diff --git a/debian/changelog b/debian/changelog
index 8a8ea525c7b8..7eeeca97de52 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,5 +1,122 @@
-linux (4.7.2-2) UNRELEASED; urgency=medium
+linux (4.7.3-1) UNRELEASED; urgency=medium
 
+  * New upstream stable update:
+    https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.7.3
+    - [x86] mm: Disable preemption during CR3 read+write
+    - [x86] uprobes: Fix RIP-relative handling of EVEX-encoded instructions
+    - [x86] platform/uv: Skip UV runtime services mapping in the
+      efi_runtime_disabled case
+    - SUNRPC: Handle EADDRNOTAVAIL on connection failures
+    - SUNRPC: allow for upcalls for same uid but different gss service
+    - [x86] ALSA: hda - Manage power well properly for resume
+    - efi/capsule: Allocate whole capsule into virtual memory
+    - virtio: fix memory leak in virtqueue_add()
+    - vfio/pci: Fix NULL pointer oops in error interrupt setup handling
+    - tracing: Fix tick_stop tracepoint symbols for user export
+    - [x86] perf intel-pt: Fix occasional decoding errors when tracing
+      system-wide
+    - [amd64] libnvdimm, nd_blk: mask off reserved status bits
+    - ACPI: CPPC: Return error if _CPC is invalid on a CPU
+    - ACPI / CPPC: Prevent cpc_desc_ptr points to the invalid data
+    - genirq/msi: Remove unused MSI_FLAG_IDENTITY_MAP
+    - genirq/msi: Make sure PCI MSIs are activated early
+    - usb: ehci: change order of register cleanup during shutdown
+    - usb: devio, do not warn when allocation fails
+    - usb: misc: usbtest: add fix for driver hang
+    - usb: misc: usbtest: usbtest_do_ioctl may return positive integer
+    - usb: dwc3: gadget: increment request->actual once
+    - usb: dwc3: gadget: fix for short pkts during chained xfers
+    - usb: dwc3: gadget: always cleanup all TRBs
+    - usb: hub: Fix unbalanced reference count/memory leak/deadlocks
+    - USB: hub: fix up early-exit pathway in hub_activate
+    - USB: hub: change the locking in hub_activate
+    - USB: validate wMaxPacketValue entries in endpoint descriptors
+    - usb/gadget: fix gadgetfs aio support.
+    - xhci: always handle "Command Ring Stopped" events
+    - usb: xhci: Fix panic if disconnect
+    - xhci: don't dereference a xhci member after removing xhci
+    - USB: serial: fix memleak in driver-registration error path
+    - uprobes: Fix the memcg accounting
+    - perf symbols: Fix annotation of objects with debuginfo files
+    - perf/core: Fix event_function_local()
+    - perf tools mem: Fix -t store option for record command
+    - iommu/dma: Don't put uninitialised IOVA domains
+    - [armhf] iommu/io-pgtable-arm-v7s: Fix attributes when splitting blocks
+    - [armhf,arm64] iommu/arm-smmu: Fix CMDQ error handling
+    - [armhf,arm64] iommu/arm-smmu: Disable stalling faults for all endpoints
+    - [armhf,arm64] iommu/arm-smmu: Don't BUG() if we find aborting STEs with
+      disable_bypass
+    - [x86] pinctrl/amd: Remove the default de-bounce time
+    - i2c: mux: demux-pinctrl: properly roll back when adding adapter fails
+    - [s390x] dasd: fix hanging device after clear subchannel
+    - mac80211: fix purging multicast PS buffer queue
+    - [arm64] kernel: avoid literal load of virtual address with MMU off
+    - [arm64] avoid TLB conflict with CONFIG_RANDOMIZE_BASE
+    - [arm64] dts: rockchip: add reset saradc node for rk3368 SoCs
+    - [arm64] kernel: Fix unmasked debug exceptions when restoring mdscr_el1
+    - of: fix reference counting in of_graph_get_endpoint_by_regs
+    - iio: fix sched WARNING "do not call blocking ops when !TASK_RUNNING"
+    - [x86] drm/amdgpu: Change GART offset to 64-bit
+    - [x86] drm/amdgpu: fix amdgpu_move_blit on 32bit systems
+    - [x86] drm/amdgpu: fix lru size grouping v2
+    - [x86] drm/amdgpu: avoid a possible array overflow
+    - [x86] drm/amdgpu: skip TV/CV in display parsing
+    - [x86] drm/amd/amdgpu: sdma resume fail during S4 on CI
+    - [x86] drm/amd/amdgpu: compute ring test fail during S4 on CI
+    - [x86] drm/amdgpu: record error code when ring test failed
+    - [x86] drm/i915: Fix iboost setting for DDI with 4 lanes on SKL
+    - [x86] drm/i915: Program iboost settings for HDMI/DVI on SKL
