SLES-release
- Fix grub menu entry after migration from SLE-12*. (bsc#1099521)
- Revert the problematic changes previously released and make sure the
  version is high enough to obsolete the package on containers and images.
  (bsc#1180836)
chrony
- bsc#1173760: MD5 is not available from mozilla-nss in FIPS mode,
  but needed for calculating refids from IPv6 addresses as part of
  the NTP protocol (rfc5905). As this is a non-cryptographic use of
  MD5 we can use our own implementation without violating FIPS
  rules: chrony-refid-internal-md5.patch .
- boo#1162964, bsc#1183783, clknetsim-glibc-2.31.patch:
containerd
- Add patch for CVE-2021-32760. bsc#1188282
  + bsc1188282-use-chmod-path-for-checking-symlink.patch
- Drop long-since upstreamed patch, originally needed to fix i386 builds on
  SLES:
  - 0001-makefile-remove-emoji.patch
- Update to containerd v1.4.4, to fix CVE-2021-21334.
- Update to handle the docker-runc removal, and drop the -kubic flavour.
  bsc#1181677 bsc#1181749
- Update to containerd v1.4.3, which is needed for Docker v20.10.2-ce.
  bsc#1181594
- Install the containerd-shim* binaries and stop creating
  docker-containerd-shim because that isn't used by Docker anymore.
  bsc#1183024
curl
- Security fix: [bsc#1188220, CVE-2021-22925]
  * TELNET stack contents disclosure again
  * Add curl-CVE-2021-22925.patch
- Security fix: [bsc#1188219, CVE-2021-22924]
  * Bad connection reuse due to flawed path name checks
  * Add curl-CVE-2021-22924.patch
- Security fix: Disable the metalink feature:
  * Insufficiently Protected Credentials [bsc#1188218, CVE-2021-22923]
  * Wrong content via metalink not discarded [bsc#1188217, CVE-2021-22922]
dbus-1
- Fix CVE-2020-35512 - shared UID's caused issues (CVE-2020-35512 bsc#1187105)
  * fix-upstream-userdb-constpointer.patch
  * fix-upstream-CVE-2020-35512.patch
docker
- Update to Docker 20.10.6-ce. See upstream changelog in the packaged
  /usr/share/doc/packages/docker/CHANGELOG.md. bsc#1184768
- Rebase patches:
  * 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
  * 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
  * 0003-PRIVATE-REGISTRY-add-private-registry-mirror-support.patch
  * 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
- Backport upstream fix <https://github.com/moby/moby/pull/42273> for btrfs
  quotas being removed by Docker regularly. bsc#1183855 bsc#1175081
  + 0005-bsc1183855-btrfs-Do-not-disable-quota-on-cleanup.patch
- Update to Docker 20.10.5-ce. See upstream changelog in the packaged
  /usr/share/doc/packages/docker/CHANGELOG.md. bsc#1182947
- Update runc dependency to 1.0.0~rc93.
- Remove upstreamed patches:
  - cli-0001-Rename-bin-md2man-to-bin-go-md2man.patch
- Rebase patches:
  * 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
  * 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
  * 0003-PRIVATE-REGISTRY-add-private-registry-mirror-support.patch
  * 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
- Switch version to use -ce suffix rather than _ce to avoid confusing other
  tools. boo#1182476
- Fix incorrect cast in SUSE secrets patches causing warnings on SLES.
  * 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
- Update to Docker 20.10.3-ce. See upstream changelog in the packaged
  /usr/share/doc/packages/docker/CHANGELOG.md. Fixes bsc#1181732
  (CVE-2021-21284) and bsc#1181730 (CVE-2021-21285).
- Rebase patches on top of 20.10.3-ce.
  - 0002-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
  + 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
  - 0003-SECRETS-SUSE-implement-SUSE-container-secrets.patch
  + 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
  - 0004-PRIVATE-REGISTRY-add-private-registry-mirror-support.patch
  + 0003-PRIVATE-REGISTRY-add-private-registry-mirror-support.patch
  - 0005-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
  + 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
- Drop docker-runc, docker-test and docker-libnetwork packages. We now just use
  the upstream runc package (it's stable enough and Docker no longer pins git
  versions). docker-libnetwork is so unstable that it doesn't have any
  versioning scheme and so it really doesn't make sense to maintain the project
  as a separate package. bsc#1181641 bsc#1181677
- Remove no-longer-needed patch for packaging now that we've dropped
  docker-runc and docker-libnetwork.
  - 0001-PACKAGING-revert-Remove-docker-prefix-for-containerd.patch
- Update to Docker 20.10.2-ce. See upstream changelog in the packaged
  /usr/share/doc/packages/docker/CHANGELOG.md. bsc#1181594
- Remove upstreamed patches:
  - bsc1122469-0001-apparmor-allow-readby-and-tracedby.patch
  - boo1178801-0001-Add-docker-interfaces-to-firewalld-docker-zone.patch
- Add patches to fix build:
  + cli-0001-Rename-bin-md2man-to-bin-go-md2man.patch
- Since upstream has changed their source repo (again) we have to rebase all of
  our patches. While doing this, I've collapsed all patches into one branch
  per-release and thus all the patches are now just one series:
  - packaging-0001-revert-Remove-docker-prefix-for-containerd-and-runc-.patch
  + 0001-PACKAGING-revert-Remove-docker-prefix-for-containerd.patch
  - secrets-0001-daemon-allow-directory-creation-in-run-secrets.patch
  + 0002-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
  - secrets-0002-SUSE-implement-SUSE-container-secrets.patch
  + 0003-SECRETS-SUSE-implement-SUSE-container-secrets.patch
  - private-registry-0001-Add-private-registry-mirror-support.patch
  + 0004-PRIVATE-REGISTRY-add-private-registry-mirror-support.patch
  - bsc1073877-0001-apparmor-clobber-docker-default-profile-on-start.patch
  + 0005-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
dosfstools
- Add fix-calculation.patch (gh#dosfstools/dosfstools#153, bsc#1172863)
  to work with different size of clusters.
gnutls
- Add gnutls-3.6.7-fix-FTBFS-2024.patch to let tests pass after 2024 (boo#1186579)
- Add gnutls-3.6.7-reproducible-date.patch to override build date (boo#1047218)
gpg2
- Fix warning: agent returned different signature type ssh-rsa
  * The gpg-agent's ssh-agent does not handle flags in signing
    requests properly [bsc#1161268, bsc#1172308]
  * Add gnupg-gpg-agent-ssh-agent.patch
kernel-default
- netfilter: x_tables: fix compat match/target pad out-of-bound
  write (CVE-2021-22555 bsc#1188116).
- commit 5d3d4da
- vmxnet3: fix cksum offload issues for tunnels with non-default
  udp ports (git-fixes).
- USB: cdc-acm: blacklist Heimann USB Appset device (git-fixes).
- usb: gadget: eem: fix echo command packet response issue
  (git-fixes).
- vfio/pci: Handle concurrent vma faults (git-fixes).
- [xarray] iov_iter_fault_in_readable() should do nothing in
  xarray case (git-fixes).
- ssb: sdio: Don't overwrite const buffer if block_write fails
  (git-fixes).
- commit 76c3ff9
- serial_cs: Add Option International GSM-Ready 56K/ISDN modem
  (git-fixes).
- serial_cs: remove wrong GLOBETROTTER.cis entry (git-fixes).
- staging: rtl8712: remove redundant check in r871xu_drv_init
  (git-fixes).
- spi: spi-loopback-test: Fix 'tx_buf' might be 'rx_buf'
  (git-fixes).
- spi: omap-100k: Fix the length judgment problem (git-fixes).
- spi: spi-topcliff-pch: Fix potential double free in
  pch_spi_process_messages() (git-fixes).
- spi: Make of_register_spi_device also set the fwnode
  (git-fixes).
- regulator: da9052: Ensure enough delay time for
  .set_voltage_time_sel (git-fixes).
- regulator: uniphier: Add missing MODULE_DEVICE_TABLE
  (git-fixes).
- commit a2b1a60
- platform/x86: toshiba_acpi: Fix missing error code in
  toshiba_acpi_setup_keyboard() (git-fixes).
- random32: Fix implicit truncation warning in
  prandom_seed_state() (git-fixes).
- media: Fix Media Controller API config checks (git-fixes).
- media: imx-csi: Skip first few frames from a BT.656 source
  (git-fixes).
- media: siano: fix device register error path (git-fixes).
- media: dvb_net: avoid speculation from net slot (git-fixes).
- media: dvd_usb: memory leak in cinergyt2_fe_attach (git-fixes).
- mmc: via-sdmmc: add a check against NULL pointer dereference
  (git-fixes).
- mmc: sdhci-sprd: use sdhci_sprd_writew (git-fixes).
- memstick: rtsx_usb_ms: fix UAF (git-fixes).
- commit 0eb2f6b
- media: st-hva: Fix potential NULL pointer dereferences
  (git-fixes).
- media: bt8xx: Fix a missing check bug in bt878_probe
  (git-fixes).
- media: v4l2-core: Avoid the dangling pointer in v4l2_fh_release
  (git-fixes).
- media: em28xx: Fix possible memory leak of em28xx struct
  (git-fixes).
- media: imx: imx7_mipi_csis: Fix logging of only error event
  counters (git-fixes).
- media: pvrusb2: fix warning in pvr2_i2c_core_done (git-fixes).
- media: cobalt: fix race condition in setting HPD (git-fixes).
- media: cpia2: fix memory leak in cpia2_usb_probe (git-fixes).
- media: sti: fix obj-$(config) targets (git-fixes).
- media: exynos-gsc: fix pm_runtime_get_sync() usage count
  (git-fixes).
- commit ba1b2bc
- iio: adc: at91-sama5d2: Fix buffer alignment in
  iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: mxc4005: Fix overread of data and alignment issue
  (git-fixes).
- lib: vsprintf: Fix handling of number field widths in vsscanf
  (git-fixes).
- media: sti/bdisp: fix pm_runtime_get_sync() usage count
  (git-fixes).
- media: s5p-jpeg: fix pm_runtime_get_sync() usage count
  (git-fixes).
- media: mtk-vcodec: fix PM runtime get logic (git-fixes).
- media: sh_vou: fix pm_runtime_get_sync() usage count
  (git-fixes).
- media: mdk-mdp: fix pm_runtime_get_sync() usage count
  (git-fixes).
- iio: at91-sama5d2_adc: remove usage of iio_priv_to_dev() helper
  (git-fixes).
- iio:accel:mxc4005: Drop unnecessary explicit casts in
  regmap_bulk_read calls (git-fixes).
- commit 74c2c06
- gve: Fix an error handling path in 'gve_probe()' (git-fixes).
- fm10k: Fix an error handling path in 'fm10k_probe()'
  (git-fixes).
- HID: do not use down_interruptible() when unbinding devices
  (git-fixes).
- HID: wacom: Correct base usage for capacitive ExpressKey status
  bits (git-fixes).
- crypto: omap-sham - Fix PM reference leak in omap sham ops
  (git-fixes).
- crypto: nitrox - fix unchecked variable in
  nitrox_register_interrupts (git-fixes).
- hwrng: exynos - Fix runtime PM imbalance on error (git-fixes).
- hwmon: (max31790) Fix pwmX_enable attributes (git-fixes).
- hwmon: (max31790) Report correct current pwm duty cycles
  (git-fixes).
- commit ac66984
- ALSA: usb-audio: scarlett2: Fix wrong resume call (git-fixes).
- ALSA: hda/realtek: Fix bass speaker DAC mapping for Asus UM431D
  (git-fixes).
- ath9k: Fix kernel NULL pointer dereference during
  ath_reset_internal() (git-fixes).
- clocksource: Retry clock read if long delays detected
  (git-fixes).
- crypto: qat - remove unused macro in FW loader (git-fixes).
- crypto: qat - check return code of qat_hal_rd_rel_reg()
  (git-fixes).
- crypto: ccp - Fix a resource leak in an error handling path
  (git-fixes).
- crypto: ux500 - Fix error return code in hash_hw_final()
  (git-fixes).
- crypto: nx - add missing MODULE_DEVICE_TABLE (git-fixes).
- crypto: ixp4xx - dma_unmap the correct address (git-fixes).
- commit fcdd7a0
- ALSA: hda/realtek: Add another ALC236 variant support
  (git-fixes).
- ALSA: usb-audio: fix rate on Ozone Z90 USB headset (git-fixes).
- ACPI: bus: Call kobject_put() in acpi_init() error path
  (git-fixes).
- ACPI: EC: Make more Asus laptops use ECDT _GPE (git-fixes).
- ACPI: resources: Add checks for ACPI IRQ override (git-fixes).
- ACPI: processor idle: Fix up C-state latency if not ordered
  (git-fixes).
- ACPICA: Fix memory leak caused by _CID repair function
  (git-fixes).
