Package "linux-oem"

 linux-oem (4.15.0-1097.107) bionic; urgency=medium
 .
   * bionic/linux-oem: 4.15.0-1097.107 -proposed tracker (LP: #1894675)
 .
   [ Ubuntu: 4.15.0-118.119 ]
 .
   * bionic/linux: 4.15.0-118.119 -proposed tracker (LP: #1894697)
   * Packaging resync (LP: #1786013)
     - update dkms package versions
   * Introduce the new NVIDIA 450-server and the 450 UDA series (LP: #1887674)
     - [packaging] add signed modules for nvidia 450 and 450-server
   * cgroup refcount is bogus when cgroup_sk_alloc is disabled (LP: #1886860)
     - cgroup: add missing skcd->no_refcnt check in cgroup_sk_clone()
   * CVE-2020-12888
     - vfio/type1: Support faulting PFNMAP vmas
     - vfio-pci: Fault mmaps to enable vma tracking
     - vfio-pci: Invalidate mmaps and block MMIO access on disabled memory
   * [Hyper-V] VSS and File Copy daemons intermittently fails to start
     (LP: #1891224)
     - [Packaging] Bind hv_vss_daemon startup to hv_vss device
     - [Packaging] bind hv_fcopy_daemon startup to hv_fcopy device
   * KVM: Fix zero_page reference counter overflow when using KSM on KVM compute
     host (LP: #1837810)
     - KVM: fix overflow of zero page refcount with ksm running
   * Fix false-negative return value for rtnetlink.sh in kselftests/net
     (LP: #1890136)
     - selftests: rtnetlink: correct the final return value for the test
     - selftests: rtnetlink: make kci_test_encap() return sub-test result
   * Bionic update: upstream stable patchset 2020-08-18 (LP: #1892091)
     - USB: serial: qcserial: add EM7305 QDL product ID
     - USB: iowarrior: fix up report size handling for some devices
     - usb: xhci: define IDs for various ASMedia host controllers
     - usb: xhci: Fix ASMedia ASM1142 DMA addressing
     - Revert "ALSA: hda: call runtime_allow() for all hda controllers"
     - ALSA: seq: oss: Serialize ioctls
     - staging: android: ashmem: Fix lockdep warning for write operation
     - Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()
     - Bluetooth: Prevent out-of-bounds read in hci_inquiry_result_evt()
     - Bluetooth: Prevent out-of-bounds read in hci_inquiry_result_with_rssi_evt()
     - omapfb: dss: Fix max fclk divider for omap36xx
     - binder: Prevent context manager from incrementing ref 0
     - vgacon: Fix for missing check in scrollback handling
     - mtd: properly check all write ioctls for permissions
     - leds: wm831x-status: fix use-after-free on unbind
     - leds: da903x: fix use-after-free on unbind
     - leds: lm3533: fix use-after-free on unbind
     - leds: 88pm860x: fix use-after-free on unbind
     - net/9p: validate fds in p9_fd_open
     - drm/nouveau/fbcon: fix module unload when fbcon init has failed for some
       reason
     - drm/nouveau/fbcon: zero-initialise the mode_cmd2 structure
     - i2c: slave: improve sanity check when registering
     - i2c: slave: add sanity check when unregistering
     - usb: hso: check for return value in hso_serial_common_create()
     - firmware: Fix a reference count leak.
     - cfg80211: check vendor command doit pointer before use
     - igb: reinit_locked() should be called with rtnl_lock
     - atm: fix atm_dev refcnt leaks in atmtcp_remove_persistent
     - tools lib traceevent: Fix memory leak in process_dynamic_array_len
     - Drivers: hv: vmbus: Ignore CHANNELMSG_TL_CONNECT_RESULT(23)
     - xattr: break delegations in {set,remove}xattr
     - ipv4: Silence suspicious RCU usage warning
     - ipv6: fix memory leaks on IPV6_ADDRFORM path
     - net: ethernet: mtk_eth_soc: fix MTU warnings
     - vxlan: Ensure FDB dump is performed under RCU
     - net: lan78xx: replace bogus endpoint lookup
     - hv_netvsc: do not use VF device if link is down
     - net: gre: recompute gre csum for sctp over gre tunnels
     - openvswitch: Prevent kernel-infoleak in ovs_ct_put_key()
     - Revert "vxlan: fix tos value before xmit"
     - selftests/net: relax cpu affinity requirement in msg_zerocopy test
     - rxrpc: Fix race between recvmsg and sendmsg on immediate call failure
     - i40e: add num_vectors checker in iwarp handler
     - i40e: Wrong truncation from u16 to u8
     - i40e: Memory leak in i40e_config_iwarp_qvlist
     - Smack: fix use-after-free in smk_write_relabel_self()
   * Bionic update: upstream stable patchset 2020-08-11 (LP: #1891228)
     - AX.25: Fix out-of-bounds read in ax25_connect()
     - AX.25: Prevent out-of-bounds read in ax25_sendmsg()
     - dev: Defer free of skbs in flush_backlog
     - drivers/net/wan/x25_asy: Fix to make it work
     - net-sysfs: add a newline when printing 'tx_timeout' by sysfs
     - net: udp: Fix wrong clean up for IS_UDPLITE macro
     - rxrpc: Fix sendmsg() returning EPIPE due to recvmsg() returning ENODATA
     - AX.25: Prevent integer overflows in connect and sendmsg
     - ip6_gre: fix null-ptr-deref in ip6gre_init_net()
     - rtnetlink: Fix memory(net_device) leak when ->newlink fails
     - tcp: allow at most one TLP probe per flight
     - regmap: debugfs: check count when read regmap file
     - qrtr: orphan socket in qrtr_release()
     - sctp: shrink stream outq only when new outcnt < old outcnt
     - sctp: shrink stream outq when fails to do addstream reconf
     - crypto: ccp - Release all allocated memory if sha type is invalid
     - media: rc: prevent memory leak in cx23888_ir_probe
     - iio: imu: adis16400: fix memory leak
     - ath9k_htc: release allocated buffer if timed out
     - ath9k: release allocated buffer if timed out
     - PCI/ASPM: Disable ASPM on ASMedia ASM1083/1085 PCIe-to-PCI bridge
     - wireless: Use offsetof instead of custom macro.
     - ARM: 8986/1: hw_breakpoint: Don't invoke overflow handler on uaccess
       watchpoints
     - drm/amdgpu: Prevent kernel-infoleak in amdgpu_info_ioctl()
     - drm: hold gem reference until object is no longer accessed
     - f2fs: check memory boundary by insane namelen
     - f2fs: check if file namelen exceeds max value
     - 9p/trans_

 linux-oem (4.15.0-1096.106) bionic; urgency=medium
 .
   * bionic/linux-oem: 4.15.0-1096.106 -proposed tracker (LP: #1894255)
 .
   [ Ubuntu: 4.15.0-117.118 ]
 .
   * bionic/linux: 4.15.0-117.118 -proposed tracker (LP: #1894277)
   * Packaging resync (LP: #1786013)
     - [Packaging] update helper scripts
   * CVE-2020-14386
     - SAUCE: net/packet: fix overflow in tpacket_rcv
 .
   [ Ubuntu: 4.15.0-115.116 ]
 .
   * bionic/linux: 4.15.0-115.116 -proposed tracker (LP: #1893055)
   * [Potential Regression] dscr_inherit_exec_test from powerpc in
     ubuntu_kernel_selftests failed on B/E/F (LP: #1888332)
     - powerpc/64s: Don't init FSCR_DSCR in __init_FSCR()

 linux-oem (4.15.0-1095.105) bionic; urgency=medium
 .
   * bionic/linux-oem: 4.15.0-1095.105 -proposed tracker (LP: #1893380)
 .
   [ Ubuntu: 4.15.0-116.117 ]
 .
   * bionic/linux: 4.15.0-116.117 -proposed tracker (LP: #1893402)
   * Packaging resync (LP: #1786013)
     - update dkms package versions
     - [Packaging] update helper scripts
     - update dkms package versions
   * Introduce the new NVIDIA 450-server and the 450 UDA series (LP: #1887674)
     - [packaging] add signed modules for nvidia 450 and 450-server
   * cgroup refcount is bogus when cgroup_sk_alloc is disabled (LP: #1886860)
     - cgroup: add missing skcd->no_refcnt check in cgroup_sk_clone()
   * CVE-2020-12888
     - vfio/type1: Support faulting PFNMAP vmas
     - vfio-pci: Fault mmaps to enable vma tracking
     - vfio-pci: Invalidate mmaps and block MMIO access on disabled memory
   * [Hyper-V] VSS and File Copy daemons intermittently fails to start
     (LP: #1891224)
     - [Packaging] Bind hv_vss_daemon startup to hv_vss device
     - [Packaging] bind hv_fcopy_daemon startup to hv_fcopy device
   * KVM: Fix zero_page reference counter overflow when using KSM on KVM compute
     host (LP: #1837810)
     - KVM: fix overflow of zero page refcount with ksm running
   * Fix false-negative return value for rtnetlink.sh in kselftests/net
     (LP: #1890136)
     - selftests: rtnetlink: correct the final return value for the test
     - selftests: rtnetlink: make kci_test_encap() return sub-test result
   * Bionic update: upstream stable patchset 2020-08-18 (LP: #1892091)
     - USB: serial: qcserial: add EM7305 QDL product ID
     - USB: iowarrior: fix up report size handling for some devices
     - usb: xhci: define IDs for various ASMedia host controllers
     - usb: xhci: Fix ASMedia ASM1142 DMA addressing
     - Revert "ALSA: hda: call runtime_allow() for all hda controllers"
     - ALSA: seq: oss: Serialize ioctls
     - staging: android: ashmem: Fix lockdep warning for write operation
     - Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()
     - Bluetooth: Prevent out-of-bounds read in hci_inquiry_result_evt()
     - Bluetooth: Prevent out-of-bounds read in hci_inquiry_result_with_rssi_evt()
     - omapfb: dss: Fix max fclk divider for omap36xx
     - binder: Prevent context manager from incrementing ref 0
     - vgacon: Fix for missing check in scrollback handling
     - mtd: properly check all write ioctls for permissions
     - leds: wm831x-status: fix use-after-free on unbind
     - leds: da903x: fix use-after-free on unbind
     - leds: lm3533: fix use-after-free on unbind
     - leds: 88pm860x: fix use-after-free on unbind
     - net/9p: validate fds in p9_fd_open
     - drm/nouveau/fbcon: fix module unload when fbcon init has failed for some
       reason
     - drm/nouveau/fbcon: zero-initialise the mode_cmd2 structure
     - i2c: slave: improve sanity check when registering
     - i2c: slave: add sanity check when unregistering
     - usb: hso: check for return value in hso_serial_common_create()
     - firmware: Fix a reference count leak.
