Skipped "x86/speculation/l1tf: Fix up pte->pfn conversion for PAE" because we already use the proper conversion.
Skipped because we already applied it for CVE-2018-6554 * "irda: Fix memory leak caused by repeated binds of irda socket" Skipped because we already applied it for CVE-2018-6555 * "irda: Only insert new objects into the global database via setsockopt" Adjusted context for "ovl: rename is_merge to is_lowest". Major rewrite of "ovl: override creds with the ones from the superblock mounter" because we did apply in the past "SAUCE: overlayfs: Replace ovl_prepare_creds() with ovl_override_creds()" for bug #1659417. Both are nearly identical but use different internal names. So the upstream patch got modified to convert things to the upstream layout. Skipped "s390/lib: use expoline for all bcr instructions" because we already applied it for CVE-2017-5715. ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-5715 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6554 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6555 ** Description changed: + SRU Justification - SRU Justification + Impact: + The upstream process for stable tree updates is quite similar + in scope to the Ubuntu SRU process, e.g., each patch has to + demonstrably fix a bug, and each patch is vetted by upstream + by originating either directly from a mainline/stable Linux tree or + a minimally backported form of that patch. The following upstream + stable patches should be included in the Ubuntu kernel: - Impact: - The upstream process for stable tree updates is quite similar - in scope to the Ubuntu SRU process, e.g., each patch has to - demonstrably fix a bug, and each patch is vetted by upstream - by originating either directly from a mainline/stable Linux tree or - a minimally backported form of that patch. The following upstream - stable patches should be included in the Ubuntu kernel: + 4.4.156 upstream stable release + from git://git.kernel.org/ - 4.4.156 upstream stable release - from git://git.kernel.org/ + The following patches will be applied: + * staging: android: ion: fix ION_IOC_{MAP,SHARE} use-after-free + * net: bcmgenet: use MAC link status for fixed phy + * qlge: Fix netdev features configuration. + * tcp: do not restart timewait timer on rst reception + * vti6: remove !skb->ignore_df check from vti6_xmit() + * cifs: check if SMB2 PDU size has been padded and suppress the warning + * hfsplus: don't return 0 when fill_super() failed + * hfs: prevent crash on exit from failed search + * fork: don't copy inconsistent signal handler state to child + * reiserfs: change j_timestamp type to time64_t + * hfsplus: fix NULL dereference in hfsplus_lookup() + * fat: validate ->i_start before using + * scripts: modpost: check memory allocation results + * mm/fadvise.c: fix signed overflow UBSAN complaint + * fs/dcache.c: fix kmemcheck splat at take_dentry_name_snapshot() + * ipvs: fix race between ip_vs_conn_new() and ip_vs_del_dest() + * mfd: sm501: Set coherent_dma_mask when creating subdevices + * platform/x86: asus-nb-wmi: Add keymap entry for lid flip action on UX360 + * irqchip/bcm7038-l1: Hide cpu offline callback when building for !SMP + * net/9p: fix error path of p9_virtio_probe + * powerpc: Fix size calculation using resource_size() + * s390/dasd: fix hanging offline processing due to canceled worker + * scsi: aic94xx: fix an error code in aic94xx_init() + * PCI: mvebu: Fix I/O space end address calculation + * dm kcopyd: avoid softlockup in run_complete_job + * staging: comedi: ni_mio_common: fix subdevice flags for PFI subdevice + * selftests/powerpc: Kill child processes on SIGINT + * smb3: fix reset of bytes read and written stats + * SMB3: Number of requests sent should be displayed for SMB3 not just CIFS + * powerpc/pseries: Avoid using the size greater than RTAS_ERROR_LOG_MAX. + * btrfs: replace: Reset on-disk dev stats value after replace + * btrfs: relocation: Only remove reloc rb_trees if reloc control has been + initialized + * btrfs: Don't remove block group that still has pinned down bytes + * debugobjects: Make stack check warning more informative + * x86/pae: use 64 bit atomic xchg function in native_ptep_get_and_clear + * kbuild: make missing $DEPMOD a Warning instead of an Error + * Revert "ARM: imx_v6_v7_defconfig: Select ULPI support" + * enic: do not call enic_change_mtu in enic_probe + * Fixes: Commit cdbf92675fad ("mm: numa: avoid waiting on freed migrated pages") + * genirq: Delay incrementing interrupt count if it's disabled/pending + * irqchip/gic-v3-its: Recompute the number of pages on page size change + * irqchip/gicv3-its: Fix memory leak in its_free_tables() + * irqchip/gicv3-its: Avoid cache flush beyond ITS_BASERn memory size + * irqchip/gic-v3: Add missing barrier to 32bit version of gic_read_iar() + * irqchip/gic: Make interrupt ID 1020 invalid + * ovl: rename is_merge to is_lowest + * ovl: override creds with the ones from the superblock mounter + * ovl: proper cleanup of workdir + * sch_htb: fix crash on init failure + * sch_multiq: fix double free on init failure + * sch_hhf: fix null pointer dereference on init failure + * sch_netem: avoid null pointer deref on init failure + * sch_tbf: fix two null pointer dereferences on init failure + * mei: me: allow runtime pm for platform with D0i3 + * ASoC: wm8994: Fix missing break in switch + * btrfs: use correct compare function of dirty_metadata_bytes + * Linux 4.4.156 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1797563 Title: Xenial update: 4.4.156 upstream stable release To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1797563/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs