aaa_base
- Add patch git-46-78b2a0b29381c16bec6b2a8fc7eabaa9925782d7.patch
  * The wrapper rootsh is not a restricted shell (bsc#1199492)
apache-commons-csv
- Fix the URL for the package
- Declare the LICENSE file as license and not doc
apache-commons-math3
- Fix the URL for the package
- Declare the LICENSE file as license and not doc
apache2-mod_wsgi
- Add CVE-2022-2255.patch (bsc#1201634)
apparmor
- add profiles-permit-php-fpm-pid-files-directly-under-run.patch
  https://gitlab.com/apparmor/apparmor/-/merge_requests/914 (bsc#1202344)
audit-secondary
- Fix rules not loaded when restarting auditd.service(bsc#1204844)
- Update audit-secondary.spec: create symbolic link from
  /sbin/audisp-syslog to /usr/sbin/audisp-syslog (bsc#1201519).
autoyast2
- Add needed packages for kdump even when kdump section is not
  defined if product enable kdump by default (bsc#1204180)
- 4.4.43
- Add support for security policies validation (jsc#SLE-24764).
- 4.4.42
- Allow empty values in ask/default, ask/selection/label and
  ask/selection/value elements (bsc#1204448).
- 4.4.41
- Add needed packages for the selected network backend in order to
  prevent it is not declared in the software section (bsc#1201235,
  bsc#1201435)
- 4.4.40
- Revert the modification done in version 4.3.97 running the
  initscripts before systed-user-sessions service again once
  systemd fixed logind (bsc#1195059, bsc#1200780)
- 4.4.39
- Run the registration step early only on the Online installation
  medium which does not provide any packages. On the other media
  run the registration step later.
  Fixes crash in the SLE Micro when the AutoYaST profile enables
  the registration step. (bsc#1200803)
- 4.4.38
aws-cli
- Update to version 1.24.4 (bsc#1199716)
  + For detailed changes see
    https://github.com/aws/aws-cli/blob/1.24.4/CHANGELOG.rst
- Update Requires in spec file from setup.py
- Update to version 1.24.1
  + For detailed changes see
    https://github.com/aws/aws-cli/blob/1.24.1/CHANGELOG.rst
- Update Requires in spec file from setup.py
- Update to version 1.23.11
  + For detailed changes see
    https://github.com/aws/aws-cli/blob/1.23.11/CHANGELOG.rst
- Update Requires in spec file from setup.py
- Update to version 1.23.1
  + For detailed changes see
    https://github.com/aws/aws-cli/blob/1.23.1/CHANGELOG.rst
- Update Requires in spec file from setup.py
- Update to version 1.22.87
  + For detailed changes see
    https://github.com/aws/aws-cli/blob/1.22.87/CHANGELOG.rst
- Update Requires in spec file from setup.py
- Update to version 1.22.65
  + For detailed changes see
    https://github.com/aws/aws-cli/blob/1.22.65/CHANGELOG.rst
- Update Requires in spec file from setup.py
- Update to version 1.22.46
  + For detailed changes see
    https://github.com/aws/aws-cli/blob/1.22.46/CHANGELOG.rst
- Add missing python-rpm-macros to BuildRequires
- Update Requires in spec file from setup.py
- Update to version 1.22.35
  + For detailed changes see
    https://github.com/aws/aws-cli/blob/1.22.35/CHANGELOG.rst
- Update Requires in spec file from setup.py
- Update to version 1.22.28
  + For detailed changes see
    https://github.com/aws/aws-cli/blob/1.22.28/CHANGELOG.rst
- Update Requires in spec file from setup.py
- Update to version 1.22.24
  + For detailed changes see
    https://github.com/aws/aws-cli/blob/1.22.24/CHANGELOG.rst
- Update Requires in spec file from setup.py
- Update to version 1.21.6
  + For detailed changes see
    https://github.com/aws/aws-cli/blob/1.21.6/CHANGELOG.rst
- Relax upper version dependency for python-docutils in Requires
- Update Requires in spec file from setup.py
- Update to version 1.20.32
  + For detailed changes see
    https://github.com/aws/aws-cli/blob/1.20.32/CHANGELOG.rst
- Fix rpmlint warnings
  + use defattr for default permissions
  + mark zsh completion file as a config file
- Use github download url as a Source0
- Update Requires in spec file from setup.py
- Update to version 1.20.7
  + For detailed changes see
    https://github.com/aws/aws-cli/blob/1.20.7/CHANGELOG.rst
- Update Requires in spec file from setup.py
bcel
- Security fix: [bsc#1205125, CVE-2022-42920]
  * Apache Commons BCEL prior to 6.6.0 allows producing
    arbitrary bytecode via out-of-bounds writing
  * Add bcel-CVE-2022-42920.patch
bind
- Update to release 9.16.33
  Security Fixes:
  * Previously, there was no limit to the number of database lookups
    performed while processing large delegations, which could be
    abused to severely impact the performance of named running as a
    recursive resolver. This has been fixed. (CVE-2022-2795)
  * named running as a resolver with the stale-answer-client-timeout
    option set to 0 could crash with an assertion failure, when
    there was a stale CNAME in the cache for the incoming query.
    This has been fixed. (CVE-2022-3080)
  * A memory leak was fixed that could be externally triggered in the
    DNSSEC verification code for the ECDSA algorithm. (CVE-2022-38177)
  * Memory leaks were fixed that could be externally triggered in the
    DNSSEC verification code for the EdDSA algorithm. (CVE-2022-38178)
  Feature Changes:
  * Response Rate Limiting (RRL) code now treats all QNAMEs that are
    subject to wildcard processing within a given zone as the same
    name, to prevent circumventing the limits enforced by RRL.
  * Zones using dnssec-policy now require dynamic DNS or
    inline-signing to be configured explicitly.
  * A backward-compatible approach was implemented for encoding
    internationalized domain names (IDN) in dig and converting the
    domain to IDNA2008 form; if that fails,
    BIND tries an IDNA2003 conversion.
  Bug Fixes:
  * A serve-stale bug was fixed, where BIND would try to return stale
    data from cache for lookups that received duplicate queries or
    queries that would be dropped. This bug resulted in premature
    SERVFAIL responses, and has now been resolved.
  [bsc#1203614, bsc#1203618, bsc#1203619, bsc#1203620, jsc#SLE-24600]
- Add systemd drop-in directory for named service
  [bsc#1201689, bind.spec]
- Include a modified createNamedConfInclude script again, as this
  broke compatability with existing configurations.
  A symlink for named.conf.include to /var/lib/named is created to
  allow for a read-only /etc directory.
  However it is still advised to change the existing configuration.
  See README-bind.chrootenv for a guide how to do this.
  [bsc#1203250, vendor-files/tools/createNamedConfInclude,
  vendor-files/docu/README-bind.chrootenv, bind.spec]
- Update to release 9.16.32
  Feature Changes:
  * The DNSSEC algorithms RSASHA1 and NSEC3RSASHA1 are now automatically
  disabled on systems where they are disallowed by the security policy
  (e.g. Red Hat Enterprise Linux 9). Primary zones using those algorithms
  need to be migrated to new algorithms prior to running on these systems,
  as graceful migration to different DNSSEC algorithms is not possible when
  RSASHA1 is disallowed by the operating system.
  * Log messages related to fetch limiting have been improved to provide
  more complete information. Specifically, the final counts of allowed
  and spilled fetches are now logged before the counter object is destroyed.
  Bug Fixes:
  * Non-dynamic zones that inherit dnssec-policy from the view or options
  blocks were not marked as inline-signed and therefore never scheduled
  to be re-signed. This has been fixed.
  * The old max-zone-ttl zone option was meant to be superseded by
  the max-zone-ttl option in dnssec-policy; however, the latter option
  was not fully effective. This has been corrected: zones no longer load
  if they contain TTLs greater than the limit configured in dnssec-policy.
  For zones with both the old max-zone-ttl option and dnssec-policy
  configured, the old option is ignored, and a warning is generated.
  * rndc dumpdb -expired was fixed to include expired RRsets,
  even if stale-cache-enable is set to no and
  the cache-cleaning time window has passed.
  [bind-9.16.32.tar.xz, bind-9.16.32.tar.xz.sha512.asc,
  bind-9.16.31.tar.xz, bind-9.16.31.tar.xz.sha512.asc,
  bind.spec, jsc#SLE-24600]
- Update to release 9.16.31
  This is the first of monthly updates of "/bind"/. It is planned
  to update bind when a new upstream maintennace release becomes
  available, which is usually towards the end of a month, see
  https://www.isc.org/blogs/2021-bind-release-model/
  Compared to the previous SUSE release, in this release,
  53 (minor) bugs were fixed
  13 (minor) functional enhancements were made
  3 security issues are now fixed upstream:
    CVE-2022-0396, CVE-2021-25220, CVE-2021-25219
  plus a few minor changes.
  For a full list of changes, please refer to the
  CHANGES file in the source rpm.
  This update obsoletes the following patches:
  * bind-fix-build-with-older-sphinx.patch
  * bind-CVE-2021-25219.patch
  * bind-9.16.27-0001-CVE-2021-25220.patch
  * bind-9.16.27-0002-CVE-2022-0396.patch
  [bind-9.16.31.tar.xz, bind-9.16.31.tar.xz.sha512.asc,
  bind-9.16.20.tar.xz, bind-9.16.20.tar.xz.sha512.asc,
  bind-fix-build-with-older-sphinx.patch, bind-CVE-2021-25219.patch,
  bind-9.16.27-0001-CVE-2021-25220.patch,
  bind-9.16.27-0002-CVE-2022-0396.patch,
  jsc#SLE-24600]
- When enabling query_logging by un-commenting an example in
  bind.conf, named attempts to create a file in /var/log which
  fails due to missing credentials. This also applies to the
  "/dump-file"/ and the "/statistics-file"/.
  This is solved by having systemd-tmpfiles create a subdirectory
  "//var/log/named"/ owned by named:named and changing the file
  paths accordingly:
  /var/log/named_querylog -> /var/log/named/querylog
  /var/log/named_dump.db -> /var/log/named/dump.db
  /var/log/named.stats -> /var/log/named/stats
  Also, in "/named.service"/, the ReadWritePath was changed to
  include "//var/log/named"/ rather than just "/var/log"/.
  [bsc#1200685, bind.spec, vendor-files/config/named.conf,
  vendor-files/system/named.service]
- A non-existent initialization script (eg a leftorver
  "/createNamedConfInclude"/ in /etc/sysconfig/named) may cause named
  not to start. A warning message is printed in named.prep and
  the fact is ignored.
  Also, the return value of a failed script was not handled properly
  causing a failed script to not prevent named to start. This
  is now fixed properly.
  [bsc#1199044, vendor-files.tar.bz2]
binutils
- Add binutils-maxpagesize.diff for a problem on old code
  streams, where we would generate too large binaries.
- s390-pic-dso.diff: use %pB instead of %B
- SLE toolchain update of binutils.  Update to 2.39 from 2.37,
  which means obsoleting and hence removing these patches:
  binutils-add-efi-aarch64-1.diff, binutils-add-efi-aarch64-2.diff,
  binutils-add-efi-aarch64-3.diff, binutils-fix-keepdebug.diff,
  binutils-add-z16-name.diff.
  Implements [jsc#SLE-25046, jsc#PED-2029, jsc#PED-2035, jsc#PED-2033,
  jsc#PED-2030, jsc#PED-2038, jsc#PED-2032, jsc#PED-2034, jsc#PED-2031,
  jsc#SLE-25047]
- This fixes these CVEs relative to 2.37:
  [bsc#1188374, bsc#1185597] aka (GCC) PR99935 aka CVE-2021-3648
  [bsc#1193929] aka PR28694 aka CVE-2021-45078
  [bsc#1194783] aka (GCC) PR98886 aka CVE-2021-46195
  [bsc#1197592] aka (GCC) PR105039 aka CVE-2022-27943
  [bsc#1202966] aka PR29289 aka CVE-2022-38126
  [bsc#1202967] aka PR29290 aka CVE-2022-38127
  [bsc#1202969] aka CVE-2021-3826
- Add binutils-pr29482.diff for PR29482, aka CVE-2022-38533
  [bsc#1202816]
- Rebase binutils-2.39-branch.diff.gz that contains fix for PR29451.
- Add binutils-2.39-branch.diff.gz.
- Explicitly enable --enable-warn-execstack=yes and	--enable-warn-rwx-segments=yes.
- Add gprofng subpackage.
- Update to binutils 2.39:
  * The ELF linker will now generate a warning message if the stack is made
    executable.  Similarly it will warn if the output binary contains a
    segment with all three of the read, write and execute permission
    bits set.  These warnings are intended to help developers identify
    programs which might be vulnerable to attack via these executable
    memory regions.
    The warnings are enabled by default but can be disabled via a command
    line option.  It is also possible to build a linker with the warnings
    disabled, should that be necessary.
  * The ELF linker now supports a --package-metadata option that allows
    embedding a JSON payload in accordance to the Package Metadata
    specification.
  * In linker scripts it is now possible to use TYPE=<type> in an output
    section description to set the section type value.
  * The objdump program now supports coloured/colored syntax
    highlighting of its disassembler output for some architectures.
    (Currently: AVR, RiscV, s390, x86, x86_64).
  * The nm program now supports a --no-weak/-W option to make it ignore
    weak symbols.
  * The readelf and objdump programs now support a -wE option to prevent
    them from attempting to access debuginfod servers when following
    links.
  * The objcopy program's --weaken, --weaken-symbol, and
  - -weaken-symbols options now works with unique symbols as well.
- Rebase binutils-compat-old-behaviour.diff, binutils-revert-hlasm-insns.diff,
  binutils-revert-plt32-in-branches.diff and remove binutils-2.38-branch.diff.gz.
- For now use --disable-gprofng.
- Includes fixes for these CVEs:
  bnc#1142579 aka CVE-2019-1010204 aka PR23765
(Fake entry from SLE for tracking purposes:)
- Use https for variosu links.
- Update binutils-2.38-branch.diff.gz (to 93054037f1e304e)
  in order to include PR29087.
- Enable multitarget build on riscv64
- On SLE15 and later, use make -Oline to synchronize configure output by
  lines
(Fake entry from SLE for tracking purposes:)
- Renumber Sources.
- Fix ExcludeArch for ppc.
- Make multibuild utilize only the main binutils.spec file.
- Remove not needed README.First-for.SUSE.packagers, pre_checkin.sh.
- Start using _multibuild for cross binutils.
  (forward port from SLE)
- Update binutils-2.38-branch.diff.gz (to c210342d7f5) to include
  recognition of 'z16' name for 'arch14' on s390.  [bsc#1198237]
(Fake entry from SLE for tracking purposes:)
- Add usage of a SUSE_ZNOW environment variable which allows switching
  on "/-z now"/ by default using "/export SUSE_ZNOW=1"/, similar to
  the SUSE_ASNEEDED variable.  Adds binutils-znow.patch.
- Update binutils-skip-rpaths.patch: add back fix for boo#1191473,
  which got lost in the update to 2.38.
- Update binutils-2.38-branch.diff.gz in order to include PR28879.
- From Stefan Brüns <stefan.bruens@rwth-aachen.de>:
  * Install symlinks for all target specific tools on
    arm-eabi-none [bsc#1185712]
- Do not re-generate ld/ldlex.c, ld/ldgram.c, ld/ldgram.h and verify
  that corresponding flex/bison files are not modified by a patch.
- Use verbose mode for make for cross compilers.
- Make it build on SLE-11 again.
- Use verbose mode for make.
- Update to binutils 2.38:
  * elfedit: Add --output-abiversion option to update ABIVERSION.
  * Add support for the LoongArch instruction set.
  * Tools which display symbols or strings (readelf, strings, nm, objdump)
    have a new command line option which controls how unicode characters are
    handled.  By default they are treated as normal for the tool.  Using
  - -unicode=locale will display them according to the current locale.
    Using --unicode=hex will display them as hex byte values, whilst
  - -unicode=escape will display them as escape sequences.  In addition
    using --unicode=highlight will display them as unicode escape sequences
    highlighted in red (if supported by the output device).
  * readelf -r dumps RELR relative relocations now.
  * Support for efi-app-aarch64, efi-rtdrv-aarch64 and efi-bsdrv-aarch64 has been
    added to objcopy in order to enable UEFI development using binutils.
  * ar: Add --thin for creating thin archives. -T is a deprecated alias without
    diagnostics. In many ar implementations -T has a different meaning, as
    specified by X/Open System Interface.
  * Add support for AArch64 system registers that were missing in previous
    releases.
  * Add support for the LoongArch instruction set.
  * Add a command-line option, -muse-unaligned-vector-move, for x86 target
    to encode aligned vector move as unaligned vector move.
  * Add support for Cortex-R52+ for Arm.
  * Add support for Cortex-A510, Cortex-A710, Cortex-X2 for AArch64.
  * Add support for Cortex-A710 for Arm.
  * Add support for Scalable Matrix Extension (SME) for AArch64.
  * The --multibyte-handling=[allow|warn|warn-sym-only] option tells the
    assembler what to when it encoutners multibyte characters in the input.  The
    default is to allow them.  Setting the option to "/warn"/ will generate a
    warning message whenever any multibyte character is encountered.  Using the
    option to "/warn-sym-only"/ will make the assembler generate a warning whenever a
    symbol is defined containing multibyte characters.  (References to undefined
    symbols will not generate warnings).
  * Outputs of .ds.x directive and .tfloat directive with hex input from
    x86 assembler have been reduced from 12 bytes to 10 bytes to match the
    output of .tfloat directive.
  * Add support for 'armv8.8-a', 'armv9-a', 'armv9.1-a', 'armv9.2-a' and
    'armv9.3-a' for -march in AArch64 GAS.
  * Add support for 'armv8.7-a', 'armv8.8-a', 'armv9-a', 'armv9.1-a',
    'armv9.2-a' and 'armv9.3-a' for -march in Arm GAS.
  * Add support for Intel AVX512_FP16 instructions.
  * Add -z pack-relative-relocs/-z no pack-relative-relocs to x86 ELF
    linker to pack relative relocations in the DT_RELR section.
  * Add support for the LoongArch architecture.
  * Add -z indirect-extern-access/-z noindirect-extern-access to x86 ELF
    linker to control canonical function pointers and copy relocation.
  * Add --max-cache-size=SIZE to set the the maximum cache size to SIZE
    bytes.
- Add binutils-2.38-branch.diff.gz.
- Removed deletion of man pages as they should be properly packages
  in tarball.
- Rebased patches: aarch64-common-pagesize.patch, add-ulp-section.diff,
  binutils-bfd_h.patch, binutils-revert-nm-symversion.diff,
  binutils-revert-plt32-in-branches.diff, binutils-skip-rpaths.patch
  and binutils-compat-old-behaviour.diff.
- Enable PRU architecture for AM335x CPU (Beagle Bone Black board)
- use fdupes on datadir
- remove RPM_BUILD_ROOT usage and other cleanups
- Rebase binutils-2.37-branch.diff: fixes PR28494.
branding-SLE
- Support %posttrans with macros provided by update-bootloader-rpm-macros
  package (bsc#997317) (bsc#1199818)
ca-certificates-mozilla
- Updated to 2.60 state of Mozilla SSL root CAs (bsc#1206622)
  Removed CAs:
  - Global Chambersign Root
  - EC-ACC
  - Network Solutions Certificate Authority
  - Staat der Nederlanden EV Root CA
  - SwissSign Platinum CA - G2
  Added CAs:
  - DIGITALSIGN GLOBAL ROOT ECDSA CA
  - DIGITALSIGN GLOBAL ROOT RSA CA
  - Security Communication ECC RootCA1
  - Security Communication RootCA3
  Changed trust:
  - TrustCor certificates only trusted up to Nov 30 (bsc#1206212)
- Removed CAs (bsc#1206212) as most code does not handle "/valid before nov 30 2022"/
  and it is not clear how many certs were issued for SSL middleware by TrustCor:
  - TrustCor RootCert CA-1
  - TrustCor RootCert CA-2
  - TrustCor ECA-1
  Patch: remove-trustcor.patch
- Updated to 2.56 state of Mozilla SSL root CAs (bsc#1202868)
  Added:
  - Certainly Root E1
  - Certainly Root R1
  - DigiCert SMIME ECC P384 Root G5
  - DigiCert SMIME RSA4096 Root G5
  - DigiCert TLS ECC P384 Root G5
  - DigiCert TLS RSA4096 Root G5
  - E-Tugra Global Root CA ECC v3
  - E-Tugra Global Root CA RSA v3
  Removed:
  - Hellenic Academic and Research Institutions RootCA 2011
- Updated to 2.54 state of Mozilla SSL root CAs (bsc#1199079)
  Added:
  - Autoridad de Certificacion Firmaprofesional CIF A62634068
  - D-TRUST BR Root CA 1 2020
  - D-TRUST EV Root CA 1 2020
  - GlobalSign ECC Root CA R4
  - GTS Root R1
  - GTS Root R2
  - GTS Root R3
  - GTS Root R4
  - HiPKI Root CA - G1
  - ISRG Root X2
  - Telia Root CA v2
  - vTrus ECC Root CA
  - vTrus Root CA
  Removed:
  - Cybertrust Global Root
  - DST Root CA X3
  - DigiNotar PKIoverheid CA Organisatie - G2
  - GlobalSign ECC Root CA R4
  - GlobalSign Root CA R2
  - GTS Root R1
  - GTS Root R2
  - GTS Root R3
  - GTS Root R4
- updated to 2.50 state of the Mozilla NSS Certificate store (bsc#1188006)
- Added CAs:
  + HARICA Client ECC Root CA 2021
  + HARICA Client RSA Root CA 2021
  + HARICA TLS ECC Root CA 2021
  + HARICA TLS RSA Root CA 2021
  + TunTrust Root CA
- Updated to 2.46 state of the Mozilla NSS Certificate store (bsc#1181994)
- Added new root CAs:
  - NAVER Global Root Certification Authority
- Removed old root CA:
  - GeoTrust Global CA
  - GeoTrust Primary Certification Authority
  - GeoTrust Primary Certification Authority - G3
  - GeoTrust Universal CA
  - GeoTrust Universal CA 2
  - thawte Primary Root CA
  - thawte Primary Root CA - G2
  - thawte Primary Root CA - G3
  - VeriSign Class 3 Public Primary Certification Authority - G4
  - VeriSign Class 3 Public Primary Certification Authority - G5
catatonit
- Update to catatont v0.1.7
- This release adds the ability for catatonit to be used as the only
  process in a pause container, by passing the -P flag (in this mode no
  subprocess is spawned and thus no signal forwarding is done).
- Add 99bb9048f.patch: configure.ac: call AM_INIT_AUTOMAKE only
  once. Fix build with autocnf 2.71 / automake 1.16.5.
- Update to catatonit v0.1.6, which fixes a few bugs -- mainly ones related to
  socket activation or features somewhat adjacent to socket activation (such as
  passing file descriptors).
- Update catatonit-rpmlintrc in order to cover that static binaries are now an
  error not a warning.
cifs-utils
  * mount.cifs: fix verbose messages on option parsing (bsc#1198976, CVE-2022-29869)
cloud-regionsrv-client
- Update to version 10.0.8 (bsc#1206428)
  - Fix regression introduced by 10.0.7. When the hosts file was modified
    such that there is no empty line at the end of the file the content
    after removing the registration data does not match the content prior
    to registration. The update fixes the issue triggered by an index
    logic error.
- Guard dmidecode dependency (bsc#1206082)
- Update to version 10.0.7 (bsc#1191880, bsc#1195925, bsc#1195924)
  - Implement functionality to detect if an update server has a new cert.
    Import the new cert when it is detected.
  - Forward port fix-for-sles12-disable-ipv6.patch
- From 10.0.6 (bsc#1205089)
  - Credentials are equal when username and password are the same ignore
    other entries in the credentials file
  - Handle multiple zypper names in process table, zypper and Zypp-main
    to properly detect the running process
- Add patch to block IPv6 on SLE12 (bsc#1203382)
- Follow up fix to 10.0.4 (bsc#1202706)
  - While the source code was updated to support SLE Micro the spec file
    was not updated for the new locations of the cache and the certs.
    Update the spec file to be consistent with the code implementation.
- Update to version 10.0.5 (bsc#1201612)
  - Handle exception when trying to deregister a system form the server
cobbler
- Fix problem for the migration of "/autoinstall"/ collection attribute.
- Modified:
  * fix_v2_migration_script.patch
- Update v2 to v3 migration script to allow migration of collections
  that contains settings from Cobbler 2. (bsc#1203478)
- Added:
  * fix_v2_migration_script.patch
- Consider case of "/next_server"/ being a hostname during migration
  of Cobbler collections.
- Fix problem with "/proxy_url_ext"/ setting being None type.
- Added:
  * fix_next_server_being_hostname.patch
  * fix_proxy_url_ext_migration_none_value.patch
- Fix settings migration schema to work while upgrading on existing running
  Uyuni and SUSE Manager servers running with old Cobbler settings (bsc#1203478)
- Added:
  * fix_cobbler_settings_migrations.patch
- Do generate boot menus even if no profiles or systems - only local boot
- Avoid crashing running buildiso in certain conditions.
- Added:
  * temp_patch_do_generate_local_only_menus.patch
  * fix_buildiso_for_image_based_systems.patch
- Fix issue that a custom kernel with the extension "/.kernel"/ is not
  accepted by "/cobbler distro add"/
- Fix issue with "/get_item_resolved_value"/ that prevented it from
  returning in cases where a complex object would have been returned
- Fix issue where the logs would have been spammed with "/grab_tree"/
  messages that are meant for debugging
- Buildiso - Fix DNS append line generation
- Added:
  * backport_complex_xmlrpc_objects_and_logger_spam.patch
  * backport_kernel_regex_error_message.patch
  * backport_fix_for_buildiso_exclude_dns.patch
- Change apache2 conf dir for SUSE distros to allow integration with
  Uyuni and SUSE Manager
- Avoid permissions errors during cobbler sync
- Added:
  * workaround_apache2_confdir_for_suma.patch
  * temp_patch_to_avoid_permission_errors.patch
- Update to version 3.3.3
- Add UEFI capabilities to "/cobbler buildiso"/ (jsc#SUMA#112)
- Relevant changes on this release:
  * New:
  * Uyuni Proxies can now be set with the schema validation.
  * Cobbler should now build on AlmaLinux.
  * The initrd is not required anymore as it is an optional file.
  * XML-RPC: Added dump_vars endpoint. This is intended to replace get_blended_data as of 3.4.0.
  * XML-RPC: Added get_item_resolved_value & set_item_resolved_value endpoints.
  * Breaking Changes:
  * The field virt_file_size is now a float and the related settings as well.
  * Changes:
  * The error messages for duplicated objects now contains the name of the duplicated object.
  * Bugfixes:
  * Dictionaries had the wrong value set for <<inherit>>.
  * There were some cases in which the autoinstallation manager was handed the wrong object and then crashed.
  * The inheritance of the owners field was fixed.
  * Serial Console options should not contain bogous -1 value anymore.
  * HTTP API should not throw permission errors anymore.
  * During build the log was not visible due to a custom logger without output.
  * cobbler mkloaders now also copies dependencies of menu.c32.
  * We now generate the grub configuration for the architectures correct again.
  * virt_file_size now is a float at all times.
  * Cobbler should restart successfully now if you have attached an image to a system.
  * If you have a system named default the bootloader was not removed properly before.
  * cobbler buildiso: The isolinux.cfg was not properly formatted.
  * There were unharmful templating errors in the log related to redhat_management_type. The parts depending on this were removed.
  * The DNS managers were non-functional before because of a not existing function call.
  * cobbler buildiso failed with --tmpdirs that don't end in buildiso.
  * cobbler buildiso had outdated docs and help messages for some parameters.
  * cobbler import: It was impossible to import Rocky Linux 8.5 successfully.
  * Cobbler created duplicated settings files before.
  * cobbler sync was broken by refactoring to shell=False before.
- This update fixes CVE-2022-0860 (bsc#1197027)
- Version 3.3.0 fixed jsc#SUMA-112
- Update to version 3.3.2
  * New:
  * cobbler sync doesn't have to be executed no more after enable_ipxe was flipped
  * Auth: Support for Global Secure Catalog via LDAP provider
  * Changes:
  * Reposync now deletes old metadata to prevent metadata merge conflicts
  * The automigration of the settings is now not enabled per default.
  * We removed ppc from RedHat EL 7 as it is not supported
  * Bugfixes:
  * Network interface is not subscriptable errors were fixed
  * The stacktraces related to the package and file pre & post triggers should no longer appear
  * You should be able to add multiple initrds if needed again
  * Debian: Fix regex for SHIM_FILE which now provides a working reasonable default
- Removed:
  * better-string-replacement-performance.diff
  * cgi_parse_qs_is_deprecated.diff
  * fix-for-old-str.join-usage.diff
  * fix-string-replacement.diff
  * fix-trail-stripping-utf8.diff
  * fix_issue_when_inherited_boot_loader_bsc1185679.patch
  * load_module_apache_suse_fix.diff
  * prevent-race-condition-writting-tftpboot-files-bsc1186124.patch
  * refactored_auth_module.diff
  * remove-redundant-json-suffix.diff
  * v3-1-2-arbitrary-file-read-write-plus-RCE.patch
  * v3-1-2-fix-failing-test-after-cve-fix.patch
  * v3-1-2-incomplete-template-sanatization.patch
  * v3-1-2-log-pollution-1.patch
  * v3-1-2-log-pollution-2.patch
  * v3-1-2-log-pollution-3.patch
  * v3-1-2-mongodb-sanatiy-check.patch
  * v3-1-2-remove-testing-auth.patch
containerd
- Update to containerd v1.6.12 to fix CVE-2022-23471 bsc#1206235. Upstream release notes:
  <https://github.com/containerd/containerd/releases/tag/v1.6.11>
- Update to containerd v1.6.11. Upstream release notes:
  <https://github.com/containerd/containerd/releases/tag/v1.6.11>
- Update to containerd v1.6.9 for Docker v20.10.21-ce. Also includes a fix for
  CVE-2022-27191. boo#1206065 bsc#1197284 Upstream release notes:
  <https://github.com/containerd/containerd/releases/tag/v1.6.9>
- add devel subpackage, which is needed by open-vm-tools
cups
- cups-branch-2.2-commit-3e4dd41459dabc5d18edbe06eb5b81291885204b.diff
  is 'git show 3e4dd41459dabc5d18edbe06eb5b81291885204b' for
  https://github.com/apple/cups/commit/3e4dd41459dabc5d18edbe06eb5b81291885204b
  (except the not needed hunk for patching CHANGES.md which fails)
  that fixes handling of MaxJobTime 0 (Issue #5438) in the CUPS 2.2 branch
  bsc#1201511:
  Stuck print jobs being cancelled immediately, despite MaxJobTime being set to 0
curl
- Security Fix: [bsc#1206309, CVE-2022-43552]
  * HTTP Proxy deny use-after-free
  * Add curl-CVE-2022-43552.patch
- Security Fix: [bsc#1206308, CVE-2022-43551]
  * Fix Another HSTS bypass via IDN
  * Add curl-CVE-2022-43551.patch
- Security Fix: [bsc#1204383, CVE-2022-32221]
  * POST following PUT confusion
  * Add curl-CVE-2022-32221.patch
- Security Fix: [bsc#1204386, CVE-2022-42916]
  * HSTS bypass via IDN
  * Add curl-CVE-2022-42916.patch
- Security fix: [bsc#1202593, CVE-2022-35252]
  * Control codes in cookie denial of service
  * Add curl-CVE-2022-35252.patch
dbus-1
- Fix a potential crash that could be triggered by an invalid signature.
  (CVE-2022-42010, bsc#1204111)
  * fix-upstream-CVE-2022-42010.patch
- Fix an out of bounds read caused by a fixed length array (CVE-2022-42011,
  bsc#1204112)
  * fix-upstream-CVE-2022-42011.patch
- A message in non-native endianness with out-of-band Unix file descriptors
  would cause a use-after-free and possible memory corruption CVE-2022-42012,
  bsc#1204113)
  * fix-upstream-CVE-2022-42012.patch
- Disable asserts (bsc#1087072)
- Refreshed patches
  * fix-upstream-CVE-2020-35512.patch
dhcp
- bsc#1203988, CVE-2022-2928, dhcp-CVE-2022-2928.patch:
  An option refcount overflow exists in dhcpd
- bsc#1203989, CVE-2022-2929, dhcp-CVE-2022-2929.patch:
  DHCP memory leak
dmidecode
2 recommended fixes from upstream:
- news-fix-typo.patch: We ship the NEWS file so avoid including a
  typo in it.
- dmioem-fix-segmentation-fault-in-dmi_hp_240_attr.patch: Passing
  NULL to a %s printf conversion specifier is illegal, and can
  result in a segmentation fault. Current version of glibc doesn't
  mind, but alternative, past or future libc implementations could
  crash, so let's fix it.
- Update to upstream version 3.4:
  * This update implements jsc#SLE-24502 and jsc#PED-1466.
  * [COMPATIBILITY] Document how the UUID fields are interpreted.
  * [PORTABILITY] Don't use memcpy on /dev/mem on arm64.
  * Support for SMBIOS 3.4.0. This includes new memory device types, new
    processor upgrades, new slot types and characteristics, decoding of memory
    module extended speed, new system slot types, new processor characteristics
    and new format of Processor ID.
  * Support for SMBIOS 3.5.0. This includes new processor upgrades, BIOS
    characteristics, new slot characteristics, new on-board device types, new
    pointing device interface types, and a new record type (type 45 -
    Firmware Inventory Information).
  * Decode HPE OEM records 194, 199, 203, 236, 237, 238 ans 240.
  * Bug fixes:
    Fix OEM vendor name matching
  * Minor improvements:
    Add bios-revision, firmware-revision and system-sku-number to -s option
    Use the most appropriate unit for cache size
    Decode system slot base bus width and peers
    Skip details of uninstalled memory modules
    Don't display the raw CPU ID in quiet mode
    Improve the formatting of the manual pages
  * Obsoletes dmidecode-add-enumerated-values-from-smbios-3.3.0.patch,
    dmidecode-add-logical-non-volatile-device.patch,
    dmidecode-add-memory-device-types-from-smbios-3.4.0.patch,
    dmidecode-add-processor-characteristics-bits-from-smbios-3.4.0.patch,
    dmidecode-add-processor-upgrades-from-smbios-3.4.0.patch,
    dmidecode-add-slot-characteristics2-from-smbios-3.4.0.patch,
    dmidecode-add-system-slot-types-from-smbios-3.4.0.patch,
    dmidecode-fix-formatting-of-tpm-table-output.patch,
    dmidecode-fix-redfish-hostname-print-length.patch,
    dmidecode-fix-system-slot-information-for-pcie-ssd.patch,
    dmidecode-missing-commas.patch,
    dmidecode-only-scan-dev-mem-for-entry-point-on-x86.patch and
    dmidecode-skip-details-of-uninstalled-memory-modules.patch.
docker
- Backport <https://github.com/containerd/fifo/pull/32> to fix a crash-on-start
  issue with dockerd. bsc#1200022
  + 0007-bsc1200022-fifo.Close-prevent-possible-panic-if-fifo.patch
dracut
- Update to version 055+suse.323.gca0e74f0:
  * fix(network-manager): always install the library plugins directory (bsc#1202014)
  * feat(dracut-init.sh): add inst_libdir_dir() helper (bsc#1202014)
  A series of fixes for NVMeoF boot (bsc#1203368):
  * fix(network-legacy): misleading duplicate address detection using wicked
  * fix(man): dracut.cmdline.7: clarify "/rd.nvmf.discover=fc,auto"/
  * fix(network): avoid double brackets around IPv6 address
  * feat(nvmf): set rd.neednet=1 if tcp records encountered
  * fix(man): dracut.cmdline(7): correct syntax for rd.nonvmf
  * fix(network): don't use same ifname multiple times
  * fix(nvmf): run cmdline hook before parse-ip-opts.sh
  * fix(nvmf): avoid calling "/exit"/ in a cmdline hook
  * fix(nvmf): make sure "/rd.nvmf.discover=fc,auto"/ takes precedence
  * fix(nvmf): don't use "/finished"/ queue for autoconnect
  * fix(nvmf): don't create did-setup file
  * fix(nvmf): no need to load the nvme module
  * fix(nvmf): don't try to validate network connections in cmdline hook
  * fix(nvmf): nvme list-subsys prints the address using commas as separator
  * fix(nvmf): deprecate old nvmf cmdline options
  * fix(nvmf): set executable bit on nvmf-autoconnect.sh
- Update to version 055+suse.302.gc7aee2dc:
  * fix(dmsquash-live): correct regression introduced with shellcheck changes (bsc#1203894)
  * fix(systemd): add missing modprobe@.service (bsc#1203749)
  * fix(i18n): do not fail if FONT in /etc/vconsole.conf has the file extension (bsc#1203267)
- Update to version 055+suse.294.gc5bc4bb5:
  Missing network-manager module fixes (bsc#1201975):
  * fix(network-manager): avoid calling unavailable dracut-logger functions
  * fix(network-manager): skip non-directories in /sys/class/net
  * fix(network-manager): disable tty output if the console is not usable
  * fix(network-manager): show output on console only with rd.debug enabled
  * fix(network-manager): write DHCP filename option to dhcpopts file
  * fix(network-manager): ensure safe content of /tmp/dhclient."/$ifname"/.dhcpopts
  * fix(network-manager): include nm-daemon-helper binary
  * fix(network-manager): don't pull in systemd-udev-settle
  * fix(network-manager): support teaming under NM+systemd
  * fix(network-manager): pull in network.target in nm-initrd.service
- Update to version 055+suse.283.ge98ece25:
  * fix(network-manager): check for nm-initrd-generator in both /usr/{libexec,lib} (bsc#1201975)
  * fix(network-legacy): add auto timeout to wicked DHCP test (bsc#1198709)
- Update to version 055+suse.279.g3b3c36b2:
  * fix(bluetooth): accept compressed firmwares in inst_multiple (bsc#1200236)
  * fix(network-legacy): support rd.net.timeout.dhcp (bsc#1200360)
  * fix(convertfs): ignore commented lines in fstab (bsc#1200251)
  * fix(integrity): do not display any error if there is no IMA certificate (bsc#1187654)
- Update to version 055+suse.271.g70f710e4:
  * fix(nfs): /var is not mounted during the transactional-update run (bsc#1184970)
  * fix(nfs): give /run/rpcbind ownership to rpc user (bsc#1177461)
  * fix(dracut-install): copy files preserving ownership attributes (bsc#1197967)
  * fix(crypt): remove quotes from cryptsetupopts (bsc#1197635)
  * fix(lvm): restore setting LVM_MD_PV_ACTIVATED (bsc#1195604)
  * fix(iscsi): remove unneeded iscsi NOP-disable code (bsc#1196267)
  * fix(dracut-systemd): do not require vconsole-setup.service (bsc#1195508)
  * fix(bluetooth): make hostonly configuration files optional (bsc#1195047)
drools
- XEE vulnerability: validator class not used correctly in
  KieModuleModelImpl.java (bsc#1200629, CVE-2021-41411)
- Added:
  * drools-CVE-2021-41411.patch
- Declare the LICENSE file as license and not doc
expat
- Security fix:
  * (CVE-2022-43680, bsc#1204708) use-after free caused by overeager
    destruction of a shared DTD in XML_ExternalEntityParserCreate in
    out-of-memory situations
  - Added patch expat-CVE-2022-43680.patch
- Security fix:
  * (CVE-2022-40674, bsc#1203438) use-after-free in the doContent
    function in xmlparse.c
  - Added patch expat-CVE-2022-40674.patch
fence-agents
- Azure fence agent doesn’t work correctly on SLES15 SP3 - fence_azure_arm
  fails with error 'MSIAuthentication' object has no attribute 'get_token' - SFSC00334437
  (bsc#1195891)
  - Apply proposed patch
    0001-fix_support_for_sovereign_clouds_and_MSI-439.patch
freetype2
- disable brotli linkage / WOFF2 support for now to keep dependencies
  as before.
- Added patches:
  * CVE-2022-27404.patch
    + fixes bsc#1198830, CVE-2022-27404: Buffer Overflow
  * CVE-2022-27405.patch
    + fixes bsc#1198832, CVE-2022-27405: Segmentation Fault
  * CVE-2022-27406.patch
    + fixes bsc#1198823, CVE-2022-27406: Segmentation violation
- Update to version 2.10.4
  * Fix a heap buffer overflow has been found  in the handling of
    embedded PNG bitmaps, introduced in FreeType version 2.6
    (CVE-2020-15999 bsc#1177914)
  * Minor improvements to the B/W rasterizer.
  * Auto-hinter support for Medefaidrin script.
  * Fix various  memory leaks (mainly  for CFF) and other  issues that
    might cause crashes in rare circumstances.
- Update to version 2.10.2
  * Support for WOFF2 fonts, add BR on pkgconfig(libbrotlidec)
  * Function `FT_Get_Var_Axis_Flags' returned random data for Type 1
    MM fonts.
  * Type 1 fonts with non-integer metrics are now supported by the new
    (CFF) engine introduced in FreeType 2.9.
  * Drop support for Python 2 in Freetype's API reference generator
  * Auto-hinter support for Hanifi Rohingya
  * Document the `FT2_KEEP_ALIVE' debugging environment variable.
glib2
- Update to version 2.70.5:
  Bugs fixed: glgo#GNOME/GLib#2620, glgo#GNOME/GLib!2537,
  glgo#GNOME/GLib!2555
- Split gtk-docs from -devel package, these are not needed
  during building projects using glib2
- Use _multibuild as the meson buildprocess is very awkward
  regarding the documentation - builds single-jobs only and
  twice (again during %install). This way the rest of distribution
  waiting for glib2-devel to be available is not blocked by this
glibc
- x86-shared-non-temporal-threshold.patch: Reversing calculation of
  __x86_shared_non_temporal_threshold (bsc#1201942)
- memcmp-power10.patch: powerpc: Optimized memcmp for power10
  (jsc#PED-987)
gnutls
- Fix AVX CPU feature detection for OSXSAVE [bsc#1203299]
  * Fixes a SIGILL termination at the verzoupper instruction when
    trying to run GnuTLS on a Linux kernel with the noxsave command
    line parameter set. Relevant mostly for virutal systems.
  * Upstream bug: https://gitlab.com/gnutls/gnutls/issues/1282
  * Add gnutls-clear-AVX-bits-if-it-cannot-be-queried-XSAVE.patch
- FIPS: Set error state when jent init failed in FIPS mode [bsc#1202146]
  * Add patch gnutls-FIPS-Set-error-state-when-jent-init-failed.patch
- FIPS: Make XTS key check failure not fatal [bsc#1203779]
  * Add gnutls-Make-XTS-key-check-failure-not-fatal.patch
- FIPS: Zeroize the calculated hmac and new_hmac in the
  check_binary_integrity() function. [bsc#1191021]
  * Add gnutls-FIPS-Zeroize-check_binary_integrity.patch
- FIPS: Additional modifications to the SLI. [bsc#1190698]
  * Mark CMAC and GMAC and non-approved in gnutls_pbkfd2().
  * Mark HMAC keylength less than 112 bits as non-approved in
    gnutls_pbkfd2().
  * Adapt the pbkdf2 selftest and the regression tests accordingly.
  * Add gnutls-FIPS-SLI-pbkdf2-verify-keylengths-only-SHA.patch
- FIPS: Port GnuTLS to use jitterentropy [bsc#1202146, jsc#SLE-24941]
  * Add new dependency on jitterentropy
  * Add gnutls-FIPS-jitterentropy.patch
- Security fix: [bsc#1202020, CVE-2022-2509]
  * Fixed double free during verification of pkcs7 signatures
  * Add gnutls-CVE-2022-2509.patch
- FIPS:
  * Modify gnutls-FIPS-force-self-test.patch [bsc#1198979]
  - gnutls_fips140_run_self_tests now properly releases fips_context
- FIPS:
  * Add gnutls_ECDSA_signing.patch [bsc#1190698]
  - Check minimum keylength for symmetric key generation
  - Only allows ECDSA signature with valid set of hashes
    (SHA2 and SHA3)
  * Add gnutls-FIPS-force-self-test.patch [bsc#1198979]
  - Provides interface for running library self tests on-demand
  - Upstream: https://gitlab.com/gnutls/gnutls/-/merge_requests/1598
gpg2
- Security fix [CVE-2022-34903, bsc#1201225]
  - Vulnerable to status injection
  - Added patch gnupg-CVE-2022-34903.patch
- gnupg-detect_FIPS_mode.patch: use AES as default cipher instead
  of 3DES if we are in FIPS mode. (bsc#1196125)
grub2
- Security fixes and hardenings
  * 0001-font-Reject-glyphs-exceeds-font-max_glyph_width-or-f.patch
  * 0002-font-Fix-size-overflow-in-grub_font_get_glyph_intern.patch
- Fix CVE-2022-2601 (bsc#1205178)
  * 0003-font-Fix-several-integer-overflows-in-grub_font_cons.patch
  * 0004-font-Remove-grub_font_dup_glyph.patch
  * 0005-font-Fix-integer-overflow-in-ensure_comb_space.patch
  * 0006-font-Fix-integer-overflow-in-BMP-index.patch
  * 0007-font-Fix-integer-underflow-in-binary-search-of-char-.patch
  * 0008-fbutil-Fix-integer-overflow.patch
- Fix CVE-2022-3775 (bsc#1205182)
  * 0009-font-Fix-an-integer-underflow-in-blit_comb.patch
  * 0010-font-Harden-grub_font_blit_glyph-and-grub_font_blit_.patch
  * 0011-font-Assign-null_font-to-glyphs-in-ascii_font_glyph.patch
  * 0012-normal-charset-Fix-an-integer-overflow-in-grub_unico.patch
- Bump upstream SBAT generation to 3
- Include loopback into signed grub2 image (jsc#PED-2150)
- Add patches for automatic TPM disk unlock (jsc#SLE-24018) (bsc#1196668) (jsc#PED-1276)
  * 0001-luks2-Add-debug-message-to-align-with-luks-and-geli-.patch
  * 0002-cryptodisk-Refactor-to-discard-have_it-global.patch
  * 0003-cryptodisk-Return-failure-in-cryptomount-when-no-cry.patch
  * 0004-cryptodisk-Improve-error-messaging-in-cryptomount-in.patch
  * 0005-cryptodisk-Improve-cryptomount-u-error-message.patch
  * 0006-cryptodisk-Add-infrastructure-to-pass-data-from-cryp.patch
  * 0007-cryptodisk-Refactor-password-input-out-of-crypto-dev.patch
  * 0008-cryptodisk-Move-global-variables-into-grub_cryptomou.patch
  * 0009-cryptodisk-Improve-handling-of-partition-name-in-cry.patch
  * 0010-protectors-Add-key-protectors-framework.patch
  * 0011-tpm2-Add-TPM-Software-Stack-TSS.patch
  * 0012-protectors-Add-TPM2-Key-Protector.patch
  * 0013-cryptodisk-Support-key-protectors.patch
  * 0014-util-grub-protect-Add-new-tool.patch
- Fix no disk unlocking happen (bsc#1196668)
  * 0001-crytodisk-fix-cryptodisk-module-looking-up.patch
- Fix build error
  * fix-tpm2-build.patch
- Fix installation failure due to unavailable nvram device on
  ppc64le (bsc#1201361)
  * 0001-grub-install-set-point-of-no-return-for-powerpc-ieee1275.patch
harfbuzz
- Add harfbuzz-CVE-2022-33068.patch: sbix: limit glyph extents
  (boo#1200900 CVE-2022-33068).
hwdata
- update to 0.365:
  + Updated pci, usb and vendor ids.
- update to 0.364:
  + Updated pci, usb and vendor ids.
- update to 0.363:
  + Updated pci, usb and vendor ids.
- update to 0.362:
  + Updated pci, usb and vendor ids.
- update to 0.361:
  + Updated pci, usb and vendor ids.
- Update to version 0.360 (bsc#1200110):
  + Updated pci, usb and vendor ids.
- Update to version 0.359:
  + Updated pci, usb and vendor ids.
hwinfo
- merge gh#openSUSE/hwinfo#115
- improve treatment of NVME devices (bsc#1200975)
- fix compiler warnings
- 21.83
- merge gh#openSUSE/hwinfo#113
- Keep NVMe's namespace output consistency when
  nvme_core.multipath=1 (bsc#1199948)
- 21.82
icu
- Backport icu-CVE-2020-21913.patch: backport commit 727505bdd
  from upstream, use LocalMemory for cmd to prevent use after free
  (bsc#1193951 CVE-2020-21913).
ipset
- Tumbleweed is not affected by the following SLE issues:
  bsc#1122853
- Update to release 7.15
  * netfilter: ipset: Fix maximal range check in
    hash_ipportnet4_uadt()
- Update to release 7.14
  * Allow specifying protocols by number
  * Limit the maximum range of consecutive elements to add/delete
- Update to release 7.11
  * Argument parsing buffer overflow in ipset_parse_argv fixed
- Update to release 7.10
  * Fix shift-out-of-bounds in htable_bits()
- Update to release 7.9
  * Enable memory accounting for ipset allocations
  * Expose the initval hash parameter to userspace
  * Add bucketsize parameter to all hash types
  * Support the -exist flag with the destroy command
- Update to release 7.6
  * Add checking system_power_efficient_wq in the source tree.
- Update to release 7.5
  * netfilter: ipset: avoid null deref when IPSET_ATTR_LINENO
    is present.
  * netfilter: xt_set: Do not restrict --map-set to the
    mangle table.
- Update to release 7.4
  * Wildcard support for the "/hash:net,iface"/ type.
- Update to new upstream release 7.3
  * Fix rename concurrency with listing, which can result broken
    list/save results.
  * ipset: Copy the right MAC address in bitmap:ip,mac and
    hash:ip,mac sets.
  * ipset: Actually allow destination MAC address for hash:ip,mac
    sets too.
- Update to new upstream release 7.2
  * ipset: Fix memory accounting for hash types on resize
- Update to new upstream release 7.1
  * Correct the manpage about the sort option
  * Implement sorting for hash types in the ipset tool
  * Fix to list/save into file specified by option
- Remove ipset-file.diff (merged)
- Add ipset-file.diff [boo#1116432].
- Update to new upstream release 7.0
  * A new internal protocol version between the kernel and
    userspace is used. This is required in order to support two
    new functions and the extendend LIST operation, which makes
    possible to run ipset in every case entirely over netlink,
    without the need to use getsockopt().
  * The userspace library was reworked so it can be embedded
    without calling the binary.
- Update to new upstream release 6.38
  * Fix parsing service names for ports.
iputils
- Backport 2 fixes for bsc#1203957:
  0001-ping-Add-SA_RESTART-to-sa_flags.patch
  0002-ping-Make-ping_rts-struct-static.patch
jackson-databind
- Update to 2.13.4.2
  * 2.13.4.2 (13-Oct-2022)
    + #3627: Gradle module metadata for '2.13.4.1' references
    non-existent jackson-bom '2.13.4.1' (instead of
    '2.13.4.20221012')
  * 2.13.4.1 (12-Oct-2022)
    + #3590: Add check in primitive value deserializers to avoid
    deep wrapper array nesting wrt 'UNWRAP_SINGLE_VALUE_ARRAYS'
    [bsc#1204370, CVE-2022-42003]
  * 2.13.4 (03-Sep-2022)
    + #3275: JDK 16 Illegal reflective access for
    'Throwable.setCause()' with
    'PropertyNamingStrategy.UPPER_CAMEL_CASE'
    + #3565: 'Arrays.asList()' value deserialization has changed
    from mutable to immutable in 2.13
    + #3582: Add check in 'BeanDeserializer._deserializeFromArray()'
    to prevent use of deeply nested arrays [bsc#1204369,
    CVE-2022-42004]
- Update to 2.13.3
  * 2.13.3 (14-May-2022)
    + #3412: Version 2.13.2 uses 'Method.getParameterCount()' which
    is not supported on Android before API 26
    + #3419: Improve performance of 'UnresolvedForwardReference' for
    forward reference resolution
    + #3446: 'java.lang.StringBuffer' cannot be deserialized
    + #3450: DeserializationProblemHandler is not working with
    wrapper type when returning null
  * 2.13.2.2 (28-Mar-2022)
    + No changes since 2.13.2.1 but fixed Gradle Module Metadata
    ("/module.json"/)
  * 2.13.2.1 (24-Mar-2022)
    + #2816: Optimize UntypedObjectDeserializer wrt recursion
    + #3412: Version 2.13.2 uses 'Method.getParameterCount()' which
    is not supported on Android before API 26
  * 2.13.2 (06-Mar-2022)
    + #3293: Use Method.getParameterCount() where possible
    + #3344: 'Set.of()' (Java 9) cannot be deserialized with
    polymorphic handling
    + #3368: 'SnakeCaseStrategy' causes unexpected
    'MismatchedInputException' during deserialization
    + #3369: Deserialization ignores other Object fields when Object
    or Array value used for enum
    + #3380: 'module-info.java' is in 'META-INF/versions/11' instead
    of 'META-INF/versions/9'
  * 2.13.1 (19-Dec-2021)
    + #3006: Argument type mismatch for 'enum' with '@JsonCreator'
    that takes String, gets JSON Number
    + #3299: Do not automatically trim trailing whitespace from
    'java.util.regex.Pattern' values
    + #3305: ObjectMapper serializes 'CharSequence' subtypes as POJO
    instead of as String (JDK 15+)
    + #3308: 'ObjectMapper.valueToTree()' fails when
    'DeserializationFeature.FAIL_ON_TRAILING_TOKENS' is enabled
    + #3328: Possible DoS if using JDK serialization to serialize
    JsonNode
jakarta-commons-validator
- Declare the LICENSE file as license and not doc
java-11-openjdk
- Update to upstream tag jdk-11.0.17+8 (October 2022 CPU)
  * Security fixes:
    + JDK-8289366, bsc#1204480, CVE-2022-39399: Improve HTTP/2
    client usage
    + JDK-8288508: Enhance ECDSA usage
    + JDK-8286918, bsc#1204472, CVE-2022-21628: Better HttpServer
    service
    + JDK-8287446, bsc#1204475, CVE-2022-21624: Enhance icon
    presentations
    + JDK-8286910: Improve JNDI lookups
    + JDK-8286511: Improve macro allocation
    + JDK-8286526, bsc#1204473, CVE-2022-21619: Improve NTLM support
    + JDK-8286533, bsc#1204471, CVE-2022-21626: Key X509 usages
    + JDK-8286077, bsc#1204468, CVE-2022-21618: Wider MultiByte
    conversions
    + JDK-8286519: Better memory handling
    + JDK-8285662: Better permission resolution
    + JDK-8282252: Improve BigInteger/Decimal validation
    + JDK-8289853: Update HarfBuzz to 4.4.1
    + JDK-8290334: Update FreeType to 2.12.1
    + JDK-8293429: [11u] minor update in attribute style
  * Other fixes:
    + JDK-6606767: resexhausted00[34] fail
    assert(!thread->owns_locks(), "/must release all locks when
    leaving VM"/)
    + JDK-6854300: [TEST_BUG] java/awt/event/MouseEvent/
    /SpuriousExitEnter/SpuriousExitEnter_3.java fails in jdk6u14
    & jdk7
    + JDK-7131823: bug in GIFImageReader
    + JDK-8017175: [TESTBUG] javax/swing/JPopupMenu/4634626/
    /bug4634626.java sometimes failed on mac
    + JDK-8028265: Add legacy tz tests to OpenJDK
    + JDK-8069343: Improve gc/g1/TestHumongousCodeCacheRoots.java
    to use jtreg @requires
    + JDK-8139348: Deprecate 3DES and RC4 in Kerberos
    + JDK-8159694: HiDPI, Unity,
    java/awt/dnd/DropTargetEnterExitTest/MissedDragExitTest.java
    + JDK-8164804: sun/security/ssl/SSLSocketImpl/CloseSocket.java
    makes not reliable time assumption
    + JDK-8169468: NoResizeEventOnDMChangeTest.java fails because
    FS Window didn't receive all resizes!
    + JDK-8172065: javax/swing/JTree/4908142/bug4908142.java The
    selected index should be "/aad"/
    + JDK-8183372: Refactor java/lang/Class shell tests to java
    + JDK-8186143: keytool -ext option doesn't accept wildcards for
    DNS subject alternative names
    + JDK-8193462: Fix Filer handling of package-info initial
    elements
    + JDK-8203277: preflow visitor used during lambda attribution
    shouldn't visit class definitions inside the lambda body
    + JDK-8208471: nsk/jdb/unwatch/unwatch002/unwatch002.java fails
    with "/Prompt is not received during 300200 milliseconds"/
    + JDK-8209052: Low contrast in docs/api/constant-values.html
    + JDK-8209736: runtime/RedefineTests/ModifyAnonymous.java fails
    with NullPointerException when running in CDS mode
    + JDK-8210107: vmTestbase/nsk/stress/network tests fail with
    Cannot assign requested address (Bind failed)
    + JDK-8210722: JAXP Tests: CatalogSupport2 and CatalogSupport3
    generate incorrect messages upon failure
    + JDK-8210960: Allow --with-boot-jdk-jvmargs to work during
    configure
    + JDK-8212904: JTextArea line wrapping incorrect when using UI
    scale
    + JDK-8213695: gc/TestAllocateHeapAtMultiple.java is slow in
    some configs
    + JDK-8214078: (fs) SecureDirectoryStream not supported on arm32
    + JDK-8214427: probable bug in logic of
    ConcurrentHashMap.addCount()
    + JDK-8215291: Broken links when generating from project
    without modules
    + JDK-8217170: gc/arguments/TestUseCompressedOopsErgo.java
    timed out
    + JDK-8217332: JTREG: Clean up, use generics instead of raw
    types
    + JDK-8218128: vmTestbase/nsk/jvmti/ResourceExhausted/
    /resexhausted003 and 004 use wrong path to test classes
    + JDK-8218413: make reconfigure ignores configure-time AUTOCONF
    environment variable
    + JDK-8219074: [TESTBUG] runtime/containers/docker/
    /TestCPUAwareness.java typo of printing parameters (period
    should be shares)
    + JDK-8219149: ProcessTools.ProcessBuilder should print timing
    info for subprocesses
    + JDK-8220744: [TESTBUG] Move RedefineTests from runtime to
    serviceability
    + JDK-8221871: javadoc should not set role=region on <section>
    elements
    + JDK-8221907: make reconfigure breaks when configured with
    relative paths
    + JDK-8223543: [TESTBUG] Regression test java/awt/Graphics2D/
    /DrawString/LCDTextSrcEa.java has issues
    + JDK-8223575: add subspace transitions to gc+metaspace=info
    log lines
    + JDK-8225122: Test AncestorResized.java fails when Windows
    desktop is scaled.
    + JDK-8226976: SessionTimeOutTests uses == operator for String
    value check
    + JDK-8230708: Hotspot fails to build on linux-sparc with gcc-9
    + JDK-8233712: Limit default tests jobs based on ulimit -u
    setting
    + JDK-8235870: C2 crashes in
    IdealLoopTree::est_loop_flow_merge_sz()
    + JDK-8236490: Compiler bug relating to @NonNull annotation
    + JDK-8236823: Ensure that API documentation uses minified
    libraries
    + JDK-8238203: Return value of GetUserDefaultUILanguage()
    should be handled as LANGID
    + JDK-8238268: Many SA tests are not running on OSX because
    they do not attempt to use sudo when available
    + JDK-8238196: tests that use SA Attach should not be allowed
    to run against signed binaries on Mac OS X 10.14.5 and later
    + JDK-8238586: [TESTBUG] vmTestbase/jit/tiered/Test.java failed
    when TieredCompilation is disabled
    + JDK-8239265: JFR: Test cleanup of jdk.jfr.api.consumer package
    + JDK-8239379: ProblemList
    serviceability/sa/sadebugd/DebugdConnectTest.java on OSX
    + JDK-8271512: ProblemList serviceability/sa/sadebugd/
    /DebugdConnectTest.java due to 8270326
    + JDK-8239423: jdk/jfr/jvm/TestJFRIntrinsic.java failed with
  - XX:-TieredCompilation
    + JDK-8239902: [macos] Remove direct usage of JSlider,
    JProgressBar classes in CAccessible class
    + JDK-8240903: Add test to check that jmod hashes are
    reproducible
    + JDK-8242188: error in jtreg test jdk/jfr/api/consumer/
    /TestRecordedFrame.java on linux-aarch64
    + JDK-8247546: Pattern matching does not skip correctly over
    supplementary characters
    + JDK-8247907: XMLDsig logging does not work
    + JDK-8247964: All log0() in
    com/sun/org/slf4j/internal/Logger.java should be private
    + JDK-8249623: test @ignore-d due to 7013634 should be returned
    back to execution
    + JDK-8251152: ARM32: jtreg c2 Test8202414 test crash
    + JDK-8251551: Use .md filename extension for README
    + JDK-8252145: Unify Info.plist files with correct version
    strings
    + JDK-8253829: Wrong length compared in SSPI bridge
    + JDK-8253916: ResourceExhausted/resexhausted001 crashes on
    Linux-x64
    + JDK-8254178: Remove .hgignore
    + JDK-8254318: Remove .hgtags
    + JDK-8255724: [XRender] the BlitRotateClippedArea test fails
    on Linux in the XR pipeline
    + JDK-8255729: com.sun.tools.javac.processing.JavacFiler
    .FilerOutputStream  is inefficient
    + JDK-8257623: vmTestbase/nsk/jvmti/ResourceExhausted/
    /resexhausted001/TestDescription.java shouldn't use timeout
    + JDK-8258946: Fix optimization-unstable code involving signed
    integer overflow
    + JDK-8261160: Add a deserialization JFR event
    + JDK-8262085: Hovering Metal HTML Tooltips in different
    windows cause IllegalArgExc on Linux
    + JDK-8264400: (fs) WindowsFileStore equality depends on how
    the FileStore was constructed
    + JDK-8264792: The NumberFormat for locale sq_XK formats price
    incorrectly.
    + JDK-8265100: (fs) WindowsFileStore.hashCode() should read
    cached hash code once
    + JDK-8265531: doc/building.md should mention homebrew install
    freetype
    + JDK-8266250: WebSocketTest and WebSocketProxyTest call
    assertEquals(List<byte[]>, List<byte[]>)
    + JDK-8266254: Update to use jtreg 6 8265020: tests must be
    updated for new TestNG module name
    + JDK-8266460: java.io tests fail on null stream with upgraded
    jtreg/TestNG
    + JDK-8266461: tools/jmod/hashes/HashesTest.java fails: static
    @Test methods 8267180: Typo in copyright header  for
    HashesTest
    + JDK-8266490: Extend the OSContainer API to support the pids
    controller of cgroups
    + JDK-8266675: Optimize IntHashTable for encapsulation and ease
    of use
    + JDK-8266774: System property values for stdout/err on Windows
    UTF-8
    + JDK-8266881: Enable debug log for
    SSLEngineExplorerMatchedSNI.java
    + JDK-8267271: Fix gc/arguments/TestNewRatioFlag.java
    expectedNewSize calculation
    + JDK-8267880: Upgrade the default PKCS12 MAC algorithm
    + JDK-8268185: Update GitHub Actions for jtreg 6
    + JDK-8269039: Disable SHA-1 Signed JARs
    + JDK-8269517: compiler/loopopts/
    /TestPartialPeelingSinkNodes.java crashes with
  - XX:+VerifyGraphEdges
    + JDK-8270090: C2: LCM may prioritize CheckCastPP nodes over
    projections
    + JDK-8270312: Error: Not a test or directory containing tests:
    java/awt/print/PrinterJob/XparColor.java
    + JDK-8271010: vmTestbase/gc/lock/malloc/malloclock04/
    /TestDescription.java crashes intermittently
    + JDK-8271078: jdk/incubator/vector/Float128VectorTests.java
    failed a subtest
    + JDK-8272352: Java launcher can not parse Chinese character
    when system locale is set to UTF-8
    + JDK-8272398: Update DockerTestUtils.buildJdkDockerImage()
    + JDK-8273526: Extend the OSContainer API  pids controller with
    pids.current
    + JDK-8274506: TestPids.java and TestPidsLimit.java fail with
    podman run as root
    + JDK-8274517: java/util/DoubleStreamSums/CompensatedSums.java
    fails with expected [true] but found [false]
    + JDK-8274687: JDWP deadlocks if some Java thread reaches wait
    in blockOnDebuggerSuspend
    + JDK-8275008: gtest build failure due to stringop-overflow
    warning with gcc11
    + JDK-8275689: [TESTBUG] Use color tolerance only for XRender
    in BlitRotateClippedArea test
    + JDK-8275887: jarsigner prints invalid digest/signature
    algorithm warnings if keysize is weak/disabled
    + JDK-8277893: Arraycopy stress tests
    + JDK-8278067: Make HttpURLConnection default keep alive
    timeout configurable
    + JDK-8278344: sun/security/pkcs12/
    /KeytoolOpensslInteropTest.java test fails because of
    different openssl output
    + JDK-8278519: serviceability/jvmti/FieldAccessWatch/
    /FieldAccessWatch.java failed "/assert(handle != __null)
    failed: JNI handle should not be null"/
    + JDK-8279032: compiler/loopopts/
    /TestSkeletonPredicateNegation.java times out with
  - XX:TieredStopAtLevel < 4
    + JDK-8279385: [test]  Adjust sun/security/pkcs12/
    /KeytoolOpensslInteropTest.java after 8278344
    + JDK-8279622: C2: miscompilation of map pattern as a vector
    reduction
    + JDK-8280913: Create a regression test for
    JRootPane.setDefaultButton() method
    + JDK-8281181: Do not use CPU Shares to compute active
    processor count
    + JDK-8281535: Create a regression test for JDK-4670051
    + JDK-8281569: Create tests for Frame.setMinimumSize() method
    + JDK-8281628: KeyAgreement : generateSecret intermittently not
    resetting
    + JDK-8281738: Create a regression test for checking the
    'Space' key activation of focused Button
    + JDK-8281745: Create a regression test for JDK-4514331
    + JDK-8281988: Create a regression test for JDK-4618767
    + JDK-8282214: Upgrade JQuery to version 3.6.0
    + JDK-8282234: Create a regression test for JDK-4532513
    + JDK-8282280: Update Xerces to Version 2.12.2
    + JDK-8282343: Create a regression test for JDK-4518432
    + JDK-8282538: PKCS11 tests fail on CentOS Stream 9
    + JDK-8282548: Create a regression test for JDK-4330998
    + JDK-8282555: Missing memory edge when spilling MoveF2I,
    MoveD2L etc
    + JDK-8282789: Create a regression test for the JTree usecase
    of JDK-4618767
    + JDK-8282860: Write a regression test for JDK-4164779
    + JDK-8282933: Create a test for JDK-4529616
    + JDK-8282947: JFR: Dump on shutdown live-locks in some
    conditions
    + JDK-8283015: Create a test for JDK-4715496
    + JDK-8283017: GHA: Workflows break with update release versions
    + JDK-8283087: Create a test or JDK-4715503
    + JDK-8283245: Create a test for JDK-4670319
    + JDK-8283277: ISO 4217 Amendment 171 Update
    + JDK-8283441: C2: segmentation fault in
    ciMethodBlocks::make_block_at(int)
    + JDK-8283493: Create an automated regression test for RFE
    4231298
    + JDK-8283507: Create a regression test for RFE 4287690
    + JDK-8283621: Write a regression test for CCC4400728
    + JDK-8283623: Create an automated regression test for
    JDK-4525475
    + JDK-8283624: Create an automated regression test for
    RFE-4390885
    + JDK-8283803: Remove jtreg tag manual=yesno for
    java/awt/print/PrinterJob/PrintGlyphVectorTest.java and fix
    test
    + JDK-8284898: Enhance PassFailJFrame
    + JDK-8283849: AsyncGetCallTrace may crash JVM on guarantee
    + JDK-8283903: GetContainerCpuLoad does not return the correct
    result in share mode
    + JDK-8284077: Create an automated test for JDK-4170173
    + JDK-8284367: JQuery UI upgrade from 1.12.1 to 1.13.1
    + JDK-8284535: Fix PrintLatinCJKTest.java test that is failing
    with Parse Exception
    + JDK-8283712: Create a manual test framework class
    + JDK-8284680: sun.font.FontConfigManager.getFontConfig() leaks
    charset
    + JDK-8284694: Avoid evaluating SSLAlgorithmConstraints twice
    + JDK-8284754: print more interesting env variables in hs_err
    and VM.info
    + JDK-8284758: [linux] improve print_container_info
    + JDK-8284882: SIGSEGV in Node::verify_edges due to compilation
    bailout
    + JDK-8284944: assert(cnt++ < 40) failed: infinite cycle in
    loop optimization
    + JDK-8284950: CgroupV1 detection code should consider
    memory.swappiness
    + JDK-8284956: Potential leak awtImageData/color_data when
    initializes X11GraphicsEnvironment
    + JDK-8285081: Improve XPath operators count accuracy
    + JDK-8285097: Duplicate XML keys in XPATHErrorResources.java
    and XSLTErrorResources.java
    + JDK-8285380: Fix typos in security
    + JDK-8285398: Cache the results of constraint checks
    + JDK-8285693: Create an automated test for JDK-4702199
    + JDK-8285696: AlgorithmConstraints:permits not throwing
    IllegalArgumentException when 'alg'  is null
    + JDK-8285728: Alpine Linux build fails with busybox tar
    + JDK-8285820: C2: LCM prioritizes locally dependent CreateEx
    nodes over projections after 8270090
    + JDK-8286114: [test] show real exception in bomb call in
    sun/rmi/runtime/Log/checkLogging/CheckLogging.java
    + JDK-8286177: C2: "/failed: non-reduction loop contains
    reduction nodes"/ assert failure
    + JDK-8286211: Update PCSC-Lite for Suse Linux to 1.9.5
    + JDK-8286314: Trampoline not created for far runtime targets
    outside small CodeCache
    + JDK-8286582: Build fails on macos aarch64 when using
  - -with-zlib=bundled
    + JDK-8287017: Bump update version for OpenJDK: jdk-11.0.17
    + JDK-8287073: NPE from CgroupV2Subsystem.getInstance()
    + JDK-8287107: CgroupSubsystemFactory.setCgroupV2Path asserts
    with freezer controller
    + JDK-8287202: GHA: Add macOS aarch64 to the list of default
    platforms for workflow_dispatch event
    + JDK-8287223: C1: Inlining attempt through MH::invokeBasic()
    with null receiver
    + JDK-8287336: GHA: Workflows break on patch versions
    + JDK-8287366: Improve test failure reporting in GHA
    + JDK-8287432: C2: assert(tn->in(0) != __null) failed: must
    have live top node
    + JDK-8287463: JFR: Disable TestDevNull.java on Windows
    + JDK-8287663: Add a regression test for JDK-8287073
    + JDK-8287672: jtreg test com/sun/jndi/ldap/
    /LdapPoolTimeoutTest.java fails intermittently in nightly run
    + JDK-8287741: Fix of JDK-8287107 (unused cgv1 freezer
    controller) was incomplete
    + JDK-8288360: CI: ciInstanceKlass::implementor() is not
    consistent for well-known classes
    + JDK-8288467: remove memory_operand assert for spilled
    instructions
    + JDK-8288754: GCC 12 fails to build zReferenceProcessor.cpp
    + JDK-8288763: Pack200 extraction failure with invalid size
    + JDK-8288781: C1: LIR_OpVisitState::maxNumberOfOperands too
    small
    + JDK-8288865: [aarch64] LDR instructions must use legitimized
    addresses
    + JDK-8288928: Incorrect GPL header in pnglibconf.h (backport
    of JDK-8185041)
    + JDK-8289471: Issue in Initialization of keys in ErrorMsg.java
    and XPATHErrorResources.java
    + JDK-8289477: Memory corruption with CPU_ALLOC, CPU_FREE on
    muslc
    + JDK-8289486: Improve XSLT XPath operators count efficiency
    + JDK-8289549: ISO 4217 Amendment 172 Update
    + JDK-8289569: [test] java/lang/ProcessBuilder/Basic.java fails
    on Alpine/musl
    + JDK-8289799: Build warning in methodData.cpp memset
    zero-length parameter
    + JDK-8289856: [PPC64] SIGSEGV in C2Compiler::init_c2_runtime()
    after JDK-8289060
    + JDK-8290000: Bump macOS GitHub actions to macOS 11
    + JDK-8290004: [PPC64] JfrGetCallTrace: assert(_pc != nullptr)
    failed: must have PC
    + JDK-8290198: Shenandoah: a few Shenandoah tests failure after
    JDK-8214799 11u backport
    + JDK-8290246: test fails "/assert(init != __null) failed:
    initialization not found"/
    + JDK-8290813: jdk/nashorn/api/scripting/test/
    /ScriptObjectMirrorTest.java fails: assertEquals is ambiguous
    + JDK-8290886: [11u]: Backport of JDK-8266250 introduced test
    failures
    + JDK-8291570: [TESTBUG] Part of JDK-8250984 absent from 11u
    + JDK-8291713: assert(!phase->exceeding_node_budget()) failed:
    sanity after JDK-8223389
    + JDK-8291794: [11u] Corrections after backport of JDK-8212028
    + JDK-8292255: Bump update version for OpenJDK: jdk-11.0.16.1
    + JDK-8292260: [BACKOUT] JDK-8279219: [REDO] C2 crash when
    allocating array of size too large (bsc#1204523)
    + JDK-8292579: (tz) Update Timezone Data to 2022c
    + JDK-8292852: [11u] TestMemoryWithCgroupV1 fails after
    JDK-8292768
    + JDK-8295057: [11u] Remove designator
    DEFAULT_PROMOTED_VERSION_PRE=ea for release 11.0.17
- Modified patch:
  * fips.patch
    + sync with newest RedHat version
- Package the JAVA_HOME/release files in *-headless package
  * fixes boo#1203476
- Update to upstream tag jdk-11.0.16+8 (July 2022 CPU)
  * Security fixes:
    + JDK-8272243: Improve DER parsing
    + JDK-8272249: Better properties of loaded Properties
    + JDK-8277608: Address IP Addressing
    + JDK-8281859, CVE-2022-21540, bsc#1201694: Improve class
    compilation
    + JDK-8281866, CVE-2022-21541, bsc#1201692: Enhance
    MethodHandle invocations
    + JDK-8283190: Improve MIDI processing
    + JDK-8284370: Improve zlib usage
    + JDK-8285407, CVE-2022-34169, bsc#1201684: Improve Xalan
    supports
  * Other fixes:
    + JDK-6986863: ProfileDeferralMgr throwing
    ConcurrentModificationException
    + JDK-7124293: [macosx] VoiceOver reads percentages rather than
    the actual values for sliders.
    + JDK-7124301: [macosx] When in a tab group if you arrow
    between tabs there are no VoiceOver announcements.
    + JDK-8133713: [macosx] Accessible JTables always reported as
    empty
    + JDK-8139046: Compiler Control: IGVPrintLevel directive should
    set PrintIdealGraph
    + JDK-8139173: [macosx] JInternalFrame shadow is not properly
    drawn
    + JDK-8163498: Many long-running security libs tests
    + JDK-8166727: javac crashed: [jimage.dll+0x1942]
    ImageStrings::find+0x28
    + JDK-8169004: Fix redundant @requires tags in tests
    + JDK-8181571: printing to CUPS fails on mac sandbox app
    + JDK-8182404: remove jdk.testlibrary.JDKToolFinder and
    JDKToolLauncher
    + JDK-8186548: move jdk.testlibrary.JcmdBase closer to tests
    + JDK-8192057: com/sun/jdi/BadHandshakeTest.java fails with
    java.net.ConnectException
    + JDK-8193682: Infinite loop in ZipOutputStream.close()
    + JDK-8199874: [TESTBUG] runtime/Thread/ThreadPriorities.java
    fails with "/expected 0 to equal 10"/
    + JDK-8202886: [macos] Test java/awt/MenuBar/8007006/
    /bug8007006.java fails on MacOS
    + JDK-8203238: [TESTBUG] rewrite MemOptions shell test in Java
    + JDK-8203239: [TESTBUG] remove vmTestbase/vm/gc/kind/parOld
    test
    + JDK-8206187: javax/management/remote/mandatory/connection/
    /DefaultAgentFilterTest.java fails with Port already in use
    + JDK-8206330: Revisit com/sun/jdi/RedefineCrossEvent.java
    + JDK-8207364: nsk/jvmti/ResourceExhausted/resexhausted003
    fails to start
    + JDK-8208207: Test nsk/stress/jni/gclocker/gcl001 fails after
    co-location
    + JDK-8208246: flags duplications in
    vmTestbase_vm_g1classunloading tests
    + JDK-8208249: TriggerUnloadingByFillingMetaspace generates
    garbage class names
    + JDK-8208697: vmTestbase/metaspace/stressHierarchy/
    /stressHierarchy012/TestDescription.java fails with
    OutOfMemoryError: Metaspace
    + JDK-8209150: [TESTBUG] Add logging to verify JDK-8197901 to a
    different test
    + JDK-8209776: Refactor jdk/security/JavaDotSecurity/ifdefs.sh
    to plain java test
    + JDK-8209883: ZGC: Compile without C1 broken
    + JDK-8209920: runtime/logging/RedefineClasses.java fail with
    OOME with ZGC
    + JDK-8210022: remove jdk.testlibrary.ProcessThread, TestThread
    and XRun
    + JDK-8210039: move OSInfo to top level testlibrary
    + JDK-8210108: sun/tools/jstatd test build failures after
    JDK-8210022
    + JDK-8210112: remove jdk.testlibrary.ProcessTools
    + JDK-8210649: AssertionError @
    jdk.compiler/com.sun.tools.javac.comp.Modules.enter
    (Modules.java:244)
    + JDK-8210732: remove jdk.testlibrary.Utils
    + JDK-8211795: ArrayIndexOutOfBoundsException in PNGImageReader
    after JDK-6788458
    + JDK-8211822: Some tests fail after JDK-8210039
    + JDK-8211962: Implicit narrowing in MacOSX java.desktop jsound
    + JDK-8212151: jdi/ExclusiveBind.java times out due to "/bind
    failed: Address already in use"/ on Solaris-X64
    + JDK-8213440: Lingering INCLUDE_ALL_GCS in
    test_oopStorage_parperf.cpp
    + JDK-8214275: CondyRepeatFailedResolution asserts "/Dynamic
    constant has no fixed basic type"/
    + JDK-8214799: Add package declaration to each JTREG test case
    in the gc folder
    + JDK-8215544: SA: Modify ClhsdbLauncher to add sudo privileges
    to enable MacOS tests on Mach5
    + JDK-8216137: assert(Compile::current()->live_nodes() <
    Compile::current()->max_node_limit()) failed: Live Node limit
    exceeded limit
    + JDK-8216265: [testbug] Introduce
    Platform.sharedLibraryPathVariableName() and adapt all tests.
    + JDK-8217017: [TESTBUG] Tests fail to compile after JDK-8216265
    + JDK-8217233: Update build settings for AIX/xlc
    + JDK-8217340: Compilation failed:
    tools/launcher/Test7029048.java
    + JDK-8217473: SA: Tests using ClhsdbLauncher fail on SAP
    docker containers
    + JDK-8218136: minor hotspot adjustments for xlclang++ from
    xlc16 on AIX
    + JDK-8218751: Do not store original classfiles inside the CDS
    archive
    + JDK-8218965: aix:  support xlclang++ in the compiler detection
    + JDK-8220658: Improve the readability of container information
    in the error log
    + JDK-8220813: update hotspot tier1_gc tests depending on GC to
    use @requires vm.gc.X
    + JDK-8222799: java.beans.Introspector uses an obsolete methods
    cache
    + JDK-8222926: Shenandoah build fails with
  - -with-jvm-features=-compiler1
    + JDK-8223143: Restructure/clean-up for 'loopexit_or_null()'.
    + JDK-8223363: Bad node estimate assertion failure
    + JDK-8223502: Node estimate for loop unswitching is not
    correct: assert(delta <= 2 * required) failed: Bad node estimate
    + JDK-8224648: assert(!exceeding_node_budget()) failed: Too
    many NODES required! failure with ctw
    + JDK-8223389: Shenandoah optimizations fail with
    assert(!phase->exceeding_node_budget())
    + JDK-8223396: [TESTBUG] several jfr tests do not clean up
    files created in /tmp
    + JDK-8225475: Node budget asserts on x86_32/64
    + JDK-8227171: provide function names in native stack trace on
    aix with xlc16
    + JDK-8227389: Remove unsupported xlc16 compile options on aix
    + JDK-8229210: [TESTBUG] Move gc stress tests from JFR
    directory tree to gc/stress
    + JDK-8229486: Replace wildcard address with loopback or local
    host in tests - part 21
    + JDK-8229499: Node budget assert in fuzzed test
    + JDK-8230305: Cgroups v2: Container awareness
    + JDK-8229202: Docker reporting causes secondary crashes in
    error handling
    + JDK-8216366: Add rationale to PER_CPU_SHARES define
    + JDK-8230865: [TESTBUG] jdk/jfr/event/io/EvilInstrument.java
    fails at-run shell MakeJAR.sh target
    + JDK-8231111: Cgroups v2: Rework Metrics in java.base so as to
    recognize unified hierarchy
    + JDK-8231454: File lock in Windows on a loaded jar due to a
    leak in Introspector::getBeanInfo
    + JDK-8231489: GC watermark_0_1 failed due to
    "/metaspace.gc.Fault: GC has happened too rare"/
    + JDK-8231565: More node budget asserts in fuzzed tests
    + JDK-8233551: [TESTBUG] SelectEditTableCell.java fails on MacOS
    + JDK-8234382: Test tools/javac/processing/model/
    /testgetallmembers/Main.java using too small heap
    + JDK-8234605: C2 failed "/assert(C->live_nodes() -
    live_at_begin <= 2 * _nodes_required) failed: Bad node
    estimate: actual = 208 >> request = 101"/
    + JDK-8234608: [TESTBUG] Fix G1 redefineClasses tests and a
    memory leak
    + JDK-8235220: ClhsdbScanOops.java fails with
    sun.jvm.hotspot.types.WrongTypeException
    + JDK-8235385: Crash on aarch64 JDK due to long offset
    + JDK-8237479: 8230305 causes slowdebug build failure
    + JDK-8239559: Cgroups: Incorrect detection logic on some
    systems
    + JDK-8239785: Cgroups: Incorrect detection logic on old
    systems in hotspot
    + JDK-8240132: ProblemList com/sun/jdi/InvokeHangTest.java
    + JDK-8240189: [TESTBUG] Some cgroup tests are failing after
    JDK-8231111
    + JDK-8240335: C2: assert(found_sfpt) failed: no node in loop
    that's not input to safepoint
    + JDK-8240734: ModuleHashes attribute not reproducible between
    builds
    + JDK-8240756: [macos] SwingSet2:TableDemo:Printed Japanese
    characters were garbled
    + JDK-8241707: introduce randomness k/w to hotspot test suite
    + JDK-8242310: use reproducible random in hotspot compiler tests
    + JDK-8242311: use reproducible random in hotspot runtime tests
    + JDK-8242312: use reproducible random in hotspot gc tests
    + JDK-8242313: use reproducible random in hotspot svc tests
    + JDK-8242538: java/security/SecureRandom/ThreadSafe.java
    failed on windows
    + JDK-8243429: use reproducible random in :vmTestbase_nsk_stress
    + JDK-8243666: ModuleHashes attribute generated for JMOD and
    JAR files depends on timestamps
    + JDK-8244500: jtreg test error in test/hotspot/jtreg/
    /containers/docker/TestMemoryAwareness.java
    + JDK-8244602: Add JTREG_REPEAT_COUNT to repeat execution of a
    test
    + JDK-8245543: Cgroups: Incorrect detection logic on some
    systems (still reproducible)
    + JDK-8245938: Remove unused print_stack(void) method from
    XToolkit.c
    + JDK-8246494: introduce vm.flagless at-requires property
    + JDK-8246741: NetworkInterface/UniqueMacAddressesTest: mac
    address uniqueness test failed
    + JDK-8247589: Implementation of Alpine Linux/x64 Port
    + JDK-8247591: Document Alpine Linux build steps in OpenJDK
    build guide
    + JDK-8247592: refactor test/jdk/tools/launcher/Test7029048.java
    + JDK-8247614: java/nio/channels/DatagramChannel/Connect.java
    timed out
    + JDK-8248876: LoadObject with bad base address created for
    exec file on linux
    + JDK-8249592: Robot.mouseMove moves cursor to incorrect
    location when display scale varies and Java runs in DPI
    Unaware mode
    + JDK-8252117: com/sun/jdi/BadHandshakeTest.java failed with
    "/ConnectException: Connection refused: connect"/
    + JDK-8252248: __SIGRTMAX is not declared in musl libc
    + JDK-8252250: isnanf is obsolete
    + JDK-8252359: HotSpot Not Identifying it is Running in a
    Container
    + JDK-8252957: Wrong comment in CgroupV1Subsystem::cpu_quota
    + JDK-8253435: Cgroup: 'stomping of _mount_path' crash if
    manually mounted cpusets exist
    + JDK-8253714: [cgroups v2] Soft memory limit incorrectly using
    memory.high
    + JDK-8253727: [cgroups v2] Memory and swap limits reported
    incorrectly
    + JDK-8253797: [cgroups v2] Account for the fact that swap
    accounting is disabled on some systems
    + JDK-8253872: ArgumentHandler must use the same delimiters as
    in jvmti_tools.cpp
    + JDK-8253939: [TESTBUG] Increase coverage of the cgroups
    detection code
    + JDK-8254001: [Metrics] Enhance parsing of cgroup interface
    files for version detection
    + JDK-8254887: C2: assert(cl->trip_count() > 0) failed: peeling
    a fully unrolled loop
    + JDK-8254997: Remove unimplemented
    OSContainer::read_memory_limit_in_bytes
    + JDK-8255266: Update Public Suffix List to 3c213aa
    + JDK-8255604: java/nio/channels/DatagramChannel/Connect.java
    fails with java.net.BindException: Cannot assign requested
    address: connect
    + JDK-8255787: Tag container tests that use cGroups with
    cgroups keyword
    + JDK-8256146: Cleanup test/jdk/java/nio/channels/
    /DatagramChannel/Connect.java
    + JDK-8256722: handle VC++:1927 VS2019 in  abstract_vm_version
    + JDK-8257794: Zero: assert(istate->_stack_limit ==
    istate->_thread->last_Java_sp() + 1) failed: wrong on
    Linux/x86_32
    + JDK-8258795: Update IANA Language Subtag Registry to Version
    2021-05-11
    + JDK-8258956: Memory Leak in StringCoding on ThreadLocal
    resultCached StringCoding.Result
    + JDK-8259517: Incorrect test path in test cases
    + JDK-8260518: Change default -mmacosx-version-min to 10.12
    + JDK-8261169: Upgrade HarfBuzz to the latest 2.8.0
    + JDK-8262379: Add regression test for JDK-8257746
    + JDK-8263364: sun/net/www/http/KeepAliveStream/
    /KeepAliveStreamCloseWithWrongContentLength.java wedged in
    getInputStream
    + JDK-8263718: unused-result warning happens at os_linux.cpp
    + JDK-8263856: Github Actions for macos/aarch64 cross-build
    + JDK-8264179: [TESTBUG] Some compiler tests fail when running
    without C2
    + JDK-8265261: java/nio/file/Files/InterruptCopy.java fails
    with java.lang.RuntimeException: Copy was not interrupted
    + JDK-8265297: javax/net/ssl/SSLSession/
    /TestEnabledProtocols.java failed with "/RuntimeException:
    java.net.SocketException: Connection reset"/
    + JDK-8265343: Update Debian-based cross-compilation recipes
    + JDK-8266251: compiler.inlining.InlineAccessors shouldn't do
    testing in driver VM
    + JDK-8266318: Switch to macos prefix for macOS bundles
    + JDK-8266391: Replace use of reflection in
    jdk.internal.platform.Metrics
    + JDK-8266545: 8261169 broke Harfbuzz build with gcc 7 and 8
    + JDK-8268773: Improvements related to: Failed to start thread
  - pthread_create failed (EAGAIN)
    + JDK-8269772: [macos-aarch64] test compilation failed with
    "/SocketException: No buffer space available"/
    + JDK-8269933: test/jdk/javax/net/ssl/compatibility/JdkInfo
    incorrect verification of protocol and cipher support
    + JDK-8270797: ShortECDSA.java test is not complete
    + JDK-8271055: Crash during deoptimization with
    "/assert(bb->is_reachable()) failed: getting result from
    unreachable basicblock"/ with -XX:+VerifyStack
    + JDK-8271199: Mutual TLS handshake fails signing client
    certificate with custom sensitive PKCS11 key
    + JDK-8272167: AbsPathsInImage.java should skip *.dSYM
    directories
    + JDK-8272358: Some tests may fail when executed with other
    locales than the US
    + JDK-8272493: Suboptimal code generation around
    Preconditions.checkIndex intrinsic with AVX2
    + JDK-8272908: Missing coverage for certain classes in
    com.sun.org.apache.xml.internal.security
    + JDK-8272964: java/nio/file/Files/InterruptCopy.java fails
    with java.lang.RuntimeException: Copy was not interrupted
    + JDK-8273176: handle latest VS2019 in abstract_vm_version
    + JDK-8273655: content-types.properties files are missing some
    common types
    + JDK-8274171: java/nio/file/Files/probeContentType/Basic.java
    failed on "/Content type"/ mismatches
    + JDK-8274233: Minor cleanup for ToolBox
    + JDK-8274735: javax.imageio.IIOException: Unsupported Image
    Type while processing a valid JPEG image
    + JDK-8274751: Drag And Drop hangs on Windows
    + JDK-8275082: Update XML Security for Java to 2.3.0
    + JDK-8275330: C2:  assert(n->is_Root() || n->is_Region() ||
    n->is_Phi() || n->is_MachMerge() ||
    def_block->dominates(block)) failed: uses must be dominated
    by definitions
    + JDK-8275337: C1: assert(false) failed: live_in set of first
    block must be empty
    + JDK-8276657: XSLT compiler tries to define a class with empty
    name
    + JDK-8276990: Memory leak in invoker.c fillInvokeRequest()
    during JDI operations
    + JDK-8277072: ObjectStreamClass caches keep ClassLoaders alive
    + JDK-8277093: Vector should throw ClassNotFoundException for a
    missing class of an element
    + JDK-8277396: [TESTBUG] In DefaultButtonModelCrashTest.java,
    frame is accessed from main thread
    + JDK-8277422: tools/jar/JarEntryTime.java fails with modified
    time mismatch
    + JDK-8277922: Unable to click JCheckBox in JTable through Java
    Access Bridge
    + JDK-8278065: Refactor subclassAudits to use ClassValue
    + JDK-8278186: org.jcp.xml.dsig.internal.dom.Utils
    .parseIdFromSameDocumentURI throws
    StringIndexOutOfBoundsException when calling substring method
    + JDK-8278346: java/nio/file/Files/probeContentType/Basic.java
    fails on Linux SLES15 machine
    + JDK-8278472: Invalid value set to CANDIDATEFORM structure
    + JDK-8278794: Infinite loop in DeflaterOutputStream.finish()
    + JDK-8278851: Correct signer logic for jars signed with
    multiple digestalgs
    + JDK-8278951: containers/cgroup/PlainRead.java fails on Ubuntu
    21.10
    + JDK-8279219: [REDO] C2 crash when allocating array of size
    too large
    + JDK-8279356: Method linking fails with
    guarantee(mh->adapter() != NULL) failed: Adapter blob must
    already exist!
    + JDK-8279505: Update documentation for RETRY_COUNT and
    REPEAT_COUNT
    + JDK-8279520: SPNEGO has not passed channel binding info into
    the underlying mechanism
    + JDK-8279529: ProblemList java/nio/channels/DatagramChannel/
    /ManySourcesAndTargets.java on macosx-aarch64
    + JDK-8279532: ProblemList sun/security/ssl/SSLSessionImpl/
    /NoInvalidateSocketException.java
    + JDK-8279668: x86: AVX2 versions of vpxor should be asserted
    + JDK-8279837: C2: assert(is_Loop()) failed: invalid node
    class: Region
    + JDK-8279842: HTTPS Channel Binding support for Java
    GSS/Kerberos
    + JDK-8279958: Provide configure hints for Alpine/apk package
    managers
    + JDK-8280041: Retry loop issues in java.io.ClassCache
    + JDK-8280373: Update Xalan serializer / SystemIDResolver to
    align with JDK-8270492
    + JDK-8280476: [macOS] : hotspot arm64 bug exposed by latest
    clang
    + JDK-8280684: JfrRecorderService failes with
    guarantee(num_written > 0) when no space left on device.
    + JDK-8280799: С2: assert(false) failed: cyclic dependency
    prevents range check elimination
    + JDK-8280867: Cpuid1Ecx feature parsing is incorrect for AMD
    CPUs
    + JDK-8280964: [Linux aarch64] : drawImage dithers
    TYPE_BYTE_INDEXED images incorrectly
    + JDK-8281274: deal with ActiveProcessorCount in
    os::Linux::print_container_info
    + JDK-8281275: Upgrading from 8 to 11 no longer accepts '/' as
    filepath separator in gc paths
    + JDK-8281615: Deadlock caused by jdwp agent
    + JDK-8281811: assert(_base == Tuple) failed: Not a Tuple after
    JDK-8280799
    + JDK-8282008: Incorrect handling of quoted arguments in
    ProcessBuilder
    + JDK-8282172: CompileBroker::log_metaspace_failure is called
    from non-Java/compiler threads
    + JDK-8282225: GHA: Allow one concurrent run per PR only
    + JDK-8282231: x86-32: runtime call to SharedRuntime::ldiv
    corrupts registers
    + JDK-8282293: Domain value for system property
    jdk.https.negotiate.cbt should be case-insensitive
    + JDK-8282312: Minor corrections to evbroadcasti32x4 intrinsic
    on x86
    + JDK-8282382: Report glibc malloc tunables in error reports
    + JDK-8282422: JTable.print() failed with
    UnsupportedCharsetException on AIX ko_KR locale
    + JDK-8282501: Bump update version for OpenJDK: jdk-11.0.16
    + JDK-8282583: Update BCEL md to include the copyright notice
    + JDK-8282588: [11] set harfbuzz compilation flag to -std=c++11
    + JDK-8282589: runtime/ErrorHandling/ErrorHandler.java fails on
    MacOS aarch64 in jdk 11
    + JDK-8282887: Potential memory leak in sun.util.locale.provider
    .HostLocaleProviderAdapterImpl.getNumberPattern() on Windows
    + JDK-8283018: 11u GHA: Update GCC 9 minor versions
    + JDK-8283217: Leak FcObjectSet in getFontConfigLocations() in
    fontpath.c
    + JDK-8283323: libharfbuzz optimization level results in
    extreme build times
    + JDK-8283350: (tz) Update Timezone Data to 2022a
    + JDK-8283408: Fix a C2 crash when filling arrays with unsafe
    + JDK-8283420: [AOT] Exclude TrackedFlagTest/NotTrackedFlagTest
    in 11u because of intermittent java.lang.AssertionError:
    duplicate classes for name Ljava/lang/Boolean;
    + JDK-8283424: compiler/loopopts/
    /LoopUnswitchingBadNodeBudget.java fails with release VMs due
    to lack of -XX:+UnlockDiagnosticVMOptions
    + JDK-8283451: C2: assert(_base == Long) failed: Not a Long
    + JDK-8283469: Don't use memset to initialize members in
    FileMapInfo and fix memory leak
    + JDK-8283497: [windows] print TMP and TEMP in hs_err and
    VM.info
    + JDK-8283614: [11] Repair compiler versions handling after
    8233787
    + JDK-8283641: Large value for CompileThresholdScaling causes
    assert
    + JDK-8283834: Unmappable character for US-ASCII encoding in
    TestPredicateInputBelowLoopPredicate
    + JDK-8284033: Leak XVisualInfo in getAllConfigs in
    awt_GraphicsEnv.c
    + JDK-8284094: Memory leak in invoker_completeInvokeRequest()
    + JDK-8284102: [TESTBUG] [11u] Retroactively add regression
    test for JDK-8272124
    + JDK-8284369: TestFailedAllocationBadGraph fails with
  - XX:TieredStopAtLevel < 4
    + JDK-8284389: Improve stability of GHA Pre-submit testing by
    caching cygwin installer
    + JDK-8284458: CodeHeapState::aggregate() leaks blob_name
    + JDK-8284507: GHA: Only check test results if testing was not
    skipped
    + JDK-8284549: JFR: FieldTable leaks FieldInfoTable member
    + JDK-8284573: [11u] ProblemList TestBubbleUpRef.java and
    TestGCOldWithCMS.java because of 8272195
    + JDK-8284604: [11u] Update Boot JDK used in GHA to 11.0.14.1
    + JDK-8284620: CodeBuffer may leak _overflow_arena
    + JDK-8284622: Update versions of some Github Actions used in
    JDK workflow
    + JDK-8284756: [11u] Remove unused isUseContainerSupport in
    CgroupV1Subsystem
    + JDK-8285395: [JVMCI] [11u] Partial backport of JDK-8220623:
    InstalledCode
    + JDK-8285397: JNI exception pending in CUPSfuncs.c:250
    + JDK-8285445: cannot open file "/NUL:"/
    + JDK-8285515: (dc) DatagramChannel.disconnect fails with
    "/Invalid argument"/ on macOS 12.4
    + JDK-8285523: Improve test
    java/io/FileOutputStream/OpenNUL.java
    + JDK-8285591: [11] add signum checks in DSA.java engineVerify
    + JDK-8285686: Update FreeType to 2.12.0
    + JDK-8285720: test/jdk/java/nio/file/Files/probeContentType/
    /Basic.java fails to compile after backport of 8273655
    + JDK-8285726: [11u, 17u] Unify fix for JDK-8284548 with
    version from head
    + JDK-8285727: [11u, 17u] Unify fix for JDK-8284920 with
    version from head
    + JDK-8285828: runtime/execstack/TestCheckJDK.java fails with
    zipped debug symbols
    + JDK-8286013: Incorrect test configurations for
    compiler/stable/TestStableShort.java
    + JDK-8286198: [linux] Fix process-memory information
    + JDK-8286293: Tests ShortResponseBody and
    ShortResponseBodyWithRetry should use less resources
    + JDK-8286444: javac errors after JDK-8251329 are not helpful
    enough to find root cause
    + JDK-8286594: (zipfs) Mention paths with dot elements in
    ZipException and cleanups
    + JDK-8286630: [11] avoid -std=c++11 CXX harfbuzz buildflag on
    Windows
    + JDK-8286855: javac error on invalid jar should only print
    filename
    + JDK-8287109: Distrust.java failed with
    CertificateExpiredException
    + JDK-8287119: Add Distrust.java to ProblemList
    + JDK-8287362: FieldAccessWatch testcase failed on AIX platform
    + JDK-8287378: GHA: Update cygwin to fix issues in langtools
    tests on Windows
    + JDK-8287739: [11u] ProblemList sun/security/ssl/
    /SSLSessionImpl/NoInvalidateSocketException.java
jose4j
- Declare the LICENSE file as license and not doc
kdump
- Make the kdump-save.service reboot after kdump-save is finished
  (bsc#1204000)
- fix renaming of qeth interfaces (bsc#1204743, bsc#1144337)
- ppc64: rebuild initrd image after migration (bsc#1191410)
- fix network-related dracut options handling for fadump case
  (bsc#1201051)
- fix broken URL in manpage (bsc#1187312)
- use inst_binary to install kdump-save (bsc#1202981)
kernel-default
- Update patch reference for proc fixes (CVE-2022-4378 bsc#1206207)
- commit cab6fa7
- Revert "/drm/vc4: hvs: Reset muxes at probe time (git-fixes)."/ (bsc#1202341)
  This reverts commit 303122d0f2160411fa1068220bc59849d848550d.
  The reverted change clears hardware state on the RPi4, which leaves the
  screen blank. Without it, the display works correctly.
- commit 957f968
- selftests: rtnetlink: correct xfrm policy rule in
  kci_test_ipsec_offload (git-fixes).
- vmxnet3: use correct intrConf reference when using extended
  queues (git-fixes).
- vmxnet3: correctly report encapsulated LRO packet (git-fixes).
- proc: proc_skip_spaces() shouldn't think it is working on C
  strings (git-fixes).
- proc: avoid integer type confusion in get_proc_long (git-fixes).
- commit 3a866aa
- macsec: add missing attribute validation for offload
  (git-fixes).
- net: thunderbolt: fix memory leak in tbnet_open() (git-fixes).
- mac802154: fix missing INIT_LIST_HEAD in ieee802154_if_add()
  (git-fixes).
- ca8210: Fix crash by zero initializing data (git-fixes).
- ieee802154: cc2520: Fix error return code in cc2520_hw_init()
  (git-fixes).
- net: mdio: fix unbalanced fwnode reference count in
  mdio_device_release() (git-fixes).
- NFC: nci: Bounds check struct nfc_target arrays (git-fixes).
- Bluetooth: Fix not cleanup led when bt_init fails (git-fixes).
- Bluetooth: 6LoWPAN: add missing hci_dev_put() in
  get_l2cap_conn() (git-fixes).
- e1000e: Fix TX dispatch condition (git-fixes).
- HID: core: fix shift-out-of-bounds in hid_report_raw_event
  (git-fixes).
- HID: hid-lg4ff: Add check for empty lbuf (git-fixes).
- gpio: amd8111: Fix PCI device reference count leak (git-fixes).
- ACPI: HMAT: Fix initiator registration for single-initiator
  systems (git-fixes).
- ACPI: HMAT: remove unnecessary variable initialization
  (git-fixes).
- pinctrl: intel: Save and restore pins in "/direct IRQ"/ mode
  (git-fixes).
- nilfs2: fix NULL pointer dereference in
  nilfs_palloc_commit_free_entry() (git-fixes).
- commit a0e4929
- kbuild: Unify options for BTF generation for vmlinux and modules
  (bsc#1204693).
- Refresh patches.suse/kbuild-Add-skip_encoding_btf_enum64-option-to-pahole.patch
- commit 5addeac
- btrfs: check if root is readonly while setting security xattr
  (bsc#1206147).
- commit 50a73ba
- btrfs: do not allow compression on nodatacow files
  (bsc#1206149).
- commit 5167f62
- btrfs: export a helper for compression hard check (bsc#1206149).
- commit f5cf2dc
- x86/bugs: Make sure MSR_SPEC_CTRL is updated properly upon
  resume from S3 (bsc#1206037).
- commit 6215cd5
- xen/netback: don't call kfree_skb() with interrupts disabled
  (bsc#1206114, XSA-424, CVE-2022-42328, CVE-2022-42329).
- commit 90098d3
- xen/netback: Ensure protocol headers don't fall in the
  non-linear area (bsc#1206113, XSA-423, CVE-2022-3643).
- commit 6c8da66
- btrfs: fix processing of delayed tree block refs during backref
  walking (bsc#1206057).
- commit 83a8ed2
- btrfs: fix processing of delayed data refs during backref
  walking (bsc#1206056).
- commit 2ec426f
- btrfs: send: fix send failure of a subcase of orphan inodes
  (bsc#1206036).
- commit 90cbaac
- btrfs: send: fix failures when processing inodes with no links
  (bsc#1206036).
- commit f017ade
- btrfs: send: use boolean types for current inode status
  (bsc#1206036).
- commit 36f86c0
- btrfs: send: refactor arguments of get_inode_info()
  (bsc#1206036).
- commit a80bf85
- ceph: avoid putting the realm twice when decoding snaps fails
  (bsc#1206051).
- ceph: allow ceph.dir.rctime xattr to be updatable (bsc#1206050).
- ceph: fix memory leak in ceph_readdir when note_last_dentry
  returns  error (bsc#1206049).
- ceph: fix inode reference leakage in ceph_get_snapdir()
  (bsc#1206048).
- ceph: do not update snapshot context when there is no new
  snapshot (bsc#1206047).
- ceph: switch netfs read ops to use rreq->inode instead of
  rreq->mapping->host (bsc#1206046).
- ceph: properly handle statfs on multifs setups (bsc#1206045).
- commit 777e847
- btrfs: send: remove unused type parameter to iterate_inode_ref_t
  (bsc#1206036).
- commit 0e9e4f2
- btrfs: send: remove unused found_type parameter to
  lookup_dir_item_inode() (bsc#1206036).
- commit 7f2d376
- blacklist.conf: added 1b2ba3c5616e ("/ceph: flush the mdlog for filesystem sync"/)
- commit a1975bc
- btrfs: send: always use the rbtree based inode ref management
  infrastructure (bsc#1206036).
- commit e503e70
- blacklist.conf: added 5bd76b8de5b7 ("/ceph: fix NULL pointer dereference for req->r_session"/)
- commit 33375e7
- btrfs: send: fix sending link commands for existing file paths
  (bsc#1206036).
- commit 382a30f
- blacklist.conf: added aa1d627207ca ("/ceph: Use kcalloc for allocating multiple elements"/)
- commit 169da79
- blacklist.conf: added 89d43d0551a8 ("/ceph: put the requests/sessions when it fails to alloc memory"/)
- commit e095309
- blacklist.conf: added 0e24421ac431 ("/ceph: fix mdsmap decode when there are MDS's beyond max_mds"/)
- commit 0e95811
- btrfs: send: introduce recorded_ref_alloc and recorded_ref_free
  (bsc#1206036).
- commit f582043
- btrfs: prevent subvol with swapfile from being deleted
  (bsc#1206035).
- commit 17d1de0
- sched: Disable sched domain debugfs creation on ppc64 unless
  sched_verbose is specified (bnc#1205653).
- commit 039564b
- char: tpm: Protect tpm_pm_suspend with locks (git-fixes).
- Input: raydium_ts_i2c - fix memory leak in raydium_i2c_send()
  (git-fixes).
- commit 0216ffd
- usb: dwc3: gadget: Return -ESHUTDOWN on ep disable (git-fixes).
- Refresh
  patches.suse/usb-dwc3-gadget-Clear-ep-descriptor-last.patch.
- commit eede34a
- usb: dwc3: gadget: conditionally remove requests (git-fixes).
- Refresh
  patches.suse/usb-dwc3-gadget-Clear-ep-descriptor-last.patch.
- commit baddb4e
- i2c: imx: Only DMA messages with I2C_M_DMA_SAFE flag set
  (git-fixes).
- i2c: npcm7xx: Fix error handling in npcm_i2c_init() (git-fixes).
- pinctrl: single: Fix potential division by zero (git-fixes).
- mmc: sdhci-sprd: Fix no reset data and command after voltage
  switch (git-fixes).
- mmc: mmc_test: Fix removal of debugfs file (git-fixes).
- mmc: sdhci-esdhc-imx: correct CQHCI exit halt state check
  (git-fixes).
- mmc: core: Fix ambiguous TRIM and DISCARD arg (git-fixes).
- ASoC: ops: Fix bounds check for _sx controls (git-fixes).
- ALSA: dice: fix regression for Lexicon I-ONIX FW810S
  (git-fixes).
- wifi: wilc1000: validate number of channels (git-fixes).
- wifi: wilc1000: validate length of
  IEEE80211_P2P_ATTR_CHANNEL_LIST attribute (git-fixes).
- wifi: wilc1000: validate length of
  IEEE80211_P2P_ATTR_OPER_CHANNEL attribute (git-fixes).
- wifi: wilc1000: validate pairwise and authentication suite
  offsets (git-fixes).
- ASoC: sgtl5000: Reset the CHIP_CLK_CTRL reg on remove
  (git-fixes).
- dma-buf: fix racing conflict of dma_heap_add() (git-fixes).
- selftests: mptcp: fix mibit vs mbit mix up (git-fixes).
- Input: soc_button_array - add Acer Switch V 10 to
  dmi_use_low_level_irq[] (git-fixes).
- Input: soc_button_array - add use_low_level_irq module parameter
  (git-fixes).
- Input: goodix - try resetting the controller when no config
  is set (git-fixes).
- Input: synaptics - switch touchpad on HP Laptop 15-da3001TU
  to RMI mode (git-fixes).
- serial: 8250: 8250_omap: Avoid RS485 RTS glitch on
  - >set_termios() (git-fixes).
- tools: iio: iio_generic_buffer: Fix read size (git-fixes).
- iio: pressure: ms5611: fixed value compensation bug (git-fixes).
- ASoC: stm32: dfsdm: manage cb buffers cleanup (git-fixes).
- ASoC: fsl_asrc fsl_esai fsl_sai: allow CONFIG_PM=N (git-fixes).
- ASoC: Intel: bytcht_es8316: Add quirk for the Nanote UMPC-01
  (git-fixes).
- net: usb: qmi_wwan: add Telit 0x103a composition (git-fixes).
- platform/x86: hp-wmi: Ignore Smart Experience App event
  (git-fixes).
- platform/x86: acer-wmi: Enable SW_TABLET_MODE on Switch V 10
  (SW5-017) (git-fixes).
- platform/x86: asus-wmi: add missing pci_dev_put() in
  asus_wmi_set_xusb2pr() (git-fixes).
- ata: libata-core: do not issue non-internal commands once EH
  is pending (git-fixes).
- arm64/syscall: Include asm/ptrace.h in syscall_wrapper header
  (git-fixes).
- spi: stm32: fix stm32_spi_prepare_mbr() that halves spi clk
  for every run (git-fixes).
- mmc: sdhci-brcmstb: Fix SDHCI_RESET_ALL for CQHCI (git-fixes).
- ALSA: usb-audio: add quirk to fix Hamedal C20 disconnect issue
  (git-fixes).
- wifi: ath11k: Fix QCN9074 firmware boot on x86 (git-fixes).
- wifi: mac80211: Fix ack frame idr leak when mesh has no route
  (git-fixes).
- wifi: airo: do not assign -1 to unsigned char (git-fixes).
- wifi: mac80211_hwsim: fix debugfs attribute ps with rc table
  support (git-fixes).
- wifi: mac80211: fix memory free error when registering wiphy
  fail (git-fixes).
- audit: fix undefined behavior in bit shift for AUDIT_BIT
  (git-fixes).
- platform/x86: touchscreen_dmi: Add info for the RCA Cambio
  W101 v2 2-in-1 (git-fixes).
- platform/x86: ideapad-laptop: Disable touchpad_switch
  (git-fixes).
- selftests: mptcp: make sendfile selftest work (git-fixes).
- ASoC: fsl_sai: use local device pointer (git-fixes).
- mmc: sdhci-brcmstb: Enable Clock Gating to save power
  (git-fixes).
- mmc: sdhci-brcmstb: Re-organize flags (git-fixes).
- ata: libata-scsi: simplify __ata_scsi_queuecmd() (git-fixes).
- iio: ms5611: Simplify IO callback parameters (git-fixes).
- selftests: mptcp: more stable simult_flows tests (git-fixes).
- commit 4ec7214
- Blacklist io-wq-max_worker-fixes on SP4
  Commit bc369921d670 ("/io-wq: max_worker fixes"/) claims to fix
  2e480058ddc2 ("/io-wq: provide a way to limit max number of workers"/) but
  actually fixes 7a842fb589e3 ("/io-wq: code clean of
  io_wqe_create_worker()"/) which we don't carry in SP4.  Blacklist it to
  silent git-fixes.
  Nevertheless, it is required in SP5. This commit must be reverted there.
- commit 4da02f1
- io-wq: exclusively gate signal based exit on get_signal()
  return (git-fixes).
- commit 0f61b91
- Do not enable CONFIG_ATARI_PARTITION (jsc#PED-1573)
- commit 51c7091
- Fix patches.suse/MM-reclaim-mustn-t-enter-FS-for-swap-over-NFS.patch
  Fixed implicit-function-declaration warning when
  swap is disabled (bsc#1205993).
- commit 2816166
- hwmon: (coretemp) fix pci device refcount leak in nv1a_ram_new()
  (git-fixes).
- hwmon: (coretemp) Check for null before removing sysfs attrs
  (git-fixes).
- hwmon: (ibmpex) Fix possible UAF when ibmpex_register_bmc()
  fails (git-fixes).
- hwmon: (i5500_temp) fix missing pci_disable_device()
  (git-fixes).
- hwmon: (ina3221) Fix shunt sum critical calculation (git-fixes).
- hwmon: (ltc2947) fix temperature scaling (git-fixes).
- ARM: at91: rm9200: fix usb device clock id (git-fixes).
- commit e077c40
- Update patch reference for ATM fix (CVE-2022-3635 bsc#1204631)
- commit 7ef6216
- Move upstreamed i915 fix into sorted section
- commit 8ee5ebf
- x86/hyperv: Update 'struct hv_enlightened_vmcs' definition
  (git-fixes).
- x86/hyperv: Fix 'struct hv_enlightened_vmcs' definition
  (git-fixes).
- commit 86dd4ce
- net: ethernet: renesas: ravb: Fix promiscuous mode after system
  resumed (git-fixes).
- net: mdiobus: fix unbalanced node reference count (git-fixes).
- wifi: mac8021: fix possible oob access in
  ieee80211_get_rate_duration (git-fixes).
- wifi: cfg80211: don't allow multi-BSSID in S1G (git-fixes).
- wifi: cfg80211: fix buffer overflow in elem comparison
  (git-fixes).
- net: wwan: iosm: fix dma_alloc_coherent incompatible pointer
  type (git-fixes).
- net: wwan: iosm: fix kernel test robot reported error
  (git-fixes).
- net: ethernet: nixge: fix NULL dereference (git-fixes).
- net: ethernet: ti: am65-cpsw: fix error handling in
  am65_cpsw_nuss_probe() (git-fixes).
- e100: Fix possible use after free in e100_xmit_prepare
  (git-fixes).
- fm10k: Fix error handling in fm10k_init_module() (git-fixes).
- net: phy: fix null-ptr-deref while probe() failed (git-fixes).
- can: m_can: Add check for devm_clk_get (git-fixes).
- can: m_can: pci: add missing m_can_class_free_dev() in
  probe/remove methods (git-fixes).
- can: etas_es58x: es58x_init_netdev(): free netdev when
  register_candev() (git-fixes).
- can: cc770: cc770_isa_probe(): add missing free_cc770dev()
  (git-fixes).
- can: sja1000_isa: sja1000_isa_probe(): add missing
  free_sja1000dev() (git-fixes).
- Revert "/net: phy: meson-gxl: improve link-up behavior"/
  (git-fixes).
- commit 225e8fd
- net: stmmac: work around sporadic tx issue on link-up
  (git-fixes).
- commit e5a3408
- KVM: x86/mmu: Fix race condition in direct_page_fault
  (bsc#1205882, CVE-2022-45869).
- commit e2a86d6
- Add support for enabling livepatching related packages on -RT (jsc#PED-1706)
- commit 9d41244
- blacklist.conf: faeture, not fix
- commit 8c4e5cb
- blacklist.conf: kABI
- commit e518f66
- blacklist.conf: misattributed
- commit dd8dac1
- blacklist.conf: kABI
- commit 267578b
- blacklist.conf: kABI
- commit ca10017
- mac80211: radiotap: Use BIT() instead of shifts (git-fixes).
- commit fa4dbfe
- char: xillybus: Fix trivial bug with mutex (bsc#1205764
  CVE-2022-45888).
- char: xillybus: Prevent use-after-free due to race condition
  (bsc#1205764 CVE-2022-45888).
- commit 8d88aac
- platform/x86/intel/pmt: Sapphire Rapids PMT errata fix
  (jsc#PED-2684 bsc#1205683).
- commit a6ac9d8
- Refresh patches.suse/ibmvnic-Properly-dispose-of-all-skbs-during-a-failov.patch.
  Fix metadata
- commit f4fe6e0
- ibmvnic: Free rwi on reset success (bsc#1184350 ltc#191533
  git-fixes).
- commit 9f37b44
- blacklist.conf: kABI
- commit 27ebcbb
- Move upstreamed input patch into sorted section (bsc#1190256)
- commit 32c618e
- usb: dwc3: gadget: Clear ep descriptor last (git-fixes).
- commit 17b7c9d
- blacklist.conf: kABI
- commit 3301053
- usb: xhci-mtk: check boundary before check tt (git-fixes).
- commit 401f88b
- usb: xhci-mtk: update fs bus bandwidth by bw_budget_table
  (git-fixes).
- commit bfe9566
- xen/pcpu: fix possible memory leak in register_pcpu()
  (git-fixes).
- commit dab6b8a
- x86/entry: Work around Clang __bdos() bug (git-fixes).
- commit e06d1d8
- xen: delay xen_hvm_init_time_ops() if kdump is boot on vcpu>=32
  (git-fixes).
- commit ec4c7d4
- x86/Xen: streamline (and fix) PV CPU enumeration (git-fixes).
- commit eddf207
- init/Kconfig: fix CC_HAS_ASM_GOTO_TIED_OUTPUT test with dash
  (git-fixes).
- commit 9e93e06
- io_uring: fix possible poll event lost in multi shot mode
  (git-fixes).
- commit 2b11ccf
- io-wq: ensure we exit if thread group is exiting (git-fixes).
- io_uring: fix missing sigmask restore in io_cqring_wait()
  (git-fixes).
- io_uring: pin SQPOLL data before unlocking ring lock
  (git-fixes).
- io_uring: drop ctx->uring_lock before acquiring sqd->lock
  (git-fixes).
- io_uring: fix missing mb() before waitqueue_active (git-fixes).
- commit 83b832a
- cifs: fix missing unlock in cifs_file_copychunk_range()
  (git-fixes).
- commit c1df133
- cifs: Use after free in debug code (git-fixes).
- commit 64acc9c
- cifs: add check for returning value of SMB2_set_info_init
  (git-fixes).
- commit 98fbee7
- cifs: Fix wrong return value checking when GETFLAGS (git-fixes).
- commit 70eda18
- cifs: add check for returning value of SMB2_close_init
  (git-fixes).
- commit f80dd26
- cifs: Fix connections leak when tlink setup failed (git-fixes).
- commit 173646f
- KVM: x86: Retry page fault if MMU reload is pending and root
  has no sp (bsc#1205744).
- commit 2631fac
- drm/i915: fix TLB invalidation for Gen12 video and compute
  engines (CVE-2022-4139 bsc#1205700).
- commit 80818ce
- Refresh patches.suse/misc-sgi-gru-fix-use-after-free-error-in-gru_set_con.patch (CVE-2022-3424 bsc#1204166)
  Taken from v10 patch in char-misc subsystem tree
- commit 70dae18
- Update
  patches.suse/HID-roccat-Fix-use-after-free-in-roccat_read.patch
  (bsc#1203960 CVE-2022-41850).
- commit 94bd71f
- Drivers: hv: vmbus: fix possible memory leak in vmbus_device_register() (git-fixes).
- Drivers: hv: vmbus: fix double free in the error path of vmbus_add_channel_work() (git-fixes).
- v3 of "/PCI: hv: Only reuse existing IRTE allocation for Multi-MSI"/
- scsi: storvsc: Fix handling of srb_status and capacity change events (git-fixes).
- commit a5fb15b
- Bluetooth: L2CAP: Fix u8 overflow (CVE-2022-45934 bsc#1205796).
- commit 966bbc0
- usb: cdnsp: fix issue with ZLP - added TD_SIZE = 1 (git-fixes).
- usb: dwc3: exynos: Fix remove() function (git-fixes).
- usb: cdnsp: Fix issue with Clear Feature Halt Endpoint
  (git-fixes).
- iio: core: Fix entry not deleted when
  iio_register_sw_trigger_type() fails (git-fixes).
- iio: light: rpr0521: add missing Kconfig dependencies
  (git-fixes).
- iio: health: afe4404: Fix oob read in afe4404_[read|write]_raw
  (git-fixes).
- iio: health: afe4403: Fix oob read in afe4403_read_raw
  (git-fixes).
- iio: light: apds9960: fix wrong register for gesture gain
  (git-fixes).
- scripts/faddr2line: Fix regression in name resolution on ppc64le
  (git-fixes).
- commit 45d3e4c
- x86/kexec: Fix double-free of elf header buffer (bsc#1205567).
- commit 0c767bc
- Move upstreamed sound and WiFi patches into sorted section
- commit 5e6ff3d
- drm/amd/display: Add HUBP surface flip interrupt handler
  (git-fixes).
- USB: serial: option: add u-blox LARA-L6 modem (git-fixes).
- USB: serial: option: add u-blox LARA-R6 00B modem (git-fixes).
- USB: serial: option: remove old LARA-R6 PID (git-fixes).
- USB: serial: option: add Fibocom FM160 0x0111 composition
  (git-fixes).
- USB: serial: option: add Sierra Wireless EM9191 (git-fixes).
- usb: add NO_LPM quirk for Realforce 87U Keyboard (git-fixes).
- usb: cdns3: host: fix endless superspeed hub port reset
  (git-fixes).
- USB: bcma: Make GPIO explicitly optional (git-fixes).
- serial: 8250_lpss: Configure DMA also w/o DMA filter
  (git-fixes).
- docs: update mediator contact information in CoC doc
  (git-fixes).
- ALSA: usb-audio: Drop snd_BUG_ON() from
  snd_usbmidi_output_open() (git-fixes).
- mmc: sdhci-pci-o2micro: fix card detect fail issue caused by
  CD# debounce timeout (git-fixes).
- ACPI: x86: Add another system to quirk list for forcing
  StorageD3Enable (git-fixes).
- i2c: i801: add lis3lv02d's I2C address for Vostro 5568
  (git-fixes).
- i2c: tegra: Allocate DMA memory for DMA engine (git-fixes).
- drm/imx: imx-tve: Fix return type of
  imx_tve_connector_mode_valid (git-fixes).
- Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm (git-fixes).
- ACPI: scan: Add LATT2021 to acpi_ignore_dep_ids[] (git-fixes).
- ASoC: codecs: jz4725b: Fix spelling mistake "/Sourc"/ -> "/Source"/,
  "/Routee"/ -> "/Route"/ (git-fixes).
- ASoC: codecs: jz4725b: fix capture selector naming (git-fixes).
- ASoC: codecs: jz4725b: use right control for Capture Volume
  (git-fixes).
- ASoC: codecs: jz4725b: fix reported volume for Master ctl
  (git-fixes).
- ASoC: codecs: jz4725b: add missed Line In power control bit
  (git-fixes).
- ASoC: Intel: sof_sdw: add quirk variant for LAPBC710 NUC15
  (git-fixes).
- ASoC: wm8962: Add an event handler for TEMP_HP and TEMP_SPK
  (git-fixes).
- ASoC: rt1019: Fix the TDM settings (git-fixes).
- ASoC: mt6660: Keep the pm_runtime enables before component
  stuff in mt6660_i2c_probe (git-fixes).
- selftests/intel_pstate: fix build for ARCH=x86_64 (git-fixes).
- wifi: wext: use flex array destination for memcpy() (git-fixes).
- docs, kprobes: Fix the wrong location of Kprobes (git-fixes).
- docs/core-api: expand Fedora instructions for GCC plugins
  (git-fixes).
- mtd: spi-nor: intel-spi: Disable write protection only if asked
  (git-fixes).
- commit 26e07a5
- io_uring: ensure IORING_REGISTER_IOWQ_MAX_WORKERS works with
  SQPOLL (git-fixes).
- commit 8665d84
- Refresh
  patches.suse/xfs-move-recovery-needed-state-updates-to-xfs_log_mo.patch.
- commit 4ec24fa
- regulator: twl6030: re-add TWL6032_SUBCLASS (git-fixes).
- regulator: core: fix UAF in destroy_regulator() (git-fixes).
- regulator: core: fix kobject release warning and memory leak
  in regulator_register() (git-fixes).
- nilfs2: fix nilfs_sufile_mark_dirty() not set segment usage
  as dirty (git-fixes).
- ASoC: max98373: Add checks for devm_kcalloc (git-fixes).
- ASoC: soc-pcm: Don't zero TDM masks in __soc_pcm_open()
  (git-fixes).
- net: thunderx: Fix the ACPI memory leak (git-fixes).
- nfc: st-nci: fix incorrect sizing calculations in
  EVT_TRANSACTION (git-fixes).
- nfc: st-nci: fix memory leaks in EVT_TRANSACTION (git-fixes).
- nfc: st-nci: fix incorrect validating logic in EVT_TRANSACTION
  (git-fixes).
- arcnet: fix potential memory leak in com20020_probe()
  (git-fixes).
- NFC: nci: fix memory leak in nci_rx_data_packet() (git-fixes).
- nfc: s3fwrn5: Fix potential memory leak in s3fwrn5_nci_send()
  (git-fixes).
- nfc: nxp-nci: Fix potential memory leak in nxp_nci_send()
  (git-fixes).
- nfc: nfcmrvl: Fix potential memory leak in
  nfcmrvl_i2c_nci_send() (git-fixes).
- macsec: Fix invalid error code set (git-fixes).
- nfc/nci: fix race with opening and closing (git-fixes).
- arm64: dts: rockchip: lower rk3399-puma-haikou SD controller
  clock frequency (git-fixes).
- arm64: dts: rockchip: add enable-strobe-pulldown to emmc phy
  on nanopi4 (git-fixes).
- ARM: dts: am335x-pcm-953: Define fixed regulators in root node
  (git-fixes).
- ARM: dts: imx6q-prti6q: Fix ref/tcxo-clock-frequency properties
  (git-fixes).
- ARM: mxs: fix memory leak in mxs_machine_init() (git-fixes).
- bus: sunxi-rsb: Support atomic transfers (git-fixes).
- bus: sunxi-rsb: Remove the shutdown callback (git-fixes).
- ARM: dts: at91: sam9g20ek: enable udc vbus gpio pinctrl
  (git-fixes).
- commit 39ef4db
- l2tp: Serialize access to sk_user_data with sk_callback_lock
  (bsc#1205711 CVE-2022-4129).
- commit ad37086
- Update metadata references
- commit a01d008
- RDMA/qedr: clean up work queue on failure in qedr_alloc_resources() (git-fixes)
- commit 396a739
- RDMA/core: Fix null-ptr-deref in ib_core_cleanup() (git-fixes)
- commit 981cb44
- RDMA/hns: Disable local invalidate operation (git-fixes)
- commit 90ecfab
- IB/hfi1: Correctly move list in sc_disable() (git-fixes)
- commit fa439f0
- RDMA/cma: Use output interface for net_dev check (git-fixes)
- commit 568074d
- IB: Set IOVA/LENGTH on IB_MR in core/uverbs layers (git-fixes)
- commit 569a9cb
- RDMA/cm: Use SLID in the work completion as the DLID in responder side (git-fixes)
- commit e86643f
- RDMA/irdma: Use s/g array in post send only when its valid (git-fixes)
- commit 6692dc0
- RDMA/mlx5: Set local port to one when accessing counters (git-fixes)
- commit 9acd436
- RDMA/hns: Remove the num_qpc_timer variable (git-fixes)
- commit 89b5b80
- RDMA/hns: Fix wrong fixed value of qp->rq.wqe_shift (git-fixes)
- commit c586fc0
- RDMA/hns: Fix supported page size (git-fixes)
- commit 64653d9
- RDMA/rtrs-clt: Use the right sg_cnt after ib_dma_map_sg (git-fixes)
- commit 78022ca
- RDMA/rxe: Limit the number of calls to each tasklet (git-fixes)
- commit 37d447b
- RDMA/hfi1: fix potential memory leak in setup_base_ctxt() (git-fixes)
- commit ba2976b
- RDMA/hns: Fix incorrect clearing of interrupt status register (git-fixes)
- commit 97ffea6
- RDMA/rtrs-srv: Fix modinfo output for stringify (git-fixes)
- commit 46a2a2b
- RDMA/rxe: Remove useless pkt parameters (git-fixes)
- commit 06b2d37
- RDMA/cm: Fix memory leak in ib_cm_insert_listen (git-fixes)
- commit 7ec3772
- RDMA/hfi1: Prevent panic when SDMA is disabled (git-fixes)
- commit ba8caf3
- RDMA/hfi1: Prevent use of lock before it is initialized (git-fixes)
- commit b510b17
- RDMA/hns: Use hr_reg_xxx() instead of remaining roce_set_xxx() (git-fixes)
- commit 6c11e07
- RDMA/hns: Remove the num_cqc_timer variable (git-fixes)
- commit ed86cd6
- RDMA/hns: Correct the type of variables participating in the shift operation (git-fixes)
- commit cecc570
- RDMA/hns: Replace tab with space in the right-side comments (git-fixes)
- commit 4c89a77
- RDMA/irdma: Fix deadlock in irdma_cleanup_cm_core() (git-fixes)
- commit 40de52c
- RDMA/hns: Remove unnecessary check for the sgid_attr when modifying QP (git-fixes)
- commit 36c1898
- RDMA/hns: Remove magic number (git-fixes)
- commit 014def9
- KVM: s390: pv: don't allow userspace to set the clock under PV
  (git-fixes).
- KVM: s390: Add a routine for setting userspace CPU state
  (git-fixes jsc#PED-611).
- KVM: s390: Simplify SIGP Set Arch handling (git-fixes
  jsc#PED-611).
- commit c226df2
- Update patch references for Bluetooth fixes (CVE-2022-42896 bsc#1205709 CVE-2022-42895 bsc#1205705)
- commit 30ec8de
- spi: tegra210-quad: Fix duplicate resource error (git-fixes).
- spi: dw-dma: decrease reference count in dw_spi_dma_init_mfld()
  (git-fixes).
- spi: spi-imx: Fix spi_bus_clk if requested clock is higher
  than input clock (git-fixes).
- commit 019145b
- blacklist.conf: duplicate
- commit 5eaee0f
- blacklist.conf: duplicate
- commit d84acf3
- blacklist.conf: duplicate
- commit 5ea51bc
- blacklist.conf: duplicate
- commit f3d467e
- scsi: zfcp: Fix double free of FSF request when qdio send fails
  (git-fixes).
- s390: fix nospec table alignments (git-fixes).
- KVM: s390: pv: leak the topmost page table when destroy fails
  (git-fixes).
- commit 378329e
- xfs: reserve quota for target dir expansion when renaming files
  (bsc#1205679).
- commit d93b22e
- drivers: net: slip: fix NPD bug in sl_tx_timeout() (bsc#1205671
  CVE-2022-41858).
- commit 99b5127
- dm: remove unnecessary assignment statement in alloc_dev()
  (git-fixes).
- md/raid5: Remove unnecessary bio_put() in raid5_read_one_chunk()
  (git-fixes).
- md/raid5: Ensure stripe_fill happens on non-read IO with journal
  (git-fixes).
- commit 79ca470
- md: Replace snprintf with scnprintf (git-fixes, bsc#1164051).
- Replace the in-house patch by the above upstream version,
  patches.suse/md-raid0-fix-buffer-overflow-at-debug-print.patch.
- commit e122ea5
- dm: return early from dm_pr_call() if DM device is suspended
  (git-fixes).
- dm thin: fix use-after-free crash in
  dm_sm_register_threshold_callback (git-fixes).
- dm raid: fix accesses beyond end of raid member array
  (git-fixes).
- dm mirror log: clear log bits up to BITS_PER_LONG boundary
  (git-fixes).
- dm era: commit metadata in postsuspend after worker stops
  (git-fixes).
- dm crypt: make printing of the key constant-time (git-fixes).
- dm stats: add cond_resched when looping over entries
  (git-fixes).
- dm integrity: fix memory corruption when tag_size is less than
  digest size (git-fixes).
- dm: fix double accounting of flush with data (git-fixes).
- dm: interlock pending dm_io and dm_wait_for_bios_completion
  (git-fixes).
- dm: properly fix redundant bio-based IO accounting (git-fixes).
- dm: revert partial fix for redundant bio-based IO accounting
  (git-fixes).
- dm btree remove: fix use after free in rebalance_children()
  (git-fixes).
- commit 6214ae1
- blacklist.conf: add non-backport git-fixes commit
- commit 054a1a9
- NFSD: Cap rsize_bop result based on send buffer size
  (bsc#1205128 CVE-2022-43945).
- NFSD: Protect against send buffer overflow in NFSv3 READ
  (bsc#1205128 CVE-2022-43945).
- NFSD: Protect against send buffer overflow in NFSv2 READ
  (bsc#1205128 CVE-2022-43945).
- NFSD: Protect against send buffer overflow in NFSv3 READDIR
  (bsc#1205128 CVE-2022-43945).
- NFSD: Protect against send buffer overflow in NFSv2 READDIR
  (bsc#1205128 CVE-2022-43945).
- SUNRPC: Fix svcxdr_init_encode's buflen calculation (bsc#1205128
  CVE-2022-43945).
- SUNRPC: Fix svcxdr_init_decode's end-of-buffer calculation
  (bsc#1205128 CVE-2022-43945).
- commit dd4f720
- xfs: reserve quota for dir expansion when linking/unlinking
  files (bsc#1205616).
- commit 1330e05
- add another bug reference to some hyperv changes (bsc#1205617).
- commit 0b5e3d4
- net/smc: kABI workarounds for struct smc_sock (git-fixes).
- commit d9f52e8
- blacklist.conf: kABI
- commit f550bb4
- tracing: kprobe: Fix potential null-ptr-deref on trace_array
  in kprobe_event_gen_test_exit() (git-fixes).
- commit dc34c13
- tracing: kprobe: Fix potential null-ptr-deref on
  trace_event_file in kprobe_event_gen_test_exit() (git-fixes).
- commit 23caa81
- tracing: Fix wild-memory-access in register_synth_event()
  (git-fixes).
- commit 9bbef30
- tracing: Fix memory leak in test_gen_synth_cmd() and
  test_empty_synth_event() (git-fixes).
- commit 68dace2
- ftrace: Fix null pointer dereference in ftrace_add_mod()
  (git-fixes).
- commit 2e9b117
- ring_buffer: Do not deactivate non-existant pages (git-fixes).
- commit 0458d7a
- ftrace: Optimize the allocation for mcount entries (git-fixes).
- commit 5b2b25a
- ftrace: Fix the possible incorrect kernel message (git-fixes).
- commit 7323c8c
- tracing: Fix memory leak in tracing_read_pipe() (git-fixes).
- commit 690c08a
- net/smc: kABI workarounds for struct smc_link (git-fixes).
- commit 0cbe94a
- ring-buffer: Include dropped pages in counting dirty patches
  (git-fixes).
- commit 11920bc
- blacklist.conf: duplicate
- commit ddd82f9
- powerpc/kvm: Fix kvm_use_magic_page (bsc#1156395).
- Refresh patches.suse/gup-Turn-fault_in_pages_-readable-writeable-into-fault_in_-readable-writeable.patch.
- commit aec526a
- blacklist.conf: duplicate
- commit dcdcbbd
- MIPS: Loongson: Use hwmon_device_register_with_groups() to
  register hwmon (git-fixes).
- commit 16f21a3
- tracing/ring-buffer: Have polling block on watermark
  (git-fixes).
- commit 5c3e4d5
- powerpc/pseries/vas: Declare pseries_vas_fault_thread_fn()
  as static (bsc#1194869).
- commit 02a3582
- ftrace: Fix use-after-free for dynamic ftrace_ops (git-fixes).
- commit f98b221
- blacklist.conf: kABI
- commit 431bd9c
- blacklist.conf: duplicate
- commit 53c7bfc
- platform/x86/intel: hid: add quirk to support Surface Go 3
  (git-fixes).
- commit 23ccaa2
- blacklist.conf: too intrusive
- commit 67ad270
- powerpc/boot: Explicitly disable usage of SPE instructions
  (bsc#1156395).
- commit 7c94cdb
- blacklist.conf: Add fixes for unsupported platforms
- commit 10ca02b
- net: smsc95xx: add support for Microchip EVB-LAN8670-USB
  (git-fixes).
- commit af40ba9
- Update patch reference for rtl8712 driver fix (CVE-2022-4095 bsc#1205514)
- commit 67f2ad4
- usbnet: smsc95xx: Don't reset PHY behind PHY driver's back
  (git-fixes).
- commit b693ef6
- usb: smsc: use eth_hw_addr_set() (git-fixes).
- commit 67dd1e9
- powerpc/64: Fix build failure with allyesconfig in
  book3s_64_entry.S (bsc#1194869).
- commit 6d56eff
- patches.suse/btrfs-fix-deadlock-between-quota-enable-and-other-qu.patch:
  (bsc#1205521).
- commit a75b0e8
- ALSA: hda/realtek: Add quirk for ASUS Zenbook using CS35L41
  (git-fixes).
- commit c6c293f
- ASoC: soc-utils: Remove __exit for snd_soc_util_exit()
  (git-fixes).
- commit 287b2ba
- Input: i8042 - fix leaking of platform device on module removal
  (git-fixes).
- Input: iforce - invert valid length check when fetching device
  IDs (git-fixes).
- drm: Fix potential null-ptr-deref in drm_vblank_destroy_worker()
  (git-fixes).
- drm/drv: Fix potential memory leak in drm_dev_init()
  (git-fixes).
- drm/panel: simple: set bpc field for logic technologies displays
  (git-fixes).
- drm/vc4: kms: Fix IS_ERR() vs NULL check for vc4_kms
  (git-fixes).
- usb: chipidea: fix deadlock in ci_otg_del_timer (git-fixes).
- usb: typec: mux: Enter safe mode only when pins need to be
  reconfigured (git-fixes).
- Revert "/usb: dwc3: disable USB core PHY management"/ (git-fixes).
- serial: 8250: Flush DMA Rx on RLSI (git-fixes).
- serial: 8250: Fall back to non-DMA Rx if IIR_RDI occurs
  (git-fixes).
- tty: n_gsm: fix sleep-in-atomic-context bug in gsm_control_send
  (git-fixes).
- Revert "/tty: n_gsm: replace kicktimer with delayed_work"/
  (git-fixes).
- Revert "/tty: n_gsm: avoid call of sleeping functions from
  atomic context"/ (git-fixes).
- serial: imx: Add missing .thaw_noirq hook (git-fixes).
- tty: serial: fsl_lpuart: don't break the on-going transfer
  when global reset (git-fixes).
- serial: 8250: omap: Flush PM QOS work on remove (git-fixes).
- serial: 8250: omap: Fix unpaired pm_runtime_put_sync() in
  omap8250_remove() (git-fixes).
- serial: 8250_omap: remove wait loop from Errata i202 workaround
  (git-fixes).
- firmware: coreboot: Register bus in module init (git-fixes).
- slimbus: stream: correct presence rate frequencies (git-fixes).
- parport_pc: Avoid FIFO port location truncation (git-fixes).
- siox: fix possible memory leak in siox_device_add() (git-fixes).
- misc/vmw_vmci: fix an infoleak in
  vmci_host_do_receive_datagram() (git-fixes).
- speakup: fix a segfault caused by switching consoles
  (git-fixes).
- iio: adc: at91_adc: fix possible memory leak in
  at91_adc_allocate_trigger() (git-fixes).
- iio: adc: mp2629: fix potential array out of bound access
  (git-fixes).
- iio: adc: mp2629: fix wrong comparison of channel (git-fixes).
- iio: pressure: ms5611: changed hardcoded SPI speed to value
  limited (git-fixes).
- iio: trigger: sysfs: fix possible memory leak in
  iio_sysfs_trig_init() (git-fixes).
- ASoC: tas2764: Fix set_tdm_slot in case of single slot
  (git-fixes).
- ASoC: tas2770: Fix set_tdm_slot in case of single slot
  (git-fixes).
- ASoC: core: Fix use-after-free in snd_soc_exit() (git-fixes).
- mmc: sdhci-pci: Fix possible memory leak caused by missing
  pci_dev_put() (git-fixes).
- mmc: core: properly select voltage range without power cycle
  (git-fixes).
- commit 5d6506d
- net/smc: Fix possible leaked pernet namespace in smc_init()
  (git-fixes).
- net/smc: Fix an error code in smc_lgr_create() (git-fixes).
- net/smc: Fix possible access to freed memory in link clear
  (git-fixes).
- net/smc: Fix slab-out-of-bounds issue in fallback (git-fixes).
- net/smc: Only save the original clcsock callback functions
  (git-fixes).
- net/smc: Fix sock leak when release after smc_shutdown()
  (git-fixes).
- net/smc: send directly on setting TCP_NODELAY (git-fixes).
- net/smc: Send directly when TCP_CORK is cleared (git-fixes).
- net/smc: Avoid overwriting the copies of clcsock callback
  functions (git-fixes).
- net/smc: Forward wakeup to smc socket waitqueue after fallback
  (git-fixes).
- commit a5aa4ad
- PCI: hv: Fix the definition of vector in hv_compose_msi_msg() (git-fixes).
- x86/hyperv: fix invalid writes to MSRs during root partition kexec (git-fixes).
- clocksource/drivers/hyperv: add data structure for reference TSC MSR (git-fixes).
- Drivers: hv: fix repeated words in comments (git-fixes).
- HID: hyperv: fix possible memory leak in mousevsc_probe() (git-fixes).
- drm/hyperv: Add ratelimit on error message (git-fixes).
- scsi: storvsc: remove an extraneous "/to"/ in a comment (git-fixes).
- Drivers: hv: vmbus: Don't wait for the ACPI device upon initialization (git-fixes).
- Drivers: hv: vmbus: Use PCI_VENDOR_ID_MICROSOFT for better discoverability (git-fixes).
- Drivers: hv: vmbus: Fix kernel-doc (git-fixes).
- drm/hyperv: Don't overwrite dirt_needed value set by host (git-fixes).
- Drivers: hv: vmbus: Optimize vmbus_on_event (git-fixes).
- scsi: storvsc: Drop DID_TARGET_FAILURE use (git-fixes).
- Drivers: hv: Never allocate anything besides framebuffer from framebuffer memory region (git-fixes).
- Drivers: hv: Always reserve framebuffer region for Gen1 VMs (git-fixes).
- PCI: Move PCI_VENDOR_ID_MICROSOFT/PCI_DEVICE_ID_HYPERV_VIDEO definitions to pci_ids.h (git-fixes).
- tools: hv: kvp: remove unnecessary (void*) conversions (git-fixes).
- Drivers: hv: remove duplicate word in a comment (git-fixes).
- tools: hv: Remove an extraneous "/the"/ (git-fixes).
- scsi: storvsc: Remove WQ_MEM_RECLAIM from storvsc_error_wq (git-fixes).
- Drivers: hv: vmbus: Release cpu lock in error case (git-fixes).
- Drivers: hv: Fix syntax errors in comments (git-fixes).
- scsi: storvsc: Fix typo in comment (git-fixes).
- Drivers: hv: vmbus: fix typo in comment (git-fixes).
- PCI: hv: Add validation for untrusted Hyper-V values (git-fixes).
- x86/hyperv: Disable hardlockup detector by default in Hyper-V guests (git-fixes).
- Drivers: hv: vmbus: Accept hv_sock offers in isolated guests (git-fixes).
- hv_sock: Add validation for untrusted Hyper-V values (git-fixes).
- hv_sock: Copy packets sent by Hyper-V out of the ring buffer (git-fixes).
- hv_sock: Check hv_pkt_iter_first_raw()'s return value (git-fixes).
- Drivers: hv: vmbus: Add VMbus IMC device to unsupported list (git-fixes).
- hv_netvsc: Fix potential dereference of NULL pointer (git-fixes).
- hv_netvsc: Print value of invalid ID in netvsc_send_{completion,tx_complete}() (git-fixes).
- net: hyperv: remove use of bpf_op_t (git-fixes).
- commit 5a5a746
- Update kabi files. Update using the released November MU kernel
  5.14.21-150400.24.33.2
- commit b0daa6c
- sched: Clear ttwu_pending after enqueue_task() (git fixes
  (sched/core)).
- commit 8216675
- soc: imx8m: Enable OCOTP clock before reading the register
  (git-fixes).
- arm64: dts: imx8mn: Fix NAND controller size-cells (git-fixes).
- arm64: dts: imx8mm: Fix NAND controller size-cells (git-fixes).
- ARM: dts: imx7: Fix NAND controller size-cells (git-fixes).
- arm64: dts: qcom: sm8350-hdk: Specify which LDO modes are
  allowed (git-fixes).
- arm64: dts: qcom: sm8250-xperia-edo: Specify which LDO modes
  are allowed (git-fixes).
- arm64: dts: qcom: sm8150-xperia-kumano: Specify which LDO
  modes are allowed (git-fixes).
- arm64: dts: qcom: sa8155p-adp: Specify which LDO modes are
  allowed (git-fixes).
- net: thunderbolt: Fix error handling in tbnet_init()
  (git-fixes).
- net/x25: Fix skb leak in x25_lapb_receive_frame() (git-fixes).
- bridge: switchdev: Fix memory leaks when changing VLAN protocol
  (git-fixes).
- net: phy: marvell: add sleep time after enabling the loopback
  bit (git-fixes).
- mISDN: fix misuse of put_device() in mISDN_register_device()
  (git-fixes).
- mISDN: fix possible memory leak in mISDN_dsp_element_register()
  (git-fixes).
- commit f0f96f8
- soundwire: intel: Initialize clock stop timeout (bsc#1205507).
- commit ed7ad85
- io_uring: fix io_timeout_remove locking (git-fixes).
- io_uring: correct __must_hold annotation (git-fixes).
- commit afa1999
- Update metadata references
- commit 48537d5
- KVM: SVM: move guest vmsave/vmload back to assembly (git-fixes).
- commit 64aefe3
- KVM: SVM: retrieve VMCB from assembly (git-fixes).
- commit fdd0aa2
- blk-mq: Properly init requests from blk_mq_alloc_request_hctx()
  (git-fixes).
- rbd: fix possible memory leak in rbd_sysfs_init() (git-fixes).
- blk-wbt: call rq_qos_add() after wb_normal is initialized
  (git-fixes).
- block: blk_queue_enter() / __bio_queue_enter() must return
  - EAGAIN for nowait (git-fixes).
- blk-mq: fix io hung due to missing commit_rqs (git-fixes).
- block/rnbd-srv: Set keep_id to true after mutex_trylock
  (git-fixes).
- blktrace: Trace remapped requests correctly (git-fixes).
- blk-mq: don't create hctx debugfs dir until q->debugfs_dir is
  created (git-fixes).
- block: add bio_start_io_acct_time() to control start_time
  (git-fixes).
- blk-cgroup: fix missing put device in error path from
  blkg_conf_pref() (git-fixes).
- commit 58eed28
- nbd: Fix incorrect error handle when first_minor is illegal
  in nbd_dev_add (git-fixes).
- Refresh for the above change,
  patches.suse/0002-nbd-fix-possible-overflow-on-first_minor-in-nbd_dev_.patch.
- commit 8281951
- KVM: SVM: adjust register allocation for __svm_vcpu_run()
  (git-fixes).
- commit 7b25718
- KVM: SVM: replace regs argument of __svm_vcpu_run() with
  vcpu_svm (git-fixes).
- commit 7867341
- KVM: x86: use a separate asm-offsets.c file (git-fixes).
- commit 0602ab1
- KVM: x86: Hide IA32_PLATFORM_DCA_CAP[31:0] from the guest
  (git-fixes).
- commit 499c3ca
- drm/amdkfd: Migrate in CPU page fault use current mm
  (git-fixes).
- commit f476661
- pinctrl: devicetree: fix null pointer dereferencing in
  pinctrl_dt_to_map (git-fixes).
- pinctrl: rockchip: list all pins in a possible mux route for
  PX30 (git-fixes).
- platform/surface: aggregator: Do not check for repeated
  unsequenced packets (git-fixes).
- platform/x86/intel: pmc: Don't unconditionally attach Intel
  PMC when virtualized (git-fixes).
- arm64: efi: Fix handling of misaligned runtime regions and
  drop warning (git-fixes).
- ata: libata-scsi: fix SYNCHRONIZE CACHE (16) command failure
  (git-fixes).
- nilfs2: fix use-after-free bug of ns_writer on remount
  (git-fixes).
- mmc: sdhci_am654: Fix SDHCI_RESET_ALL for CQHCI (git-fixes).
- mmc: sdhci-tegra: Fix SDHCI_RESET_ALL for CQHCI (git-fixes).
- mms: sdhci-esdhc-imx: Fix SDHCI_RESET_ALL for CQHCI (git-fixes).
- mmc: sdhci-of-arasan: Fix SDHCI_RESET_ALL for CQHCI (git-fixes).
- mmc: cqhci: Provide helper for resetting both SDHCI and CQHCI
  (git-fixes).
- ALSA: hda: fix potential memleak in 'add_widget_node'
  (git-fixes).
- ALSA: hda/realtek: Add Positivo C6300 model quirk (git-fixes).
- ALSA: usb-audio: Add DSD support for Accuphase DAC-60
  (git-fixes).
- ALSA: usb-audio: Add quirk entry for M-Audio Micro (git-fixes).
- ALSA: hda/hdmi - enable runtime pm for more AMD display audio
  (git-fixes).
- ALSA: hda/ca0132: add quirk for EVGA Z390 DARK (git-fixes).
- drm/amdgpu: disable BACO on special BEIGE_GOBY card (git-fixes).
- wifi: ath11k: avoid deadlock during regulatory update in
  ath11k_regd_update() (git-fixes).
- platform/x86: hp_wmi: Fix rfkill causing soft blocked wifi
  (git-fixes).
- drm/amdkfd: Fix NULL pointer dereference in svm_migrate_to_ram()
  (git-fixes).
- thunderbolt: Add DP OUT resource when DP tunnel is discovered
  (git-fixes).
- drm/amdkfd: handle CPU fault on COW mapping (git-fixes).
- drm/amdkfd: avoid recursive lock in migrations back to RAM
  (git-fixes).
- commit 438c140
- KVM: x86: Treat #DBs from the emulator as fault-like (code
  and DR7.GD=1) (git-fixes).
- commit 89491ed
- KVM: x86: Report error when setting CPUID if Hyper-V allocation
  fails (git-fixes).
- commit 335e5aa
- virtio-blk: Use blk_validate_block_size() to validate block size
  (git-fixes).
- block: drop unused includes in <linux/genhd.h> (git-fixes).
- commit a549255
- blacklist.conf: add commits suggested by git-fixes which won't be backported
- commit d1fe12d
- KVM: SVM: Disable SEV-ES support if MMIO caching is disable
  (git-fixes).
- commit d6a15a7
- KVM: x86/mmu: fix memoryleak in kvm_mmu_vendor_module_init()
  (git-fixes).
- commit ce66979
- KVM: nVMX: Attempt to load PERF_GLOBAL_CTRL on nVMX xfer iff
  it exists (git-fixes).
- commit 3387324
- KVM: VMX: Add helper to check if the guest PMU has
  PERF_GLOBAL_CTRL (git-fixes).
- commit 1b36b28
- KVM: VMX: Mark all PERF_GLOBAL_(OVF)_CTRL bits reserved if
  there's no vPMU (git-fixes).
- commit 3ada3ae
- tcp: Fix data races around icsk->icsk_af_ops (CVE-2022-3566
  bsc#1204405).
- commit f7cc985
- ipv6: Fix data races around sk->sk_prot (CVE-2022-3567
  bsc#1204414).
- ipv6: annotate some data-races around sk->sk_prot (CVE-2022-3567
  bsc#1204414).
- commit 654a4f7
- KVM: nVMX: Rename handle_vm{on,off}() to handle_vmx{on,off}()
  (git-fixes).
- commit 7218ba7
- KVM: nVMX: Always enable TSC scaling for L2 when it was enabled
  for L1 (git-fixes).
- commit b0f3ab9
- KVM: x86: Fully initialize 'struct kvm_lapic_irq' in
  kvm_pv_kick_cpu_op() (git-fixes).
- commit 81fd9e6
- KVM: x86: Signal #GP, not -EPERM, on bad WRMSR(MCi_CTL/STATUS)
  (git-fixes).
- commit 1a1eab3
- KVM: SVM: Stuff next_rip on emulated INT3 injection if NRIPS
  is supported (git-fixes).
- commit e7e1382
- KVM: SEV: Mark nested locking of vcpu->lock (git-fixes).
- commit 5f6bf6f
- KVM: x86/svm: Account for family 17h event renumberings in
  amd_pmc_perf_hw_id (git-fixes).
- commit e3ae104
- KVM: x86: avoid loading a vCPU after .vm_destroy was called
  (git-fixes).
- commit 29af845
- KVM: Move wiping of the kvm->vcpus array to common code
  (git-fixes).
- commit 9720dc5
- s390/pci: add missing EX_TABLE entries to
  __pcistg_mio_inuser()/__pcilg_mio_inuser() (bsc#1205427
  LTC#200502).
- s390/futex: add missing EX_TABLE entry to __futex_atomic_op()
  (bsc#1205427 LTC#200502).
- s390/uaccess: add missing EX_TABLE entries to __clear_user(),
  copy_in_user_mvcos(), copy_in_user_mvc(), clear_user_xc()
  and __strnlen_user() (bsc#1205428 LTC#200501).
- commit ad7cfae
- nilfs2: fix deadlock in nilfs_count_free_blocks() (git-fixes).
- dmaengine: at_hdmac: Check return code of
  dma_async_device_register (git-fixes).
- dmaengine: at_hdmac: Fix impossible condition (git-fixes).
- dmaengine: at_hdmac: Don't allow CPU to reorder channel enable
  (git-fixes).
- dmaengine: at_hdmac: Fix completion of unissued descriptor in
  case of errors (git-fixes).
- dmaengine: at_hdmac: Fix descriptor handling when issuing it
  to hardware (git-fixes).
- spi: stm32: Print summary 'callbacks suppressed' message
  (git-fixes).
- mmc: sdhci-esdhc-imx: use the correct host caps for
  MMC_CAP_8_BIT_DATA (git-fixes).
- drm/i915/dmabuf: fix sg_table handling in map_dma_buf
  (git-fixes).
- drm/vc4: Fix missing platform_unregister_drivers() call in
  vc4_drm_register() (git-fixes).
- nilfs2: replace WARN_ONs by nilfs_error for checkpoint
  acquisition failure (git-fixes).
- commit f7fc242
- dmaengine: at_hdmac: Fix concurrency over the active list
  (git-fixes).
- dmaengine: at_hdmac: Free the memset buf without holding the
  chan lock (git-fixes).
- dmaengine: at_hdmac: Fix concurrency over descriptor
  (git-fixes).
- dmaengine: at_hdmac: Fix concurrency problems by removing
  atc_complete_all() (git-fixes).
- dmaengine: at_hdmac: Protect atchan->status with the channel
  lock (git-fixes).
- dmaengine: at_hdmac: Do not call the complete callback on
  device_terminate_all (git-fixes).
- dmaengine: at_hdmac: Fix premature completion of desc in
  issue_pending (git-fixes).
- dmaengine: at_hdmac: Start transfer for cyclic channels in
  issue_pending (git-fixes).
- dmaengine: at_hdmac: Don't start transactions at tx_submit level
  (git-fixes).
- dmaengine: at_hdmac: Fix at_lli struct definition (git-fixes).
- commit 718fc6d
- KVM: x86/pmu: Update AMD PMC sample period to fix guest
  NMI-watchdog (git-fixes).
- commit d582f6e
- ata: libata-transport: fix error handling in ata_tdev_add()
  (git-fixes).
- ata: libata-transport: fix error handling in ata_tlink_add()
  (git-fixes).
- ata: libata-transport: fix error handling in ata_tport_add()
  (git-fixes).
- ata: libata-transport: fix double ata_host_put() in
  ata_tport_add() (git-fixes).
- dmaengine: ti: k3-udma-glue: fix memory leak when register
  device fail (git-fixes).
- dmaengine: mv_xor_v2: Fix a resource leak in mv_xor_v2_remove()
  (git-fixes).
- dmaengine: pxa_dma: use platform_get_irq_optional (git-fixes).
- commit 3e58402
- x86/cpu: Restore AMD's DE_CFG MSR after resume (bsc#1205473).
- commit d022167
- KVM: x86: Use __try_cmpxchg_user() to emulate atomic accesses
  (git-fixes).
- commit af8969b
- KVM: x86: Use __try_cmpxchg_user() to update guest PTE A/D bits
  (git-fixes).
- commit 4c10c2f
- x86/futex: Remove .fixup usage (git-fixes).
- commit 687839d
- ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy
  Book Pro 360 (bsc#1205100).
- ALSA: hda/realtek: fix speakers for Samsung Galaxy Book Pro
  (bsc#1205100).
- commit ca2ce49
- x86/extable: Extend extable functionality (git-fixes).
- commit 28f726d
- x86/microcode/AMD: Apply the patch early on every logical thread
  (bsc#1205264).
- commit 6805cb3
- x86/uaccess: Implement macros for CMPXCHG on user addresses
  (git-fixes).
- commit 680ab7c
- Kconfig: Add option for asm goto w/ tied outputs to workaround
  clang-13 bug (git-fixes).
- Refresh config.
- commit 7888244
- KVM: x86/pmu: Fix and isolate TSX-specific performance event
  logic (git-fixes).
- commit e13feb1
- kABI: Fix kABI after "/KVM: x86/pmu: Use different raw event
  masks for AMD and Intel"/ (git-fixes).
- commit d086901
- KVM: x86/pmu: Use different raw event masks for AMD and Intel
  (git-fixes).
- commit fd5bd7c
- xen/gntdev: Accommodate VMA splitting (git-fixes).
- commit 0745691
- KVM: x86/mmu: WARN if old _or_ new SPTE is REMOVED in non-atomic
  path (git-fixes).
- commit bc980a8
- KVM: x86/mmu: Fix wrong/misleading comments in TDP MMU fast zap
  (git-fixes).
- commit d3e6160
- blacklist.conf: add fcb732d8f8cf ("/KVM: x86/xen: Fix runstate
  updates to be atomic when preempting vCPU"/)
- commit d42ecb5
- blacklist.conf: add 55749769fe60 ("/KVM: x86: Fix wall clock writes
  in Xen shared_info not to mark page dirty"/)
- commit 08e6ef4
- KVM: x86: Mask off reserved bits in CPUID.80000001H (git-fixes).
- commit a7fc31c
- KVM: x86: emulator: update the emulation mode after CR0 write
  (git-fixes).
- commit f0c4a2c
- KVM: x86: emulator: update the emulation mode after rsm
  (git-fixes).
- commit debb42a
- KVM: x86: emulator: introduce emulator_recalc_and_set_mode
  (git-fixes).
- commit a9da797
- KVM: x86: emulator: em_sysexit should update ctxt->mode
  (git-fixes).
- commit e252f98
- KVM: VMX: fully disable SGX if SECONDARY_EXEC_ENCLS_EXITING
  unavailable (git-fixes).
- commit f452678
- KVM: x86: Mask off reserved bits in CPUID.8000001AH (git-fixes).
- commit c7494f8
- KVM: x86: Mask off reserved bits in CPUID.80000008H (git-fixes).
- commit b042017
- KVM: x86: Mask off reserved bits in CPUID.80000006H (git-fixes).
- commit ce5ff67
- KVM: VMX: Drop bits 31:16 when shoving exception error code
  into VMCS (git-fixes).
- commit e0caade
- Update patches.suse/kabi-arm64-reserve-space-in-cpu_hwcaps-and-cpu_hwcap.patch
  Patch (44b3834b2eed5 "/arm64: errata: Remove AES hwcap for COMPAT tasks"/) added
  new workaround identifier. Remove one placeholder to keep kABI intact.
- commit e23b992
- arm64: errata: Remove AES hwcap for COMPAT tasks (git-fixes)
  Enable CONFIG_ARM64_ERRATUM_1742098 in arm64/default
- commit fbe1536
- arm64: Fix bit-shifting UB in the MIDR_CPU_MODEL() macro (git-fixes)
- commit c70ddd5
- arm64: fix rodata=full again (git-fixes)
- commit 62260a8
- kabi: sk_buff.scm_io_uring (bsc#1204228 CVE-2022-2602).
- commit 9a9bd27
- scsi: scsi_transport_sas: Fix error handling in sas_phy_add()
  (git-fixes).
- scsi: megaraid_sas: Correct value passed to scsi_device_lookup()
  (git-fixes).
- scsi: qedf: Populate sysfs attributes for vport (git-fixes).
- scsi: mpt3sas: Fix return value check of dma_get_required_mask()
  (git-fixes).
- commit 71fe2f3
- intel_idle: make SPR C1 and C1E be independent (jsc#PED-1936).
- commit 6f9a5d3
- cpuidle: intel_idle: Drop redundant backslash at line end (jsc#PED-1936).
- commit 593da52
- cpufreq: intel_pstate: Support Sapphire Rapids OOB mode (jsc#PED-849).
- commit 4bf905f
- cpufreq: intel_pstate: Handle no_turbo in frequency invariance (jsc#PED-849).
- commit 41e314e
- intel_idle: Fix SPR C6 optimization (jsc#PED-824 jsc#PED-1936).
- commit 29ea7f2
- intel_idle: Fix the 'preferred_cstates' module parameter (jsc#PED-824 jsc#PED-1936).
- commit 07146fb
- intel_idle: Add AlderLake support (jsc#PED-824).
- commit 6094f58
- panic, kexec: make __crash_kexec() NMI safe (git-fixes).
- kexec: turn all kexec_mutex acquisitions into trylocks
  (git-fixes).
- commit 1a14cb1
- KVM: VMX: clear vmx_x86_ops.sync_pir_to_irr if APICv is disabled
  (bsc#1205007).
- commit a0ddd6a
- io_uring/af_unix: defer registered files gc to io_uring release
  (bsc#1204228 CVE-2022-2602).
- commit 52299ff
- fuse: add file_modified() to fallocate (bsc#1205332).
- fuse: fix readdir cache race (bsc#1205331).
- commit 75f741e
- net: phy: mscc: macsec: clear encryption keys when freeing a
  flow (git-fixes).
- macsec: clear encryption keys from the stack after setting up
  offload (git-fixes).
- macsec: fix detection of RXSCs when toggling offloading
  (git-fixes).
- macsec: fix secy->n_rx_sc accounting (git-fixes).
- macsec: delete new rxsc when offload fails (git-fixes).
- wifi: cfg80211: fix memory leak in query_regdb_file()
  (git-fixes).
- wifi: cfg80211: silence a sparse RCU warning (git-fixes).
- soundwire: qcom: check for outanding writes before doing a read
  (git-fixes).
- soundwire: qcom: reinit broadcast completion (git-fixes).
- phy: ralink: mt7621-pci: add sentinel to quirks table
  (git-fixes).
- phy: stm32: fix an error code in probe (git-fixes).
- mtd: parsers: bcm47xxpart: Fix halfblock reads (git-fixes).
- media: v4l: subdev: Fail graciously when getting try data for
  NULL state (git-fixes).
- media: meson: vdec: fix possible refcount leak in vdec_probe()
  (git-fixes).
- media: dvb-frontends/drxk: initialize err to 0 (git-fixes).
- media: cros-ec-cec: limit msg.len to CEC_MAX_MSG_SIZE
  (git-fixes).
- media: s5p_cec: limit msg.len to CEC_MAX_MSG_SIZE (git-fixes).
- media: rkisp1: Zero v4l2_subdev_format fields in when validating
  links (git-fixes).
- media: rkisp1: Use correct macro for gradient registers
  (git-fixes).
- media: rkisp1: Initialize color space on resizer sink and
  source pads (git-fixes).
- media: rkisp1: Don't pass the quantization to
  rkisp1_csm_config() (git-fixes).
- mtd: parsers: bcm47xxpart: print correct offset on read error
  (git-fixes).
- video/fbdev/stifb: Implement the stifb_fillrect() function
  (git-fixes).
- commit 5883e57
- can: j1939: j1939_send_one(): fix missing CAN header
  initialization (git-fixes).
- can: af_can: fix NULL pointer dereference in can_rx_register()
  (git-fixes).
- hamradio: fix issue of dev reference count leakage in
  bpq_device_event() (git-fixes).
- efi: random: Use 'ACPI reclaim' memory for random seed
  (git-fixes).
- efi: random: reduce seed size to 32 bytes (git-fixes).
- drm/i915/sdvo: Setup DDC fully before output init (git-fixes).
- drm/i915/sdvo: Filter out invalid outputs more sensibly
  (git-fixes).
- drm/rockchip: dsi: Force synchronous probe (git-fixes).
- Bluetooth: L2CAP: Fix attempting to access uninitialized memory
  (git-fixes).
- Bluetooth: L2CAP: Fix accepting connection request for invalid
  SPSM (git-fixes).
- drm/msm/hdmi: fix IRQ lifetime (git-fixes).
- i2c: xiic: Add platform module alias (git-fixes).
- ACPI: APEI: Fix integer overflow in ghes_estatus_pool_init()
  (git-fixes).
- HID: saitek: add madcatz variant of MMO7 mouse device ID
  (git-fixes).
- HID: playstation: add initial DualSense Edge controller support
  (git-fixes).
- drm/amdgpu: set vm_update_mode=0 as default for Sienna Cichlid
  in SRIOV case (git-fixes).
- drm/msm/hdmi: Remove spurious IRQF_ONESHOT flag (git-fixes).
- commit 5a3b429
- x86/fpu: Drop fpregs lock before inheriting FPU permissions
  (bnc#1205282).
- commit bbde2ef
- blacklist.conf: cleanup designed to break kABI
- commit e1ca2ce
- blacklist.conf: cleanup designed to break kABI
- commit 3471afe
- ipv6: ping: fix wrong checksum for large frames (bsc#1203183).
- commit f29a164
- io_uring: disable polling signalfd pollfree files (CVE-2022-3176
  bsc#1203391).
- commit ff11e05
- blacklist.conf: kABI
- commit 52ff77d
- blacklist.conf: prerequisites would break kABI
- commit 3f3b1f5
- blacklist.conf: this patch would need an inordinary number of
  prerequisites for a race in a corner case
- commit 4987ef8
- blacklist.conf: kABI
- commit 29e4b4e
- Update patch metadata for media fix (CVE-2022-3903 bsc#1205220)
- commit 899a453
- capabilities: fix undefined behavior in bit shift for
  CAP_TO_MASK (git-fixes).
- capabilities: fix potential memleak on error path from
  vfs_getxattr_alloc() (git-fixes).
- commit 9091aa0
- Update patches.suse/scsi-ibmvfc-Avoid-path-failures-during-live-migratio.patch
  (bsc#1065729 bsc#1204810 ltc#200162).
- commit ba4e679
- drm/i915/gvt: fix double free bug in split_2MB_gtt_entry (bsc#1204780, CVE-2022-3707)
- commit 3d29636
- scsi: ibmvscsis: Increase INITIAL_SRP_LIMIT to 1024
  (bsc#1156395).
- commit 32de176
- Refresh patches.suse/scsi-ibmvfc-Do-not-wait-for-initial-device-scan.patch.
  Refresh to upstream version of patch.
- commit aba4ad9
- Refresh sorted patches.
- commit 3d3be93
- scsi: ibmvfc: Avoid path failures during live migration
  (bsc#1065729).
- commit 2f0fa7f
- Update patches.suse/arm64-Add-AMPERE1-to-the-Spectre-BHB-affected-list.patch (git-fixes, bsc#1205153).
  Add reference to bsc#1205153.
- commit 08070be
- arm64: Add AMPERE1 to the Spectre-BHB affected list (git-fixes).
- arm64: errata: Add Cortex-A55 to the repeat tlbi list (git-fixes).
  Enable CONFIG_ARM64_ERRATUM_2441007, too
- commit 57ef351
- ALSA: usb-audio: Remove redundant workaround for Roland quirk
  (bsc#1205111).
- ALSA: usb-audio: Yet more regression for for the delayed card
  registration (bsc#1205111).
- commit fdb6d05
- rpm/check-for-config-changes: add TOOLCHAIN_HAS_* to IGNORED_CONFIGS_RE
  This new form was added in commit b8c86872d1dc (riscv: fix detection of
  toolchain Zicbom support).
- commit e9f2ba6
- tracing: kprobe: Fix memory leak in
  test_gen_kprobe/kretprobe_cmd() (git-fixes).
- commit 4b18e0d
- io-wq: don't retry task_work creation failure on fatal
  conditions (bnc#1205113).
- io-wq: Remove duplicate code in io_workqueue_create()
  (bnc#1205113).
- io-wq: fix silly logic error in io_task_work_match()
  (bnc#1205113).
- io-wq: fix cancellation on create-worker failure (bnc#1205113).
- commit f9f6f38
- Add suse-kernel-rpm-scriptlets to kmp buildreqs (boo#1205149)
- commit 888e01e
- cifs: fix use-after-free on the link name (bsc#1193629).
- commit c8e18d6
- cifs: avoid unnecessary iteration of tcp sessions (bsc#1193629).
- commit 3b19f83
- cifs: always iterate smb sessions using primary channel
  (bsc#1193629).
- commit 5cac47b
- cifs: fix use-after-free caused by invalid pointer `hostname`
  (bsc#1193629).
- commit 6bd980d
- cifs: Fix pages leak when writedata alloc failed in
  cifs_write_from_iter() (bsc#1193629).
- commit 4170ae6
- cifs: Fix pages array leak when writedata alloc failed in
  cifs_writedata_alloc() (bsc#1193629).
- commit b7ff361
- Move upstreamed tracing patch into sorted section
- commit c9209ac
- hv_netvsc: Fix race between VF offering and VF association
  message from host (bsc#1204850).
- commit e9c6d7c
- arm64: entry: avoid kprobe recursion (git-fixes).
- Documentation: devres: add missing I2C helper (git-fixes).
- i2c: piix4: Fix adapter not be removed in piix4_remove()
  (git-fixes).
- efi/tpm: Pass correct address to memblock_reserve (git-fixes).
- arm64: dts: juno: Add thermal critical trip points (git-fixes).
- firmware: arm_scmi: Make Rx chan_setup fail on memory errors
  (git-fixes).
- firmware: arm_scmi: Suppress the driver's bind attributes
  (git-fixes).
- arm64: dts: ls208xa: specify clock frequencies for the MDIO
  controllers (git-fixes).
- arm64: dts: ls1088a: specify clock frequencies for the MDIO
  controllers (git-fixes).
- arm64: dts: lx2160a: specify clock frequencies for the MDIO
  controllers (git-fixes).
- dt-bindings: power: gpcv2: add power-domains property
  (git-fixes).
- arm64: dts: imx8: correct clock order (git-fixes).
- ARM: dts: imx6qdl-gw59{10,13}: fix user pushbutton GPIO offset
  (git-fixes).
- commit 9fbcbe8
- Move upstreamed patches into sorted section
- commit 490afd7
- x86/sev: Don't use cc_platform_has() for early SEV-SNP calls
  (bsc#1204970).
- x86/boot: Don't propagate uninitialized
  boot_params->cc_blob_address (bsc#1204970).
- x86/boot: Fix the setup data types max limit (bsc#1204970).
- x86/compressed/64: Add identity mappings for setup_data entries
  (bsc#1204970).
- x86/sev: Annotate stack change in the #VC handler (bsc#1204970).
- x86/sev: Remove duplicated assignment to variable info
  (bsc#1204970).
- commit 1ad6c0c
- selftests/pidfd_test: Remove the erroneous ',' (git-fixes).
- vsock: fix possible infinite sleep in
  vsock_connectible_wait_data() (git-fixes).
- vsock: remove the unused 'wait' in vsock_connectible_recvmsg()
  (git-fixes).
- mISDN: fix possible memory leak in mISDN_register_device()
  (git-fixes).
- rose: Fix NULL pointer dereference in rose_send_frame()
  (git-fixes).
- nfc: nfcmrvl: Fix potential memory leak in
  nfcmrvl_i2c_nci_send() (git-fixes).
- nfc: s3fwrn5: Fix potential memory leak in s3fwrn5_nci_send()
  (git-fixes).
- nfc: nxp-nci: Fix potential memory leak in nxp_nci_send()
  (git-fixes).
- nfc: fdp: Fix potential memory leak in fdp_nci_send()
  (git-fixes).
- xhci: Remove device endpoints from bandwidth list when freeing
  the device (git-fixes).
- xhci-pci: Set runtime PM as default policy on all xHC 1.2 or
  later devices (git-fixes).
- xhci: Add quirk to reset host back to default state at shutdown
  (git-fixes).
- usb: xhci: add XHCI_SPURIOUS_SUCCESS to ASM1042 despite being
  a V0.96 controller (git-fixes).
- kernfs: fix use-after-free in __kernfs_remove (git-fixes).
- serial: core: move RS485 configuration tasks from drivers into
  core (git-fixes).
- commit 356bf7e
- ata: pata_legacy: fix pdc20230_set_piomode() (git-fixes).
- Bluetooth: virtio_bt: Use skb_put to set length (git-fixes).
- Bluetooth: L2CAP: Fix use-after-free caused by
  l2cap_reassemble_sdu (git-fixes).
- isdn: mISDN: netjet: fix wrong check of device registration
  (git-fixes).
- fs/binfmt_elf: Fix memory leak in load_elf_binary() (git-fixes).
- commit 9e67c0b
- Move upstreamed BT fixes into sorted section
- commit 9cff1e2
- blacklist.conf: add 8250_mtk entry that was reverted
- commit c43b30f
- IB/core: Fix a nested dead lock as part of ODP flow (git-fixes)
- commit 6f2ee60
- Update kabi files. Refresh from Nov 2022 MU - 5.14.21-150400.24.28.1
- commit a5edbce
- ALSA: hiface: fix repeated words in comments (git-fixes).
- commit 1897e56
- ALSA: scarlett2: Add Focusrite Clarett+ 8Pre support
  (git-fixes).
- ALSA: scarlett2: Add support for the internal "/standalone"/
  switch (git-fixes).
- ALSA: scarlett2: Split scarlett2_config_items[] into 3 sections
  (git-fixes).
- ALSA: usb-audio: scarlett2: Use struct_size() helper in
  scarlett2_usb() (git-fixes).
- commit 51a746f
- ALSA: usb-audio: Add mixer mapping for Gigabyte B450/550 Mobos
  (git-fixes).
- Refresh
  patches.suse/ALSA-usb-audio-More-comprehensive-mixer-map-for-ASUS.patch.
- commit aad3dbe
- ALSA: line6: remove line6_set_raw declaration (git-fixes).
- ALSA: usb-audio: Add quirk to enable Avid Mbox 3 support
  (git-fixes).
- ALSA: usb-audio: make read-only array marker static const
  (git-fixes).
- ALSA: line6: Replace sprintf() with sysfs_emit() (git-fixes).
- ALSA: usb/6fire: fix repeated words in comments (git-fixes).
- ALSA: usb-audio: remove redundant assignment to variable c
  (git-fixes).
- commit 7b36d72
- ring-buffer: Check for NULL cpu_buffer in
  ring_buffer_wake_waiters() (bsc#1204705).
- commit 2e712ad
- Refresh patches.suse/ppc64-kdump-Limit-kdump-base-to-512MB.patch
  to upstream version.
- commit 0f63234
- Update patch references to
  patches.suse/0001-floppy-disable-FDRAWCMD-by-default.patch
  (bsc#1200692 CVE-2022-33981).
- commit 913147c
- scsi: scsi_transport_fc: Use %u for dev_loss_tmo (bsc#1202914).
- commit 0d14223
- iommu/vt-d: Do not falsely log intel_iommu is unsupported
  kernel option (bsc#1204947).
- commit 440c18c
- wifi: brcmfmac: Fix potential buffer overflow in
  brcmf_fweh_event_worker() (CVE-2022-3628 bsc#1204868).
- commit 968feec
- Drop Dell Dock regression fix patch again (bsc#1204719)
  It tunred out to be bogus, a different fix is needed
- commit 2c62bb9
- scsi: lpfc: Update the obsolete adapter list (bsc#1204142).
- commit dc8f2da
- scsi: qla2xxx: Use transport-defined speed mask for
  supported_speeds (bsc#1204963).
- scsi: qla2xxx: Fix serialization of DCBX TLV data request
  (bsc#1204963).
- commit d6d1732
- Move upstreamed sound patches into sorted section
- commit a5b0f8c
- ALSA: usb-audio: Fix regression with Dell Dock jack detection
  (bsc#1204719).
- commit ec69ec6
- scsi: lpfc: Update lpfc version to 14.2.0.8 (bsc#1204957).
- scsi: lpfc: Create a sysfs entry called lpfc_xcvr_data for
  transceiver info (bsc#1204957).
- scsi: lpfc: Log when congestion management limits are in effect
  (bsc#1204957).
- scsi: lpfc: Fix hard lockup when reading the rx_monitor from
  debugfs (bsc#1204957).
- scsi: lpfc: Set sli4_param's cmf option to zero when CMF is
  turned off (bsc#1204957).
- scsi: lpfc: Fix spelling mistake "/unsolicted"/ -> "/unsolicited"/
  (bsc#1204957).
- scsi: lpfc: Fix memory leak in lpfc_create_port() (bsc#1204957).
- commit f06c1f8
- RDMA/irdma: Remove the unnecessary variable saddr (git-fixes)
  [#] Conflicts:
  [#]	series.conf
- commit cc60033
- RDMA/irdma: Use net_type to check network type (git-fixes)
  [#] Conflicts:
  [#]	series.conf
- commit cc0ac5a
- Drop verbose nvme logging feature (bsc#1200567)
  This feature caused regressions by logging all failed NVMe
  commands. Though not all of them are actually a real
  error. E.g. libnvme is probing for features and handling fails
  correctly. Upstream fixed this by disabling this feature and looking
  into making this an opt-in option.
- Delete patches.suse/nvme-add-verbose-error-logging.patch.
- Delete
  patches.suse/nvme-don-t-print-verbose-errors-for-internal-passthr.patch.
- commit a82baa8
- RDMA/irdma: Validate udata inlen and outlen (git-fixes)
- commit c66230c
- RDMA/irdma: Add support for address handle re-use (git-fixes)
- commit 456aa9c
- RDMA/irdma: Move union irdma_sockaddr to header file (git-fixes)
- commit 01da806
- selftests/livepatch: better synchronize test_klp_callbacks_busy
  (bsc#1071995).
- commit 82010dd
- livepatch: Add a missing newline character in
  klp_module_coming() (bsc#1071995).
- commit 82368b9
- RDMA/srp: Support more than 255 rdma ports (git-fixes)
- commit 6da7233
- RDMA/srp: Handle dev_set_name() failure (git-fixes)
- commit 2aa5768
- RDMA/srp: Use the attribute group mechanism for sysfs attributes (git-fixes)
- commit ee393a3
- RDMA/srp: Rework the srp_add_port() error path (git-fixes)
- commit cf4fa33
- livepatch: fix race between fork and KLP transition
  (bsc#1071995).
- commit bc0a77a
- RDMA/srpt: Introduce a reference count in struct srpt_device (git-fixes)
- commit fecc405
- RDMA/srpt: Fix a use-after-free (git-fixes)
- commit e0cd3e8
- RDMA/srpt: Duplicate port name members (git-fixes)
- commit accb2fe
- Update patches.suse/kbuild-Add-skip_encoding_btf_enum64-option-to-pahole.patch
  (bsc#1204693).
- commit 9cde40b
- blacklist.conf: scripts/gdb: Allow to read printk log buffer on
  32-bit systems; hardly needed by anyone
- commit c5107b2
- printk: wake waiters for safe and NMI contexts (bsc#1204934).
- commit ccf6fd7
- printk: use atomic updates for klogd work (bsc#1204934).
- commit 42aa5d7
- printk: add missing memory barrier to wake_up_klogd()
  (bsc#1204934).
- commit 91ae0ab
- Revert "/workqueue: remove unused cancel_work()"/ (bsc#1204933).
- commit a8f292e
- signal: break out of wait loops on kthread_stop() (bsc#1204926).
- commit 1f81ec4
- net/mlx5e: Properly disable vlan strip on non-UL reps
  (git-fixes).
- commit ea8a4bd
- net: ipvtap - add __init/__exit annotations to module init/exit
  funcs (git-fixes).
- commit bcfb537
- bonding: 802.3ad: fix no transmission of LACPDUs (git-fixes).
- commit 0446df6
- net: moxa: get rid of asymmetry in DMA mapping/unmapping
  (git-fixes).
- commit 6609905
- net: ipa: don't assume SMEM is page-aligned (git-fixes).
- commit 41f9dec
- stmmac: intel: Add a missing clk_disable_unprepare() call in
  intel_eth_pci_remove() (git-fixes).
- commit bb8b4d3
- Update metadata references
- commit bdfc8f9
- Refresh
  patches.suse/drm-bridge-lt8912b-fix-corrupted-image-output.patch.
  Alt-commit
- commit f154e04
- Refresh
  patches.suse/drm-bridge-lt8912b-set-hdmi-or-dvi-mode.patch.
  Alt-commit
- commit 54a25a3
- Refresh patches.suse/drm-bridge-lt8912b-add-vsync-hsync.patch.
  Alt-commit
- commit 6755cca
- Refresh
  patches.suse/drm-amdgpu-don-t-register-a-dirty-callback-for-non-a.patch.
  Alt-commit
- commit 5548e46
- Refresh
  patches.suse/drm-msm-dsi-Fix-number-of-regulators-for-SDM660.patch.
  Alt-commit
- commit c51fb10
- Refresh
  patches.suse/drm-msm-dsi-Fix-number-of-regulators-for-msm8996_dsi.patch.
  Alt-commit
- commit e910e60
- Refresh
  patches.suse/drm-msm-dp-delete-DP_RECOVERED_CLOCK_OUT_EN-to-fix-t.patch.
  Alt-commit
- commit 8f4fbd6
- Refresh
  patches.suse/drm-amdgpu-make-sure-to-init-common-IP-before-gmc.patch.
  Alt-commit
- commit d839738
- Refresh
  patches.suse/drm-amdgpu-move-nbio-sdma_doorbell_range-into-sdma-c.patch.
  Alt-commit
- commit 4202af7
- Refresh
  patches.suse/drm-amdgpu-move-nbio-ih_doorbell_range-into-ih-code-.patch.
  Alt-commit
- commit 6a84f94
- Refresh
  patches.suse/drm-simpledrm-Fix-return-type-of-simpledrm_simple_di.patch.
  Alt-commit
- commit c6e149e
- Refresh
  patches.suse/drm-nouveau-fix-another-off-by-one-in-nvbios_addr.patch.
  Alt-commit
- commit 7c051d6
- Refresh
  patches.suse/drm-amd-display-Only-use-depth-36-bpp-linebuffers-on.patch.
  Alt-commit
- commit e1c296d
- Refresh
  patches.suse/Revert-drm-amdgpu-display-set-vblank_disable_immedia.patch.
  Alt-commit
- commit 1bf4062
- Refresh
  patches.suse/drm-fourcc-fix-integer-type-usage-in-uapi-header.patch.
  Alt-commit
- commit 174b777
- Refresh
  patches.suse/drm-bridge-ti-sn65dsi83-Handle-dsi_lanes-0-as-invali.patch.
  Alt-commit
- commit d529823
- Refresh
  patches.suse/Revert-drm-amd-pm-keep-the-BACO-feature-enabled-for-.patch.
  Alt-commit
- commit b27902a
- RDMA/usnic: fix set-but-not-unused variable 'flags' warning (git-fixes)
- commit a0cf107
- IB/rdmavt: Add __init/__exit annotations to module init/exit funcs (git-fixes)
- commit e49e34a
- RDMA/rxe: Fix resize_finish() in rxe_queue.c (git-fixes)
- commit 6b44016
- RDMA/siw: Fix QP destroy to wait for all references dropped. (git-fixes)
- commit 61cef3e
- RDMA/siw: Always consume all skbuf data in sk_data_ready() upcall. (git-fixes)
- commit 296a57b
- RDMA/srp: Fix srp_abort() (git-fixes)
- commit 7984b35
- RDMA/irdma: Align AE id codes to correct flush code and event (git-fixes)
- commit c55a705
- RDMA/rxe: Fix the error caused by qp->sk (git-fixes)
- commit 85ed907
- RDMA/rxe: Fix "/kernel NULL pointer dereference"/ error (git-fixes)
- commit 94f5187
- RDMA/mlx5: Don't compare mkey tags in DEVX indirect mkey (git-fixes)
- commit cbf3855
- RDMA/irdma: Report RNR NAK generation in device caps (git-fixes)
- commit 7306409
- RDMA/irdma: Return correct WC error for bind operation failure (git-fixes)
- commit bb7b5cd
- RDMA/irdma: Return error on MR deregister CQP failure (git-fixes)
- commit e8ec2a2
- RDMA/irdma: Report the correct max cqes from query device (git-fixes)
- commit 2b8a0ed
- RDMA/siw: Pass a pointer to virt_to_page() (git-fixes)
- commit c54f89a
- usb: gadget: bdc: fix typo in comment (git-fixes).
- commit 0b9f194
- usb: typec: tcpm: fix typo in comment (git-fixes).
- commit a66c855
- RDMA/srp: Set scmnd->result only when scmnd is not NULL (git-fixes)
- commit 458db53
- RDMA/cma: Fix arguments order in net device validation (git-fixes)
- commit 81952c8
- RDMA/rxe: Fix error unwind in rxe_create_qp() (git-fixes)
- commit f572d06
- kbuild: Add skip_encoding_btf_enum64 option to pahole
  (git-fixes).
- commit 934e48d
- RDMA/mlx5: Add missing check for return value in get namespace flow (git-fixes)
- commit 6e82f19
- RDMA/rxe: Fix rnr retry behavior (git-fixes)
- commit 7a75da5
- RDMA/rxe: For invalidate compare according to set keys in mr (git-fixes)
- commit 66293aa
- RDMA/rxe: Fix mw bind to allow any consumer key portion (git-fixes)
- commit c8934f1
- RDMA/siw: Fix duplicated reported IW_CM_EVENT_CONNECT_REPLY event (git-fixes)
- commit 79b1a39
- RDMA/qedr: Fix potential memory leak in __qedr_alloc_mr() (git-fixes)
- commit 706d0f6
- RDMA: remove useless condition in siw_create_cq() (git-fixes)
- commit 6f61f5a
- RDMA/irdma: Fix setting of QP context err_rq_idx_valid field (git-fixes)
- commit 026149f
- RDMA/irdma: Fix VLAN connection with wildcard address (git-fixes)
- commit f75f6bd
- RDMA/irdma: Fix a window for use-after-free (git-fixes)
- commit 5ca4a5f
- RDMA/rxe: Fix deadlock in rxe_do_local_ops() (git-fixes)
- commit afef467
- RDMA/irdma: Fix sleep from invalid context BUG (git-fixes)
- commit 735c971
- RDMA/irdma: Do not advertise 1GB page size for x722 (git-fixes)
- commit ccc988f
- RDMA/qedr: Fix reporting QP timeout attribute (git-fixes)
- commit c6a81d4
- RDMA/hfi1: Fix potential integer multiplication overflow errors (git-fixes)
- commit 2b22d3a
- RDMA/hns: Add the detection for CMDQ status in the device initialization process (git-fixes)
- commit 7090c13
- RDMA/rxe: Generate a completion for unsupported/invalid opcode (git-fixes)
- commit 2a9e949
- blacklist.conf: Clarify status of 6f5c672d17f583b081e283927f5040f726c54598.
- commit cfc21b5
- s390/dasd: fix Oops in dasd_alias_get_start_dev due to missing
  pavgroup (git-fixes).
- commit 3602f60
- fbdev: cyber2000fb: fix missing pci_disable_device()
  (git-fixes).
- fbdev: da8xx-fb: Fix error handling in .remove() (git-fixes).
- iio: bmc150-accel-core: Fix unsafe buffer attributes
  (git-fixes).
- iio: adxl372: Fix unsafe buffer attributes (git-fixes).
- iio: temperature: ltc2983: allocate iio channels once
  (git-fixes).
- iio: adc: mcp3911: use correct id bits (git-fixes).
- iio: light: tsl2583: Fix module unloading (git-fixes).
- usb: dwc3: gadget: Don't set IMI for no_interrupt (git-fixes).
- usb: dwc3: gadget: Stop processing more requests on IMI
  (git-fixes).
- usb: bdc: change state when port disconnected (git-fixes).
- hwmon/coretemp: Handle large core ID value (git-fixes).
- ACPI: video: Make backlight class device registration a separate
  step (v2) (git-fixes).
- r8152: add PID for the Lenovo OneLink+ Dock (git-fixes).
- net: usb: r8152: Add in new Devices that are supported for
  Mac-Passthru (git-fixes).
- arm64/mm: Consolidate TCR_EL1 fields (git-fixes).
- commit 510527f
- tracing: Disable interrupt or preemption before acquiring
  arch_spinlock_t (git-fixes).
- commit 2afc9ce
- tracing: Wake up ring buffer waiters on closing of the file
  (git-fixes).
- kABI: Fix after adding trace_iterator.wait_index (git-fixes).
- commit c6de351
- tracing: Fix reading strings from synthetic events (git-fixes).
- commit b3d60fe
- tracing: Add "/(fault)"/ name injection to kernel probes
  (git-fixes).
- commit e8dfbfa
- tracing: Move duplicate code of trace_kprobe/eprobe.c into header
  (git-fixes).
- commit 4676a84
- ftrace: Fix char print issue in print_ip_ins() (git-fixes).
- commit 40cb188
- tracing: Do not free snapshot if tracer is on cmdline
  (git-fixes).
- commit 9e07624
- tracing: Simplify conditional compilation code in
  tracing_set_tracer() (git-fixes).
- commit 35b9e24
- ring-buffer: Fix race between reset page and reading page
  (git-fixes).
- commit e172e8c
- tracing: Wake up waiters when tracing is disabled (git-fixes).
- commit e65663f
- tracing: Add ioctl() to force ring buffer waiters to wake up
  (git-fixes).
- commit d726bd0
- ring-buffer: Add ring_buffer_wake_waiters() (git-fixes).
- commit 3f155a7
- ALSA: rme9652: use explicitly signed char (git-fixes).
- ALSA: au88x0: use explicitly signed char (git-fixes).
- ALSA: usb-audio: Add quirks for M-Audio Fast Track C400/600
  (git-fixes).
- commit 1285ea5
- device property: Fix documentation for *_match_string() APIs
  (git-fixes).
- PM: domains: Fix handling of unavailable/disabled idle states
  (git-fixes).
- PM: hibernate: Allow hybrid sleep to work with s2idle
  (git-fixes).
- mmc: sdhci_am654: 'select', not 'depends' REGMAP_MMIO
  (git-fixes).
- mmc: core: Fix kernel panic when remove non-standard SDIO card
  (git-fixes).
- mmc: sdhci-pci-core: Disable ES for ASUS BIOS on Jasper Lake
  (git-fixes).
- mmc: sdhci-esdhc-imx: Propagate ESDHC_FLAG_HS400* only on 8bit
  bus (git-fixes).
- mtd: rawnand: marvell: Use correct logic for nand-keep-config
  (git-fixes).
- ALSA: aoa: Fix I2S device accounting (git-fixes).
- ALSA: Use del_timer_sync() before freeing timer (git-fixes).
- ALSA: aoa: i2sbus: fix possible memory leak in i2sbus_add_dev()
  (git-fixes).
- ASoC: qcom: lpass-cpu: Mark HDMI TX parity register as volatile
  (git-fixes).
- ASoC: qcom: lpass-cpu: mark HDMI TX registers as volatile
  (git-fixes).
- ALSA: ac97: fix possible memory leak in snd_ac97_dev_register()
  (git-fixes).
- drm/i915/dp: Reset frl trained flag before restarting FRL
  training (git-fixes).
- drm/amdkfd: Fix memory leak in kfd_mem_dmamap_userptr()
  (git-fixes).
- drm/msm/dp: fix IRQ lifetime (git-fixes).
- drm/msm/hdmi: fix memory corruption with too many bridges
  (git-fixes).
- drm/msm/dsi: fix memory corruption with too many bridges
  (git-fixes).
- drm/msm: fix use-after-free on probe deferral (git-fixes).
- drm/msm: Fix return type of mdp4_lvds_connector_mode_valid
  (git-fixes).
- commit a89c8ce
- blacklist.conf: add reverted ASoC patches
- commit 67ca727
- net: mscc: ocelot: fix address of SYS_COUNT_TX_AGING counter
  (git-fixes).
- commit a23c712
- net: dsa: sja1105: fix buffer overflow in
  sja1105_setup_devlink_regions() (git-fixes).
- commit 9684564
- net: dsa: microchip: ksz9477: fix fdb_dump last invalid entry
  (git-fixes).
- commit bcb13eb
- Update patch reference for USB fix (bsc#1196018 CVE-2022-28748 bsc#1202686 CVE-2022-2964)
- commit 0ee154e
- i40e: Fix to stop tx_timeout recovery if GLOBR fails
  (git-fixes).
- commit 9ae1da4
- iavf: Fix reset error handling (git-fixes).
- commit d4babdd
- iavf: Fix adminq error handling (git-fixes).
- commit 403a1a3
- net: moxa: pass pdev instead of ndev to DMA functions
  (git-fixes).
- commit e117a5b
- mlxsw: spectrum: Clear PTP configuration after unregistering
  the netdevice (git-fixes).
- commit 6677912
- net: dsa: mv88e6060: prevent crash on an unused port
  (git-fixes).
- commit 00d6b8c
- fec: Fix timer capture timing in `fec_ptp_enable_pps()`
  (git-fixes).
- commit 1a47f16
- dpaa2-eth: trace the allocated address instead of page struct
  (git-fixes).
- commit 1020d1e
- net: atlantic: fix aq_vec index out of range error (git-fixes).
- commit 46d90a2
- plip: avoid rcu debug splat (git-fixes).
- commit eb203b2
- net: bgmac: Fix a BUG triggered by wrong bytes_compl
  (git-fixes).
- commit cb50cd4
- net: bcmgenet: Indicate MAC is in charge of PHY PM (git-fixes).
- commit 1147d60
- xfs: convert XLOG_FORCED_SHUTDOWN() to xlog_is_shutdown()
  (git-fixes).
- commit ab97572
- xfs: fix xfs_ifree() error handling to not leak perag ref
  (git-fixes).
- commit 2b17a84
- can: j1939: transport: j1939_session_skb_drop_old():
  spin_unlock_irqrestore() before kfree_skb() (git-fixes).
- can: kvaser_usb: Fix possible completions during init_completion
  (git-fixes).
- openvswitch: switch from WARN to pr_warn (git-fixes).
- can: mcp251x: mcp251x_can_probe(): add missing
  unregister_candev() in error path (git-fixes).
- can: mscan: mpc5xxx: mpc5xxx_can_probe(): add missing
  put_clock() in error path (git-fixes).
- mac802154: Fix LQI recording (git-fixes).
- media: vivid: set num_in/outputs to 0 if not supported
  (git-fixes).
- media: videodev2.h: V4L2_DV_BT_BLANKING_HEIGHT should check
  'interlaced' (git-fixes).
- media: v4l2-dv-timings: add sanity checks for blanking values
  (git-fixes).
- media: vivid: dev->bitmap_cap wasn't freed in all cases
  (git-fixes).
- media: vivid: s_fbuf: add more sanity checks (git-fixes).
- can: kvaser_usb: kvaser_usb_leaf: fix CAN clock frequency
  regression (git-fixes).
- commit 78420ce
- Add CVE reference to
  patches.suse/net-usb-ax88179_178a-Fix-out-of-bounds-accesses-in-R.patch
  (bsc#1196018 CVE-2022-28748 CVE-2022-2964).
- commit 1298a2a
- HID: hidraw: fix memory leak in hidraw_release() (git-fixes).
- commit 0e980ee
- octeontx2-pf: Fix NIX_AF_TL3_TL2X_LINKX_CFG register
  configuration (git-fixes).
- commit cc822b8
- octeontx2-af: Fix key checking for source mac (git-fixes).
- commit 2b15002
- octeontx2-af: Fix mcam entry resource leak (git-fixes).
- commit 1934a04
- octeontx2-af: suppress external profile loading warning
  (git-fixes).
- commit f03aa66
- octeontx2-af: Apply tx nibble fixup always (git-fixes).
- commit 127ded0
- net: tap: NULL pointer derefence in dev_parse_header_protocol
  when skb->dev is null (git-fixes).
- commit fd012c5
- nfp: ethtool: fix the display error of `ethtool -m DEVNAME`
  (git-fixes).
- commit 145a612
- net/ice: fix initializing the bitmap in the switch code
  (git-fixes).
- commit 1864c2e
- net/mlx5e: xsk: Account for XSK RQ UMRs when calculating ICOSQ
  size (git-fixes).
- commit 0f9b4b8
- net/mlx5e: Remove WARN_ON when trying to offload an unsupported
  TLS cipher/version (git-fixes).
- commit 26fe2e5
- netdevsim: fib: Fix reference count leak on route deletion
  failure (git-fixes).
- commit ef84aaa
- ice: do not setup vlan for loopback VSI (git-fixes).
- commit 2f72810
- ice: check (DD | EOF) bits on Rx descriptor rather than (EOP |
  RS) (git-fixes).
- commit c63938e
- can: kvaser_usb: replace run-time checks with struct
  kvaser_usb_driver_info (git-fixes).
- commit 435b54b
- sfc: disable softirqs for ptp TX (git-fixes).
- commit def7cc9
- octeontx2-pf: Fix UDP/TCP src and dst port tc filters
  (git-fixes).
- commit a2053ff
- net: fix IFF_TX_SKB_NO_LINEAR definition (git-fixes).
- commit 36a8155
- thermal: intel_powerclamp: Use first online CPU as control_cpu
  (git-fixes).
- thermal/drivers/qcom/tsens-v0_1: Fix MSM8939 fourth sensor hw_id
  (git-fixes).
- staging: rtl8723bs: fix a potential memory leak in
  rtw_init_cmd_priv() (git-fixes).
- staging: vt6655: fix potential memory leak (git-fixes).
- usb: add quirks for Lenovo OneLink+ Dock (git-fixes).
- thunderbolt: Explicitly enable lane adapter hotplug events at
  startup (git-fixes).
- usb: idmouse: fix an uninit-value in idmouse_open (git-fixes).
- usb: dwc3: core: Enable GUCTL1 bit 10 for fixing termination
  error after resume bug (git-fixes).
- usb: musb: Fix musb_gadget.c rxstate overflow bug (git-fixes).
- usb: host: xhci: Fix potential memory leak in
  xhci_alloc_stream_info() (git-fixes).
- usb: host: xhci-plat: suspend/resume clks for brcm (git-fixes).
- usb: host: xhci-plat: suspend and resume clocks (git-fixes).
- soundwire: intel: fix error handling on dai registration issues
  (git-fixes).
- soundwire: cadence: Don't overwrite msg->buf during write
  commands (git-fixes).
- kselftest/arm64: Fix validatation termination record after
  EXTRA_CONTEXT (git-fixes).
- soc/tegra: fuse: Drop Kconfig dependency on TEGRA20_APB_DMA
  (git-fixes).
- udmabuf: Set ubuf->sg = NULL if the creation of sg table fails
  (git-fixes).
- spi: Ensure that sg_table won't be used after being freed
  (git-fixes).
- wifi: rt2x00: correctly set BBP register 86 for MT7620
  (git-fixes).
- wifi: rt2x00: set SoC wmac clock register (git-fixes).
- wifi: rt2x00: set VGC gain for both chains of MT7620
  (git-fixes).
- wifi: rt2x00: set correct TX_SW_CFG1 MAC register for MT7620
  (git-fixes).
- wifi: rt2x00: don't run Rt5592 IQ calibration on MT7620
  (git-fixes).
- wifi: mt76: mt7921: reset msta->airtime_ac while clearing up
  hw value (git-fixes).
- wifi: brcmfmac: fix use-after-free bug in
  brcmf_netdev_start_xmit() (git-fixes).
- wifi: ath9k: avoid uninit memory read in ath9k_htc_rx_msg()
  (git-fixes).
- thunderbolt: Add back Intel Falcon Ridge end-to-end flow
  control workaround (git-fixes).
- wifi: brcmfmac: fix invalid address access when enabling SCAN
  log level (git-fixes).
- selinux: use "/grep -E"/ instead of "/egrep"/ (git-fixes).
- thermal: cpufreq_cooling: Check the policy first in
  cpufreq_cooling_register() (git-fixes).
- thermal: intel_powerclamp: Use get_cpu() instead of
  smp_processor_id() to avoid crash (git-fixes).
- selinux: allow FIOCLEX and FIONCLEX with policy capability
  (git-fixes).
- commit 2b3f1b5
- gcov: support GCC 12.1 and newer compilers (git-fixes).
- drm/amd/display: Fix build breakage with CONFIG_DEBUG_FS=n
  (git-fixes).
- drm/amd/display: Fix vblank refcount in vrr transition
  (git-fixes).
- kbuild: rpm-pkg: fix breakage when V=1 is used (git-fixes).
- kbuild: remove the target in signal traps when interrupted
  (git-fixes).
- clk: bcm2835: Make peripheral PLLC critical (git-fixes).
- clk: zynqmp: pll: rectify rate rounding in zynqmp_pll_round_rate
  (git-fixes).
- clk: zynqmp: Fix stack-out-of-bounds in strncpy` (git-fixes).
- staging: rtl8723bs: fix potential memory leak in
  rtw_init_drv_sw() (git-fixes).
- iio: pressure: dps310: Reset chip after timeout (git-fixes).
- iio: pressure: dps310: Refactor startup procedure (git-fixes).
- dmaengine: ti: k3-udma: Reset UDMA_CHAN_RT byte counters to
  prevent overflow (git-fixes).
- power: supply: adp5061: fix out-of-bounds read in
  adp5061_get_chg_type() (git-fixes).
- HID: roccat: Fix use-after-free in roccat_read() (git-fixes).
- media: cx88: Fix a null-ptr-deref bug in buffer_prepare()
  (git-fixes).
- drm/amd/display: Remove interface for periodic interrupt 1
  (git-fixes).
- drm/meson: explicitly remove aggregate driver at module unload
  time (git-fixes).
- drm/amdgpu: fix initial connector audio value (git-fixes).
- drm: panel-orientation-quirks: Add quirk for Anbernic Win600
  (git-fixes).
- drm: bridge: dw_hdmi: only trigger hotplug event on link change
  (git-fixes).
- drm/nouveau/kms/nv140-: Disable interlacing (git-fixes).
- gpu: lontium-lt9611: Fix NULL pointer dereference in
  lt9611_connector_init() (git-fixes).
- drm/komeda: Fix handling of atomic commits in the
  atomic_commit_tail hook (git-fixes).
- drm/virtio: Check whether transferred 2D BO is shmem
  (git-fixes).
- drm: Prevent drm_copy_field() to attempt copying a NULL pointer
  (git-fixes).
- drm: Use size_t type for len variable in drm_copy_field()
  (git-fixes).
- drm/nouveau/nouveau_bo: fix potential memory leak in
  nouveau_bo_alloc() (git-fixes).
- platform/x86: msi-laptop: Change DMI match / alias strings to
  fix module autoloading (git-fixes).
- platform/chrome: cros_ec: Notify the PM of wake events during
  resume (git-fixes).
- mmc: sdhci-msm: add compatible string check for sdm670
  (git-fixes).
- regulator: core: Prevent integer underflow (git-fixes).
- hwmon: (sht4x) do not overflow clamping operation on 32-bit
  platforms (git-fixes).
- net: ethernet: ti: davinci_mdio: fix build for mdio bitbang uses
  (git-fixes).
- openvswitch: Fix overreporting of drops in dropwatch
  (git-fixes).
- openvswitch: Fix double reporting of drops in dropwatch
  (git-fixes).
- net: ethernet: ti: davinci_mdio: Add workaround for errata i2329
  (git-fixes).
- ima: fix blocking of security.ima xattrs of unsupported
  algorithms (git-fixes).
- commit 73e3036
- arm64: topology: move store_cpu_topology() to shared code
  (git-fixes).
- arm64: dts: imx8mp: Add snps,gfladj-refclk-lpm-sel quirk to
  USB nodes (git-fixes).
- ata: libahci_platform: Sanity check the DT child nodes number
  (git-fixes).
- arm64: dts: imx8mq-librem5: Add bq25895 as max17055's power
  supply (git-fixes).
- ARM: dts: imx6sx: add missing properties for sram (git-fixes).
- ARM: dts: imx6sll: add missing properties for sram (git-fixes).
- ARM: dts: imx6sl: add missing properties for sram (git-fixes).
- ARM: dts: imx6qp: add missing properties for sram (git-fixes).
- ARM: dts: imx6dl: add missing properties for sram (git-fixes).
- ARM: dts: imx6q: add missing properties for sram (git-fixes).
- ARM: dts: imx7d-sdb: config the max pressure for tsc2046
  (git-fixes).
- ARM: 9242/1: kasan: Only map modules if CONFIG_KASAN_VMALLOC=n
  (git-fixes).
- ASoC: SOF: pci: Change DMI match info to support all Chrome
  platforms (git-fixes).
- ALSA: usb-audio: Fix last interface check for registration
  (git-fixes).
- ALSA: usb-audio: Register card at the last interface
  (git-fixes).
- Bluetooth: L2CAP: Fix user-after-free (git-fixes).
- Bluetooth: hci_sysfs: Fix attempting to call device_add multiple
  times (git-fixes).
- Bluetooth: L2CAP: initialize delayed works at
  l2cap_chan_create() (git-fixes).
- Bluetooth: RFCOMM: Fix possible deadlock on socket
  shutdown/release (git-fixes).
- Bluetooth: btintel: Mark Intel controller to support LE_STATES
  quirk (git-fixes).
- can: bcm: check the result of can_send() in bcm_can_tx()
  (git-fixes).
- ARM: decompressor: Include .data.rel.ro.local (git-fixes).
- ACPI: video: Add Toshiba Satellite/Portege Z830 quirk
  (git-fixes).
- ACPI: x86: Add a quirk for Dell Inspiron 14 2-in-1 for
  StorageD3Enable (git-fixes).
- ACPI: tables: FPDT: Don't call acpi_os_map_memory() on invalid
  phys address (git-fixes).
- ARM: 9247/1: mm: set readonly for MT_MEMORY_RO with ARM_LPAE
  (git-fixes).
- ARM: 9244/1: dump: Fix wrong pg_level in walk_pmd() (git-fixes).
- commit de318d1
- blacklist.conf: update blacklist
- commit 78ca650
- kABI: Fix kABI after backport Forcibly leave nested virt when SMM state
  is toggled (git-fixes).
- commit 8343da0
- kABI: Fix kABI after backport Refactoring find_arch_event() to
  pmc_perf_hw_id() (git-fixes).
- commit 44b42bd
- mm/hugetlb: fix races when looking up a CONT-PTE/PMD size
  hugetlb page (bsc#1204575).
- commit e6fc5be
- kABI: Fix kABI after backport Update vPMCs when retiring branch
  instructions (git-fixes).
- commit 4209455
- kABI: Fix kABI after backport Add pmc->intr to refactor
  kvm_perf_overflow{_intr}() (git-fixes).
- commit 9fc8292
- KVM: SVM: Exit to userspace on ENOMEM/EFAULT GHCB errors
  (git-fixes).
- commit 22e05f5
- overflow.h: restore __ab_c_size (git-fixes).
- commit 9dbc158
- KVM: x86: Add KVM_CAP_ENABLE_CAP to x86 (git-fixes).
- commit 3acb74c
- KVM: x86/pmu: Don't truncate the PerfEvtSeln MSR when creating
  a perf event (git-fixes).
- commit 9a723c2
- overflow: Implement size_t saturating arithmetic helpers
  (jsc#PED-1211).
- commit fecede0
- cgroup/cpuset: Enable update_tasks_cpumask() on top_cpuset
  (bsc#1204753).
- commit d072831
- blacklist.conf: Add cgroup: cgroup: Honor caller's cgroup NS when resolving cgroup id
- commit 382b2e7
- blacklist.conf: Add c530a3c716b9 sched/psi: Fix periodic aggregation shut off
- commit 56b9a2a
- KVM: x86: nSVM/nVMX: set nested_run_pending on VM entry which
  is a result of RSM (git-fixes).
- commit 274c60f
- powerpc/fadump: align destination address to pagesize
  (bsc#1204728 ltc#200074).
- commit 5377513
- KVM: x86: nSVM: mark vmcb01 as dirty when restoring SMM saved
  state (git-fixes).
- commit cd056ba
- KVM: x86: nSVM: fix potential NULL derefernce on nested
  migration (git-fixes).
- commit 272884f
- KVM: x86: Sync the states size with the XCR0/IA32_XSS at,
  any time (git-fixes).
- commit c927187
- KVM: x86: Keep MSR_IA32_XSS unchanged for INIT (git-fixes).
- commit c61458a
- KVM: x86: Forcibly leave nested virt when SMM state is toggled
  (git-fixes).
- commit f22036a
- Update patches.suse/usb-mon-make-mmapped-memory-read-only.patch
  (bsc#1204653 CVE-2022-43750).
  Added CVE and bsc
- commit 93b1d48
- KVM: x86/pmu: Fix available_event_types check for REF_CPU_CYCLES
  event (git-fixes).
- commit 436d9eb
- KVM: x86: Update vPMCs when retiring branch instructions
  (git-fixes).
- Refresh
  patches.suse/kvm-emulate-do-not-adjust-size-of-fastop-and-setcc-subroutines.patch.
- commit 1f8391b
- KVM: x86: Update vPMCs when retiring instructions (git-fixes).
- commit c4d4a64
- KVM: x86/pmu: Add pmc->intr to refactor
  kvm_perf_overflow{_intr}() (git-fixes).
- commit 91025b1
- KVM: x86/pmu: Refactoring find_arch_event() to pmc_perf_hw_id()
  (git-fixes).
- commit 8080b0e
- kABI: Fix kABI after backport Always set kvm_run->if_flag
  (git-fixes).
- KVM: x86: Always set kvm_run->if_flag (git-fixes).
- commit daa5fd4
- KVM: x86/mmu: Don't advance iterator after restart due to
  yielding (git-fixes).
- commit 86c02c7
- KVM: x86/mmu: Retry page fault if root is invalidated by
  memslot update (git-fixes).
- commit c96dbdc
- KVM: fix avic_set_running for preemptable kernels (git-fixes).
- commit 457ae39
- KVM: x86: Add compat handler for KVM_X86_SET_MSR_FILTER
  (git-fixes).
- commit 58e3def
- xen/gntdev: Prevent leaking grants (git-fixes).
- commit 73a7df7
- KVM: nVMX: Ignore SIPI that arrives in L2 when vCPU is not in
  WFS (git-fixes).
- commit 8c88ccd
- KVM: nVMX: Unconditionally purge queued/injected events on
  nested "/exit"/ (git-fixes).
- commit f7976c7
- KVM: x86/emulator: Fix handing of POP SS to correctly set
  interruptibility (git-fixes).
- commit 938654e
- usb: gadget: f_fs: stricter integer overflow checks (git-fixes).
- commit 07d2846
- blacklist.conf: prerequisites too risky
- commit 93c5479
- scsi: mpi3mr: Schedule IRQ kthreads only on non-RT kernels
  (bnc#1204498).
- commit e73c4d3
- usb: cdc-wdm: Use skb_put_data() instead of skb_put/memcpy pair
  (git-fixes).
- commit a0de208
- Update patch reference for
  patches.suse/devlink-Fix-use-after-free-after-a-failed-reload.patch
  (git-fixes bsc#1204637 CVE-2022-3625).
- commit fd50fbc
- pinctrl: Ingenic: JZ4755 bug fixes (git-fixes).
- dyndbg: let query-modname override actual module name
  (git-fixes).
- dyndbg: fix module.dyndbg handling (git-fixes).
- dyndbg: fix static_branch manipulation (git-fixes).
- commit afe6697
- io_uring: use original request task for inflight tracking
  (CVE-2022-40476 bsc#1203435).
- commit 941d6b4
- Update
  patches.suse/powerpc-pseries-vas-Pass-hw_cpu_id-to-node-associati.patch
  (bsc#1194869 bsc#1204428 ltc#200180).
- commit fe8b379
- ring-buffer: Check pending waiters when doing wake ups as well
  (git-fixes).
- commit d934ca7
- ring-buffer: Have the shortest_full queue be the shortest not
  longest (git-fixes).
- commit ed18dc7
- ring-buffer: Allow splice to read previous partially read pages
  (git-fixes).
- commit 4649dee
- ftrace: Properly unset FTRACE_HASH_FL_MOD (git-fixes).
- commit 554a8e9
- net: mvpp2: fix mvpp2 debugfs leak (bsc#1204417 CVE-2022-3535).
- bnx2x: fix potential memory leak in bnx2x_tpa_stop()
  (bsc#1204402 CVE-2022-3542).
- nfp: fix use-after-free in area_cache_get() (bsc#1204415
  CVE-2022-3545).
- commit 8e53774
- tracing/osnoise: Fix possible recursive locking in
  stop_per_cpu_kthreads (git-fixes).
- commit f81f58f
- tracing: Replace deprecated CPU-hotplug functions (git-fixes).
- Refresh
  patches.suse/tracing-osnoise-Fix-missed-cpus_read_unlock-in-start_per_cpu_kthreads.patch.
- commit b1bca55
- tracing: kprobe: Make gen test module work in arm and riscv
  (git-fixes).
- commit 57b2377
- tracing: kprobe: Fix kprobe event gen test module on exit
  (git-fixes).
- commit 81447e5
- cifs: update internal module number (bsc#1193629).
- commit 4202154
- cifs: fix memory leaks in session setup (bsc#1193629).
- commit 5c729d0
- cifs: drop the lease for cached directories on rmdir or rename
  (bsc#1193629).
- commit 46e0f22
- smb3: interface count displayed incorrectly (bsc#1193629).
- commit e073a89
- cifs: Fix memory leak when build ntlmssp negotiate blob failed
  (bsc#1193629).
- commit 7afbdb6
- cifs: set rc to -ENOENT if we can not get a dentry for the
  cached dir (bsc#1193629).
- commit 328e60a
- cifs: use LIST_HEAD() and list_move() to simplify code
  (bsc#1193629).
- commit e5c0c94
- cifs: Fix xid leak in cifs_get_file_info_unix() (bsc#1193629).
- commit a50e886
- cifs: Fix xid leak in cifs_ses_add_channel() (bsc#1193629).
- commit 45683eb
- cifs: Fix xid leak in cifs_flock() (bsc#1193629).
- commit d234b14
- cifs: Fix xid leak in cifs_copy_file_range() (bsc#1193629).
- commit f56cd1f
- cifs: Fix xid leak in cifs_create() (bsc#1193629).
- commit a1d5012
- smb3: improve SMB3 change notification support (bsc#1193629).
- commit 8a4313f
- nilfs2: fix leak of nilfs_root in case of writer thread creation
  failure (CVE-2022-3646 bsc#1204646).
- nilfs2: fix use-after-free bug of struct nilfs_root
  (CVE-2022-3649 bsc#1204647).
- commit af91749
- Update patch reference for vsock fix (CVE-2022-3629 bsc#1204635)
- commit 6c49703
- Bluetooth: L2CAP: fix use-after-free in l2cap_conn_del()
  (CVE-2022-3640 bsc#1204619).
- commit 5d68cf0
- can: j1939: j1939_session_destroy(): fix memory leak of skbs
  (CVE-2022-3633 bsc#1204650).
- commit da3122e
- KVM: s390x: fix SCK locking (git-fixes).
- KVM: s390: Clarify SIGP orders versus STOP/RESTART (git-fixes).
- commit aa7345b
- i2c: qcom-cci: Fix ordering of pm_runtime_xx and i2c_add_adapter
  (git-fixes).
- media: venus: dec: Handle the case where find_format fails
  (git-fixes).
- media: atomisp: prevent integer overflow in
  sh_css_set_black_frame() (git-fixes).
- media: ipu3-imgu: Fix NULL pointer dereference in active
  selection access (git-fixes).
- media: v4l2: Fix v4l2_i2c_subdev_set_name function documentation
  (git-fixes).
- media: mceusb: set timeout to at least timeout provided
  (git-fixes).
- commit fbd2a07
- cpufreq: qcom: fix writes in read-only memory region
  (git-fixes).
- cpufreq: qcom: fix memory leak in error path (git-fixes).
- ACPI: extlog: Handle multiple records (git-fixes).
- HID: magicmouse: Do not set BTN_MOUSE on double report
  (git-fixes).
- selinux: enable use of both GFP_KERNEL and GFP_ATOMIC in
  convert_context() (git-fixes).
- commit a940189
- ALSA: hda/realtek: Add another HP ZBook G9 model quirks
  (bsc#1203699).
- commit 9b4cf06
- cifs: lease key is uninitialized in two additional functions
  when smb1 (bsc#1193629).
- commit 181d702
- cifs: lease key is uninitialized in smb1 paths (bsc#1193629).
- commit 395fb1f
- smb3: must initialize two ACL struct fields to zero
  (bsc#1193629).
- commit 2dfd980
- cifs: fix double-fault crash during ntlmssp (bsc#1193629).
- commit 958d087
- cifs: fix static checker warning (bsc#1193629).
- commit 6695ea2
- cifs: use ALIGN() and round_up() macros (bsc#1193629).
- commit b4d4efd
- cifs: find and use the dentry for cached non-root directories
  also (bsc#1193629).
- commit 14482fe
- cifs: enable caching of directories for which a lease is held
  (bsc#1193629).
- commit cc4f4c4
- cifs: prevent copying past input buffer boundaries
  (bsc#1193629).
- commit 9130844
- cifs: fix uninitialised var in smb2_compound_op() (bsc#1193629).
- commit bdc0943
- cifs: improve symlink handling for smb2+ (bsc#1193629).
- commit 0b6be9d
- smb3: clarify multichannel warning (bsc#1193629).
- commit 96b1224
- cifs: fix skipping to incorrect offset in emit_cached_dirents
  (bsc#1193629).
- commit 6750b0a
- smb3: fix oops in calculating shash_setkey (bsc#1193629).
- commit fdb4064
- cifs: secmech: use shash_desc directly, remove sdesc
  (bsc#1193629).
- commit d652300
- smb3: rename encryption/decryption TFMs (bsc#1193629).
- commit 074ff14
- cifs: replace kfree() with kfree_sensitive() for sensitive data
  (bsc#1193629).
- commit a9c83e0
- cifs: remove initialization value (bsc#1193629).
- commit 650b157
- cifs: Replace a couple of one-element arrays with flexible-array
  members (bsc#1193629).
- commit 2e6a4d1
- smb3: do not log confusing message when server returns no
  network interfaces (bsc#1193629).
- commit fe343ed
- cifs: store a pointer to a fid in the cfid structure instead
  of the struct (bsc#1193629).
- commit 4bc719f
- cifs: improve handlecaching (bsc#1193629).
- commit 460040b
- cifs: Make tcon contain a wrapper structure cached_fids instead
  of cached_fid (bsc#1193629).
- commit 999f1a7
- smb3: add dynamic trace points for tree disconnect
  (bsc#1193629).
- commit c71b282
- Fix formatting of client smbdirect RDMA logging (bsc#1193629).
- commit bc2ae55
- Handle variable number of SGEs in client smbdirect send
  (bsc#1193629).
- commit af0f632
- Reduce client smbdirect max receive segment size (bsc#1193629).
- commit e36b32c
- Decrease the number of SMB3 smbdirect client SGEs (bsc#1193629).
- commit 1c625b9
- cifs: Fix the error length of VALIDATE_NEGOTIATE_INFO message
  (bsc#1193629).
- commit 174687c
- cifs: destage dirty pages before re-reading them for cache=none
  (bsc#1193629).
- commit 9eab309
- cifs: return correct error in ->calc_signature() (bsc#1193629).
- commit 0ace108
- cifs: misc: fix spelling typo in comment (bsc#1193629).
- commit 0177a68
- cifs: update internal module number (bsc#1193629).
- commit a83e618
- cifs: add missing spinlock around tcon refcount (bsc#1193629).
- commit a915086
- cifs: always initialize struct msghdr smb_msg completely
  (bsc#1193629).
- commit 7ba2dbe
- cifs: don't send down the destination address to sendmsg for
  a SOCK_STREAM (bsc#1193629).
- commit cc67d16
- cifs: revalidate mapping when doing direct writes (bsc#1193629).
- commit 3e6da03
- cifs: fix small mempool leak in SMB2_negotiate() (bsc#1193629).
- commit 9ad1214
- smb3: use filemap_write_and_wait_range instead of
  filemap_write_and_wait (bsc#1193629).
- commit 569211d
- smb3: fix temporary data corruption in insert range
  (bsc#1193629).
- commit 4153b9f
- smb3: fix temporary data corruption in collapse range
  (bsc#1193629).
- commit e11095d
- smb3: Move the flush out of smb2_copychunk_range() into its
  callers (bsc#1193629).
- commit 7cc3491
- cifs: Add helper function to check smb1+ server (bsc#1193629).
- commit 8d3cf57
- cifs: Use help macro to get the mid header size (bsc#1193629).
- commit 56cfb79
- cifs: Use help macro to get the header preamble size
  (bsc#1193629).
- commit a32d0c7
- cifs: skip extra NULL byte in filenames (bsc#1193629).
- commit 3c2966f
- smb3: missing inode locks in punch hole (bsc#1193629).
- commit d5ef2ce
- smb3: missing inode locks in zero range (bsc#1193629).
- commit 67739d5
- cifs: move from strlcpy with unused retval to strscpy
  (bsc#1193629).
- commit 1545859
- cifs: Fix memory leak on the deferred close (bsc#1193629).
- commit 0e66dd6
- cifs: remove useless parameter 'is_fsctl' from SMB2_ioctl()
  (bsc#1193629).
- commit e09b402
- cifs: remove unused server parameter from calc_smb_size()
  (bsc#1193629).
- commit 3f30130
- cifs: Do not access tcon->cfids->cfid directly from
  is_path_accessible (bsc#1193629).
- commit 7188f4f
- cifs: Add constructor/destructors for tcon->cfid (bsc#1193629).
- commit 7eb31f4
- SMB3: fix lease break timeout when multiple deferred close
  handles for the same file (bsc#1193629).
- commit 7267460
- smb3: allow deferred close timeout to be configurable
  (bsc#1193629).
- commit 19f7caa
- cifs: Do not use tcon->cfid directly, use the cfid we get from
  open_cached_dir (bsc#1193629).
- commit 25de0c1
- cifs: Move cached-dir functions into a separate file
  (bsc#1193629).
- commit fc0e55e
- cifs: fix lock length calculation (bsc#1193629).
- commit 2661e11
- cifs: update internal module number (bsc#1193629).
- commit 53f5daf
- cifs: alloc_mid function should be marked as static
  (bsc#1193629).
- commit f066ea5
- cifs: remove "/cifs_"/ prefix from init/destroy mids functions
  (bsc#1193629).
- commit 21e261c
- cifs: remove useless DeleteMidQEntry() (bsc#1193629).
- commit b684635
- cifs: when insecure legacy is disabled shrink amount of SMB1
  code (bsc#1193629).
- commit 96f98e3
- blacklist.conf: add an entry for IDXD that has been already fixed
- commit 7531ae1
- dmaengine: idxd: force wq context cleanup on device disable path
  (git-fixes).
- commit e06ba18
- nilfs2: fix NULL pointer dereference at
  nilfs_bmap_lookup_at_level() (CVE-2022-3621 bsc#1204574).
- commit f8016b1
- ALSA: hda/realtek: Add quirk for ASUS Zenbook using CS35L41
  (bsc#1203922).
- commit 1d187cf
- Move upstreamed sound patches into sorted section
- commit 4c058b6
- Bluetooth: L2CAP: Fix memory leak in vhci_write (CVE-2022-3619
  bsc#1204569).
- commit b649754
- drm/amdgpu: fix sdma doorbell init ordering on APUs (git-fixes).
- net: phy: dp83822: disable MDI crossover status change interrupt
  (git-fixes).
- wwan_hwsim: fix possible memory leak in wwan_hwsim_dev_new()
  (git-fixes).
- net: phy: dp83867: Extend RX strap quirk for SGMII mode
  (git-fixes).
- ata: ahci-imx: Fix MODULE_ALIAS (git-fixes).
- commit 273eb71
- powerpc/64s: Fix build failure when CONFIG_PPC_64S_HASH_MMU
  is not set (bsc#1204413 ltc#200176).
- commit 0850b12
- powerpc/pseries: Stop selecting PPC_HASH_MMU_NATIVE (bsc#1204413 ltc#200176).
- Refresh patches.suse/powerpc-Rename-PPC_NATIVE-to-PPC_HASH_MMU_NATIVE.patch.
- commit abb9ade
- powerpc/64s: Make hash MMU support configurable (bsc#1204413 ltc#200176).
- Refresh patches.suse/lkdtm-disable-return-thunks-in-rodata-c.patch.
  Update config files.
- commit 5b2abcf
- fuse: fix deadlock between atomic O_TRUNC and page invalidation
  (bsc#1204533).
- commit a0e6630
- Correct JIRA reference to Impl entries (jsc#PED-833 jsc#PED-850 jsc#PED-825 jsc#PED-822 jsc#PED-846 jsc#PED-817 jsc#PED-851 jsc#PED-857 jsc#PED-842 jsc#PED-813 jsc#PED-1084 jsc#PED-1096 jsc#PED-1085 jsc#PED-1649 jsc#PED-1082 jsc#PED-856)
- commit c7d3570
- powerpc/pseries/vas: Add VAS IRQ primary handler (bsc#1204413
  ltc#200176).
- powerpc: Ignore DSI error caused by the copy/paste instruction
  (bsc#1204413 ltc#200176).
- powerpc/64s: Move hash MMU support code under
  CONFIG_PPC_64S_HASH_MMU (bsc#1204413 ltc#200176).
- Refresh patches.suse/Revert-powerpc-rtas-Implement-reentrant-rtas-call.patch
- Refresh patches.suse/powerpc-Add-kABI-placeholder-to-struct-pci_controlle.patch
- Refresh patches.suse/powerpc-pseries-wire-up-rng-during-setup_arch.patch
- powerpc: make memremap_compat_align 64s-only (bsc#1204413
  ltc#200176).
- powerpc/64: pcpu setup avoid reading mmu_linear_psize on 64e
  or radix (bsc#1204413 ltc#200176).
- powerpc/64s: Rename hash_hugetlbpage.c to hugetlbpage.c
  (bsc#1204413 ltc#200176).
- powerpc/64s: Make flush_and_reload_slb a no-op when radix is
  enabled (bsc#1204413 ltc#200176).
- powerpc/pseries: lparcfg don't include slb_size line in radix
  mode (bsc#1204413 ltc#200176).
- powerpc/64s: Move and rename do_bad_slb_fault as it is not
  hash specific (bsc#1204413 ltc#200176).
- Refresh patches.suse/powerpc-64s-hash-Make-hash-faults-work-in-NMI-contex.patch
- powerpc: Rename PPC_NATIVE to PPC_HASH_MMU_NATIVE (bsc#1204413
  ltc#200176).
  Update config files.
- commit da125ff
- r8152: Rate limit overflow messages (CVE-2022-3594 bsc#1204479).
- commit a745ef5
- Update patch reference for HID fix (CVE-2022-3577 bsc#1204470)
- commit 3ac3b39
- kcm: avoid potential race in kcm_tx_work (bsc#1204355
  CVE-2022-3521).
- commit 2d76ec0
- tcp/udp: Fix memory leak in ipv6_renew_options() (bsc#1204354
  CVE-2022-3524).
- commit f8049de
- Update metadata references
- commit d0bf0fb
- PCI: hv: Fix synchronization between channel callback and
  hv_pci_bus_exit() (bsc#1204017).
- commit ea6713d
- PCI: hv: Fix synchronization between channel callback and
  hv_compose_msi_msg() (bsc#1204017).
- commit 230768b
- PCI: hv: Use vmbus_requestor to generate transaction IDs for
  VMbus hardening (bsc#1204017).
- commit a19c478
- Drivers: hv: vmbus: Introduce {lock,unlock}_requestor()
  (bsc#1204017).
- commit bc36cf4
- Drivers: hv: vmbus: Introduce vmbus_request_addr_match()
  (bsc#1204017).
- commit 40cb8e4
- Drivers: hv: vmbus: Fix handling of messages with transaction
  ID of zero (bsc#1204017).
- commit a5b4ebf
- Drivers: hv: vmbus: Introduce vmbus_sendpacket_getid()
  (bsc#1204017).
- commit 2e0386a
- sch_sfb: Also store skb len before calling child enqueue
  (CVE-2022-3586 bsc#1204439).
- sch_sfb: Don't assume the skb is still around after enqueueing
  to child (CVE-2022-3586 bsc#1204439).
- commit 6788943
- Update patch reference for mISDN fix (CVE-2022-3565 bsc#1204431)
- commit 5d0836e
- cifs: fix wrong unlock before return from cifs_tree_connect()
  (bsc#1193629).
- commit ca24a6e
- cifs: avoid use of global locks for high contention data
  (bsc#1193629).
- commit 003b496
- cifs: remove remaining build warnings (bsc#1193629).
- commit 2a6d64f
- cifs: list_for_each() -> list_for_each_entry() (bsc#1193629).
- commit 98f1884
- smb2: small refactor in smb2_check_message() (bsc#1193629).
- commit 2913774
- cifs: remove minor build warning (bsc#1193629).
- commit 9dd2f9e
- cifs: remove some camelCase and also some static build warnings
  (bsc#1193629).
- commit 7a903b5
- cifs: remove unnecessary (void*) conversions (bsc#1193629).
- commit 352182a
- cifs: remove unnecessary type castings (bsc#1193629).
- commit e2ea7fd
- cifs: remove redundant initialization to variable
  mnt_sign_enabled (bsc#1193629).
- commit 8c39800
- smb3: check xattr value length earlier (bsc#1193629).
- commit 87cd516
- smb3: workaround negprot bug in some Samba servers
  (bsc#1193629).
- commit 031af61
- cifs: remove unnecessary locking of chan_lock while freeing
  session (bsc#1193629).
- commit 0303046
- cifs: fix race condition with delayed threads (bsc#1193629).
- commit 491d550
- cifs: update cifs_ses::ip_addr after failover (bsc#1193629).
- commit 9ed4aa9
- cifs: avoid deadlocks while updating iface (bsc#1193629).
- commit 3a5c612
- cifs: periodically query network interfaces from server
  (bsc#1193629).
- commit dd3e063
- cifs: during reconnect, update interface if necessary
  (bsc#1193629).
- commit 8dea5e1
- cifs: change iface_list from array to sorted linked list
  (bsc#1193629).
- commit 1b05ccf
- smb3: use netname when available on secondary channels
  (bsc#1193629).
- commit 6d17daa
- smb3: fix empty netname context on secondary channels
  (bsc#1193629).
- commit 51fad96
- cifs: when a channel is not found for server, log its connection
  id (bsc#1193629).
- commit 1b306b2
- smb3: add trace point for SMB2_set_eof (bsc#1193629).
- commit c6da1d3
- cifs: populate empty hostnames for extra channels (bsc#1193629).
- commit f2f92b2
- cifs: return errors during session setup during reconnects
  (bsc#1193629).
- commit d557671
- smb3: remove unneeded null check in cifs_readdir (bsc#1193629).
- commit 7eaa3dc
- cifs: cache the dirents for entries in a cached directory
  (bsc#1193629).
- commit 0ddb648
- cifs: truncate the inode and mapping when we simulate fcollapse
  (bsc#1193629).
- commit 3b07034
- scsi: libsas: Fix use-after-free bug in smp_execute_task_sg()
  (git-fixes).
- commit 1ad6725
- dmaengine: idxd: deprecate token sysfs attributes for read
  buffers (jsc#PED-679).
- commit c137213
- dmaengine: idxd: change bandwidth token to read buffers
  (jsc#PED-679).
- Refresh
  patches.suse/dmaengine-idxd-restore-traffic-class-defaults-after-.patch.
- commit d0c1256
- i2c: i801: Add support for Intel Meteor Lake-P (jsc#PED-732).
- spi: pxa2xx: Add support for Intel Meteor Lake-P (jsc#PED-732).
- scsi: ufs: ufs-pci: Add support for Intel MTL (jsc#PED-732).
- commit 11c983f
- Update patch reference for Intel MTL-P USB patch (jsc#PED-732)
- commit 4ca8c18
- pinctrl: alderlake: Fix register offsets for ADL-N variant
  (jsc#PED-676).
- pinctrl: alderlake: Add Intel Alder Lake-N pin controller
  support (jsc#PED-676).
- commit 5492389
- Update patch reference for Intel ADL-N eMMC patch (jsc#PED-676)
- commit 4c38b45
- thunderbolt: Add support for Intel Raptor Lake (jsc#PED-634).
- commit 0ec42f9
- pinctrl: alderlake: Add Raptor Lake-S ACPI ID (jsc#PED-634).
- mfd: intel-lpss: Add Intel Raptor Lake PCH-S PCI IDs
  (jsc#PED-634).
- spi: pxa2xx: Add support for Intel Raptor Lake PCH-S
  (jsc#PED-634).
- commit 06d5787
- Update patch references for intel_th RPL-S support (jsc#PED-634)
- commit 900e952
- i2c: i801: Add support for Intel Raptor Lake PCH-S
  (jsc#PED-634).
- i2c: i801: Improve handling of chip-specific feature definitions
  (jsc#PED-634).
- i2c: i801: Add support for Intel Ice Lake PCH-N (jsc#PED-634).
- commit 46a17cc
- scsi: ufs: ufs-pci: Add support for Intel ADL (jsc#PED-707).
- commit 356d2a6
- thermal: int340x: Mode setting with new OS handshake
  (jsc#PED-678).
- commit c03fef0
- thermal: int340x: Update OS policy capability handshake
  (jsc#PED-678).
- commit 2487fcb
- Update patch reference for macvlan fix (CVE-2022-3526 bsc#1204353)
- commit 740e86c
- rpm/check-for-config-changes: loosen pattern for AS_HAS_*
  This is needed to handle CONFIG_AS_HAS_NON_CONST_LEB128.
- commit bdc0bf7
- powerpc/mm/64s: Drop pgd_huge() (bsc#1065729).
- powerpc/powernv: add missing of_node_put() in
  opal_export_attrs() (bsc#1065729).
- powerpc/pci_dn: Add missing of_node_put() (bsc#1065729).
- commit 7c692ec
- powerpc/kprobes: Fix null pointer reference in
  arch_prepare_kprobe() (jsc#SLE-13847 git-fixes).
- powerpc/64: Remove unused SYS_CALL_TABLE symbol (jsc#SLE-9246
  git-fixes).
- commit 5521322
- arm64/bti: Disable in kernel BTI when cross section thunks are broken (git-fixes)
- commit 2f51dd9
- blacklist.conf: ("/arm64/mm: drop HAVE_ARCH_PFN_VALID"/)
- commit f836660
- clk: at91: fix the build with binutils 2.27 (git-fixes).
- commit a34e36d
- Input: xpad - add supported devices as contributed on github
  (git-fixes).
- efi: libstub: drop pointless get_memory_map() call (git-fixes).
- misc: pci_endpoint_test: Fix
  pci_endpoint_test_{copy,write,read}() panic (git-fixes).
- misc: pci_endpoint_test: Aggregate params checking for xfer
  (git-fixes).
- USB: serial: qcserial: add new usb-id for Dell branded EM7455
  (git-fixes).
- efi: Correct Macmini DMI match in uefi cert quirk (git-fixes).
- commit 4dee064
- ALSA: oss: Fix potential deadlock at unregistration (git-fixes).
- ALSA: rawmidi: Drop register_mutex in snd_rawmidi_free()
  (git-fixes).
- ALSA: hda/realtek: Add Intel Reference SSID to support headset
  keys (git-fixes).
- ALSA: hda/realtek: Add quirk for ASUS GV601R laptop (git-fixes).
- commit c900b4a
- ACPI: HMAT: Release platform device in case of
  platform_device_add_data() fails (git-fixes).
- rtc: stmp3xxx: Add failure handling for stmp3xxx_wdt_register()
  (git-fixes).
- ALSA: hda/realtek: Correct pin configs for ASUS G533Z
  (git-fixes).
- ALSA: hda/realtek: remove ALC289_FIXUP_DUAL_SPK for Dell 5530
  (git-fixes).
- arm64: mte: Avoid setting PG_mte_tagged if no tags cleared or
  restored (git-fixes).
- drm/amd/pm: smu7_hwmgr: fix potential off-by-one overflow in
  'performance_levels' (git-fixes).
- Revert "/drm/amdgpu: use dirty framebuffer helper"/ (git-fixes).
- drm/i915/ehl: Update MOCS table for EHL (git-fixes).
- commit 3ca51e4
- mmc: sdhci-sprd: Fix minimum clock limit (git-fixes).
- openvswitch: add nf_ct_is_confirmed check before assigning
  the helper (git-fixes).
- selftests: netfilter: Fix nft_fib.sh for all.rp_filter=1
  (git-fixes).
- wifi: iwlwifi: mvm: fix double list_add at
  iwl_mvm_mac_wake_tx_queue (other cases) (git-fixes).
- wifi: cfg80211: fix ieee80211_data_to_8023_exthdr handling of
  small packets (git-fixes).
- wifi: mac80211: fix decap offload for stations on AP_VLAN
  interfaces (git-fixes).
- wifi: mac80211: fix probe req HE capabilities access
  (git-fixes).
- wifi: mac80211: do not drop packets smaller than the LLC-SNAP
  header on fast-rx (git-fixes).
- can: kvaser_usb_leaf: Fix CAN state after restart (git-fixes).
- can: kvaser_usb_leaf: Fix TX queue out of sync after restart
  (git-fixes).
- can: kvaser_usb: Fix use of uninitialized completion
  (git-fixes).
- macvlan: enforce a consistent minimal mtu (git-fixes).
- mISDN: hfcpci: Fix use-after-free bug in hfcpci_softirq
  (git-fixes).
- net: ieee802154: return -EINVAL for unknown addr type
  (git-fixes).
- watchdog: armada_37xx_wdt: Fix .set_timeout callback
  (git-fixes).
- watchdog: ftwdt010_wdt: fix test for platform_get_irq() failure
  (git-fixes).
- watchdog/hpwdt: Include nmi.h only if CONFIG_HPWDT_NMI_DECODING
  (git-fixes).
- commit cb006e7
- Drop a incorrectly doubly applied WiFi fix patch
- commit 9d35b83
- wifi: cfg80211: update hidden BSSes to avoid WARN_ON
  (git-fixes).
- wifi: mac80211_hwsim: avoid mac80211 warning on bad rate
  (git-fixes).
- wifi: cfg80211/mac80211: reject bad MBSSID elements (git-fixes).
- commit b28d368
- Move upstramed WiFi fix patches into sorted section
- commit bef1692
- clk: bcm: rpi: Add support for VEC clock (bsc#1196632)
- commit 188fe72
- nvmem: core: Check input parameter for NULL in
  nvmem_unregister() (bsc#1204241).
- commit 66b047b
- clk: bcm2835: Round UART input clock up (bsc#1188238)
- commit f465b19
- ALSA: hda/hdmi: Fix the converter allocation for the silent
  stream (git-fixes).
- ALSA: hda/hdmi: change type for the 'assigned' variable
  (git-fixes).
- commit 6c73200
- drm/i915/gvt: fix a memory leak in intel_gvt_init_vgpu_types
  (git-fixes).
- irqchip/ls-extirq: Fix invalid wait context by avoiding to
  use regmap (git-fixes).
- USB: serial: ftdi_sio: fix 300 bps rate for SIO (git-fixes).
- docs: update mediator information in CoC docs (git-fixes).
- mmc: core: Terminate infinite loop in SD-UHS voltage switch
  (git-fixes).
- drm/amd/display: skip audio setup when audio stream is enabled
  (git-fixes).
- drm/amd/display: update gamut remap if plane has changed
  (git-fixes).
- drm/amd/display: Assume an LTTPR is always present on fixed_vs
  links (git-fixes).
- drm/amd/display: Fix double cursor on non-video RGB MPO
  (git-fixes).
- ARM: dts: fix Moxa SDIO 'compatible', remove 'sdhci' misnomer
  (git-fixes).
- firmware: arm_scmi: Add SCMI PM driver remove routine
  (git-fixes).
- firmware: arm_scmi: Harden accesses to the sensor domains
  (git-fixes).
- firmware: arm_scmi: Improve checks in the info_get operations
  (git-fixes).
- net/ieee802154: fix uninit value bug in dgram_sendmsg
  (git-fixes).
- dmaengine: xilinx_dma: Report error in case of
  dma_set_mask_and_coherent API failure (git-fixes).
- dmaengine: xilinx_dma: cleanup for fetching xlnx,num-fstores
  property (git-fixes).
- dmaengine: xilinx_dma: Fix devm_platform_ioremap_resource
  error handling (git-fixes).
- ALSA: hda/hdmi: Fix the converter reuse for the silent stream
  (git-fixes).
- rpmsg: qcom: glink: replace strncpy() with strscpy_pad()
  (git-fixes).
- mmc: core: Replace with already defined values for readability
  (git-fixes).
- commit 07f5789
- Drop TI clk patch that has been reverted in 5.15.y stable
- commit bfab74f
- Updated metadata references for bsc#1200788 CVE-2022-2153:
  Updated patches (from Juergen Gross)
- patches.suse/KVM-x86-Avoid-theoretical-NULL-pointer-dereference-i.patch
- patches.suse/KVM-x86-Check-lapic_in_kernel-before-attempting-to-s.patch
- patches.suse/KVM-x86-Forbid-VMM-to-set-SYNIC-STIMER-MSRs-when-Syn.patch
- commit e9364fc
- thunderbolt: Fix buffer allocation of devices with no
  DisplayPort adapters (git-fixes).
- commit 2534904
- fs: fix UAF/GPF bug in nilfs_mdt_destroy (CVE-2022-2978
  bsc#1202700).
- commit e1802d7
- thunderbolt: Add missing device ID to
  tb_switch_is_alpine_ridge() (git-fixes).
- commit 9447425
- thunderbolt: Disable LTTPR on Intel Titan Ridge (git-fixes).
- commit 9dce26f
- usb/hcd: Fix dma_map_sg error check (git-fixes).
- commit 82f7672
- kabi/severities: ignore CS35L41-specific exports (bsc#1203699)
- commit 9f486fe
- ALSA: hda: cs35l41: Support System Suspend (bsc#1203699).
- ALSA: hda: cs35l41: Remove suspend/resume hda hooks
  (bsc#1203699).
- ALSA: hda/cs_dsp_ctl: Fix mutex inversion when creating controls
  (bsc#1203699).
- ALSA: hda: hda_cs_dsp_ctl: Ensure pwr_lock is held before
  reading/writing controls (bsc#1203699).
- ALSA: hda: hda_cs_dsp_ctl: Minor clean and redundant code
  removal (bsc#1203699).
- commit 54175bd
- PCI: mediatek-gen3: Change driver name to mtk-pcie-gen3
  (git-fixes).
- dt-bindings: PCI: microchip,pcie-host: fix missing dma-ranges
  (git-fixes).
- dt-bindings: PCI: microchip,pcie-host: fix missing clocks
  properties (git-fixes).
- PCI: Sanitise firmware BAR assignments behind a PCI-PCI bridge
  (git-fixes).
- PCI: Fix used_buses calculation in pci_scan_child_bus_extend()
  (git-fixes).
- PCI/ASPM: Correct LTR_L1.2_THRESHOLD computation (git-fixes).
- PCI/ASPM: Ignore L1 PM Substates if device lacks capability
  (git-fixes).
- i2c: designware: Fix handling of real but unexpected device
  interrupts (git-fixes).
- pinctrl: microchip-sgpio: Correct the fwnode_irq_get() return
  value check (git-fixes).
- pinctrl: armada-37xx: Checks for errors in gpio_request_enable
  callback (git-fixes).
- pinctrl: armada-37xx: Fix definitions for MPP pins 20-22
  (git-fixes).
- pinctrl: armada-37xx: Add missing GPIO-only pins (git-fixes).
- Input: i8042 - fix refount leak on sparc (git-fixes).
- Input: synaptics-rmi4 - fix firmware update operations with
  bootloader v8 (git-fixes).
- Input: xpad - fix wireless 360 controller breaking after suspend
  (git-fixes).
- commit 6628947
- Add cherry-picked ID for AMDGPU patch
- commit 005b431
- octeontx2-pf: cn10k: Fix egress ratelimit configuration
  (git-fixes).
- commit dfc0a0a
- net: sungem_phy: Add of_node_put() for reference returned by
  of_get_parent() (git-fixes).
- commit cc0874b
- net: pcs: xpcs: propagate xpcs_read error to
  xpcs_get_state_c37_sgmii (git-fixes).
- commit 6750e0f
- mlxsw: spectrum_router: Fix IPv4 nexthop gateway indication
  (git-fixes).
- commit 6f3b54a
- ipv4: Fix data-races around sysctl_fib_multipath_hash_policy
  (git-fixes).
- commit afc53c0
- iavf: Fix handling of dummy receive descriptors (git-fixes).
- commit e9bd3c0
- net: dsa: vitesse-vsc73xx: silent spi_device_id warnings
  (git-fixes).
- commit 155ccd4
- net: dsa: sja1105: silent spi_device_id warnings (git-fixes).
- commit ee0b547
- net: stmmac: remove redunctant disable xPCS EEE call
  (git-fixes).
- commit 9493b1a
- ixgbe: Add locking to prevent panic when setting sriov_numvfs
  to zero (git-fixes).
- commit 53fbc66
- net: stmmac: fix dma queue left shift overflow issue
  (git-fixes).
- commit 1deb58f
- net: dsa: microchip: ksz_common: Fix refcount leak bug
  (git-fixes).
- commit c46e25b
- net: stmmac: fix unbalanced ptp clock issue in suspend/resume
  flow (git-fixes).
- commit dff326f
- net: stmmac: fix pm runtime issue in stmmac_dvr_remove()
  (git-fixes).
- commit e347cfb
- ip: Fix data-races around sysctl_ip_fwd_update_priority
  (git-fixes).
- commit 4ea8f18
- sfc: fix kernel panic when creating VF (git-fixes).
- commit 33eba8c
- sfc: fix use after free when disabling sriov (git-fixes).
- commit 2fa14d7
- net: stmmac: fix leaks in probe (git-fixes).
- commit 97831ef
- KVM: x86: Register perf callbacks after calling vendor's
  hardware_setup() (git-fixes).
- Refresh
  patches.suse/KVM-x86-Register-Processor-Trace-interrupt-hook-iff-.patch.
- commit 871c62a
- USB: add RESET_RESUME quirk for NVIDIA Jetson devices in RCM
  (git-fixes).
- commit 31ce443
- KVM: VMX: Inject #PF on ENCLS as "/emulated"/ #PF (git-fixes).
- commit cc0ea0c
- usb: ehci: Fix a function name in comments (git-fixes).
- commit 610087d
- KVM: x86: Inject #UD on emulated XSETBV if XSAVES isn't enabled
  (git-fixes).
- commit 93cdb54
- net: ftgmac100: Hold reference returned by
  of_get_child_by_name() (git-fixes).
- commit 0961942
- bnxt_en: Fix bnxt_refclk_read() (git-fixes).
- commit 4187bc1
- bnxt_en: fix livepatch query (git-fixes).
- commit cc62415
- bnxt_en: Fix bnxt_reinit_after_abort() code path (git-fixes).
- commit e387d75
- bnxt_en: reclaim max resources if sriov enable fails
  (git-fixes).
- commit 9161aa5
- net/mlx5e: Ring the TX doorbell on DMA errors (git-fixes).
- commit 7fdc3a9
- net/mlx5e: Fix enabling sriov while tc nic rules are offloaded
  (git-fixes).
- commit 5e19505
- KVM: x86: do not report preemption if the steal time cache is
  stale (git-fixes).
- commit c293d6b
- net: ethernet: ti: am65-cpsw: Fix devlink port register sequence
  (git-fixes).
- commit 385f6b7
- can: mcp251xfd: mcp251xfd_register_get_dev_id(): fix endianness
  conversion (git-fixes).
- commit 368984e
- can: mcp251xfd: mcp251xfd_register_get_dev_id(): use correct
  length to read dev_id (git-fixes).
- commit 809cb98
- ACPI: APEI: do not add task_work to kernel thread to avoid
  memory leak (git-fixes).
- lib/sg_pool: change module_init(sg_pool_init) to subsys_initcall
  (git-fixes).
- dt-bindings: crypto: ti,sa2ul: drop dma-coherent property
  (git-fixes).
- selftest: tpm2: Add Client.__del__() to close /dev/tpm* handle
  (git-fixes).
- crypto: cavium - prevent integer overflow loading firmware
  (git-fixes).
- crypto: marvell/octeontx - prevent integer overflows
  (git-fixes).
- crypto: inside-secure - Replace generic aes with libaes
  (git-fixes).
- Revert "/crypto: qat - reduce size of mapped region"/ (git-fixes).
- crypto: inside-secure - Change swab to swab32 (git-fixes).
- crypto: ccp - Release dma channels before dmaengine unrgister
  (git-fixes).
- crypto: akcipher - default implementation for setting a private
  key (git-fixes).
- crypto: qat - fix default value of WDT timer (git-fixes).
- crypto: hisilicon/zip - fix mismatch in get/set sgl_sge_nr
  (git-fixes).
- crypto: sahara - don't sleep when in softirq (git-fixes).
- drm/amdgpu/display: change pipe policy for DCN 2.1 (git-fixes).
- drm/i915: Reject unsupported TMDS rates on ICL+ (git-fixes).
- drm/amdgpu/display: change pipe policy for DCN 2.0 (git-fixes).
- drm/amd/display: Correct MPC split policy for DCN301
  (git-fixes).
- commit 353fbde
- Update
  patches.suse/mm-rmap-Fix-anon_vma-degree-ambiguity-leading-to-double-reuse.patch
  (CVE-2022-42703, bsc#1204168, git-fixes, bsc#1203098).
- commit fef8e31
- blacklist.conf: 30ea703a38ef x86/cpu: Include the header of init_ia32_feat_ctl()'s prototype
- commit fdb1f20
- misc: sgi-gru: fix use-after-free error in
  gru_set_context_option, gru_fault and gru_handle_user_call_os
  (CVE-2022-3424 bsc#1204166).
- commit bbc730f
- wifi: mac80211: fix crash in beacon protection for P2P-device
  (CVE-2022-42722 bsc#1204125).
- commit 38da0b9
- wifi: mac80211: fix MBSSID parsing use-after-free
  (CVE-2022-42719 bsc#1204051).
- commit bab6e58
- mac80211: fix memory leaks with element parsing (CVE-2022-42719
  bsc#1204051).
- commit f9a2be2
- wifi: mac80211: refactor elements parsing with parameter struct
  (CVE-2022-42719 bsc#1204051).
- mac80211: always allocate struct ieee802_11_elems
  (CVE-2022-42719 bsc#1204051).
- mac80211: mlme: find auth challenge directly (CVE-2022-42719
  bsc#1204051).
- mac80211: move CRC into struct ieee802_11_elems (CVE-2022-42719
  bsc#1204051).
- commit b28a982
- ipv4: Handle attempt to delete multipath route when fib_info
  contains an nh reference (bsc#1204171 CVE-2022-3435).
- commit 1b0c1c8
- selftests: net: fix nexthop warning cleanup double ip typo
  (bsc#1204171 CVE-2022-3435).
- commit e3962a5
- selftests: net: add delete nexthop route warning test
  (bsc#1204171 CVE-2022-3435).
- commit 85deab0
- wifi: cfg80211: avoid nontransmitted BSS list corruption
  (CVE-2022-42721 bsc#1204060).
- wifi: cfg80211: fix BSS refcounting bugs (CVE-2022-42720
  bsc#1204059).
- commit 82311e4
- net: ipv4: fix route with nexthop object delete warning
  (bsc#1204171 CVE-2022-3435).
- commit a94edc1
- Update metadata references
- commit 61773f9
- selftests/powerpc: Skip energy_scale_info test on older firmware
  (git-fixes).
- commit 1eff3d6
- Revert "/SUNRPC: Remove unreachable error condition"/ (git-fixes).
- NFS: Fix another fsync() issue after a server reboot
  (git-fixes).
- NFSv4: Fixes for nfs4_inode_return_delegation() (git-fixes).
- commit 80742b5
- blacklist.conf: and unwanted md patches
- commit 96bda12
- scsi: stex: Properly zero out the passthrough command structure
  (bsc#1203514 CVE-2022-40768).
- commit f2b2e4a
- ALSA: hda: Fix position reporting on Poulsbo (git-fixes).
- ALSA: usb-audio: Fix potential memory leaks (git-fixes).
- ALSA: usb-audio: Fix NULL dererence at error path (git-fixes).
- commit 6c7f2c9
- sbitmap: Avoid leaving waitqueue in invalid state in
  __sbq_wake_up() (git-fixes).
- commit 3c6ffc4
- staging: vt6655: fix some erroneous memory clean-up loops
  (git-fixes).
- virt: vbox: convert to use dev_groups (git-fixes).
- usb: mtu3: fix failed runtime suspend in host only mode
  (git-fixes).
- Revert "/usb: storage: Add quirk for Samsung Fit flash"/
  (git-fixes).
- usb: mon: make mmapped memory read only (git-fixes).
- xhci: Don't show warning for reinit on known broken suspend
  (git-fixes).
- xhci: dbc: Fix memory leak in xhci_alloc_dbc() (git-fixes).
- commit 4feb234
- usb: gadget: function: fix dangling pnp_string in f_printer.c
  (git-fixes).
- USB: serial: console: move mutex_unlock() before
  usb_serial_put() (git-fixes).
- usb: common: debug: Check non-standard control requests
  (git-fixes).
- tty: serial: fsl_lpuart: disable dma rx/tx use flags in
  lpuart_dma_shutdown (git-fixes).
- tty: xilinx_uartps: Fix the ignore_status (git-fixes).
- uas: ignore UAS for Thinkplus chips (git-fixes).
- usb-storage: Add Hiksemi USB3-FW to IGNORE_UAS (git-fixes).
- uas: add no-uas quirk for Hiksemi usb_disk (git-fixes).
- thunderbolt: Explicitly reset plug events delay back to USB4
  spec value (git-fixes).
- commit d8ee195
- soc: sunxi_sram: Make use of the helper function
  devm_platform_ioremap_resource() (git-fixes).
- Refresh
  patches.suse/soc-sunxi-sram-Prevent-the-driver-from-being-unbound.patch.
- commit a85e811
- spmi: pmic-arb: correct duplicate APID to PPID mapping logic
  (git-fixes).
- spmi: pmic-arb: do not ack and clear peripheral interrupts in
  cleanup_irq (git-fixes).
- slimbus: qcom-ngd: cleanup in probe error path (git-fixes).
- slimbus: qcom-ngd: use correct error in message of
  pdr_add_lookup() failure (git-fixes).
- soc: qcom: smem_state: Add refcounting for the 'state->of_node'
  (git-fixes).
- soc: qcom: smsm: Fix refcount leak bugs in qcom_smsm_probe()
  (git-fixes).
- soc: sunxi: sram: Fix probe function ordering issues
  (git-fixes).
- commit 3e1f43f
- serial: 8250: Fix restoring termios speed after suspend
  (git-fixes).
- drivers: serial: jsm: fix some leaks in probe (git-fixes).
- remoteproc: imx_rproc: Simplify some error message (git-fixes).
- sbitmap: fix possible io hung due to lost wakeup (git-fixes).
- platform/x86: msi-laptop: Fix resource cleanup (git-fixes).
- platform/x86: msi-laptop: Fix old-ec check for backlight
  registering (git-fixes).
- commit a448666
- misc: ocxl: fix possible refcount leak in afu_ioctl()
  (git-fixes).
- phy: qualcomm: call clk_disable_unprepare in the error handling
  (git-fixes).
- phy: amlogic: phy-meson-axg-mipi-pcie-analog: Hold reference
  returned by of_get_parent() (git-fixes).
- mtd: rawnand: atmel: Unmap streaming DMA mappings (git-fixes).
- mtd: rawnand: meson: fix bit map use in meson_nfc_ecc_correct()
  (git-fixes).
- mtd: rawnand: fsl_elbc: Fix none ECC mode (git-fixes).
- mtd: rawnand: intel: Don't re-define NAND_DATA_IFACE_CHECK_ONLY
  (git-fixes).
- mtd: rawnand: intel: Remove undocumented compatible string
  (git-fixes).
- mtd: rawnand: intel: Read the chip-select line from the correct
  OF node (git-fixes).
- mtd: devices: docg3: check the return value of devm_ioremap()
  in the probe (git-fixes).
- platform/x86: asus-wmi: Document the panel_od sysfs attribute
  (git-fixes).
- platform/x86: asus-wmi: Document the egpu_enable sysfs attribute
  (git-fixes).
- platform/x86: asus-wmi: Document the dgpu_disable sysfs
  attribute (git-fixes).
- platform/chrome: cros_ec_typec: Correct alt mode index
  (git-fixes).
- platform/chrome: fix memory corruption in ioctl (git-fixes).
- platform/chrome: fix double-free in chromeos_laptop_prepare()
  (git-fixes).
- platform/chrome: cros_ec_proto: Update version on GET_NEXT_EVENT
  failure (git-fixes).
- mmc: wmt-sdmmc: Fix an error handling path in wmt_mci_probe()
  (git-fixes).
- mmc: au1xmmc: Fix an error handling path in au1xmmc_probe()
  (git-fixes).
- net: usb: qmi_wwan: Add new usb-id for Dell branded EM7455
  (git-fixes).
- commit b26b1a7
- mailbox: bcm-ferxrm-mailbox: Fix error check for dma_map_sg
  (git-fixes).
- mailbox: mpfs: account for mbox offsets while sending
  (git-fixes).
- mailbox: mpfs: fix handling of the reg property (git-fixes).
- mfd: sm501: Add check for platform_driver_register()
  (git-fixes).
- mfd: fsl-imx25: Fix check for platform_get_irq() errors
  (git-fixes).
- mfd: lp8788: Fix an error handling path in lp8788_irq_init()
  and lp8788_irq_init() (git-fixes).
- mfd: lp8788: Fix an error handling path in lp8788_probe()
  (git-fixes).
- mfd: fsl-imx25: Fix an error handling path in
  mx25_tsadc_setup_irq() (git-fixes).
- mfd: intel_soc_pmic: Fix an error handling path in
  intel_soc_pmic_i2c_probe() (git-fixes).
- media: xilinx: vipp: Fix refcount leak in xvip_graph_dma_init
  (git-fixes).
- media: uvcvideo: Use entity get_cur in uvc_ctrl_set (git-fixes).
- media: uvcvideo: Fix memory leak in uvc_gpio_parse (git-fixes).
- media: meson: vdec: add missing clk_disable_unprepare on error
  in vdec_hevc_start() (git-fixes).
- media: cedrus: Fix endless loop in cedrus_h265_skip_bits()
  (git-fixes).
- media: cedrus: Set the platform driver data earlier (git-fixes).
- memory: of: Fix refcount leak bug in of_lpddr3_get_ddr_timings()
  (git-fixes).
- memory: of: Fix refcount leak bug in of_get_ddr_timings()
  (git-fixes).
- memory: pl353-smc: Fix refcount leak bug in pl353_smc_probe()
  (git-fixes).
- media: v4l2-compat-ioctl32.c: zero buffer passed to
  v4l2_compat_get_array_args() (git-fixes).
- commit f4e8a30
- iio: adc: ad7923: fix channel readings for some variants
  (git-fixes).
- iio: ltc2497: Fix reading conversion results (git-fixes).
- iio: dac: ad5593r: Fix i2c read protocol requirements
  (git-fixes).
- iio: magnetometer: yas530: Change data type of hard_offsets
  to signed (git-fixes).
- iio: ABI: Fix wrong format of differential capacitance channel
  ABI (git-fixes).
- iio: inkern: fix return value in
  devm_of_iio_channel_get_by_name() (git-fixes).
- iio: inkern: only release the device node when done with it
  (git-fixes).
- iio: adc: at91-sama5d2_adc: disable/prepare buffer on
  suspend/resume (git-fixes).
- iio: adc: at91-sama5d2_adc: lock around oversampling and sample
  freq (git-fixes).
- iio: adc: at91-sama5d2_adc: check return status for pressure
  and touch (git-fixes).
- commit b02859c
- firmware: google: Test spinlock on panic path to avoid lockups
  (git-fixes).
- iio: adc: at91-sama5d2_adc: fix AT91_SAMA5D2_MR_TRACKTIM_MAX
  (git-fixes).
- fpga: prevent integer overflow in dfl_feature_ioctl_set_irq()
  (git-fixes).
- dt-bindings: phy: qcom,qmp-usb3-dp: fix bogus clock-cells
  property (git-fixes).
- dt-bindings: phy: qcom,qmp: fix bogus clock-cells property
  (git-fixes).
- dt-bindings: mtd: intel: lgm-nand: Fix maximum chip select value
  (git-fixes).
- dt-bindings: mtd: intel: lgm-nand: Fix compatible string
  (git-fixes).
- HSI: omap_ssi_port: Fix dma_map_sg error check (git-fixes).
- HSI: omap_ssi: Fix refcount leak in ssi_probe (git-fixes).
- HID: multitouch: Add memory barriers (git-fixes).
- hid: hid-logitech-hidpp: avoid unnecessary assignments in
  hidpp_connect_event (git-fixes).
- drm/omap: dss: Fix refcount leak bugs (git-fixes).
- drm/msm/dp: correct 1.62G link rate at
  dp_catalog_ctrl_config_msa() (git-fixes).
- drm/msm/dp: Silence inconsistent indent warning (git-fixes).
- drm/msm/dpu: Fix comment typo (git-fixes).
- drm/msm/dpu: index dpu_kms->hw_vbif using vbif_idx (git-fixes).
- dt-bindings: display/msm: dpu-sdm845: add missing DPU opp-table
  (git-fixes).
- dt-bindings: display/msm: dpu-sc7180: add missing DPU opp-table
  (git-fixes).
- commit 71c6639
- drm/scheduler: quieten kernel-doc warnings (git-fixes).
- commit 95b96ec
- drm/amdgpu: add missing pci_disable_device() in
  amdgpu_pmops_runtime_resume() (git-fixes).
- drm/bridge: megachips: Fix a null pointer dereference bug
  (git-fixes).
- drm: fix drm_mipi_dbi build errors (git-fixes).
- drm/msm: Make .remove and .shutdown HW shutdown consistent
  (git-fixes).
- drm:pl111: Add of_node_put() when breaking out of
  for_each_available_child_of_node() (git-fixes).
- drm/bridge: parade-ps8640: Fix regulator supply order
  (git-fixes).
- drm/virtio: Unlock reservations on
  virtio_gpu_object_shmem_init() error (git-fixes).
- drm/mipi-dsi: Detach devices when removing the host (git-fixes).
- commit f6c9019
- clk: bcm2835: fix bcm2835_clock_rate_from_divisor declaration
  (git-fixes).
- clk: baikal-t1: Add SATA internal ref clock buffer (git-fixes).
- dmaengine: ioat: stop mod_timer from resurrecting deleted
  timer in __cleanup() (git-fixes).
- dmaengine: mxs: use platform_driver_register (git-fixes).
- dmaengine: hisilicon: Add multi-thread support for a DMA channel
  (git-fixes).
- dmaengine: hisilicon: Fix CQ head update (git-fixes).
- dmaengine: hisilicon: Disable channels when unregister hisi_dma
  (git-fixes).
- drm/bridge: Avoid uninitialized variable warning (git-fixes).
- drm/nouveau: fix a use-after-free in
  nouveau_gem_prime_import_sg_table() (git-fixes).
- drm: bridge: adv7511: fix CEC power down control register offset
  (git-fixes).
- commit 89292ab
- clk: baikal-t1: Add shared xGMAC ref/ptp clocks internal parent
  (git-fixes).
- clk: baikal-t1: Fix invalid xGMAC PTP clock divider (git-fixes).
- clk: vc5: Fix 5P49V6901 outputs disabling when enabling FOD
  (git-fixes).
- clk: imx: scu: fix memleak on platform_device_add() fails
  (git-fixes).
- clk: qcom: apss-ipq6018: mark apcs_alias0_core_clk as critical
  (git-fixes).
- clk: qcom: gcc-msm8916: use ARRAY_SIZE instead of specifying
  num_parents (git-fixes).
- clk: ast2600: BCLK comes from EPLL (git-fixes).
- clk: mediatek: mt8183: mfgcfg: Propagate rate changes to parent
  (git-fixes).
- clk: ti: dra7-atl: Fix reference leak in of_dra7_atl_clk_probe
  (git-fixes).
- commit c248e05
- clk: tegra20: Fix refcount leak in tegra20_clock_init
  (git-fixes).
- clk: tegra: Fix refcount leak in tegra114_clock_init
  (git-fixes).
- clk: tegra: Fix refcount leak in tegra210_clock_init
  (git-fixes).
- clk: sprd: Hold reference returned by of_get_parent()
  (git-fixes).
- clk: berlin: Add of_node_put() for of_get_parent() (git-fixes).
- clk: qoriq: Hold reference returned by of_get_parent()
  (git-fixes).
- clk: oxnas: Hold reference returned by of_get_parent()
  (git-fixes).
- clk: meson: Hold reference returned by of_get_parent()
  (git-fixes).
- ata: fix ata_id_has_dipm() (git-fixes).
- ata: fix ata_id_has_ncq_autosense() (git-fixes).
- ata: fix ata_id_has_devslp() (git-fixes).
- ata: fix ata_id_sense_reporting_enabled() and
  ata_id_has_sense_reporting() (git-fixes).
- ASoC: mt6660: Fix PM disable depth imbalance in mt6660_i2c_probe
  (git-fixes).
- ASoC: wm5102: Fix PM disable depth imbalance in wm5102_probe
  (git-fixes).
- ASoC: wm5110: Fix PM disable depth imbalance in wm5110_probe
  (git-fixes).
- ASoC: wm8997: Fix PM disable depth imbalance in wm8997_probe
  (git-fixes).
- ASoC: codecs: tx-macro: fix kcontrol put (git-fixes).
- ASoC: da7219: Fix an error handling path in
  da7219_register_dai_clks() (git-fixes).
- ASoC: eureka-tlv320: Hold reference returned from of_find_xxx
  API (git-fixes).
- ASoC: wm_adsp: Handle optional legacy support (git-fixes).
- commit 8f6277f
- Move upstreamed DRM, NVMe and sound patches into sorted section
- commit 48ff6f0
- arm64: ftrace: fix module PLTs with mcount (git-fixes).
- ARM: Drop CMDLINE_* dependency on ATAGS (git-fixes).
- ARM: dts: exynos: fix polarity of VBUS GPIO of Origen
  (git-fixes).
- ARM: dts: exynos: correct s5k6a3 reset polarity on Midas family
  (git-fixes).
- ARM: dts: turris-omnia: Add label for wan port (git-fixes).
- ARM: dts: armada-38x: Add gpio-ranges for pin muxing
  (git-fixes).
- ARM: dts: kirkwood: lsxl: remove first ethernet port
  (git-fixes).
- ARM: dts: kirkwood: lsxl: fix serial line (git-fixes).
- ARM: dts: turris-omnia: Fix mpp26 pin name and comment
  (git-fixes).
- arm64: dts: qcom: sc7280: Cleanup the lpasscc node (git-fixes).
- arm64: dts: ti: k3-j7200: fix main pinmux range (git-fixes).
- ARM: dts: imx6qdl-kontron-samx6i: hook up DDC i2c bus
  (git-fixes).
- ARM: defconfig: drop CONFIG_USB_FSL_USB2 (git-fixes).
- ARM: defconfig: drop CONFIG_PTP_1588_CLOCK=y (git-fixes).
- ARM: defconfig: drop CONFIG_SERIAL_OMAP references (git-fixes).
- ARM: defconfig: clean up multi_v4t and multi_v5 configs
  (git-fixes).
- ASoC: rsnd: Add check for rsnd_mod_power_on (git-fixes).
- ASoC: tas2764: Fix mute/unmute (git-fixes).
- ASoC: tas2764: Drop conflicting set_bias_level power setting
  (git-fixes).
- ASoC: tas2764: Allow mono streams (git-fixes).
- ASoC: fsl_sai: Remove unnecessary FIFO reset in ISR (git-fixes).
- ASoC: mt6359: fix tests for platform_get_irq() failure
  (git-fixes).
- ALSA: hda/hdmi: Don't skip notification handling during PM
  operation (git-fixes).
- ALSA: dmaengine: increment buffer pointer atomically
  (git-fixes).
- ALSA: asihpi - Remove useless code in hpi_meter_get_peak()
  (git-fixes).
- ASoC: wcd934x: fix order of Slimbus unprepare/disable
  (git-fixes).
- ASoC: wcd9335: fix order of Slimbus unprepare/disable
  (git-fixes).
- ARM: dts: integrator: Tag PCI host with device_type (git-fixes).
- commit 5a02ba2
- i40e: Fix dropped jumbo frames statistics (git-fixes).
- commit b407b7d
- net: bonding: fix use-after-free after 802.3ad slave unbind
  (git-fixes).
- commit 05b9579
- net: bonding: fix possible NULL deref in rlb code (git-fixes).
- commit 8542934
- net: dp83822: disable rx error interrupt (git-fixes).
- commit f74888c
- net: dp83822: disable false carrier interrupt (git-fixes).
- commit ba1cc16
- net: dsa: bcm_sf2: force pause link settings (git-fixes).
- commit 5258d4a
- net/dsa/hirschmann: Add missing of_node_get() in
  hellcreek_led_setup() (git-fixes).
- commit 29e4721
- ice: Fix switchdev rules book keeping (git-fixes).
- commit 5c21799
- igb: Make DMA faster when CPU is active on the PCIe link
  (git-fixes).
- commit db90cd9
- bonding: ARP monitor spams NETDEV_NOTIFY_PEERS notifiers
  (git-fixes).
- commit da7ba2e
- igb: fix a use-after-free issue in igb_clean_tx_ring
  (git-fixes).
- commit 12acd2f
- net: bgmac: Fix an erroneous kfree() in bgmac_remove()
  (git-fixes).
- commit 547f6a9
- mlxsw: spectrum_cnt: Reorder counter pools (git-fixes).
- commit f2c7808
- net: hns3: don't push link state to VF if unalive (git-fixes).
- commit 7f6680c
- net: hns3: set port base vlan tbl_sta to false before removing
  old vlan (git-fixes).
- commit 8c8d58b
- i40e: Fix call trace in setup_tx_descriptors (git-fixes).
- commit 7d70f11
- ixgbe: fix unexpected VLAN Rx in promisc mode on VF (git-fixes).
- commit 6a72a8e
- ixgbe: fix bcast packets Rx on VF after promisc removal
  (git-fixes).
- commit ddb5b75
- net: dsa: mv88e6xxx: use BMSR_ANEGCOMPLETE bit for filling
  an_complete (git-fixes).
- commit b8286fc
- net: altera: Fix refcount leak in altera_tse_mdio_create
  (git-fixes).
- commit e80ff1b
- net/mlx4_en: Fix wrong return value on ioctl EEPROM query
  failure (git-fixes).
- commit a76859c
- net: dsa: lantiq_gswip: Fix refcount leak in gswip_gphy_fw_list
  (git-fixes).
- commit 04259d9
- stmmac: intel: Fix an error handling path in
  intel_eth_pci_probe() (git-fixes).
- commit fed21d9
- net: ethernet: bgmac: Fix refcount leak in
  bcma_mdio_mii_register (git-fixes).
- commit 2227ee5
- net: bgmac: support MDIO described in DT (git-fixes).
- commit bf1f5f9
- drm/nouveau: wait for the exclusive fence after the shared ones v2 (bsc#1152472)
  Backporting notes:
  * context changes
- commit 0261ec2
- drm/amd/display: Changed pipe split policy to allow for multi-display (bsc#1152472)
  Backporting notes:
  * remove changes to non-existing 201 and 31 directories
- commit e6a9bdd
- drm/amdgpu/gfx9: switch to golden tsc registers for renoir+ (bsc#1152472)
  Backporting notes:
  * replace IP_VERSION() with CHIP_ constants
- commit d27747b
- blacklist.conf: Append 'drm/bridge: Add stubs for devm_drm_of_get_bridge when OF is disabled'
- commit e1d0d55
- blacklist.conf: Append 'drm/amd/display: Fix wrong format specifier in amdgpu_dm.c'
- commit debed4c
- blacklist.conf: Append 'drm/amdgpu: Fix resource leak on probe error path'
- commit 116f3cc
- drm/amdgpu/gfx10: add wraparound gpu counter check for APUs as well (bsc#1152472)
  Backporting notes:
  * also fix default branch
- commit 0bf8eb3
- drm/i915/hdmi: convert intel_hdmi_to_dev to intel_hdmi_to_i915 (bsc#1152489)
  Backporting notes:
  * update additional patch on top
- commit 1550ef2
- Update
  patches.suse/ACPI-processor-idle-Practically-limit-Dummy-wait-wor.patch
  (bsc#1203767,bsc#1203802).
- commit c6ebacb
- nvme: ensure subsystem reset is single threaded (bsc#1203290
  CVE-2022-3169).
- commit f73d666
- nvme: restrict management ioctls to admin (bsc#1203290
  CVE-2022-3169).
- commit c28a770
- net/mlx5e: Update netdev features after changing XDP state
  (git-fixes).
- commit 5d7478c
- net/mlx5e: Disable softirq in mlx5e_activate_rq to avoid race
  condition (git-fixes).
- commit 92e1426
- hinic: Avoid some over memory allocation (git-fixes).
- commit 41f381d
- net: huawei: hinic: Use devm_kcalloc() instead of devm_kzalloc()
  (git-fixes).
- commit b92d6d0
- net: chelsio: cxgb4: Avoid potential negative array offset
  (git-fixes).
- commit 4cc759d
- net/mlx5e: TC, fix decap fallback to uplink when int port not
  supported (git-fixes).
- commit 35c9b8d
- net: dsa: ksz9477: port mirror sniffing limited to one port
  (git-fixes).
- commit 9996ff6
- nvme: don't print verbose errors for internal passthrough
  requests (bsc#1202187).
- commit eaa4989
- blacklist.conf: update the list
- commit 78eff9b
- s390/smp: enforce lowcore protection on CPU restart (git-fixes).
- KVM: s390: pv: don't present the ecall interrupt twice
  (bsc#1203229 LTC#199905).
- commit aed7a32
- media: platform: mtk-mdp: Fix mdp_ipi_comm structure alignment.
- commit 20a025b
- Clean up kernel-config settings via run_oldconfig.sh
  Invoke run_oldconfig.sh to clean the kernel-config settings from
  unset symbols. Otherwise these settings interfere with actual config
  changes.
- commit 8a799ae
- blacklist.conf: not relevant in our configurations
- commit 586058b
- media: imx-jpeg: Disable slot interrupt when frame done
  (git-fixes).
- commit 36d622f
- media: imx-jpeg: Refactor function mxc_jpeg_parse (git-fixes).
- commit e2ddfcf
- media: imx-jpeg: Fix potential array out of bounds in
  queue_setup (git-fixes).
- commit 8041860
- media: imx-jpeg: Add pm-sleep support for imx-jpeg (git-fixes).
- commit d514aa5
- x86/ibt,ftrace: Make function-graph play nice (bsc#1203969).
- commit c020446
- media: imx-jpeg: Leave a blank space before the configuration
  data (git-fixes).
- commit a2d45c7
- blacklist.conf: Append 'sysfb: Enable boot time VESA graphic mode selection'
- commit b93ba64
- media: imx-jpeg: Correct some definition according specification
  (git-fixes).
- commit bdf4126
- blacklist.conf: not relevant in our configurations
- commit 8171bfe
- media: vsp1: Fix offset calculation for plane cropping.
- commit dc309b5
- media: exynos4-is: Change clk_disable to clk_disable_unprepare
  (git-fixes).
- commit 332ca3f
- media: st-delta: Fix PM disable depth imbalance in delta_probe
  (git-fixes).
- commit 30518b0
- media: exynos4-is: Fix PM disable depth imbalance in
  fimc_is_probe (git-fixes).
- commit f62e31e
- media: aspeed: Fix an error handling path in
  aspeed_video_probe() (git-fixes).
- commit c014d5c
- media: coda: Add more H264 levels for CODA960 (git-fixes).
- commit 75d6462
- media: coda: Fix reported H264 profile (git-fixes).
- commit 1533555
- Revert "/constraints: increase disk space for all architectures"/
  (bsc#1203693).
  This reverts commit 43a9011f904bc7328d38dc340f5e71aecb6b19ca.
- commit 3d33373
- blacklist.conf: Append 'fbdev: Hot-unplug firmware fb devices on forced removal'
- commit 0b6410b
- blacklist.conf: Append 'Revert "/fbdev: fbmem: add a helper to determine if an aperture is used by a fw fb"/'
- commit b1ae504
- spi: s3c64xx: Fix large transfers with DMA (git-fixes).
- vhost/vsock: Use kvmalloc/kvfree for larger packets (git-fixes).
- wifi: rtl8xxxu: Improve rtl8xxxu_queue_select (git-fixes).
- wifi: rtl8xxxu: Fix AIFS written to REG_EDCA_*_PARAM
  (git-fixes).
- wifi: ath11k: fix number of VHT beamformee spatial streams
  (git-fixes).
- wifi: mt76: mt7915: do not check state before configuring
  implicit beamform (git-fixes).
- wifi: mt76: mt7615: add mt7615_mutex_acquire/release in
  mt7615_sta_set_decap_offload (git-fixes).
- wifi: mt76: sdio: fix transmitting packet hangs (git-fixes).
- wifi: rtl8xxxu: Remove copy-paste leftover in
  gen2_update_rate_mask (git-fixes).
- wifi: rtl8xxxu: gen2: Fix mistake in path B IQ calibration
  (git-fixes).
- wifi: rtl8xxxu: Fix skb misuse in TX queue selection
  (git-fixes).
- wifi: rtw88: add missing destroy_workqueue() on error path in
  rtw_core_init() (git-fixes).
- wifi: rtl8xxxu: tighten bounds checking in rtl8xxxu_read_efuse()
  (git-fixes).
- wifi: ath10k: add peer map clean up for peer delete in
  ath10k_sta_state() (git-fixes).
- wifi: mac80211: allow bw change during channel switch in mesh
  (git-fixes).
- wifi: rtlwifi: 8192de: correct checking of IQK reload
  (git-fixes).
- commit 3bb5d97
- spi/omap100k:Fix PM disable depth imbalance in
  omap1_spi100k_probe (git-fixes).
- spi: dw: Fix PM disable depth imbalance in dw_spi_bt1_probe
  (git-fixes).
- spi: meson-spicc: do not rely on busy flag in pow2 clk ops
  (git-fixes).
- spi: qup: add missing clk_disable_unprepare on error in
  spi_qup_pm_resume_runtime() (git-fixes).
- spi: qup: add missing clk_disable_unprepare on error in
  spi_qup_resume() (git-fixes).
- spi: mt7621: Fix an error message in mt7621_spi_probe()
  (git-fixes).
- regulator: qcom_rpm: Fix circular deferral regression
  (git-fixes).
- net: wwan: iosm: Call mutex_init before locking it (git-fixes).
- mwifiex: fix sleep in atomic context bugs caused by
  dev_coredumpv (git-fixes).
- net: thunderbolt: Enable DMA paths only after rings are enabled
  (git-fixes).
- commit e714654
- hwmon: (pmbus/mp2888) Fix sensors readouts for MPS Multi-phase
  mp2888 controller (git-fixes).
- hwmon: (gsc-hwmon) Call of_node_get() before of_find_xxx API
  (git-fixes).
- i2c: mlxbf: support lock mechanism (git-fixes).
- mISDN: fix use-after-free bugs in l1oip timer handlers
  (git-fixes).
- eth: alx: take rtnl_lock on resume (git-fixes).
- Bluetooth: hci_core: Fix not handling link timeouts propertly
  (git-fixes).
- Bluetooth: hci_{ldisc,serdev}: check percpu_init_rwsem()
  failure (git-fixes).
- Bluetooth: btusb: mediatek: fix WMT failure during runtime
  suspend (git-fixes).
- can: rx-offload: can_rx_offload_init_queue(): fix typo
  (git-fixes).
- commit ac7ee01
- blacklist.conf: df5b035b5683 x86/cacheinfo: Add a cpu_llc_shared_mask() UP variant
- commit bc73e4e
- blacklist.conf: 00da0cb385d0 Documentation/ABI: Mention retbleed vulnerability info file for sysfs
- commit 4726e8f
- Drop the ACPI patch temporarily as it causes a regression (bsc#1203794)
  Delete patches.suse/ACPI-resource-skip-IRQ-override-on-AMD-Zen-platforms.patch
- commit 8842ef4
- fbcon: Fix accelerated fbdev scrolling while logo is still shown (bsc#1152472)
- commit 7656242
- parisc/stifb: Fix fb_is_primary_device() only available with (bsc#1152489)
- commit dee3343
- parisc/stifb: Keep track of hardware path of graphics card (bsc#1152489)
- commit daa8575
- parisc/stifb: Implement fb_is_primary_device() (bsc#1152489)
- commit f86cf76
- fbcon: Add option to enable legacy hardware acceleration (bsc#1152472)
  Backporting changes:
  * context fixes in other patch
  * update config
- commit 68203bf
- parisc/sticon: fix reverse colors (bsc#1152489)
- commit f94c66b
- char: pcmcia: synclink_cs: Fix use-after-free in mgslpc_ops
  (CVE-2022-41848 bsc#1203987).
- commit a144c48
- fbdev: smscufx: Fix use-after-free in ufx_ops_open()
  (CVE-2022-41849 bsc#1203992).
- commit db3bfe7
- net: mana: Add rmb after checking owner bits (git-fixes).
- commit 85bfc78
- Makefile.debug: re-enable debug info for .S files (git-fixes).
- commit 50458f2
- powerpc/pseries/vas: Pass hw_cpu_id to node associativity HCALL
  (bsc#1194869).
- commit 48283d1
- usb: dwc3: gadget: Don't modify GEVNTCOUNT in pullup()
  (git-fixes).
- Refresh
  patches.suse/usb-dwc3-gadget-Avoid-duplicate-requests-to-enable-R.patch.
- commit 0719451
- usb: typec: ucsi: Remove incorrect warning (git-fixes).
- media: rkvdec: Disable H.264 error detection (git-fixes).
- media: dvb_vb2: fix possible out of bound access (git-fixes).
- ASoC: cs42l42: Only report button state if there was a button
  interrupt (git-fixes).
- commit 06be809
- net: mana: Add support of XDP_REDIRECT action (bug#1201310, jsc#PED-529).
- commit 209f0a1
- Add cherry-picked commit id for an AMDGPU patch (git-fixes)
- commit 505fbbc
- usb: dwc3: gadget: Refactor pullup() (git-fixes).
- commit f481a77
- usb: dwc3: gadget: Avoid starting DWC3 gadget during UDC unbind
  (git-fixes).
- Refresh
  patches.suse/usb-dwc3-gadget-Avoid-duplicate-requests-to-enable-R.patch.
- Refresh
  patches.suse/usb-dwc3-gadget-Prevent-repeat-pullup.patch.
- commit 6d90a05
- wifi: mac80211: fix regression with non-QoS drivers (git-fixes).
- selftests: Fix the if conditions of in test_extra_filter()
  (git-fixes).
- net: phy: Don't WARN for PHY_UP state in mdio_bus_phy_resume()
  (git-fixes).
- usbnet: Fix memory leak in usbnet_disconnect() (git-fixes).
- reset: imx7: Fix the iMX8MP PCIe PHY PERST support (git-fixes).
- soc: sunxi: sram: Fix debugfs info for A64 SRAM C (git-fixes).
- soc: sunxi: sram: Prevent the driver from being unbound
  (git-fixes).
- soc: sunxi: sram: Actually claim SRAM regions (git-fixes).
- serial: tegra-tcu: Use uart_xmit_advance(), fixes icount.tx
  accounting (git-fixes).
- serial: tegra: Use uart_xmit_advance(), fixes icount.tx
  accounting (git-fixes).
- serial: Create uart_xmit_advance() (git-fixes).
- USB: serial: option: add Quectel RM520N (git-fixes).
- USB: serial: option: add Quectel BG95 0x0203 composition
  (git-fixes).
- thunderbolt: Add support for Intel Maple Ridge single port
  controller (git-fixes).
- Revert "/usb: add quirks for Lenovo OneLink+ Dock"/ (git-fixes).
- usb: add quirks for Lenovo OneLink+ Dock (git-fixes).
- commit ce89825
- gpio: mvebu: Fix check for pwm support on non-A8K platforms
  (git-fixes).
- Input: snvs_pwrkey - fix SNVS_HPVIDR1 register address
  (git-fixes).
- Input: iqs62x-keys - drop unused device node references
  (git-fixes).
- Input: melfas_mip4 - fix return value check in mip4_probe()
  (git-fixes).
- libata: add ATA_HORKAGE_NOLPM for Pioneer BDR-207M and BDR-205
  (git-fixes).
- mmc: hsq: Fix data stomping during mmc recovery (git-fixes).
- mmc: moxart: fix 4-bit bus width and remove 8-bit bus width
  (git-fixes).
- commit 02160f0
- drm/i915/gt: Restrict forced preemption to the active context
  (git-fixes).
- Revert "/drm: bridge: analogix/dp: add panel prepare/unprepare
  in suspend/resume time"/ (git-fixes).
- drm/bridge: lt8912b: fix corrupted image output (git-fixes).
- drm/bridge: lt8912b: set hdmi or dvi mode (git-fixes).
- drm/bridge: lt8912b: add vsync hsync (git-fixes).
- Revert "/firmware: arm_scmi: Add clock management to the SCMI
  power domain"/ (git-fixes).
- drm/amdgpu: don't register a dirty callback for non-atomic
  (git-fixes).
- firmware: arm_scmi: Fix the asynchronous reset requests
  (git-fixes).
- firmware: arm_scmi: Harden accesses to the reset domains
  (git-fixes).
- commit 509f7ae
- clk: iproc: Do not rely on node name for correct PLL setup
  (git-fixes).
- clk: imx: imx6sx: remove the SET_RATE_PARENT flag for QSPI
  clocks (git-fixes).
- clk: ingenic-tcu: Properly enable registers before accessing
  timers (git-fixes).
- arm64: dts: qcom: sm8350: fix UFS PHY serdes size (git-fixes).
- ARM: dts: am33xx: Fix MMCHS0 dma properties (git-fixes).
- ASoC: tas2770: Reinit regcache on reset (git-fixes).
- ASoC: imx-card: Fix refcount issue with of_node_put (git-fixes).
- drm/rockchip: Fix return type of cdn_dp_connector_mode_valid
  (git-fixes).
- drm/gma500: Fix BUG: sleeping function called from invalid
  context errors (git-fixes).
- drm/amdgpu: make sure to init common IP before gmc (git-fixes).
- drm/amd/display: Mark dml30's UseMinimumDCFCLK() as noinline
  for stack usage (git-fixes).
- drm/amd/display: Reduce number of arguments of dml31's
  CalculateFlipSchedule() (git-fixes).
- drm/amd/display: Reduce number of arguments of dml31's
  CalculateWatermarksAndDRAMSpeedChangeSupport() (git-fixes).
- drm/amd/display: Limit user regamma to a valid value
  (git-fixes).
- drm/amdgpu: use dirty framebuffer helper (git-fixes).
- drm/amd/pm: disable BACO entry/exit completely on several
  sienna cichlid cards (git-fixes).
- drm/amd/amdgpu: fixing read wrong pf2vf data in SRIOV
  (git-fixes).
- drm/amdgpu: Separate vf2pf work item init from virt data
  exchange (git-fixes).
- commit 931f4f4
- Add blacklist and alt-commit for ASoC cs35l41 patches (bsc#1203699)
- commit b1bfeae
- net: mana: Add the Linux MANA PF driver (bug#1201309, jsc#PED-529).
- commit 6f3c833
- scsi: smartpqi: Add module param to disable managed ints
  (bsc#1203893).
- commit e1af9a1
- scsi: lpfc: Update lpfc version to 14.2.0.7 (bsc#1203939).
- scsi: lpfc: Fix various issues reported by tools (bsc#1203939).
- scsi: lpfc: Add reporting capability for Link Degrade Signaling
  (bsc#1203939).
- scsi: lpfc: Rework FDMI attribute registration for unintential
  padding (bsc#1203939).
- scsi: lpfc: Rework lpfc_fdmi_cmd() routine for cleanup and
  consistency (bsc#1203939).
- scsi: lpfc: Rename mp/bmp dma buffers to rq/rsp in lpfc_fdmi_cmd
  (bsc#1203939).
- scsi: lpfc: Update congestion mode logging for Emulex SAN
  Manager application (bsc#1203939).
- scsi: lpfc: Move scsi_host_template outside dynamically
  allocated/freed phba (bsc#1185032 bsc#1203939).
  Dropped:
  patches.suse/lpfc-decouple-port_template-and-vport_template.patch
- scsi: lpfc: Fix multiple NVMe remoteport registration calls
  for the same NPort ID (bsc#1203939).
- scsi: lpfc: Add missing free iocb and nlp kref put for early
  return VMID cases (bsc#1203939).
- scsi: lpfc: Fix mbuf pool resource detected as busy at driver
  unload (bsc#1203939).
- scsi: lpfc: Fix FLOGI ACC with wrong SID in PT2PT topology
  (bsc#1203939).
- scsi: lpfc: Fix prli_fc4_req checks in PRLI handling
  (bsc#1203939).
- scsi: lpfc: Remove unneeded result variable (bsc#1203939).
- scsi: lpfc: Remove the unneeded result variable (bsc#1203939).
- commit 23fee86
- supported.conf: mark spi-pxa2xx-platform as supported (bsc#1203699)
  It's required for the sound on recent Intel machines
- commit d17d5e0
- scsi: lpfc: Add missing destroy_workqueue() in error path
  (bsc#1203939).
- scsi: lpfc: Return DID_TRANSPORT_DISRUPTED instead of
  DID_REQUEUE (bsc#1203939).
- commit 495ecbc
- wifi: cfg80211: ensure length byte is present before access
  (CVE-2022-41674 bsc#1203770).
- wifi: cfg80211/mac80211: reject bad MBSSID elements
  (CVE-2022-41674 bsc#1203770).
- wifi: cfg80211: fix u8 overflow in
  cfg80211_update_notlisted_nontrans() (CVE-2022-41674
  bsc#1203770).
- commit 79b409a
- scsi: qla2xxx: Remove unused declarations for qla2xxx
  (bsc#1203935).
- scsi: qla2xxx: Fix spelling mistake "/definiton"/ -> "/definition"/
  (bsc#1203935).
- scsi: qla2xxx: Drop DID_TARGET_FAILURE use (bsc#1203935).
- scsi: qla2xxx: Update version to 10.02.07.900-k (bsc#1203935).
- scsi: qla2xxx: Define static symbols (bsc#1203935).
- scsi: qla2xxx: Enhance driver tracing with separate tunable
  and more (bsc#1203935).
- scsi: qla2xxx: Add NVMe parameters support in Auxiliary Image
  Status (bsc#1203935).
- scsi: qla2xxx: Add debugfs create/delete helpers (bsc#1203935).
- scsi: qla2xxx: Fix response queue handler reading stale packets
  (bsc#1203935).
- scsi: qla2xxx: Revert "/scsi: qla2xxx: Fix response queue
  handler reading stale packets"/ (bsc#1203935).
- scsi: qla2xxx: Log message "/skipping scsi_scan_host()"/ as
  informational (bsc#1203935).
- scsi: qla2xxx: Avoid flush_scheduled_work() usage (bsc#1203935).
- scsi: qla2xxx: Always wait for qlt_sess_work_fn() from
  qlt_stop_phase1() (bsc#1203935).
- scsi: qla2xxx: Remove unused qlt_tmr_work() (bsc#1203935).
- scsi: qla2xxx: Remove unused del_sess_list field (bsc#1203935).
- commit 76fee71
- scsi: qla2xxx: Fix memory leak in __qlt_24xx_handle_abts()
  (bsc#1203935).
- scsi: qla2xxx: Disable ATIO interrupt coalesce for quad port
  ISP27XX (bsc#1203935).
- commit df43957
- cgroup: Add missing cpus_read_lock() to cgroup_attach_task_all()
  (bsc#1196869).
- commit 421a33e
- ALSA: hda/realtek: More robust component matching for CS35L41
  (bsc#1203699).
- commit 13ee63f
- kABI: fix adding another field to scsi_device (bsc#1203039).
- scsi: core: Add BLIST_NO_ASK_VPD_SIZE for some VDASD
  (bsc#1203039).
- Refresh
  patches.kabi/blk-mq-fix-kabi-support-concurrent-queue-quiesce-unquiesce.patch.
- Refresh patches.kabi/kABI-fix-adding-field-to-scsi_device.patch.
- commit 38a6998
- mm: Fix PASID use-after-free issue (bsc#1203908).
- commit e2ea645
- cgroup: cgroup_get_from_id() must check the looked-up kn is
  a directory (bsc#1203906).
- commit 2c277d7
- spi: propagate error code to the caller of
  acpi_spi_device_alloc() (bsc#1203699).
- spi: Return deferred probe error when controller isn't yet
  available (bsc#1203699).
- commit 719f957
- cgroup: Fix threadgroup_rwsem <-> cpus_read_lock() deadlock
  (bsc#1196869).
- commit 20ffc1f
- kABI workaround for spi changes (bsc#1203699).
- commit 57d4f4f
- cgroup: Fix race condition at rebind_subsystems() (bsc#1203902).
- commit ec3105d
- ALSA: hda/realtek: Add quirk for HP Zbook Firefly 14 G9 model
  (bsc#1203699).
- commit 274acc0
- cs-dsp and serial-multi-instantiate enablement (bsc#1203699)
- Update config files
- Update supported.conf
- commit 6b0538d
- platform/x86: serial-multi-instantiate: Add CLSA0101 Laptop
  (bsc#1203699).
- ACPI: scan: Add CLSA0101 Laptop Support (bsc#1203699).
- ACPI / scan: Create platform device for CS35L41 (bsc#1203699).
- platform/x86: serial-multi-instantiate: Add SPI support
  (bsc#1203699).
- platform/x86: serial-multi-instantiate: Reorganize I2C functions
  (bsc#1203699).
- platform/x86: i2c-multi-instantiate: Rename it for a generic
  serial driver name (bsc#1203699).
- spi: Add API to count spi acpi resources (bsc#1203699).
- spi: Support selection of the index of the ACPI Spi Resource
  before alloc (bsc#1203699).
- spi: Create helper API to lookup ACPI info for spi device
  (bsc#1203699).
