Package "linux-hwe"

  linux-hwe (4.15.0-112.113~16.04.1) xenial; urgency=medium

  * xenial/linux-hwe: 4.15.0-112.113~16.04.1 -proposed tracker (LP: #1887047)

  [ Ubuntu: 4.15.0-112.113 ]

  * bionic/linux: 4.15.0-112.113 -proposed tracker (LP: #1887048)
  * Packaging resync (LP: #1786013)
    - update dkms package versions
  * CVE-2020-11935
    - SAUCE: aufs: do not call i_readcount_inc()
    - SAUCE: aufs: bugfix, IMA i_readcount
  * CVE-2020-10757
    - mm: Fix mremap not considering huge pmd devmap
  * Update lockdown patches (LP: #1884159)
    - efi/efi_test: Lock down /dev/efi_test and require CAP_SYS_ADMIN
    - efi: Restrict efivar_ssdt_load when the kernel is locked down
    - powerpc/xmon: add read-only mode
    - powerpc/xmon: Restrict when kernel is locked down
    - [Config] CONFIG_XMON_DEFAULT_RO_MODE=y
    - SAUCE: acpi: disallow loading configfs acpi tables when locked down
  * seccomp_bpf fails on powerpc (LP: #1885757)
    - SAUCE: selftests/seccomp: fix ptrace tests on powerpc
  * Introduce the new NVIDIA 418-server and 440-server series, and update the
    current NVIDIA drivers (LP: #1881137)
    - [packaging] add signed modules for the 418-server and the 440-server
      flavours

  [ Ubuntu: 4.15.0-111.112 ]

  * bionic/linux: 4.15.0-111.112 -proposed tracker (LP: #1886999)
  * Bionic update: upstream stable patchset 2020-05-07 (LP: #1877461)
    - SAUCE: mlxsw: Add missmerged ERR_PTR hunk
  * linux 4.15.0-109-generic network DoS regression vs -108 (LP: #1886668)
    - SAUCE: Revert "netprio_cgroup: Fix unlimited memory leak of v2 cgroups"

  linux-hwe (4.15.0-107.108~16.04.1) xenial; urgency=medium

  * xenial/linux-hwe: 4.15.0-107.108~16.04.1 -proposed tracker (LP: #1882753)

  [ Ubuntu: 4.15.0-107.108 ]