+    - [x86] drm/i915: Fix iboost setting for SKL Y/U DP DDI buffer translation
+      entry 2
+    - [x86] drm/i915: Acquire audio powerwell for HD-Audio registers
+    - [x86] drm/i915: fix aliasing_ppgtt leak
+    - [x86] drm/i915/vlv: Make intel_crt_reset() per-encoder
+    - [x86] drm/i915/vlv: Reset the ADPA in vlv_display_power_well_init()
+    - [x86] drm/i915/vlv: Disable HPD in valleyview_crt_detect_hotplug()
+    - [x86] drm/i915: Enable polling when we don't have hpd
+    - [arm64] mfd: cros_ec: Add cros_ec_cmd_xfer_status() helper
+    - [arm64] i2c: cros-ec-tunnel: Fix usage of cros_ec_cmd_xfer()
+    - cdc-acm: fix wrong pipe type on rx interrupt xfers
+    - mpt3sas: Fix resume on WarpDrive flash cards
+    - megaraid_sas: Fix probing cards without io port
+    - dm round robin: do not use this_cpu_ptr() without having preemption
+      disabled
+    - gpio: Fix OF build problem on UM
+    - fs/seq_file: fix out-of-bounds read
+    - soft_dirty: fix soft_dirty during THP split
+    - [amd64] dax: fix device-dax region base
+    - [amd64] mm: silently skip readahead for DAX inodes
+    - btrfs: waiting on qgroup rescan should not always be interruptible
+    - btrfs: properly track when rescan worker is running
+    - btrfs: don't create or leak aliased root while cleaning up orphans
+    - Revert "floppy: fix open(O_ACCMODE) for ioctl-only open"
+    - Input: synaptics-rmi4 - fix register descriptor subpacket map construction
+    - Input: i8042 - break load dependency between atkbd/psmouse and i8042
+    - Input: i8042 - set up shared ps2_cmd_mutex for AUX ports
+    - [x86] crypto: qat - fix aes-xts key sizes
+    - USB: avoid left shift by -1
+    - usb: chipidea: udc: don't touch DP when controller is in host mode
+    - USB: fix typo in wMaxPacketSize validation
+    - usb: gadget: udc: core: don't starve DMA resources
+    - USB: serial: mos7720: fix non-atomic allocation in write path
+    - USB: serial: mos7840: fix non-atomic allocation in write path
+    - [x86] staging/lustre/llite: Close atomic_open race with several openers
+    - [x86] staging: comedi: daqboard2000: bug fix board type matching code
+    - [x86] staging: comedi: comedi_test: fix timer race conditions
+    - [x86] staging: comedi: ni_mio_common: fix AO inttrig backwards
+      compatibility
+    - [x86] staging: comedi: ni_mio_common: fix wrong insn_write handler
+    - ACPI / drivers: fix typo in ACPI_DECLARE_PROBE_ENTRY macro
+    - ACPI / drivers: replace acpi_probe_lock spinlock with mutex
+    - ALSA: line6: Remove double line6_pcm_release() after failed acquire.
+    - ALSA: line6: Give up on the lock while URBs are released.
+    - ALSA: line6: Fix POD sysfs attributes segfault
+    - hwmon: (it87) Add missing sysfs attribute group terminator
+    - hwmon: (iio_hwmon) fix memory leak in name attribute
+    - sysfs: correctly handle read offset on PREALLOC attrs
+    - SUNRPC: Fix infinite looping in rpc_clnt_iterate_for_each_xprt
+
+  [ Ben Hutchings ]
   * [arm64] Add cpu_to_fdt32() when setting Secure Boot flag in FDT
 
  -- Ben Hutchings <ben@decadent.org.uk>  Sat, 03 Sep 2016 18:34:31 +0100
diff --git a/debian/patches/bugfix/all/aacraid-check-size-values-after-double-fetch-from-us.patch b/debian/patches/bugfix/all/aacraid-check-size-values-after-double-fetch-from-us.patch
deleted file mode 100644
index d07f5fa8079f..000000000000
--- a/debian/patches/bugfix/all/aacraid-check-size-values-after-double-fetch-from-us.patch
+++ /dev/null
@@ -1,62 +0,0 @@
-From: Dave Carroll <david.carroll@microsemi.com>
-Date: Fri, 5 Aug 2016 13:44:10 -0600
-Subject: aacraid: Check size values after double-fetch from user
-Origin: https://git.kernel.org/linus/fa00c437eef8dc2e7b25f8cd868cfa405fcc2bb3
-
-In aacraid's ioctl_send_fib() we do two fetches from userspace, one the
-get the fib header's size and one for the fib itself. Later we use the
-size field from the second fetch to further process the fib. If for some
-reason the size from the second fetch is different than from the first
-fix, we may encounter an out-of- bounds access in aac_fib_send(). We
-also check the sender size to insure it is not out of bounds. This was
-reported in https://bugzilla.kernel.org/show_bug.cgi?id=116751 and was
-assigned CVE-2016-6480.
-
-Reported-by: Pengfei Wang <wpengfeinudt@gmail.com>
-Fixes: 7c00ffa31 '[SCSI] 2.6 aacraid: Variable FIB size (updated patch)'
-Cc: stable@vger.kernel.org
-Signed-off-by: Dave Carroll <david.carroll@microsemi.com>
-Reviewed-by: Johannes Thumshirn <jthumshirn@suse.de>
-Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
----
- drivers/scsi/aacraid/commctrl.c | 13 +++++++++++--
- 1 file changed, 11 insertions(+), 2 deletions(-)
-
-diff --git a/drivers/scsi/aacraid/commctrl.c b/drivers/scsi/aacraid/commctrl.c
-index b381b3718a98..5648b715fed9 100644
---- a/drivers/scsi/aacraid/commctrl.c
-+++ b/drivers/scsi/aacraid/commctrl.c
-@@ -63,7 +63,7 @@ static int ioctl_send_fib(struct aac_dev * dev, void __user *arg)
- 	struct fib *fibptr;
- 	struct hw_fib * hw_fib = (struct hw_fib *)0;
- 	dma_addr_t hw_fib_pa = (dma_addr_t)0LL;
--	unsigned size;
-+	unsigned int size, osize;
- 	int retval;
- 
- 	if (dev->in_reset) {
-@@ -87,7 +87,8 @@ static int ioctl_send_fib(struct aac_dev * dev, void __user *arg)
- 	 *	will not overrun the buffer when we copy the memory. Return
- 	 *	an error if we would.
- 	 */
--	size = le16_to_cpu(kfib->header.Size) + sizeof(struct aac_fibhdr);
-+	osize = size = le16_to_cpu(kfib->header.Size) +
-+		sizeof(struct aac_fibhdr);
- 	if (size < le16_to_cpu(kfib->header.SenderSize))
- 		size = le16_to_cpu(kfib->header.SenderSize);
- 	if (size > dev->max_fib_size) {
-@@ -118,6 +119,14 @@ static int ioctl_send_fib(struct aac_dev * dev, void __user *arg)
- 		goto cleanup;
- 	}
- 
-+	/* Sanity check the second copy */
-+	if ((osize != le16_to_cpu(kfib->header.Size) +
-+		sizeof(struct aac_fibhdr))
-+		|| (size < le16_to_cpu(kfib->header.SenderSize))) {
-+		retval = -EINVAL;
-+		goto cleanup;
-+	}
-+
- 	if (kfib->header.Command == cpu_to_le16(TakeABreakPt)) {
- 		aac_adapter_interrupt(dev);
- 		/*
diff --git a/debian/patches/bugfix/parisc/parisc-fix-automatic-selection-of-cr16-clocksource.patch b/debian/patches/bugfix/parisc/parisc-fix-automatic-selection-of-cr16-clocksource.patch
deleted file mode 100644
index 36b71c840cdb..000000000000
--- a/debian/patches/bugfix/parisc/parisc-fix-automatic-selection-of-cr16-clocksource.patch
+++ /dev/null
@@ -1,64 +0,0 @@
-From: Helge Deller <deller@gmx.de>
-Date: Fri, 19 Aug 2016 22:39:02 +0200
-Subject: [1/2] parisc: Fix automatic selection of cr16 clocksource
-Origin: https://git.kernel.org/linus/ae141830b118c3fb5b7eab6fa7c8ab7b7224b0a4
-
-Commit 54b66800907 (parisc: Add native high-resolution sched_clock()
-implementation) added support to use the CPU-internal cr16 counters as reliable
-clocksource with the help of HAVE_UNSTABLE_SCHED_CLOCK.
-
-Sadly the commit missed to remove the hack which prevented cr16 to become the
-default clocksource even on SMP systems.
-
-Signed-off-by: Helge Deller <deller@gmx.de>
-Cc: stable@vger.kernel.org # 4.7+
----
- arch/parisc/kernel/processor.c |  8 --------
- arch/parisc/kernel/time.c      | 12 ------------
- 2 files changed, 20 deletions(-)
-
---- a/arch/parisc/kernel/processor.c
-+++ b/arch/parisc/kernel/processor.c
-@@ -51,8 +51,6 @@ EXPORT_SYMBOL(_parisc_requires_coherency
- 
- DEFINE_PER_CPU(struct cpuinfo_parisc, cpu_data);
- 
--extern int update_cr16_clocksource(void);	/* from time.c */
--
- /*
- **  	PARISC CPU driver - claim "device" and initialize CPU data structures.
