Package "linux-aws-hwe"

 linux-aws-hwe (4.15.0-1108.115~16.04.1) xenial; urgency=medium
 .
   * xenial/linux-aws-hwe: 4.15.0-1108.115~16.04.1 -proposed tracker
     (LP: #1934349)
 .
   [ Ubuntu: 4.15.0-1108.115 ]
 .
   * bionic/linux-aws: 4.15.0-1108.115 -proposed tracker (LP: #1934350)
   * bionic/linux: 4.15.0-150.155 -proposed tracker (LP: #1934374)
   * lxd exec fails (LP: #1934187)
     - SAUCE: Revert "proc: Check /proc/$pid/attr/ writes against file opener"
 .
   [ Ubuntu: 4.15.0-1107.114 ]
 .
   * bionic/linux-aws: 4.15.0-1107.114 -proposed tracker (LP: #1932491)
   * Packaging resync (LP: #1786013)
     - [Packaging] resync getabis
     - [Packaging] update helper scripts
   * bionic/linux: 4.15.0-149.153 -proposed tracker (LP: #1933434)
   * selftests: bpf: test_verifier fixes (LP: #1933385)
     - bpf: Update selftests to reflect new error states
     - bpf, selftests: Adjust few selftest result_unpriv outcomes
   * CVE-2021-33200
     - bpf: Fix mask direction swap upon off reg sign change
   * bionic/linux: 4.15.0-148.152 -proposed tracker (LP: #1932515)
   * Packaging resync (LP: #1786013)
     - update dkms package versions
   * Upstream v5.9 introduced 'module' patches that removed exported symbols
     (LP: #1932065)
     - SAUCE: Revert "modules: inherit TAINT_PROPRIETARY_MODULE"
     - SAUCE: Revert "modules: return licensing information from find_symbol"
     - SAUCE: Revert "modules: rename the licence field in struct symsearch to
       license"
     - SAUCE: Revert "modules: unexport __module_address"
     - SAUCE: Revert "modules: unexport __module_text_address"
     - SAUCE: Revert "modules: mark each_symbol_section static"
     - SAUCE: Revert "modules: mark find_symbol static"
     - SAUCE: Revert "modules: mark ref_module static"
   * Disable hv-kvp-daemon.service on certain instance types (LP: #1932081)
     - [Packaging]: Add kernel command line condition to hv-kvp-daemon service
   * Bionic update: upstream stable patchset 2021-06-11 (LP: #1931740)
     - openrisc: Fix a memory leak
     - RDMA/rxe: Clear all QP fields if creation failed
     - scsi: qla2xxx: Fix error return code in qla82xx_write_flash_dword()
     - ptrace: make ptrace() fail if the tracee changed its pid unexpectedly
     - cifs: fix memory leak in smb2_copychunk_range
     - ALSA: line6: Fix racy initialization of LINE6 MIDI
     - ALSA: usb-audio: Validate MS endpoint descriptors
     - ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro
     - Revert "ALSA: sb8: add a check for request_region"
     - Revert "rapidio: fix a NULL pointer dereference when create_workqueue()
       fails"
     - rapidio: handle create_workqueue() failure
     - xen-pciback: reconfigure also from backend watch handler
     - dm snapshot: fix crash with transient storage and zero chunk size
     - Revert "video: hgafb: fix potential NULL pointer dereference"
     - Revert "net: stmicro: fix a missing check of clk_prepare"
     - Revert "leds: lp5523: fix a missing check of return value of lp55xx_read"
     - Revert "hwmon: (lm80) fix a missing check of bus read in lm80 probe"
     - Revert "video: imsttfb: fix potential NULL pointer dereferences"
     - Revert "ecryptfs: replace BUG_ON with error handling code"
     - Revert "gdrom: fix a memory leak bug"
     - cdrom: gdrom: deallocate struct gdrom_unit fields in remove_gdrom
     - cdrom: gdrom: initialize global variable at init time
     - Revert "media: rcar_drif: fix a memory disclosure"
     - Revert "rtlwifi: fix a potential NULL pointer dereference"
     - Revert "qlcnic: Avoid potential NULL pointer dereference"
     - Revert "niu: fix missing checks of niu_pci_eeprom_read"
     - ethernet: sun: niu: fix missing checks of niu_pci_eeprom_read()
     - net: stmicro: handle clk_prepare() failure during init
     - net: rtlwifi: properly check for alloc_workqueue() failure
     - leds: lp5523: check return value of lp5xx_read and jump to cleanup code
     - qlcnic: Add null check after calling netdev_alloc_skb
     - video: hgafb: fix potential NULL pointer dereference
     - vgacon: Record video mode changes with VT_RESIZEX
     - vt: Fix character height handling with VT_RESIZEX
     - tty: vt: always invoke vc->vc_sw->con_resize callback
     - video: hgafb: correctly handle card detect failure during probe
     - Bluetooth: SMP: Fail if remote and local public keys are identical
     - firmware: arm_scpi: Prevent the ternary sign expansion bug
     - platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios
     - locking/mutex: clear MUTEX_FLAGS if wait_list is empty due to signal
     - ALSA: hda/realtek: Add some CLOVE SSIDs of ALC293
     - Revert "serial: mvebu-uart: Fix to avoid a potential NULL pointer
       dereference"
     - mm, vmstat: drop zone->lock in /proc/pagetypeinfo
     - usb: dwc3: gadget: Enable suspend events