- commit 930000b
- Blacklist already cherry-picked ASoC commits
- commit 5cc6c21
- usb: gadget: f_fs: Fix setting of device and driver data
  cross-references (git-fixes).
- commit 8174fed
- vfs: Convert functionfs to use the new mount API (git -fixes).
- commit bc4a6d0
- mm, futex: fix shared futex pgoff on shmem huge page (git fixes
  (kernel/futex)).
- commit b5af159
- usb: typec: fusb302: fix "/op-sink-microwatt"/ default that was
  in mW (git-fixes).
- commit dcf2645
- fuse: reject internal errno (bsc#1188269).
- fuse: check connected before queueing on fpq->io (bsc#1188267).
- fuse: ignore PG_workingset after stealing (bsc#1188268).
- commit ad3c8af
- kABI: restore struct tcpc_config definition (git-fixes).
- commit af96f3e
- media: v4l2-async: Fix trivial documentation typo (git-fixes).
- commit a677fa5
- tracing/histograms: Fix parsing of "/sym-offset"/ modifier
  (git-fixes).
- commit e43cdf6
- usb: typec: fusb302: Always provide fwnode for the port
  (git-fixes).
- commit 23df3ab
- math: Export mul_u64_u64_div_u64 (git-fixes).
- commit 3708119
- rtc: stm32: Fix unbalanced clk_disable_unprepare() on probe
  error path (git-fixes).
- rtc: fix snprintf() checking in is_rtc_hctosys() (git-fixes).
- thermal/drivers/rcar_gen3_thermal: Fix coefficient calculations
  (git-fixes).
- reset: bail if try_module_get() fails (git-fixes).
- firmware: tegra: Fix error return code in tegra210_bpmp_init()
  (git-fixes).
- memory: fsl_ifc: fix leak of private memory on probe failure
  (git-fixes).
- memory: fsl_ifc: fix leak of IO mapping on probe failure
  (git-fixes).
- memory: pl353: Fix error return code in pl353_smc_probe()
  (git-fixes).
- memory: atmel-ebi: add missing of_node_put for loop iteration
  (git-fixes).
- reset: brcmstb: Add missing MODULE_DEVICE_TABLE (git-fixes).
- reset: a10sr: add missing of_match_table reference (git-fixes).
- ALSA: intel8x0: Fix breakage at ac97 clock measurement
  (git-fixes).
- ALSA: isa: Fix error return code in snd_cmi8330_probe()
  (git-fixes).
- commit 8a2377b
- memory: fsl_ifc: fix leak of private memory on probe failure
  (git-fixes).
- memory: fsl_ifc: fix leak of IO mapping on probe failure
  (git-fixes).
- commit b522bcb
- Refresh patches.suse/rtc-pcf2127-handle-timestamp-interrupts.patch.
  Switched to queued version.
- commit 1b185ef
- x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline() (bsc#1185308).
- x86/kvm: Disable all PV features on crash (bsc#1185308).
- refresh patches.suse/0001-kvm-Reintroduce-nopvspin-kernel-parameter.patch
- x86/kvm: Disable kvmclock on all CPUs on shutdown (bsc#1185308).
- x86/kvm: Teardown PV features on boot CPU as well (bsc#1185308).
- x86/kvm: Fix pr_info() for async PF setup/teardown
  (bsc#1185308).
- commit 80699a1
- fix patches metadata
- fix Patch-mainline:
  patches.suse/tracepoint-Add-tracepoint_probe_register_may_exist-for-BPF-tracing.patch
  patches.suse/tracing-Resize-tgid_map-to-pid_max-not-PID_MAX_DEFAULT.patch
  patches.suse/tracing-Simplify-fix-saved_tgids-logic.patch
- commit fa5e842
- soc: fsl: qbman: Delete useless kfree code (bsc#1188176).
- soc: fsl: qbman: Ensure device cleanup is run for kexec
  (bsc#1188176).
- commit ec1bcd7
- ptp_qoriq: fix overflow in ptp_qoriq_adjfine() u64 calcalation
  (git-fixes).
- commit d17e17c
- dpaa2-eth: fix memory leak in XDP_REDIRECT (git-fixes).
- commit 586c229
- rpm/kernel-binary.spec.in: Remove zdebug define used only once.
- commit 85a9fc2
- kernel-binary.spec: Exctract s390 decompression code (jsc#SLE-17042).
- commit 7f97df2
- seq_file: Disallow extremely large seq buffer allocations (bsc#1188062, CVE-2021-33909).
- commit eb7ef76
- tracing: Resize tgid_map to pid_max, not PID_MAX_DEFAULT
  (git-fixes).
- commit dfc48c9
- tracing: Simplify & fix saved_tgids logic (git-fixes).
- commit c530730
- tracepoint: Add tracepoint_probe_register_may_exist() for BPF
  tracing (git-fixes).
- commit 1ab86c5
- nvme: verify MNAN value if ANA is enabled (bsc#1185791).
- commit e620ef1
- spi: spi-nxp-fspi: Implement errata workaround for LS1028A (bsc#1188121).
- spi: spi-nxp-fspi: Add support for IP read only (bsc#1188121).
- spi: spi-nxp-fspi: Add ACPI support (bsc#1188121).
  Refresh:
  patches.suse/spi-spi-nxp-fspi-fix-fspi-panic-by-unexpected-interr.patch
  patches.suse/spi-spi-nxp-fspi-move-the-register-operation-after-t.patch
- spi: spi-nxp-fspi: Fix a NULL vs IS_ERR() check in probe (bsc#1188121).
  Refresh:
  patches.suse/spi-spi-nxp-fspi-fix-fspi-panic-by-unexpected-interr.patch
  patches.suse/spi-spi-nxp-fspi-move-the-register-operation-after-t.patch
- spi: spi-nxp-fspi: Enable the Octal Mode in MCR0 (bsc#1188121).
- spi: fspi: dynamically alloc AHB memory (bsc#1188121).
  Refresh:
  patches.suse/spi-spi-nxp-fspi-fix-fspi-panic-by-unexpected-interr.patch
  patches.suse/spi-spi-nxp-fspi-move-the-register-operation-after-t.patch
- spi: nxp-fspi: Use devm API to fix missed unregistration of controller (bsc#1188121).
- commit 8290109
- Fix meta data in lpfc-decouple-port_template-and-vport_template.patch
- commit d9e6471
- scsi: qedf: Do not put host in qedf_vport_create()
  unconditionally (bsc#1170511).
- commit 8665594
- kernel-binary.spec: Fix up usrmerge for non-modular kernels.
- commit d718cd9
- nvme-rdma: introduce nvme_rdma_sgl structure (git-fixes).
- commit 6ccb8a5
- nvme-rdma: fix in-casule data send for chained sgls (git-fixes).
- nvme-tcp: rerun io_work if req_list is not empty (git-fixes).
- commit a286451
- watchdog: aspeed: fix hardware timeout calculation (git-fixes).
- watchdog: sp805: Fix kernel doc description (git-fixes).
- gpio: AMD8111 and TQMX86 require HAS_IOPORT_MAP (git-fixes).
- commit 79058fa
- extcon: max8997: Add missing modalias string (git-fixes).
- extcon: sm5502: Drop invalid register write in sm5502_reg_data
  (git-fixes).
- char: pcmcia: error out if 'num_bytes_read' is greater than
  4 in set_protocol() (git-fixes).
- backlight: lm3630a_bl: Put fwnode in error case during ->probe()
  (git-fixes).
- commit 6b8c8e1
- iio: light: tcs3472: do not free unallocated IRQ (git-fixes).
- iio: prox: isl29501: Fix buffer alignment in
  iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: vcnl4035: Fix buffer alignment in
  iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: magn: rm3100: Fix alignment of buffer in
  iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: ti-ads8688: Fix alignment of buffer in
  iio_push_to_buffers_with_timestamp() (git-fixes).
- staging: gdm724x: check for overflow in gdm_lte_netif_rx()
  (git-fixes).
- staging: gdm724x: check for buffer overflow in
  gdm_lte_multi_sdu_pkt() (git-fixes).
- fpga: machxo2-spi: Address warning about unused variable
  (git-fixes).
- extcon: intel-mrfld: Sync hardware and software state on init
  (git-fixes).
- fpga: stratix10-soc: Add missing fpga_mgr_free() call
  (git-fixes).
- commit b12d968
- iio: adc: mxs-lradc: Fix buffer alignment in
  iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: hx711: Fix buffer alignment in
  iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: ltr501: ltr501_read_ps(): add missing endianness conversion
  (git-fixes).
- iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR
  (git-fixes).
- iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1}
  and PS_DATA as volatile, too (git-fixes).
- iio: si1133: fix format string warnings (git-fixes).
- iio: potentiostat: lmp91000: Fix alignment of buffer in
  iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: tcs3472: Fix buffer alignment in
  iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: tcs3414: Fix buffer alignment in
  iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: isl29125: Fix buffer alignment in
  iio_push_to_buffers_with_timestamp() (git-fixes).
- commit 2299862
- iio: magn: bmc150: Fix buffer alignment in
  iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: magn: hmc5843: Fix buffer alignment in
  iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: as3935: Fix buffer alignment in
  iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: pulsed-light: Fix buffer alignment in
  iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: srf08: Fix buffer alignment in
  iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: humidity: am2315: Fix buffer alignment in
  iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: gyro: bmg160: Fix buffer alignment in
  iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: vf610: Fix buffer alignment in
  iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: ti-ads1015: Fix buffer alignment in
  iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: stk8ba50: Fix buffer alignment in
  iio_push_to_buffers_with_timestamp() (git-fixes).
- commit 66bbafb
- serial: mvebu-uart: correctly calculate minimal possible
  baudrate (git-fixes).
- serial: mvebu-uart: do not allow changing baudrate when uartclk
  is not available (git-fixes).
- serial: mvebu-uart: fix calculation of clock divisor
  (git-fixes).
- serial: 8250: Actually allow UPF_MAGIC_MULTIPLIER baud rates
  (git-fixes).
- serial: tegra-tcu: Reorder channel initialization (git-fixes).
- staging: rtl8712: fix memory leak in rtl871x_load_fw_cb
  (git-fixes).
- iio: accel: stk8312: Fix buffer alignment in
  iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: kxcjk-1013: Fix buffer alignment in
  iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: hid: Fix buffer alignment in
  iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: bma220: Fix buffer alignment in
  iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: bma180: Fix buffer alignment in
  iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adis16400: do not return ints in irq handlers (git-fixes).
- iio: adis_buffer: do not return ints in irq handlers
  (git-fixes).
- mmc: sdhci: Fix warning message when accessing RPMB in HS400
  mode (git-fixes).
- mmc: core: clear flags before allowing to retune (git-fixes).
- Input: hil_kbd - fix error return code in hil_dev_connect()
  (git-fixes).
- Input: usbtouchscreen - fix control-request directions
  (git-fixes).
- mtd: rawnand: marvell: add missing clk_disable_unprepare()
  on error in marvell_nfc_resume() (git-fixes).
- mtd: partitions: redboot: seek fis-index-block in the right node
  (git-fixes).
- commit a219c27
- usb: dwc3: Fix debugfs creation flow (git-fixes).
- xhci: solve a double free problem while doing s4 (git-fixes).
- usb: typec: Add the missed altmode_id_remove() in
  typec_register_altmode() (git-fixes).
- usb: dwc2: Don't reset the core after setting turnaround time
  (git-fixes).
- usb: typec: wcove: Fx wrong kernel doc format (git-fixes).
- tty: nozomi: Fix the error handling path of 'nozomi_card_init()'
  (git-fixes).
- tty: nozomi: Fix a resource leak in an error handling function
  (git-fixes).
- soundwire: stream: Fix test for DP prepare complete (git-fixes).
- visorbus: fix error return code in visorchipset_init()
  (git-fixes).
- commit e666eaf
- leds: ktd2692: Fix an error handling path (git-fixes).
- leds: as3645a: Fix error return code in as3645a_parse_node()
  (git-fixes).
- leds: lm3532: select regmap I2C API (git-fixes).
- ASoC: mediatek: mtk-btcvsd: Fix an error handling path in
  'mtk_btcvsd_snd_probe()' (git-fixes).
- ASoC: rsnd: tidyup loop on rsnd_adg_clk_query() (git-fixes).
- ASoC: atmel-i2s: Fix usage of capture and playback at the same
  time (git-fixes).
- ASoC: cs42l42: Correct definition of CS42L42_ADC_PDN_MASK
  (git-fixes).
- ALSA: usb-audio: scarlett2: Read mux at init time (git-fixes).
- ALSA: usb-audio: scarlett2: Read mixer volumes at init time
  (git-fixes).
- Revert "/ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro"/
  (git-fixes).
- commit ea3fb69
- ASoC: hisilicon: fix missing clk_disable_unprepare() on error
  in hi6210_i2s_startup() (git-fixes).
- mwifiex: re-fix for unaligned accesses (git-fixes).