- **
-@@ -228,12 +226,6 @@ static int processor_probe(struct parisc
- 	}
- #endif
- 
--	/* If we've registered more than one cpu,
--	 * we'll use the jiffies clocksource since cr16
--	 * is not synchronized between CPUs.
--	 */
--	update_cr16_clocksource();
--
- 	return 0;
- }
- 
---- a/arch/parisc/kernel/time.c
-+++ b/arch/parisc/kernel/time.c
-@@ -220,18 +220,6 @@ static struct clocksource clocksource_cr
- 	.flags			= CLOCK_SOURCE_IS_CONTINUOUS,
- };
- 
--int update_cr16_clocksource(void)
--{
--	/* since the cr16 cycle counters are not synchronized across CPUs,
--	   we'll check if we should switch to a safe clocksource: */
--	if (clocksource_cr16.rating != 0 && num_online_cpus() > 1) {
--		clocksource_change_rating(&clocksource_cr16, 0);
--		return 1;
--	}
--
--	return 0;
--}
--
- void __init start_cpu_itimer(void)
- {
- 	unsigned int cpu = smp_processor_id();
diff --git a/debian/patches/bugfix/parisc/parisc-fix-order-of-erefused-define-in-errno.h.patch b/debian/patches/bugfix/parisc/parisc-fix-order-of-erefused-define-in-errno.h.patch
deleted file mode 100644
index 162e4f8d3e8d..000000000000
--- a/debian/patches/bugfix/parisc/parisc-fix-order-of-erefused-define-in-errno.h.patch
+++ /dev/null
@@ -1,38 +0,0 @@
-From: Helge Deller <deller@gmx.de>
-Date: Sat, 20 Aug 2016 11:51:38 +0200
-Subject: [2/2] parisc: Fix order of EREFUSED define in errno.h
-Origin: https://git.kernel.org/linus/3eb53b20d7bd1374598cfb1feaa081fcac0e76cd
-
-When building gccgo in userspace, errno.h gets parsed and the go include file
-sysinfo.go is generated.
-
-Since EREFUSED is defined to the same value as ECONNREFUSED, and ECONNREFUSED
-is defined later on in errno.h, this leads to go complaining that EREFUSED
-isn't defined yet.
-
-Fix this trivial problem by moving the define of EREFUSED down after
-ECONNREFUSED in errno.h (and clean up the indenting while touching this line).
-
-Signed-off-by: Helge Deller <deller@gmx.de>
-Cc: stable@vger.kernel.org
----
- arch/parisc/include/uapi/asm/errno.h | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/arch/parisc/include/uapi/asm/errno.h b/arch/parisc/include/uapi/asm/errno.h
-index c0ae62520d15..274d5bc6ecce 100644
---- a/arch/parisc/include/uapi/asm/errno.h
-+++ b/arch/parisc/include/uapi/asm/errno.h
-@@ -97,10 +97,10 @@
- #define	ENOTCONN	235	/* Transport endpoint is not connected */
- #define	ESHUTDOWN	236	/* Cannot send after transport endpoint shutdown */
- #define	ETOOMANYREFS	237	/* Too many references: cannot splice */
--#define EREFUSED	ECONNREFUSED	/* for HP's NFS apparently */
- #define	ETIMEDOUT	238	/* Connection timed out */
- #define	ECONNREFUSED	239	/* Connection refused */
--#define EREMOTERELEASE	240	/* Remote peer released connection */
-+#define	EREFUSED	ECONNREFUSED	/* for HP's NFS apparently */
-+#define	EREMOTERELEASE	240	/* Remote peer released connection */
- #define	EHOSTDOWN	241	/* Host is down */
- #define	EHOSTUNREACH	242	/* No route to host */
- 
diff --git a/debian/patches/series b/debian/patches/series
index 4aa50370ba8e..f0e9fab8c806 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -45,8 +45,6 @@ bugfix/x86/viafb-autoload-on-olpc-xo1.5-only.patch
 debian/fanotify-taint-on-use-of-fanotify_access_permissions.patch
 
 # Arch bug fixes
-bugfix/parisc/parisc-fix-automatic-selection-of-cr16-clocksource.patch
-bugfix/parisc/parisc-fix-order-of-erefused-define-in-errno.h.patch
 
 # Arch features
 features/mips/MIPS-increase-MAX-PHYSMEM-BITS-on-Loongson-3-only.patch
@@ -112,7 +110,6 @@ features/all/securelevel/arm64-add-kernel-config-option-to-set-securelevel-wh.pa
 bugfix/all/ptrace-being-capable-wrt-a-process-requires-mapped-uids-gids.patch
 debian/i386-686-pae-pci-set-pci-nobios-by-default.patch
 bugfix/all/tcp-fix-use-after-free-in-tcp_xmit_retransmit_queue.patch
-bugfix/all/aacraid-check-size-values-after-double-fetch-from-us.patch
 
 # ABI maintenance