     - cfg80211: check vendor command doit pointer before use
     - igb: reinit_locked() should be called with rtnl_lock
     - atm: fix atm_dev refcnt leaks in atmtcp_remove_persistent
     - tools lib traceevent: Fix memory leak in process_dynamic_array_len
     - Drivers: hv: vmbus: Ignore CHANNELMSG_TL_CONNECT_RESULT(23)
     - xattr: break delegations in {set,remove}xattr
     - ipv4: Silence suspicious RCU usage warning
     - ipv6: fix memory leaks on IPV6_ADDRFORM path
     - net: ethernet: mtk_eth_soc: fix MTU warnings
     - vxlan: Ensure FDB dump is performed under RCU
     - net: lan78xx: replace bogus endpoint lookup
     - hv_netvsc: do not use VF device if link is down
     - net: gre: recompute gre csum for sctp over gre tunnels
     - openvswitch: Prevent kernel-infoleak in ovs_ct_put_key()
     - Revert "vxlan: fix tos value before xmit"
     - selftests/net: relax cpu affinity requirement in msg_zerocopy test
     - rxrpc: Fix race between recvmsg and sendmsg on immediate call failure
     - i40e: add num_vectors checker in iwarp handler
     - i40e: Wrong truncation from u16 to u8
     - i40e: Memory leak in i40e_config_iwarp_qvlist
     - Smack: fix use-after-free in smk_write_relabel_self()
   * Bionic update: upstream stable patchset 2020-08-11 (LP: #1891228)
     - AX.25: Fix out-of-bounds read in ax25_connect()
     - AX.25: Prevent out-of-bounds read in ax25_sendmsg()
     - dev: Defer free of skbs in flush_backlog
     - drivers/net/wan/x25_asy: Fix to make it work
     - net-sysfs: add a newline when printing 'tx_timeout' by sysfs
     - net: udp: Fix wrong clean up for IS_UDPLITE macro
     - rxrpc: Fix sendmsg() returning EPIPE due to recvmsg() returning ENODATA
     - AX.25: Prevent integer overflows in connect and sendmsg
     - ip6_gre: fix null-ptr-deref in ip6gre_init_net()
     - rtnetlink: Fix memory(net_device) leak when ->newlink fails
     - tcp: allow at most one TLP probe per flight
     - regmap: debugfs: check count when read regmap file
     - qrtr: orphan socket in qrtr_release()
     - sctp: shrink stream outq only when new outcnt < old outcnt
     - sctp: shrink stream outq when fails to do addstream reconf
     - crypto: ccp - Release all allocated memory if sha type is invalid
     - media: rc: prevent memory leak in cx23888_ir_probe
     - iio: imu: adis16400: fix memory leak
     - ath9k_htc: release allocated buffer if timed out
     - ath9k: release allocated buffer if timed out
     - PCI/ASPM: Disable ASPM on ASMedia ASM1083/1085 PCIe-to-PCI bridge
     - wireless: Use offsetof instead of custom macro.
     - ARM: 8986/1: hw_breakpoint: Don't invoke overflow handler on uaccess
       watchpoints
     - drm/amdgpu: Prevent kernel-infoleak in amdgpu_info_ioctl()
     - drm: hold gem reference until object is no longer accessed
     - f2fs: check memory boundary by insane

 linux-oem (4.15.0-1094.104) bionic; urgency=medium
 .
   * bionic/linux-oem: 4.15.0-1094.104 -proposed tracker (LP: #1890683)
 .
   * bionic/linux-oem: 4.15.0-1051.60 -proposed tracker (LP: #1839980)
     - SAUCE: xhci-hub: replace port_array
 .
   * Bionic update: upstream stable patchset 2020-07-17 (LP: #1887990)
     - [Config] updateconfigs for EFI_CUSTOM_SSDT_OVERLAYS
 .
   * Packaging resync (LP: #1786013)
     - [Packaging] update helper scripts
     - [Packaging] update update.conf
 .
   [ Ubuntu: 4.15.0-114.115 ]
 .
   * bionic/linux: 4.15.0-114.115 -proposed tracker (LP: #1891052)
   * ipsec: policy priority management is broken (LP: #1890796)
     - xfrm: policy: match with both mark and mask on user interfaces
 .
   [ Ubuntu: 4.15.0-113.114 ]
 .