- lib/decompressors: remove set but not used variabled 'level'
  (git-fixes).
- clk: si5341: Update initialization magic (git-fixes).
- clk: si5341: Avoid divide errors due to bogus register contents
  (git-fixes).
- clk: actions: Fix bisp_factor_table based clocks on Owl S500
  SoC (git-fixes).
- clk: actions: Fix SD clocks factor table on Owl S500 SoC
  (git-fixes).
- clk: actions: Fix UART clock dividers on Owl S500 SoC
  (git-fixes).
- clk: zynqmp: pll: Remove some dead code (git-fixes).
- clk: meson: g12a: fix gp0 and hifi ranges (git-fixes).
- commit b4df049
- clk: renesas: rcar-gen3: Update Z clock rate formula in comments
  (git-fixes).
- drm/msm/dpu: Fix error return code in dpu_mdss_init()
  (git-fixes).
- drm: qxl: ensure surf.data is ininitialized (git-fixes).
- drm/rockchip: dsi: remove extra component_del() call
  (git-fixes).
- drm/rockchip: dsi: move all lane config except LCDC mux to
  bind() (git-fixes).
- drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare()
  on error in cdn_dp_grf_write() (git-fixes).
- video: fbdev: imxfb: Fix an error message (git-fixes).
- ath10k: Fix an error code in ath10k_add_interface() (git-fixes).
- commit fc44520
- can: peak_pciefd: pucan_handle_status(): fix a potential
  starvation issue in TX path (git-fixes).
- can: gw: synchronize rcu operations before removing gw job entry
  (git-fixes).
- Bluetooth: Fix handling of HCI_LE_Advertising_Set_Terminated
  event (git-fixes).
- Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid
  (git-fixes).
- ath10k: remove unused more_frags variable (git-fixes).
- ath10k: add missing error return code in ath10k_pci_probe()
  (git-fixes).
- ath10k: go to path err_unsupported when chip id is not supported
  (git-fixes).
- brcmsmac: mac80211_if: Fix a resource leak in an error handling
  path (git-fixes).
- brcmfmac: correctly report average RSSI in station info
  (git-fixes).
- brcmfmac: fix setting of station info chains bitmask
  (git-fixes).
- commit d8b0fc2
- can: hi311x: hi3110_can_probe(): silence clang warning
  (git-fixes).
- drm/radeon: wait for moving fence after pinning (git-fixes).
- drm/nouveau: wait for moving fence after pinning v2 (git-fixes).
- cfg80211: call cfg80211_leave_ocb when switching away from OCB
  (git-fixes).
- dmaengine: mediatek: use GFP_NOWAIT instead of GFP_ATOMIC in
  prep_dma (git-fixes).
- dmaengine: mediatek: do not issue a new desc if one is still
  current (git-fixes).
- dmaengine: mediatek: free the proper desc in desc_free handler
  (git-fixes).
- dmaengine: rcar-dmac: Fix PM reference leak in rcar_dmac_probe()
  (git-fixes).
- dmaengine: zynqmp_dma: Fix PM reference leak in
  zynqmp_dma_alloc_chan_resourc() (git-fixes).
- commit 8be348d
- gve: Fix swapped vars when fetching max queues (git-fixes).
- mac80211: remove iwlwifi specific workaround NDPs of
  null_response (git-fixes).
- mac80211: remove iwlwifi specific workaround that broke sta
  NDP tx (git-fixes).
- mt76: fix possible NULL pointer dereference in mt76_tx
  (git-fixes).
- extcon: extcon-max8997: Fix IRQ freeing at error path
  (git-fixes).
- r8169: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).
- r8152: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).
- mac80211_hwsim: drop pending frames on stop (git-fixes).
- mac80211: remove warning in ieee80211_get_sband() (git-fixes).
- PCI: Add AMD RS690 quirk to enable 64-bit DMA (git-fixes).
- commit c400726
- wcn36xx: Move hal_buf allocation to devm_kmalloc in probe
  (git-fixes).
- wireless: carl9170: fix LEDS build errors & warnings
  (git-fixes).
- rsi: Assign beacon rate settings to the correct rate_info
  descriptor field (git-fixes).
- ssb: Fix error return code in ssb_bus_scan() (git-fixes).
- ACPI: property: Constify stubs for CONFIG_ACPI=n case
  (git-fixes).
- ACPI: APEI: fix synchronous external aborts in user-mode
  (git-fixes).
- ACPI: sysfs: Fix a buffer overrun problem with
  description_show() (git-fixes).
- cpufreq: sc520_freq: add 'fallthrough' to one case (git-fixes).
- ata: ahci_sunxi: Disable DIPM (git-fixes).
- commit 4b20cc3
- media: siano: Fix out-of-bounds warnings in
  smscore_load_firmware_family2() (git-fixes).
- media: s5p-g2d: Fix a memory leak on ctx->fh.m2m_ctx
  (git-fixes).
- media: rtl28xxu: fix zero-length control request (git-fixes).
- media: gspca/sunplus: fix zero-length control requests
  (git-fixes).
- media: gspca/gl860: fix zero-length control requests
  (git-fixes).
- media: gspca/sq905: fix control-request direction (git-fixes).
- media: dtv5100: fix control-request directions (git-fixes).
- hwmon: (max31790) Fix fan speed reporting for fan7..12
  (git-fixes).
- hwmon: (max31722) Remove non-standard ACPI device IDs
  (git-fixes).
- commit 655a2af
- media: zr364xx: fix memory leak in zr364xx_start_readpipe
  (git-fixes).
- media: tc358743: Fix error return code in tc358743_probe_of()
  (git-fixes).
- media: au0828: fix a NULL vs IS_ERR() check (git-fixes).
- media: exynos4-is: Fix a use after free in isp_video_release
  (git-fixes).
- media: dvb-usb: fix wrong definition (git-fixes).
- media: rc: i2c: Fix an error message (git-fixes).
- media: I2C: change 'RST' to "/RSET"/ to fix multiple build errors
  (git-fixes).
- mmc: sdhci-esdhc-imx: remove unused is_imx6q_usdhc (git-fixes).
- mmc: vub3000: fix control-request direction (git-fixes).
- mmc: usdhi6rol0: fix error return code in usdhi6_probe()
  (git-fixes).
- commit 0231cde
- spi: stm32-qspi: Remove unused qspi field of struct
  stm32_qspi_flash (git-fixes).
- spi: tegra114: Fix an error message (git-fixes).
- spi: spi-sun6i: Fix chipselect/clock bug (git-fixes).
- regulator: hi655x: Fix pass wrong pointer to config.driver_data
  (git-fixes).
- mmc: block: Disable CMDQ on the ioctl path (git-fixes).
- pinctrl: stm32: fix the reported number of GPIO lines per bank
  (git-fixes).
- i2c: robotfuzz-osif: fix control-request directions (git-fixes).
- i2c: dev: Add __user annotation (git-fixes).
- commit c37129c
- can: bcm: delay release of struct bcm_op after synchronize_rcu()
  (CVE-2021-3609 bsc#1187215).
- commit a57ee2f
- Input: joydev - prevent use of not validated data in
  JSIOCSBTNMAP ioctl (CVE-2021-3612 bsc#1187585).
- commit 64519f9
- blacklist.conf: Append 'drm/vc4: hdmi: Move the HSM clock enable to runtime_pm'
- commit 23b3543
- drm/vc4: hdmi: Make sure the controller is powered in detect (bsc#1152489)
  Backporting changes:
  * context changes
  * vc4_hdmi -> vc4->hdmi
- commit 84c924f
- drm/amdgpu: Don't query CE and UE errors (bsc#1152472)
  Backporting changes:
  * unsigned long -> uint32_t
- commit 1637ecb
- amdgpu: fix GEM obj leak in amdgpu_display_user_framebuffer_create (bsc#1152472)
  Backporting changes:
  * context changes
- commit f40c83c
- drm/msm: Small msm_gem_purge() fix (bsc#1152489)
  Backporting changes:
  * context changes
  * GEM_WARN_ON() -> WARN_ON()
- commit f02a5b9
- drm/radeon: Fix a missing check bug in radeon_dp_mst_detect() (bsc#1152489)
  Backporting changes:
  * context changes
- commit fee040e
- blacklist.conf: Append 'drm/vc4: hdmi: Restore cec physical address on reconnect'
- commit b32f423
- Update patch reference for patches.suse/module-limit-enabling-module.sig_enforce.patch
  (git-fixes, CVE-2021-35039, bsc#1188080).
- commit 8d3fd9b
- blacklist.conf: Append 'drm/vc4: crtc: Reduce PV fifo threshold on hvs4'
- commit 3780e05
- tpm, tpm_tis: Reserve locality in tpm_tis_resume()
  (bsc#1188036).
- tpm, tpm_tis: Extend locality handling to TPM2 in
  tpm_tis_gen_interrupt() (bsc#1188036).
- tpm, tpm_tis: Decorate tpm_tis_gen_interrupt() with
  request_locality() (bsc#1188036).
- tpm, tpm_tis: Decorate tpm_get_timeouts() with
  request_locality() (bsc#1188036).
- commit 2c323b1
- drm: bridge/panel: Cleanup connector on bridge detach (bsc#1152489)
  Backporting changes:
  * context changes
- commit b16ae28
- drm/mcde/panel: Inverse misunderstood flag (bsc#1152472)
  Backporting changes:
  * only panel-samsung-s6d16d0.c exists
- commit 83514d0
- drm/stm: Fix bus_flags handling (bsc#1152472)
- commit eaa7b7a
- usb: typec: tcpm: Move
  mod_delayed_work(&port->vdm_state_machine) call into
  tcpm_queue_vdm() (git-fixes).
- Refresh
  patches.suse/usb-typec-tcpm-Refactor-tcpm_handle_vdm_request-payl.patch.
- Refresh
  patches.suse/usb-typec-tcpm-Refactor-tcpm_handle_vdm_request.patch.
- commit 25ab009
- usb: typec: tcpm: Error handling for
  tcpm_register_partner_altmodes (git-fixes).
- commit d172a56
- usb: typec: tcpm: move to SNK_UNATTACHED if sink removed for
  DRP (git-fixes).
- commit 44e186b
- usb: typec: tcpm: set correct data role for non-DRD (git-fixes).
- commit d27b294
- usb: typec: tcpm: Remove tcpc_config configuration mechanism
  (git-fixes).
- commit 20564c3
- usb: typec: tcpm: Switch to use fwnode_property_count_uXX()
  (git-fixes).
- commit 69ab721
- usb: typec: tcpm: Refactor tcpm_handle_vdm_request (git-fixes).
- commit b4b2308
- usb: typec: tcpm: Refactor tcpm_handle_vdm_request payload
  handling (git-fixes).
- commit 9417ed4
- usb: typec: ucsi: Put fwnode in any case during ->probe()
  (git-fixes).
- commit ec4c8d0
- usb: typec: ucsi: Hold con->lock for the entire duration of
  ucsi_register_port() (git-fixes).
- commit 9f0dcac
- usb: typec: tcpm: update power supply once partner accepts
  (git-fixes).
- commit 54348d7
- docs: admin-guide: update description for kernel.hotplug sysctl
  (git-fixes).
- blacklist.conf: we do ship the kernel sources and the documentation.
  They may just as well be up to date.
- commit 7d1b971
- series.conf: cleanup
- update upstream references and resort:
  patches.suse/scsi-ibmvfc-Avoid-move-login-if-fast-fail-is-enabled.patch
  patches.suse/scsi-ibmvfc-Handle-move-login-failure.patch
  patches.suse/scsi-ibmvfc-Reinit-target-retries.patch
  patches.suse/scsi-lpfc-Add-a-option-to-enable-interlocked-ABTS-be.patch
  patches.suse/scsi-lpfc-Add-ndlp-kref-accounting-for-resume-RPI-pa.patch
  patches.suse/scsi-lpfc-Fix-Node-recovery-when-driver-is-handling-.patch
  patches.suse/scsi-lpfc-Fix-Unexpected-timeout-error-in-direct-att.patch
  patches.suse/scsi-lpfc-Fix-crash-when-lpfc_sli4_hba_setup-fails-t.patch
  patches.suse/scsi-lpfc-Fix-node-handling-for-Fabric-Controller-an.patch
  patches.suse/scsi-lpfc-Fix-non-optimized-ERSP-handling.patch
  patches.suse/scsi-lpfc-Fix-unreleased-RPIs-when-NPIV-ports-are-cr.patch
  patches.suse/scsi-lpfc-Ignore-GID-FT-response-that-may-be-receive.patch
  patches.suse/scsi-lpfc-Reregister-FPIN-types-if-ELS_RDF-is-receiv.patch
  patches.suse/scsi-lpfc-Update-lpfc-version-to-12.8.0.10.patch
  patches.suse/scsi-scsi_dh_alua-Retry-RTPG-on-a-different-path-aft.patch
- commit 9a3a833
- fix patch metadata
- fix Patch-mainline and move to "/almost mainline"/ section:
  patches.suse/qla2xxx-synchronize-rport-dev_loss_tmo-setting.patch
- commit 81935f9
- blacklist.conf: 1e886090cefe docs: admin-guide: update description for kernel.hotplug sysctl
- commit 1332420
- blacklist.conf: 89f5f8fb5bf4 EDAC/thunderx: Remove irrelevant variable from error messages
- commit 7c3f543
- blacklist.conf: d8778e393afa x86/fpu: Invalidate FPU state after a failed XRSTOR from a user buffer
- commit 07e7bbd
- x86/pkru: Write hardware init value to PKRU when xstate is init
  (bsc#1152489).