- i2c: acpi: Add an i2c_acpi_client_count() helper function
  (bsc#1203699).
- commit 66cfc1c
- ALSA: hda/cs8409: Support new Dolphin Variants (bsc#1203699).
- ALSA: hda/realtek: Add quirk for Lenovo Yoga7 14IAL7
  (bsc#1203699).
- ALSA: hda: cs35l41: Clarify support for CSC3551 without _DSD
  Properties (bsc#1203699).
- ALSA: hda/realtek: Add quirks for ASUS Zenbooks using CS35L41
  (bsc#1203699).
- ASoC: cs35l41: Read System Name from ACPI _SUB to identify
  firmware (bsc#1203699).
- commit 3025b3b
- ALSA: hda: cs35l41: Support CLSA0101 (bsc#1203699).
- Refresh
  patches.suse/ALSA-hda-realtek-Add-quirk-for-Lenovo-Yoga9-14IAP7.patch.
- commit d934822
- ACPI: utils: Add api to read _SUB from ACPI (bsc#1203699).
- ALSA: hda: cs35l41: Use the CS35L41 HDA internal define
  (bsc#1203699).
- ALSA: hda/realtek: Enable speaker and mute LEDs for HP laptops
  (bsc#1203699).
- commit 6e401a7
- Revert "/ALSA: hda: cs35l41: Allow compilation test on non-ACPI
  configurations"/ (bsc#1203699).
- ALSA: hda: cs35l41: Add module parameter to control firmware
  load (bsc#1203699).
- ALSA: hda: cs35l41: Support Firmware switching and reloading
  (bsc#1203699).
- ALSA: hda: cs35l41: Add defaulted values into dsp bypass config
  sequence (bsc#1203699).
- ALSA: hda: hda_cs_dsp_ctl: Add fw id strings (bsc#1203699).
- ALSA: hda: cs35l41: Read Speaker Calibration data from UEFI
  variables (bsc#1203699).
- ALSA: hda: cs35l41: Support Hibernation during Suspend
  (bsc#1203699).
- commit 8707600
- ASoC: cs35l41: Add support for CLSA3541 ACPI device ID
  (bsc#1203699).
- ASoC: cs35l41: Do not print error when waking from hibernation
  (bsc#1203699).
- ASoC: cs35l41: Add common cs35l41 enter hibernate function
  (bsc#1203699).
- ASoC: cs35l41: Move cs35l41 exit hibernate function into shared
  code (bsc#1203699).
- ALSA: hda: cs35l41: Support Speaker ID for laptops
  (bsc#1203699).
- ALSA: hda: cs35l41: Support multiple load paths for firmware
  (bsc#1203699).
- ALSA: hda: cs35l41: Support reading subsystem id from ACPI
  (bsc#1203699).
- ALSA: hda: cs35l41: Save Subsystem ID inside CS35L41 Driver
  (bsc#1203699).
- ALSA: hda: cs35l41: Add initial DSP support and firmware loading
  (bsc#1203699).
- ALSA: hda: cs35l41: Save codec object inside component struct
  (bsc#1203699).
- ALSA: hda: hda_cs_dsp_ctl: Add apis to write the controls
  directly (bsc#1203699).
- ALSA: hda: hda_cs_dsp_ctl: Add Library to support CS_DSP ALSA
  controls (bsc#1203699).
- ALSA: hda: cs35l41: Consolidate selections under
  SND_HDA_SCODEC_CS35L41 (bsc#1203699).
- ALSA: hda: cs35l41: Drop wrong use of ACPI_PTR() (bsc#1203699).
- ALSA: hda: cs35l41: Allow compilation test on non-ACPI
  configurations (bsc#1203699).
- ALSA: hda: cs35l41: Don't dereference fwnode handle
  (bsc#1203699).
- ALSA: hda: cs35l41: Improve dev_err_probe() messaging
  (bsc#1203699).
- ALSA: hda: cs35l41: Fix comments wrt serial-multi-instantiate
  reference (bsc#1203699).
- commit 0179f7c
- ALSA: hda/cs8409: change cs8409_fixups v.pins initializers to
  static (bsc#1203699).
- ASoC: cs35l41: Add ASP TX3/4 source to register patch
  (bsc#1203699).
- ASoC: cs35l41: Correct some control names (bsc#1203699).
- ASoC: cs35l41: Add endianness flag in snd_soc_component_driver
  (bsc#1203699).
- commit f2b0e66
- ASoC: cs35l41: Fix an out-of-bounds access in
  otp_packed_element_t (bsc#1203699).
- ASoC: cs35l41: Add one more variable in the debug log
  (bsc#1203699).
- commit a26b9a2
- ALSA: hda/realtek: Enable mute/micmute LEDs support for HP
  Laptops (bsc#1203699).
- Refresh
  patches.suse/ALSA-hda-realtek-Add-a-quirk-for-HP-OMEN-16-8902-mut.patch.
- commit 342e19c
- ALSA: hda/realtek: Fix mute led issue on thinkpad with cs35l41
  s-codec (bsc#1203699).
- commit 0fd2db1
- ALSA: hda: cs35l41: Add Amp Name based on channel and index
  (bsc#1203699).
- ASoC: cs35l41: Move cs_dsp config struct into shared code
  (bsc#1203699).
- ALSA: hda/realtek: Enable mute/micmute LEDs and limit mic
  boost on EliteBook 845/865 G9 (bsc#1203699).
- ASoC: cs35l41: Fix a shift-out-of-bounds warning found by UBSAN
  (bsc#1203699).
- ASoC: cs35l41: Add one more variable in the debug log
  (bsc#1203699).
- commit 4800a47
- ASoC: cs35l41: Move cs35l41 fs errata into shared code
  (bsc#1203699).
- ASoC: cs35l41: Move cs35l41_set_cspl_mbox_cmd to shared code
  (bsc#1203699).
- ALSA: hda: cs35l41: Enable GPIO2 Interrupt for CLSA0100 laptops
  (bsc#1203699).
- ALSA: hda: cs35l41: Add Support for Interrupts (bsc#1203699).
- ALSA: hda: cs35l41: Remove Set Channel Map api from binding
  (bsc#1203699).
- ALSA: hda: cs35l41: Set Speaker Position for CLSA0100 Laptop
  (bsc#1203699).
- ALSA: hda: cs35l41: Fix error in spi cs35l41 hda driver name
  (bsc#1203699).
- ALSA: hda/cs8409: Add Speaker Playback Switch for Warlock
  (bsc#1203699).
- ALSA: hda/cs8409: Add Speaker Playback Switch for Cyborg
  (bsc#1203699).
- ALSA: hda/cs8409: Support new Odin Variants (bsc#1203699).
- commit 346d9b0
- ALSA: hda/cs8409: Support manual mode detection for CS42L42
  (bsc#1203699).
- ALSA: hda/cs8409: Use general cs42l42 include in cs8409 hda
  driver (bsc#1203699).
- ASoC: cs35l41: Support external boost (bsc#1203699).
- ALSA: hda: cs35l41: Move external boost handling to lib for
  ASoC use (bsc#1203699).
- ALSA: hda: cs35l41: Handle all external boost setups the same
  way (bsc#1203699).
- ALSA: hda: cs35l41: Reorganize log for playback actions
  (bsc#1203699).
- ALSA: hda: cs35l41: Remove cs35l41_hda_reg_sequence struct
  (bsc#1203699).
- ALSA: hda: cs35l41: Move boost config to initialization code
  (bsc#1203699).
- ALSA: cs35l41: Enable Internal Boost in shared lib
  (bsc#1203699).
- ALSA: hda: cs35l41: Mute the device before shutdown
  (bsc#1203699).
- commit e34c590
- ASoC: cs42l42: Move CS42L42 register descriptions to general
  include (bsc#1203699).
- ASoC: cs42l42: Add warnings about DETECT_MODE and PLL_START
  (bsc#1203699).
- ASoC: cs42l42: Handle system suspend (bsc#1203699).
- ASoC: cs42l42: Change jack_detect_mutex to a lock of all IRQ
  handling (bsc#1203699).
- ASoC: cs42l42: Report full jack status when plug is detected
  (bsc#1203699).
- ASoC: cs42l42: Report initial jack state (bsc#1203699).
- ASoC: cs42l42: Remove redundant pll_divout member (bsc#1203699).
- ASoC: cs42l42: Simplify reporting of jack unplug (bsc#1203699).
- ASoC: cs42l42: Remove redundant writes to RS_PLUG/RS_UNPLUG
  masks (bsc#1203699).
- ASoC: cs42l42: Remove redundant writes to DETECT_MODE
  (bsc#1203699).
- ASoC: cs42l42: Add control for audio slow-start switch
  (bsc#1203699).
- ASoC: cs42l42: free_irq() before powering-down on probe() fail
  (bsc#1203699).
- ASoC: cs42l42: Reset and power-down on remove() and failed
  probe() (bsc#1203699).
- ASoC: cs42l42: Prevent NULL pointer deref in interrupt handler
  (bsc#1203699).
- ASoC: cs42l42: Remove unused runtime_suspend/runtime_resume
  callbacks (bsc#1203699).
- ASoC: cs42l42: Use two thresholds and increased wait time for
  manual type detection (bsc#1203699).
- ASoC: cs42l42: Implement Manual Type detection as fallback
  (bsc#1203699).
- ASoC: cs42l42: Minor fix all errors reported by checkpatch.pl
  script (bsc#1203699).
- ASoC: cs42l42: Always enable TS_PLUG and TS_UNPLUG interrupts
  (bsc#1203699).
- ASoC: cs42l42: Fix WARN in remove() if running without an
  interrupt (bsc#1203699).
- ASoC: cs42l42: Mark OSC_SWITCH_STATUS register volatile
  (bsc#1203699).
- ASoC: cs42l42: Set correct SRC MCLK (bsc#1203699).
- ASoC: cs42l42: Allow time for HP/ADC to power-up after enable
  (bsc#1203699).
- ASoC: cs42l42: Use PLL for SCLK > 12.288MHz (bsc#1203699).
- ASoC: cs42l42: Don't claim to support 192k (bsc#1203699).
- ASoC: cs42l42: Don't reconfigure the PLL while it is running
  (bsc#1203699).
- commit 866431d
- ALSA: hda: cs35l41: Put the device into safe mode for external
  boost (bsc#1203699).
- ALSA: hda: cs35l41: Add Boost type flag (bsc#1203699).
- ALSA: hda: cs35l41: Always configure the DAI (bsc#1203699).
- ALSA: hda: cs35l41: Fix I2S params comments (bsc#1203699).
- ALSA: cs35l41: Move cs35l41_gpio_config to shared lib
  (bsc#1203699).
- ALSA: cs35l41: Check hw_config before using it (bsc#1203699).
- ALSA: cs35l41: Unify hardware configuration (bsc#1203699).
- commit ac37bc4
- ALSA: hda/cs8409: Add new Dolphin HW variants (bsc#1203699).
- ALSA: hda/cs8409: Disable HSBIAS_SENSE_EN for Cyborg
  (bsc#1203699).
- ALSA: hda/cs8409: Support new Warlock MLK Variants
  (bsc#1203699).
- ALSA: hda/cs8409: Fix Full Scale Volume setting for all variants
  (bsc#1203699).
- ALSA: hda/cs8409: Re-order quirk table into ascending order
  (bsc#1203699).
- ALSA: hda/cs8409: Fix Warlock to use mono mic configuration
  (bsc#1203699).
- commit af84f1a
- ALSA: hda/realtek: Add mute and micmut LED support for Zbook
  Fury 17 G9 (bsc#1203699).
- Refresh
  patches.suse/ALSA-hda-realtek-Add-quirk-for-HP-Dev-One.patch.
- Refresh
  patches.suse/ALSA-hda-realtek-fix-mute-micmute-LEDs-for-HP-machin.patch.
- commit 7831f17
- ASoC: cs35l41: Remove unnecessary param (bsc#1203699).
- ALSA: hda/realtek: Fix LED on Zbook Studio G9 (bsc#1203699).
- commit 8ea9da8
- ALSA: hda/realtek: Add support for HP Laptops (bsc#1203699).
- Refresh
  patches.suse/ALSA-hda-realtek-Add-a-quirk-for-HP-OMEN-16-8902-mut.patch.
- Refresh
  patches.suse/ALSA-hda-realtek-Add-quirk-for-HP-Dev-One.patch.
- Refresh
  patches.suse/ALSA-hda-realtek-Add-quirk-for-Lenovo-Yoga9-14IAP7.patch.
- Refresh
  patches.suse/ALSA-hda-realtek-Add-quirk-for-the-Framework-Laptop.patch.
- Refresh
  patches.suse/ALSA-hda-realtek-fix-mute-micmute-LEDs-for-HP-machin.patch.
- Refresh
  patches.suse/ALSA-hda-realtek-fix-right-sounds-and-mute-micmute-L-024a7ad9eb4d.patch.
- Refresh
  patches.suse/ALSA-hda-realtek-fix-right-sounds-and-mute-micmute-L.patch.
- commit a813cc9
- ASoC: cs35l41: Fix DSP mbox start command and global enable
  order (bsc#1203699).
- ASoC: cs35l41: Fix max number of TX channels (bsc#1203699).
- ASoC: cs35l41: Fix GPIO2 configuration (bsc#1203699).
- ALSA: hda: cs35l41: Make cs35l41_hda_remove() return void
  (bsc#1203699).
- ALSA: hda: cs35l41: Tidyup code (bsc#1203699).
- ALSA: hda: cs35l41: Make use of the helper function
  dev_err_probe() (bsc#1203699).
- ALSA: hda: cs35l41: Add missing default cases (bsc#1203699).
- ALSA: hda: cs35l41: Move cs35l41* calls to its own symbol
  namespace (bsc#1203699).
- ALSA: hda: cs35l41: Add calls to newly added test key function
  (bsc#1203699).
- ALSA: hda: cs35l41: Avoid overwriting register patch
  (bsc#1203699).
- ALSA: hda: cs35l41: fix double free on error in probe()
  (bsc#1203699).
- commit 31fd8da
- firmware: cs_dsp: Add memory chunk helpers (bsc#1203699).
- firmware: cs_dsp: Add pre_stop callback (bsc#1203699).
- ASoC: wm_adsp: Minor clean and redundant code removal
  (bsc#1203699).
- ASoC: wm_adsp: Fix event for preloader (bsc#1203699).
- ASoC: wm_adsp: Compressed stream DSP memory structs should be
  __packed (bsc#1203699).
- firmware: cs_dsp: Fix overrun of unterminated control name
  string (bsc#1203699).
- ASoC: wm_adsp: Expand firmware loading search options
  (bsc#1203699).
- ASoC: wm_adsp: Add trace caps to speaker protection FW
  (bsc#1203699).
- ASoC: wm_adsp: Make compressed buffers optional (bsc#1203699).
- ASoC: wm_adsp: Correct control read size when parsing compressed
  buffer (bsc#1203699).
- ASoC: cs35l41: Add support for hibernate memory retention mode
  (bsc#1203699).
- ASoC: cs35l41: Update handling of test key registers
  (bsc#1203699).
- ASoC: wm_adsp: Add support for "/toggle"/ preloaders
  (bsc#1203699).
- firmware: cs_dsp: Clear core reset for cache (bsc#1203699).
- ASoC: cs35l41: Correct handling of some registers in the cache
  (bsc#1203699).
- ASoC: cs35l41: Correct DSP power down (bsc#1203699).
- ASoC: cs35l41: Remove incorrect comment (bsc#1203699).
- ASoC: cs35l41: Add cs35l51/53 IDs (bsc#1203699).
- ALSA: hda: Fix dependencies of CS35L41 on SPI/I2C buses
  (bsc#1203699).
- ALSA: hda: Fix dependency on ASoC cs35l41 codec (bsc#1203699).
- firmware: cs_dsp: Move lockdep asserts to avoid potential null
  pointer (bsc#1203699).
- firmware: cs_dsp: Allow creation of event controls
  (bsc#1203699).
- firmware: cs_dsp: Add offset to cs_dsp read/write (bsc#1203699).
- firmware: cs_dsp: Clarify some kernel doc comments
  (bsc#1203699).
- firmware: cs_dsp: Perform NULL check in
  cs_dsp_coeff_write/read_ctrl (bsc#1203699).
- firmware: cs_dsp: Add support for rev 2 coefficient files
  (bsc#1203699).
- firmware: cs_dsp: Print messages from bin files (bsc#1203699).
- firmware: cs_dsp: Add pre_run callback (bsc#1203699).
- firmware: cs_dsp: Add version checks on coefficient loading
  (bsc#1203699).
- firmware: cs_dsp: Add lockdep asserts to interface functions
  (bsc#1203699).
- firmware: cs_dsp: tidy includes in cs_dsp.c and cs_dsp.h
  (bsc#1203699).
- ASoC: wm_adsp: wm_adsp_control_add() error: uninitialized symbol
  'ret' (bsc#1203699).
- commit 545439c
- supported.conf: Add cs_dsp firmware module (bsc#1203699)
- commit af1ea30
- Update config files: enable CS35L41 support (bsc#1203699)
- commit 195ddb7
- ALSA: hda/realtek: Add CS35L41 support for Thinkpad laptops
  (bsc#1203699).
- Refresh
  patches.suse/ALSA-hda-realtek-Add-quirk-for-Lenovo-Yoga9-14IAP7.patch.
- Refresh
  patches.suse/ALSA-hda-realtek-Add-quirk-for-the-Framework-Laptop.patch.
- Refresh
  patches.suse/ALSA-hda-realtek-fix-speakers-and-micmute-on-HP-855-.patch.
- commit 0a4cbdb
- ALSA: hda/realtek: Add support for Legion 7 16ACHg6 laptop
  (bsc#1203699).
- Refresh
  patches.suse/ALSA-hda-ALC287-Add-Lenovo-IdeaPad-Slim-9i-14ITL5-sp.patch.
- Refresh
  patches.suse/ALSA-hda-realtek-Add-quirk-for-Legion-Y9000X-2019.patch.
- Refresh
  patches.suse/ALSA-hda-realtek-Add-quirk-for-Lenovo-Yoga9-14IAP7.patch.
- Refresh
  patches.suse/ALSA-hda-realtek-Add-quirk-for-the-Framework-Laptop.patch.
- Refresh
  patches.suse/ALSA-hda-realtek-fix-speakers-and-micmute-on-HP-855-.patch.
- commit b3dce35
- ALSA: hda: cs35l41: Add support for CS35L41 in HDA systems
  (bsc#1203699).
- commit 39ffdf8
- ASoC: cs35l41: Document CS35l41 External Boost (bsc#1203699).
- ASoC: cs35l41: Create shared function for boost configuration
  (bsc#1203699).
- ASoC: cs35l41: Create shared function for setting channels
  (bsc#1203699).
- ASoC: cs35l41: Create shared function for errata patches
  (bsc#1203699).
- ASoC: cs35l41: Move power initializations to reg_sequence
  (bsc#1203699).
- ASoC: cs35l41: Move cs35l41_otp_unpack to shared code
  (bsc#1203699).
- ASoC: cs35l41: Convert tables to shared source code
  (bsc#1203699).
- ASoC: cs35l41: Fix undefined reference to core functions
  (bsc#1203699).
- ASoC: cs35l41: Fix link problem (bsc#1203699).
- ASoC: wm_adsp: Remove the wmfw_add_ctl helper function
  (bsc#1203699).
- ASoC: cs35l41: DSP Support (bsc#1203699).
- ASoC: dt-bindings: cs42l42: Convert binding to yaml
  (bsc#1203699).
- ASoC: cs35l41: Set the max SPI speed for the whole device
  (bsc#1203699).
- ASoC: cs35l41: Change monitor widgets to siggens (bsc#1203699).
- ASoC: cs35l41: Make cs35l41_remove() return void (bsc#1203699).
- ASoC: wm_adsp: remove a repeated including (bsc#1203699).
- firmware: cs_dsp: add driver to support firmware loading on
  Cirrus Logic DSPs (bsc#1203699).
- ASoC: wm_adsp: Separate wm_adsp specifics in cs_dsp_client_ops
  (bsc#1203699).
- ASoC: wm_adsp: Split out struct cs_dsp from struct wm_adsp
  (bsc#1203699).
- ASoC: wm_adsp: move firmware loading to client (bsc#1203699).
- ASoC: wm_adsp: Pass firmware names as parameters when starting
  DSP core (bsc#1203699).
- ASoC: wm_adsp: Move check of dsp->running to better place
  (bsc#1203699).
- ASoC: wm_adsp: Separate generic cs_dsp_coeff_ctl handling
  (bsc#1203699).
- ASoC: wm_adsp: Move sys_config_size to wm_adsp (bsc#1203699).
- ASoC: wm_adsp: Split DSP power operations into helper functions
  (bsc#1203699).
- ASoC: wm_adsp: Separate some ASoC and generic functions
  (bsc#1203699).
- ASoC: wm_adsp: Introduce cs_dsp logging macros (bsc#1203699).
- ASoC: wm_adsp: Rename generic DSP support (bsc#1203699).
- ASoC: wm_adsp: Cancel ongoing work when removing controls
  (bsc#1203699).
- ASoC: wm_adsp: Switch to using wm_coeff_read_ctrl for compressed
  buffers (bsc#1203699).
- ASoC: wm_adsp: Move check for control existence (bsc#1203699).
- ASoC: wm_adsp: Remove use of snd_ctl_elem_type_t (bsc#1203699).
- ASoC: cs35l41: Binding fixes (bsc#1203699).
- misc: cs35l41: Remove unused pdn variable (bsc#1203699).
- ASoC: cs35l41: Fix a bunch of trivial code formating/style
  issues (bsc#1203699).
- ASoC: cs35l41: Fixup the error messages (bsc#1203699).
- ASoC: cs35l41: Don't overwrite returned error code
  (bsc#1203699).
- ASoC: cs35l41: Combine adjacent register writes (bsc#1203699).
- ASoC: cs35l41: Use regmap_read_poll_timeout to wait for OTP boot
  (bsc#1203699).
- ASoC: cs35l41: Fix use of an uninitialised variable
  (bsc#1203699).
- ASoC: cs35l41: Add bindings for CS35L41 (bsc#1203699).
- ASoC: cs35l41: CS35L41 Boosted Smart Amplifier (bsc#1203699).
- ASoC: wm_adsp: Remove pointless string comparison (bsc#1203699).
- commit 5d21207
- kABI: Add back removed struct paca member (bsc#1203664
  ltc#199236).
- Revert "/powerpc/rtas: Implement reentrant rtas call"/
  (bsc#1203664 ltc#199236).
- commit 93ebb75
- blacklist.conf: add scsi commit that's too invasive
- commit ed3d357
- struct ehci_hcd: hide new element going into a hole (git-fixes).
- commit 859270b
- USB: Fix ehci infinite suspend-resume loop issue in zhaoxin
  (git-fixes).
- commit 71e1e4f
- xen/usb: don't use arbitrary_virt_to_machine() (git-fixes).
- commit 9497b70
- usb: host: xhci: fix a comment typo in xhci_mem_init()
  (git-fixes).
- usb: host: xhci: use ffs() in xhci_mem_init() (git-fixes).
- commit f930b4a
- usb: Drop commas after SoC match table sentinels (git-fixes).
- commit c8fc91a
- struct xhci_hcd: restore member now dynamically allocated
  (git-fixes).
- commit ac47acd
- xhci: Allocate separate command structures for each LPM command
  (git-fixes).
- commit 33fbca4
- USB: core: Fix RST error in hub.c (git-fixes).
- commit 19a77db
- fuse: Remove the control interface for virtio-fs (bsc#1203798).
- commit a23dd0d
- constraints: increase disk space for all architectures
  References: bsc#1203693
  aarch64 is already suffering. SLE15-SP5 x86_64 stats show that it is
  very close to the limit.
- commit 43a9011
- usb.h: struct usb_device: hide new member (git-fixes).
- commit fbd8f4a
- USB: core: Prevent nested device-reset calls (git-fixes).
- commit 9ef8532
- usb: dwc3: disable USB core PHY management (git-fixes).
- commit 1a35727
- Update patch referecen for ALSA fix (CVE-2022-3303 bsc#1203769)
- commit 9addbc1
- ACPI: processor idle: Practically limit "/Dummy wait"/ workaround
  to old Intel systems (bsc#1203767).
- commit ec98644
- NFSv4.2: Update mode bits after ALLOCATE and DEALLOCATE
  (git-fixes).
- NFSv4: Turn off open-by-filehandle and NFS re-export for NFSv4.0
  (git-fixes).
- md: call __md_stop_writes in md_stop (git-fixes).
- SUNRPC: RPC level errors should set task->tk_rpc_status
  (git-fixes).
- NFSv4.2 fix problems with __nfs42_ssc_open (git-fixes).
- net/sunrpc: fix potential memory leaks in
  rpc_sysfs_xprt_state_change() (git-fixes).
- SUNRPC: Reinitialise the backchannel request buffers before
  reuse (git-fixes).
- NFSv4.1: RECLAIM_COMPLETE must handle EACCES (git-fixes).
- NFSv4: Fix races in the legacy idmapper upcall (git-fixes).
- sunrpc: fix expiry of auth creds (git-fixes).
- NFSv4.1: Handle NFS4ERR_DELAY replies to OP_SEQUENCE correctly
  (git-fixes).
- NFSv4.1: Don't decrease the value of seq_nr_highest_sent
  (git-fixes).
- pNFS/flexfiles: Report RDMA connection errors to the server
  (git-fixes).
- Revert "/pNFS: nfs3_set_ds_client should set NFS_CS_NOPING"/
  (git-fixes).
- lockd: detect and reject lock arguments that overflow
  (git-fixes).
- SUNRPC: Fix xdr_encode_bool() (git-fixes).
- nfsd: eliminate the NFSD_FILE_BREAK_* flags (git-fixes).
- md-raid10: fix KASAN warning (git-fixes).
- NFSD: restore EINVAL error translation in nfsd_commit()
  (git-fixes).
- NFSD: Clean up the show_nf_flags() macro (git-fixes).
- SUNRPC: Don't leak sockets in xs_local_connect() (git-fixes).
- SUNRPC: Don't call connect() more than once on a TCP socket
  (git-fixes).
- NFS: LOOKUP_DIRECTORY is also ok with symlinks (git-fixes).
- NFSD: Fix offset type in I/O trace points (git-fixes).
- NFS: Fix WARN_ON due to unionization of nfs_inode.nrequests
  (git-fixes).
- commit 510ad2f
- x86/sev: Add missing __init annotations to SEV init routines
  (jsc#SLE-19924 jsc#SLE-24814).
- Refresh
  patches.suse/x86-sev-Get-the-AP-jump-table-address-from-secrets-page.
- commit e7f768c
- scsi: Revert "/scsi: qla2xxx: Fix disk failure to rediscover"/
  (git-fixes).
- commit c7d72a7
- i2c: mlxbf: Fix frequency calculation (git-fixes).
- i2c: mlxbf: prevent stack overflow in
  mlxbf_i2c_smbus_start_transaction() (git-fixes).
- i2c: mlxbf: incorrect base address passed during io write
  (git-fixes).
- i2c: imx: If pm_runtime_get_sync() returned 1 device access
  is possible (git-fixes).
- commit abc7475
- blacklist.conf: remove blacklisted patch
  This patch was incorrectly blacklisted, but in fact
  is needeed, so remove the blacklist first.
- commit 858de69
- serial: fsl_lpuart: Reset prior to registration (git-fixes).
- workqueue: don't skip lockdep work dependency in
  cancel_work_sync() (git-fixes).
- arm64: topology: fix possible overflow in amu_fie_setup()
  (git-fixes).
- media: flexcop-usb: fix endpoint type check (git-fixes).
- usb: dwc3: core: leave default DMA if the controller does not
  support 64-bit DMA (git-fixes).
- drm/panel: simple: Fix innolux_g121i1_l01 bus_format
  (git-fixes).
- drm/mediatek: dsi: Move mtk_dsi_stop() call back to
  mtk_dsi_poweroff() (git-fixes).
- drm/mediatek: dsi: Add atomic {destroy,duplicate}_state,
  reset callbacks (git-fixes).
- drm/panfrost: devfreq: set opp to the recommended one to
  configure regulator (git-fixes).
- ASoC: nau8824: Fix semaphore unbalance at error paths
  (git-fixes).
- regulator: pfuze100: Fix the global-out-of-bounds access in
  pfuze100_regulator_probe() (git-fixes).
- net: usb: qmi_wwan: add Quectel RM520N (git-fixes).
- wifi: mac80211_hwsim: check length for virtio packets
  (git-fixes).
- tty: serial: atmel: Preserve previous USART mode if RS485
  disabled (git-fixes).
- drm/tegra: vic: Fix build warning when CONFIG_PM=n (git-fixes).
- video: fbdev: pxa3xx-gcu: Fix integer overflow in
  pxa3xx_gcu_write (git-fixes).
- serial: atmel: remove redundant assignment in rs485_config
  (git-fixes).
- video: fbdev: i740fb: Error out if 'pixclock' equals zero
  (git-fixes).
- commit 05ff2c7
- scsi: mpt3sas: Fix use-after-free warning (git-fixes).
- scsi: qla2xxx: Fix disk failure to rediscover (git-fixes).
- commit 338849f
- kexec_file: drop weak attribute from functions (bsc#1196444).
- commit 3df1852
- KVM: avoid NULL pointer dereference in kvm_dirty_ring_push
  (bsc#1198189 CVE-2022-1263).
- commit 7717214
- kexec, KEYS, s390: Make use of built-in and secondary keyring
  for signature verification (bsc#1196444).
- commit a0517d1
- arm64: kexec_file: use more system keyrings to verify kernel
  image signature (bsc#1196444).
- kexec, KEYS: make the code in bzImage64_verify_sig generic
  (bsc#1196444).
- kexec: clean up arch_kexec_kernel_verify_sig (bsc#1196444).
- kexec: drop weak attribute from functions (bsc#1196444).
- x86/kexec: fix memory leak of elf header buffer (bsc#1196444).
- commit 6bb0d35
- arm64: dts: rockchip: Remove 'enable-active-low' from
  rk3399-puma (git-fixes).
- arm64: dts: rockchip: Set RK3399-Gru PCLK_EDP to 24 MHz
  (git-fixes).
- arm64: dts: rockchip: Fix typo in lisense text for PX30.Core
  (git-fixes).
- arm64: dts: rockchip: Pull up wlan wake# on Gru-Bob (git-fixes).
- selftests: forwarding: add shebang for sch_red.sh (git-fixes).
- can: gs_usb: gs_can_open(): fix race dev->can.state condition
  (git-fixes).
- gve: Fix GFP flags when allocing pages (git-fixes).
- wifi: mt76: fix reading current per-tid starting sequence
  number for aggregation (git-fixes).
- batman-adv: Fix hang up with small MTU hard-interface
  (git-fixes).
- net: phy: aquantia: wait for the suspend/resume operations to
  finish (git-fixes).
- gpiolib: cdev: Set lineevent_state::irq after IRQ register
  successfully (git-fixes).
- gpio: mockup: fix NULL pointer dereference when removing debugfs
  (git-fixes).
- selftests: forwarding: Fix failing tests with old libnet
  (git-fixes).
- commit 4895eee
- net/mlx5: CT: Fix header-rewrite re-use for tupels (git-fixes).
- commit a413591
- net/mlx5e: TC NIC mode, fix tc chains miss table (git-fixes).
- commit 7bd201a
- net: enetc: Use pci_release_region() to release some resources
  (git-fixes).
- commit 15bc221
- net: dsa: mv88e6xxx: Fix refcount leak in
  mv88e6xxx_mdios_register (git-fixes).
- commit 568058d
- net: dsa: restrict SMSC_LAN9303_I2C kconfig (git-fixes).
- commit a7df60c
- net: stmmac: fix out-of-bounds access in a selftest (git-fixes).
- commit 1d801d7
- net: macb: Fix PTP one step sync support (git-fixes).
- commit c6f42d2
- net: wwan: iosm: remove pointless null check (git-fixes).
- commit 4eccfc1
- eth: sun: cassini: remove dead code (git-fixes).
- commit aa42615
- net: stmmac: remove unused get_addr() callback (git-fixes).
- commit 14586bc
- Revert "/ice: Hide bus-info in ethtool for PRs in switchdev mode"/
  (git-fixes).
- commit 2b88535
- net: ethernet: stmmac: fix write to sgmii_adapter_base
  (git-fixes).
- commit 63c3906
- net: dsa: felix: fix tagging protocol changes with multiple
  CPU ports (git-fixes).
- commit 41e3617
- net: dsa: introduce helpers for iterating through ports using dp
  (git-fixes).
- commit 5001021
- ice: arfs: fix use-after-free when freeing @rx_cpu_rmap
  (git-fixes).
- commit 1bdfd3c
- net: hns3: add netdev reset check for hns3_set_tunable()
  (git-fixes).
- commit f002bf7
- net: phy: at803x: move page selection fix to config_init
  (git-fixes).
- commit 02fb6c3
- ice: Match on all profiles in slow-path (git-fixes).
- commit 5ba2957
- net: ipa: kill ipa_cmd_pipeline_clear() (git-fixes).
- commit 1308dcb
- blacklist.conf: update blacklist
- commit e0df553
- blacklist.conf: update blacklist
- commit d975e01
- blacklist.conf: update blacklist
- commit 2402036
- ALSA: hda: Fix Nvidia dp infoframe (git-fixes).
- ALSA: hda/tegra: set depop delay for tegra (git-fixes).
- ALSA: hda/tegra: Update scratch reg. communication (git-fixes).
- ALSA: hda/tegra: Add Tegra234 hda driver support (git-fixes).
- commit 636d297
- ALSA: hda/realtek: Add a quirk for HP OMEN 16 (8902) mute LED
  (git-fixes).
- ALSA: hda/realtek: Add quirk for ASUS GA503R laptop (git-fixes).
- ALSA: hda/realtek: Add pincfg for ASUS G533Z HP jack
  (git-fixes).
- ALSA: hda/realtek: Add pincfg for ASUS G513 HP jack (git-fixes).
- ALSA: hda/realtek: Enable 4-speaker output Dell Precision 5530
  laptop (git-fixes).
- ALSA: hda/realtek: Enable 4-speaker output Dell Precision 5570
  laptop (git-fixes).
- ALSA: hda/realtek: Add quirk for Huawei WRT-WX9 (git-fixes).
- ALSA: hda: add Intel 5 Series / 3400 PCI DID (git-fixes).
- commit a4ecf82
- dmaengine: ti: k3-udma-private: Fix refcount leak bug in
  of_xudma_dev_get() (git-fixes).
- Revert "/ALSA: usb-audio: Split endpoint setups for hw_params
  and prepare"/ (git-fixes).
- ALSA: core: Fix double-free at snd_card_new() (git-fixes).
- ALSA: hda/realtek: Re-arrange quirk table entries (git-fixes).
- ALSA: hda: Fix hang at HD-audio codec unbinding due to refcount
  saturation (git-fixes).
- ARM: dts: imx6qdl-kontron-samx6i: fix spi-flash compatible
  (git-fixes).
- gpio: mockup: remove gpio debugfs when remove device
  (git-fixes).
- Input: iforce - add support for Boeder Force Feedback Wheel
  (git-fixes).
- Input: goodix - add compatible string for GT1158 (git-fixes).
- Input: goodix - add support for GT1158 (git-fixes).
- drm/msm/rd: Fix FIFO-full deadlock (git-fixes).
- drm/amd/amdgpu: skip ucode loading if ucode_size == 0
  (git-fixes).
- usb: storage: Add ASUS <0x0b05:0x1932> to IGNORE_UAS
  (git-fixes).
- platform/x86: acer-wmi: Acer Aspire One AOD270/Packard Bell
  Dot keymap fixes (git-fixes).
- platform/surface: aggregator_registry: Add support for Surface
  Laptop Go 2 (git-fixes).
- ieee802154: cc2520: add rc code in cc2520_tx() (git-fixes).
- hid: intel-ish-hid: ishtp: Fix ishtp client sending disordered
  message (git-fixes).
- HID: ishtp-hid-clientHID: ishtp-hid-client: Fix comment typo
  (git-fixes).
- ACPI: resource: skip IRQ override on AMD Zen platforms
  (git-fixes).
- ARM: dts: imx: align SPI NOR node name with dtschema
  (git-fixes).
- commit 6a1df1e
- Refresh patches.suse/iommu-vt-d-Acquiring-lock-in-domain-ID-allocation-helpers
  Fix spin deadlock in intel_iommu (bsc#1203505)
- commit 69d294e
- media: dvb-core: Fix UAF due to refcount races at releasing
  (CVE-2022-41218 bsc#1202960).
- commit bdcd7ab
- Update kabi files: import symvers from MU 5.14.21-150400.24.21
- commit a9db6f7
- blacklist.conf: e9b6013a7ce3 x86/speculation: Update link to AMD speculation whitepaper
- commit 2ebf815
- EDAC/dmc520: Don't print an error for each unconfigured
  interrupt line (bsc#1190497).
- commit c59e321
- blacklist.conf: ad2c302bc604 EDAC/sifive: Fix non-kernel-doc comment
- commit 1146177
- Update patch reference for media fix (CVE-2022-3239 bsc#1203552)
- commit 9054a9f
- supported.conf: Add drivers/virt/coco/sevguest/sevguest
- commit 14b71be
- virt: Add SEV-SNP guest driver (jsc#SLE-19924, jsc#SLE-24814).
- Update config files.
- commit 07e76d6
- scsi: smartpqi: Shorten drive visibility after removal
  (bsc#1200622).
- commit 575230a
- x86/sev: Provide support for SNP guest request NAEs
  (jsc#SLE-19924, jsc#SLE-24814).
- Refresh
  patches.suse/revert-x86-sev-expose-sev_es_ghcb_hv_call-for-use-by-hyperv.patch.
- commit eaa3ba3
- x86/boot: Add Confidential Computing type to setup_data
  (jsc#SLE-19924, jsc#SLE-24814).
- Refresh
  patches.suse/0005-efi-generate-secret-key-in-EFI-boot-environment.patch.
- commit cecec70
- x86/mm: Validate memory when changing the C-bit (jsc#SLE-19924,
  jsc#SLE-24814).
- Refresh
  patches.suse/revert-x86-sev-expose-sev_es_ghcb_hv_call-for-use-by-hyperv.patch.
- commit d7a984b
- x86/sev: Check the VMPL level (jsc#SLE-19924, jsc#SLE-24814).
- Refresh
  patches.suse/revert-x86-sev-expose-sev_es_ghcb_hv_call-for-use-by-hyperv.patch.
- commit df057b9
- x86/sev: Add a helper for the PVALIDATE instruction
  (jsc#SLE-19924, jsc#SLE-24814).
- Refresh
  patches.suse/revert-x86-sev-expose-sev_es_ghcb_hv_call-for-use-by-hyperv.patch.
- commit 27da7ad
- x86/compressed/64: Detect/setup SEV/SME features earlier during
  boot (jsc#SLE-19924, jsc#SLE-24814).
- Refresh
  patches.suse/x86-sev-define-the-linux-specific-guest-termination-reasons.patch.
- commit 509599d
- kABI: Fix kABI after SNP-Guest backport (jsc#SLE-19924,
  jsc#SLE-24814).
- x86/sev: Get the AP jump table address from secrets page
  (jsc#SLE-19924, jsc#SLE-24814).
- x86/boot: Put globals that are accessed early into the .data
  section (jsc#SLE-19924, jsc#SLE-24814).
- virt: sevguest: Fix bool function returning negative value
  (jsc#SLE-19924, jsc#SLE-24814).
- virt: sevguest: Fix return value check in alloc_shared_pages()
  (jsc#SLE-19924, jsc#SLE-24814).
- virt: sevguest: Add documentation for SEV-SNP CPUID Enforcement
  (jsc#SLE-19924, jsc#SLE-24814).
- virt: sevguest: Add support to get extended report
  (jsc#SLE-19924, jsc#SLE-24814).
- virt: sevguest: Add support to derive key (jsc#SLE-19924,
  jsc#SLE-24814).
- x86/sev: Register SEV-SNP guest request platform device
  (jsc#SLE-19924, jsc#SLE-24814).
- x86/sev: Add a sev= cmdline option (jsc#SLE-19924,
  jsc#SLE-24814).
- x86/sev: Use firmware-validated CPUID for SEV-SNP guests
  (jsc#SLE-19924, jsc#SLE-24814).
- x86/sev: Add SEV-SNP feature detection/setup (jsc#SLE-19924,
  jsc#SLE-24814).
- x86/compressed/64: Add identity mapping for Confidential
  Computing blob (jsc#SLE-19924, jsc#SLE-24814).
- x86/compressed: Export and rename add_identity_map()
  (jsc#SLE-19924, jsc#SLE-24814).
- x86/compressed: Use firmware-validated CPUID leaves for SEV-SNP
  guests (jsc#SLE-19924, jsc#SLE-24814).
- x86/compressed: Add SEV-SNP feature detection/setup
  (jsc#SLE-19924, jsc#SLE-24814).
- x86/boot: Add a pointer to Confidential Computing blob in
  bootparams (jsc#SLE-19924, jsc#SLE-24814).
- x86/compressed/64: Add support for SEV-SNP CPUID table in #VC
  handlers (jsc#SLE-19924, jsc#SLE-24814).
- x86/sev: Move MSR-based VMGEXITs for CPUID to helper
  (jsc#SLE-19924, jsc#SLE-24814).
- KVM: x86: Move lookup of indexed CPUID leafs to helper
  (jsc#SLE-19924, jsc#SLE-24814).
- x86/compressed/acpi: Move EFI kexec handling into common code
  (jsc#SLE-19924, jsc#SLE-24814).
- x86/compressed/acpi: Move EFI vendor table lookup to helper
  (jsc#SLE-19924, jsc#SLE-24814).
- x86/compressed/acpi: Move EFI config table lookup to helper
  (jsc#SLE-19924, jsc#SLE-24814).
- x86/compressed/acpi: Move EFI system table lookup to helper
  (jsc#SLE-19924, jsc#SLE-24814).
- x86/compressed/acpi: Move EFI detection to helper
  (jsc#SLE-19924, jsc#SLE-24814).
- x86/head/64: Re-enable stack protection (jsc#SLE-19924,
  jsc#SLE-24814).
- x86/sev: Use SEV-SNP AP creation to start secondary CPUs
  (jsc#SLE-19924, jsc#SLE-24814).
- x86/kernel: Validate ROM memory before accessing when SEV-SNP
  is active (jsc#SLE-19924, jsc#SLE-24814).
- x86/kernel: Mark the .bss..decrypted section as shared in the
  RMP table (jsc#SLE-19924, jsc#SLE-24814).
- x86/sev: Add helper for validating pages in early enc attribute
  changes (jsc#SLE-19924, jsc#SLE-24814).
- x86/sev: Register GHCB memory when SEV-SNP is active
  (jsc#SLE-19924, jsc#SLE-24814).
- x86/compressed: Register GHCB memory when SEV-SNP is active
  (jsc#SLE-19924, jsc#SLE-24814).
- x86/compressed: Add helper for validating pages in the
  decompression stage (jsc#SLE-19924, jsc#SLE-24814).
- x86/sev: Check SEV-SNP features support (jsc#SLE-19924,
  jsc#SLE-24814).
- x86/mm: Extend cc_attr to include AMD SEV-SNP (jsc#SLE-19924,
  jsc#SLE-24814).
- x86/sev: Detect/setup SEV/SME features earlier in boot
  (jsc#SLE-19924, jsc#SLE-24814).
- x86/boot: Use MSR read/write helpers instead of inline assembly
  (jsc#SLE-19924, jsc#SLE-24814).
- x86/boot: Introduce helpers for MSR reads/writes (jsc#SLE-19924,
  jsc#SLE-24814).
- KVM: SVM: Update the SEV-ES save area mapping (jsc#SLE-19924,
  jsc#SLE-24814).
- KVM: SVM: Create a separate mapping for the GHCB save area
  (jsc#SLE-19924, jsc#SLE-24814).
- KVM: SVM: Create a separate mapping for the SEV-ES save area
  (jsc#SLE-19924, jsc#SLE-24814).
- KVM: SVM: Define sev_features and VMPL field in the VMSA
  (jsc#SLE-19924, jsc#SLE-24814).
- commit 08ede5a
- md: unlock mddev before reap sync_thread in action_store
  (bsc#1197659).
- commit b42af07
- gpio: mpc8xxx: Fix support for IRQ_TYPE_LEVEL_LOW flow_type
  in mpc85xx (git-fixes).
- pinctrl: sunxi: Fix name for A100 R_PIO (git-fixes).
- pinctrl: qcom: sc8180x: Fix wrong pin numbers (git-fixes).
- pinctrl: qcom: sc8180x: Fix gpio_wakeirq_map (git-fixes).
- drm/meson: Fix OSD1 RGB to YCbCr coefficient (git-fixes).
- drm/meson: Correct OSD1 global alpha value (git-fixes).
- drm/amdgpu: move nbio sdma_doorbell_range() into sdma code
  for vega (git-fixes).
- drm/amdgpu: move nbio ih_doorbell_range() into ih code for vega
  (git-fixes).
- of/device: Fix up of_dma_configure_id() stub (git-fixes).
- of: fdt: fix off-by-one error in unflatten_dt_nodes()
  (git-fixes).
- drm/i915: Implement WaEdpLinkRateDataReload (git-fixes).
- vfio/type1: Unpin zero pages (git-fixes).
- efi: capsule-loader: Fix use-after-free in efi_capsule_write
  (git-fixes).
- efi: libstub: Disable struct randomization (git-fixes).
- fbdev: chipsfb: Add missing pci_disable_device() in
  chipsfb_pci_init() (git-fixes).
- commit a8d151e
- ASoC: mchp-spdiftx: Fix clang -Wbitfield-constant-conversion
  (git-fixes).
- drm/amdgpu: mmVM_L2_CNTL3 register not initialized correctly
  (git-fixes).
- drm/radeon: add a force flush to delay work when radeon
  (git-fixes).
- drm/amdgpu: Check num_gfx_rings for gfx v9_0 rb setup
  (git-fixes).
- drm/amdgpu: Move psp_xgmi_terminate call from
  amdgpu_xgmi_remove_device to psp_hw_fini (git-fixes).
- drm/gem: Fix GEM handle release errors (git-fixes).
- ASoC: mchp-spdiftx: remove references to mchp_i2s_caps
  (git-fixes).
- drm/bridge: display-connector: implement bus fmts callbacks
  (git-fixes).
- commit a41cdd0
- xen/gntdev: Ignore failure to unmap INVALID_GRANT_HANDLE
  (git-fixes).
- commit 37ef226
- xen-blkfront: Cache feature_persistent value before
  advertisement (git-fixes).
- commit 3ed3cdd
- Update references:
  - patches.kabi/kabi-return-type-change-of-secure_ipv-46-_port_ephem.patch
  - patches.suse/secure_seq-use-the-64-bits-of-the-siphash-for-port-o.patch
  - patches.suse/tcp-add-small-random-increments-to-the-source-port.patch
  - patches.suse/tcp-drop-the-hash_32-part-from-the-index-calculation.patch
  - patches.suse/tcp-dynamically-allocate-the-perturb-table-used-by-s.patch
  - patches.suse/tcp-increase-source-port-perturb-table-to-2-16.patch
  - patches.suse/tcp-resalt-the-secret-every-10-seconds.patch
  - patches.suse/tcp-use-different-parts-of-the-port_offset-for-index.patch
  (add CVE-2022-32296 bsc#1200288)
- commit 07e021d
- xen-netback: only remove 'hotplug-status' when the vif is
  actually destroyed (git-fixes).
- commit 33b6bc1
- xen-blkfront: Advertise feature-persistent as user requested
  (git-fixes).
- commit 55b30a0
- xen-blkback: Advertise feature-persistent as user requested
  (git-fixes).
- commit aa17727
- xen-blkfront: Apply 'feature_persistent' parameter when connect
  (git-fixes).
- commit ea0d055
- xen-blkback: Apply 'feature_persistent' parameter when connect
  (git-fixes).
- commit 8bac828
- xen-blkback: fix persistent grants negotiation (git-fixes).
- commit 8c9e86e
- xen/gntdev: Avoid blocking in unmap_grant_pages() (git-fixes).
- commit 8ae5e2f
- x86/xen: Remove undefined behavior in setup_features()
  (git-fixes).
- commit fe2de2e
- xen-blkfront: Handle NULL gendisk (git-fixes).
- commit ff9be3a
- blacklist.conf: add 1dbd11ca75fe ("/xen: remove gnttab_query_foreign_access"/)
  as it would break KABI
- commit 893d5df
- KVM: SVM: fix tsc scaling cache logic (bsc#1203263).
- commit 9311053
- xen/grants: prevent integer overflow in gnttab_dma_alloc_pages()
  (git-fixes).
- commit 4acefb4
- KVM: VMX: Heed the 'msr' argument in msr_write_intercepted()
  (git-fixes).
- commit c7cc445
- KVM: x86: hyper-v: HVCALL_SEND_IPI_EX is an XMM fast hypercall
  (git-fixes).
- commit cfc201b
- KVM: x86: hyper-v: Drop redundant 'ex' parameter from
  kvm_hv_send_ipi() (git-fixes).
- commit 001f866
- KVM: X86: Fix when shadow_root_level=5 && guest root_level<4
  (git-fixes).
- commit 4d133af
- dmaengine: idxd: fix retry value to be constant for duration
  of function call (git-fixes).
- dmaengine: idxd: match type for retries var in idxd_enqcmds()
  (git-fixes).
- commit ad373ba
- dmaengine: idxd: change MSIX allocation based on per wq
  activation (jsc#PED-664).
- dmaengine: idxd: fix descriptor flushing locking (jsc#PED-664).
- dmaengine: idxd: embed irq_entry in idxd_wq struct
  (jsc#PED-664).
- commit d9570b4
- Update patch referece for IDXD fix (jsc#PED-729)
- commit 0666616
- dmaengine: idxd: add knob for enqcmds retries (jsc#PED-755).
- commit b9e7fd2
- dmaengine: idxd: update IAA definitions for user header
  (jsc#PED-763).
- commit 966fd07
- dmaengine: idxd: handle interrupt handle revoked event
  (jsc#PED-682).
- Refresh
  patches.suse/dmaengine-idxd-set-defaults-for-wq-configs.patch.
- commit b8b62ed
- dmaengine: idxd: handle invalid interrupt handle descriptors
  (jsc#PED-682).
- commit 4d43b5f
- dmaengine: idxd: create locked version of idxd_quiesce() call
  (jsc#PED-682).
- commit 84c33cd
- dmaengine: idxd: add helper for per interrupt handle drain
  (jsc#PED-682).
- commit 7f570d2
- dmaengine: idxd: move interrupt handle assignment (jsc#PED-682).
- commit c11ff86
- dmaengine: idxd: int handle management refactoring
  (jsc#PED-682).
- commit a2ea081
- dmaengine: idxd: rework descriptor free path on failure
  (jsc#PED-682).
- commit 10afe67
- dmaengine: idxd: set defaults for wq configs (jsc#PED-688).
- Refresh
  patches.suse/dmaengine-idxd-fix-wq-settings-post-wq-disable.patch.
- commit d90c3a3
- PCI: Disable MSI for Tegra234 Root Ports (git-fixes).
- PCI: Correct misspelled words (git-fixes).
- PCI: Prefer 'unsigned int' over bare 'unsigned' (git-fixes).
- commit 2fdd511
- PCI/ASPM: Make Intel DG2 L1 acceptable latency unlimited
  (jsc#PED-387).
- commit 7d30fcd
- net: dsa: mt7530: 1G can also support 1000BASE-X link mode
  (git-fixes).
- commit cdb75aa
- igb: skip phy status check where unavailable (git-fixes).
- commit a3b27da
- ice: fix possible under reporting of ethtool Tx and Rx
  statistics (git-fixes).
- commit c2f52c2
- ice: fix crash when writing timestamp on RX rings (git-fixes).
- commit fb0a1aa
- net/mlx5: Drain fw_reset when removing device (git-fixes).
- commit 97a86a6
- net/mlx5e: Remove HW-GRO from reported features (git-fixes).
- commit 4a77968
- net/mlx5e: Properly block HW GRO when XDP is enabled
  (git-fixes).
- commit f953f8f
- net/mlx5e: Properly block LRO when XDP is enabled (git-fixes).
- commit 6b1fa7c
- net/mlx5e: Block rx-gro-hw feature in switchdev mode
  (git-fixes).
- commit a1cfc32
- net/qla3xxx: Fix a test in ql_reset_work() (git-fixes).
- commit 52c2fa5
- net: systemport: Fix an error handling path in
  bcm_sysport_probe() (git-fixes).
- commit b45f6dc
- net: macb: Increment rx bd head after allocating skb and buffer
  (git-fixes).
- commit 41b13b2
- net: ipa: get rid of a duplicate initialization (git-fixes).
- commit a69d7cd
- net: ipa: record proper RX transaction count (git-fixes).
- commit 0de4988
- net: dsa: bcm_sf2: Fix Wake-on-LAN with mac_link_down()
  (git-fixes).
- commit cf3c3f2
- net: ethernet: mediatek: ppe: fix wrong size passed to memset()
  (git-fixes).
- commit f134be1
- ice: Fix race during aux device (un)plugging (git-fixes).
- commit 4278261
- net: mscc: ocelot: avoid corrupting hardware counters when
  moving VCAP filters (git-fixes).
- commit ca8eb08
- net: mscc: ocelot: restrict tc-trap actions to VCAP IS2 lookup 0
  (git-fixes).
- commit d224ca3
- net: mscc: ocelot: fix VCAP IS2 filters matching on both lookups
  (git-fixes).
- commit 95340f0
- net: mscc: ocelot: fix last VCAP IS1/IS2 filter persisting in
  hardware when deleted (git-fixes).
- commit bda7960
- net: emaclite: Add error handling for of_address_to_resource()
  (git-fixes).
- commit a361614
- net: cpsw: add missing of_node_put() in cpsw_probe_dt()
  (git-fixes).
- commit 014fc77
- net: stmmac: dwmac-sun8i: add missing of_node_put() in
  sun8i_dwmac_register_mdio_mux() (git-fixes).
- commit 72dc370
- net: dsa: mt7530: add missing of_node_put() in mt7530_setup()
  (git-fixes).
- commit 1fa6443
- net: mdio: Fix ENOMEM return value in BCM6368 mux bus controller
  (git-fixes).
- commit f4b10fd
- net: fec: add missing of_node_put() in fec_enet_init_stop_mode()
  (git-fixes).
- commit 6d689b8
- net: dsa: lantiq_gswip: Don't set GSWIP_MII_CFG_RMII_CLK
  (git-fixes).
- commit cda6d8f
- net: dsa: mv88e6xxx: Fix port_hidden_wait to account for
  port_base_addr (git-fixes).
- commit fc0f29e
- net: bcmgenet: hide status block before TX timestamping
  (git-fixes).
- commit 7471b10
- net: stmmac: Use readl_poll_timeout_atomic() in atomic state
  (git-fixes).
- commit 77bb15d
- net: mscc: ocelot: fix broken IP multicast flooding (git-fixes).
- commit 9360c59
- net: bcmgenet: Revert "/Use stronger register read/writes to
  assure ordering"/ (git-fixes).
- commit 2e1c776
- net: ftgmac100: access hardware register after clock ready
  (git-fixes).
- commit 6f339f4
- s390/boot: fix absolute zero lowcore corruption on boot
  (git-fixes).
- commit 673e9bc
- ppc64/kdump: Limit kdump base to 512MB (bsc#1203410 ltc#199904).
- commit 04343f5
- Update patches.suse/SUNRPC-Prevent-immediate-close-reconnect.patch
  (git-fixes, bsc#1203338).
- commit 1a26f26
- net: ethernet: stmmac: fix altr_tse_pcs function when using
  a fixed-link (git-fixes).
- commit 6e948de
- net: dsa: felix: suppress -EPROBE_DEFER errors (git-fixes).
- commit 6052c6d
- mlxsw: i2c: Fix initialization error flow (git-fixes).
- commit b1671b5
- net: ethernet: mv643xx: Fix over zealous checking
  of_get_mac_address() (git-fixes).
- commit d6232d0
- ice: Do not skip not enabled queues in ice_vc_dis_qs_msg
  (git-fixes).
- commit 5811714
- dpaa2-ptp: Fix refcount leak in dpaa2_ptp_probe (git-fixes).
- commit 20972b2
- net: stmmac: Fix unset max_speed difference between DT and
  non-DT platforms (git-fixes).
- commit 21d6298
- vrf: fix packet sniffing for traffic originating from ip tunnels
  (git-fixes).
- commit 656f34a
- net: hns3: fix the concurrency between functions reading debugfs
  (git-fixes).
- commit b62a96b
- net: sparx5: uses, depends on BRIDGE or !BRIDGE (git-fixes).
- commit 91c7940
- net: dsa: bcm_sf2_cfp: fix an incorrect NULL check on list
  iterator (git-fixes).
- commit 587d5e0
- net: sparx5: depends on PTP_1588_CLOCK_OPTIONAL (git-fixes).
- commit e5cbf9e
- blacklist.conf: update blacklist
- commit b64ff66
- jfs: prevent NULL deref in diFree (bsc#1203389 CVE-2022-3202).
- commit 1259272
- usb: typec: tipd: Add an additional overflow check (git-fixes).
- commit b1f97fa
- usb: typec: tipd: Don't read/write more bytes than required
  (git-fixes).
- commit e669366
- Update patch references for ALSA fixes (jsc#PED-652 jsc#PED-720)
- commit 3c5b516
- ASoC: SOF: Intel: pci-tgl: add RPL-P support (jsc#PED-720).
- ASoC: SOF: Intel: pci-tgl: add ADL-PS support (jsc#PED-720).
- commit 012fcdf
- ALSA: hda: intel-dsp-config: Add RaptorLake PCI IDs
  (jsc#PED-720).
- commit ae48fdf
- ASoC: SOF: Intel: pci-tgl: add RPL-S support (jsc#PED-652).
- commit c23d1e1
- Update DRM UDL patches from upstreamed patches (bsc#1195917)
  Dropped:
  patches.suse/0001-drm-udl-Restore-display-mode-on-resume.patch
- commit eab8d35
- ice: Allow operation with reduced device MSI-X (bsc#1201987).
- commit adb8f10
- usb: hub: avoid warm port reset during USB3 disconnect
  (git-fixes).
- commit 8af7b8e
- crypto: arm64/gcm - Select AEAD for GHASH_ARM64_CE (git-fixes)
- commit 49a8536
- arm64: select TRACE_IRQFLAGS_NMI_SUPPORT (git-fixes)
- commit 8e1f358
- arm64: errata: Add Cortex-A510 to the repeat tlbi list (git-fixes)
  Enable this errata fix configuration option to arm64/default.
- commit c8ec028
- Revert "/arm64: Mitigate MTE issues with str{n}cmp()"/ (git-fixes)
- commit 3916261
- arm64: lib: Import latest version of Arm Optimized Routines' strcmp (git-fixes)
- commit 0ad904d
- tracing: hold caller_addr to hardirq_{enable,disable}_ip
  (git-fixes).
- commit ec23c84
- ftrace: Fix NULL pointer dereference in is_ftrace_trampoline
  when ftrace is dead (git-fixes).
- commit 4b6dc41
- btrfs: fix space cache corruption and potential double
  allocations (bsc#1203361).
- commit 0479f45
- btrfs: fix relocation crash due to premature return from
  btrfs_commit_transaction() (bsc#1203360).
- commit 5ceb88f
- KVM: x86: do not report a vCPU as preempted outside instruction
  boundaries (bsc#1203066 CVE-2022-39189).
- commit c89b7e4
- blacklist.conf: add 3 commits for git-fixes not needed
- commit 6f1ca85
- netfilter: nf_tables: do not allow RULE_ID to refer to another
  chain (CVE-2022-2586 bsc#1202095).
- netfilter: nf_tables: do not allow CHAIN_ID to refer to another
  table (CVE-2022-2586 bsc#1202095).
- netfilter: nf_tables: do not allow SET_ID to refer to another
  table (CVE-2022-2586 bsc#1202095).
- commit 42bb8dc
- Update
  patches.suse/dccp-don-t-duplicate-ccid-when-cloning-dccp-sock.patch
  references (add CVE-2020-16119 bsc#1177471).
- commit 7d3c30f
- Update message from free_area_init (bsc#1203101)
  Refreshed:
  patches.suse/0002-mm-handle-uninitialized-numa-nodes-gracefully.patch
- commit 58d8d59
- blacklist.conf: unwanted s390 commits
- commit 7773032
- watchdog: wdat_wdt: Set the min and max timeout values properly
  (bsc#1194023).
- commit d609cb4
- kbuild: disable header exports for UML in a straightforward way
  (git-fixes).
- docs: i2c: i2c-topology: fix incorrect heading (git-fixes).
- commit 96f4a7a
- hwmon: (mr75203) enable polling for all VM channels (git-fixes).
- hwmon: (mr75203) fix multi-channel voltage reading (git-fixes).
- hwmon: (mr75203) fix voltage equation for negative source input
  (git-fixes).
- hwmon: (mr75203) update pvt->v_num and vm_num to the actual
  number of used sensors (git-fixes).
- hwmon: (mr75203) fix VM sensor allocation when "/intel,vm-map"/
  not defined (git-fixes).
- dt-bindings: hwmon: (mr75203) fix "/intel,vm-map"/ property to
  be optional (git-fixes).
- hwmon: (tps23861) fix byte order in resistance register
  (git-fixes).
- commit 4be15df
- ALSA: emu10k1: Fix out of bounds access in
  snd_emu10k1_pcm_channel_alloc() (git-fixes).
- ALSA: usb-audio: Fix an out-of-bounds bug in
  __snd_usb_parse_audio_interface() (git-fixes).
- ALSA: hda/tegra: Align BDL entry to 4KB boundary (git-fixes).
- ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC (git-fixes).
- ALSA: aloop: Fix random zeros in capture data when using
  jiffies timer (git-fixes).
- commit e787e77
- ASoC: qcom: sm8250: add missing module owner (git-fixes).
- ALSA: hda/sigmatel: Fix unused variable warning for beep power
  change (git-fixes).
- ALSA: usb-audio: Split endpoint setups for hw_params and prepare
  (git-fixes).
- ALSA: usb-audio: Register card again for iface over
  delayed_register option (git-fixes).
- ALSA: usb-audio: Inform the delayed registration more properly
  (git-fixes).
- commit fdc009b
- Move upstreamed patches into sorted section
- commit 9769cb9
- s390: fix double free of GS and RI CBs on fork() failure
  (bsc#1203197 LTC#199895).
- commit a3c49e0
- net: stmmac: dwmac-qcom-ethqos: Enable RGMII functional clock
  on resume (git-fixes).
- commit 196b9a7
- net: stmmac: dwmac-qcom-ethqos: add platform level clocks
  management (git-fixes).
- commit 9419c89
- net: axienet: fix RX ring refill allocation failure handling
  (git-fixes).
- commit 4644276
- bnx2x: fix built-in kernel driver load failure (git-fixes).
- commit 4c90c2b
- net: stmmac: only enable DMA interrupts when ready (git-fixes).
- commit 8b7732b
- net: stmmac: perserve TX and RX coalesce value during XDP setup
  (git-fixes).
- commit 7ef4525
- net: stmmac: enhance XDP ZC driver level switching performance
  (git-fixes).
- commit 0b61dc1
- bnx2x: fix driver load from initrd (git-fixes).
- commit 922bb4e
- Update metadata references
- commit b8d9524
- regulator: core: Clean up on enable failure (git-fixes).
- wifi: iwlegacy: 4965: corrected fix for potential off-by-one
  overflow in il4965_rs_fill_link_cmd() (git-fixes).
- vt: Clear selection before changing the font (git-fixes).
- clk: bcm: rpi: Prevent out-of-bounds access (git-fixes).
- mmc: core: Fix inconsistent sd3_bus_mode at UHS-I SD voltage
  switch failure (git-fixes).
- drm/i915: Skip wm/ddb readout for disabled pipes (git-fixes).
- drm/i915/glk: ECS Liva Q2 needs GLK HDMI port timing quirk
  (git-fixes).
- USB: serial: cp210x: add Decagon UCA device id (git-fixes).
- USB: serial: option: add support for Cinterion MV32-WA/WB
  RmNet mode (git-fixes).
- USB: serial: ftdi_sio: add Omron CS1W-CIF31 device id
  (git-fixes).
- USB: serial: option: add Quectel EM060K modem (git-fixes).
- USB: serial: option: add support for OPPO R11 diag port
  (git-fixes).
- media: mceusb: Use new usb_control_msg_*() routines (git-fixes).
- USB: cdc-acm: Add Icom PMR F3400 support (0c26:0020)
  (git-fixes).
- usb: xhci-mtk: relax TT periodic bandwidth allocation
  (git-fixes).
- usb: dwc3: pci: Add support for Intel Raptor Lake (git-fixes).
- usb: typec: intel_pmc_mux: Add new ACPI ID for Meteor Lake
  IOM device (git-fixes).
- usb-storage: Add ignore-residue quirk for NXP PN7462AU
  (git-fixes).
- wifi: mac80211: Fix UAF in ieee80211_scan_rx() (git-fixes).
- clk: bcm: rpi: Use correct order for the parameters of
  devm_kcalloc() (git-fixes).
- commit 8d6d69c
- net: dsa: microchip: fix bridging with more than two member
  ports (git-fixes).
- commit f2a5e08
- net: dsa: lantiq_gswip: fix use after free in gswip_remove()
  (git-fixes).
- commit 577992b
- ice: Fix KASAN error in LAG NETDEV_UNREGISTER handler
  (git-fixes).
- commit f16c949
- net: mscc: ocelot: fix all IP traffic getting trapped to CPU
  with PTP over IP (git-fixes).
- commit 391f1b3
- net: axienet: reset core on initialization prior to MDIO access
  (git-fixes).
- Refresh
  patches.suse/net-axienet-setup-mdio-unconditionally.patch.
- commit afb1beb
- net: mscc: ocelot: fix missing unlock on error in
  ocelot_hwstamp_set() (git-fixes).
- commit c38c182
- blacklist.conf: update blacklist
- commit 9d146c4
- Update
  patches.suse/watchqueue-make-sure-to-serialize-wqueue-defunct-pro.patch
  (git-fixes, CVE-2022-1882, bsc#1199904).
- add references to CVE-2022-1882, bsc#1199904
- commit b499e0d
- usb: gadget: f_uac2: fix superspeed transfer (git-fixes).
- commit 2e0f852
- Revert "/ipv6: Honor all IPv6 PIO Valid Lifetime values"/
  (bsc#1202989).
- commit 2353f59
- net: stmmac: dwc-qos: Disable split header for Tegra194
  (bsc#1194904).
- net: stmmac: disable Split Header (SPH) for Intel platforms
  (bsc#1194904).
- commit 80bcb5a
- scsi: sg: Allow waiting for commands to complete on removed
  device (git-fixes).
- scsi: smartpqi: Fix DMA direction for RAID requests (git-fixes).
- scsi: mpt3sas: Stop fw fault watchdog work item during system
  shutdown (git-fixes).
- scsi: ufs: core: Fix another task management completion race
  (git-fixes).
- scsi: ufs: core: Fix task management completion timeout race
  (git-fixes).
- commit b8be98c
- nvme-tcp: fix UAF when detecting digest errors (bsc#1200313
  bsc#1201489).
- commit d1c233b
- USB: serial: ch341: fix disabled rx timer on older devices
  (git-fixes).
- commit 9eefb78
- USB: serial: ch341: fix lost character on LCR updates
  (git-fixes).
- commit 62469ec
- USB: serial: ch314: use usb_control_msg_recv() (git-fixes).
- commit 53e1aa3
- usb: gadget: f_uac2: clean up some inconsistent indenting
  (git-fixes).
- commit 44a2b58
- usb: dwc3: gadget: Avoid duplicate requests to enable Run/Stop
  (git-fixes).
- commit f62cbbb
- s390/hugetlb: fix prepare_hugepage_range() check for 2 GB
  hugepages (git-fixes).
- s390/mm: do not trigger write fault when vma does not allow
  VM_WRITE (git-fixes).
- scsi: zfcp: Fix missing auto port scan and thus missing target
  ports (git-fixes).
- s390/zcore: fix race when reading from hardware system area
  (git-fixes).
- s390/crash: fix incorrect number of bytes to copy to user space
  (git-fixes).
- vfio/ccw: Do not change FSM state in subchannel event
  (git-fixes).
- vfio/ccw: Remove UUID from s390 debug log (git-fixes).
- s390/cpumf: Handle events cycles and instructions identical
  (git-fixes).
- s390/crash: make copy_oldmem_page() return number of bytes
  copied (git-fixes).
- s390/mm: use non-quiescing sske for KVM switch to keyed guest
  (git-fixes).
- s390/stp: clock_delta should be signed (git-fixes).
- s390/kexec: handle R_390_PLT32DBL rela in
  arch_kexec_apply_relocations_add() (git-fixes).
- commit 9886bfd
- nvme-rdma: Handle number of queue changes (bsc#1201865).
- nvme-tcp: Handle number of queue changes (bsc#1201865).
- nvmet: Expose max queues to configfs (bsc#1201865).
- commit 51b9b2e
- nvme-fabrics: parse nvme connect Linux error codes
  (bsc#1201865).
- commit f1d7d3e
- usb: dwc3: qcom: fix use-after-free on runtime-PM wakeup
  (git-fixes).
- commit d57061d
- netfilter: nf_tables: disallow binding to already bound chain
  (CVE-2022-39190 bsc#1203117).
- commit bb5b67f
- mm: pagewalk: Fix race between unmap and page walker (git-fixes,
  bsc#1203159).
- commit 35d24e5
- usb: dwc3: qcom: Add helper functions to enable,disable wake irqs (git-fixes).
- commit 4ff0a76
- usb: dwc3: dwc3-qcom: Add missing platform_device_put() in dwc3_qcom_acpi_register_core (git-fixes).
- commit a9fc9d1
- drivers: usb: dwc3-qcom: Add sdm660 compatible (git-fixes).
- commit 4f92bad
- usb: dwc3: dwc3-qcom: Fix typo in the dwc3 vbus override API (git-fixes).
- commit 88f2cbc
- ARM: dts: at91: sama5d2_icp: don't keep vdd_other enabled all
  the time (git-fixes).
- ARM: dts: at91: sama5d27_wlsom1: don't keep ldo2 enabled all
  the time (git-fixes).
- ARM: dts: at91: sama5d2_icp: specify proper regulator output
  ranges (git-fixes).
- ARM: dts: at91: sama5d27_wlsom1: specify proper regulator
  output ranges (git-fixes).
- soc: fsl: select FSL_GUTS driver for DPIO (git-fixes).
- soc: brcmstb: pm-arm: Fix refcount leak and __iomem leak bugs
  (git-fixes).
- soc: imx: gpcv2: Assert reset before ungating clock (git-fixes).
- ARM: dts: imx6qdl-kontron-samx6i: remove duplicated node
  (git-fixes).
- HID: add Lenovo Yoga C630 battery quirk (git-fixes).
- HID: AMD_SFH: Add a DMI quirk entry for Chromebooks (git-fixes).
- HID: thrustmaster: Add sparco wheel and fix array length
  (git-fixes).
- HID: asus: ROG NKey: Ignore portion of 0x5a report (git-fixes).
- fbdev: fb_pm2fb: Avoid potential divide by zero error
  (git-fixes).
- drm/amd/display: avoid doing vm_init multiple time (git-fixes).
- drm/amdgpu: Increase tlb flush timeout for sriov (git-fixes).
- drm/amd/display: Fix pixel clock programming (git-fixes).
- drm/amd/pm: add missing ->fini_microcode interface for Sienna
  Cichlid (git-fixes).
- drm/amd/display: clear optc underflow before turn off odm clock
  (git-fixes).
- drm/amd/display: For stereo keep "/FLIP_ANY_FRAME"/ (git-fixes).
- drm/amd/display: Fix HDMI VSIF V3 incorrect issue (git-fixes).
- drm/amd/display: Avoid MPC infinite loop (git-fixes).
- udmabuf: Set the DMA mask for the udmabuf device (v2)
  (git-fixes).
- media: pvrusb2: fix memory leak in pvr_probe (git-fixes).
- ACPI: thermal: drop an always true check (git-fixes).
- commit c8964fa
- mm: Force TLB flush for PFNMAP mappings before unlink_file_vma()
  (CVE-2022-39188, bsc#1203107).
- commit 3a89213
- fuse: ioctl: translate ENOSYS (bsc#1203139).
- fuse: limit nsec (bsc#1203138).
- commit 7e9c40c
- netfilter: nf_conntrack_irc: Tighten matching on DCC message
  (CVE-2022-2663 bsc#1202097).
- netfilter: nf_conntrack_irc: Fix forged IP logic (CVE-2022-2663
  bsc#1202097).
- commit 81db4dd
- blacklist.conf: breaks kABI in a hard to fix way
- commit cc459f1
- gpio: pca953x: Add mutex_lock for regcache sync in PM
  (git-fixes).
- commit 68f2e3d
- Update
  patches.kabi/kABI-Fix-kABI-after-mm-rmap-Fix-anon_vma-degree-ambi.patch
  (git-fixes, bsc#1203098).
- Update
  patches.suse/mm-rmap-Fix-anon_vma-degree-ambiguity-leading-to-double-reuse.patch
  (git-fixes, bsc#1203098).
  Add reference to bsc#1203098.
- commit 866ab35
- Revert "/clk: core: Honor CLK_OPS_PARENT_ENABLE for clk gate ops"/
  (git-fixes).
- commit 44c1db1
- Input: iforce - wake up after clearing IFORCE_XMIT_RUNNING flag
  (git-fixes).
