be used uninitialized' warning
     - IB/mlx4: Fix memory leaks
     - ceph: fix buffer free while holding i_ceph_lock in __ceph_setxattr()
     - KVM: arm/arm64: Only skip MMIO insn once
     - libceph: allow ceph_buffer_put() to receive a NULL ceph_buffer
   

 linux-kvm (4.4.0-1059.66) xenial; urgency=medium
 .
   * xenial/linux-kvm: 4.4.0-1059.66 -proposed tracker (LP: #1844407)
 .
   [ Ubuntu: 4.4.0-165.193 ]
 .
   * xenial/linux: 4.4.0-165.193 -proposed tracker (LP: #1844416)
   * Xenial update: 4.4.187 upstream stable release (LP: #1840081)
     - MIPS: ath79: fix ar933x uart parity mode
     - MIPS: fix build on non-linux hosts
     - dmaengine: imx-sdma: fix use-after-free on probe error path
     - ath10k: Do not send probe response template for mesh
     - ath9k: Check for errors when reading SREV register
     - ath6kl: add some bounds checking
     - ath: DFS JP domain W56 fixed pulse type 3 RADAR detection
     - batman-adv: fix for leaked TVLV handler.
     - media: dvb: usb: fix use after free in dvb_usb_device_exit
     - crypto: talitos - fix skcipher failure due to wrong output IV
     - media: marvell-ccic: fix DMA s/g desc number calculation
     - media: vpss: fix a potential NULL pointer dereference
     - net: stmmac: dwmac1000: Clear unused address entries
     - signal/pid_namespace: Fix reboot_pid_ns to use send_sig not force_sig
     - af_key: fix leaks in key_pol_get_resp and dump_sp.
     - xfrm: Fix xfrm sel prefix length validation
     - media: staging: media: davinci_vpfe: - Fix for memory leak if decoder
       initialization fails.
     - net: phy: Check against net_device being NULL
     - tua6100: Avoid build warnings.
     - locking/lockdep: Fix merging of hlocks with non-zero references
     - media: wl128x: Fix some error handling in fm_v4l2_init_video_device()
     - cpupower : frequency-set -r option misses the last cpu in related cpu list
     - net: fec: Do not use netdev messages too early
     - net: axienet: Fix race condition causing TX hang
     - s390/qdio: handle PENDING state for QEBSM devices
     - perf test 6: Fix missing kvm module load for s390
     - gpio: omap: fix lack of irqstatus_raw0 for OMAP4
     - gpio: omap: ensure irq is enabled before wakeup
     - regmap: fix bulk writes on paged registers
     - bpf: silence warning messages in core
     - rcu: Force inlining of rcu_read_lock()
     - xfrm: fix sa selector validation
     - perf evsel: Make perf_evsel__name() accept a NULL argument
     - vhost_net: disable zerocopy by default
     - EDAC/sysfs: Fix memory leak when creating a csrow object
     - media: i2c: fix warning same module names
     - ntp: Limit TAI-UTC offset
     - timer_list: Guard procfs specific code
     - acpi/arm64: ignore 5.1 FADTs that are reported as 5.0
     - media: coda: fix mpeg2 sequence number handling
     - media: coda: increment sequence offset for the last returned frame
     - mt7601u: do not schedule rx_tasklet when the device has been disconnected
     - x86/build: Add 'set -e' to mkcapflags.sh to delete broken capflags.c
     - mt7601u: fix possible memory leak when the device is disconnected
     - ath10k: fix PCIE device wake up failed
     - rslib: Fix decoding of shortened codes
     - rslib: Fix handling of of caller provided syndrome
     - ixgbe: Check DDM existence in transceiver before access
     - EDAC: Fix global-out-of-bounds write when setting edac_mc_poll_msec
     - bcache: check c->gc_thread by IS_ERR_OR_NULL in cache_set_flush()
     - Bluetooth: hci_bcsp: Fix memory leak in rx_skb
     - Bluetooth: 6lowpan: search for destination address in all peers
     - Bluetooth: Check state in l2cap_disconnect_rsp
     - Bluetooth: validate BLE connection interval updates
     - crypto: ghash - fix unaligned memory access in ghash_setkey()
     - crypto: arm64/sha1-ce - correct digest for empty data in finup
     - crypto: arm64/sha2-ce - correct digest for empty data in finup
     - Input: gtco - bounds check collection indent level
     - regulator: s2mps11: Fix buck7 and buck8 wrong voltages
     - tracing/snapshot: Resize spare buffer if size changed
     - NFSv4: Handle the special Linux file open access mode
     - lib/scatterlist: Fix mapping iterator when sg->offset is greater than
       PAGE_SIZE
     - ALSA: seq: Break too long mutex context in the write loop
     - media: v4l2: Test type instead of cfg->type in v4l2_ctrl_new_custom()
     - media: coda: Remove unbalanced and unneeded mutex unlock
     - KVM: x86/vPMU: refine kvm_pmu err msg when event creation failed
     - drm/nouveau/i2c: Enable i2c pads & busses during preinit
     - padata: use smp_mb in padata_reorder to avoid orphaned padata jobs
     - 9p/virtio: Add cleanup path in p9_virtio_init
     - PCI: Do not poll for PME if the device is in D3cold
     - take floppy compat ioctls to sodding floppy.c
     - floppy: fix out-of-bounds read in next_valid_format
     - floppy: fix invalid pointer dereference in drive_name
     - coda: pass the host file in vma->vm_file on mmap
     - gpu: ipu-v3: ipu-ic: Fix saturation bit offset in TPMEM
     - parisc: Fix kernel panic due invalid values in IAOQ0 or IAOQ1
     - powerpc/32s: fix suspend/resume when IBATs 4-7 are used
     - powerpc/watchpoint: Restore NV GPRs while returning from exception
     - eCryptfs: fix a couple type promotion bugs
     - intel_th: msu: Fix single mode with disabled IOMMU
     - Bluetooth: Add SMP workaround Microsoft Surface Precision Mouse bug
     - usb: Handle USB3 remote wakeup for LPM enabled devices correctly
     - dm bufio: fix deadlock with loop device
     - bnx2x: Prevent load reordering in tx completion processing
     - caif-hsi: fix possible deadlock in cfhsi_exit_module()
     - ipv4: don't set IPv6 only flags to IPv4 addresses
     - net: bcmgenet: use promisc for unsupported filters
     - net: neigh: fix multiple neigh timer scheduling
     - nfc: fix potential illegal memory access
     - sky2: Disable MSI on ASUS P6T
     - netrom: fix a memory leak in nr_rx_frame()
     - netrom: hold sock when setting skb->destructor
     - tcp: Reset bytes_acked and bytes_received when disconnecting
     - bonding: validate ip header before check IPPROTO_IGMP