- commit 05b202a
- scsi: ufs: ufshcd-pltfrm depends on HAS_IOMEM (bsc#1187980).
- commit bc82289
- cgroup1: don't allow 'n' in renaming (bsc#1187972).
- commit 31d330a
- qla2xxx: synchronize rport dev_loss_tmo setting (bsc#1182470
  bsc#1185486).
- commit 8249f86
- x86/process: Check PF_KTHREAD and not current->mm for kernel
  threads (bsc#1152489).
- commit f14058e
- kernel-binary.spec: Remove obsolete and wrong comment
  mkmakefile is repleced by echo on newer kernel
- commit d9209e7
- ceph: must hold snap_rwsem when filling inode for async create
  (bsc#1187927).
- commit 288e232
- ibmvnic: Use strscpy() instead of strncpy() (bsc#1184114
  ltc#192237).
- ibmvnic: fix send_request_map incompatible argument (bsc#1184114
  ltc#192237).
- ibmvnic: fix kernel build warnings in build_hdr_descs_arr
  (bsc#1184114 ltc#192237).
- ibmvnic: fix kernel build warning (bsc#1184114 ltc#192237).
- ibmvnic: fix kernel build warning in strncpy (bsc#1184114
  ltc#192237).
- ibmvnic: Allow device probe if the device is not ready at boot
  (bsc#1184114 ltc#192237).
- ibmvnic: Use list_for_each_entry() to simplify code in ibmvnic.c
  (bsc#1184114 ltc#192237).
- commit 6f12df4
- series.conf: cleanup
- update upstream reference and resort:
  patches.suse/Revert-ibmvnic-simplify-reset_long_term_buff-functio.patch
- commit dc51831
- ibmvnic: account for bufs already saved in indir_buf
  (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290).
- ibmvnic: clean pending indirect buffs during reset
  (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290).
- commit 4925dab
- fix patch metadata
- fix upstream reference:
  patches.suse/bpfilter-Specify-the-log-level-for-the-kmsg-message.patch
- commit 4e6fe72
- ibmvnic: free tx_pool if tso_pool alloc fails (bsc#1085224
  ltc#164363).
- commit badd4e0
- ibmvnic: parenthesize a check (bsc#1184114 ltc#192237
  bsc#1183871 ltc#192139 git-fixes).
- ibmvnic: set ltb->buff to NULL after freeing (bsc#1094840
  ltc#167098).
- Revert "/ibmvnic: remove duplicate napi_schedule call in open
  function"/ (bsc#1065729).
- commit e5fa23c
- series.conf: cleanup
- update upstream references and resort:
  patches.suse/0001-ipmi-watchdog-Stop-watchdog-timer-when-the-current-a.patch
  patches.suse/block-return-the-correct-bvec-when-checking-for-gaps.patch
  patches.suse/ibmvnic-remove-default-label-from-to_string-switch.patch
  patches.suse/xfrm-policy-Read-seqcount-outside-of-rcu-read-side-i.patch
- commit fc2830a
- bpfilter: Specify the log level for the kmsg message
  (bsc#1155518).
- commit a6b5aff
- Blacklisted SCSI ufs core patch: way out of context.
- commit 33b89f4
- FCOE: fcoe_wwn_from_mac kABI fix (bsc#1187886).
- scsi: fcoe: Fix mismatched fcoe_wwn_from_mac declaration
  (bsc#1187886).
- commit bf3226e
- Blacklisted libsas new gfp variant patches
- commit 7d45a44
- scsi: core: Fix race between handling STS_RESOURCE and
  completion (bsc#1187883).
- Refresh
  patches.suse/scsi_dh_alua-return-BLK_STS_AGAIN-for-ALUA-transitio.patch.
- commit 1a66f28
- Blacklisted scsi commit that should be skipped.
- commit 6c0722b
- kthread: prevent deadlock when kthread_mod_delayed_work()
  races with kthread_cancel_delayed_work_sync() (bsc#1187867).
- commit 4323f85
- kthread_worker: split code for canceling the delayed work timer
  (bsc#1187867).
- commit f950430
- dax: fix ENOMEM handling in grab_mapping_entry() (bsc#1184212).
- commit fa16d18
- Revert "/ibmvnic: simplify reset_long_term_buff function"/
  (bsc#1186206 ltc#191041).
- commit ae5a395
- SCSI: ufs: fix ktime_t kabi change (bsc#1187795).
- scsi: ufs: Fix imprecise load calculation in devfreq window
  (bsc#1187795).
- commit 51e8b33
- Blacklisted commit already removed, to keep it away
- commit 2ac8cfe
- s390/stack: fix possible register corruption with stack switch
  helper (bsc#1185677).
- commit d57c991
- Revert "/video: imsttfb: fix potential NULL pointer dereferences"/ (bsc#1152489)
- commit cb44bac
- kernel: kexec_file: fix error return code of
  kexec_calculate_store_digests() (git-fixes).
- commit c886494
- blacklist.conf: Add amdgpu entries that have been reverted (git-fixes)
- commit 41610da
- mmc: meson-gx: use memcpy_to/fromio for dram-access-quirk
  (git-fixes).
- commit c1d2306
- Removed patch that was incorrectly added to SLE15-SP2 (bsc#1186949)
  This patch was suggested as a git-fix for SLE15-SP2, but the
  commits it fixes are not present there.
- commit fc1818c
- bnxt_en: Call bnxt_ethtool_free() in bnxt_init_one() error path
  (jsc#SLE-8371 bsc#1153274).
- bnxt_en: Fix TQM fastpath ring backing store computation
  (jsc#SLE-8371 bsc#1153274).
- bnxt_en: Rediscover PHY capabilities after firmware reset
  (jsc#SLE-8371 bsc#1153274).
- cxgb4: fix wrong shift (git-fixes).
- be2net: Fix an error handling path in 'be_probe()' (git-fixes).
- netxen_nic: Fix an error handling path in 'netxen_nic_probe()'
  (git-fixes).
- qlcnic: Fix an error handling path in 'qlcnic_probe()'
  (git-fixes).
- net/mlx5e: Block offload of outer header csum for UDP tunnels
  (git-fixes).
- net/mlx5: Consider RoCE cap before init RDMA resources
  (git-fixes).
- net/mlx5e: Fix page reclaim for dead peer hairpin (git-fixes).
- net/mlx5e: Remove dependency in IPsec initialization flows
  (git-fixes).
- ice: add ndo_bpf callback for safe mode netdev ops
  (jsc#SLE-7926).
- net/sched: act_ct: handle DNAT tuple collision (bsc#1154353).
- vrf: fix maximum MTU (git-fixes).
- net/mlx5: Fix PBMC register mapping (git-fixes).
- net/mlx5: Fix placement of log_max_flow_counter (git-fixes).
- net/mlx5: Fix sleep while atomic in mlx5_eswitch_get_vepa
  (git-fixes).
- commit 060a647
- PCI: aardvark: Fix kernel panic during PIO transfer (git-fixes).
- commit ce71c77
- PCI: aardvark: Don't rely on jiffies while holding spinlock
  (git-fixes).
- commit 1bd7ff7
- spi: spi-nxp-fspi: move the register operation after the clock
  enable (git-fixes).
- Revert "/PCI: PM: Do not read power state in
  pci_enable_device_flags()"/ (git-fixes).
- PCI: Add ACS quirk for Broadcom BCM57414 NIC (git-fixes).
- radeon: use memcpy_to/fromio for UVD fw upload (git-fixes).
- spi: stm32-qspi: Always wait BUSY bit to be cleared in
  stm32_qspi_wait_cmd() (git-fixes).
- regulator: bd70528: Fix off-by-one for buck123 .n_voltages
  setting (git-fixes).
- commit 8ac9ce3
- cfg80211: make certificate generation more robust (git-fixes).
- PCI: Work around Huawei Intelligent NIC VF FLR erratum
  (git-fixes).
- PCI: Mark some NVIDIA GPUs to avoid bus reset (git-fixes).
- PCI: Mark TI C667X to avoid bus reset (git-fixes).
- ASoC: rt5659: Fix the lost powers for the HDA header
  (git-fixes).
- hwmon: (scpi-hwmon) shows the negative temperature properly
  (git-fixes).
- commit ed194e5
- fix patches metadata
- fix Patch-mainline:
  patches.suse/NFS-Fix-a-potential-NULL-dereference-in-nfs_get_clie.patch
  patches.suse/NFS-Fix-use-after-free-in-nfs4_init_client.patch
  patches.suse/NFSv4-Fix-deadlock-between-nfs4_evict_inode-and-nfs4.patch
  patches.suse/SUNRPC-Handle-major-timeout-in-xprt_adjust_timeout.patch
- commit e5e0666
- series.conf: cleanup
- update upstream reference and resort:
  patches.suse/xfrm-policy-Read-seqcount-outside-of-rcu-read-side-i.patch
- commit cafffbc
- video: hgafb: correctly handle card detect failure during probe
  (git-fixes).
- commit 55f7ec7
- Bluetooth: use correct lock to prevent UAF of hdev object
  (git-fixes).
- video: hgafb: fix potential NULL pointer dereference
  (git-fixes).
- Revert "/video: hgafb: fix potential NULL pointer dereference"/
  (git-fixes).
- commit 83627e7
- module: limit enabling module.sig_enforce (git-fixes).
- commit 7f30f5d
- Bluetooth: use correct lock to prevent UAF of hdev object
  (bsc#1186666 CVE-2021-3573).
- commit 6781ea8
- blacklist.conf: Add unwanted commits
- commit 1da6dbc
- NFSv4: Fix deadlock between nfs4_evict_inode() and
  nfs4_opendata_get_inode() (git-fixes).
- NFS: Fix a potential NULL dereference in nfs_get_client()
  (git-fixes).
- NFS: Fix use-after-free in nfs4_init_client() (git-fixes).
- commit 3478e99
- lib: vdso: Remove CROSS_COMPILE_COMPAT_VDSO (bsc#1164648,jsc#SLE-11493).
  Reduce delta to mainline
  Refresh patches.suse/lib-vdso-Prepare-for-time-namespace-support.patch.
- commit 7b06299
- Update patch reference for net keys fix (CVE-2021-0605 bsc#1187601)
- commit 7bb3e99
- Update patch reference for HID security fix (CVE-2021-0512 bsc#1187595)
- commit 0506954
- bpf: Fix leakage under speculation on mispredicted branches
  (bsc#1187554,CVE-2021-33624).
- commit 7949a37
- patches.suse/0001-x86-sched-Treat-Intel-SNC-topology-as-default-COD-as.patch:
  (bsc#1187263).
- commit 349dc99
- tracing: Do no increment trace_clock_global() by one
  (git-fixes).
- commit 17da93e
- tracing: Do not stop recording comms if the trace file is
  being read (git-fixes).
- commit 7d357b1
- tracing: Do not stop recording cmdlines when tracing is off
  (git-fixes).
- commit 3306bfd
- HID: usbhid: Fix race between usbhid_close() and usbhid_stop()
  (git-fixes).
- commit c5019d9
- dt-bindings: reset: meson8b: fix duplicate reset IDs
  (git-fixes).
- commit cfc2db2
- usb: dwc3: core: fix kernel panic when do reboot (git-fixes).
- commit 35719e0
- usb: dwc3: core: fix kernel panic when do reboot (git-fixes).
- commit 9306e13
- SUNRPC: Handle major timeout in xprt_adjust_timeout()
  (git-fixes).
- commit 87fe1f5
- series.conf: cleanup
- update upstream references and move into sorted section:
  patches.suse/xfrm-policy-Read-seqcount-outside-of-rcu-read-side-i.patch
- commit 3bedaae
- usb: core: hub: Disable autosuspend for Cypress CY7C65632
  (git-fixes).
- net/x25: Return the correct errno code (git-fixes).
- HID: gt683r: add missing MODULE_DEVICE_TABLE (git-fixes).
- HID: usbhid: fix info leak in hid_submit_ctrl (git-fixes).
- HID: Add BUS_VIRTUAL to hid_connect logging (git-fixes).
- commit be65fa1
- cfg80211: avoid double free of PMSR request (git-fixes).
- can: mcba_usb: fix memory leak in mcba_usb (git-fixes).
- alx: Fix an error handling path in 'alx_probe()' (git-fixes).
- batman-adv: Avoid WARN_ON timing related checks (git-fixes).
- drm/tegra: sor: Do not leak runtime PM reference (git-fixes).
- drm/amd/display: Allow bandwidth validation for 0 streams
  (git-fixes).
- HID: hid-sensor-hub: Return error for hid_set_field() failure
  (git-fixes).
- HID: hid-input: add mapping for emoji picker key (git-fixes).
- HID: quirks: Set INCREMENT_USAGE_ON_DUPLICATE for Saitek X65
  (git-fixes).
- commit c7889a3
- can: bcm: fix infoleak in struct bcm_msg_head (CVE-2021-34693
  bsc#1187452).
- commit 02583ee
- net: mvpp2: add mvpp2_phylink_to_port() helper (bsc#1187171).
- commit 9bd57ed
- blacklist.conf: the driver has not been converted to new error codes
- commit 5e49259
- UsrMerge the kernel (boo#1184804)
- Move files in /boot to modules dir
  The file names in /boot are included as %ghost links. The %post script
  creates symlinks for the kernel, sysctl.conf and System.map in
  /boot for compatibility. Some tools require adjustments before we
  can drop those links. If boot is a separate partition, a copy is
  used instead of a link.
  The logic for /boot/vmlinuz and /boot/initrd doesn't change with
  this patch.
- Use /usr/lib/modules as module dir when usermerge is active in the
  target distro.
- commit 6f5ed04
- usb: gadget: eem: fix wrong eem header operation (git-fixes).
- commit 88ac26b
- usb: fix various gadget panics on 10gbps cabling (git-fixes).
- commit 43c2b75
- usb: f_ncm: only first packet of aggregate needs to start timer
  (git-fixes).
- commit 6960da4
- usb: gadget: f_fs: Ensure io_completion_wq is idle during unbind
  (git-fixes).
- commit 4b0a18c
- USB: serial: ftdi_sio: add NovaTech OrionMX product ID
  (git-fixes).
- commit a61b441
- USB: serial: omninet: add device id for Zyxel Omni 56K Plus
  (git-fixes).
- commit f1cf5e2
- usb: dwc3: ep0: fix NULL pointer exception (git-fixes).
- usb: gadget: eem: fix wrong eem header operation (git-fixes).
- usb: fix various gadget panics on 10gbps cabling (git-fixes).
- usb: f_ncm: only first packet of aggregate needs to start timer
  (git-fixes).
- USB: serial: ftdi_sio: add NovaTech OrionMX product ID
  (git-fixes).
- commit 6edf7f4
- USB: serial: omninet: add device id for Zyxel Omni 56K Plus
  (git-fixes).
- usb: gadget: f_fs: Ensure io_completion_wq is idle during unbind
  (git-fixes).
- drm: Lock pointer access in drm_master_release() (git-fixes).
- isdn: mISDN: netjet: Fix crash in nj_probe: (git-fixes).
- net/nfc/rawsock.c: fix a permission check bug (git-fixes).
- spi: sprd: Add missing MODULE_DEVICE_TABLE (git-fixes).
- i2c: mpc: Make use of i2c_recover_bus() (git-fixes).
- commit 623c00b
- dmaengine: stedma40: add missing iounmap() on error in
  d40_probe() (git-fixes).
- dmaengine: QCOM_HIDMA_MGMT depends on HAS_IOMEM (git-fixes).
- dmaengine: ALTERA_MSGDMA depends on HAS_IOMEM (git-fixes).
- dmaengine: pl330: fix wrong usage of spinlock flags in dma_cyclc
  (git-fixes).
- drm: Fix use-after-free read in drm_getunique() (git-fixes).
- ASoC: sti-sas: add missing MODULE_DEVICE_TABLE (git-fixes).
- ASoC: Intel: bytcr_rt5640: Add quirk for the Lenovo Miix 3-830
  tablet (git-fixes).
- ASoC: Intel: bytcr_rt5640: Add quirk for the Glavey TM800A550L
  tablet (git-fixes).
- ASoC: max98088: fix ni clock divider calculation (git-fixes).
- commit 2b181d0
- media: mtk-mdp: Fix a refcounting bug on error in init
  (git-fixes).
- commit 1d82c71
- media: mtk-mdp: Check return value of of_clk_get (git-fixes).
- commit f37fbe9
- media: s5p-g2d: Fix a memory leak in an error handling path in
  'g2d_probe()' (git-fixes).
- commit 08513d7
- usb: dwc3: debugfs: Add and remove endpoint dirs dynamically
  (git-fixes).
- commit 08559a5
- dax: Add a wakeup mode parameter to put_unlocked_entry()
  (bsc#1187411).
- commit 31da646
- dax: Add an enum for specifying dax wakup mode (bsc#1187411).
- commit 1d4c2a3
- tracing: Correct the length check which causes memory corruption
  (git-fixes).
- commit 0072a4b
- tracing: Restructure trace_clock_global() to never block
  (git-fixes).
- commit 6d6d42d
- ftrace: Free the trampoline when ftrace_startup() fails
  (git-fixes).
- commit 533e192
- blacklist.conf: 75d3e7f4769d ("/s390/test_unwind: fix possible memleak in test_unwind()"/)
  We build test_unwind kernel module out of tree.
- commit abf9977
- ftrace: Do not blindly read the ip address in ftrace_bug()
  (git-fixes).
- commit 31cd567
- Revert "/ecryptfs: replace BUG_ON with error handling code"/
  (bsc#1187413).
- commit 7387ee5
- ocfs2: fix data corruption by fallocate (bsc#1187412).
- commit 684ec92
- dax: Wake up all waiters after invalidating dax entry
  (bsc#1187411).
- commit 42391aa
- fs: fix reporting supported extra file attributes for statx()
  (bsc#1187410).
- commit 36f6f1f
- ext4: fix memory leak in ext4_fill_super (bsc#1187409).
- commit d8152b1
- ext4: fix bug on in ext4_es_cache_extent as ext4_split_extent_at
  failed (bsc#1187408).
- commit 41eb311
- ext4: fix error code in ext4_commit_super (bsc#1187407).
- commit 350d1b1
- ext4: fix check to prevent false positive report of incorrect
  used inodes (bsc#1187404).
- commit 57c9a0a
- kyber: fix out of bounds access when preempted (bsc#1187403).
- commit 491df1f
- block: Discard page cache of zone reset target range
  (bsc#1187402).
- commit 74c08d5
- kernel-binary.spec.in: Regenerate makefile when not using mkmakefile.
- commit 6b30fe5
- xfrm: policy: Read seqcount outside of rcu-read side in xfrm_policy_lookup_bytype (bsc#1185675).
- commit 96f285d
- Updated patch-mainline tags.
  Also moved the affected patches into the sorted section.
  Change in patch order moved devm_rpi_firmware_put but it aligns with
  mainline.
- commit 000116c
- fuse: BUG_ON correction in fuse_dev_splice_write()
  (bsc#1187356).
- commit d2e5d40
- sched/debug: Fix cgroup_path[] serialization (git-fixes)
- commit 24c7edf
- blacklist.conf: We don't support uclamp
- commit 0b70e65
- blacklist.conf: We have CONFIG_JUMP_LABEL
- commit 093a643
- series.conf: cleanup
- update upstream references and move into sorted section:
  patches.suse/mac80211-add-fragment-cache-to-sta_info.patch
  patches.suse/mac80211-assure-all-fragments-are-encrypted.patch
  patches.suse/mac80211-check-defrag-PN-against-current-frame.patch
  patches.suse/mac80211-do-not-accept-forward-invalid-EAPOL-frames.patch
  patches.suse/mac80211-drop-A-MSDUs-on-old-ciphers.patch
  patches.suse/mac80211-extend-protection-against-mixed-key-and-fra.patch
  patches.suse/mac80211-prevent-attacks-on-TKIP-WEP-as-well.patch
  patches.suse/mac80211-prevent-mixed-key-and-fragment-cache-attack.patch
  patches.suse/mac80211-properly-handle-A-MSDUs-that-start-with-an-.patch
  No effect on expanded tree.
- commit 9fdca2b
- series.conf: cleanup
  Move a SUSE specific patch ("/Patch-mainline: Never..."/) to corresponding
  per-subsystem section.
- commit 811dc9a
- fix patch metadata
- fix Patch-mainline:
  patches.suse/RDMA-ucma-Rework-ucma_migrate_id-to-avoid-races-with.patch
- commit c80eef0
- series.conf: cleanup
  Move a queued patch to "/almost mainline"/ section.
- commit a847492
- blacklist: add commit 4f06dd92b5d0 ("/fuse: fix write deadlock"/)
  This is an ancient bug (from v2.6.26) which require extra backports.  Not
  worth the risk introducing new regressions.
- commit f0ede60
- rpm/kernel-binary.spec.in: Fix handling of +arch marker (bsc#1186672)
  The previous commit made a module wrongly into Module.optional.
  Although it didn't influence on the end result, better to fix it.
  Also, add a comment to explain the markers briefly.
- commit 8f79742
- block: return the correct bvec when checking for gaps
  (bsc#1187144).
- commit 22678f9
- Update patches.suse/scsi-qla2xxx-Reserve-extra-IRQ-vectors.patch
  (bsc#1184436 bsc#1186286).
- commit 3b95648
- sched/fair: Make sure to update tg contrib for blocked load (git-fixes)
- commit 9eeb58b
- sched/fair: Keep load_avg and load_sum synced (git-fixes)
- commit 8888330
- USB: serial: cp210x: fix alternate function for CP2102N QFN20
  (git-fixes).
- usb: typec: mux: Fix copy-paste mistake in typec_mux_match
  (git-fixes).
- usb: typec: ucsi: Clear PPM capability data in ucsi_init()
  error path (git-fixes).
- usb: typec: wcove: Use LE to CPU conversion when accessing
  msg->header (git-fixes).
- usb: fix various gadgets null ptr deref on 10gbps cabling
  (git-fixes).
- USB: f_ncm: ncm_bitrate (speed) is unsigned (git-fixes).
- USB: serial: quatech2: fix control-request directions
  (git-fixes).
- usb: pd: Set PD_T_SINK_WAIT_CAP to 310ms (git-fixes).
- usb: musb: fix MUSB_QUIRK_B_DISCONNECT_99 handling (git-fixes).
- staging: rtl8723bs: Fix uninitialized variables (git-fixes).
- commit b524f7e
- Add arch-dependent support markers in supported.conf (bsc#1186672)
  We may need to put some modules as supported only on specific archs.
  This extends the supported.conf syntax to allow to put +arch additionally
  after the unsupported marker, then it'll be conditionally supported on
  that arch.
- commit 8cbdb41
- Create Symbols.list and ipa-clones.list determistically
  without this patch, filesystem readdir order would influence
  order of entries in these files.
  This patch was done while working on reproducible builds for SLE.
- commit a898b6d
- RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy (bsc#1187050, CVE-2020-36385)
- commit d630126
- Update
  patches.suse/Bluetooth-SMP-Fail-if-remote-and-local-public-keys-a.patch
  (bsc#1186463 CVE-2021-0129 CVE-2020-26558).
- commit 3b40194
- Bluetooth: fix the erroneous flush_work() order (git-fixes).
- ALSA: timer: Fix master timer notification (git-fixes).
- ALSA: hda: Fix for mute key LED for HP Pavilion 15-CK0xx
  (git-fixes).
- drm/amdgpu: make sure we unpin the UVD BO (git-fixes).
- vfio/platform: fix module_put call in error flow (git-fixes).
- vfio/pci: zap_vma_ptes() needs MMU (git-fixes).
- vfio/pci: Fix error return code in vfio_ecap_init() (git-fixes).
- HID: multitouch: require Finger field to mark Win8 reports as MT
  (git-fixes).
- commit 64bd478
- scsi: scsi_dh_alua: Retry RTPG on a different path after failure
  (bsc#1174978 bsc#1185701).
- commit 36cc9f2
- kernel-binary.spec.in: Add Supplements: for -extra package on Leap
  kernel-$flavor-extra should supplement kernel-$flavor on Leap, like
  it does on SLED, and like the kernel-$flavor-optional package does.
- commit c60d87f
- perf/x86/intel/uncore: Remove uncore extra PCI dev
  HSWEP_PCI_PCU_3 (bsc#1184685).
- commit 1c4876a
- block: return the correct bvec when checking for gaps
  (bsc#1187143).