- Input: rk805-pwrkey - fix module autoloading (git-fixes).
- tty: n_gsm: avoid call of sleeping functions from atomic context
  (git-fixes).
- tty: n_gsm: replace kicktimer with delayed_work (git-fixes).
- tty: n_gsm: initialize more members at gsm_alloc_mux()
  (git-fixes).
- tty: n_gsm: add sanity check for gsm->receive in
  gsm_receive_buf() (git-fixes).
- tty: serial: lpuart: disable flow control while waiting for
  the transmit engine to complete (git-fixes).
- serial: fsl_lpuart: RS485 RTS polariy is inverse (git-fixes).
- staging: rtl8712: fix use after free bugs (git-fixes).
- clk: bcm: rpi: Fix error handling of raspberrypi_fw_get_rate
  (git-fixes).
- clk: core: Fix runtime PM sequence in clk_core_unprepare()
  (git-fixes).
- clk: core: Honor CLK_OPS_PARENT_ENABLE for clk gate ops
  (git-fixes).
- hwmon: (gpio-fan) Fix array out of bounds access (git-fixes).
- commit f95732e
- ALSA: hda/sigmatel: Keep power up while beep is enabled
  (bsc#1200544).
- commit 9d2056c
- Revert "/usb: gadget: udc-xilinx: replace memcpy with
  memcpy_toio"/ (git-fixes).
- commit fa5bfaa
- mmc: core: Fix UHS-I SD 1.8V workaround branch (git-fixes).
- drm/i915: fix null pointer dereference (git-fixes).
- soundwire: qcom: fix device status array range (git-fixes).
- misc: fastrpc: fix memory corruption on open (git-fixes).
- misc: fastrpc: fix memory corruption on probe (git-fixes).
- iio: ad7292: Prevent regulator double disable (git-fixes).
- iio: adc: mcp3911: use correct formula for AD conversion
  (git-fixes).
- iio: adc: mcp3911: make use of the sign bit (git-fixes).
- usb: cdns3: fix issue with rearming ISO OUT endpoint
  (git-fixes).
- usb: cdns3: fix incorrect handling TRB_SMM flag for ISOC
  transfer (git-fixes).
- usb: gadget: mass_storage: Fix cdrom data transfers on MAC-OS
  (git-fixes).
- usb: dwc2: fix wrong order of phy_power_on and phy_init
  (git-fixes).
- usb: gadget: udc-xilinx: replace memcpy with memcpy_toio
  (git-fixes).
- thunderbolt: Use the actual buffer in tb_async_error()
  (git-fixes).
- usb: typec: altmodes/displayport: correct pin assignment for
  UFP receptacles (git-fixes).
- usb: typec: tcpm: Return ENOTSUPP for power supply prop writes
  (git-fixes).
- musb: fix USB_MUSB_TUSB6010 dependency (git-fixes).
- platform/x86: pmc_atom: Fix SLP_TYPx bitfield mask (git-fixes).
- commit b6c0927
- drm/msm/dsi: Fix number of regulators for SDM660 (git-fixes).
- drm/msm/dsi: Fix number of regulators for msm8996_dsi_cfg
  (git-fixes).
- drm/msm/dp: delete DP_RECOVERED_CLOCK_OUT_EN to fix tps4
  (git-fixes).
- drm/msm/dsi: fix the inconsistent indenting (git-fixes).
- drm/i915/display: avoid warnings when registering dual panel
  backlight (git-fixes).
- drm/i915/reg: Fix spelling mistake "/Unsupport"/ -> "/Unsupported"/
  (git-fixes).
- driver core: Don't probe devices after bus_type.match() probe
  deferral (git-fixes).
- commit ed7d76e
- s390/hypfs: avoid error message under KVM (bsc#1032323).
- commit d15dd85
- xen/privcmd: fix error exit of privcmd_ioctl_dm_op()
  (git-fixes).
- commit b3967e5
- xen/xenbus: fix return type in xenbus_file_read() (git-fixes).
- commit 83dc2f8
- KVM: X86: avoid uninitialized 'fault.async_page_fault' from
  fixed-up #PF (git-fixes).
- commit 5ee26ea
- KVM: x86: revalidate steal time cache if MSR value changes
  (git-fixes).
- commit 5409e90
- KVM: nVMX: Set UMIP bit CR4_FIXED1 MSR when emulating UMIP
  (git-fixes).
- commit 3aea465
- KVM: nVMX: Let userspace set nVMX MSR to any _host_ supported
  value (git-fixes).
- commit 5500abe
- KVM: nVMX: Inject #UD if VMXON is attempted with incompatible
  CR0/CR4 (git-fixes).
- commit b35717b
- KVM: x86: Set error code to segment selector on LLDT/LTR
  non-canonical #GP (git-fixes).
- commit 60b85eb
- KVM: x86: Mark TSS busy during LTR emulation _after_ all fault
  checks (git-fixes).
- commit a591a18
- KVM: nVMX: Snapshot pre-VM-Enter DEBUGCTL for
  !nested_run_pending case (git-fixes).
- commit 92eb839
- KVM: nVMX: Snapshot pre-VM-Enter BNDCFGS for !nested_run_pending
  case (git-fixes).
- commit 280d133
- KVM: SVM: Unwind "/speculative"/ RIP advancement if INTn injection
  "/fails"/ (git-fixes).
- commit 2197604
- KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0
  (git-fixes).
- commit 96927c2
- KVM: VMX: Print VM-instruction error as unsigned (git-fixes).
- commit 68c3e1f
- KVM: nVMX: Defer APICv updates while L2 is active until L1 is
  active (git-fixes).
- commit f2721a9
- KVM: SVM: fix panic on out-of-bounds guest IRQ (git-fixes).
- commit c23060e
- KVM: x86: Forbid VMM to set SYNIC/STIMER MSRs when SynIC wasn't
  activated (git-fixes).
- commit d1a201b
- KVM: x86: Avoid theoretical NULL pointer dereference in
  kvm_irq_delivery_to_apic_fast() (git-fixes).
- commit bd3093f
- KVM: x86: Check lapic_in_kernel() before attempting to set a
  SynIC irq (git-fixes).
- commit fab67c0
- KVM: x86: hyper-v: Drop redundant 'ex' parameter from
  kvm_hv_flush_tlb() (git-fixes).
- commit e697bdc
- scsi: lpfc: Copyright updates for 14.2.0.6 patches
  (bsc#1203063).
- scsi: lpfc: Update lpfc version to 14.2.0.6 (bsc#1203063).
- scsi: lpfc: Remove SANDiags related code (bsc#1203063).
- scsi: lpfc: Add warning notification period to CMF_SYNC_WQE
  (bsc#1203063).
- scsi: lpfc: Rework MIB Rx Monitor debug info logic
  (bsc#1203063).
- scsi: lpfc: Fix null ndlp ptr dereference in abnormal exit
  path for GFT_ID (bsc#1203063).
- scsi: lpfc: Fix unsolicited FLOGI receive handling during
  PT2PT discovery (bsc#1203063).
- scsi: lpfc: Check the return value of alloc_workqueue()
  (bsc#1203063).
- commit 0cdf70f
- mtd: rawnand: gpmi: Set WAIT_FOR_READY timeout based on
  program/erase times (git-fixes).
- commit 5abb01b
- Drop mtd patch that was reverted in the stable tree
  It may lead to some data loss, hence reverted in the upstream stable tree.
- commit 6e6a4da
- kabi/severities: ignore kABI changes in mwifiex drivers
  Those symbols are used only locally in mwifiex (sub-)modules.
- commit 60b35e7
- mwifiex: Ignore BTCOEX events from the 88W8897 firmware
  (git-fixes).
- commit aa22b95
- blacklist.conf: Add mwifiex entries that have been reverted in stable tree
- commit d49d2ba
- spi: Fix incorrect cs_setup delay handling (git-fixes).
- vdpa_sim: avoid putting an uninitialized iova_domain
  (git-fixes).
- commit 832166f
- blacklist.conf: add already reverted commit for stable-5.15.x
- commit fe76880
- scsi: lpfc: Copyright updates for 14.2.0.5 patches
  (bsc#1201956).
- scsi: lpfc: Update lpfc version to 14.2.0.5 (bsc#1201956).
- scsi: lpfc: Remove Menlo/Hornet related code (bsc#1201956).
- scsi: lpfc: Refactor lpfc_nvmet_prep_abort_wqe() into
  lpfc_sli_prep_abort_xri() (bsc#1201956).
- scsi: lpfc: Revert RSCN_MEMENTO workaround for misbehaved
  configuration (bsc#1201956).
- scsi: lpfc: Fix lost NVMe paths during LIF bounce stress test
  (bsc#1201956).
- scsi: lpfc: Fix attempted FA-PWWN usage after feature disable
  (bsc#1201956).
- scsi: lpfc: Fix possible memory leak when failing to issue
  CMF WQE (bsc#1201956).
- scsi: lpfc: Remove extra atomic_inc on cmd_pending in
  queuecommand after VMID (bsc#1201956).
- scsi: lpfc: Set PU field when providing D_ID in
  XMIT_ELS_RSP64_CX iocb (bsc#1201956).
- scsi: lpfc: Prevent buffer overflow crashes in debugfs with
  malformed user input (bsc#1201956).
- scsi: lpfc: Fix uninitialized cqe field in
  lpfc_nvme_cancel_iocb() (bsc#1201956).
- commit 7b86962
- blacklist.conf: update blacklist
- commit b02d3d9
- net: dsa: felix: purge skb from TX timestamping queue if it
  cannot be sent (git-fies).
- commit 9da9e21
- net: dsa: tag_ocelot_8021q: break circular dependency with
  ocelot switch lib (git-fies).
- Refresh
  patches.suse/net-dsa-felix-break-at-first-CPU-port-during-init-an.patch.
- commit 0908246
- Input: i8042 - add additional TUXEDO devices to i8042 quirk
  tables (git-fies).
- Input: i8042 - add TUXEDO devices to i8042 quirk tables
  (git-fies).
- commit bba711c
- Input: i8042 - merge quirk tables (git-fies).
- Refresh
  patches.suse/Input-i8042-Apply-probe-defer-to-more-ASUS-ZenBook-m.patch.
- commit 18e20bc
- Input: i8042 - move __initconst to fix code styling warning
  (git-fies).
- commit 783d1cd
- nouveau: explicitly wait on the fence in nouveau_bo_move_m2mf
  (git-fies).
- loop: Check for overflow while configuring loop (git-fies).
- wifi: rtlwifi: remove always-true condition pointed out by
  GCC 12 (git-fies).
- commit a3214fc
- fbdev: fbcon: Properly revert changes when vc_resize() failed
  (git-fies).
- commit 165b4a4
- kcm: fix strp_init() order and cleanup (git-fies).
- ethernet: rocker: fix sleep in atomic context bug in
  neigh_timer_handler (git-fies).
- commit d2a4fb7
- Drop usbnet patches that caused problems on stable 5.15
- commit c6293d4
- HID: steam: Prevent NULL pointer dereference in
  steam_{recv,send}_report (git-fies).
- commit bc8005d
- Add already cherry-picked AMD gfx commits to Alt-commit
- commit f32f5d7
- blacklist.conf: add ax25 entry that isn't applicable to SLE15-SP4 kernel
- commit 4066ddd
- ax25: Fix ax25 session cleanup problems (git-fixes).
- Refresh patches.kabi/net-ax25_dev-kabi-workaround.patch.
- commit 0281308
- drm/amd/display: Fix surface optimization regression on Carrizo
  (git-fixes).
- commit 71b9a30
- mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse
  (git-fixes).
  kABI: Fix kABI after "/mm/rmap: Fix anon_vma->degree ambiguity
  leading to double-reuse"/ (git-fixes).
- commit 513d1e1
- drm/amd/display: Reset DMCUB before HW init (git-fixes).
- drm/amd/display: Optimize bandwidth on following fast update
  (git-fixes).
- drm/amd/display: Add option to defer works of hpd_rx_irq
  (git-fixes).
- commit 026dde7
- Drop a wrongly picked up batmna-adv patch
  Blacklist it as well
- commit 16220d6
- blacklist.conf: Add already reverted ACPI PM entries
- commit f0bfc90
- Update patch reference for media fix (CVE-2022-3078 bsc#1203041)
- commit 0804984
- ieee802154/adf7242: defer destroy_workqueue call (git-fixes).
- Bluetooth: L2CAP: Fix build errors in some archs (git-fixes).
- wifi: cfg80211: debugfs: fix return type in ht40allow_map_read()
  (git-fixes).
- wifi: mac80211: Don't finalize CSA in IBSS mode if state is
  disconnected (git-fixes).
- ALSA: usb-audio: Add quirk for LH Labs Geek Out HD Audio 1V5
  (git-fixes).
- ALSA: hda/realtek: Add speaker AMP init for Samsung laptops
  with ALC298 (git-fixes).
- ALSA: hda: intel-nhlt: Correct the handling of fmt_config
  flexible array (git-fixes).
- ALSA: seq: Fix data-race at module auto-loading (git-fixes).
- ALSA: seq: oss: Fix data-race for max_midi_devs access
  (git-fixes).
- commit 3a9bb8d
- KVM: x86/mmu: make apf token non-zero to fix bug (git-fixes).
- commit e35969c
- KVM: x86/mmu: Zap _all_ roots when unmapping gfn range in TDP
  MMU (git-fixes).
- commit ef21a23
- KVM: x86/mmu: Move "/invalid"/ check out of kvm_tdp_mmu_get_root()
  (git-fixes).
- commit b06d410
- KVM: x86: SVM: don't passthrough SMAP/SMEP/PKE bits in !NPT &&
  !gCR0.PG case (git-fixes).
- commit 31c8f31
- KVM: SVM: Don't intercept #GP for SEV guests (git-fixes).
- commit 97eedc7
- blacklist.conf: Add two commits
  5102bb1c9f82 psi: Fix "/defined but not used"/ warnings when CONFIG_PROC_FS=n
  ec2444530612 psi: Fix "/no previous prototype"/ warnings when CONFIG_CGROUPS=n
- commit 0f4ea54
- KVM: LAPIC: Also cancel preemption timer during SET_LAPIC
  (git-fixes).
- commit c7dbeaf
- KVM: VMX: switch blocked_vcpu_on_cpu_lock to raw spinlock
  (git-fixes).
- commit 0f30cb5
- xen/gntdev: fix unmap notification order (git-fixes).
- commit 556f435
- md/raid1: fix missing bitmap update w/o WriteMostly devices
  (bsc#1203036).
- commit 4e8b0d8
- KVM: nVMX: Synthesize TRIPLE_FAULT for L2 if emulation is
  required (git-fixes).
- commit f36e374
- KVM: x86: remove PMU FIXED_CTR3 from msrs_to_save_all
  (git-fixes).
- commit 967f4a3
- KVM: x86: check PIR even for vCPUs with disabled APICv
  (git-fixes).
- commit 109f3b2
- KVM: VMX: prepare sync_pir_to_irr for running with APICv
  disabled (git-fixes).
- commit d503d18
- KVM: MMU: shadow nested paging does not have PKU (git-fixes).
- commit a1f1354
- KVM: X86: Use vcpu->arch.walk_mmu for kvm_mmu_invlpg()
  (git-fixes).
- commit 779fd48
- KVM: x86: ignore APICv if LAPIC is not enabled (git-fixes).
- commit a7fa5e6
- xen: detect uninitialized xenbus in xenbus_init (git-fixes).
- commit bdde7fc
- KVM: x86/mmu: include EFER.LMA in extended mmu role (git-fixes).
- commit 97d9b98
- KVM: nVMX: don't use vcpu->arch.efer when checking host state
  on nested state load (git-fixes).
- commit 5bf1fed
- xen: don't continue xenstore initialization in case of errors
  (git-fixes).
- commit e090e14
- KVM: x86/mmu: Don't freak out if pml5_root is NULL on 4-level
  host (git-fixes).
- commit 00a89e1
- rpm/kernel-source.spec.in: simplify finding of broken symlinks
  "/find -xtype l"/ will report them, so use that to make the search a bit
  faster (without using shell).
- commit 13bbc51
- kabi/severities: add drivers/scsi/hisi_sas for bsc#1202471
- commit 0f9d7a1
- powerpc: Avoid discarding flags in system_call_exception()
  (bsc#1194869).
- commit df6bb12
- llc: fix netdevice reference leaks in llc_ui_bind()
  (CVE-2022-28356 bsc#1197391).
- commit 42c82d5
- mkspec: eliminate @NOSOURCE@ macro
  This should be alsways used with @SOURCES@, just include the content
  there.
- commit 403d89f
- kernel-source: include the kernel signature file
  We assume that the upstream tarball is used for released kernels.
  Then we can also include the signature file and keyring in the
  kernel-source src.rpm.
  Because of mkspec code limitation exclude the signature and keyring from
  binary packages always - mkspec does not parse spec conditionals.
- commit e76c4ca
- kernel-binary: move @NOSOURCE@ to @SOURCES@ as in other packages
- commit 4b42fb2
- dtb: Do not include sources in src.rpm - refer to kernel-source
  Same as other kernel binary packages there is no need to carry duplicate
  sources in dtb packages.
- commit 1bd288c
- af_key: Do not call xfrm_probe_algs in parallel (bsc#1202898
  CVE-2022-3028).
- commit d480d95
- Update patches.suse/watchdog-export-lockup_detector_reconfigure.patch (bsc#1202872 ltc#197920).
- commit 310a79a
- ipmi: fix initialization when workqueue allocation fails
  (git-fixes).
- commit 4e7ceb0
- kABI: scsi: libiscsi: fix removal of iscsi_create_conn
  (bsc#1198410).
- commit 3bc90b6
- blacklist.conf: Add a few entries for ALSA
- commit ce7ed14
- asm-generic: sections: refactor memory_intersects (git-fixes).
- commit bfaae5b
- ext4: fix incorrect type issue during replay_del_range
  (bsc#1202867).
- commit d192fa1
- blacklist.conf: Add reverted patch
  d11219ad53dc amdgpu: disable powerpc support for the newer display engine
  c653c591789b drm/amdgpu: Re-enable DCN for 64-bit powerpc
- commit 15ec992
- bpf: Don't use tnum_range on array range checking for poke
  descriptors (bsc#1202564 bsc#1202860 CVE-2022-2905).
- commit 56cd61e
- ACPI: processor: Remove freq Qos request for all CPUs
  (git-fixes).
- commit 57c696d
- Move upstreamed patches into sorted section
- commit 1d06339
- arm64: fix rodata=full (git-fixes).
- arm64: Fix match_list for erratum 1286807 on Arm Cortex-A76
  (git-fixes).
- commit 470861e
- scsi: libiscsi: Add iscsi_cls_conn to sysfs after initialization
  (bsc#1198410).
- Refresh
  patches.kabi/kABI-fix-removal-of-iscsi_destroy_conn.patch.
- Refresh
  patches.suse/scsi-libiscsi-Teardown-iscsi_cls_conn-gracefully.patch.
- commit bb43920
- ceph: don't truncate file in atomic_open (bsc#1202824).
- ceph: don't leak snap_rwsem in handle_cap_grant (bsc#1202823).
- ceph: use correct index when encoding client supported features
  (bsc#1202822).
- commit d0f574e
- tracing: Have filter accept "/common_cpu"/ to be consistent
  (git-fixes).
- commit 31941eb
- tracing/probes: Have kprobes and uprobes use $COMM too
  (git-fixes).
- commit 55e2fc7
- tracing: Use a struct alignof to determine trace event field
  alignment (git-fixes).
- commit 500082c
- ftrace/x86: Add back ftrace_expected assignment (git-fixes).
- commit d5efa05
- spmi: trace: fix stack-out-of-bound access in SPMI tracing
  functions (git-fixes).
- commit 904f517
- blacklist.conf: tracepoint cleanup for drivers/char/random
- commit 15d84d3
- ratelimit: Fix data-races in ___ratelimit() (git-fixes).
- nfc: pn533: Fix use-after-free bugs caused by pn532_cmd_timeout
  (git-fixes).
- r8152: fix the RX FIFO settings when suspending (git-fixes).
- r8152: fix the units of some registers for RTL8156A (git-fixes).
- rose: check NULL rose_loopback_neigh->loopback (git-fixes).
- spi: meson-spicc: add local pow2 clock ops to preserve rate
  between messages (git-fixes).
- regulator: pca9450: Remove restrictions for regulator-name
  (git-fixes).
- pinctrl: qcom: sm8250: Fix PDC map (git-fixes).
- venus: pm_helpers: Fix warning in OPP during probe (git-fixes).
- tty: serial: Fix refcount leak bug in ucc_uart.c (git-fixes).
- video: fbdev: i740fb: Check the argument of i740_calc_vclk()
  (git-fixes).
- vfio: Clear the caps->buf to NULL after free (git-fixes).
- PCI/ACPI: Guard ARM64-specific mcfg_quirks (git-fixes).
- phy: samsung: phy-exynos-pcie: sanitize init/power_on callbacks
  (git-fixes).
- PCI: aardvark: Fix reporting Slot capabilities on emulated
  bridge (git-fixes).
- PCI: Add ACS quirk for Broadcom BCM5750x NICs (git-fixes).
- pinctrl: intel: Check against matching data instead of ACPI
  companion (git-fixes).
- platform/chrome: cros_ec_proto: don't show MKBP version if
  unsupported (git-fixes).
- usb: dwc2: gadget: remove D+ pull-up while no vbus with
  usb-role-switch (git-fixes).
- usb: renesas: Fix refcount leak bug (git-fixes).
- usb: host: ohci-ppc-of: Fix refcount leak bug (git-fixes).
- usb: gadget: uvc: call uvc uvcg_warn on completed status
  instead of uvcg_info (git-fixes).
- usb: cdns3: fix random warning message when driver load
  (git-fixes).
- usb: cdns3 fix use-after-free at workaround 2 (git-fixes).
- vboxguest: Do not use devm for irq (git-fixes).
- commit 4349f84
- net: phy: Don't WARN for PHY_READY state in
  mdio_bus_phy_resume() (git-fixes).
- drm/ttm: Fix dummy res NULL ptr deref bug (git-fixes).
- drm/nouveau: recognise GA103 (git-fixes).
- lib/list_debug.c: Detect uninitialized lists (git-fixes).
- irqchip/tegra: Fix overflow implicit truncation warnings
  (git-fixes).
- mmc: tmio: avoid glitches when resetting (git-fixes).
- HID: multitouch: new device class fix Lenovo X12 trackpad sticky
  (git-fixes).
- gadgetfs: ep_io - wait until IRQ finishes (git-fixes).
- habanalabs/gaudi: mask constant value before cast (git-fixes).
- habanalabs/gaudi: fix shift out of bounds (git-fixes).
- commit 5ff4970
- audit: fix potential double free on error path from
  fsnotify_add_inode_mark (git-fixes).
- apparmor: fix overlapping attachment computation (git-fixes).
- apparmor: fix setting unconfined mode on a loaded profile
  (git-fixes).
- apparmor: Fix memleak in aa_simple_write_to_buffer()
  (git-fixes).
- apparmor: fix reference count leak in aa_pivotroot()
  (git-fixes).
- apparmor: fix aa_label_asxprint return check (git-fixes).
- apparmor: Fix failed mount permission check error message
  (git-fixes).
- apparmor: fix quiet_denied for file rules (git-fixes).
- apparmor: fix absroot causing audited secids to begin with =
  (git-fixes).
- ASoC: rsnd: care default case on rsnd_ssiu_busif_err_irq_ctrl()
  (git-fixes).
- drm/meson: Fix overflow implicit truncation warnings
  (git-fixes).
- dmaengine: sprd: Cleanup in .remove() after
  pm_runtime_get_sync() failed (git-fixes).
- dmaengine: dw-axi-dmac: ignore interrupt if no descriptor
  (git-fixes).
- dmaengine: dw-axi-dmac: do not print NULL LLI during error
  (git-fixes).
- clk: qcom: clk-alpha-pll: fix clk_trion_pll_configure
  description (git-fixes).
- clk: qcom: ipq8074: dont disable gcc_sleep_clk_src (git-fixes).
- clk: ti: Stop using legacy clkctrl names for omap4 and 5
  (git-fixes).
- commit 7a7a70b
- blacklist.conf: Blacklist 5f41fdaea63d
- commit 63ae0ad
- ext4: add new helper interface ext4_try_to_trim_range()
  (bsc#1202783).
- commit dc835b8
- block: only mark bio as tracked if it really is tracked
  (bsc#1202782).
- commit 7abc7a3
- block: fix rq-qos breakage from skipping rq_qos_done_bio()
  (bsc#1202781).
- commit 5d80bdd
- block: Fix wrong offset in bio_truncate() (bsc#1202780).
- commit c0f694e
- block: Fix fsync always failed if once failed (bsc#1202779).
- commit f5086dc
- jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when
  journal aborted (bsc#1202716).
- commit e87146c
- jbd2: fix outstanding credits assert in
  jbd2_journal_commit_transaction() (bsc#1202715).
- commit 84aa1b1
- ocfs2: dlmfs: fix error handling of user_dlm_destroy_lock
  (bsc#1202778).
- commit f5a554b
- fs-writeback: writeback_sb_inodes: Recalculate 'wrote' according skipped pages
  (bsc#1200873).
- commit cee5b60
- ocfs2: fix a deadlock when commit trans (bsc#1202776).
- commit a5aedb3
- jbd2: export jbd2_journal_[grab|put]_journal_head (bsc#1202775).
- commit 28e460c
- blacklist.conf: Blacklist d41b60359ffb
- commit edba519
- filemap: Handle sibling entries in filemap_get_read_batch()
  (bsc#1202774).
- commit 9c6d1b4
- mm: bdi: initialize bdi_min_ratio when bdi is unregistered
  (bsc#1197763).
- commit 279cc3f
- udf: Fix crash after seekdir (bsc#1194592).
- commit 6ef60fc
- ext4: recover csum seed of tmp_inode after migrating to extents
  (bsc#1202713).
- commit 75eb2be
- ext4: add reserved GDT blocks check (bsc#1202712).
- commit 838aa12
- ext4: fix super block checksum incorrect after mount
  (bsc#1202773).
- commit 613c9ba
- ext4: filter out EXT4_FC_REPLAY from on-disk superblock field
  s_state (bsc#1202771).
- commit 047da7e
- ext4: fix bug_on in ext4_writepages (bsc#1200872).
- commit ce23454
- ext4: mark group as trimmed only if it was fully scanned
  (bsc#1202770).
- commit b2f9c26
- ext4: fix use-after-free in ext4_rename_dir_prepare
  (bsc#1200871).
- commit fdc3142
- ext4: fix warning in ext4_handle_inode_extension (bsc#1202711).
- commit 2d0922d
- ext4: force overhead calculation if the s_overhead_cluster
  makes no sense (bsc#1200870).
- commit 9fdbd44
- ext4: fix overhead calculation to account for the reserved
  gdt blocks (bsc#1200869).
- commit f11e4d9
- ext4: fix use-after-free in ext4_search_dir (bsc#1202710).
- commit 42b5ddf
- ext4: fix symlink file size not match to file content
  (bsc#1200868).
- commit 7082685
- ext4: fix fallocate to use file_modified to update permissions
  consistently (bsc#1202769).
  Refresh ext4-fix-race-condition-between-ext4_write-and-ext4_.patch
- commit f4c0654
- ext4: fix fs corruption when tring to remove a non-empty
  directory with IO error (bsc#1202768).
- commit eba8ff9
- ext4: fix error handling in ext4_fc_record_modified_inode()
  (bsc#1202767).
- commit c4c9f59
- tracing: Add ustring operation to filtering string pointers
  (git-fixes).
- commit aa3d4b0
- ext4: fix error handling in ext4_restore_inline_data()
  (bsc#1197757).
- commit 5104a0b
- ext4: modify the logic of ext4_mb_new_blocks_simple
  (bsc#1202766).
- commit 0a7e7a5
- trace/timerlat: Add migrate-disabled field to the timerlat
  header (git-fixes).
- commit 967569f
- trace/osnoise: Add migrate-disabled field to the osnoise header
  (git-fixes).
- commit 72b3729
- tpm: fix reference counting for struct tpm_chip (CVE-2022-2977
  bsc#1202672).
- commit 1a35f98
- ext4: prevent used blocks from being allocated during fast
  commit replay (bsc#1202765).
- commit 62f3764
- ext4: don't use the orphan list when migrating an inode
  (bsc#1197756).
- commit d6830f3
- ext4: fix null-ptr-deref in '__ext4_journal_ensure_credits'
  (bsc#1202764).
- commit 4c705fb
- ext4: initialize err_blk before calling __ext4_get_inode_loc
  (bsc#1202763).
- commit 12cb4fe
- ext4: fix a possible ABBA deadlock due to busy PA (bsc#1202762).
- commit 82f3f5b
- ext4: make sure to reset inode lockdep class when quota enabling
  fails (bsc#1202761).
- commit 187abff
- ext4: make sure quota gets properly shutdown on error
  (bsc#1195480).
- commit d6d02d9
- ext4: Fix BUG_ON in ext4_bread when write quota data
  (bsc#1197755).
- commit 507809a
- ext4: fast commit may miss tracking unwritten range during
  ftruncate (bsc#1202759).
- commit 4941736
- ext4: use ext4_ext_remove_space() for fast commit replay delete
  range (bsc#1202758).
- commit 5de593d
- ext4: fix fast commit may miss tracking range for
  FALLOC_FL_ZERO_RANGE (bsc#1202757).
- commit 05b0f97
- Update references to mention CVE-2022-2938:
  patches.suse/psi-Fix-uaf-issue-when-psi-trigger-is-destroyed-whil.patch
  (CVE-2022-2938 bsc#1202623).
- commit 58b2b90
- supported.conf: mark lib/objagg supported as dependency of mlxsw
- commit 0d78453
- x86/speculation: Disable RRSBA behavior (bsc#1201455
  CVE-2022-28693).
- Refresh
  patches.suse/x86-speculation-Add-RSB-VM-Exit-protections.patch.
- commit 916d5d1
- xfs: fix perag reference leak on iteration race with growfs
  (git-fixes).
- commit fc22ca3
- x86/sgx: Set active memcg prior to shmem allocation (bsc#1199515
  CVE-2021-33135).
- commit 7552707
- Refresh
  patches.suse/nvme-auth-align-to-pre-upstream-FFDHE-implementation.patch.
- commit 8ff61f9
- net_sched: cls_route: disallow handle of 0 (bsc#1202393).
- commit 1cf844d
- net_sched: cls_route: remove from list when handle is 0
  (CVE-2022-2588 bsc#1202096).
- commit a6b8223
- Update patch reference for pipe fix (CVE-2022-2959 bsc#1202681)
- commit a95d764
- Revert "/x86/sev: Expose sev_es_ghcb_hv_call() for use by HyperV"/
  (bsc#1190497).
- commit ed5d2dc
- x86/Hyper-V: Add SEV negotiate protocol support in Isolation VM
  (bsc#1190497).
- commit a4c420a
- nvme: fix RCU hole that allowed for endless looping in multipath
  round robin (bsc#1202636).
- commit a4e7029
- netfilter: nf_queue: do not allow packet truncation below
  transport header offset (bsc#1201940 CVE-2022-36946).
- commit 3d5dd8d
- x86/sev: Define the Linux-specific guest termination reasons
  (bsc#1190497).
- commit 3fc5505
- powerpc/perf: Optimize clearing the pending PMI and remove
  WARN_ON for PMI check in power_pmu_disable (bsc#1156395).
- commit a66ab60
- powerpc/xive: Fix refcount leak in xive_get_max_prio
  (fate#322438 git-fixess).
- commit 8fc0a92
- powerpc: Enable execve syscall exit tracepoint (bsc#1065729).
- commit 3ad5660
- blacklist.conf: Add c26d4c5d4f0d powerpc/kvm: Remove obsolete and unneeded select
- commit a450e76
- KVM: PPC: Book3s HV: Remove unused function kvmppc_bad_interrupt
  (bsc#1194869).
- KVM: PPC: Book3S HV: Remove kvmhv_p9_[set,restore]_lpcr
  declarations (bsc#1194869).
- KVM: PPC: Book3S HV: fix incorrect NULL check on list iterator
  (bsc#1194869).
- KVM: PPC: Book3S HV: Check return value of kvmppc_radix_init
  (bsc#1194869).
- commit fad23fe
- KVM: PPC: Fix vmx/vsx mixup in mmio emulation (bsc#1156395).
- KVM: PPC: Book3S HV: Prevent POWER7/8 TLB flush flushing SLB
  (bsc#1156395).
- KVM: PPC: Book3S HV: Use GLOBAL_TOC for
  kvmppc_h_set_dabr/xdabr() (bsc#1156395).
- commit a66766c
- blacklist.conf: pure cleanup, no code change
- commit e6e83f0
- xfs: use invalidate_lock to check the state of mmap_lock
  (git-fixes).
- commit ae198f6
- supported.conf: mark mlxsw modules supported (jsc#SLE-23766)
- commit c490bf8
- blacklist.conf: cleanup with a risk of regressions
- commit c2bd63f
- net: dsa: seville: register the mdiobus under devres
  (git-fixes).
- commit 5ef3360
- net: dsa: ocelot: seville: utilize of_mdiobus_register
  (git-fixes).
- commit 9185efa
- net: mscc: ocelot: don't dereference NULL pointers with shared
  tc filters (git-fixes).
- commit c98d515
- net: marvell: prestera: fix incorrect structure access
  (git-fixes).
- commit 9ea3b2b
- net: dsa: felix: Fix memory leak in felix_setup_mmio_filtering
  (git-fixes).
- commit ee01535
- net: dsa: mv88e6xxx: error handling for serdes_power functions
  (git-fixes).
- commit 782dad0
- vrf: don't run conntrack on vrf with !dflt qdisc (git-fixes).
- commit 33928ef
- net: dsa: mv88e6xxx: fix "/don't use PHY_DETECT on internal
  PHY's"/ (git-fixes).
- Refresh
  patches.suse/net-dsa-mv88e6xxx-Unforce-speed-duplex-in-mac_link_d.patch.
- commit ab3f5a5
- blacklist.conf: update blacklist
- commit 7f6807d
- Update patches.suse/PCI-Add-support-for-ACPI-_RST-reset-method.patch (jsc#SLE-19359 jsc#SLE-24572)
- commit 6765137
- net: dsa: b53: Add SPI ID table (git-fixes).
- commit ccf6538
- net: mscc: ocelot: correctly report the timestamping RX filters
  in ethtool (git-fixes).
- commit afd7296
- net: mscc: ocelot: set up traps for PTP packets (git-fixes).
- commit acf9d1f
- net: mscc: ocelot: create a function that replaces an existing
  VCAP filter (git-fixes).
- commit ec00bd5
- net: ptp: add a definition for the UDP port for IEEE 1588
  general messages (git-fixes).
- commit 35ce0e7
- net: dsa: qca8k: fix MTU calculation (git-fixes).
- commit bce505c
- blacklist.conf: update blacklist
- commit 61c1944
- net: stmmac: fix off-by-one error in sanity check (git-fixes).
- commit 09fc6c2
- blacklist.conf: update blacklist
- commit 9f34c2e
- ext4: Fix check for block being out of directory size
  (bsc#1198577 CVE-2022-1184).
- commit a54fb25
- ext4: make sure ext4_append() always allocates new block
  (bsc#1198577 CVE-2022-1184).
- commit 1a13c4d
- ext4: check if directory block is within i_size (bsc#1198577
  CVE-2022-1184).
- commit 226e379
- i2c: imx: Make sure to unregister adapter on remove()
  (git-fixes).
- kbuild: fix the modules order between drivers and libs
  (git-fixes).
- ata: libata-eh: Add missing command name (git-fixes).
- mmc: meson-gx: Fix an error handling path in meson_mmc_probe()
  (git-fixes).
- mmc: pxamci: Fix another error handling path in pxamci_probe()
  (git-fixes).
- mmc: pxamci: Fix an error handling path in pxamci_probe()
  (git-fixes).
- commit 64ae33d
- xfs: use setattr_copy to set vfs inode attributes (git-fixes).
- commit 6835ddd
- xfs: terminate perag iteration reliably on agcount (git-fixes).
- commit f2327cf
- xfs: rename the next_agno perag iteration variable (git-fixes).
- commit dc975df
- xfs: fold perag loop iteration logic into helper function
  (git-fixes).
- commit d6c5eb4
- xfs: prevent UAF in xfs_log_item_in_current_chkpt (git-fixes).
- commit 083e5a4
- xfs: only bother with sync_filesystem during readonly remount
  (git-fixes).
- commit fce9137
- xfs: reorder iunlink remove operation in xfs_ifree (git-fixes).
- commit 725e89d
- xfs: fix soft lockup via spinning in filestream ag selection
  loop (git-fixes).
- commit aaf842c
- xfs: revert "/xfs: actually bump warning counts when we send
  warnings"/ (git-fixes).
- commit 5fc6378
- xfs: prevent a UAF when log IO errors race with unmount
  (git-fixes).
- commit d15470c
- xfs: fix use-after-free in xattr node block inactivation
  (git-fixes).
- commit bc104ad
- xfs: check sb_meta_uuid for dabuf buffer recovery (git-fixes).
- commit 92ffd3b
- xfs: remove incorrect ASSERT in xfs_rename (git-fixes).
- commit 233c708
- xfs: use kmem_cache_free() for kmem_cache objects (git-fixes).
- commit bd04c03
- xfs: make xfs_rtalloc_query_range input parameters const
  (git-fixes).
- commit b0a0ff8
- xfs: Fix the free logic of state in xfs_attr_node_hasname
  (git-fixes).
- commit dd3f833
- ALSA: hda/conexant: add a new hda codec SN6140 (git-fixes).
- commit a5b7f1f
- ALSA: hda/realtek: Add quirk for Clevo NS50PU, NS70PU
  (git-fixes).
- commit 46ab003
- ALSA: info: Fix llseek return value when using callback
  (git-fixes).
- ASoC: codec: tlv320aic32x4: fix mono playback via I2S
  (git-fixes).
- ASoC: tas2770: Fix handling of mute/unmute (git-fixes).
- ASoC: tas2770: Drop conflicting set_bias_level power setting
  (git-fixes).
- ASoC: tas2770: Allow mono streams (git-fixes).
- ASoC: tas2770: Set correct FSYNC polarity (git-fixes).
- ASoC: SOF: debug: Fix potential buffer overflow by snprintf()
  (git-fixes).
- drm/amdgpu: remove useless condition in
  amdgpu_job_stop_all_jobs_on_sched() (git-fixes).
- drm/amd/display: Check correct bounds for stream encoder
  instances for DCN303 (git-fixes).
- drm/sun4i: dsi: Prevent underflow when computing packet sizes
  (git-fixes).
- drm/meson: Fix refcount bugs in
  meson_vpu_has_available_connectors() (git-fixes).
- drm/i915/gt: Skip TLB invalidations once wedged (git-fixes).
- commit 3db046b
- fs: move S_ISGID stripping into the vfs_*() helpers
  (bsc#1198702 CVE-2021-4037).
- commit 96040b9
- fs: Add missing umask strip in vfs_tmpfile (bsc#1198702 CVE-2021-4037).
- commit b188cb2
- fs: add mode_strip_sgid() helper (bsc#1198702 CVE-2021-4037).
- commit d40a52d
- net: openvswitch: fix parsing of nw_proto for IPv6 fragments
  (git-fixes).
- net: openvswitch: fix misuse of the cached connection on tuple
  changes (git-fixes).
- net: openvswitch: fix leak of nested actions (git-fixes).
- net: openvswitch: don't send internal clone attribute to the
  userspace (git-fixes).
- openvswitch: Fixed nd target mask field in the flow dump
  (git-fixes).
- openvswitch: always update flow key after nat (git-fixes).
- openvswitch: Fix setting ipv6 fields causing hw csum failure
  (git-fixes).
- commit 75a6dfb
- platform/x86: pmc_atom: Match all Lex BayTrail boards with
  critclk_systems DMI table (git-fixes).
- proc: fix dentry/inode overinstantiating under /proc/${pid}/net
  (git-fixes).
- commit e0a1b98
- selinux: Add boundary check in put_entry() (git-fixes).
- selinux: fix memleak in security_read_state_kernel()
  (git-fixes).
- selinux: fix bad cleanup on error in hashtab_duplicate()
  (git-fixes).
- selinux: use correct type for context length (git-fixes).
- selinux: check return value of sel_make_avc_files (git-fixes).
- selinux: access superblock_security_struct in LSM blob way
  (git-fixes).
- selinux: fix misuse of mutex_is_locked() (git-fixes).
- selinux: fix double free of cond_list on error paths
  (git-fixes).
- commit 8fa4586
- arm64: set UXN on swapper page tables (git-fixes).
- commit e839a65
- Update patch reference for i2c ISMT fix (CVE-2022-2873 bsc#1202558)
- commit c5ea54e
- vmxnet3: do not reschedule napi for rx processing (bsc#1200431).
- vmxnet3: Implement ethtool's get_channels command (bsc#1200431).
- vmxnet3: Record queue number to incoming packets (bsc#1200431).
- vmxnet3: disable overlay offloads if UPT device does not support
  (bsc#1200431).
- vmxnet3: update to version 7 (bsc#1200431).
- vmxnet3: use ext1 field to indicate encapsulated packet
  (bsc#1200431).
- vmxnet3: limit number of TXDs used for TSO packet (bsc#1200431).
- vmxnet3: add command to set ring buffer sizes (bsc#1200431).
- vmxnet3: add support for out of order rx completion
  (bsc#1200431).
- vmxnet3: add support for large passthrough BAR register
  (bsc#1200431).
- vmxnet3: add support for capability registers (bsc#1200431).
- vmxnet3: prepare for version 7 changes (bsc#1200431).
- net: vmxnet3: fix possible NULL pointer dereference in
  vmxnet3_rq_cleanup() (bsc#1200431).
- net: vmxnet3: fix possible use-after-free bugs in
  vmxnet3_rq_alloc_rx_buf() (bsc#1200431).
- vmxnet3: Remove useless DMA-32 fallback configuration
  (bsc#1200431).
- net: vmxnet3: remove multiple false checks in vmxnet3_ethtool.c
  (bsc#1200431).
- vmxnet3: switch from 'pci_' to 'dma_' API (bsc#1200431).
- commit 0f8542d
- ext4: fix race when reusing xattr blocks (bsc#1198971).
- commit f900445
- ext4: unindent codeblock in ext4_xattr_block_set()
  (bsc#1198971).
- commit 68125c2
- ext4: remove EA inode entry from mbcache on inode eviction
  (bsc#1198971).
- commit e8e6da3
- mbcache: add functions to delete entry if unused (bsc#1198971).
- commit 7e476f0
- mbcache: don't reclaim used entries (bsc#1198971).
- commit 351abf2
- Update config files (bsc#1201361 bsc#1192968 https://github.com/rear/rear/issues/2554).
  ppc64: NVRAM=y
- commit b0c6309
- ntb_hw_amd: Add NTB PCI ID for new gen CPU (bsc#1202113).
- commit 3ed0fd5
- scsi: hisi_sas: Use autosuspend for the host controller
  (bsc#1202471).
- scsi: hisi_sas: Keep controller active between ISR of phyup
  and the event being processed (bsc#1202471).
- commit 7a72909
- iommu/vt-d: Make DMAR_UNITS_SUPPORTED default 1024
  (bsc#1200301).
- iommu/vt-d: Remove global g_iommus array (bsc#1200301).
- iommu/vt-d: Remove unnecessary check in intel_iommu_add()
  (bsc#1200301).
- iommu/vt-d: Refactor iommu information of each domain
  (bsc#1200301).
- iommu/vt-d: Use IDA interface to manage iommu sequence id
  (bsc#1200301).
- iommu/vt-d: Acquiring lock in domain ID allocation helpers
  (bsc#1200301).
- iommu/vt-d: Remove intel_iommu::domains (bsc#1200301).
- commit a61eebd
- firmware: tegra: bpmp: Do only aligned access to IPC memory area
  (git-fixes).
- commit 95d811d
- dpaa2-eth: fix ethtool statistics (git-fixes).
- commit 24955ec
- net: sock: tracing: Fix sock_exceed_buf_limit not to dereference
  stale pointer (git-fixes).
- commit 0a8f29d
- tracing: Fix sleeping while atomic in kdb ftdump (git-fixes).
- commit 1af097c
- media: driver/nxp/imx-jpeg: fix a unexpected return value
  problem (git-fixes).
- commit c60449d
- crypto: sun8i-ss - fix error codes in allocate_flows()
  (git-fixes).
- commit e939e5a
- drm/vc4: change vc4_dma_range_matches from a global to static
  (git-fixes).
- net: phy: smsc: Disable Energy Detect Power-Down in interrupt
  mode (git-fixes).
- commit 06c0471
- tty: vt: initialize unicode screen buffer (git-fixes).
- tty: 8250: Add support for Brainboxes PX cards (git-fixes).
- usb: dwc3: core: Do not perform GCTL_CORE_SOFTRESET during
  bootup (git-fixes).
- usb: dwc3: core: Deprecate GCTL.CORESOFTRESET (git-fixes).
- wifi: mac80211_hwsim: use 32-bit skb cookie (git-fixes).
- wifi: mac80211_hwsim: add back erroneously removed cast
  (git-fixes).
- wifi: mac80211_hwsim: fix race condition in pending packet
  (git-fixes).
- usbnet: smsc95xx: Fix deadlock on runtime resume (git-fixes).
- usbnet: Fix linkwatch use-after-free on disconnect (git-fixes).
- spi: tegra20-slink: fix UAF in tegra_slink_remove() (git-fixes).
- usbnet: smsc95xx: Forward PHY interrupts to PHY driver to
  avoid polling (git-fixes).
- usbnet: smsc95xx: Avoid link settings race on interrupt
  reception (git-fixes).
- usbnet: smsc95xx: Don't clear read-only PHY interrupt
  (git-fixes).
- commit 61affc0
- serial: mvebu-uart: uart2 error bits clearing (git-fixes).
- mt76: mt7921: fix aggregation subframes setting to HE max
  (git-fixes).
- PM: hibernate: defer device probing when resuming from
  hibernation (git-fixes).
- pwm: lpc18xx: Fix period handling (git-fixes).
- spi: synquacer: Add missing clk_disable_unprepare() (git-fixes).
- soc: qcom: Make QCOM_RPMPD depend on PM (git-fixes).
- spi: spi-rspi: Fix PIO fallback on RZ platforms (git-fixes).
- serial: 8250: Add proper clock handling for OxSemi PCIe devices
  (git-fixes).
- serial: 8250: Export ICR access helpers for internal use
  (git-fixes).
- serial: 8250: Fold EndRun device support into OxSemi Tornado
  code (git-fixes).
- pwm: lpc18xx-sct: Simplify driver by not using
  pwm_[gs]et_chip_data() (git-fixes).
- pwm: lpc18xx-sct: Reduce number of devm memory allocations
  (git-fixes).
- serial: 8250_pci: Replace dev_*() by pci_*() macros (git-fixes).
- serial: 8250_pci: Refactor the loop in pci_ite887x_init()
  (git-fixes).
- commit 74f881a
- HID: alps: Declare U1_UNICORN_LEGACY support (git-fixes).
- HID: hid-input: add Surface Go battery quirk (git-fixes).
- HID: wacom: Don't register pad_input for touch switch
  (git-fixes).
- HID: wacom: Only report rotation for art pen (git-fixes).
- iio: accel: bma400: Reordering of header files (git-fixes).
- intel_th: pci: Add Raptor Lake-S CPU support (git-fixes).
- intel_th: pci: Add Raptor Lake-S PCH support (git-fixes).
- intel_th: pci: Add Meteor Lake-P support (git-fixes).
- hwmon: (sht15) Fix wrong assumptions in device remove callback
  (git-fixes).
- hwmon: (dell-smm) Add Dell XPS 13 7390 to fan control whitelist
  (git-fixes).
- media: hevc: Embedded indexes in RPS (git-fixes).
- media: imx-jpeg: use NV12M to represent non contiguous NV12
  (git-fixes).
- media: hantro: postproc: Fix motion vector space size
  (git-fixes).
- mac80211: fix a memory leak where sta_info is not freed
  (git-fixes).
- drivers/iio: Remove all strcpy() uses (git-fixes).
- media: imx-jpeg: Add pm-runtime support for imx-jpeg
  (git-fixes).
- commit a9b45e9
- drm/vc4: hdmi: Disable audio if dmas property is present but
  empty (git-fixes).
- Refresh patches.suse/drm-vc4-hdmi-Add-debugfs-prefix.patch.
- commit f1454ba
- drm/amdgpu: Check BO's requested pinning domains against its
  preferred_domains (git-fixes).
- drm/msm/dpu: Fix for non-visible planes (git-fixes).
- drm/mediatek: Keep dsi as LP00 before dcs cmds transfer
  (git-fixes).
- drm/mediatek: Separate poweron/poweroff from enable/disable
  and define new funcs (git-fixes).
- drm/mediatek: Modify dsi funcs to atomic operations (git-fixes).
- fbcon: Fix boundary checks for fbcon=vc:n1-n2 parameters
  (git-fixes).
- firmware: tegra: Fix error check return value of
  debugfs_create_file() (git-fixes).
- firmware: arm_scpi: Ensure scpi_info is not assigned if the
  probe fails (git-fixes).
- dt-bindings: iio: accel: Add DT binding doc for ADXL355
  (git-fixes).
- commit 1505831
- drm/bridge: tc358767: Fix (e)DP bridge endpoint parsing in
  dedicated function (git-fixes).
- Refresh
  patches.suse/drm-bridge-tc358767-Make-sure-Refclk-clock-are-enabl.patch.
- commit 57c5267
- drm/bridge: tc358767: Move (e)DP bridge endpoint parsing into
  dedicated function (git-fixes).
- Refresh
  patches.suse/drm-bridge-tc358767-Make-sure-Refclk-clock-are-enabl.patch.
- commit 554f4ee
- drm/vc4: drv: Adopt the dma configuration from the HVS or V3D
  component (git-fixes).
- drm/amdgpu: Remove one duplicated ef removal (git-fixes).
- drm/msm: Fix dirtyfb refcounting (git-fixes).
- commit a92dd0e
- crypto: ccp - During shutdown, check SEV data pointer before
  using (git-fixes).
- crypto: ccp - Use kzalloc for sev ioctl interfaces to prevent
  kernel memory leak (git-fixes).
- crypto: sun8i-ss - do not allocate memory when handling hash
  requests (git-fixes).
- drm/msm: Avoid dirtyfb stalls on video mode displays (v2)
  (git-fixes).
- drm/mediatek: Allow commands to be sent during video mode
  (git-fixes).
- commit d28b47b
- ARM: dts: BCM5301X: Add DT for Meraki MR26 (git-fixes).
- arm64: dts: qcom: ipq8074: fix NAND node name (git-fixes).
- arm64: tegra: Mark BPMP channels as no-memory-wc (git-fixes).
- arm64: dts: allwinner: a64: orangepi-win: Fix LED node name
  (git-fixes).
- arm64: fix oops in concurrently setting insn_emulation sysctls
  (git-fixes).
- arm64: Do not forget syscall when starting a new thread
  (git-fixes).
- arm64: tegra: Update Tegra234 BPMP channel addresses
  (git-fixes).
- arm64: tegra: Fixup SYSRAM references (git-fixes).
- commit ab1e66e
- ARM: dts: qcom: sdx55: Fix the IRQ trigger type for UART
  (git-fixes).
- ARM: dts: imx6ul: fix qspi node compatible (git-fixes).
- ARM: dts: imx6ul: fix lcdif node compatible (git-fixes).
- ARM: dts: imx6ul: fix csi node compatible (git-fixes).
- ARM: dts: imx6ul: fix keypad compatible (git-fixes).
- ARM: dts: imx6ul: change operating-points to uint32-matrix
  (git-fixes).
- ARM: dts: imx6ul: add missing properties for sram (git-fixes).
- ARM: shmobile: rcar-gen2: Increase refcount for new reference
  (git-fixes).
- ARM: OMAP2+: pdata-quirks: Fix refcount leak bug (git-fixes).
- ARM: OMAP2+: display: Fix refcount leak bug (git-fixes).
- commit c6d6958
- ACPI: VIOT: Fix ACS setup (git-fixes).
- ACPI: LPSS: Fix missing check in register_device_clock()
  (git-fixes).
- ACPI: PM: save NVS memory for Lenovo G40-45 (git-fixes).
- ACPI: EC: Drop the EC_FLAGS_IGNORE_DSDT_GPE quirk (git-fixes).
- ACPI: EC: Remove duplicate ThinkPad X1 Carbon 6th entry from
  DMI quirks (git-fixes).
- ARM: findbit: fix overflowing offset (git-fixes).
- ACPI: APEI: explicit init of HEST and GHES in apci_init()
  (git-fixes).
- commit b65bd26
- tracing/histograms: Fix memory leak problem (git-fixes).
- commit 8c95b1f
- tracing/kprobes: Check whether get_kretprobe() returns NULL
  in kretprobe_dispatcher() (git-fixes).
- commit 0f2d911
- drm/udl: Sync pending URBs at the end of suspend (bsc#1195917).
- drm/udl: Don't re-initialize stuff at retrying the URB list
  allocation (bsc#1195917).
- drm/udl: Fix inconsistent urbs.count value during
  udl_free_urb_list() (bsc#1195917).
- drm/udl: Fix potential URB leaks (bsc#1195917).
- drm/udl: Drop unneeded alignment (bsc#1195917).
- drm/udl: Add parameter to set number of URBs (bsc#1195917).
- drm/udl: Increase the default URB list size to 20 (bsc#1195917).
- drm/udl: Suppress error print for -EPROTO at URB completion
  (bsc#1195917).
- Revert "/drm/udl: Kill pending URBs at suspend and disconnect"/
  (bsc#1195917).
- drm/udl: Enable damage clipping (bsc#1195917).
- commit 8fe003b
- Update udl patches to the version that have been queued to subsystem tree
- commit d27d36e
- drm/udl: Replace BUG_ON() with WARN_ON() (bsc#1195917).
- commit 5d9cedf
- drm/udl: Kill pending URBs at suspend and disconnect
  (bsc#1195917).
- commit 3d58e44
- drm/udl: Sync pending URBs at suspend / disconnect
  (bsc#1195917).
- commit 816522a
- drm/udl: Replace semaphore with a simple wait queue
  (bsc#1195917).
- commit 8a222ee
- mm: memcontrol: fix potential oom_lock recursion deadlock
  (bsc#1202447).
- commit 7795ade
- Move upstreamed exfat patches into sorted section
- commit 2ce62ac
- rpm/kernel-binary.spec.in: move vdso to a separate package (bsc#1202385)
  We do the move only on 15.5+.
- commit 9c7ade3
- rpm/kernel-binary.spec.in: simplify find for usrmerged
  The type test and print line are the same for both cases. The usrmerged
  case only ignores more, so refactor it to make it more obvious.
- commit 583c9be
- s390/qeth: cache link_info for ethtool (bsc#1202262 LTC#199322).
- commit 2095e05
- locking/lockdep: Fix lockdep_init_map_*() confusion (git-fixes).
- commit 4749d0c
- Update patch-mainline tags to correct to v6.0-rc1
- commit b57acde
- perf bench futex: Fix memory leak of perf_cpu_map__new()
  (git-fixes).
- commit 26470c4
- lib/raid6/test: fix multiple definition linking error
  (git-fixes).
- commit 1efe1e2
- Move upstreamed NVMe patches into sorted section
- commit 0685dbd
- Correct non-existing v5.20-rc1 to v6.0-rc1 in patch-mainline tags
- commit b9e2284
- docs: i2c: i2c-sysfs: fix hyperlinks (git-fixes).
- NTB: ntb_tool: uninitialized heap data in tool_fn_write()
  (git-fixes).
- commit 48f9a86
- xfrm: xfrm_policy: fix a possible double xfrm_pols_put()
  in xfrm_bundle_lookup() (CVE-2022-36879 bsc#1201948).
- commit d743f1f
- ALSA: hda/cirrus - support for iMac 12,1 model (git-fixes).
- ALSA: hda/realtek: Add a quirk for HP OMEN 15 (8786) mute LED
  (git-fixes).
- ALSA: hda/conexant: Add quirk for LENOVO 20149 Notebook model
  (git-fixes).
- ALSA: hda/realtek: Add quirk for another Asus K42JZ model
  (git-fixes).
- commit 7941190
- ALSA: usb-audio: More comprehensive mixer map for ASUS ROG
  Zenith II (git-fixes).
- drm/gem: Properly annotate WW context on
  drm_gem_lock_reservations() error (git-fixes).
- drm/shmem-helper: Add missing vunmap on error (git-fixes).
- dt-bindings: bluetooth: broadcom: Add BCM4349B1 DT binding
  (git-fixes).
- commit 7b49d25
- nvme-auth: align to pre-upstream FFDHE implementation
  (bsc#1202265).
- commit a304667
- Refresh
  patches.suse/0007-nvme-auth-Diffie-Hellman-key-exchange-support.patch.
- commit c07e572
- Refresh patches.suse/iwlwifi-module-firmware-ucode-fix.patch (bsc#1202131)
  Now iwlwifi queries *-72.ucode, but again, this is non-existing version.
  Correct to the existing *-71.ucode
- commit af3987b
- iommu/amd: Simplify and Consolidate Virtual APIC (AVIC)
  Enablement (git-fixes).
- iommu/exynos: Handle failed IOMMU device registration properly
  (git-fixes).
- iommu/vt-d: Fix PCI bus rescan device hot add (git-fixes).
- iommu/amd: Enable swiotlb in all cases (git-fixes).
- iommu/msm: Fix an incorrect NULL check on list iterator
  (git-fixes).
- iommu/mediatek: Fix NULL pointer dereference when printing
  dev_name (git-fixes).
- iommu/mediatek: Add mutex for m4u_group and m4u_dom in data
  (git-fixes).
- iommu/mediatek: Remove clk_disable in mtk_iommu_remove
  (git-fixes).
- iommu/mediatek: Add list_del in mtk_iommu_remove (git-fixes).
- iommu/mediatek: Fix 2 HW sharing pgtable issue (git-fixes).
- iommu/dart: Add missing module owner to ops structure
  (git-fixes).
- iommu/dart: check return value after calling
  platform_get_resource() (git-fixes).
- iommu/vt-d: Drop stop marker messages (git-fixes).
- iommu/vt-d: Calculate mask for non-aligned flushes (git-fixes).
- iommu/omap: Fix regression in probe for NULL pointer dereference
  (git-fixes).
- iommu/iova: Improve 32-bit free space estimate (git-fixes).
- iommu/ipmmu-vmsa: Check for error num after setting mask
  (git-fixes).
- iommu/tegra-smmu: Fix missing put_device() call in
  tegra_smmu_find (git-fixes).
- iommu/amd: Fix I/O page table memory leak (git-fixes).
- iommu/amd: Recover from event log overflow (git-fixes).
- iommu: Fix potential use-after-free during probe (git-fixes).
- iommu/amd: Clarify AMD IOMMUv2 initialization messages
  (git-fixes).
- commit 0fff527
- net/packet: fix slab-out-of-bounds access in packet_recvmsg()
  (CVE-2022-20368 bsc#1202346).
- commit 90c61ba
- Update patch reference for v4l2 fix (bsc#1202347 CVE-2022-20369)
- commit 9ce184e
- devlink: Fix use-after-free after a failed reload (git-fixes).
- vsock: Set socket state back to SS_UNCONNECTED in
  vsock_connect_timeout() (git-fixes).
- vsock: Fix memory leak in vsock_connect() (git-fixes).
- Revert "/net: usb: ax88179_178a needs FLAG_SEND_ZLP"/ (git-fixes).
- can: mcp251x: Fix race condition on receive interrupt
  (git-fixes).
- can: ems_usb: fix clang's -Wunaligned-access warning
  (git-fixes).
- can: j1939: j1939_sk_queue_activate_next_locked(): replace
  WARN_ON_ONCE with netdev_warn_once() (git-fixes).
- geneve: do not use RT_TOS for IPv6 flowlabel (git-fixes).
- geneve: fix TOS inheriting for ipv4 (git-fixes).
- Bluetooth: MGMT: Fixes build warnings with C=1 (git-fixes).
- Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm regression
  (git-fixes).
- atm: idt77252: fix use-after-free bugs caused by tst_timer
  (git-fixes).
- virtio_net: fix memory leak inside XPD_TX with mergeable
  (git-fixes).
- net: phy: Warn about incorrect mdio_bus_phy_resume() state
  (git-fixes).
- ACPI: property: Return type of acpi_add_nondev_subnodes()
  should be bool (git-fixes).
- Input: exc3000 - fix return value check of
  wait_for_completion_timeout (git-fixes).
- Bluetooth: hci_bcm: Add DT compatible for CYW55572 (git-fixes).
- Bluetooth: btusb: Add Realtek RTL8852C support ID 0x13D3:0x3586
  (git-fixes).
- Bluetooth: btusb: Add Realtek RTL8852C support ID 0x13D3:0x3587
  (git-fixes).
- Bluetooth: btusb: Add Realtek RTL8852C support ID 0x0CB8:0xC558
  (git-fixes).
- Bluetooth: btusb: Add Realtek RTL8852C support ID 0x04C5:0x1675
  (git-fixes).
- Bluetooth: btusb: Add Realtek RTL8852C support ID 0x04CA:0x4007
  (git-fixes).
- Bluetooth: hci_bcm: Add BCM4349B1 variant (git-fixes).
- Bluetooth: btusb: Add support of IMC Networks PID 0x3568
  (git-fixes).
- ACPI: video: Force backlight native for some TongFang devices
  (git-fixes).
- commit ad545fa
- Add cherry-picked ACPI fix to Alt-commit
- commit e374c80
- iommu/vt-d: avoid invalid memory access via
  node_online(NUMA_NO_NODE) (git-fixes).
- iommu/arm-smmu: qcom_iommu: Add of_node_put() when breaking
  out of loop (git-fixes).
- iommu/arm-smmu-v3-sva: Fix mm use-after-free (git-fixes).
- commit f591dd8
- sched/fair: Fix cfs_rq_clock_pelt() for throttled cfs_rq -kabi
  (git fixes (sched/fair)).
- commit 1d64061
- iommu/vt-d: Fix RID2PASID setup/teardown failure (git-fixes).
- commit 09d5d99
- iommu/arm-smmu-v3: Fix size calculation in arm_smmu_mm_invalidate_range() (git-fixes).
- commit 4e97f34
- nohz/full, sched/rt: Fix missed tick-reenabling bug in
  dequeue_task_rt() (bnc#1189999 (Scheduler functional and
  performance backports)).
- sched/core: Always flush pending blk_plug (bnc#1189999
  (Scheduler functional and performance backports)).
- commit 1bfd5f9
- iwlwifi: fw: init SAR GEO table only if data is present
  (bsc#1202131).
- commit a69e4a6
- iwlwifi: mvm: Don't fail if PPAG isn't supported (bsc#1202131).
- iwlwifi: bump FW API to 72 for AX devices (bsc#1202131).
- iwlwifi: acpi: move ppag code from mvm to fw/acpi (bsc#1202131).
- iwlwifi: dbg: check trigger data before access (bsc#1202131).
- iwlwifi: dbg: in sync mode don't call schedule (bsc#1202131).
- iwlwifi: use 4k queue size for Bz A-step (bsc#1202131).
- iwlwifi: yoyo: dump IMR DRAM only for HW and FW error
  (bsc#1202131).
- iwlwifi: mvm: add support for IMR based on platform
  (bsc#1202131).
- commit 80fbd62
- iwlwifi: yoyo: disable IMR DRAM region if IMR is disabled
  (bsc#1202131).
- iwlwifi: mvm: remove cipher scheme support (bsc#1202131).
- iwlwifi: Configure FW debug preset via module param
  (bsc#1202131).
- iwlwifi: mvm: add a flag to reduce power command (bsc#1202131).
- iwlwifi: bump FW API to 71 for AX devices (bsc#1202131).
- iwlwifi: dbg_ini: Split memcpy() to avoid multi-field write
  (bsc#1202131).
- iwlwifi: mvm: rfi: use kmemdup() to replace kzalloc + memcpy
  (bsc#1202131).
- iwlwifi: Fix syntax errors in comments (bsc#1202131).
- iwlwifi: dvm: use struct_size over open coded arithmetic
  (bsc#1202131).
- iwlwifi/fw: use struct_size over open coded arithmetic
  (bsc#1202131).
- commit d9db47d
- iwlwifi: Make use of the helper macro LIST_HEAD() (bsc#1202131).
- iwlwifi: mvm: fix off by one in iwl_mvm_stat_iterator_all_macs()
  (bsc#1202131).
- iwlwifi: yoyo: send hcmd to fw after dump collection completes
  (bsc#1202131).
- iwlwifi: mvm: update BAID allocation command again
  (bsc#1202131).
- iwlwifi: api: remove ttl field from TX command (bsc#1202131).
- iwlwifi: support new queue allocation command (bsc#1202131).
- iwlwifi: yoyo: support dump policy for the dump size
  (bsc#1202131).
- iwlwifi: pcie: iwlwifi: fix device id 7F70 struct (bsc#1202131).
- iwlwifi: tlc: Add logs in rs_fw_rate_init func to print TLC
  configuration (bsc#1202131).
- iwlwifi: mvm: remove iwl_mvm_disable_txq() flags argument
  (bsc#1202131).
- commit c590c1a
- iwlwifi: remove command ID argument from queue allocation
  (bsc#1202131).
- iwlwifi: make iwl_txq_dyn_alloc_dma() return the txq
  (bsc#1202131).
- iwlwifi: fix small doc mistake for iwl_fw_ini_addr_val
  (bsc#1202131).
- iwlwifi: mvm: add additional info for boot info failures
  (bsc#1202131).
- iwlwifi: mvm: always remove the session protection after
  association (bsc#1202131).
- iwlwifi: mvm: make iwl_mvm_reconfig_scd() static (bsc#1202131).
- iwlwifi: mvm: refactor setting PPE thresholds in STA_HE_CTXT_CMD
  (bsc#1202131).
- iwlwifi: mvm: Disable WiFi bands selectively with BIOS
  (bsc#1202131).
- iwlwifi: mvm: add additional info for boot info failures
  (bsc#1202131).
- iwlwifi: mvm: don't send BAID removal to the FW during
  hw_restart (bsc#1202131).
- commit 315bdf8
- iwlwifi: don't dump_stack() when we get an unexpected interrupt
  (bsc#1202131).
- iwlwifi: mvm: rfi: handle deactivation notification
  (bsc#1202131).
- iwlwifi: mvm: Consider P2P GO operation during scan
  (bsc#1202131).
- iwlwifi: bump FW API to 70 for AX devices (bsc#1202131).
- iwlwifi: mvm: Unify the scan iteration functions (bsc#1202131).
- iwlwifi: debugfs: remove useless double condition (bsc#1202131).
- iwlwifi: remove unused macros (bsc#1202131).
- iwlwifi: eeprom: clean up macros (bsc#1202131).
- iwlwifi: drv: load tlv debug data earlier (bsc#1202131).
- commit 96514f8
- iwlwifi: pcie: Adapt rx queue write pointer for Bz family
  (bsc#1202131).
- iwlwifi: pcie: adjust to Bz completion descriptor (bsc#1202131).
- iwlwifi: mvm: Passively scan non PSC channels only when
  requested so (bsc#1202131).
- iwlwifi: scan: Modify return value of a function (bsc#1202131).
- iwlwifi: nvm: Correct HE capability (bsc#1202131).
- iwlwifi: make some functions friendly to sparse (bsc#1202131).
- iwlwifi: avoid variable shadowing (bsc#1202131).
- iwlwifi: remove unused DC2DC_CONFIG_CMD definitions
  (bsc#1202131).
- iwlwifi: move symbols into a separate namespace (bsc#1202131).
- commit f716768
- iwlwifi: fw: make dump_start callback void (bsc#1202131).
- iwlwifi: pcie: make sure iwl_rx_packet_payload_len() will not
  underflow (bsc#1202131).
- iwlwifi: mvm: use debug print instead of WARN_ON()
  (bsc#1202131).
- iwlwifi: add support for BZ-U and BZ-L HW (bsc#1202131).
- iwlwifi: mvm: add support for CT-KILL notification version 2
  (bsc#1202131).
- iwlwifi: mvm: support v3 of station HE context command
  (bsc#1202131).
- iwlwifi: yoyo: add IMR DRAM dump support (bsc#1202131).
- iwlwifi: pcie: add support for MS devices (bsc#1202131).
- iwlwifi: advertise support for HE - DCM BPSK RX/TX
  (bsc#1202131).
- commit b310d63
- iwlwifi: yoyo: fix DBGI_SRAM ini dump header (bsc#1202131).
- Refresh
  patches.suse/iwlwifi-yoyo-remove-DBGI_SRAM-address-reset-writing.patch.
- commit 8a08a81
- iwlwifi: mvm: only enable HE DCM if we also support TX
  (bsc#1202131).
- iwlwifi: dbg: add infra for tracking free buffer size
  (bsc#1202131).
- iwlwifi: mvm: starting from 22000 we have 32 Rx AMPDU sessions
  (bsc#1202131).
- iwlwifi: mvm: support new BAID allocation command (bsc#1202131).
- iwlwifi: mvm: refactor iwl_mvm_sta_rx_agg() (bsc#1202131).
- iwlwifi: cfg: add support for 1K BA queue (bsc#1202131).
- iwlwifi: avoid void pointer arithmetic (bsc#1202131).
- iwlwifi: fix various more -Wcast-qual warnings (bsc#1202131).
- iwlwifi: propagate (const) type qualifier (bsc#1202131).
- commit b5909b9
- iwlwifi: de-const properly where needed (bsc#1202131).
- iwlwifi: make iwl_fw_lookup_cmd_ver() take a cmd_id
  (bsc#1202131).
- iwlwifi: mvm: fw: clean up hcmd struct creation (bsc#1202131).
- iwlwifi: prefer WIDE_ID() over iwl_cmd_id() (bsc#1202131).
- iwlwifi: mvm: allow enabling UHB TAS in the USA via ACPI setting
  (bsc#1202131).
- iwlwifi: mvm: offload channel switch timing to FW (bsc#1202131).
- ieee80211: add EHT 1K aggregation definitions (bsc#1202131).
- cfg80211/mac80211: assume CHECKSUM_COMPLETE includes SNAP
  (bsc#1202131).
- mac80211: introduce channel switch disconnect function
  (bsc#1202131).
- commit 145a7cd
- iwlwifi: yoyo: fix issue with new DBGI_SRAM region read
  (bsc#1202131).
- Refresh
  patches.suse/iwlwifi-yoyo-remove-DBGI_SRAM-address-reset-writing.patch.
- commit 347cb47
- iwlwifi: fw: fix some scan kernel-doc (bsc#1202131).
- iwlwifi: mvm: remove card state notification code (bsc#1202131).
- iwlwifi: mvm: drop too short packets silently (bsc#1202131).
- iwlwifi: mvm: support Bz TX checksum offload (bsc#1202131).
- iwlwifi: mvm: add US/CA to TAS block list if OEM isn't allowed
  (bsc#1202131).
- iwlwifi: mvm: correctly set schedule scan profiles
  (bsc#1202131).
- iwlwifi: mvm: correctly set channel flags (bsc#1202131).
- iwlwifi: mvm: always store the PPAG table as the latest version
  (bsc#1202131).
- iwlwifi: bump FW API to 69 for AX devices (bsc#1202131).
- iwlwifi: yoyo: support TLV-based firmware reset (bsc#1202131).
- iwlwifi: mvm: change old-SN drop threshold (bsc#1202131).
- iwlwifi: mvm: don't trust hardware queue number (bsc#1202131).
- iwlwifi: mvm: handle RX checksum on Bz devices (bsc#1202131).
- iwlwifi: mvm: use a define for checksum flags mask
  (bsc#1202131).
- iwlwifi: mvm: isolate offload assist (checksum) calculation
  (bsc#1202131).
- iwlwifi: mvm: add support for OCE scan (bsc#1202131).
- commit 435f606
- iwlwifi: fix debug TLV parsing (bsc#1202131).
- iwlwifi: dump RCM error tables (bsc#1202131).
- iwlwifi: dump both TCM error tables if present (bsc#1202131).
- iwlwifi: dump CSR scratch from outer function (bsc#1202131).
- iwlwifi: parse error tables from debug TLVs (bsc#1202131).
- iwlwifi: recognize missing PNVM data and then log filename
  (bsc#1202131).
- iwlwifi: rs: add support for TLC config command ver 4
  (bsc#1202131).
- iwlwifi: mvm: rfi: update rfi table (bsc#1202131).
- iwlwifi: add support for BNJ HW (bsc#1202131).
- iwlwifi: mvm: Add list of OEMs allowed to use TAS (bsc#1202131).
- commit bc13b68
- iwlwifi: mvm: support revision 1 of WTAS table (bsc#1202131).
- iwlwifi: Read the correct addresses when getting the crf id
  (bsc#1202131).
- iwlwifi: pcie: add jacket bit to device configuration parsing
  (bsc#1202131).
- iwlwifi: fw: remove dead error log code (bsc#1202131).
- iwlwifi: do not use __unused as variable name (bsc#1202131).
- iwlwifi: iwl-eeprom-parse: mostly dvm only (bsc#1202131).
- iwlwifi: mvm: clean up indenting in iwl_mvm_tlc_update_notif()
  (bsc#1202131).
- iwlwifi: mvm: fix a stray tab (bsc#1202131).
- iwlwifi: mvm: add dbg_time_point to debugfs (bsc#1202131).
- commit 875f8a0
- iwlwifi: mvm: add missing min_size to kernel-doc (bsc#1202131).