   * bionic/linux: 4.15.0-113.114 -proposed tracker (LP: #1890705)
   * Packaging resync (LP: #1786013)
     - update dkms package versions
   * Reapply "usb: handle warm-reset port requests on hub resume" (LP: #1859873)
     - usb: handle warm-reset port requests on hub resume
   * Bionic update: upstream stable patchset 2020-07-29 (LP: #1889474)
     - gpio: arizona: handle pm_runtime_get_sync failure case
     - gpio: arizona: put pm_runtime in case of failure
     - pinctrl: amd: fix npins for uart0 in kerncz_groups
     - mac80211: allow rx of mesh eapol frames with default rx key
     - scsi: scsi_transport_spi: Fix function pointer check
     - xtensa: fix __sync_fetch_and_{and,or}_4 declarations
     - xtensa: update *pos in cpuinfo_op.next
     - drivers/net/wan/lapbether: Fixed the value of hard_header_len
     - net: sky2: initialize return of gm_phy_read
     - drm/nouveau/i2c/g94-: increase NV_PMGR_DP_AUXCTL_TRANSACTREQ timeout
     - irqdomain/treewide: Keep firmware node unconditionally allocated
     - SUNRPC reverting d03727b248d0 ("NFSv4 fix CLOSE not waiting for direct IO
       compeletion")
     - spi: spi-fsl-dspi: Exit the ISR with IRQ_NONE when it's not ours
     - IB/umem: fix reference count leak in ib_umem_odp_get()
     - uprobes: Change handle_swbp() to send SIGTRAP with si_code=SI_KERNEL, to fix
       GDB regression
     - ALSA: info: Drop WARN_ON() from buffer NULL sanity check
     - ASoC: rt5670: Correct RT5670_LDO_SEL_MASK
     - btrfs: fix double free on ulist after backref resolution failure
     - btrfs: fix mount failure caused by race with umount
     - btrfs: fix page leaks after failure to lock page for delalloc
     - bnxt_en: Fix race when modifying pause settings.
     - hippi: Fix a size used in a 'pci_free_consistent()' in an error handling
       path
     - ax88172a: fix ax88172a_unbind() failures
     - net: dp83640: fix SIOCSHWTSTAMP to update the struct with actual
       configuration
     - drm: sun4i: hdmi: Fix inverted HPD result
     - net: smc91x: Fix possible memory leak in smc_drv_probe()
     - bonding: check error value of register_netdevice() immediately
     - mlxsw: destroy workqueue when trap_register in mlxsw_emad_init
     - ipvs: fix the connection sync failed in some cases
     - i2c: rcar: always clear ICSAR to avoid side effects
     - bonding: check return value of register_netdevice() in bond_newlink()
     - serial: exar: Fix GPIO configuration for Sealevel cards based on XR17V35X
     - scripts/decode_stacktrace: strip basepath from all paths
     - HID: i2c-hid: add Mediacom FlexBook edge13 to descriptor override
     - HID: apple: Disable Fn-key key-re-mapping on clone keyboards
     - dmaengine: tegra210-adma: Fix runtime PM imbalance on error
     - Input: add `SW_MACHINE_COVER`
     - spi: mediatek: use correct SPI_CFG2_REG MACRO
     - regmap: dev_get_regmap_match(): fix string comparison
     - hwmon: (aspeed-pwm-tacho) Avoid possible buffer overflow
     - dmaengine: ioat setting ioat timeout as module parameter
     - Input: synaptics - enable InterTouch for ThinkPad X1E 1st gen
     - usb: gadget: udc: gr_udc: fix memleak on error handling path in gr_ep_init()
     - arm64: Use test_tsk_thread_flag() for checking TIF_SINGLESTEP
     - x86: math-emu: Fix up 'cmp' insn for clang ias
     - binder: Don't use mmput() from shrinker function.
     - usb: xhci-mtk: fix the failure of bandwidth allocation
     - usb: xhci: Fix ASM2142/ASM3142 DMA addressing
     - Revert "cifs: Fix the target file was deleted when rename failed."
     - staging: wlan-ng: properly check endpoint types
     - staging: comedi: addi_apci_1032: check INSN_CONFIG_DIGITAL_TRIG shift
     - staging: comedi: ni_6527: fix INSN_CONFIG_DIGITAL_TRIG support
     - staging: comedi: addi_apci_1500: check INSN_CONFIG_DIGITAL_TRIG shift
     - staging: comedi: addi_apci_1564: check INSN_CONFIG_DIGITAL_TRIG shift
     - serial: 8250: fix null-ptr-deref in serial8250_start_tx()
     - serial: 8250_mtk: Fix high-speed baud rates clamping
     - fbdev: Detect integer underflow at "struct fbcon_ops"->clear_margins.