- commit 1a99a11
- series: Resort and update metadata
  Resort series.conf and update meta data:
  patches.suse/scsi-lpfc-Add-a-option-to-enable-interlocked-ABTS-be.patch
  patches.suse/scsi-lpfc-Add-ndlp-kref-accounting-for-resume-RPI-pa.patch
  patches.suse/scsi-lpfc-Fix-Node-recovery-when-driver-is-handling-.patch
  patches.suse/scsi-lpfc-Fix-Unexpected-timeout-error-in-direct-att.patch
  patches.suse/scsi-lpfc-Fix-crash-when-lpfc_sli4_hba_setup-fails-t.patch
  patches.suse/scsi-lpfc-Fix-node-handling-for-Fabric-Controller-an.patch
  patches.suse/scsi-lpfc-Fix-non-optimized-ERSP-handling.patch
  patches.suse/scsi-lpfc-Fix-unreleased-RPIs-when-NPIV-ports-are-cr.patch
  patches.suse/scsi-lpfc-Ignore-GID-FT-response-that-may-be-receive.patch
  patches.suse/scsi-lpfc-Reregister-FPIN-types-if-ELS_RDF-is-receiv.patch
  patches.suse/scsi-lpfc-Update-lpfc-version-to-12.8.0.10.patch
- commit f894385
- cxgb4: avoid link re-train during TC-MQPRIO configuration
  (jsc#SLE-8389).
- ice: Allow all LLDP packets from PF to Tx (jsc#SLE-7926).
- ice: Fix VFR issues for AVF drivers that expect ATQLEN cleared
  (git-fixes).
- net/mlx5: DR, Create multi-destination flow table with level
  less than 64 (jsc#SLE-8464).
- ixgbe: fix large MTU request from VF (git-fixes).
- cxgb4: avoid accessing registers when clearing filters
  (git-fixes).
- net/mlx5e: Fix multipath lag activation (git-fixes).
- net/mlx5e: Fix nullptr in add_vlan_push_action() (git-fixes).
- net: hns3: put off calling register_netdev() until client
  initialize complete (bsc#1154353).
- gve: Correct SKB queue index validation (git-fixes).
- gve: Upgrade memory barrier in poll routine (git-fixes).
- gve: Add NULL pointer checks when freeing irqs (git-fixes).
- gve: Update mgmt_msix_idx if num_ntfy changes (git-fixes).
- net: bnx2: Fix error return code in bnx2_init_board()
  (git-fixes).
- net/mlx4: Fix EEPROM dump support (git-fixes).
- Revert "/net: liquidio: fix a NULL pointer dereference"/
  (git-fixes).
- Revert "/qlcnic: Avoid potential NULL pointer dereference"/
  (git-fixes).
- net: hns3: Limiting the scope of vector_ring_chain variable
  (git-fixes).
- commit 4451268
- btrfs: open device without device_list_mutex  (bsc#1176771).
- commit c922550
- vmlinux.lds.h: Avoid orphan section with !SMP (git-fixes).
- commit 50e12e5
- regulator: max77620: Use device_set_of_node_from_dev()
  (git-fixes).
- regulator: core: resolve supply for boot-on/always-on regulators
  (git-fixes).
- commit a6466ca
- scsi: libsas: Reset num_scatter if libata marks qc as NODATA
  (bsc#1187068).
- scsi: be2iscsi: Revert "/Fix a theoretical leak in
  beiscsi_create_eqs()"/ (bsc#1187067).
- scsi: ufs: Make ufshcd_print_trs() consider
  UFSHCD_QUIRK_PRDT_BYTE_GRAN (bsc#1187069).
- scsi: aacraid: Fix an oops in error handling (bsc#1187072).
- commit a34cc53
- Update patch reference for a BT fix (CVE-2020-36386 bsc#1187038)
- commit 673eac4
- locking/mutex: clear MUTEX_FLAGS if wait_list is empty due to
  signal (git-fixes).
- commit 12081a6
- scsi: ufs: core: Narrow down fast path in system suspend path
  (bsc#1186996).
- scsi: sni_53c710: Add IRQ check (bsc#1186990).
- scsi: sun3x_esp: Add IRQ check (bsc#1186991).
- scsi: jazz_esp: Add IRQ check (bsc#1186965).
- scsi: hisi_sas: Fix IRQ checks (bsc#1186963).
- scsi: ufs: ufshcd-pltfrm: Fix deferred probing (bsc#1187003).
- scsi: mpt3sas: Fix error return code of mpt3sas_base_attach()
  (bsc#1186978).
- scsi: qedi: Fix error return code of qedi_alloc_global_queues()
  (bsc#1186984).
- scsi: mpt3sas: Do not use GFP_KERNEL in atomic context
  (bsc#1186977).
- scsi: myrs: Fix a double free in myrs_cleanup() (bsc#1186980).
- scsi: sd: Fix Opal support (bsc#1186989).
- scsi: bnx2fc: Fix Kconfig warning & CNIC build errors
  (bsc#1186955).
- scsi: lpfc: Fix ancient double free (bsc#1186969).
- scsi: megaraid_sas: Fix MEGASAS_IOC_FIRMWARE regression
  (bsc#1186973).
- scsi: cxgb4i: Fix TLS dependency (bsc#1186960).
- scsi: fnic: Fix error return code in fnic_probe() (bsc#1186962).
- scsi: pm80xx: Fix error return in pm8001_pci_probe()
  (bsc#1186981).
- scsi: qedi: Fix missing destroy_workqueue() on error in
  __qedi_probe (bsc#1186985).
- scsi: qla4xxx: Remove in_interrupt() (bsc#1186987).
- scsi: hisi_sas: Remove preemptible() (bsc#1186964).
- scsi: megaraid_sas: Check user-provided offsets (bsc#1186970).
- scsi: libfc: Fix enum-conversion warning (bsc#1186966).
- scsi: bnx2i: Requires MMU (bsc#1186956).
- scsi: mpt3sas: Fix ioctl timeout (bsc#1186979).
- scsi: ufs: Fix race between shutdown and runtime resume flow
  (bsc#1186998).
- scsi: bfa: Fix error return in bfad_pci_init() (bsc#1186954).
- scsi: be2iscsi: Fix a theoretical leak in beiscsi_create_eqs()
  (bsc#1186953).
- scsi: aacraid: Remove erroneous fallthrough annotation
  (bsc#1186950).
- scsi: csiostor: Fix wrong return value in csio_hw_prep_fw()
  (bsc#1186957).
- scsi: qla4xxx: Fix an error handling path in
  'qla4xxx_get_host_stats()' (bsc#1186986).
- scsi: ufs: Properly release resources if a task is aborted
  successfully (bsc#1187001).
- scsi: libsas: Fix error path in sas_notify_lldd_dev_found()
  (bsc#1186967).
- scsi: megaraid_sas: Don't call disable_irq from process IRQ poll
  (bsc#1186972).
- scsi: libsas: Set data_dir as DMA_NONE if libata marks qc as
  NODATA (bsc#1186968).
- scsi: mesh: Fix panic after host or bus reset (bsc#1186976).
- scsi: megaraid_sas: Clear affinity hint (bsc#1186971).
- scsi: scsi_debug: Add check for sdebug_max_queue during module
  init (bsc#1186988).
- scsi: eesox: Fix different dev_id between request_irq() and
  free_irq() (bsc#1186961).
- scsi: powertec: Fix different dev_id between request_irq()
  and free_irq() (bsc#1186982).
- scsi: cumana_2: Fix different dev_id between request_irq()
  and free_irq() (bsc#1186958).
- scsi: ufs: Add quirk to fix abnormal ocs fatal error
  (bsc#1186994).
- scsi: ufs: Introduce UFSHCD_QUIRK_PRDT_BYTE_GRAN quirk
  (bsc#1187000).
- scsi: ufs: Add quirk to enable host controller without hce
  (bsc#1186993).
- scsi: ufs: Add quirk to disallow reset of interrupt aggregation
  (bsc#1186992).
- scsi: ufs: Add quirk to fix mishandling utrlclr/utmrlclr
  (bsc#1186995).
- scsi: megaraid_sas: Remove undefined ENABLE_IRQ_POLL macro
  (bsc#1186974).
- scsi: acornscsi: Fix an error handling path in acornscsi_probe()
  (bsc#1186952).
- scsi: ufs: Don't update urgent bkops level when toggling auto
  bkops (bsc#1186997).
- scsi: cxgb3i: Fix some leaks in init_act_open() (bsc#1186959).
- scsi: ufs-qcom: Fix scheduling while atomic issue (bsc#1187002).
- scsi: aacraid: Use memdup_user() as a cleanup (bsc#1186951).
- scsi: qedi: Check for buffer overflow in qedi_set_path()
  (bsc#1186983).
- Revert "/scsi: core: run queue if SCSI device queue isn't ready
  and queue is idle"/ (bsc#1186949).
- scsi: ufshcd: use an enum for quirks (bsc#1186999).
- commit 063da01
- scsi: lpfc: Fix failure to transmit ABTS on FC link (git-fixes).
- scsi: qla2xxx: Prevent PRLI in target mode (git-fixes).
- commit df14b8a
- blacklist: Add not necessary git-fixes
- commit 203b357
- wireguard: allowedips: initialize list head in selftest
  (git-fixes).
- wireguard: peer: allocate in kmem_cache (git-fixes).
- wireguard: use synchronize_net rather than synchronize_rcu
  (git-fixes).
- wireguard: do not use -O3 (git-fixes).
- wireguard: selftests: make sure rp_filter is disabled on vethc
  (git-fixes).
- wireguard: selftests: remove old conntrack kconfig value
  (git-fixes).
- wireguard: queueing: get rid of per-peer ring buffers
  (git-fixes).
- wireguard: peer: put frequently used members above cache lines
  (git-fixes).
- commit f17f786
- pid: take a reference when initializing `cad_pid` (bsc#1152489).
- commit 7fbca02
- x86/apic: Mark _all_ legacy interrupts when IO/APIC is missing
  (bsc#1152489).
- commit 76a898b
- NFC: SUSE specific brutal fix for runtime PM (bsc#1185589).
- commit c32c592
- x86/fault: Don't send SIGSEGV twice on SEGV_PKUERR
  (bsc#1152489).
- commit e986350
- config: refresh
- drop PCIE_BW (removed by a backported patch)
- commit 8a54d2d
- fix patches metadata
- fix Patch-mainline:
  patches.suse/NFS-Deal-correctly-with-attribute-generation-counter.patch
  patches.suse/NFS-Don-t-corrupt-the-value-of-pg_bytes_written-in-n.patch
  patches.suse/NFS-Don-t-discard-pNFS-layout-segments-that-are-mark.patch
  patches.suse/NFS-Don-t-gratuitously-clear-the-inode-cache-when-lo.patch
  patches.suse/NFS-Don-t-revalidate-the-directory-permissions-on-a-.patch
  patches.suse/NFS-Fix-an-Oopsable-condition-in-__nfs_pageio_add_re.patch
  patches.suse/NFS-fix-an-incorrect-limit-in-filelayout_decode_layo.patch
  patches.suse/NFSD-Repair-misuse-of-sv_lock-in-5.10.16-rt30.patch
  patches.suse/NFSv4-Don-t-discard-segments-marked-for-return-in-_p.patch
  patches.suse/NFSv4-Fix-a-NULL-pointer-dereference-in-pnfs_mark_ma.patch
  patches.suse/NFSv4-Fix-v4.0-v4.1-SEEK_DATA-return-ENOTSUPP-when-s.patch
  patches.suse/NFSv4.2-Always-flush-out-writes-in-nfs42_proc_falloc.patch
  patches.suse/NFSv4.2-fix-handling-of-sr_eof-in-SEEK-s-reply.patch
  patches.suse/NFSv4.2-fix-return-value-of-_nfs4_get_security_label.patch
  patches.suse/NFSv42-Copy-offload-should-update-the-file-size-when.patch
  patches.suse/SUNRPC-Move-fault-injection-call-sites.patch
  patches.suse/SUNRPC-Set-memalloc_nofs_save-for-sync-tasks.patch
  patches.suse/fs-nfs-Use-fatal_signal_pending-instead-of-signal_pe.patch
  patches.suse/md-Fix-missing-unused-status-line-of-proc-mdstat.patch
  patches.suse/nfsd-register-pernet-ops-last-unregister-first.patch
  patches.suse/pNFS-NFSv4-Fix-a-layout-segment-leak-in-pnfs_layout_.patch
  patches.suse/pNFS-flexfiles-fix-incorrect-size-check-in-decode_nf.patch
  patches.suse/sunrpc-fix-refcount-leak-for-rpc-auth-modules.patch
  patches.suse/svcrdma-disable-timeouts-on-rdma-backchannel.patch
  patches.suse/x86-fix-seq_file-iteration-for-pat-memtype.c.patch
  patches.suse/xprtrdma-Avoid-Receive-Queue-wrapping.patch
  patches.suse/xprtrdma-rpcrdma_mr_pop-already-does-list_del_init.patch
- commit 08c81db
- fix patch metadata
- fix Patch-mainline:
  patches.suse/pm-sleep-add-pm_debug_messages-kernel-command-line-option.patch
- commit 9d4ad2b
- kABI workaround for struct lis3lv02d change (git-fixes).