  * CVE-2020-0543
    - UBUNTU/SAUCE: x86/speculation/srbds: do not try to turn mitigation off when
      not supported
  * Build Nvidia drivers in conjunction with kernel (LP: #1764792)
    - [Packaging] disable nvidia dkms builds for mainline
  * Bionic update: upstream stable patchset 2020-06-02 (LP: #1881801)
    - i2c: dev: Fix the race between the release of i2c_dev and cdev
    - ima: Set file->f_mode instead of file->f_flags in ima_calc_file_hash()
    - evm: Check also if *tfm is an error pointer in init_desc()
    - ima: Fix return value of ima_write_policy()
    - fix multiplication overflow in copy_fdtable()
    - iommu/amd: Fix over-read of ACPI UID from IVRS table
    - i2c: mux: demux-pinctrl: Fix an error handling path in
      'i2c_demux_pinctrl_probe()'
    - ubi: Fix seq_file usage in detailed_erase_block_info debugfs file
    - gcc-common.h: Update for GCC 10
    - HID: multitouch: add eGalaxTouch P80H84 support
    - scsi: qla2xxx: Fix hang when issuing nvme disconnect-all in NPIV
    - configfs: fix config_item refcnt leak in configfs_rmdir()
    - vhost/vsock: fix packet delivery order to monitoring devices
    - component: Silence bind error on -EPROBE_DEFER
    - scsi: ibmvscsi: Fix WARN_ON during event pool release
    - x86/apic: Move TSC deadline timer debug printk
    - gtp: set NLM_F_MULTI flag in gtp_genl_dump_pdp()
    - ceph: fix double unlock in handle_cap_export()
    - USB: core: Fix misleading driver bug report
    - platform/x86: asus-nb-wmi: Do not load on Asus T100TA and T200TA
    - ARM: futex: Address build warning
    - padata: Replace delayed timer with immediate workqueue in padata_reorder
    - padata: initialize pd->cpu with effective cpumask
    - padata: purge get_cpu and reorder_via_wq from padata_do_serial
    - arm64: fix the flush_icache_range arguments in machine_kexec
    - ALSA: iec1712: Initialize STDSP24 properly when using the model=staudio
      option
    - ALSA: pcm: fix incorrect hw_base increase
    - apparmor: Fix aa_label refcnt leak in policy_update
    - dmaengine: tegra210-adma: Fix an error handling path in 'tegra_adma_probe()'
    - powerpc: restore alphabetic order in Kconfig
    - powerpc: Remove STRICT_KERNEL_RWX incompatibility with RELOCATABLE
    - powerpc/64s: Disable STRICT_KERNEL_RWX
    - x86/uaccess, ubsan: Fix UBSAN vs. SMAP
    - ubsan: build ubsan.c more conservatively
    - libnvdimm/btt: Remove unnecessary code in btt_freelist_init
    - libnvdimm/btt: Fix LBA masking during 'free list' population
    - media: fdp1: Fix R-Car M3-N naming in debug message
    - cxgb4: free mac_hlist properly
    - cxgb4/cxgb4vf: Fix mac_hlist initialization and free
    - Revert "gfs2: Don't demote a glock until its revokes are written"
    - staging: iio: ad2s1210: Fix SPI reading
    - staging: greybus: Fix uninitialized scalar variable
    - iio: sca3000: Remove an erroneous 'get_device()'
    - iio: dac: vf610: Fix an error handling path in 'vf610_dac_probe()'
    - mei: release me_cl object reference
    - rapidio: fix an error in get_user_pages_fast() error handling
    - rxrpc: Fix a memory leak in rxkad_verify_response()
    - x86/unwind/orc: Fix unwind_get_return_address_ptr() for inactive tasks
    - iio: adc: stm32-adc: Use dma_request_chan() instead
      dma_request_slave_channel()
    - iio: adc: stm32-adc: fix device used to request dma
    - riscv: set max_pfn to the PFN of the last page
    - ubifs: remove broken lazytime support
    - HID: alps: Add AUI1657 device ID
    - HID: alps: ALPS_1657 is too specific; use U1_UNICORN_LEGACY instead
    - aquantia: Fix the media type of AQC100 ethernet controller in the driver
    - HID: i2c-hid: reset Synaptics SYNA2393 on resume
    - HID: quirks: Add HID_QUIRK_NO_INIT_REPORTS quirk for Dell K12A keyboard-dock
    - stmmac: fix pointer check after utilization in stmmac_interrupt
    - ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Xtreme
    - ALSA: hda/realtek - Add more fixup entries for Clevo machines
    - drm/etnaviv: fix perfmon domain interation
    - nfit: Add Hyper-V NVDIMM DSM command set to white list
    - thunderbolt: Drop duplicated get_switch_at_route()
    - net: bcmgenet: code movement
    - net: bcmgenet: abort suspend on error
    - misc: rtsx: Add short delay after exit from ASPM
  * Bionic update: upstream stable patchset 2020-05-21 (LP: #1880014)
    - USB: serial: qcserial: Add DW5816e support
    - dp83640: reverse arguments to list_add_tail
    - fq_codel: fix TCA_FQ_CODEL_DROP_BATCH_SIZE sanity checks
    - net: macsec: preserve ingress frame ordering
    - net/mlx4_core: Fix use of ENOSPC around mlx4_counter_alloc()
    - net: usb: qmi_wwan: add support for DW5816e
    - sch_choke: avoid potential panic in choke_reset()
    - sch_sfq: validate silly quantum values
    - bnxt_en: Fix VLAN acceleration handling in bnxt_fix_features().
    - net/mlx5: Fix forced completion access non initialized command entry
    - net/mlx5: Fix command entry leak in Internal Error State
    - bnxt_en: Improve AER slot reset.
    - bnxt_en: Fix VF anti-spoof filter setup.
    - net: stricter validation of untrusted gso packets
    - ipv6: fix cleanup ordering for ip6_mr failure
    - HID: wacom: Read HID_DG_CONTACTMAX directly for non-generic devices
    - HID: usbhid: Fix race between usbhid_close() and usbhid_stop()
    - USB: uas: add quirk for LaCie 2Big Quadra
    - USB: serial: garmin_gps: add sanity checking for data length
    - tracing: Add a vmalloc_sync_mappings() for safe measure
    - KVM: arm: vgic: Fix limit condition when writing to GICD_I[CS]ACTIVER
    - mm/page_alloc: fix watchdog soft lockups during set_zone_contiguous()
    - coredump: fix crash when umh is disabled
    - batman-adv: fix batadv_nc_random_weight_tq
    - batman-adv: Fix refcnt

  linux-hwe (4.15.0-106.107~16.04.1) xenial; urgency=medium

  [ Ubuntu: 4.15.0-106.107 ]

  * CVE-2020-0543
    - SAUCE: x86/cpu: Add a steppings field to struct x86_cpu_id
    - SAUCE: x86/cpu: Add 'table' argument to cpu_matches()
    - SAUCE: x86/speculation: Add Special Register Buffer Data Sampling (SRBDS)
      mitigation
    - SAUCE: x86/speculation: Add SRBDS vulnerability and mitigation documentation
    - SAUCE: x86/speculation: Add Ivy Bridge to affected list

  linux-hwe (4.15.0-101.102~16.04.1) xenial; urgency=medium

  * xenial/linux-hwe: 4.15.0-101.102~16.04.1 -proposed tracker (LP: #1877981)

  [ Ubuntu: 4.15.0-101.102 ]

  * bionic/linux: 4.15.0-101.102 -proposed tracker (LP: #1877262)
  * 4.15.0-100.101 breaks userspace builds due to a bug in the headers
    /usr/include/linux/swab.h of linux-libc-dev (LP: #1877123)
    - include/uapi/linux/swab.h: fix userspace breakage, use __BITS_PER_LONG for
      swap
  * bionic snapdragon 4.15 snap failed Certification testing (LP: #1877657)
    - Revert "drm/msm: Use the correct dma_sync calls in msm_gem"
    - Revert "drm/msm: stop abusing dma_map/unmap for cache"

  linux-hwe (4.15.0-99.100~16.04.1) xenial; urgency=medium

  [ Ubuntu: 4.15.0-99.100 ]

  * CVE-2020-11884
    - SAUCE: s390/mm: fix page table upgrade vs 2ndary address mode accesses

 -- Marcelo Henrique Cerri <email address hidden> Wed, 22 Apr 2020 18:37:38 -0300