     - NFC: nci: fix memory leak in nci_allocate_device
     - NFSv4: Fix a NULL pointer dereference in pnfs_mark_matching_lsegs_return()
     - iommu/vt-d: Fix sysfs leak in alloc_iommu()
     - perf intel-pt: Fix sample instruction bytes
     - perf intel-pt: Fix transaction abort handling
     - proc: Check /proc/$pid/attr/ writes against file opener
     - net: hso: fix control-request directions
     - mac80211: assure all fragments are encrypted
     - mac80211: prevent mixed key and fragment cache attacks
     - mac80211: properly handle A-MSDUs that start with an RFC 1042 header
     - cfg80211: mitigate A-MSDU aggregation attacks
     - mac80211: drop A-MSDUs on old ciphers
     - mac80211: add fragment cache to sta_info
     - mac80211: check defrag PN against current frame
     - mac80211: prevent attacks on TKIP/WEP as well
     - mac80211: do not accept/forward invalid EAPOL frames
     - ath10k: Validate first subframe of A-MSDU before processing the list
     - dm snapshot: properly fix a crash when an origin has no snapshots
     - kgdb: fix gcc-11 warnings harder
     - misc/uss720: fix memory leak in uss720_pr

 linux-aws-hwe (4.15.0-1098.105~16.04.1) xenial; urgency=medium
 .
   * xenial/linux-aws-hwe: 4.15.0-1098.105~16.04.1 -proposed tracker
     (LP: #1919512)
 .
   * Bionic update: upstream stable patchset 2021-02-26 (LP: #1917093)
     - [Config] aws-hwe: Updateconfigs for USB_BDC_PCI
 .
   [ Ubuntu: 4.15.0-1098.105 ]
 .
   * bionic/linux-aws: 4.15.0-1098.105 -proposed tracker (LP: #1919513)
   * Enforce CONFIG_DRM_BOCHS=m (LP: #1916290)
     - [Config] aws: Add CONFIG_DRM_BOCHS=m (enforced)
   * Bionic update: upstream stable patchset 2021-02-26 (LP: #1917093)
     - [Config] aws: Updateconfigs for USB_BDC_PCI
   * Please trust Canonical Livepatch Service kmod signing key (LP: #1898716)
     - [Config] aws: enable CONFIG_MODVERSIONS=y
     - [Packaging] aws: build canonical-certs.pem from branch/arch certs
   * aws: update Xen hibernation patch set (LP: #1913410)
     - Revert "UBUNTU: SAUCE: xen-netfront: prevent unnecessary close on hibernate"
     - Revert "UBUNTU SAUCE [aws]: xen: Only restore the ACPI SCI interrupt in
       xen_restore_pirqs."
     - Revert "UBUNTU SAUCE [aws]: xen: restore pirqs on resume from hibernation."
     - Revert "UBUNTU SAUCE [aws]: block: xen-blkfront: consider new dom0 features
       on restore"
     - Revert "UBUNTU: SAUCE [aws] x86/xen: close event channels for PIRQs in
       system core suspend callback"
     - Revert "UBUNTU: SAUCE [aws] xen/events: add xen_shutdown_pirqs helper
       function"
     - Revert "UBUNTU: SAUCE [aws] x86/xen: save and restore steal clock"
     - Revert "UBUNTU: SAUCE [aws] xen-time-introduce-xen_-save-restore-
       _steal_clock"
     - Revert "UBUNTU: SAUCE [aws] xen-netfront: add callbacks for PM suspend and
       hibernation support"
     - Revert "UBUNTU: SAUCE [aws] x86/xen: add system core suspend and resume
       callbacks"
     - Revert "UBUNTU: SAUCE [aws] x86/xen: Introduce new function to map
       HYPERVISOR_shared_info on Resume"
     - Revert "UBUNTU: SAUCE: xen-blkfront: Fixed blkfront_restore to remove a call
       to negotiate_mq"
     - Revert "UBUNTU: SAUCE: xen-blkfront: resurrect request-based mode"
     - Revert "UBUNTU: SAUCE: xen-blkfront: add callbacks for PM suspend and
       hibernation"
     - Revert "UBUNTU: SAUCE: xenbus: add freeze/thaw/restore callbacks support"
     - Revert "UBUNTU: SAUCE: xen/manage: introduce helper function to know the on-
       going suspend mode"
     - Revert "UBUNTU: SAUCE: xen/manage: keep track of the on-going suspend mode"
     - SAUCE: xen/manage: keep track of the on-going suspend mode
     - SAUCE: xen/manage: introduce helper function to know the on-going suspend
       mode
     - SAUCE: xenbus: add freeze/thaw/restore callbacks support
     - SAUCE: x86/xen: Introduce new function to map HYPERVISOR_shared_info on
       Resume
     - SAUCE: x86/xen: add system core suspend and resume callbacks
     - SAUCE: xen-blkfront: add callbacks for PM suspend and hibernation
     - SAUCE: xen-netfront: add callbacks for PM suspend and hibernation support
     - SAUCE: xen/time: introduce xen_{save,restore}_steal_clock
     - SAUCE: x86/xen: save and restore steal clock
     - SAUCE: xen/events: add xen_shutdown_pirqs helper function
     - SAUCE: x86/xen: close event channels for PIRQs in system core suspend
       callback
     - SAUCE: xen-blkfront: resurrect request-based mode
     - SAUCE: xen-blkfront: add 'persistent_grants' parameter
     - SAUCE: Revert "xen: dont fiddle with event channel masking in
       suspend/resume"
     - SAUCE: xen-blkfront: Fixed blkfront_restore to remove a call to negotiate_mq
     - SAUCE: block: xen-blkfront: consider new dom0 features on restore
     - SAUCE: xen: restore pirqs on resume from hibernation.