- commit b20df4c
- bus: ti-sysc: Fix flakey idling of uarts and stop using
  swsup_sidle_act (git-fixes).
- i2c: qcom-geni: Suspend and resume the bus during
  SYSTEM_SLEEP_PM ops (git-fixes).
- nfc: fix NULL ptr dereference in llcp_sock_getname() after
  failed connect (git-fixes).
- ALSA: hda/cirrus: Set Initial DMIC volume to -26 dB (git-fixes).
- commit 957e0af
- thermal/drivers/intel: Initialize RW trip to
  THERMAL_TEMP_INVALID (git-fixes).
- serial: rp2: use 'request_firmware' instead of
  'request_firmware_nowait' (git-fixes).
- USB: serial: pl2303: add device id for ADLINK ND-6530 GC
  (git-fixes).
- USB: serial: ti_usb_3410_5052: add startech.com device id
  (git-fixes).
- USB: serial: option: add Telit LE910-S1 compositions 0x7010,
  0x7011 (git-fixes).
- USB: serial: ftdi_sio: add IDs for IDS GmbH Products
  (git-fixes).
- USB: usbfs: Don't WARN about excessively large memory
  allocations (git-fixes).
- serial: max310x: unregister uart driver in case of failure
  and abort (git-fixes).
- Revert "/serial: max310x: pass return value of
  spi_register_driver"/ (git-fixes).
- usb: core: reduce power-on-good delay time of root hub
  (git-fixes).
- commit 5cd70a0
- mei: request autosuspend after sending rx flow control
  (git-fixes).
- platform/x86: touchscreen_dmi: Add info for the Mediacom Winpad
  7.0 W700 tablet (git-fixes).
- platform/x86: intel_punit_ipc: Append MODULE_DEVICE_TABLE for
  ACPI (git-fixes).
- platform/x86: hp-wireless: add AMD's hardware id to the
  supported list (git-fixes).
- platform/x86: hp_accel: Avoid invoking _INI to speed up resume
  (git-fixes).
- media: gspca: properly check for errors in po1030_probe()
  (git-fixes).
- Revert "/media: gspca: Check the return value of write_bridge
  for timeout"/ (git-fixes).
- media: gspca: mt9m111: Check write_bridge for timeout
  (git-fixes).
- Revert "/media: gspca: mt9m111: Check write_bridge for timeout"/
  (git-fixes).
- media: dvb: Add check on sp8870_readreg return (git-fixes).
- commit c7b5e47
- gpio: cadence: Add missing MODULE_DEVICE_TABLE (git-fixes).
- Revert "/media: dvb: Add check on sp8870_readreg"/ (git-fixes).
- libertas: register sysfs groups properly (git-fixes).
- Revert "/libertas: add checks for the return value of
  sysfs_create_group"/ (git-fixes).
- isdn: mISDN: correctly handle ph_info allocation failure in
  hfcsusb_ph_info (git-fixes).
- Revert "/isdn: mISDN: Fix potential NULL pointer dereference
  of kzalloc"/ (git-fixes).
- isdn: mISDNinfineon: check/cleanup ioremap failure correctly
  in setup_io (git-fixes).
- Revert "/isdn: mISDNinfineon: fix potential NULL pointer
  dereference"/ (git-fixes).
- Revert "/media: usb: gspca: add a missed check for
  goto_low_power"/ (git-fixes).
- commit 337d971
- cfg80211: mitigate A-MSDU aggregation attacks (CVE-2020-24588
  bsc#1185861).
- drm/amd/amdgpu: fix a potential deadlock in gpu reset
  (git-fixes).
- drm/amdgpu: Fix a use-after-free (git-fixes).
- drm/amd/amdgpu: fix refcount leak (git-fixes).
- drm/amd/display: Disconnect non-DP with no EDID (git-fixes).
- dmaengine: qcom_hidma: comment platform_driver_register call
  (git-fixes).
- Revert "/dmaengine: qcom_hidma: Check for driver register
  failure"/ (git-fixes).
- char: hpet: add checks after calling ioremap (git-fixes).
- Revert "/char: hpet: fix a missing check of ioremap"/ (git-fixes).
- commit 17141be
- efi: cper: fix snprintf() use in cper_dimm_err_location()
  (git-fixes).
- efi: Allow EFI_MEMORY_XP and EFI_MEMORY_RO both to be cleared
  (git-fixes).
- ACPICA: Clean up context mutex during object deletion
  (git-fixes).
- hwmon: (dell-smm-hwmon) Fix index values (git-fixes).
- brcmfmac: properly check for bus register errors (git-fixes).
- Revert "/brcmfmac: add a check for the status of usb_register"/
  (git-fixes).
- ath6kl: return error code in ath6kl_wmi_set_roam_lrssi_cmd()
  (git-fixes).
- Revert "/ath6kl: return error code in
  ath6kl_wmi_set_roam_lrssi_cmd()"/ (git-fixes).
- commit d3cc1eb
- Revert "/char: hpet: fix a missing check of ioremap"/ (git-fixes).
- ttyprintk: Add TTY hangup callback (git-fixes).
- commit dac98b4
- kernel-binary.spec.in: build-id check requires elfutils.
- commit 01569b3
- NFSv4: Fix a NULL pointer dereference in
  pnfs_mark_matching_lsegs_return() (git-fixes).
- commit 33829e2
- NFSv4: Fix v4.0/v4.1 SEEK_DATA return -ENOTSUPP when set
  NFS_V4_2 config (git-fixes).
- NFS: Don't corrupt the value of pg_bytes_written in
  nfs_do_recoalesce() (git-fixes).
- NFS: Fix an Oopsable condition in __nfs_pageio_add_request()
  (git-fixes).
- NFS: fix an incorrect limit in filelayout_decode_layout()
  (git-fixes).
- fs/nfs: Use fatal_signal_pending instead of signal_pending
  (git-fixes).
- xprtrdma: rpcrdma_mr_pop() already does list_del_init()
  (git-fixes).
- xprtrdma: Avoid Receive Queue wrapping (git-fixes).
- NFSv4: Don't discard segments marked for return in
  _pnfs_return_layout() (git-fixes).
- NFS: Don't discard pNFS layout segments that are marked for
  return (git-fixes).
- NFSv42: Copy offload should update the file size when
  appropriate (git-fixes).
- SUNRPC: Move fault injection call sites (git-fixes).
- NFSv4.2 fix handling of sr_eof in SEEK's reply (git-fixes).
- pNFS/flexfiles: fix incorrect size check in decode_nfs_fh()
  (git-fixes).
- NFS: Deal correctly with attribute generation counter overflow
  (git-fixes).
- NFSv4.2: Always flush out writes in nfs42_proc_fallocate()
  (git-fixes).
- md: Fix missing unused status line of /proc/mdstat (git-fixes).
- sunrpc: fix refcount leak for rpc auth modules (git-fixes).
- NFSD: Repair misuse of sv_lock in 5.10.16-rt30 (git-fixes).
- svcrdma: disable timeouts on rdma backchannel (git-fixes).
- NFSv4.2: fix return value of _nfs4_get_security_label()
  (git-fixes).
- NFS: Don't gratuitously clear the inode cache when lookup failed
  (git-fixes).
- NFS: Don't revalidate the directory permissions on a lookup
  failure (git-fixes).
- SUNRPC: Set memalloc_nofs_save() for sync tasks (git-fixes).
- x86: fix seq_file iteration for pat.c (git-fixes).
- nfsd: register pernet ops last, unregister first (git-fixes).
- net: fix iteration for sctp transport seq_files (git-fixes).
- pNFS/NFSv4: Fix a layout segment leak in pnfs_layout_process()
  (git-fixes).
- commit 60296fb
- kernel-binary.spec: Only use mkmakefile when it exists
  Linux 5.13 no longer has a mkmakefile script
- commit b453c7b
- PM: sleep: Add pm_debug_messages kernel command line option
  (bsc#1186752).
- commit 735920b
- media: dvb: Add check on sp8870_readreg return (git-fixes).
- commit 2133cbd
- blacklist.conf: cosmetic fix
- commit ce72d5a
- media: gspca: properly check for errors in po1030_probe()
  (git-fixes).
- commit 1750a2e
- Revert "/media: gspca: Check the return value of write_bridge
  for timeout"/ (git-fixes).
- commit b97e22b
- media: gspca: mt9m111: Check write_bridge for timeout
  (git-fixes).
- commit 7f3a7f1
- Revert "/media: gspca: mt9m111: Check write_bridge for timeout"/
  (git-fixes).
- commit d087481
- blacklist.conf: depends on PD 3.0 which we don't have and cannot be
  backported
- commit a396f2f
- Update kabi files.
- update from June 2021 maitenance update submission (commit f0fe006fa3e1)
- commit 3b5c05b
- HID: magicmouse: fix NULL-deref on disconnect (git-fixes).
- HID: i2c-hid: fix format string mismatch (git-fixes).
- HID: pidff: fix error return code in hid_pidff_init()
  (git-fixes).
- HID: i2c-hid: Skip ELAN power-on command after reset
  (git-fixes).
- tpm: fix error return code in tpm2_get_cc_attrs_tbl()
  (git-fixes).
- vsock/vmci: log once the failed queue pair allocation
  (git-fixes).
- commit e5695e4
- Revert "/media: dvb: Add check on sp8870_readreg"/ (git-fixes).
- commit 3655f21
- usb: typec: tcpm: Use LE to CPU conversion when accessing
  msg->header (git-fixes).
- commit f61bf4c
- xen-pciback: redo VF placement in the virtual topology
  (git-fixes).
- commit 323098d
- usb: typec: mux: Fix matching with typec_altmode_desc
  (git-fixes).
- commit 2c2aed2
- xen-pciback: reconfigure also from backend watch handler
  (git-fixes).
- commit 5795686
- xen-blkback: fix compatibility bug with single page rings
  (git-fixes).
- commit c1a440a
- xen/evtchn: Change irq_info lock to raw_spinlock_t (git-fixes).
- commit 085f359
- Enable CONFIG_PCI_PF_STUB for Nvidia Ampere vGPU support (jsc#SLE-17882
  jsc#ECO-3691)
  Nvidia switched its vGPU mechanism from mdev to SRIOV since Ampere
  architecutre. For the SRIOV implementation, they used pci-pf-stub
  module. We only need to enable CONFIG_PCI_PF_STUB here,
  other dependencies have been enabled already.
- commit 8ab8eb0
- blk-settings: align max_sectors on "/logical_block_size"/ boundary
  (bsc#1185195).
- commit e302bd9
- ibmvnic: Use 'skb_frag_address()' instead of hand coding it
  (bsc#1184114 ltc#192237).
- commit 52ca26e
- PCI/LINK: Remove bandwidth notification (bsc#1183712).
- commit 56c94c5
- rpm/kernel-binary.spec.in: Correct Supplements in optional subpkg (jsc#SLE-11796)
  The product string was changed from openSUSE to Leap.
- commit 3cb7943
- rpm/split-modules: Avoid errors even if Module.* are not present
- commit 752fbc6
- Add the support for kernel-FLAVOR-optional subpackage (jsc#SLE-11796)
  This change allows to create kernel-*-optional subpackage containing
  the modules that are not shipped on SLE but only on Leap.  Those
  modules are marked in the new "/-!optional"/ marker in supported.conf.
  Flip split_optional definition in kernel-binaries.spec.in for the
  branch that needs the splitting.
- commit 1fa25f8
libgcrypt
- Security fix: [bsc#1187212, CVE-2021-33560]
  * Libgcrypt mishandles ElGamal encryption because it lacks exponent
    blinding to address a side-channel attack against mpi_powm
- Add patches:
  * libgcrypt-CVE-2021-33560-ElGamal-exponent-blinding.patch
  * libgcrypt-CVE-2021-33560-fix-ElGamal-enc.patch
libnettle
- Security fix: [CVE-2021-3580, bsc#1187060]
  * Remote crash in RSA decryption via manipulated ciphertext
- Add patches:
  * libnettle-CVE-2021-3580-rsa_sec.patch
  * libnettle-CVE-2021-3580-rsa_decrypt.patch
libzypp
- Enhance XML output of repo GPG options (fixes openSUSE/zypper#390)
  In addition to the effective values, add optional attributes
  showing the raw values actually present in the .repo file.
  (raw_gpgcheck, raw_repo_gpgcheck, raw_pkg_gpgcheck)
- Link all executables with -pie (bsc#1186447)
- Ship an empty /etc/zypp/needreboot per default (fixes #311, jsc#PM-2645)
  If packages want to trigger the reboot-needed hiint upon installation
  they may provide 'installhint(reboot-needed)'.
  Builtin packages triggering the hint without the provides are
  only kernel and kernel-firmware related.