- ieee80211: change HE nominal packet padding value defines
  (bsc#1202131).
- iwlwifi: mvm: optionally suppress assert log (bsc#1202131).
- iwlwifi: add new ax1650 killer device (bsc#1202131).
- iwlwifi: fw: correctly detect HW-SMEM region subtype
  (bsc#1202131).
- iwlwifi: implement reset flow for Bz devices (bsc#1202131).
- iwlwifi: add new Qu-Hr device (bsc#1202131).
- commit d54326e
- iwlwifi: support SAR GEO Offset Mapping override via BIOS
  (bsc#1202131).
- Refresh
  patches.suse/iwlwifi-mvm-don-t-send-SAR-GEO-command-for-3160-devi.patch.
- commit 4758d12
- iwlwifi: Fix FW name for gl (bsc#1202131).
- iwlwifi: dbg: disable ini debug in 8000 family and below
  (bsc#1202131).
- iwlwifi: pcie: retake ownership after reset (bsc#1202131).
- iwlwifi: mvm: always use 4K RB size by default (bsc#1202131).
- iwlwifi: mvm/api: define system control command (bsc#1202131).
- iwlwifi: bump FW API to 68 for AX devices (bsc#1202131).
- iwlwifi: mvm: add some missing command strings (bsc#1202131).
- iwlwifi: fw: add support for splitting region type bits
  (bsc#1202131).
- iwlwifi: swap 1650i and 1650s killer struct names (bsc#1202131).
- commit e7585e2
- iwlwifi: pcie: support Bz suspend/resume trigger (bsc#1202131).
- Refresh patches.suse/iwlwifi-fix-Bz-NMI-behaviour.patch.
- commit 0bc6f5d
- iwlwifi: acpi: fix wgds rev 3 size (bsc#1202131).
- iwlwifi: yoyo: support for DBGC4 for dram (bsc#1202131).
- iwlwifi: mvm: update rate scale in moving back to assoc state
  (bsc#1202131).
- iwlwifi: mvm: add support for statistics update version 15
  (bsc#1202131).
- iwlwifi: mvm: Add support for a new version of scan request
  command (bsc#1202131).
- iwlwifi: mvm: Fix wrong documentation for scan request command
  (bsc#1202131).
- iwlwifi: add missing entries for Gf4 with So and SoF
  (bsc#1202131).
- iwlwifi: mvm: remove session protection upon station removal
  (bsc#1202131).
- iwlwifi: remove unused iwlax210_2ax_cfg_so_hr_a0 structure
  (bsc#1202131).
- iwlwifi: mvm: add support for PHY context command v4
  (bsc#1202131).
- iwlwifi: fw: api: add link to PHY context command struct v1
  (bsc#1202131).
- iwlwifi: mvm: support RLC configuration command (bsc#1202131).
- iwlwifi: mvm: d3: support v12 wowlan status (bsc#1202131).
- iwlwifi: mvm: parse firmware alive message version 6
  (bsc#1202131).
- iwlwifi: mvm: d3: move GTK rekeys condition (bsc#1202131).
- iwlwifi: add support for Bz-Z HW (bsc#1202131).
- iwlwifi: support 4-bits in MAC step value (bsc#1202131).
- iwlwifi: mvm: fix delBA vs. NSSN queue sync race (bsc#1202131).
- iwlwifi: mvm: demote non-compliant kernel-doc header
  (bsc#1202131).
- commit d2ec8a7
- pinctrl: sunxi: Add I/O bias setting for H6 R-PIO (git-fixes).
- pinctrl: amd: Don't save/restore interrupt status and wake
  status bits (git-fixes).
- pinctrl: qcom: msm8916: Allow CAMSS GP clocks to be muxed
  (git-fixes).
- pinctrl: nomadik: Fix refcount leak in
  nmk_pinctrl_dt_subnode_to_map (git-fixes).
- kbuild: dummy-tools: avoid tmpdir leak in dummy gcc (git-fixes).
- Revert "/scripts/mod/modpost.c: permit '.cranges' secton for
  sh64 architecture."/ (git-fixes).
- kbuild: link vmlinux only once for CONFIG_TRIM_UNUSED_KSYMS
  (2nd attempt) (git-fixes).
- commit 797b09e
- SUNRPC: Fix READ_PLUS crasher (git-fixes).
- dm raid: fix KASAN warning in raid5_add_disks (git-fixes).
- NFSD: Fix possible sleep during nfsd4_release_lockowner()
  (git-fixes).
- md/raid0: Ignore RAID0 layout if the second zone has only one
  device (git-fixes).
- SUNRPC: Fix NFSD's request deferral on RDMA transports
  (git-fixes).
- NFSD: prevent integer overflow on 32 bit systems (git-fixes).
- NFSD: prevent underflow in nfssvc_decode_writeargs()
  (git-fixes).
- NFSD: Clamp WRITE offsets (git-fixes).
- NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes
  (git-fixes).
- NFSD: Fix ia_size underflow (git-fixes).
- nfsd: fix use-after-free due to delegation race (git-fixes).
- SUNRPC: Prevent immediate close+reconnect (git-fixes).
- commit 24baf4c
- md/bitmap: don't set sb values if can't pass sanity check
  (bsc#1197158).
- commit a639749
- drm/udl: Add reset_resume (bsc#1195917)
- commit 3d458d0
- sched: Remove unused function group_first_cpu() (bnc#1189999
  (Scheduler functional and performance backports)).
- sched/fair: Remove redundant word "/ *"/ (bnc#1189999 (Scheduler
  functional and performance backports)).
- sched: Remove the limitation of WF_ON_CPU on wakelist if wakee
  cpu is idle (bnc#1189999 (Scheduler functional and performance
  backports)).
  Refresh
- patches.suse/sched-core-Do-not-requeue-task-on-CPU-excluded-from-cpus_mask.patch
- sched: Fix the check of nr_running at queue wakelist
  (bnc#1189999 (Scheduler functional and performance backports)).
- sched: Allow newidle balancing to bail out of load_balance
  (bnc#1189999 (Scheduler functional and performance backports)).
- sched/fair: Fix cfs_rq_clock_pelt() for throttled cfs_rq
  (bnc#1189999 (Scheduler functional and performance backports)).
- commit aca64fd
- Refresh
  patches.suse/sched-core-Do-not-requeue-task-on-CPU-excluded-from-cpus_mask.patch.
- commit 730eeb7
- PCI: hv: Only reuse existing IRTE allocation for Multi-MSI
  (bsc#1200845).
- commit 5fb4c16
- x86/speculation: Add LFENCE to RSB fill sequence (bsc#1201726
  CVE-2022-26373).
- commit f2aa23b
- x86/speculation: Add RSB VM Exit protections (bsc#1201726
  CVE-2022-26373).
- commit aeafde0
- acpi: Disable APEI error injection if the kernel is locked down
  (bsc#1023051, CVE-2016-3695).
- commit ce97a64
- powerpc: powernv: kABI: add back powernv_get_random_long
  (bsc#1065729).
- commit 947a748
- Move kABI patch to kABI section.
- commit a7b7c6a
- KVM: PPC: Use arch_get_random_seed_long instead of powernv
  variant (bsc#1156395).
- commit 48b4d74
- powerpc/powernv: rename remaining rng powernv_ functions to pnv_
  (bsc#1065729).
- powerpc/powernv: delay rng platform device creation until
  later in boot (bsc#1065729).
- commit 57502cb
- tty: n_gsm: fix missing corner cases in gsmld_poll()
  (git-fixes).
- tty: n_gsm: fix flow control handling in tx path (git-fixes).
- tty: n_gsm: fix DM command (git-fixes).
- tty: n_gsm: fix wrong T1 retry count handling (git-fixes).
- tty: n_gsm: fix resource allocation order in gsm_activate_mux()
  (git-fixes).
- tty: n_gsm: fix deadlock and link starvation in outgoing data
  path (git-fixes).
- commit 4b73642
- tty: n_gsm: fix broken virtual tty handling (git-fixes).
- Refresh
  patches.suse/tty-n_gsm-fix-invalid-use-of-MSC-in-advanced-option.patch.
- Refresh
  patches.suse/tty-n_gsm-fix-software-flow-control-handling.patch.
- Refresh
  patches.suse/tty-n_gsm-fix-tty-registration-before-control-channe.patch.
- Refresh
  patches.suse/tty-n_gsm-fix-user-open-not-possible-at-responder-un.patch.
- commit c074522
- tty: n_gsm: fix missing mux reset on config change at responder
  (git-fixes).
- Refresh
  patches.suse/tty-n_gsm-fix-restart-handling-via-CLD-command.patch.
- commit a54ea81
- tty: n_gsm: clean up implicit CR bit encoding in address field
  (git-fixes).
- commit 64b8ec0
- tty: n_gsm: clean up dead code in gsm_queue() (git-fixes).
- commit d02d442
- n_gsm: remove unused parameters from gsm_error() (git-fixes).
- commit 70877a4
- tty: n_gsm: clean up indenting in gsm_queue() (git-fixes).
- commit 351f982
- tty: n_gsm: Modify gsmtty driver register method when config
  requester (git-fixes).
- Refresh
  patches.suse/tty-n_gsm-fix-deadlock-in-gsmtty_open.patch.
- Refresh
  patches.suse/tty-n_gsm-fix-invalid-use-of-MSC-in-advanced-option.patch.
- Refresh
  patches.suse/tty-n_gsm-fix-missing-update-of-modem-controls-after.patch.
- Refresh
  patches.suse/tty-n_gsm-fix-mux-cleanup-after-unregister-tty-devic.patch.
- Refresh
  patches.suse/tty-n_gsm-fix-restart-handling-via-CLD-command.patch.
- Refresh
  patches.suse/tty-n_gsm-fix-software-flow-control-handling.patch.
- Refresh
  patches.suse/tty-n_gsm-fix-tty-registration-before-control-channe.patch.
- Refresh
  patches.suse/tty-n_gsm-fix-user-open-not-possible-at-responder-un.patch.
- commit 642a799
- tty: n_gsm: Delete gsm_disconnect when config requester
  (git-fixes).
- Refresh
  patches.suse/tty-n_gsm-fix-restart-handling-via-CLD-command.patch.
- commit 5190326
- tty: n_gsm: Modify cr bit value when config requester
  (git-fixes).
- Refresh
  patches.suse/tty-n_gsm-Modify-CR-PF-bit-when-config-requester.patch.
- commit 0e6806e
- watchdog: armada_37xx_wdt: check the return value of
  devm_ioremap() in armada_37xx_wdt_probe() (git-fixes).
- watchdog: sp5100_tco: Fix a memory leak of EFCH MMIO resource
  (git-fixes).
- tty: serial: fsl_lpuart: correct the count of break characters
  (git-fixes).
- commit e704b35
- remoteproc: sysmon: Wait for SSCTL service to come up
  (git-fixes).
- remoteproc: qcom: pas: Check if coredump is enabled (git-fixes).
- remoteproc: qcom: pas: Mark devices as wakeup capable
  (git-fixes).
- remoteproc: qcom: q6v5-mss: add powerdomains to MSM8996 config
  (git-fixes).
- remoteproc: qcom: wcnss: Fix handling of IRQs (git-fixes).
- remoteproc: imx_rproc: Fix refcount leak in imx_rproc_addr_init
  (git-fixes).
- remoteproc: k3-r5: Fix refcount leak in k3_r5_cluster_of_init
  (git-fixes).
- rpmsg: qcom_smd: Fix refcount leak in qcom_smd_parse_edge
  (git-fixes).
- rpmsg: mtk_rpmsg: Fix circular locking dependency (git-fixes).
- rpmsg: char: Add mutex protection for rpmsg_eptdev_open()
  (git-fixes).
- tools/thermal: Fix possible path truncations (git-fixes).
- thermal: sysfs: Fix cooling_device_stats_setup() error code path
  (git-fixes).
- serial: 8250_bcm7271: Save/restore RTS in suspend/resume
  (git-fixes).
- serial: 8250_fsl: Don't report FE, PE and OE twice (git-fixes).
- tty: n_gsm: fix race condition in gsmld_write() (git-fixes).
- tty: n_gsm: fix packet re-transmission without open control
  channel (git-fixes).
- tty: n_gsm: fix non flow control frames during mux flow off
  (git-fixes).
- tty: n_gsm: fix missing timer to handle stalled links
  (git-fixes).
- tty: n_gsm: fix wrong queuing behavior in gsm_dlci_data_output()
  (git-fixes).
- tty: n_gsm: fix tty registration before control channel open
  (git-fixes).
- tty: n_gsm: fix user open not possible at responder until
  initiator open (git-fixes).
- serial: 8250_dw: Store LSR into lsr_saved_flags in
  dw8250_tx_wait_empty() (git-fixes).
- tty: n_gsm: Delete gsmtty open SABM frame when config requester
  (git-fixes).
- tty: n_gsm: Modify CR,PF bit printk info when config requester
  (git-fixes).
- commit d8e88fb
- thermal/int340x_thermal: handle data_vault when the value is
  ZERO_SIZE_PTR (bsc#1201308).
- commit a524606
- powerpc/powernv/kvm: Use darn for H_RANDOM on Power9
  (bsc#1065729).
- powerpc/powernv: Avoid crashing if rng is NULL (bsc#1065729).
- commit a725a56
- powerpc/powernv: wire up rng during setup_arch (bsc#1065729).
- powerpc/pseries: wire up rng during setup_arch() (bsc#1065729).
- commit 836dbc5
- btrfs: properly flag filesystem with BTRFS_FEATURE_INCOMPAT_BIG_METADATA (git-fixes).
- commit ce06a4a
- KVM: arm64: Avoid setting the upper 32 bits of TCR_EL2 and CPTR_EL2 (bsc#1201442)
- commit b67257b
- iwlwifi: dbg-tlv: clean up iwl_dbg_tlv_update_drams()
  (bsc#1202131).
- iwlwifi: yoyo: fix DBGC allocation flow (bsc#1202131).
- commit 705cc88
- x86/olpc: fix 'logical not is only applied to the left hand
  side' (git-fixes).
- proc: fix a dentry lock race between release_task and lookup
  (git-fixes).
- lib/smp_processor_id: fix imbalanced instrumentation_end()
  call (git-fixes).
- kfifo: fix kfifo_to_user() return type (git-fixes).
- profiling: fix shift too large makes kernel panic (git-fixes).
- video: fbdev: s3fb: Check the size of screen before memset_io()
  (git-fixes).
- video: fbdev: arkfb: Check the size of screen before memset_io()
  (git-fixes).
- video: fbdev: vt8623fb: Check the size of screen before
  memset_io() (git-fixes).
- video: fbdev: arkfb: Fix a divide-by-zero bug in
  ark_set_pixclock() (git-fixes).
- video: fbdev: sis: fix typos in SiS_GetModeID() (git-fixes).
- video: fbdev: amba-clcd: Fix refcount leak bugs (git-fixes).
- net: usb: make USB_RTL8153_ECM non user configurable
  (git-fixes).
- random: remove useless header comment (git-fixes).
- commit 7ebdc9d
- ALSA: usb-audio: Add endianness annotations (git-fixes).
- commit 9261514
- ALSA: hda/realtek: Add quirk for HP Spectre x360 15-eb0xxx
  (git-fixes).
- ALSA: hda/realtek: Add quirk for Clevo NV45PZ (git-fixes).
- ALSA: hda/realtek: Add quirk for Lenovo Yoga9 14IAP7
  (git-fixes).
- ALSA: usb-audio: Add quirk for Behringer UMC202HD (git-fixes).
- commit d2bf5c3
- scripts/faddr2line: Fix vmlinux detection on arm64 (git-fixes).
- mfd: max77620: Fix refcount leak in max77620_initialise_fps
  (git-fixes).
- mfd: t7l66xb: Drop platform disable callback (git-fixes).
- tpm: eventlog: Fix section mismatch for DEBUG_SECTION_MISMATCH
  (git-fixes).
- KEYS: asymmetric: enforce SM2 signature use pkey algo
  (git-fixes).
- mtd: spi-nor: fix spi_nor_spimem_setup_op() call in
  spi_nor_erase_{sector,chip}() (git-fixes).
- mtd: rawnand: arasan: Fix clock rate in NV-DDR (git-fixes).
- mtd: rawnand: arasan: Update NAND bus clock instead of system
  clock (git-fixes).
- mtd: rawnand: meson: Fix a potential double free issue
  (git-fixes).
- mtd: dataflash: Add SPI ID table (git-fixes).
- mtd: st_spi_fsm: Add a clk_disable_unprepare() in .probe()'s
  error path (git-fixes).
- mtd: parsers: ofpart: Fix refcount leak in
  bcm4908_partitions_fw_offset (git-fixes).
- mtd: partitions: Fix refcount leak in parse_redboot_of
  (git-fixes).
- mtd: sm_ftl: Fix deadlock caused by cancel_work_sync in
  sm_release (git-fixes).
- mtd: maps: Fix refcount leak in ap_flash_init (git-fixes).
- mtd: maps: Fix refcount leak in of_flash_probe_versatile
  (git-fixes).
- commit 34c1728
- Revert "/drivers/video/backlight/platform_lcd.c: add support
  for device tree based probe"/ (git-fixes).
- ASoC: mchp-spdifrx: disable end of block interrupt on failures
  (git-fixes).
- ASoC: imx-card: use snd_pcm_format_t type for asrc_format
  (git-fixes).
- ASoC: fsl_easrc: use snd_pcm_format_t type for sample_format
  (git-fixes).
- ASoC: fsl-asoc-card: force cast the asrc_format type
  (git-fixes).
- ASoC: fsl_asrc: force cast the asrc_format type (git-fixes).
- ASoC: audio-graph-card: Add of_node_put() in fail path
  (git-fixes).
- ASoC: qcom: q6dsp: Fix an off-by-one in q6adm_alloc_copp()
  (git-fixes).
- ASoC: mt6359: Fix refcount leak bug (git-fixes).
- ASoC: imx-card: Fix DSD/PDM mclk frequency (git-fixes).
- ASoC: qcom: Fix missing of_node_put() in
  asoc_qcom_lpass_cpu_platform_probe() (git-fixes).
- ASoC: samsung: change neo1973_audio from a global to static
  (git-fixes).
- ASoC: samsung: change gpiod_speaker_power and rx1950_audio
  from global to static variables (git-fixes).
- ASoC: samsung: h1940_uda1380: include proepr GPIO consumer
  header (git-fixes).
- ASoC: codecs: wcd9335: move gains from SX_TLV to S8_TLV
  (git-fixes).
- ASoC: codecs: msm8916-wcd-digital: move gains from SX_TLV to
  S8_TLV (git-fixes).
- ASoC: codecs: da7210: add check for i2c_add_driver (git-fixes).
- ASoC: mt6797-mt6351: Fix refcount leak in
  mt6797_mt6351_dev_probe (git-fixes).
- ASoC: imx-audmux: Silence a clang warning (git-fixes).
- ASoC: samsung: Fix error handling in aries_audio_probe
  (git-fixes).
- ASoC: cros_ec_codec: Fix refcount leak in
  cros_ec_codec_platform_probe (git-fixes).
- ALSA: bcd2000: Fix a UAF bug on the error path of probing
  (git-fixes).
- ALSA: usb-audio: Turn off 'manual mode' on Dell dock
  (git-fixes).
- ALSA: usb-audio: Support jack detection on Dell dock
  (git-fixes).
- arm64: dts: uniphier: Fix USB interrupts for PXs3 SoC
  (git-fixes).
- ARM: dts: uniphier: Fix USB interrupts for PXs2 SoC (git-fixes).
- Input: gscps2 - check return value of ioremap() in
  gscps2_probe() (git-fixes).
- commit a1ba91a
- Move upstreamed patches into sorted section
- commit 4e4180d
- iwlwifi: pcie: fix SW error MSI-X mapping (bsc#1202131).
- iwlwifi: yoyo: Avoid using dram data if allocation failed
  (bsc#1202131).
- iwlwifi: remove deprecated broadcast filtering feature
  (bsc#1202131).
- iwlwifi: fix iwl_legacy_rate_to_fw_idx (bsc#1202131).
- iwlwifi: mvm: fix condition which checks the version of
  rate_n_flags (bsc#1202131).
- commit b5f1223
- iwlwifi: rename GEO_TX_POWER_LIMIT to PER_CHAIN_LIMIT_OFFSET_CMD
  (bsc#1202131).
- Refresh
  patches.suse/iwlwifi-don-t-pass-actual-WGDS-revision-number-in-ta.patch.
- commit 2aa0188
- iwlwifi: fix LED dependencies (bsc#1202131).
- iwlwifi: Fix missing error code in iwl_pci_probe()
  (bsc#1202131).
- iwlwifi: pcie: fix constant-conversion warning (bsc#1202131).
- iwlwifi: bump FW API to 67 for AX devices (bsc#1202131).
- iwlwifi: mvm: extend session protection on association
  (bsc#1202131).
- iwlwifi: rename CHANNEL_SWITCH_NOA_NOTIF to
  CHANNEL_SWITCH_START_NOTIF (bsc#1202131).
- iwlwifi: mvm: remove session protection on disassoc
  (bsc#1202131).
- iwlwifi: mvm: fix WGDS table print in iwl_mvm_chub_update_mcc()
  (bsc#1202131).
- iwlwifi: mvm: d3: use internal data representation
  (bsc#1202131).
- iwlwifi: mvm: update RFI TLV (bsc#1202131).
- iwlwifi: mvm: don't get address of mvm->fwrt just to dereference
  as a pointer (bsc#1202131).
- iwlwifi: mvm: read 6E enablement flags from DSM and pass to FW
  (bsc#1202131).
- iwlwifi: yoyo: support for ROM usniffer (bsc#1202131).
- iwlwifi: dump host monitor data when NIC doesn't init
  (bsc#1202131).
- iwlwifi: pcie: simplify iwl_pci_find_dev_info() (bsc#1202131).
- commit 65c3ddc
- iwlwifi: ACPI: support revision 3 WGDS tables (bsc#1202131).
- Refresh
  patches.suse/iwlwifi-don-t-pass-actual-WGDS-revision-number-in-ta.patch.
- commit 1f7d7e3
- iwlwifi: pcie: update sw error interrupt for BZ family
  (bsc#1202131).
- iwlwifi: add new pci SoF with JF (bsc#1202131).
- iwlwifi: mvm: Use all Rx chains for roaming scan (bsc#1202131).
- iwlwifi: pcie: remove two duplicate PNJ device entries
  (bsc#1202131).
- iwlwifi: pcie: refactor dev_info lookup (bsc#1202131).
- commit 4955e78
- iwlwifi: add new device id 7F70 (bsc#1202131).
- Refresh
  patches.suse/iwlwifi-pcie-add-killer-devices-to-the-driver.patch.
- commit a871c28
- iwlwifi: pcie: remove duplicate entry (bsc#1202131).
- iwlwifi: pcie: fix killer name matching for AX200 (bsc#1202131).
- iwlwifi: pnvm: print out the version properly (bsc#1202131).
- iwlwifi: dbg: treat non active regions as unsupported regions
  (bsc#1202131).
- iwlwifi: mvm: Read acpi dsm to get channel activation bitmap
  (bsc#1202131).
- iwlwifi: mvm: improve log when processing CSA (bsc#1202131).
- iwlwifi: mvm: set BT-coex high priority for 802.1X/4-way-HS
  (bsc#1202131).
- iwlwifi: dbg: treat dbgc allocation failure when tlv is missing
  (bsc#1202131).
- iwlwifi: mvm: set inactivity timeouts also for PS-poll
  (bsc#1202131).
- commit dd87451
- iwlwifi: pcie: try to grab NIC access early (bsc#1202131).
- iwlwifi: mvm: reduce WARN_ON() in TX status path (bsc#1202131).
- iwlwifi: allow rate-limited error messages (bsc#1202131).
- iwlwifi: mvm: remove session protection after auth/assoc
  (bsc#1202131).
- iwlwifi: remove redundant iwl_finish_nic_init() argument
  (bsc#1202131).
- iwlwifi: mvm: Add RTS and CTS flags to iwl_tx_cmd_flags
  (bsc#1202131).
- iwlwifi: mvm: remove csi from iwl_mvm_pass_packet_to_mac80211()
  (bsc#1202131).
- iwlwifi: mvm: Support new rate_n_flags for REPLY_RX_MPDU_CMD
  and RX_NO_DATA_NOTIF (bsc#1202131).
- iwlwifi: mvm: Support new TX_RSP and COMPRESSED_BA_RES versions
  (bsc#1202131).
- iwlwifi: mvm: Support new version of BEACON_TEMPLATE_CMD
  (bsc#1202131).
- commit 67d2e71
- iwlwifi: mvm: Add support for new rate_n_flags in tx_cmd
  (bsc#1202131).
- Refresh
  patches.suse/iwlwifi-mvm-don-t-crash-on-invalid-rate-w-o-STA.patch.
- commit 4f57116
- iwlwifi: BZ Family SW reset support (bsc#1202131).
- iwlwifi: BZ Family BUS_MASTER_DISABLE_REQ code duplication
  (bsc#1202131).
- iwlwifi: yoyo: fw debug config from context info and preset
  (bsc#1202131).
- iwlwifi: mvm: Support new version of ranging response
  notification (bsc#1202131).
- iwlwifi: mvm: Support version 3 of tlc_update_notif
  (bsc#1202131).
- iwlwifi: mvm: convert old rate & flags to the new format
  (bsc#1202131).
- iwlwifi: mvm: add definitions for new rate & flags
  (bsc#1202131).
- iwlwifi: mvm: update definitions due to new rate & flags
  (bsc#1202131).
- iwlwifi: mvm: scrub key material in firmware dumps
  (bsc#1202131).
- commit db3dcd7
- iwlwifi: parse debug exclude data from firmware file
  (bsc#1202131).
- iwlwifi: fw dump: add infrastructure for dump scrubbing
  (bsc#1202131).
- iwlwifi: mvm: correct sta-state logic for TDLS (bsc#1202131).
- iwlwifi: api: fix struct iwl_wowlan_status_v7 kernel-doc
  (bsc#1202131).
- iwlwifi: fix fw/img.c license statement (bsc#1202131).
- iwlwifi: remove contact information (bsc#1202131).
- iwlwifi: remove MODULE_AUTHOR() statements (bsc#1202131).
- iwlwifi: api: remove unused RX status bits (bsc#1202131).
- iwlwifi: add some missing kernel-doc in struct iwl_fw
  (bsc#1202131).
- iwlwifi: mvm: Remove antenna c references (bsc#1202131).
- iwlwifi: mvm: add support for 160Mhz in ranging measurements
  (bsc#1202131).
- iwlwifi: add vendor specific capabilities for some RFs
  (bsc#1202131).
- iwlwifi: mvm: add lmac/umac PC info in case of error
  (bsc#1202131).
- iwlwifi: mvm: fix ieee80211_get_he_iftype_cap() iftype
  (bsc#1202131).
- iwlwifi: Start scratch debug register for Bz family
  (bsc#1202131).
- iwlwifi: Add support for more BZ HWs (bsc#1202131).
- iwlwifi: Add support for getting rf id with blank otp
  (bsc#1202131).
- wireless: Remove redundant 'flush_workqueue()' calls
  (bsc#1202131).
- commit c24f8b7
- openvswitch: fix OOB access in reserve_sfa_size() (CVE-2022-2639
  bsc#1202154).
- commit 5c51c64
- usb: cdns3: Don't use priv_dev uninitialized in
  cdns3_gadget_ep_enable() (git-fixes).
- commit 1102903
- platform/olpc: Fix uninitialized data in debugfs write
  (git-fixes).
- platform/chrome: cros_ec: Always expose last resume result
  (git-fixes).
- selftests: kvm: set rax before vmcall (git-fixes).
- USB: Follow-up to SPDX GPL-2.0+ identifiers addition - remove
  now useless comments (git-fixes).
- USB: Follow-up to SPDX identifiers addition - remove now
  useless comments (git-fixes).
- staging: rtl8192u: Fix sleep in atomic context bug in
  dm_fsync_timer_callback (git-fixes).
- usb: typec: ucsi: Acknowledge the GET_ERROR_STATUS command
  completion (git-fixes).
- usb: cdns3: change place of 'priv_ep' assignment in
  cdns3_gadget_ep_dequeue(), cdns3_gadget_ep_enable() (git-fixes).
- USB: serial: fix tty-port initialized comments (git-fixes).
- usb: dwc3: qcom: fix missing optional irq warnings (git-fixes).
- usb: aspeed-vhub: Fix refcount leak bug in ast_vhub_init_desc()
  (git-fixes).
- usb: gadget: udc: amd5536 depends on HAS_DMA (git-fixes).
- usb: dwc3: gadget: fix high speed multiplier setting
  (git-fixes).
- usb: dwc3: gadget: refactor dwc3_repare_one_trb (git-fixes).
- usb: host: xhci: use snprintf() in xhci_decode_trb()
  (git-fixes).
- usb: xhci: tegra: Fix error check (git-fixes).
- usb: gadget: tegra-xudc: Fix error check in
  tegra_xudc_powerdomain_init() (git-fixes).
- usb: ohci-nxp: Fix refcount leak in ohci_hcd_nxp_probe
  (git-fixes).
- usb: host: Fix refcount leak in ehci_hcd_ppc_of_probe
  (git-fixes).
- soundwire: qcom: Check device status before reading devid
  (git-fixes).
- soundwire: bus_type: fix remove and shutdown support
  (git-fixes).
- commit da104a3
- mmc: cavium-thunderx: Add of_node_put() when breaking out of
  loop (git-fixes).
- mmc: cavium-octeon: Add of_node_put() when breaking out of loop
  (git-fixes).
- mmc: block: Add single read for 4k sector cards (git-fixes).
- mmc: sdhci-of-at91: fix set_uhs_signaling rewriting of MC1R
  (git-fixes).
- PCI: tegra194: Fix link up retry sequence (git-fixes).
- PCI: tegra194: Fix Root Port interrupt handling (git-fixes).
- PCI: tegra194: Fix PM error handling in tegra_pcie_config_ep()
  (git-fixes).
- PCI: qcom: Power on PHY before IPQ8074 DBI register accesses
  (git-fixes).
- PCI: qcom: Set up rev 2.1.0 PARF_PHY before enabling clocks
  (git-fixes).
- PCI: microchip: Fix refcount leak in mc_pcie_init_irq_domains()
  (git-fixes).
- PCI: dwc: Always enable CDM check if "/snps,enable-cdm-check"/
  exists (git-fixes).
- PCI: dwc: Deallocate EPC memory on dw_pcie_ep_init() errors
  (git-fixes).
- PCI: dwc: Set INCREASE_REGION_SIZE flag based on limit address
  (git-fixes).
- PCI: dwc: Disable outbound windows only for controllers using
  iATU (git-fixes).
- PCI: dwc: Add unroll iATU space support to dw_pcie_disable_atu()
  (git-fixes).
- PCI: dwc: Stop link on host_init errors and de-initialization
  (git-fixes).
- PCI/AER: Iterate over error counters instead of error strings
  (git-fixes).
- PCI/portdrv: Don't disable AER reporting in
  get_port_device_capability() (git-fixes).
- PCI: endpoint: Don't stop controller when unbinding endpoint
  function (git-fixes).
- phy: stm32: fix error return in stm32_usbphyc_phy_init
  (git-fixes).
- commit f77f01b
- memstick/ms_block: Fix a memory leak (git-fixes).
- memstick/ms_block: Fix some incorrect memory allocation
  (git-fixes).
- mmc: renesas_sdhi: Get the reset handle early in the probe
  (git-fixes).
- mmc: mxcmmc: Silence a clang warning (git-fixes).
- mmc: sdhci-of-esdhc: Fix refcount leak in
  esdhc_signal_voltage_switch (git-fixes).
- dmaengine: dw-edma: Fix eDMA Rd/Wr-channels and DMA-direction
  semantics (git-fixes).
- dmaengine: imx-dma: Cast of_device_get_match_data() with
  (uintptr_t) (git-fixes).
- dt-bindings: clock: qcom,gcc-msm8996: add more GCC clock sources
  (git-fixes).
- gpio: gpiolib-of: Fix refcount bugs in of_mm_gpiochip_add_data()
  (git-fixes).
- HID: amd_sfh: Handle condition of "/no sensors"/ (git-fixes).
- HID: amd_sfh: Add NULL check for hid device (git-fixes).
- HID: mcp2221: prevent a buffer overflow in mcp_smbus_write()
  (git-fixes).
- HID: cp2112: prevent a buffer overflow in cp2112_xfer()
  (git-fixes).
- dt-bindings: usb: mtk-xhci: Allow wakeup interrupt-names to
  be optional (git-fixes).
- driver core: fix potential deadlock in __driver_attach
  (git-fixes).
- iio: light: isl29028: Fix the warning in isl29028_remove()
  (git-fixes).
- iio: fix iio_format_avail_range() printing for none IIO_VAL_INT
  (git-fixes).
- interconnect: imx: fix max_node_id (git-fixes).
- eeprom: idt_89hpesx: uninitialized data in idt_dbgfs_csr_write()
  (git-fixes).
- iio: temp: maxim_thermocouple: Fix alignment for DMA safety
  (git-fixes).
- iio: temp: ltc2983: Fix alignment for DMA safety (git-fixes).
- iio: resolver: ad2s90: Fix alignment for DMA safety (git-fixes).
- iio: resolver: ad2s1200: Fix alignment for DMA safety
  (git-fixes).
- iio: proximity: as3935: Fix alignment for DMA safety
  (git-fixes).
- iio: potentiometer: mcp4131: Fix alignment for DMA safety
  (git-fixes).
- iio: potentiometer: mcp41010: Fix alignment for DMA safety
  (git-fixes).
- iio: potentiometer: max5481: Fix alignment for DMA safety
  (git-fixes).
- iio: potentiometer: ad5272: Fix alignment for DMA safety
  (git-fixes).
- iio: imu: fxos8700: Fix alignment for DMA safety (git-fixes).
- iio: gyro: fxas210002c: Fix alignment for DMA safety
  (git-fixes).
- iio: gyro: adxrs450: Fix alignment for DMA safety (git-fixes).
- iio: gyro: adis16130: Fix alignment for DMA safety (git-fixes).
- iio: gyro: adis16080: Fix alignment for DMA safety (git-fixes).
- iio: frequency: adf4371: Fix alignment for DMA safety
  (git-fixes).
- iio: frequency: adf4350: Fix alignment for DMA safety
  (git-fixes).
- iio: frequency: ad9523: Fix alignment for DMA safety
  (git-fixes).
- iio: dac: ti-dac7612: Fix alignment for DMA safety (git-fixes).
- iio: dac: ti-dac7311: Fix alignment for DMA safety (git-fixes).
- iio: dac: ti-dac5571: Fix alignment for DMA safety (git-fixes).
- iio: dac: ti-dac082s085: Fix alignment for DMA safety
  (git-fixes).
- iio: dac: mcp4922: Fix alignment for DMA safety (git-fixes).
- iio: dac: ad8801: Fix alignment for DMA safety (git-fixes).
- iio: dac: ad7303: Fix alignment for DMA safety (git-fixes).
- iio: dac: ad5791: Fix alignment for DMA saftey (git-fixes).
- iio: dac: ad5770r: Fix alignment for DMA safety (git-fixes).
- iio: dac: ad5766: Fix alignment for DMA safety (git-fixes).
- iio: dac: ad5764: Fix alignment for DMA safety (git-fixes).
- iio: dac: ad5761: Fix alignment for DMA safety (git-fixes).
- iio: dac: ad5755: Fix alignment for DMA safety (git-fixes).
- iio: dac: ad5504: Fix alignment for DMA safety (git-fixes).
- iio: dac: ad5449: Fix alignment for DMA safety (git-fixes).
- iio: dac: ad5421: Fix alignment for DMA safety (git-fixes).
- iio: dac: ad5360: Fix alignment for DMA safety (git-fixes).
- iio: dac: ad5064: Fix alignment for DMA safety (git-fixes).
- iio: common: ssp: Fix alignment for DMA safety (git-fixes).
- iio: amplifiers: ad8366: Fix alignment for DMA safety
  (git-fixes).
- iio: adc: ti-tlc4541: Fix alignment for DMA safety (git-fixes).
- iio: adc: ti-ads8688: Fix alignment for DMA safety (git-fixes).
- iio: adc: ti-ads8344: Fix alignment for DMA safety (git-fixes).
- iio: adc: ti-ads7950: Fix alignment for DMA safety (git-fixes).
- iio: adc: ti-ads131e08: Fix alignment for DMA safety
  (git-fixes).
- iio: adc: ti-ads124s08: Fix alignment for DMA safety
  (git-fixes).
- iio: adc: ti-adc161s626: Fix alignment for DMA safety
  (git-fixes).
- iio: adc: ti-adc128s052: Fix alignment for DMA safety
  (git-fixes).
- iio: adc: ti-adc12138: Fix alignment for DMA safety (git-fixes).
- iio: adc: ti-adc108s102: Fix alignment for DMA safety
  (git-fixes).
- iio: adc: ti-adc084s021: Fix alignment for DMA safety
  (git-fixes).
- iio: adc: ti-adc0832: Fix alignment for DMA safety (git-fixes).
- iio: adc: mcp320x: Fix alignment for DMA safety (git-fixes).
- iio: adc: max1241: Fix alignment for DMA safety (git-fixes).
- iio: adc: max1118: Fix alignment for DMA safety (git-fixes).
- iio: adc: max11100: Fix alignment for DMA safety (git-fixes).
- iio: adc: max1027: Fix alignment for DMA safety (git-fixes).
- iio: adc: ltc2497: Fix alignment for DMA safety (git-fixes).
- iio: adc: ltc2496: Fix alignment for DMA safety (git-fixes).
- iio: adc: hi8435: Fix alignment for DMA safety (git-fixes).
- iio: adc: ad7923: Fix alignment for DMA safety (git-fixes).
- iio: adc: ad7887: Fix alignment for DMA safety (git-fixes).
- iio: adc: ad7768-1: Fix alignment for DMA safety (git-fixes).
- iio: adc: ad7766: Fix alignment for DMA safety (git-fixes).
- iio: adc: ad7476: Fix alignment for DMA safety (git-fixes).
- iio: adc: ad7298: Fix alignment for DMA safety (git-fixes).
- iio: adc: ad7292: Fix alignment for DMA safety (git-fixes).
- iio: adc: ad7266: Fix alignment for DMA safety (git-fixes).
- iio: accel: sca3300: Fix alignment for DMA safety (git-fixes).
- iio: accel: sca3000: Fix alignment for DMA safety (git-fixes).
- iio: accel: bma220: Fix alignment for DMA safety (git-fixes).
- iio: core: Fix IIO_ALIGN and rename as it was not sufficiently
  large (git-fixes).
- iio: accel: bma400: Fix the scale min and max macro values
  (git-fixes).
- intel_th: msu: Fix vmalloced buffers (git-fixes).
- intel_th: msu-sink: Potential dereference of null pointer
  (git-fixes).
- intel_th: Fix a resource leak in an error handling path
  (git-fixes).
- misc: rtsx: Fix an error handling path in rtsx_pci_probe()
  (git-fixes).
- fpga: altera-pr-ip: fix unsigned comparison with less than zero
  (git-fixes).
- commit 14d844c
- dmaengine: sf-pdma: Add multithread support for a DMA channel
  (git-fixes).
- dmaengine: stm32-mdma: Remove dead code in
  stm32_mdma_irq_handler() (git-fixes).
- clk: qcom: gcc-msm8939: Fix weird field spacing in
  ftbl_gcc_camss_cci_clk (git-fixes).
- clk: qcom: clk-rcg2: Make sure to not write d=0 to the NMD
  register (git-fixes).
- clk: qcom: clk-rcg2: Fail Duty-Cycle configuration if MND
  divider is not enabled (git-fixes).
- clk: qcom: camcc-sm8250: Fix topology around titan_top power
  domain (git-fixes).
- clk: qcom: camcc-sdm845: Fix topology around titan_top power
  domain (git-fixes).
- clk: qcom: ipq8074: set BRANCH_HALT_DELAY flag for UBI clocks
  (git-fixes).
- clk: qcom: ipq8074: fix NSS port frequency tables (git-fixes).
- clk: qcom: ipq8074: SW workaround for UBI32 PLL lock
  (git-fixes).
- clk: qcom: ipq8074: fix NSS core PLL-s (git-fixes).
- clk: qcom: gcc-msm8939: Point MM peripherals to system_mm_noc
  clock (git-fixes).
- clk: qcom: gcc-msm8939: Add missing system_mm_noc_bfdcd_clk_src
  (git-fixes).
- clk: qcom: gcc-msm8939: Fix bimc_ddr_clk_src rcgr base address
  (git-fixes).
- clk: qcom: gcc-msm8939: Add missing SYSTEM_MM_NOC_BFDCD_CLK_SRC
  (git-fixes).
- clk: qcom: clk-krait: unlock spin after mux completion
  (git-fixes).
- clk: qcom: camcc-sm8250: Fix halt on boot by reducing driver's
  init level (git-fixes).
- clk: renesas: r9a06g032: Fix UART clkgrp bitsel (git-fixes).
- clk: mediatek: reset: Fix written reset bit offset (git-fixes).
- commit 138fb4a
- fix race between exit_itimers() and /proc/pid/timers
  (git-fixes).
- commit 62d2eea
- posix-cpu-timers: Cleanup CPU timers before freeing them during exec (CVE-2022-2585 bsc#1202094).
- commit 2decf97
- supported.conf: added drivers/net/ethernet/marvell/octeontx2/nic/otx2_ptp and
  changed all octeontx2 modules as supported (jsc#SLE-24682)
- commit 8caae84
- kabi/severities: octeontx2 driver (jsc#SLE-24682)
- commit e0be4cf
- octeontx2-af: cn10k: RPM hardware timestamp configuration
  (jsc#SLE-24682).
- Refresh
  patches.suse/octeontx2-af-cn10k-Do-not-enable-RPM-loopback-for-LP.patch.
- commit c25b3fb
- can: pch_can: pch_can_error(): initialize errc before using it
  (git-fixes).
- commit 4644234
- virtio-gpu: fix a missing check to avoid NULL dereference
  (git-fixes).
- media: cedrus: hevc: Add check for invalid timestamp
  (git-fixes).
- media: cedrus: h265: Fix flag name (git-fixes).
- media: [PATCH] pci: atomisp_cmd: fix three missing checks on
  list iterator (git-fixes).
- media: tw686x: Fix memory leak in tw686x_video_init (git-fixes).
- media: v4l2-mem2mem: prevent pollerr when last_buffer_dequeued
  is set (git-fixes).
- media: hdpvr: fix error value returns in hdpvr_read (git-fixes).
- media: tw686x: Register the irq at the end of probe (git-fixes).
- media: atmel: atmel-sama7g5-isc: fix warning in configs without
  OF (git-fixes).
- i2c: mux-gpmux: Add of_node_put() when breaking out of loop
  (git-fixes).
- i2c: cadence: Support PEC for SMBus block read (git-fixes).
- i2c: Fix a potential use after free (git-fixes).
- i2c: mxs: Silence a clang warning (git-fixes).
- i2c: npcm: Capitalize the one-line comment (git-fixes).
- i2c: npcm: Correct slave role behavior (git-fixes).
- net: rose: fix netdev reference changes (git-fixes).
- wifi: wil6210: debugfs: fix uninitialized variable use in
  `wil_write_file_wmi()` (git-fixes).
- wifi: rtw88: check the return value of alloc_workqueue()
  (git-fixes).
- wifi: libertas: Fix possible refcount leak in if_usb_probe()
  (git-fixes).
- wifi: iwlwifi: mvm: fix double list_add at
  iwl_mvm_mac_wake_tx_queue (git-fixes).
- wifi: wil6210: debugfs: fix info leak in wil_write_file_wmi()
  (git-fixes).
- wifi: p54: add missing parentheses in p54_flush() (git-fixes).
- wifi: p54: Fix an error handling path in p54spi_probe()
  (git-fixes).
- mediatek: mt76: eeprom: fix missing of_node_put() in
  mt76_find_power_limits_node() (git-fixes).
- mediatek: mt76: mac80211: Fix missing of_node_put() in
  mt76_led_init() (git-fixes).
- mt76: mt7921: enlarge maximum VHT MPDU length to 11454
  (git-fixes).
- mt76: mt7615: do not update pm stats in case of error
  (git-fixes).
- mt76: mt76x02u: fix possible memory leak in
  __mt76x02u_mcu_send_msg (git-fixes).
- wifi: mac80211: limit A-MSDU subframes for client too
  (git-fixes).
- wifi: rtw89: 8852a: rfk: fix div 0 exception (git-fixes).
- wifi: iwlegacy: 4965: fix potential off-by-one overflow in
  il4965_rs_fill_link_cmd() (git-fixes).
- wifi: rtlwifi: fix error codes in rtl_debugfs_set_write_h2c()
  (git-fixes).
- virtio-net: fix the race between refill work and close
  (git-fixes).
- net: macsec: fix potential resource leak in macsec_add_rxsa()
  and macsec_add_txsa() (git-fixes).
- commit 559b103
- Remove doubly applied amdgpu patches
- commit c58b33f
- drm/amd/display: Revert "/drm/amd/display: turn DPMS off on
  connector unplug"/ (git-fixes).
- commit 2a4df70
- drm/amd/display: Enable building new display engine with KCOV
  enabled (git-fixes).
- drm/nouveau: Don't pm_runtime_put_sync(), only
  pm_runtime_put_autosuspend() (git-fixes).
- drm/nouveau/acpi: Don't print error when we get -EINPROGRESS
  from pm_runtime (git-fixes).
- drm/nouveau/kms: Fix failure path for creating DP connectors
  (git-fixes).
- drm/exynos/exynos7_drm_decon: free resources when
  clk_set_parent() failed (git-fixes).
- drm/msm/mdp5: Fix global state lock backoff (git-fixes).
- drm/msm/hdmi: drop empty 'none' regulator lists (git-fixes).
- drm/msm/hdmi: enable core-vcc/core-vdda-supply for 8996 platform
  (git-fixes).
- drm/mediatek: dpi: Only enable dpi after the bridge is enabled
  (git-fixes).
- drm/mediatek: dpi: Remove output format of YUV (git-fixes).
- drm/mediatek: Add pull-down MIPI operation in mtk_dsi_poweroff
  function (git-fixes).
- drm: bridge: sii8620: fix possible off-by-one (git-fixes).
- drm/rockchip: Fix an error handling path rockchip_dp_probe()
  (git-fixes).
- drm/rockchip: vop: Don't crash for invalid duplicate_state()
  (git-fixes).
- drm/amd/amd_shared.h: Add missing doc for PP_GFX_DCS_MASK
  (git-fixes).
- drm/radeon: fix incorrrect SPDX-License-Identifiers (git-fixes).
- drm/radeon: fix potential buffer overflow in
  ni_set_mc_special_registers() (git-fixes).
- Revert "/drm/i915: Hold reference to intel_context over life
  of i915_request"/ (git-fixes).
- drm/vc4: hdmi: Correct HDMI timing registers for interlaced
  modes (git-fixes).
- i2c: npcm: Remove own slave addresses 2:10 (git-fixes).
- commit c8ad99e
- drm/vc4: hdmi: Fix timings for interlaced modes (git-fixes).
- drm/vc4: hdmi: Reset HDMI MISC_CONTROL register (git-fixes).
- drm/vc4: dsi: Add correct stop condition to
  vc4_dsi_encoder_disable iteration (git-fixes).
- drm/vc4: dsi: Fix dsi0 interrupt support (git-fixes).
- drm/vc4: dsi: Register dsi0 as the correct vc4 encoder type
  (git-fixes).
- drm/vc4: dsi: Correct pixel order for DSI0 (git-fixes).
- drm/vc4: dsi: Correct DSI divider calculations (git-fixes).
- drm/vc4: plane: Fix margin calculations for the right/bottom
  edges (git-fixes).
- drm/vc4: plane: Remove subpixel positioning check (git-fixes).
- drm/doc: Fix comment typo (git-fixes).
- drm/mcde: Fix refcount leak in mcde_dsi_bind (git-fixes).
- drm: bridge: adv7511: Add check for mipi_dsi_driver_register
  (git-fixes).
- drm: adv7511: override i2c address of cec before accessing it
  (git-fixes).
- drm/bridge: lt9611uxc: Cancel only driver's work (git-fixes).
- drm/nouveau: fix another off-by-one in nvbios_addr (git-fixes).
- drm/mipi-dbi: align max_chunk to 2 in spi_transfer (git-fixes).
- drm/st7735r: Fix module autoloading for Okaya RH128128T
  (git-fixes).
- drm/bridge: tc358767: Make sure Refclk clock are enabled
  (git-fixes).
- drm/simpledrm: Fix return type of
  simpledrm_simple_display_pipe_mode_valid() (git-fixes).
- commit 3606800
- can: mcp251xfd: mcp251xfd_dump(): fix comment (git-fixes).
- Bluetooth: hci_intel: Add check for platform_driver_register
  (git-fixes).
- can: error: specify the values of data[5..7] of CAN error frames
  (git-fixes).
- can: usb_8dev: do not report txerr and rxerr during bus-off
  (git-fixes).
- can: kvaser_usb_leaf: do not report txerr and rxerr during
  bus-off (git-fixes).
- can: kvaser_usb_hydra: do not report txerr and rxerr during
  bus-off (git-fixes).
- can: sun4i_can: do not report txerr and rxerr during bus-off
  (git-fixes).
- can: hi311x: do not report txerr and rxerr during bus-off
  (git-fixes).
- can: sja1000: do not report txerr and rxerr during bus-off
  (git-fixes).
- can: rcar_can: do not report txerr and rxerr during bus-off
  (git-fixes).
- can: pch_can: do not report txerr and rxerr during bus-off
  (git-fixes).
- ath11k: Fix incorrect debug_mask mappings (git-fixes).
- ath11k: fix netdev open race (git-fixes).
- ath10k: do not enforce interrupt trigger type (git-fixes).
- can: netlink: allow configuring of fixed data bit rates without
  need for do_set_data_bittiming callback (git-fixes).
- can: Break loopback loop on loopback documentation (git-fixes).
- can: netlink: allow configuring of fixed bit rates without
  need for do_set_bittiming callback (git-fixes).
- docs/kernel-parameters: Update descriptions for "/mitigations="/
  param with retbleed (git-fixes).
- Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_put
  (git-fixes).
- commit caf4ad9
- x86/speculation: Add LFENCE to RSB fill sequence (bsc#1201726
  CVE-2022-26373).
- commit e9f7bfc
- x86/speculation: Add RSB VM Exit protections (bsc#1201726
  CVE-2022-26373).
- commit 87cc728
- ipv4: avoid using shared IP generator for connected sockets
  (CVE-2020-36516 bsc#1196616).
- ipv4: tcp: send zero IPID in SYNACK messages (CVE-2020-36516
  bsc#1196616).
- commit 1c066c9
- selftests: timers: clocksource-switch: fix passing errors from
  child (git-fixes).
- selftests: timers: valid-adjtimex: build fix for newer
  toolchains (git-fixes).
- Documentation: siphash: Fix typo in the name of offsetofend
  macro (git-fixes).
- Documentation: update watch_queue.rst references (git-fixes).
- docs: zh_CN: fix a broken reference (git-fixes).
- crypto: arm64/poly1305 - fix a read out-of-bound (git-fixes).
- crypto: hisilicon/sec - fix auth key size error (git-fixes).
- crypto: inside-secure - Add missing MODULE_DEVICE_TABLE for of
  (git-fixes).
- crypto: hisilicon/hpre - don't use GFP_KERNEL to alloc mem
  during softirq (git-fixes).
- crypto: hisilicon - Kunpeng916 crypto driver don't sleep when
  in softirq (git-fixes).
- crypto: hisilicon/sec - don't sleep when in softirq (git-fixes).
- crypto: sun8i-ss - fix infinite loop in sun8i_ss_setup_ivs()
  (git-fixes).
- selftests/seccomp: Fix compile warning when CC=clang
  (git-fixes).
- Documentation: dm writecache: Render status list as list
  (git-fixes).
- thermal/tools/tmon: Include pthread and time headers in tmon.h
  (git-fixes).
- Documentation: PM: Drop pme_interrupt reference (git-fixes).
- PM: domains: Ensure genpd_debugfs_dir exists before remove
  (git-fixes).
- Documentation: ACPI: EINJ: Fix obsolete example (git-fixes).
- ACPI: video: Shortening quirk list by identifying Clevo by
  board_name only (git-fixes).
- ACPI: APEI: Better fix to avoid spamming the console with old
  error logs (git-fixes).
- ACPI: processor/idle: Annotate more functions to live in
  cpuidle section (git-fixes).
- bus: hisi_lpc: fix missing platform_device_put() in
  hisi_lpc_acpi_probe() (git-fixes).
- ACPI: CPPC: Do not prevent CPPC from working in the future
  (git-fixes).
- hwmon: (drivetemp) Add module alias (git-fixes).
- spi: Fix simplification of devm_spi_register_controller
  (git-fixes).
- spi: dt-bindings: zynqmp-qspi: add missing 'required'
  (git-fixes).
- spi: dt-bindings: cadence: add missing 'required' (git-fixes).
- spi: spi-altera-dfl: Fix an error handling path (git-fixes).
- regulator: of: Fix refcount leak bug in
  of_get_regulation_constraints() (git-fixes).
- regulator: qcom_smd: Fix pm8916_pldo range (git-fixes).
- dt-bindings: arm: qcom: fix MSM8994 boards compatibles
  (git-fixes).
- dt-bindings: arm: qcom: fix MSM8916 MTP compatibles (git-fixes).
- arm64: dts: qcom: qcs404: Fix incorrect USB2 PHYs assignment
  (git-fixes).
- arm64: dts: qcom: sm8250: add missing PCIe PHY clock-cells
  (git-fixes).
- arm64: dts: qcom: msm8916: Fix typo in pronto remoteproc node
  (git-fixes).
- ARM: dts: qcom: pm8841: add required thermal-sensor-cells
  (git-fixes).
- ARM: dts: qcom: mdm9615: add missing PMIC GPIO reg (git-fixes).
- ARM: dts: imx7d-colibri-emmc: add cpu1 supply (git-fixes).
- arm64: tegra: Fix SDMMC1 CD on P2888 (git-fixes).
- arm64: dts: mt7622: fix BPI-R64 WPS button (git-fixes).
- arm64: dts: mt8192: Fix idle-states entry-method (git-fixes).
- arm64: dts: mt8192: Fix idle-states nodes naming scheme
  (git-fixes).
- dt-bindings: gpio: zynq: Add missing compatible strings
  (git-fixes).
- ARM: dts: ast2600-evb-a1: fix board compatible (git-fixes).
- ARM: dts: ast2600-evb: fix board compatible (git-fixes).
- ARM: dts: ast2500-evb: fix board compatible (git-fixes).
- arm64: dts: renesas: Fix thermal-sensors on single-zone sensors
  (git-fixes).
- arm64: dts: renesas: beacon: Fix regulator node names
  (git-fixes).
- soc: qcom: aoss: Fix refcount leak in
  qmp_cooling_devices_register (git-fixes).
- soc: qcom: ocmem: Fix refcount leak in of_get_ocmem (git-fixes).
- soc: fsl: guts: machine variable might be unset (git-fixes).
- soc: amlogic: Fix refcount leak in meson-secure-pwrc.c
  (git-fixes).
- meson-mx-socinfo: Fix refcount leak in meson_mx_socinfo_init
  (git-fixes).
- soc: renesas: r8a779a0-sysc: Fix A2DP1 and A2CV[2357] PDR values
  (git-fixes).
- ARM: bcm: Fix refcount leak in bcm_kona_smc_init (git-fixes).
- cpufreq: zynq: Fix refcount leak in zynq_get_revision
  (git-fixes).
- ARM: OMAP2+: Fix refcount leak in omap3xxx_prm_late_init
  (git-fixes).
- ARM: OMAP2+: Fix refcount leak in omapdss_init_of (git-fixes).
- arm64: cpufeature: Allow different PMU versions in ID_DFR0_EL1
  (git-fixes).
- arm64: kasan: Revert "/arm64: mte: reset the page tag in
  page->flags"/ (git-fixes).
- Documentation: fix sctp_wmem in ip-sysctl.rst (git-fixes).
- commit 3f28928
- kabi/severities: add hisilicon hns3 symbols
- commit 684e0cd
- kabi/severities: add Qlogic qed symbols
- commit cb6e740
- net: hns3: clean residual vf config after disable sriov
  (git-fixes).
- commit 3154aec
- net: enetc: report software timestamping via SO_TIMESTAMPING
  (git-fixes).
- commit 1199c9d
- ice: fix 'scheduling while atomic' on aux critical err interrupt
  (git-fixes).
- commit e93e238
- net: bcmgenet: Use stronger register read/writes to assure
  ordering (git-fixes).
- commit 329c205
- net: stmmac: clean up impossible condition (git-fixes).
- commit ab39c12
- qed: validate and restrict untrusted VFs vlan promisc mode
  (git-fixes).
- commit 4ff6c29
- net:enetc: allocate CBD ring data memory using DMA coherent
  methods (git-fixes).
- commit af05743
- net: dsa: mv88e6xxx: Enable port policy support on 6097
  (git-fixes).
- commit c7e4e5e
- net: mscc: ocelot: fix incorrect balancing with down LAG ports
  (git-fixes).
- commit ec8da82
- bnx2x: Invalidate fastpath HSI version for VFs (git-fixes).
- commit 71c2b0b
- bnx2x: Utilize firmware 7.13.21.0 (git-fixes).
- commit dfd1200
- Fix parsing of rpm/macros.kernel-source on SLE12 (bsc#1201019).
- commit 9816878
- kabi/severities: add microchip dsa drivers
- commit d613b6c
- sched/core: Do not requeue task on CPU excluded from cpus_mask
  (bnc#1199356).
- commit f226af5
- net: dsa: hellcreek: Add missing PTP via UDP rules (git-fixes).
- commit eacb01d
- net: dsa: hellcreek: Allow PTP P2P measurements on blocked ports
  (git-fixes).
- commit 8fa1360
- net: dsa: hellcreek: Add STP forwarding rule (git-fixes).
- commit 0417527
- net: dsa: hellcreek: Fix insertion of static FDB entries
  (git-fixes).
- commit 3269aa1
- dsa: mv88e6xxx: fix debug print for SPEED_UNFORCED (git-fixes).
- commit eb53b1f
- net: dsa: mv88e6xxx: Unforce speed & duplex in mac_link_down()
  (git-fixes).
- commit b56ecf7
- net: dsa: mv88e6xxx: allow use of PHYs on CPU and DSA ports
  (git-fixes).
- commit bcf713a
- net: dsa: mv88e6xxx: Link in pcs_get_state() if AN is bypassed
  (git-fixes).
- commit b95b3f1
- net: dsa: mv88e6xxx: Fix inband AN for 2500base-x on 88E6393X
  family (git-fixes).
- commit a40e5b6
- net: dsa: mv88e6xxx: Add fix for erratum 5.2 of 88E6393X family
  (git-fixes).
- commit 855c403
- net: dsa: mv88e6xxx: Save power by disabling SerDes trasmitter
  and receiver (git-fixes).
- commit 2dc0b5b
- net: dsa: mv88e6xxx: Drop unnecessary check in
  mv88e6393x_serdes_erratum_4_6() (git-fixes).
- commit b660473
- net: dsa: mv88e6xxx: Fix application of erratum 4.8 for 88E6393X
  (git-fixes).
- commit 7942c9d
- net: dsa: microchip: implement multi-bridge support (git-fixes).
- commit 1695da6
- net: mscc: ocelot: don't downgrade timestamping RX filters in
  SIOCSHWTSTAMP (git-fixes).
- commit 5d0a92e
- Update metadata references
- commit 17e29ab
- x86/sev: Save the negotiated GHCB version (bsc#1190497).
- commit 7d296c5
- Updated commit IDs from a rebased upstream branch:
- patches.suse/powerpc-pseries-mobility-set-NMI-watchdog-factor-dur.patch.
- patches.suse/powerpc-watchdog-introduce-a-NMI-watchdog-s-factor.patch.
- patches.suse/watchdog-export-lockup_detector_reconfigure.patch.
- commit 34c0e2f
- sched/deadline: Fix BUG_ON condition for deboosted tasks (git-fixes)
- commit 15bee70
- sched/uclamp: Fix iowait boost escaping uclamp restriction (git-fixes)
- commit dacac6f
- sched/uclamp: Fix rq->uclamp_max not set on first enqueue (git-fixes)
- commit 44d8adc
- net: asix: fix "/can't send until first packet is send"/ issue
  (git-fixes).
- commit 1f6d39d
- net: usb: ax88179_178a needs FLAG_SEND_ZLP (git-fixes).
- commit 9ae4b3e
- net: usb: ax88179_178a: add Allied Telesis AT-UMCs (git-fixes).
- commit 6eee3c8
- drm/udl: Restore display mode on resume (bsc#1195917)
- commit ab3f8b8
- EDAC/ghes: Set the DIMM label unconditionally (bsc#1201768).
- commit f44b61a
- lkdtm: Disable return thunks in rodata.c (bsc#1190497).
- commit 1a67e46
- x86/retbleed: Add fine grained Kconfig knobs (bsc#1190497).
- commit 95439df
- ARM: 9216/1: Fix MAX_DMA_ADDRESS overflow (git-fixes).
- commit d7e1c73
- KVM: emulate: do not adjust size of fastop and setcc subroutines
  (bsc#1201930).
- commit 935d297
- kvm/emulate: Fix SETcc emulation function offsets with SLS
  (bsc#1201930).
- Refresh
  patches.suse/x86-kvm-Fix-SETcc-emulation-for-return-thunks.patch.
- commit 154606a
- watchqueue: make sure to serialize 'wqueue->defunct' properly
  (git-fixes).
- Refresh
  patches.suse/watch_queue-Fix-missing-rcu-annotation.patch.
- commit 0e9524c
- nouveau/svm: Fix to migrate all requested pages (git-fixes).
- watch_queue: Fix missing locking in add_watch_to_object()
  (git-fixes).
- watch-queue: remove spurious double semicolon (git-fixes).
- xhci: Set HCD flag to defer primary roothub registration
  (git-fixes).
- xhci: dbc: Rename xhci_dbc_init and xhci_dbc_exit (git-fixes).
- xhci: dbc: create and remove dbc structure in dbgtty driver
  (git-fixes).
- xhci: dbc: refactor xhci_dbc_init() (git-fixes).
- mtd: rawnand: gpmi: validate controller clock rate (git-fixes).
- pinctrl: armada-37xx: Convert to use dev_err_probe()
  (git-fixes).
- pinctrl: armada-37xx: Make use of the
  devm_platform_ioremap_resource() (git-fixes).
- pinctrl: armada-37xx: Use temporary variable for struct device
  (git-fixes).
- commit 7883bd5
- drm/amd/display: Ignore First MST Sideband Message Return Error
  (git-fixes).
- Bluetooth: Fix bt_skb_sendmmsg not allocating partial chunks
  (git-fixes).
- bitfield.h: Fix "/type of reg too small for mask"/ test
  (git-fixes).
- Bluetooth: SCO: Fix sco_send_frame returning skb->len
  (git-fixes).
- Bluetooth: Fix passing NULL to PTR_ERR (git-fixes).
- Bluetooth: RFCOMM: Replace use of memcpy_from_msg with
  bt_skb_sendmmsg (git-fixes).
- Bluetooth: SCO: Replace use of memcpy_from_msg with
  bt_skb_sendmsg (git-fixes).
- Bluetooth: Add bt_skb_sendmmsg helper (git-fixes).
- Bluetooth: Add bt_skb_sendmsg helper (git-fixes).
- commit 68b3804
- Revert selftest patches that have been reverted in stable-5.15.y
- commit a911337
- scsi: megaraid: Clear READ queue map's nr_queues (git-fixes).
- commit 55821eb
- nvme: consider also host_iface when checking ip options
  (bsc#1199670).
- commit 230f363
- tty: n_gsm: fix invalid gsmtty_write_room() result (git-fixes).
- tty: n_gsm: fix mux activation issues in gsm_config()
  (git-fixes).
- tty: n_gsm: fix buffer over-read in gsm_dlci_data() (git-fixes).
- tty: n_gsm: fix sometimes uninitialized warning in
  gsm_dlci_modem_output() (git-fixes).
- tty: n_gsm: fix software flow control handling (git-fixes).
- tty: n_gsm: fix invalid use of MSC in advanced option
  (git-fixes).
- commit 7c30f9f
- tty: n_gsm: fix missing update of modem controls after DLCI open
  (git-fixes).
- commit 421f4e7
- tty: n_gsm: fix incorrect UA handling (git-fixes).
- tty: n_gsm: fix reset fifo race condition (git-fixes).
- tty: n_gsm: fix missing tty wakeup in convergence layer type 2
  (git-fixes).
- tty: n_gsm: fix wrong signal octets encoding in MSC (git-fixes).
- tty: n_gsm: fix wrong command frame length field encoding
  (git-fixes).
- tty: n_gsm: fix wrong command retry handling (git-fixes).
- tty: n_gsm: fix missing explicit ldisc flush (git-fixes).
- tty: n_gsm: fix wrong DLCI release order (git-fixes).
- tty: n_gsm: fix insufficient txframe size (git-fixes).
- commit 98e80d0
- tty: n_gsm: fix malformed counter for out of frame data
  (git-fixes).
- tty: n_gsm: fix frame reception handling (git-fixes).
- tty: n_gsm: fix wrong signal octet encoding in convergence
  layer type 2 (git-fixes).
- tty: n_gsm: fix mux cleanup after unregister tty device
  (git-fixes).
- tty: n_gsm: fix decoupled mux resource (git-fixes).
- tty: n_gsm: fix restart handling via CLD command (git-fixes).
- tty: n_gsm: fix encoding of command/response bit (git-fixes).
- tty: n_gsm: Save dlci address open status when config requester
  (git-fixes).
- tty: n_gsm: Modify CR,PF bit when config requester (git-fixes).
- commit 12973e3
- scripts/gdb: change kernel config dumping method (git-fixes).
- samples/landlock: Format with clang-format (git-fixes).
- samples/landlock: Add clang-format exceptions (git-fixes).
- samples/landlock: Fix path_list memory leak (git-fixes).
- scripts/dtc: Call pkg-config POSIXly correct (git-fixes).
- optee: add error checks in optee_ffa_do_call_with_arg()
  (git-fixes).
- scripts: sphinx-pre-install: Fix ctex support on Debian
  (git-fixes).
- scripts: sphinx-pre-install: add required ctex dependency
  (git-fixes).
- commit c823894
- tee: tee_get_drvdata(): fix description of return value
  (git-fixes).
- tunnels: do not assume mac header is set in
  skb_tunnel_check_pmtu() (git-fixes).
- tuntap: add sanity checks about msg_controllen in sendmsg
  (git-fixes).
- uaccess: fix type mismatch warnings from access_ok()
  (git-fixes).
- tests: fix idmapped mount_setattr test (git-fixes).
- seccomp: Invalidate seccomp mode to catch death failures
  (git-fixes).
- tee: optee: do not check memref size on return from Secure World
  (git-fixes).
- tools include UAPI: Sync sound/asound.h copy with the kernel
  sources (git-fixes).
- tools/testing/scatterlist: add missing defines (git-fixes).
- tools/nolibc: fix incorrect truncation of exit code (git-fixes).
- tools/nolibc: i386: fix initial stack alignment (git-fixes).
- tools/nolibc: x86-64: Fix startup code bug (git-fixes).
- tun: avoid double free in tun_free_netdev (git-fixes).
- commit 00b109c
- watch_queue: Fix missing rcu annotation (git-fixes).
- udmabuf: add back sanity check (git-fixes).
- xprtrdma: treat all calls not a bcall when bc_serv is NULL
  (git-fixes).
- wireguard: device: check for metadata_dst with skb_valid_dst()
  (git-fixes).
- zonefs: Fix management of open zones (git-fixes).
- zonefs: Clear inode information flags on inode creation
  (git-fixes).
- XArray: Update the LRU list in xas_split() (git-fixes).
- vsock/virtio: enable VQs early on probe (git-fixes).
- vsock/virtio: read the negotiated features before using VQs
  (git-fixes).
- vsock/virtio: initialize vdev->priv before using VQs
  (git-fixes).
- ucounts: Fix systemd LimitNPROC with private users regression
  (git-fixes).
- ucounts: Handle wrapping in is_ucounts_overlimit (git-fixes).
- ucounts: Base set_cred_ucounts changes on the real user
  (git-fixes).
- vsock: remove vsock from connected table when connect is
  interrupted by a signal (git-fixes).
- xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create
  (git-fixes).
- ucounts: Fix rlimit max values check (git-fixes).
- zonefs: add MODULE_ALIAS_FS (git-fixes).
- ucounts: In set_cred_ucounts assume new->ucounts is non-NULL
  (git-fixes).
- commit 4dc2af2
- exfat: Drop superfluous new line for error messages
  (bsc#1201725).
- exfat: Downgrade ENAMETOOLONG error message to debug messages
  (bsc#1201725).
- exfat: Expand exfat_err() and co directly to pr_*() macro
  (bsc#1201725).
- exfat: Define NLS_NAME_* as bit flags explicitly (bsc#1201725).
- exfat: Return ENAMETOOLONG consistently for oversized paths
  (bsc#1201725).
- commit d002ca3
- scsi: qla2xxx: Update version to 10.02.07.800-k (bsc#1201958).
- scsi: qla2xxx: Update manufacturer details (bsc#1201958).
- scsi: qla2xxx: Fix sparse warning for dport_data (bsc#1201958).
- scsi: qla2xxx: Fix discovery issues in FC-AL topology
  (bsc#1201958).
- scsi: qla2xxx: Fix imbalance vha->vref_count (bsc#1201958).
- scsi: qla2xxx: edif: Fix dropped IKE message (bsc#1201958).
- scsi: qla2xxx: Fix response queue handler reading stale packets
  (bsc#1201958).
- scsi: qla2xxx: Zero undefined mailbox IN registers
  (bsc#1201958).
- scsi: qla2xxx: Fix incorrect display of max frame size
  (bsc#1201958).
- scsi: qla2xxx: Check correct variable in qla24xx_async_gffid()
  (bsc#1201958).
- commit 6c401ae
- Drop qla2xxx patch which prevented nvme port discovery
  (bsc#1200651 bsc#1200644 bsc#1201954 bsc#1201958)
  Upstream fixed the problem by reverting the offending commit.
  Delete:
  - patches.suse/scsi-qla2xxx-Fix-disk-failure-to-rediscover.patch
- commit ae1d1a3
- selftests/seccomp: Don't call read() on TTY from background pgrp
  (git-fixes).
- selftests: net: udpgro_fwd.sh: explicitly checking the available
  ping feature (git-fixes).
- commit 41741a6
- testing: nvdimm: asm/mce.h is not needed in nfit.c (git-fixes).
- testing: nvdimm: iomap: make __nfit_test_ioremap a macro
  (git-fixes).
- kvm: selftests: do not use bitfields larger than 32-bits for
  PTEs (git-fixes).
- KVM: selftests: Silence compiler warning in the
  kvm_page_table_test (git-fixes).
- testing/selftests/mqueue: Fix mq_perf_tests to free the
  allocated cpu set (git-fixes).
- userfaultfd/selftests: fix hugetlb area allocations (git-fixes).
- KVM: selftests: Make sure kvm_create_max_vcpus test won't hit
  RLIMIT_NOFILE (git-fixes).
- commit b3cbd1a
- selftests: forwarding: fix error message in learning_test
  (git-fixes).
- selftests: forwarding: fix learning_test when h1 supports
  IFF_UNICAST_FLT (git-fixes).
- selftests: forwarding: fix flood_unicast_test when h2 supports
  IFF_UNICAST_FLT (git-fixes).
- selftests: mptcp: more stable diag tests (git-fixes).
- selftests/net: pass ipv6_args to udpgso_bench's IPv6 TCP test
  (git-fixes).
- selftests: netfilter: correct PKTGEN_SCRIPT_PATHS in
  nft_concat_range.sh (git-fixes).
- kselftest/cgroup: fix test_stress.sh to use OUTPUT dir
  (git-fixes).
- selftests/resctrl: Fix null pointer dereference on open failed
  (git-fixes).
- selftests: vm: Makefile: rename TARGETS to VMTARGETS
  (git-fixes).
- selftests: add ping test with ping_group_range tuned
  (git-fixes).
- selftests: ocelot: tc_flower_chains: specify conform-exceed
  action for policer (git-fixes).
- selftests/net: so_txtime: usage(): fix documentation of default
  clock (git-fixes).
- selftests/net: so_txtime: fix parsing of start time stamp on
  32 bit systems (git-fixes).
- selftests: mirror_gre_bridge_1q: Avoid changing PVID while
  interface is operational (git-fixes).
- selftest/vm: verify remap destination address in mremap_test
  (git-fixes).
- selftest/vm: verify mmap addr in mremap_test (git-fixes).
- selftests: mlxsw: vxlan_flooding: Prevent flooding of unwanted
  packets (git-fixes).
- selftests: test_vxlan_under_vrf: Fix broken test case
  (git-fixes).
- selftests: mptcp: add csum mib check for mptcp_connect
  (git-fixes).
- selftests/net: timestamping: Fix bind_phc check (git-fixes).
- selftests, x86: fix how check_cc.sh is being invoked
  (git-fixes).
- selftests/rseq: Change type of rseq_offset to ptrdiff_t
  (git-fixes).
- selftests/rseq: x86-32: use %gs segment selector for accessing
  rseq thread area (git-fixes).
- selftests/rseq: x86-64: use %fs segment selector for accessing
  rseq thread area (git-fixes).
- selftests/rseq: Fix: work-around asm goto compiler bugs
  (git-fixes).