     - vt: Reject zero-sized screen buffer size.
     - Makefile: Fix GCC_TOOLCHAIN_DIR prefix for Clang cross compilation
     - mm/memcg: fix refcount error while moving and swapping
     - io-mapping: indicate mapping failure
     - parisc: Add atomic64_set_release() define to avoid CPU soft lockups
     - ath9k: Fix regression with Atheros 9271
     - fuse: fix weird page warning
     - qed: suppress "don't support RoCE & iWARP" flooding on HW init
     - scripts/gdb: fix lx-symbols 'gdb.error' while loading modules
     - HID: alps: support devices with report id 2
     - RISC-V: Upgrade smp_mb__after_spinlock() to iorw,iorw
     - x86, vmlinux.lds: Page-align end of ..page_aligned sections
     - ASoC: rt5670: Add new gpio1_is_ext_spk_en quirk and enable it on the Lenovo
       Miix 2 10
   * Bionic update: upstream stable patchset 2020-07-24 (LP: #1888907)
     - KVM: s390: reduce number of IO pins to 1
     - spi: spi-fsl-dspi: Adding shutdown hook
     - spi: spi-fsl-dspi: Fix lockup if device is removed during SPI transfer
     - spi: spi-fsl-dspi: use IRQF_SHARED mod

 linux-oem (4.15.0-1093.103) bionic; urgency=medium
 .
   * bionic/linux-oem: 4.15.0-1093.103 -proposed tracker (LP: #1887026)
 .
   * [SRU] plug headset won't proper reconfig ouput to it on machine with default
     output (LP: #1882248)
     - SAUCE: ALSA: hda - let hs_mic be picked ahead of hp_mic
 .
   * Freezing on boot since kernel 4.15.0-72-generic release (LP: #1856387)
     - x86/timer: Don't skip PIT setup when APIC is disabled or in legacy mode
 .
   [ Ubuntu: 4.15.0-112.113 ]
 .
   * bionic/linux: 4.15.0-112.113 -proposed tracker (LP: #1887048)
   * Packaging resync (LP: #1786013)
     - update dkms package versions
   * CVE-2020-11935
     - SAUCE: aufs: do not call i_readcount_inc()
     - SAUCE: aufs: bugfix, IMA i_readcount
   * CVE-2020-10757
     - mm: Fix mremap not considering huge pmd devmap
   * Update lockdown patches (LP: #1884159)
     - efi/efi_test: Lock down /dev/efi_test and require CAP_SYS_ADMIN
     - efi: Restrict efivar_ssdt_load when the kernel is locked down
     - powerpc/xmon: add read-only mode
     - powerpc/xmon: Restrict when kernel is locked down
     - [Config] CONFIG_XMON_DEFAULT_RO_MODE=y
     - SAUCE: acpi: disallow loading configfs acpi tables when locked down
   * seccomp_bpf fails on powerpc (LP: #1885757)
     - SAUCE: selftests/seccomp: fix ptrace tests on powerpc
   * Introduce the new NVIDIA 418-server and 440-server series, and update the
     current NVIDIA drivers (LP: #1881137)
     - [packaging] add signed modules for the 418-server and the 440-server
       flavours
 .
   [ Ubuntu: 4.15.0-111.112 ]
 .
   * bionic/linux: 4.15.0-111.112 -proposed tracker (LP: #1886999)
   * Bionic update: upstream stable patchset 2020-05-07 (LP: #1877461)
     - SAUCE: mlxsw: Add missmerged ERR_PTR hunk
   * linux 4.15.0-109-generic network DoS regression vs -108 (LP: #1886668)
     - SAUCE: Revert "netprio_cgroup: Fix unlimited memory leak of v2 cgroups"