- Add Solvable::isBlacklisted as superset of retracted and ptf
  packages (bsc#1186503)
- Fix segv if ZYPP_FULLOG is set (fixes #317)
- version 17.27.0 (22)
lua53
- Sync with Factory (5.3.6), includes fixes for
  - Long brackets with a huge number of '=' overflow some
    internal buffer arithmetic.
  - bsc#1123043 CVE-2019-6706 Fix free-after-use bug in
    lua_upvaluejoin function of lapi.c
- Remove upstreamed patches:
  - CVE-2019-6706-use-after-free-lua_upvaluejoin.patch
- Update to version 5.3.6:
  * Fixes bugs found in Lua 5.3.5 and Lua 5.4.0
  * Lua 5.3 is now EOL
- Removed upstream-bugs.patch: new release (no bugs found yet)
- Removed upstream-bugs-backport-lua54.patch: new release (no bugs found yet)
- Added upstream-bugs.patch: upstream bug patches
  * Patches 2,3,4
- Added upstream-bugs-backport-lua54.patch: bugs discovered in lua54
  * Patch 10: CVE-2020-24371, boo#1175449
  * Patch 11: CVE-2020-24370, boo#1175448
  * Patch 13
- Add RISC-V to list of 64-bit architectures
- Use FAT LTO objects in order to provide proper static library.
- Update to 5.3.5:
  (it is really problematic to find ANY documentation of changes
  between minor versions; the best we have is
  https://www.lua.org/bugs.html)
  - Long brackets with a huge number of '=' overflow some
    internal buffer arithmetic.
  - Small build tweaks.
lvm2
- Link test as position independent executable (bsc#1184124).
  + bug-1184124-link-tests-as-PIE.patch
openldap2
- bsc#1187210 - Resolve bug in the idle / connection TTL timeout
  implementation in OpenLDAP.
  * 0231-ITS-9468-Added-test-case-for-proxy-re-binding-anonym.patch
  * 0232-ITS-9468-back-ldap-Return-disconect-if-rebind-cannot.patch
  * 0233-ITS-9468-removed-accidental-unicode-characters.patch
  * 0234-ITS-9468-documented-that-re-connecting-does-not-happ.patch
  * 0235-ITS-9468-summarize-discussion-about-rebind-as-user.patch
  * 0236-ITS-9468-fixed-typos.patch
  * 0237-ITS-9468-always-init-lc_time-and-lc_create_time.patch
  * 0238-ITS-9468-do-not-arm-expire-timer-for-connections-tha.patch
pam-config
- Add "/revoke"/ to the option list for pam_keyinit
  (Remove some leftover debugs while we're at it)
  [pam-config-fix-pam_keyinit-options.patch]
- prior to writing an service-specific config file, the main function
  calls access() on the destination file in /etc/pam.d.
  This will fail and no config file will be written when the original
  config file was installed in /usr/etc/pam.d.
  A similar problem exists when creating the new service file:
  create_service_file() wants to give the new service file the same
  user, group and mode as the old one, but the old one may not exist.
  In that case, set these to 0(root), 0(root), and 0644.
  [pam-config-remove-bad-access-call.patch, bsc#1187091]
pcre
- Do not run profiling 'check' in parallel
  to make package build reproducible (boo#1040589)
sqlite3
- Sync version 3.36.0 from Factory to implement jsc#SLE-16032.
- Obsoletes sqlite3-CVE-2019-16168.patch.
- The following CVEs have been fixed in upstream releases up to
  this point, but were not mentioned in the change log so far:
  * bsc#1173641, CVE-2020-15358: heap-based buffer overflow in
    multiSelectOrderBy due to mishandling of query-flattener
    optimization
  * bsc#1164719, CVE-2020-9327: NULL pointer dereference and
    segmentation fault because of generated column optimizations in
    isAuxiliaryVtabOperator
  * bsc#1160439, CVE-2019-20218: selectExpander in select.c proceeds
    with WITH stack unwinding even after a parsing error
  * bsc#1160438, CVE-2019-19959: memory-management error via
    ext/misc/zipfile.c involving embedded '0' input
  * bsc#1160309, CVE-2019-19923: improper handling  of  certain uses
    of SELECT DISTINCT in flattenSubquery may lead to null pointer
    dereference
  * bsc#1159850, CVE-2019-19924: improper error handling in
    sqlite3WindowRewrite()
  * bsc#1159847, CVE-2019-19925: improper handling of NULL pathname
    during an update of a ZIP archive
  * bsc#1159715, CVE-2019-19926: improper handling  of certain
    errors during parsing  multiSelect in select.c
  * bsc#1159491, CVE-2019-19880: exprListAppendList in window.c
    allows attackers to trigger an invalid pointer dereference
  * bsc#1158960, CVE-2019-19603: during handling of CREATE TABLE
    and CREATE VIEW statements, does not consider confusion with
    a shadow table name
  * bsc#1158959, CVE-2019-19646: pragma.c mishandles NOT NULL in an
    integrity_check PRAGMA command in certain cases of generated
    columns
  * bsc#1158958, CVE-2019-19645: alter.c allows attackers to trigger
    infinite recursion via certain types of self-referential views
    in conjunction with ALTER TABLE statements
  * bsc#1158812, CVE-2019-19317: lookupName in resolve.c omits bits
    from the colUsed bitmask in the case of a generated column,
    which allows attackers to cause a denial of service
  * bsc#1157818, CVE-2019-19244: sqlite3,sqlite2,sqlite: The
    function sqlite3Select in select.c allows a crash if a
    sub-select uses both DISTINCT and window functions, and also
    has certain ORDER BY usage
  * bsc#928701, CVE-2015-3415: sqlite3VdbeExec comparison operator
    vulnerability
  * bsc#928700, CVE-2015-3414: sqlite3,sqlite2: dequoting of
    collation-sequence names
  * CVE-2020-13434 boo#1172115: integer overflow in
    sqlite3_str_vappendf
  * CVE-2020-13630 boo#1172234: use-after-free in fts3EvalNextRow
  * CVE-2020-13631 boo#1172236: virtual table allowed to be renamed
    to one of its shadow tables
  * CVE-2020-13632 boo#1172240: NULL pointer dereference via
    crafted matchinfo() query
  * CVE-2020-13435: Malicious SQL statements could have crashed the
    process that is running SQLite (boo#1172091)
systemd
- Added patches to fix CVE-2021-33910 (bsc#1188063)
  Added 1001-unit-name-tighten-checks-for-building-valid-unit-nam.patch
  Added 1002-unit-name-generate-a-clear-error-code-when-convertin.patch
  Added 1003-basic-unit-name-do-not-use-strdupa-on-a-path.patch
  Added 1004-basic-unit-name-adjust-comments.patch
  These patches will be moved to the git repo once the bug will become
  public.
- Added fix for bsc#1184994 to skip udev rules if 'elevator=' is used
- Create /run/lock/subsys again (bsc#1187292)
  The creation of this directory was mistakenly dropped when
  'filesystem' package took the initialization of the generic paths
  over.
  Paths under /run/lock are still managed by systemd for lack of
  better place.
- Import commit f6f87c1cb4119c41f6fb93702e03cec794829b7c
  d7ed4af259 mount-util: shorten the loop a bit (#7545)
  cdf9cbb509 mount-util: do not use the official MAX_HANDLE_SZ (#7523)
  bbcc63a032 mount-util: tape over name_to_handle_at() flakiness (#7517) (bsc#1184761)
  d44adc63ab test: fix test-mount-util when handling duplicate mounts on the same location
  7c74260899 mount-util: fix bad indenting
  c4ef3248e2 mount-util: EOVERFLOW might have other causes than buffer size issues
  3f3eb23ccb mount-util: fix error propagation in fd_fdinfo_mnt_id()
  9f170ee221 mount-util: drop exponential buffer growing in name_to_handle_at_loop()
  5c709e7b31 udev: port udev_has_devtmpfs() to use path_get_mnt_id()
  ac57cefcb9 mount-util: add new path_get_mnt_id() call that queries the mnt ID of a path
  e49d88b898 mount-util: add name_to_handle_at_loop() wrapper around name_to_handle_at()
  060b1db043 core: fix output (logging) for mount units (#7603) (bsc#1187400)
- Import commit 93910b81b809729afa7ff9529b45b1e67f229232
  c289e1e5ae sysusers: use the usual comment style
  f11535886f test/TEST-21-SYSUSERS: add tests for new functionality
  2f2bfa731c sysusers: allow admin/runtime overrides to command-line config
  dbd190cd3b basic/strv: add function to insert items at position
  3c7b4c67fa sysusers: allow the shell to be specified
  f316974ebe man: reformat table in sysusers.d(5)
  24113b7f00 sysusers: take configuration as positional arguments
  8232e059d8 sysusers: emit a bit more info at debug level when locking fails
  461356cfe9 sysusers: allow force reusing existing user/group IDs (#8037)
  dd9349e71a sysusers: ensure GID in uid:gid syntax exists
  5e0ab33e59 sysusers: make ADD_GROUP always create a group
  0dd4a69687 test: add TEST-21-SYSUSERS test
  4dea8a2774 sysuser: use OrderedHashmap
  de09744500 sysusers: allow uid:gid in sysusers.conf files
  9271c17657 meson: "/conf.get(condition)"/ fails if condition was not defined
  These commits implement the option '--replace' for systemd-sysusers
  so %sysusers_create_package can be introduced in SLE and packages
  can rely on this rpm macro without wondering whether the macro is
  available on the different target the package is submitted to.
- udev requires systemd in its %post (bsc#1185958)
  udevadm, called in udev's %post, requires libsystemd-shared-xxx.so.
- Expect 644 permissions for /usr/lib/udev/compat-symlink-generation (bsc#1185807)
- Import commit ca070cf0125f3b83fb3d7300ef4f524af47c49a3
  3daea193a1 cgroup: Parse infinity properly for memory protections (bsc#1167471)
  a3f4d2980e cgroup: Make empty assignments reset to default (bsc#1167471)
  72bbd3928c cgroup: Support 0-value for memory protection directives (bsc#1167471)
  9c192a00a4 core/cgroup: accepts MemorySwapMax=0 (#8366) (bsc#1154935)
  d64f691eb7 bus-unit-util: add proper MemorySwapMax= serialization
  98af04a71c core: accept MemorySwapMax= properties that are scaled, too
  d4528bcaa3 execute: make sure to call into PAM after initializing resource limits (bsc#1184967)
  7fb1ab4f38 rlimit-util: introduce setrlimit_closest_all()
  c0d1ae3086 system-conf: drop reference to ShutdownWatchdogUsec=
  9f66f43082 core: rename ShutdownWatchdogSec to RebootWatchdogSec (bsc#1185331)
  82a5f215a3 Return -EAGAIN instead of -EALREADY from unit_reload (bsc#1185046)
- Drop 0010-core-accept-MemorySwapMax-properties-that-are-scaled.patch
  Drop 0011-bus-unit-util-add-proper-MemorySwapMax-serialization.patch
  Drop 0012-core-cgroup-accepts-MemorySwapMax-0-8366.patch
  Drop 0013-cgroup-Support-0-value-for-memory-protection-directi.patch
  Drop 0014-cgroup-Make-empty-assignments-reset-to-default.patch
  Drop 0015-cgroup-Parse-infinity-properly-for-memory-protection.patch
  These patches have been merged in SUSE/v234 branch.
- Import commit bb23f007799c0ad2b14a6da7f74ee242e10b00b9
  611376f830 rules: don't ignore Xen virtual interfaces anymore (bsc#1178561)
  65f4fa852e write_net_rules: set execute bits (bsc#1178561)
  f60153e565 udev: rework network device renaming
  df31eb968a Revert "/Revert "/udev: network device renaming - immediately give up if the target name isn't available"/"/
systemd-presets-common-SUSE
- When installing the systemd-presets-common-SUSE package for the
  first time in a new system, it might happen that some services
  are installed before systemd so the %systemd_pre/post macros
  would not work. This is handled by enabling all preset services
  in this package's %posttrans section but it wasn't enabling
  user services, just system services. Now it enables also the
  user services installed before this package, thus fixing
  boo#1186561
tar
- Link /var/lib/tests/tar/bin/genfile as Position-Independent Executable
  (bsc#1184124).
  + tar-PIE.patch
wget
- When running recursively, wget will verify the length of the whole
  URL when saving the files. This will make it overwrite files with
  truncated names, throwing the "/The name is too long, ... trying to
  shorten"/ messages. The patch moves the length check code to a
  separate function and call it from the append_dir_structure() for each
  path element.
  [ bsc#1181173, 0001-possibly-truncate-pathname-components.patch]
zypper
- Link all executables with -pie (bsc#1186447)
- Tag PTF packages in the status column (bsc#1186503)
  Like retracted packages, a program temporary fix must be
  explicitly selected and will otherwise not be considered in
  dependency resolution.
- BuildRequires:  libzypp-devel >= 17.26.1.
- version 1.14.46