     - SAUCE: xen: Only restore the ACPI SCI interrupt in xen_restore_pirqs.
     - SAUCE: xen-netfront: call netif_device_attach on resume
     - SAUCE: xen: Restore xen-pirqs on resume from hibernation
     - SAUCE: xen-blkfront: Delay flush till queue lock dropped
     - SAUCE: drivers/block/xen-blkfront.c: Convert to use
       set_capacity_revalidate_and_notify
     - SAUCE: x86: tsc: avoid system instability in hibernation
     - SAUCE: block/genhd: Notify udev about capacity change
     - SAUCE: drivers/block/virtio_blk.c: Convert to use
       set_capacity_revalidate_and_notify
     - SAUCE: drivers/nvme/host/core.c: Convert to use
       set_capacity_revalidate_and_notify
   * aws: xen-netfront: prevent potential error on hibernate (LP: #1906850)
     - SAUCE: xen-netfront: prevent unnecessary close on hibernate
   * bionic/linux: 4.15.0-141.145 -proposed tracker (LP: #1919536)
   * binary assembly failures with CONFIG_MODVERSIONS present (LP: #1919315)
     - [Packaging] quiet (nomially) benign errors in BUILD script
   * selftests: bpf verifier fails after sanitize_ptr_alu fixes (LP: #1920995)
     - bpf: Simplify alu_limit masking for pointer arithmetic
     - bpf: Add sanity check for upper ptr_limit
     - bpf, selftests: Fix up some test_verifier cases for unprivileged
   * Packaging resync (LP: #1786013)
     - update dkms package versions
   * CVE-2018-13095
     - xfs: More robust inode extent count validation
   * i40e PF reset due to incorrect MDD event (LP: #1772675)
     - i40e: change behavior on PF in response to MDD event
   * Bionic update: upstream stable patchset 2021-03-09 (LP: #1918330)
     - ACPI: sysfs: Prefer "compatible" modalias
     - ARM: dts: imx6qdl-gw52xx: fix duplicate regulator naming
     - wext: fix NULL-ptr-dereference with cfg80211's lack of commit()
     - net: usb: qmi_wwan: added support for Thales Cinterion PLSx3 modem family
     - drivers: soc: atmel: Avoid calling at91_soc_init on non AT91 SoCs
     - drivers: soc: atmel: add null entry at the end of at91_soc_allowed_list[]
     - KVM: x86/pmu: Fix HW_REF_CPU_CYCLES event pseudo-encoding in
       intel_arch_events[]
     - KVM: x86: get smi pending status correctly
     - xen: Fix XenStore initialisation for XS

 linux-aws-hwe (4.15.0-1097.104~16.04.1) xenial; urgency=medium
 .
   * xenial/linux-aws-hwe: 4.15.0-1097.104~16.04.1 -proposed tracker
     (LP: #1920145)
 .
   [ Ubuntu: 4.15.0-1097.104 ]
 .
   * bionic/linux-aws: 4.15.0-1097.104 -proposed tracker (LP: #1920146)
   * bionic/linux: 4.15.0-140.144 -proposed tracker (LP: #1920169)
   * CVE-2020-27170
     - bpf: Fix off-by-one for area size in creating mask to left
   * CVE-2020-27171
     - bpf: Prohibit alu ops for pointer types not defining ptr_limit

 linux-aws-hwe (4.15.0-1096.103~16.04.1) xenial; urgency=medium
 .
   * xenial/linux-aws-hwe: 4.15.0-1096.103~16.04.1 -proposed tracker
     (LP: #1919193)
 .
   [ Ubuntu: 4.15.0-1096.103 ]
 .
   * bionic/linux-aws: 4.15.0-1096.103 -proposed tracker (LP: #1919194)
   * bionic/linux: 4.15.0-139.143 -proposed tracker (LP: #1919218)
   * CVE-2021-27365
     - scsi: iscsi: Verify lengths on passthrough PDUs
     - sysfs: Add sysfs_emit and sysfs_emit_at to format sysfs output
     - scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE
   * CVE-2021-27363 // CVE-2021-27364
     - scsi: iscsi: Restrict sessions and handles to admin capabilities