- selftests/rseq: Remove arm/mips asm goto compiler work-around
  (git-fixes).
- selftests/rseq: Fix warnings about #if checks of undefined
  tokens (git-fixes).
- selftests/rseq: Fix ppc32 offsets by using long rather than
  off_t (git-fixes).
- selftests/rseq: Fix ppc32 missing instruction selection "/u"/
  and "/x"/ for load/store (git-fixes).
- selftests/rseq: Fix ppc32: wrong rseq_cs 32-bit field pointer
  on big endian (git-fixes).
- selftests/rseq: Uplift rseq selftests for compatibility with
  glibc-2.35 (git-fixes).
- selftests/rseq: Introduce thread pointer getters (git-fixes).
- selftests/rseq: Introduce rseq_get_abi() helper (git-fixes).
- selftests/rseq: Remove volatile from __rseq_abi (git-fixes).
- selftests/rseq: Remove useless assignment to cpu variable
  (git-fixes).
- selftests/rseq: introduce own copy of rseq uapi header
  (git-fixes).
- selftests/sgx: Treat CC as one argument (git-fixes).
- selftests/x86: Add validity check and allow field splitting
  (git-fixes).
- selftests: vm: fix clang build error multiple output files
  (git-fixes).
- selftests: pmtu.sh: Kill nettest processes launched in subshell
  (git-fixes).
- selftests: pmtu.sh: Kill tcpdump processes launched by subshell
  (git-fixes).
- kselftest/vm: fix tests build with old libc (git-fixes).
- selftests: mlxsw: resource_scale: Fix return value (git-fixes).
- selftests: mlxsw: tc_police_scale: Make test more robust
  (git-fixes).
- selftests/memfd: clean up mapping in mfd_fail_write (git-fixes).
- selftest/vm: fix map_fixed_noreplace test failure (git-fixes).
- selftests: mptcp: fix diag instability (git-fixes).
- selftests/ftrace: Do not trace do_softirq because of PREEMPT_RT
  (git-fixes).
- selftests/seccomp: Fix seccomp failure by adding missing headers
  (git-fixes).
- selftests/exec: Add non-regular to TEST_GEN_PROGS (git-fixes).
- selftests: netfilter: disable rp_filter on router (git-fixes).
- selftests: netfilter: fix exit value for nft_concat_range
  (git-fixes).
- selftests: fixup build warnings in pidfd / clone3 tests
  (git-fixes).
- selftests: nft_concat_range: add test for reload with no
  element add/del (git-fixes).
- kselftest: Fix vdso_test_abi return status (git-fixes).
- selftests: skip mincore.check_file_mmap when fs lacks needed
  support (git-fixes).
- selftests: openat2: Skip testcases that fail with EOPNOTSUPP
  (git-fixes).
- selftests: openat2: Add missing dependency in Makefile
  (git-fixes).
- selftests: openat2: Print also errno in failure messages
  (git-fixes).
- selftests: futex: Use variable MAKE instead of make (git-fixes).
- selftests/exec: Remove pipe from TEST_GEN_FILES (git-fixes).
- selftests/zram: Adapt the situation that /dev/zram0 is being
  used (git-fixes).
- selftests/zram01.sh: Fix compression ratio calculation
  (git-fixes).
- selftests/zram: Skip max_comp_streams interface on newer kernel
  (git-fixes).
- kselftest: signal all child processes (git-fixes).
- selftests: rtc: Increase test timeout so that all tests run
  (git-fixes).
- selftests: mptcp: fix ipv6 routing setup (git-fixes).
- selftests/vm: make charge_reserved_hugetlb.sh work with existing
  cgroup setting (git-fixes).
- selftests/powerpc: Add a test of sigreturning to the kernel
  (git-fixes).
- selftests/powerpc/spectre_v2: Return skip code when miss_percent
  is high (git-fixes).
- selftests/rseq: remove ARRAY_SIZE define from individual tests
  (git-fixes).
- selftests: harness: avoid false negatives if test has no ASSERTs
  (git-fixes).
- selftests/ftrace: make kprobe profile testcase description
  unique (git-fixes).
- selftests: clone3: clone3: add case CLONE3_ARGS_NO_TEST
  (git-fixes).
- selftests: cgroup: Test open-time cgroup namespace usage for
  migration checks (git-fixes).
- selftests: cgroup: Test open-time credential usage for migration
  checks (git-fixes).
- selftests: cgroup: Make cg_create() use 0755 for permission
  instead of 0644 (git-fixes).
- selftests: net: using ping6 for IPv6 in udpgro_fwd.sh
  (git-fixes).
- selftests: net: Fix a typo in udpgro_fwd.sh (git-fixes).
- selftests/net: udpgso_bench_tx: fix dst ip argument (git-fixes).
- selftest/net/forwarding: declare NETIFS p9 p10 (git-fixes).
- selftests: Fix IPv6 address bind tests (git-fixes).
- selftests: Fix raw socket bind tests with VRF (git-fixes).
- selftests: Add duplicate config only for MD5 VRF tests
  (git-fixes).
- selftests: icmp_redirect: pass xfail=0 to log_test()
  (git-fixes).
- selftests: net: Correct ping6 expected rc from 2 to 1
  (git-fixes).
- selftests/fib_tests: Rework fib_rp_filter_test() (git-fixes).
- selftests: net: Correct case name (git-fixes).
- selftests: netfilter: add a vrf+conntrack testcase (git-fixes).
- selftests: gpio: fix gpio compiling error (git-fixes).
- selftests: net: tls: remove unused variable and code
  (git-fixes).
- selftests/vm/transhuge-stress: fix ram size thinko (git-fixes).
- selftests: x86: fix [-Wstringop-overread] warn in
  test_process_vm_readv() (git-fixes).
- selftests/memfd: remove unused variable (git-fixes).
- commit 48061db
- 9p: Fix refcounting during full path walks for fid lookups
  (git-fixes).
- 9p: fix fid refcount leak in v9fs_vfs_get_link (git-fixes).
- 9p: fix fid refcount leak in v9fs_vfs_atomic_open_dotl
  (git-fixes).
- commit ecbaea5
- blacklist.conf: Add ALSA entries that can't be applied to SLE15-SP4 kernels
  Those are to be cleared once when more ALSA core stuff is backported
- commit b982d6c
- macsec: always read MACSEC_SA_ATTR_PN as a u64 (git-fixes).
- macsec: limit replay window size with XPN (git-fixes).
- macsec: fix error message in macsec_add_rxsa and _txsa
  (git-fixes).
- macsec: fix NULL deref in macsec_add_rxsa (git-fixes).
- commit 4b9d2ad
- exfat: use updated exfat_chain directly during renaming
  (git-fixes).
- commit 6b8d95e
- nilfs2: fix incorrect masking of permission flags for symlinks
  (git-fixes).
- usbnet: Run unregister_netdev() before unbind() again
  (git-fixes).
- nilfs2: fix lockdep warnings during disk space reclamation
  (git-fixes).
- nilfs2: fix lockdep warnings in page operations for btree nodes
  (git-fixes).
- minix: fix bug when opening a file with O_DIRECT (git-fixes).
- locking/lockdep: Iterate lock_classes directly when reading
  lockdep files (git-fixes).
- locking/lockdep: Avoid potential access of invalid memory in
  lock_class (git-fixes).
- loop: use sysfs_emit() in the sysfs xxx show() (git-fixes).
- smsc95xx: Ignore -ENODEV errors when device is unplugged
  (git-fixes).
- net: usb: Correct reset handling of smsc95xx (git-fixes).
- loop: Use pr_warn_once() for loop_control_remove() warning
  (git-fixes).
- net: usb: Correct PHY handling of smsc95xx (git-fixes).
- commit 3017f33
- selftests/landlock: Add tests for unknown access rights
  (git-fixes).
- commit a355ad8
- fix race between exit_itimers() and /proc/pid/timers
  (git-fixes).
- iov_iter: fix build issue due to possible type mis-match
  (git-fixes).
- iov_iter: Fix iter_xarray_get_pages{,_alloc}() (git-fixes).
- landlock: Fix same-layer rule unions (git-fixes).
- landlock: Create find_rule() from unmask_layers() (git-fixes).
- landlock: Reduce the maximum number of layers to 16 (git-fixes).
- landlock: Define access_mask_t to enforce a consistent access
  mask size (git-fixes).
- selftests/landlock: Test landlock_create_ruleset(2) argument
  check ordering (git-fixes).
- landlock: Change landlock_restrict_self(2) check ordering
  (git-fixes).
- landlock: Change landlock_add_rule(2) argument check ordering
  (git-fixes).
- selftests/landlock: Add tests for O_PATH (git-fixes).
- selftests/landlock: Fully test file rename with "/remove"/ access
  (git-fixes).
- selftests/landlock: Extend access right tests to directories
  (git-fixes).
- selftests/landlock: Extend tests for minimal valid attribute
  size (git-fixes).
- selftests/landlock: Make tests build with old libc (git-fixes).
- landlock: Fix landlock_add_rule(2) documentation (git-fixes).
- selftests/landlock: Format with clang-format (git-fixes).
- selftests/landlock: Normalize array assignment (git-fixes).
- selftests/landlock: Add clang-format exceptions (git-fixes).
- landlock: Format with clang-format (git-fixes).
- landlock: Add clang-format exceptions (git-fixes).
- l3mdev: l3mdev_master_upper_ifindex_by_index_rcu should be
  using netdev_master_upper_dev_get_rcu (git-fixes).
- landlock: Use square brackets around "/landlock-ruleset"/
  (git-fixes).
- lockdep: Correct lock_classes index mapping (git-fixes).
- irqchip/sifive-plic: Add missing thead,c900-plic match string
  (git-fixes).
- inet_diag: fix kernel-infoleak for UDP sockets (git-fixes).
- commit 6710d1e
- asm-generic: remove a broken and needless ifdef conditional
  (git-fixes).
- Documentation: fix udp_wmem_min in ip-sysctl.rst (git-fixes).
- Documentation: add description for net.sctp.ecn_enable
  (git-fixes).
- Documentation: add description for net.sctp.intl_enable
  (git-fixes).
- Documentation: add description for net.sctp.reconf_enable
  (git-fixes).
- dma-debug: make things less spammy under memory pressure
  (git-fixes).
- export: fix string handling of namespace in EXPORT_SYMBOL_NS
  (git-fixes).
- fat: add ratelimit to fat*_ent_bread() (git-fixes).
- dma-debug: change allocation mode from GFP_NOWAIT to GFP_ATIOMIC
  (git-fixes).
- Documentation: add description for net.core.gro_normal_batch
  (git-fixes).
- Documentation: move watch_queue to core-api (git-fixes).
- exfat: fix referencing wrong parent directory information
  after renaming (git-fixes).
- arm_pmu: Validate single/group leader events (git-fixes).
- configfs: fix a race in configfs_{,un}register_subsystem()
  (git-fixes).
- exfat: fix i_blocks for files truncated over 4 GiB (git-fixes).
- exfat: reuse exfat_inode_info variable instead of calling
  EXFAT_I() (git-fixes).
- device property: Check fwnode->secondary when finding properties
  (git-fixes).
- erofs: fix deadlock when shrink erofs slab (git-fixes).
- commit 1ff4d9a
- patches.suse/msft-hv-2570-hv_netvsc-Add-support-for-XDP_REDIRECT.patch:
  (bsc#1199364).
- commit fbec9a8
- nvme-auth: retry command if DNR bit is not set (bsc#1201675).
- commit 0beb6ec
- nvme: kabi fixes for in-band authentication (bsc#1199086).
- commit 26c80ba
- Update config files.
- commit 1003620
- cifs: fix reconnect on smb3 mount types (bsc#1201427).
- commit d696086
- Update
  patches.suse/netfilter-nf_tables-disallow-non-stateful-expression.patch
  references (add CVE-2022-32250).
- commit 801027d
- net/sched: cls_u32: fix netns refcount changes in u32_change()
  (CVE-2022-29581 bsc#1199665).
- commit 6f81977
- blacklist.conf: This is a cleanup, not fixing any bug
- commit 6f050ff
- tee: fix put order in teedev_close_context() (git-fixes).
- commit 1650ec3
- blacklist.conf: duplicate
- commit 1c70642
- random: fix typo in comments (git-fixes).
- commit 6de6114
- blacklist.conf: breaks kABI for a cleanup
- commit 678666e
- random: document add_hwgenerator_randomness() with other input
  functions (git-fixes).
- commit 0fb6e8a
- Bluetooth: btusb: Add the new support IDs for WCN6855
  (git-fixxes).
- Refresh
  patches.suse/Bluetooth-btusb-Add-one-more-Bluetooth-part-for-WCN6.patch.
- commit 91ad5ba
- supported.conf: mark drivers/nvme/common as supported (jsc#SLE-20183)
- commit 2fed93a
- Refresh nvme in-band authentication patches (bsc#1199086)
- nvme: implement In-Band authentication (jsc#SLE-20183).
- Refresh
  patches.suse/0007-nvme-auth-Diffie-Hellman-key-exchange-support.patch.
- Refresh
  patches.suse/0008-nvmet-parse-fabrics-commands-on-io-queues.patch.
- nvmet: implement basic In-Band Authentication (jsc#SLE-20183).
- Refresh
  patches.suse/0010-nvmet-auth-Diffie-Hellman-key-exchange-support.patch.
- nvmet-auth: expire authentication sessions (jsc#SLE-20183).
- Delete patches.suse/nvme-auth-fixup-crash-at-boot.patch.
- Delete
  patches.suse/nvme-fix-visibility-of-dev_attr_dhchap_ctrl_secret-s.patch.
- commit 90c9163
- Refresh patches.suse/0001-crypto-add-crypto_has_shash.patch.
- Refresh patches.suse/0002-crypto-add-crypto_has_kpp.patch.
- Refresh
  patches.suse/0003-lib-base64-RFC4648-compliant-base64-encoding.patch.
- Refresh
  patches.suse/0004-nvme-add-definitions-for-NVMe-In-Band-authentication.patch.
- Refresh
  patches.suse/0005-nvme-fabrics-decode-authentication-required-connect-.patch.
- commit 7d9a006
- powerpc/pseries/mobility: set NMI watchdog factor during an LPM
  (bsc#1201846 ltc#198761).
- powerpc/watchdog: introduce a NMI watchdog's factor (bsc#1201846
  ltc#198761).
- watchdog: export lockup_detector_reconfigure (bsc#1201846
  ltc#198761).
- powerpc/mobility: wait for memory transfer to complete
  (bsc#1201846 ltc#198761).
- commit 4c3e250
- page_alloc: fix invalid watemark check on a negative value
  (git fixes (mm/pgalloc)).
- commit 11d19f6
- VMCI: Add support for ARM64 (bsc#1199291, jsc#SLE-24635).
- commit 91f9b43
- VMCI: Release notification_bitmap in error path (bsc#1199291,
  jsc#SLE-24635).
- VMCI: Check exclusive_vectors when freeing interrupt 1
  (bsc#1199291, jsc#SLE-24635).
- VMCI: Fix some error handling paths in vmci_guest_probe_device()
  (bsc#1199291, jsc#SLE-24635).
- VMCI: dma dg: add support for DMA datagrams receive
  (bsc#1199291, jsc#SLE-24635).
- VMCI: dma dg: add support for DMA datagrams sends (bsc#1199291,
  jsc#SLE-24635).
- VMCI: dma dg: allocate send and receive buffers for DMA
  datagrams (bsc#1199291, jsc#SLE-24635).
- VMCI: dma dg: register dummy IRQ handlers for DMA datagrams
  (bsc#1199291, jsc#SLE-24635).
- VMCI: dma dg: set OS page size (bsc#1199291, jsc#SLE-24635).
- VMCI: dma dg: detect DMA datagram capability (bsc#1199291,
  jsc#SLE-24635).
- VMCI: dma dg: add MMIO access to registers (bsc#1199291,
  jsc#SLE-24635).
- VMCI: dma dg: whitespace formatting change for vmci register
  defines (bsc#1199291, jsc#SLE-24635).
- commit 0e13b0d
- blacklist.conf: add commit 7acae6183cf3
  I blacklisted the wrong commit: instead of adding 7acae6183cf3, I added the
  commit that introduced the bug fixed by it (which isn't present in SLE15-SP4).
- commit 8ec5489
- net: mscc: ocelot: fix backwards compatibility with single-chain
  tc-flower offload (git-fixes).
- commit 5dd0ec2
- net: bcmgenet: skip invalid partial checksums (git-fixes).
- commit af8e915
- ice: Fix race condition during interface enslave (git-fixes).
- commit 873e269
- net: bcmgenet: Don't claim WOL when its not available
  (git-fixes).
- commit a981d90
- net: marvell: prestera: Add missing of_node_put() in
  prestera_switch_set_base_mac_addr (git-fixes).
- commit 4aa2b33
- net: ethernet: lpc_eth: Handle error for clk_enable (git-fixes).
- commit b08b10f
- net: ethernet: ti: cpts: Handle error for clk_enable
  (git-fixes).
- commit 549b785
- ice: Fix error with handling of bonding MTU (git-fixes).
- commit 03f6b8d
- ice: stop disabling VFs due to PF error responses (git-fixes).
- commit 13b5865
- ethernet: Fix error handling in xemaclite_of_probe (git-fixes).
- commit 1b69809
- net: dsa: mt7530: fix incorrect test in
  mt753x_phylink_validate() (git-fixes).
- commit 8344b36
- spi: bcm2835: bcm2835_spi_handle_err(): fix NULL pointer deref
  for non DMA transfers (git-fixes).
- commit 2faff78
- i2c: cadence: Change large transfer count reset logic to be
  unconditional (git-fixes).
- i2c: mlxcpld: Fix register setting for 400KHz frequency
  (git-fixes).
- gpio: gpio-xilinx: Fix integer overflow (git-fixes).
- gpio: pca953x: use the correct register address when regcache
  sync during init (git-fixes).
- gpio: pca953x: use the correct range when do regmap sync
  (git-fixes).
- gpio: pca953x: only use single read/write for No AI mode
  (git-fixes).
- drm/imx/dcss: Add missing of_node_put() in fail path
  (git-fixes).
- drm/ttm: fix locking in vmap/vunmap TTM GEM helpers (git-fixes).
- commit 7a76772
- Update kabi files: import symvers from MU 5.14.21-150400.24.11
- commit 5ac1ff2
- r8152: fix a WOL issue (git-fixes).
- docs: net: dsa: re-explain what port_fdb_dump actually does
  (git-fixes).
- docs: net: dsa: delete port_mdb_dump (git-fixes).
- docs: net: dsa: remove port_vlan_dump (git-fixes).
- docs: net: dsa: document port_fast_age (git-fixes).
- docs: net: dsa: document port_setup and port_teardown
  (git-fixes).
- docs: net: dsa: document the teardown method (git-fixes).
- docs: net: dsa: document change_tag_protocol (git-fixes).
- docs: net: dsa: add more info about the other arguments to
  get_tag_protocol (git-fixes).
- docs: net: dsa: rename tag_protocol to get_tag_protocol
  (git-fixes).
- docs: net: dsa: document the shutdown behavior (git-fixes).
- docs: net: dsa: update probing documentation (git-fixes).
- Revert "/e1000e: Fix possible HW unit hang after an s0ix exit"/
  (git-fixes).
- e1000e: Enable GPT clock before sending message to CSME
  (git-fixes).
- USB: serial: ftdi_sio: add Belimo device ids (git-fixes).
- serial: 8250: fix return error code in
  serial8250_request_std_resource() (git-fixes).
- tty: serial: samsung_tty: set dma burst_size to 1 (git-fixes).
- drm/i915/gt: Serialize GRDOM access between multiple engine
  resets (git-fixes).
- wifi: mac80211: fix queue selection for mesh/OCB interfaces
  (git-fixes).
- pinctrl: aspeed: Fix potential NULL dereference in
  aspeed_pinmux_set_mux() (git-fixes).
- irqchip: or1k-pic: Undefine mask_ack for level triggered
  hardware (git-fixes).
- ASoC: madera: Fix event generation for rate controls
  (git-fixes).
- ASoC: madera: Fix event generation for OUT1 demux (git-fixes).
- ASoC: cs47l15: Fix event generation for low power mux control
  (git-fixes).
- ASoC: dapm: Initialise kcontrol data for mux/demux controls
  (git-fixes).
- ASoC: rt711-sdca: fix kernel NULL pointer dereference when IO
  error (git-fixes).
- ASoC: wm5110: Fix DRE control (git-fixes).
- ASoC: Intel: bytcr_wm5102: Fix GPIO related probe-ordering
  problem (git-fixes).
- ASoC: wcd938x: Fix event generation for some controls
  (git-fixes).
- ASoC: SOF: Intel: hda-loader: Clarify the cl_dsp_init() flow
  (git-fixes).
- ASoC: codecs: rt700/rt711/rt711-sdca: initialize workqueues
  in probe (git-fixes).
- ASoC: rt7*-sdw: harden jack_detect_handler (git-fixes).
- soc: ixp4xx/npe: Fix unused match warning (git-fixes).
- cpufreq: pmac32-cpufreq: Fix refcount leak bug (git-fixes).
- NFC: nxp-nci: don't print header length mismatch on i2c error
  (git-fixes).
- platform/x86: hp-wmi: Ignore Sanitization Mode event
  (git-fixes).
- virtio_mmio: Restore guest page size on resume (git-fixes).
- virtio_mmio: Add missing PM calls to freeze/restore (git-fixes).
- cpufreq: mediatek: Unregister platform device on exit
  (git-fixes).
- cpufreq: mediatek: Use module_init and add module_exit
  (git-fixes).
- drm/i915/dg2: Add Wa_22011100796 (git-fixes).
- drm/i915: Require the vm mutex for i915_vma_bind() (git-fixes).
- drm/i915/uc: correctly track uc_fw init failure (git-fixes).
- commit 4bd213d
- ARM: 9214/1: alignment: advance IT state after emulating Thumb
  instruction (git-fixes).
- ARM: 9213/1: Print message about disabled Spectre workarounds
  only once (git-fixes).
- ALSA: hda/realtek - Enable the headset-mic on a Xiaomi's laptop
  (git-fixes).
- ALSA: hda/realtek - Fix headset mic problem for a HP machine
  with alc221 (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for HP machines
  (git-fixes).
- ALSA: hda/realtek - Fix headset mic problem for a HP machine
  with alc671 (git-fixes).
- ALSA: hda - Add fixup for Dell Latitidue E5430 (git-fixes).
- ALSA: hda/conexant: Apply quirk for another HP ProDesk 600 G3
  model (git-fixes).
- ALSA: hda/realtek: Fix headset mic for Acer SF313-51
  (git-fixes).
- ASoC: rt711: fix calibrate mutex initialization (git-fixes).
- ASoC: Intel: sof_sdw: handle errors on card registration
  (git-fixes).
- ASoC: rt711-sdca-sdw: fix calibrate mutex initialization
  (git-fixes).
- ASoC: Realtek/Maxim SoundWire codecs: disable pm_runtime on
  remove (git-fixes).
- ASoC: ops: Fix off by one in range control validation
  (git-fixes).
- ALSA: usb-audio: Add quirk for Fiero SC-01 (fw v1.0.0)
  (git-fixes).
- ALSA: usb-audio: Add quirk for Fiero SC-01 (git-fixes).
- ALSA: usb-audio: Add quirks for MacroSilicon MS2100/MS2106
  devices (git-fixes).
- ARM: dts: stm32: use the correct clock source for CEC on
  stm32mp151 (git-fixes).
- commit 65713d7
- Move upstreamed be2net patch into sorted section
- commit c55a187
- Drop doubly applied arm64 dts patch
  Delete patches.suse/arm64-dts-broadcom-bcm4908-Fix-timer-node-for-BCM4906-SoC.patch
- commit efd9176
- KABI: cgroup: Restore KABI of css_set (bsc#1201610).
- cgroup: Use separate src/dst nodes when preloading css_sets
  for migration (bsc#1201610).
- commit fa420fb
- net: macb: Fix lost RX packet wakeup race in NAPI receive (git-fixes).
- commit eb2677a
- net: ipa: add an interconnect dependency (git-fixes).
- commit 94e475f
- net: stmmac: fix return value of __setup handler (git-fixes).
- commit 3c858ea
- net: sxgbe: fix return value of __setup handler (git-fixes).
- commit 723d359
- net: sparx5: Fix add vlan when invalid operation (git-fixes).
- commit 1d88b17
- net: chelsio: cxgb3: check the return value of
  pci_find_capability() (git-fixes).
- commit 74c8cc9
- net: mv643xx_eth: process retval from of_get_mac_address
  (git-fixes).
- commit 810f895
- net: ll_temac: check the return value of devm_kmalloc()
  (git-fixes).
- commit 093ee20
- net: dsa: lan9303: add VLAN IDs to master device (git-fixes).
- commit 13c2302
- Revert "/net: ethernet: bgmac: Use
  devm_platform_ioremap_resource_byname"/ (git-fixes).
- commit 411126e
- dpaa2-eth: Initialize mutex used in one step timestamping path
  (git-fixes).
- commit b952b7a
- net: ieee802154: ca8210: Fix lifs/sifs periods (git-fixes).
- commit 7bd7001
- blacklist.conf: add ARCnet drivers
- commit 1614d85
- Sort patches from bsc#1201323
- commit 4165437
- Refresh
  patches.suse/x86-bugs-Do-not-enable-IBPB-on-entry-when-IBPB-is-not-supp.patch.
- commit c3b4451
- lockdown: Fix kexec lockdown bypass with ima policy
  (CVE-2022-21505 bsc#1201458).
- commit 5f6e1e5
- kernel-obs-build: include qemu_fw_cfg (boo#1201705)
- commit e2263d4
- scsi: make sure that request queue queiesce and unquiesce
  balanced (bsc#1201651).
  Refresh:
  - patches.kabi/blk-mq-fix-kabi-support-concurrent-queue-quiesce-unquiesce.patch
  - patches.kabi/kABI-fix-adding-field-to-scsi_device.patch
  - patches.suse/scsi-core-sd-Add-silence_suspend-flag-to-suppress-some-PM-messages.patch
- scsi: avoid to quiesce sdev->request_queue two times
  (bsc#1201651).
- dm: don't stop request queue after the dm device is suspended
  (bsc#1201651).
- commit 4dedd62
- kabi/severities: add intel ice
- commit 77a60f8
- Delete patches.suse/xhci-turn-off-port-power-in-shutdown.patch
  (bsc#1201691)
  This patch leads to a failure to power off.
  https://bugzilla.kernel.org/show_bug.cgi?id=216243
- commit f2d59c9
- i2c: smbus: Check for parent device before dereference
  (git-fixes).
- net: dsa: mv88e6xxx: fix use-after-free in
  mv88e6xxx_mdios_unregister (git-fixes).
- net: usb: qmi_wwan: add Telit 0x1070 composition (git-fixes).
- net: usb: qmi_wwan: add Telit 0x1060 composition (git-fixes).
- commit c96154e
- net: dsa: mv88e6xxx: flush switchdev FDB workqueue before
  removing VLAN (git-fixes).
- commit c4e0776
- net: dsa: lan9303: fix reset on probe (git-fixes).
- commit 33805f1
- ice: Avoid RTNL lock when re-creating auxiliary device
  (git-fixes).
- commit c168b96
- net: mscc: ocelot: fix mutex lock error during ethtool stats
  read (git-fixes).
- commit ceff3da
- dpaa2-eth: unregister the netdev before disconnecting from
  the PHY (git-fixes).
- commit c46c86b
- net: amd-xgbe: disable interrupts during pci removal
  (git-fixes).
- commit c2f5c50
- net: mdio: aspeed: Add missing MODULE_DEVICE_TABLE (git-fixes).
- commit 1ebdd4d
- net: dsa: lantiq_gswip: don't use devres for mdiobus
  (git-fixes).
- commit 93f4a90
- net: dsa: mt7530: fix kernel bug in mdiobus_free() when
  unbinding (git-fixes).
- commit 76cc859
- ethtool: Fix get module eeprom fallback (bsc#1201323).
- commit f5666fa
- nvme: wait until quiesce is done (bsc#1201651).
- blk-mq: add one API for waiting until quiesce is done
  (bsc#1201651).
- commit d28bf38
- arm64: cpufeature: add HWCAP for FEAT_RPRES (git-fixes)
  Refresh patches.suse/0019-arm64-Use-the-clearbhb-instruction-in-mitigations.patch
- commit cbc315a
- arm64: cpufeature: add HWCAP for FEAT_AFP (git-fixes)
- commit b3a2425
- blk-mq: fix kabi support concurrent queue quiesce unquiesce
  (bsc#1201651).
- commit def3ab7
- net: dsa: felix: don't use devres for mdiobus (git-fixes).
- commit a03978a
- net: dsa: bcm_sf2: don't use devres for mdiobus (git-fixes).
- commit 682abc6
- net: dsa: ar9331: register the mdiobus under devres (git-fixes).
- commit 6f8e329
- net: dsa: mv88e6xxx: don't use devres for mdiobus (git-fixes).
- commit 61ee304
- gve: Recording rx queue before sending to napi (git-fixes).
- commit 6edbff0
- ixgbevf: Require large buffers for build_skb on 82599VF
  (git-fixes).
- commit 2479d47
- net: sparx5: Fix get_stat64 crash in tcpdump (git-fixes).
- commit ea855e1
- net: stmmac: ensure PTP time register reads are consistent
  (git-fixes).
- commit 993d341
- net: macsec: Verify that send_sci is on when setting Tx sci
  explicitly (git-fixes).
- commit 3b02b3e
- net: macsec: Fix offload support for NETDEV_UNREGISTER event
  (git-fixes).
- commit d048544
- net: stmmac: dump gmac4 DMA registers correctly (git-fixes).
- commit 741baff
- blk-mq: support concurrent queue quiesce/unquiesce
  (bsc#1201651).
- nvme: loop: clear NVME_CTRL_ADMIN_Q_STOPPED after admin queue
  is reallocated (bsc#1201651).
- nvme: paring quiesce/unquiesce (bsc#1201651).
- nvme: prepare for pairing quiescing and unquiescing
  (bsc#1201651).
- nvme: apply nvme API to quiesce/unquiesce admin queue
  (bsc#1201651).
- nvme: add APIs for stopping/starting admin queue (bsc#1201651).
- commit 6f75240
- net: dsa: mt7530: make NET_DSA_MT7530 select MEDIATEK_GE_PHY
  (git-fixes).
- commit c68ab05
- be2net: Fix buffer overflow in be_get_module_eeprom
  (bsc#1201323).
- commit 46a7cc8
- net: stmmac: properly handle with runtime pm in
  stmmac_dvr_remove() (git-fixes).
- commit 904137a
- net: ieee802154: ca8210: Stop leaking skb's (git-fixes).
- commit fe79137
- Input: i8042 - Apply probe defer to more ASUS ZenBook models
  (bsc#1190256).
- commit cf06848
- net: ieee802154: mcr20a: Fix lifs/sifs periods (git-fixes).
- commit 92bd067
- net: ieee802154: hwsim: Ensure proper channel selection at
  probe time (git-fixes).
- commit 7ae5bdc
- tun: fix bonding active backup with arp monitoring (git-fixes).
- commit cf865a3
- Update patch references for fbcon fixes (CVE-2021-33655 bsc#1201635)
- commit eb3d075
- supported.conf: rvu_mbox as supported (jsc#SLE-24682)
- commit f21578a
- blacklist.conf: Add memcg/rstat optimizations 11192d9c124d fd25a9e0e23b 5b3be698a872
- commit 932b7ef
- blacklist.conf: Add 26d5badbccdd signal: Implement force_fatal_sig
- commit 1fe0fd9
- nbd: fix possible overflow on 'first_minor' in nbd_dev_add()
  (git-fixes).
- md: bcache: check the return value of kzalloc() in
  detached_dev_do_request() (git-fixes).
- commit e2af2db
- kABI workaround for snd-soc-rt5682-* (git-fixes).
- kabi/severities: ignore dropped symbol rt5682_headset_detect
- commit 5e19e6d
- net: stmmac: dwmac-visconti: No change to ETHER_CLOCK_SEL for
  unexpected speed request (git-fixes).
- commit 59356c4
- net: amd-xgbe: ensure to reset the tx_timer_active flag
  (git-fixes).
- commit 3831453
- net: amd-xgbe: Fix skb data length underflow (git-fixes).
- commit 50d3988
- net: stmmac: skip only stmmac_ptp_register when resume from
  suspend (git-fixes).
- commit b59b0a9
- blacklist: added commit e1a4541ec0b9
- commit 7d0447e
- net: stmmac: configure PTP clock source prior to PTP
  initialization (git-fixes).
- commit 6cefa9d
- libceph: fix potential use-after-free on linger ping and resends
  (bsc#1201596).
- ceph: fix up non-directory creation in SGID directories
  (bsc#1201595).
- commit 8aa4851
- net: cpsw: Properly initialise struct page_pool_params
  (git-fixes).
- commit d65aa35
- net: sfp: ignore disabled SFP node (git-fixes).
- commit 5b8ce08
- octeontx2-pf: Forward error codes to VF (git-fixes).
- commit 562327e
- octeontx2-af: cn10k: Do not enable RPM loopback for LPC
  interfaces (git-fixes).
- commit b549cad
- octeontx2-af: Do not fixup all VF action entries (git-fixes).
- commit dd1aa95
- net: stmmac: dwmac-visconti: Fix clock configuration for RMII
  mode (git-fixes).
- commit e3e3f07
- net: stmmac: dwmac-visconti: Fix bit definitions for
  ETHER_CLK_SEL (git-fixes).
- commit 1470b40
- net/fsl: xgmac_mdio: Fix incorrect iounmap when removing module
  (git-fixes).
- commit f842d14
- net/fsl: xgmac_mdio: Add workaround for erratum A-009885
  (git-fixes).
- commit 6cf1273
- net: mscc: ocelot: fix using match before it is set (git-fixes).
- commit 78b3f03
- net: cpsw: avoid alignment faults by taking NET_IP_ALIGN into
  account (git-fixes).
- commit cfa26bb
- net: axienet: increase default TX ring size to 128 (git-fixes).
- commit d910ea1
- net: axienet: fix for TX busy handling (git-fixes).
- commit 99e0d80
- net: axienet: fix number of TX ring slots for available check
  (git-fixes).
- commit 0c7e435
- fuse: annotate lock in fuse_reverse_inval_entry() (bsc#1201593).
- fuse: make sure reclaim doesn't write the inode (bsc#1201592).
- commit 938aae2
- net: axienet: Fix TX ring slot available check (git-fixes).
- commit c151ff3
- net: axienet: limit minimum TX ring size (git-fixes).
- commit 13afdcb
- net: axienet: add missing memory barriers (git-fixes).
- commit d466816
- net: axienet: Wait for PhyRstCmplt after core reset (git-fixes).
- commit 7c11a1f
- net: axienet: increase reset timeout (git-fixes).
- commit 5cd6041
- net: sfp: fix high power modules without diagnostic monitoring
  (git-fixes).
- commit 8a29229
- net: ethernet: mtk_eth_soc: fix error checking in
  mtk_mac_config() (git-fixes).
- commit 7d643fb
- bcmgenet: add WOL IRQ check (git-fixes).
- commit d56437b
- net: ipa: prevent concurrent replenish (git-fixes).
- commit 63abe4d
- net: ipa: use a bitmap for endpoint replenish_enabled
  (git-fixes).
- commit 4d71717
- net: ipa: fix atomic update in ipa_endpoint_replenish()
  (git-fixes).
- commit f58c0c8
- fsl/fman: Check for null pointer after calling devm_ioremap
  (git-fixes).
- commit 2af3cae
- rocker: fix a sleeping in atomic bug (git-fixes).
- commit 75f1355
- kABI workaround for phy_device changes (git-fixes).
- commit 91e246e
- mm: swap: get rid of livelock in swapin readahead (git fixes
  (mm/swap)).
- mm: don't try to NUMA-migrate COW pages that have other uses
  (git fixes (mm/numa)).
- mm/large system hash: avoid possible NULL deref in
  alloc_large_system_hash (git fixes (mm/pgalloc)).
- mm/vmalloc: make sure to dump unpurged areas in
  /proc/vmallocinfo (git fixes (mm/vmalloc)).
- mm/vmalloc: repair warn_alloc()s in __vmalloc_area_node()
  (git fixes (mm/vmalloc)).
- kasan: fix tag for large allocations when using CONFIG_SLAB
  (git fixes (mm/kasan)).
- mm/vmalloc: fix numa spreading for large hash tables (git fixes
  (mm/vmalloc)).
- mm/secretmem: avoid letting secretmem_users drop to zero
  (git fixes (mm/secretmem)).
- memcg: page_alloc: skip bulk allocator for __GFP_ACCOUNT
  (git fixes (mm/pgalloc)).
- commit 4d0f0a6
- Update patch metadata and move to sorted section
  patches.suse/mm-page_alloc-Do-not-prefetch-buddies-during-bulk-free.patch.
  patches.suse/mm-page_alloc-Drain-the-requested-list-first-during-bulk-free.patch.
  patches.suse/mm-page_alloc-Fetch-the-correct-pcp-buddy-during-bulk-free.patch.
  patches.suse/mm-page_alloc-Free-pages-in-a-single-pass-during-bulk-free.patch.
  patches.suse/mm-page_alloc-Limit-number-of-high-order-pages-on-PCP-during-bulk-free.patch.
  patches.suse/mm-page_alloc-Simplify-how-many-pages-are-selected-per-pcp-list-during-bulk-free.patch.
  patches.suse/mm-page_alloc-Track-range-of-active-PCP-lists-during-bulk-free.patch.
- commit 14b9fbe
- usbnet: fix memory leak in error case (git-fixes).
- commit 7372d17
- arm64: dts: broadcom: bcm4908: Fix timer node for BCM4906 SoC (git-fixes)
- commit 9119799
- rpm/modules.fips: add ecdsa_generic (jsc#SLE-21132,bsc#1201258).
- commit 0d8f996
- arm64: mm: Don't invalidate FROM_DEVICE buffers at start of DMA transfer (git-fixes)
- commit 3250248
- crypto: testmgr - allow ecdsa-nist in FIPS mode
  (jsc#SLE-21132,bsc#1201258).
- commit d8e5343
- blacklist.conf: ffc95a46: CONFIG_SLAB not set in config
- commit d12fa0c
- cpuidle: PSCI: Move the `has_lpi` check to the beginning of the (git-fixes)
- commit 3919bf9
- usb: typec: add missing uevent when partner support PD
  (git-fixes).
- usb: dwc3: gadget: Fix event pending check (git-fixes).
- vt: fix memory overlapping when deleting chars in the buffer
  (git-fixes).
- wifi: mac80211_hwsim: set virtio device ready in probe()
  (git-fixes).
- sysctl: Fix data-races in proc_dointvec_ms_jiffies()
  (git-fixes).
- sysctl: Fix data-races in proc_dou8vec_minmax() (git-fixes).
- sysctl: Fix data races in proc_dointvec_jiffies() (git-fixes).
- sysctl: Fix data races in proc_doulongvec_minmax() (git-fixes).
- sysctl: Fix data races in proc_douintvec_minmax() (git-fixes).
- sysctl: Fix data races in proc_dointvec_minmax() (git-fixes).
- video: of_display_timing.h: include errno.h (git-fixes).
- commit 2f456a6
- serial: 8250: Fix PM usage_count for console handover
  (git-fixes).
- serial: stm32: Clear prev values before setting RTS delays
  (git-fixes).
- serial: pl011: UPSTAT_AUTORTS requires .throttle/unthrottle
  (git-fixes).
- spi: amd: Limit max transfer and message size (git-fixes).
- reset: Fix devm bulk optional exclusive control getter
  (git-fixes).
- sysctl: Fix data races in proc_douintvec() (git-fixes).
- sysctl: Fix data races in proc_dointvec() (git-fixes).
- Revert "/serial: sc16is7xx: Clear RS485 bits in the shutdown"/
  (git-fixes).
- serial: sc16is7xx: Clear RS485 bits in the shutdown (git-fixes).
- commit f48404b
- power/reset: arm-versatile: Fix refcount leak in
  versatile_reboot_probe (git-fixes).
- raw: Fix a data-race around sysctl_raw_l3mdev_accept
  (git-fixes).
- misc: rtsx_usb: set return value in rsp_buf alloc err path
  (git-fixes).
- r8169: fix accessing unset transport header (git-fixes).
- net: rose: fix UAF bug caused by rose_t0timer_expiry
  (git-fixes).
- pinctrl: sunxi: sunxi_pconf_set: use correct offset (git-fixes).
- pinctrl: sunxi: a83t: Fix NAND function name for some pins
  (git-fixes).
- net: phy: Don't trigger state machine while in suspend
  (git-fixes).
- mt76: mt7921: get rid of mt7921_mac_set_beacon_filter
  (git-fixes).
- commit 8948cad
- kABI workaround for rtsx_usb (git-fixes).
- commit ea7f901
- ima: Fix potential memory leak in ima_init_crypto() (git-fixes).
- ima: force signature verification when CONFIG_KEXEC_SIG is
  configured (git-fixes).
- ima: Fix a potential integer overflow in
  ima_appraise_measurement (git-fixes).
- ida: don't use BUG_ON() for debugging (git-fixes).
- misc: rtsx_usb: use separate command and response buffers
  (git-fixes).
- misc: rtsx_usb: fix use of dma mapped buffer for usb bulk
  transfer (git-fixes).
- i2c: cadence: Unregister the clk notifier in error path
  (git-fixes).
- i2c: piix4: Fix a memory leak in the EFCH MMIO support
  (git-fixes).
- memregion: Fix memregion_free() fallback definition (git-fixes).
- Input: cpcap-pwrbutton - handle errors from platform_get_irq()
  (git-fixes).
- commit 41d4678
- efi/x86: use naked RET on mixed mode call wrapper (git-fixes).
- dt-bindings: dma: allwinner,sun50i-a64-dma: Fix min/max typo
  (git-fixes).
- fbmem: Check virtual screen sizes in fb_set_var() (git-fixes).
- fbcon: Prevent that screen size is smaller than font size
  (git-fixes).
- fbcon: Disallow setting font bigger than screen size
  (git-fixes).
- fbdev: fbmem: Fix logo center image dx issue (git-fixes).
- hwmon: (occ) Prevent power cap command overwriting poll response
  (git-fixes).
- dt-bindings: soc: qcom: smd-rpm: Fix missing MSM8936 compatible
  (git-fixes).
- hwmon: (occ) Remove sequence numbering and checksum calculation
  (git-fixes).
- dt-bindings: soc: qcom: smd-rpm: Add compatible for MSM8953 SoC
  (git-fixes).
- commit 5a5128b
- drm/amd/display: Only use depth 36 bpp linebuffers on DCN
  display engines (git-fixes).
- drm/i915/gt: Serialize TLB invalidates with GT resets
  (git-fixes).
- drm/i915/selftests: fix a couple IS_ERR() vs NULL tests
  (git-fixes).
- drm/i915/gvt: IS_ERR() vs NULL bug in
  intel_gvt_update_reg_whitelist() (git-fixes).
- drm/panfrost: Fix shrinker list corruption by madvise IOCTL
  (git-fixes).
- drm/panfrost: Put mapping instead of shmem obj on
  panfrost_mmu_map_fault_addr() error (git-fixes).
- drm/i915: fix a possible refcount leak in
  intel_dp_add_mst_connector() (git-fixes).
- dmaengine: lgm: Fix an error handling path in intel_ldma_probe()
  (git-fixes).
- dmaengine: pl330: Fix lockdep warning about non-static key
  (git-fixes).
- dmaengine: at_xdma: handle errors of at_xdmac_alloc_desc()
  correctly (git-fixes).
- dmaengine: qcom: bam_dma: fix runtime PM underflow (git-fixes).
- dmaengine: imx-sdma: Allow imx8m for imx7 FW revs (git-fixes).
- drm/amdgpu: To flush tlb for MMHUB of RAVEN series (git-fixes).
- drm/amd/display: Fix by adding FPU protection for
  dcn30_internal_validate_bw (git-fixes).
- drm/amd/vcn: fix an error msg on vcn 3.0 (git-fixes).
- drm/i915: Fix a race between vma / object destruction and
  unbinding (git-fixes).
- drm/mediatek: Detect CMDQ execution timeout (git-fixes).
- drm/mediatek: Remove the pointer of struct cmdq_client
  (git-fixes).
- drm/mediatek: Use mailbox rx_callback instead of cmdq_task_cb
  (git-fixes).
- drm/amd/display: Set min dcfclk if pipe count is 0 (git-fixes).
- commit d7feb0b
- dmaengine: ti: Add missing put_device in
  ti_dra7_xbar_route_allocate (git-fixes).
- dmaengine: ti: Fix refcount leak in ti_dra7_xbar_route_allocate
  (git-fixes).
- can: mcp251xfd: mcp251xfd_regmap_crc_read(): update workaround
  broken CRC on TBC register (git-fixes).
- can: mcp251xfd: mcp251xfd_regmap_crc_read(): improve workaround
  handling for mcp2517fd (git-fixes).
- can: m_can: m_can_chip_config(): actually enable internal
  timestamping (git-fixes).
- can: grcan: grcan_probe(): remove extra of_node_get()
  (git-fixes).
- can: gs_usb: gs_usb_open/close(): fix memory leak (git-fixes).
- Revert "/can: xilinx_can: Limit CANFD brp to 2"/ (git-fixes).
- can: bcm: use call_rcu() instead of costly synchronize_rcu()
  (git-fixes).
- batman-adv: Use netif_rx() (git-fixes).
- commit ee36772
- ASoC: Intel: Skylake: Correct the handling of fmt_config
  flexible array (git-fixes).
- ASoC: Intel: Skylake: Correct the ssp rate discovery in
  skl_get_ssp_clks() (git-fixes).
- ASoC: tas2764: Fix amp gain register offset & default
  (git-fixes).
- ASoC: tas2764: Correct playback volume range (git-fixes).
- ASoC: tas2764: Fix and extend FSYNC polarity handling
  (git-fixes).
- ASoC: tas2764: Add post reset delays (git-fixes).
- ASoC: sgtl5000: Fix noise on shutdown/remove (git-fixes).
- ASoC: Remove unused hw_write_t type (git-fixes).
- ASoC: codecs: rt700/rt711/rt711-sdca: resume bus/codec in
  .set_jack_detect (git-fixes).
- ASoC: rt711-sdca: Add endianness flag in
  snd_soc_component_driver (git-fixes).
- commit 46eda4a
- arm64: Add HWCAP for self-synchronising virtual counter (git-fixes)
- commit e9387c5
- ASoC: rt5682: Fix deadlock on resume (git-fixes).
- Refresh
  patches.suse/ASoC-rt5682-do-not-block-workqueue-if-card-is-unboun.patch.
- commit b58000f
- ASoC: rt5682: Re-detect the combo jack after resuming
  (git-fixes).
- Refresh
  patches.suse/ASoC-rt5682-do-not-block-workqueue-if-card-is-unboun.patch.
- commit e602e5e
- arm64: dts: broadcom: bcm4908: Fix cpu node for smp boot
  (git-fixes).
- arm64: dts: broadcom: bcm4908: Fix timer node for BCM4906 SoC
  (git-fixes).
- ARM: dts: imx6qdl-ts7970: Fix ngpio typo and count (git-fixes).
- arm64: dts: rockchip: Assign RK3399 VDU clock rate (git-fixes).
- ASoC: rt711: Add endianness flag in snd_soc_component_driver
  (git-fixes).
- ASoC: rt5682: fix an incorrect NULL check on list iterator
  (git-fixes).
- ASoC: rt5682: Avoid the unexpected IRQ event during going to
  suspend (git-fixes).
- ASoC: rt5682: move clk related code to rt5682_i2c_probe
  (git-fixes).
- commit 9f44c25
- ARM: dts: sunxi: Fix SPI NOR campatible on Orange Pi Zero
  (git-fixes).
- ARM: dts: at91: sama5d2: Fix typo in i2s1 node (git-fixes).
- ACPI: video: Fix acpi_video_handles_brightness_key_presses()
  (git-fixes).
- ARM: 9210/1: Mark the FDT_FIXED sections as shareable
  (git-fixes).
- ARM: 9209/1: Spectre-BHB: avoid pr_info() every time a CPU
  comes out of idle (git-fixes).
- ACPI: CPPC: Only probe for _CPC if CPPC v2 is acked (git-fixes).
- ALSA: hda/realtek: Add quirk for Clevo L140PU (git-fixes).
- ALSA: usb-audio: Workarounds for Behringer UMC 204/404 HD
  (git-fixes).
- commit 72aed94
- Move upstreamed netfilter and tty patches to sorted section
- commit 9d5e117
- x86/bugs: Remove apostrophe typo (bsc#1190497).
- commit 0e5e638
- Sort in RETbleed backport into the sorted section
  Now that it is upstream...
- Refresh
  patches.suse/KVM-VMX-Convert-launched-argument-to-flags.patch.
- Refresh
  patches.suse/KVM-VMX-Fix-IBRS-handling-after-vmexit.patch.
- Refresh patches.suse/KVM-VMX-Flatten-__vmx_vcpu_run.patch.
- Refresh
  patches.suse/KVM-VMX-Prevent-RSB-underflow-before-vmenter.patch.
- Refresh
  patches.suse/KVM-VMX-Prevent-guest-RSB-poisoning-attacks-with-eIBRS.patch.
- Refresh
  patches.suse/intel_idle-Disable-IBRS-during-long-idle.patch.
- Refresh patches.suse/objtool-Add-entry-UNRET-validation.patch.
- Refresh
  patches.suse/objtool-Re-add-UNWIND_HINT_-SAVE_RESTORE.patch.
- Refresh
  patches.suse/objtool-Treat-.text.__x86.-as-noinstr.patch.
- Refresh patches.suse/objtool-Update-Retpoline-validation.patch.
- Refresh patches.suse/x86-Add-magic-AMD-return-thunk.patch.
- Refresh patches.suse/x86-Undo-return-thunk-damage.patch.
- Refresh patches.suse/x86-Use-return-thunk-in-asm-code.patch.
- Refresh patches.suse/x86-bpf-Use-alternative-RET-encoding.patch.
- Refresh
  patches.suse/x86-bugs-Add-AMD-retbleed-boot-parameter.patch.
- Refresh
  patches.suse/x86-bugs-Add-Cannon-lake-to-RETBleed-affected-CPU-list.patch.
- Refresh patches.suse/x86-bugs-Add-retbleed-ibpb.patch.
- Refresh
  patches.suse/x86-bugs-Do-IBPB-fallback-check-only-once.patch.
- Refresh
  patches.suse/x86-bugs-Do-not-enable-IBPB-on-entry-when-IBPB-is-not-supp.patch.
- Refresh patches.suse/x86-bugs-Enable-STIBP-for-JMP2RET.patch.
- Refresh
  patches.suse/x86-bugs-Keep-a-per-CPU-IA32_SPEC_CTRL-value.patch.
- Refresh
  patches.suse/x86-bugs-Optimize-SPEC_CTRL-MSR-writes.patch.
- Refresh
  patches.suse/x86-bugs-Report-AMD-retbleed-vulnerability.patch.
- Refresh
  patches.suse/x86-bugs-Report-Intel-retbleed-vulnerability.patch.
- Refresh
  patches.suse/x86-bugs-Split-spectre_v2_select_mitigation-and-spectre_v2.patch.
- Refresh
  patches.suse/x86-common-Stamp-out-the-stepping-madness.patch.
- Refresh patches.suse/x86-cpu-amd-Add-Spectral-Chicken.patch.
- Refresh patches.suse/x86-cpu-amd-Enumerate-BTC_NO.patch.
- Refresh
  patches.suse/x86-cpufeatures-Move-RETPOLINE-flags-to-word-11.patch.
- Refresh
  patches.suse/x86-entry-Add-kernel-IBRS-implementation.patch.
- Refresh
  patches.suse/x86-ftrace-Use-alternative-RET-encoding.patch.
- Refresh
  patches.suse/x86-kvm-Fix-SETcc-emulation-for-return-thunks.patch.
- Refresh patches.suse/x86-kvm-vmx-Make-noinstr-clean.patch.
- Refresh patches.suse/x86-objtool-Create-.return_sites.patch.
- Refresh patches.suse/x86-retpoline-Cleanup-some-ifdefery.patch.
- Refresh
  patches.suse/x86-retpoline-Swizzle-retpoline-thunk.patch.
- Refresh patches.suse/x86-retpoline-Use-mfunction-return.patch.
- Refresh
  patches.suse/x86-sev-Avoid-using-__x86_return_thunk.patch.
- Refresh
  patches.suse/x86-speculation-Add-spectre_v2-ibrs-option-to-support-Kern.patch.
- Refresh
  patches.suse/x86-speculation-Fill-RSB-on-vmexit-for-IBRS.patch.
- Refresh
  patches.suse/x86-speculation-Fix-RSB-filling-with-CONFIG_RETPOLINE-n.patch.
- Refresh
  patches.suse/x86-speculation-Fix-SPEC_CTRL-write-on-SMT-state-change.patch.
- Refresh
  patches.suse/x86-speculation-Fix-firmware-entry-SPEC_CTRL-handling.patch.
- Refresh
  patches.suse/x86-speculation-Remove-x86_spec_ctrl_mask.patch.
- Refresh
  patches.suse/x86-speculation-Use-cached-host-SPEC_CTRL-value-for-guest-.patch.
- Refresh
  patches.suse/x86-static_call-Use-alternative-RET-encoding.patch.
- Refresh
  patches.suse/x86-vsyscall_emu-64-Don-t-use-RET-in-vsyscall-emulation.patch.
- Refresh patches.suse/x86-xen-Rename-SYS-entry-points.patch.
- commit cc67fa3
- kABI: fix adding field to ufs_hba  (git-fixes).
- kABI: fix adding field to scsi_device (git-fixes).
- scsi: iscsi: Exclude zero from the endpoint ID range
  (git-fixes).
- scsi: scsi_debug: Fix zone transition to full condition
  (git-fixes).
- scsi: sd: Fix potential NULL pointer dereference (git-fixes).
- drbd: fix potential silent data corruption (git-fixes).
- scsi: ufs: core: scsi_get_lba() error fix (git-fixes).
- scsi: ufs: Fix runtime PM messages never-ending cycle
  (git-fixes).
- scsi: core: sd: Add silence_suspend flag to suppress some PM
  messages (git-fixes).
- scsi: ufs: Fix a deadlock in the error handler (git-fixes).
- scsi: ufs: Remove dead code (git-fixes).
- scsi: scsi_debug: Sanity check block descriptor length in
  resp_mode_select() (git-fixes).
- scsi: scsi_debug: Fix type in min_t to avoid stack OOB
  (git-fixes).
- scsi: scsi_debug: Don't call kcalloc() if size arg is zero
  (git-fixes).
- scsi: sd: Fix sd_do_mode_sense() buffer length handling
  (git-fixes).
- scsi: lpfc: Fix mailbox command failure during driver
  initialization (git-fixes).
- commit fb67102
- perf/amd/ibs: Advertise zen4_ibs_extensions as pmu capability
  attribute (jsc#SLE-24578).
- commit 9992992
- perf/amd/ibs: Add support for L3 miss filtering (jsc#SLE-24578).
- commit 3de312d
- perf/amd/ibs: Use ->is_visible callback for dynamic attributes
  (jsc#SLE-24578).
- commit 1a42a36
- perf/amd/ibs: Cascade pmu init functions' return value
  (jsc#SLE-24578).
- commit 82fef3c
- crypto: qat - remove dma_free_coherent() for DH (git-fixes).
- crypto: qat - remove dma_free_coherent() for RSA (git-fixes).
- crypto: qat - fix memory leak in RSA (git-fixes).
- crypto: qat - set to zero DH parameters before free (git-fixes).
- crypto: qat - set CIPHER capability for DH895XCC (git-fixes).
- commit 3585cf1
- kabi/severities: add stmmac network driver local symbols
- commit 832dcf3
- ppp: ensure minimum packet size in ppp_write() (git-fixes).
- commit 1871bcf
- veth: Do not record rx queue hint in veth_xmit (git-fixes).
- commit 4e81b53
- net: ethernet: mtk_eth_soc: fix return values and refactor
  MDIO ops (git-fixes).
- commit 89745b1
- net: stmmac: Add platform level debug register dump feature
  (git-fixes).
- commit 1f1e295
- fsl/fman: Fix missing put_device() call in fman_port_probe
  (git-fixes).
- commit 1ea5bd4
- net: lantiq_xrx200: fix statistics of received bytes
  (git-fixes).
- commit 21661cb
- net: ag71xx: Fix a potential double free in error handling paths
  (git-fixes).
- commit bdd4068
- net: stmmac: dwmac-visconti: Fix value of
  ETHER_CLK_SEL_FREQ_SEL_2P5M (git-fixes).
- commit 100c8d7
- net: stmmac: ptp: fix potentially overflowing expression
  (git-fixes).
- commit c8a3960
- veth: ensure skb entering GRO are not cloned (git-fixes).
- commit de7c3ec
- net: ks8851: Check for error irq (git-fixes).
- commit c6aa897
- drivers: net: smc911x: Check for error irq (git-fixes).
- commit 76302d7
- fjes: Check for error irq (git-fixes).
- commit 3518c05
- net: marvell: prestera: fix incorrect return of port_find
  (git-fixes).
- commit caea254
- net: systemport: Add global locking for descriptor lifecycle
  (git-fixes).
- commit ca205ab
- net: stmmac: dwmac-rk: fix oob read in rk_gmac_setup
  (git-fixes).
- commit d928a50
- net: stmmac: fix tc flower deletion for VLAN priority Rx
  steering (git-fixes).
- commit c13727a
- netdevsim: don't overwrite read only ethtool parms (git-fixes).
- commit e49332e
- nfp: Fix memory leak in nfp_cpp_area_cache_add() (git-fixes).
- commit 14806b1
- net: mvpp2: fix XDP rx queues registering (git-fixes).
- commit 785d73e
- net: fec: only clear interrupt of handling queue in
  fec_enet_rx_queue() (git-fixes).
- commit e300fac
- net/qla3xxx: fix an error code in ql_adapter_up() (git-fixes).
- commit 1aeafc7
- qede: validate non LSO skb length (git-fixes).
- commit a6a6f45
- net: altera: set a couple error code in probe() (git-fixes).
- commit 4b6f9c2
- net: bcm4908: Handle dma_set_coherent_mask error codes
  (git-fixes).
- commit 57e402c
- net: annotate data-races on txq->xmit_lock_owner (git-fixes).
- commit 823f883
- octeontx2-af: Fix a memleak bug in rvu_mbox_init() (git-fixes).
- commit ab94872
- vrf: Reset IPCB/IP6CB when processing outbound pkts in vrf
  dev xmit (git-fixes).
- commit eb079a6
- natsemi: xtensa: fix section mismatch warnings (git-fixes).
- commit dbb5264
- dpaa2-eth: destroy workqueue at the end of remove function
  (git-fixes).
- commit 1aeeaf7
- net: marvell: mvpp2: Fix the computation of shared CPUs
  (git-fixes).
- commit f25bb21
- Remove Half duplex mode speed capabilities (git-fixes).
- commit 92878dd
- net: stmmac: Avoid DMA_CHAN_CONTROL write if no Split Header
  support (git-fixes).
- commit de8c06a
- net: stmmac: retain PTP clock time during SIOCSHWTSTAMP ioctls
  (git-fixes).
- commit a6567bd
- net: phylink: Force retrigger in case of latched link-fail
  indicator (git-fixes).
- commit 6d547bd
- net: phylink: Force link down and retrigger resolve on interface
  change (git-fixes).
- commit 4e89e84
- gpio: tegra186: Add IRQ per bank for Tegra241 (jsc#SLE-24571)
- commit 6cf809d
- gpio: tegra186: Add support for Tegra241 (jsc#SLE-24571)
- commit f025bf7
- dt-bindings: gpio: Add Tegra241 support (jsc#SLE-24571)
- commit f8d4262
- spi: tegra210-quad: combined sequence mode (jsc#SLE-24570)
- commit e187f9a
- spi: tegra210-quad: add new chips to compatible (jsc#SLE-24570)
- commit f0be9d3
- spi: tegra210-quad: add acpi support (jsc#SLE-24570)
- commit 55e4b0b
- spi: tegra210-quad: use devm call for cdata memory (jsc#SLE-24570)
- commit 45eae59
- spi: tegra210-quad: use device_reset method (jsc#SLE-24570)
- commit 3f5e1a3
- spi: Add Tegra234 QUAD SPI compatible (jsc#SLE-24570)
- commit 58f5e5f
- i2c: tegra: use i2c_timings for bus clock freq (jsc#SLE-24569)
- commit 47fa6c7
- i2c: tegra: Add the ACPI support (jsc#SLE-24569)
- commit d323c6e
- i2c: tegra: Add SMBus block read function (jsc#SLE-24569)
- commit 3dd00f6
- i2c: smbus: Use device_*() functions instead of of_*() (jsc#SLE-24569)
- commit 3c0a341
- docs: firmware-guide: ACPI: Add named interrupt doc (jsc#SLE-24569)
- commit 6cd5dd2
- device property: Add fwnode_irq_get_byname (jsc#SLE-24569)
- commit cd979cf
- crypto: octeontx2 - fix missing unlock (jsc#SLE-24682).
- hwrng: cavium - fix NULL but dereferenced coccicheck error
  (jsc#SLE-24682).
- crypto: octeontx2 - add synchronization between mailbox accesses
  (jsc#SLE-24682).
- crypto: octeontx2 - increase CPT HW instruction queue length
  (jsc#SLE-24682).
- crypto: octeontx2 - CN10K CPT to RNM workaround (jsc#SLE-24682).
- crypto: octeontx2 - select CONFIG_NET_DEVLINK (jsc#SLE-24682).
- arm64: Add cavium_erratum_23154_cpus missing sentinel
  (jsc#SLE-24682).
- irqchip/gic-v3: Workaround Marvell erratum 38545 when reading
  IAR (jsc#SLE-24682).
- crypto: octeontx2 - Avoid stack variable overflow
  (jsc#SLE-24682).
- crypto: octeontx2 - out of bounds access in
  otx2_cpt_dl_custom_egrp_delete() (jsc#SLE-24682).
- crypto: octeontx2 - Use swap() instead of swap_engines()
  (jsc#SLE-24682).
- crypto: octeontx2 - parameters for custom engine groups
  (jsc#SLE-24682).
- crypto: octeontx2 - add apis for custom engine groups
  (jsc#SLE-24682).
- crypto: octeontx2 - use swap() to make code cleaner
  (jsc#SLE-24682).
- commit e64c29a
- marvell: octeontx2: build error: unknown type name 'u64'
  (jsc#SLE-24682).
- commit ca6af39
- crypto: hisilicon/qm - modify the uacce mode check (bsc#1201391).
- commit 755232f
- octeontx2-pf: devlink params support to set mcam entry count
  (jsc#SLE-24682).
- Refresh
  patches.suse/devlink-Make-devlink_register-to-be-void.patch.
- commit 255954c
- octeontx2-pf: cn10k: Config DWRR weight based on MTU
  (jsc#SLE-24682).
- Refresh
  patches.suse/octeontx2-pf-cleanup-transmit-link-deriving-logic.patch.
- commit c99a251
- octeontx2-vf: Add support for adaptive interrupt coalescing
  (jsc#SLE-24682).
- octeontx2-pf: replace bitmap_weight with bitmap_empty where
  appropriate (jsc#SLE-24682).
- octeontx2-af: fix error code in is_valid_offset()
  (jsc#SLE-24682).
- octeontx2-pf: Add support for adaptive interrupt coalescing
  (jsc#SLE-24682).
- octeontx2-pf: Remove unnecessary synchronize_irq() before
  free_irq() (jsc#SLE-24682).
- octeontx2-af: debugfs: fix error return of allocations
  (jsc#SLE-24682).
- octeontx2-af: initialize action variable (jsc#SLE-24682).
- octeontx2-af: cn10k: add workaround for ptp errata
  (jsc#SLE-24682).
- octeontx2-pf: cn10k: add support for new ptp timestamp format
  (jsc#SLE-24682).
- octeontx2-af: fix array bound error (jsc#SLE-24682).
- octeontx2-pf: Add TC feature for VFs (jsc#SLE-24682).
- octeontx2-pf: PFC config support with DCBx (jsc#SLE-24682).
- octeontx2-af: Flow control resource management (jsc#SLE-24682).
- octeontx2-af: Priority flow control configuration support
  (jsc#SLE-24682).
- octeontx2-af: Don't enable Pause frames by default
  (jsc#SLE-24682).
- octeontx2-af: Add KPU changes to parse NGIO as separate layer
  (jsc#SLE-24682).
- octeontx2-af: Increase link credit restore polling timeout
  (jsc#SLE-24682).
- octeontx2-pf: cn10k: Ensure valid pointers are freed to aura
  (jsc#SLE-24682).
- octeontx2-af: cn10k: Use appropriate register for LMAC enable
  (jsc#SLE-24682).
- octeontx2-af: Retry until RVU block reset complete
  (jsc#SLE-24682).
- octeontx2-af: Fix LBK backpressure id count (jsc#SLE-24682).
- octeontx2-af: Fix interrupt name strings (jsc#SLE-24682).
- octeontx2-nicvf: Free VF PTP resources (jsc#SLE-24682).
- octeontx2-af: Increment ptp refcount before use (jsc#SLE-24682).
- octeontx2-af: debugfs: don't corrupt user memory
  (jsc#SLE-24682).
- octeontx2-pf: select CONFIG_NET_DEVLINK (jsc#SLE-24682).
- octeontx2-af: use swap() to make code cleaner (jsc#SLE-24682).
- octeontx2-af: debugfs: Add channel and channel mask
  (jsc#SLE-24682).
- octeontx2-af: cn10k: debugfs for dumping LMTST map table
  (jsc#SLE-24682).
- octeontx2-af: debugfs: Minor changes (jsc#SLE-24682).
- octeontx2-af: Increase number of reserved entries in KPU
  (jsc#SLE-24682).
- octeontx2-nic: fix mixed module build (jsc#SLE-24682).
- octeontx2-af: Add support to flush full CPT CTX cache
  (jsc#SLE-24682).
- octeontx2-af: Perform cpt lf teardown in non FLR path
  (jsc#SLE-24682).
- octeontx2-af: Enable CPT HW interrupts (jsc#SLE-24682).
- octeontx2-pf: Simplify the receive buffer size calculation
  (jsc#SLE-24682).
- octeontx2-af: Remove redundant initialization of variable pin
  (jsc#SLE-24682).
- octeontx2-pf: Add XDP support to netdev PF (jsc#SLE-24682).
- octeontx2-af: Adjust LA pointer for cpt parse header
  (jsc#SLE-24682).
- octeontx2-nicvf: Add PTP hardware clock support to NIX VF
  (jsc#SLE-24682).
- octeontx2-pf: Use hardware register for CQE count
  (jsc#SLE-24682).
- octeontx2-af: Add external ptp input clock (jsc#SLE-24682).
- octeontx2-af: Use ptp input clock info from firmware data
  (jsc#SLE-24682).
- octeontx2-af: Reset PTP config in FLR handler (jsc#SLE-24682).
- octeontx2: Move devlink registration to be last devlink command
  (jsc#SLE-24682).
- octeontx2-af: Optimize KPU1 processing for variable-length
  headers (jsc#SLE-24682).
- octeontx2-af: Limit KPU parsing for GTPU packets
  (jsc#SLE-24682).
- octeontx2-af: verify CQ context updates (jsc#SLE-24682).
- octeontx2-af: Remove redundant initialization of variable
  blkaddr (jsc#SLE-24682).
- octeontx2-af: Fix uninitialized variable val (jsc#SLE-24682).
- octeontx2-af: Hardware configuration for inline IPsec
  (jsc#SLE-24682).
- octeontx2-pf: CN10K: Hide RPM stats over ethtool
  (jsc#SLE-24682).
- octeontx2-pf: cn10K: Reserve LMTST lines per core
  (jsc#SLE-24682).
- octeontx2-af: Use NDC TX for transmit packet data
  (jsc#SLE-24682).
- octeontx2-pf: Add vlan-etype to ntuple filters (jsc#SLE-24682).
- octeontx2-af: Fix inconsistent license text (jsc#SLE-24682).
- octeontx2-pf: Fix inconsistent license text (jsc#SLE-24682).
- octeontx2-af: cn10K: support for sched lmtst and other features
  (jsc#SLE-24682).
- octeontx2-af: Add mbox to retrieve bandwidth profile free count
  (jsc#SLE-24682).
- octeontx2-af: Remove channel verification while installing
  MCAM rules (jsc#SLE-24682).
- octeontx2-af: Add PTP device id for CN10K and 95O silcons
  (jsc#SLE-24682).
- octeontx2-af: Add free rsrc count mbox msg (jsc#SLE-24682).
- octeontx2-af: Add SDP interface support (jsc#SLE-24682).
- octeontx2-af: nix and lbk in loop mode in 98xx (jsc#SLE-24682).
- octeontx2-af: Allow to configure flow tag LSB byte as RSS adder
  (jsc#SLE-24682).
- octeontx2-af: enable tx shaping feature for 96xx C0
  (jsc#SLE-24682).
- octeontx2-af: Wait for TX link idle for credits change
  (jsc#SLE-24682).
- octeontx2-af: Change the order of queue work and interrupt
  disable (jsc#SLE-24682).
- octeontx2-af: cn10k: Set cache lines for NPA batch alloc
  (jsc#SLE-24682).
- octeontx2-af: Use DMA_ATTR_FORCE_CONTIGUOUS attribute in DMA
  alloc (jsc#SLE-24682).
- octeontx2-pf: Don't mask out supported link modes
  (jsc#SLE-24682).
- octeontx2-af: Handle return value in block reset
  (jsc#SLE-24682).
- octeontx2-pf: Add check for non zero mcam flows (jsc#SLE-24682).
- octeontx2-af: remove redudant second error check on variable
  err (jsc#SLE-24682).
- octeontx2-pf: Allow VLAN priority also in ntuple filters
  (jsc#SLE-24682).
- octeontx2-af: configure npc for cn10k to allow packets from cpt
  (jsc#SLE-24682).
- octeontx2-af: cn10K: Get NPC counters value (jsc#SLE-24682).
- octeontx2-af: Allocate low priority entries for PF
  (jsc#SLE-24682).
- octeontx2-pf: Unify flow management variables (jsc#SLE-24682).
- octeontx2-pf: Sort the allocated MCAM entry indices
  (jsc#SLE-24682).
- octeontx2-pf: Ntuple filters support for VF netdev
  (jsc#SLE-24682).
- octeontx2-pf: Enable NETIF_F_RXALL support for VF driver
  (jsc#SLE-24682).
- octeontx2-af: Add debug messages for failures (jsc#SLE-24682).
- octeontx2-af: add proper return codes for AF mailbox handlers
  (jsc#SLE-24682).
- octeontx2-af: Modify install flow error codes (jsc#SLE-24682).
- octeontx2-af: Fix spelling mistake "/Makesure"/ -> "/Make sure"/
  (jsc#SLE-24682).
- octeontx2-af: cn10k: DWRR MTU configuration (jsc#SLE-24682).
- octeontx2-af: Enhance mailbox trace entry (jsc#SLE-24682).
- commit 7af5fda
- supported.conf: mark marvell octeontx2 crypto driver as supported (jsc#SLE-24682)
  Mark rvu_cptpf.ko and rvu_cptvf.ko as supported.
- commit 2c9f726
- SCSI: scsi_probe_lun: retry INQUIRY after timeout (bsc#1189297).
- commit 623bb84
- blacklist.conf: Add 6a2d90ba027a ptrace: Reimplement PTRACE_KILL by always sending SIGKILL
- commit 0702138
- kabi/severities: Exclude ppc kvm
- commit 56c89d8
- selftest/powerpc: Add PAPR sysfs attributes sniff test
  (bsc#1200465 ltc#197256 jsc#SLE-18130).
- powerpc/pseries: Interface to represent PAPR firmware attributes
  (bsc#1200465 ltc#197256 jsc#SLE-18130).
- commit 29350fd
- powerpc/pseries: Rename TYPE1_AFFINITY to FORM1_AFFINITY
  (bsc#1200465 ltc#197256 jsc#SLE-18130).
- powerpc/pseries: rename min_common_depth to primary_domain_index
  (bsc#1200465 ltc#197256 jsc#SLE-18130).
- commit bd72f4c
- Add dtb-starfive
- commit 85335b1
- kABI: i2c: smbus: restore of_ alert variant (jsc#SLE-24569).
  kABI fix for "/i2c: smbus: Use device_*() functions instead of of_*()"/
- commit d0b5048
- io_uring: terminate manual loop iterator loop correctly for
  non-vecs (git-fixes).
- io_uring: add a schedule point in io_add_buffers() (git-fixes).
- commit 52b6651
- Add dtb-microchip
- commit c797107
- rpm/kernel-source.spec.in: temporary workaround for a build failure
  Upstream c6x architecture removal left a dangling link behind which
  triggers openSUSE post-build check in kernel-source, failing
  kernel-source build.
  A fix deleting the danglink link has been submitted but it did not make
  it into 5.12-rc1. Unfortunately we cannot add it as a patch as patch
  utility does not handle symlink removal. Add a temporary band-aid which
  deletes all dangling symlinks after unpacking the kernel source tarball.
  [jslaby] It's not that temporary as we are dragging this for quite some
  time in master. The reason is that this can happen any time again, so
  let's have this in packaging instead.
- commit 52a1ad7
kie-api
- Declare the LICENSE file as license and not doc
krb5
- Fix integer overflows in PAC parsing; (CVE-2022-42898);
  (bso#15203), (bsc#1205126).
- Added patches:
  * 0010-Fix-integer-overflows-in-PAC-parsing.patch
ldb
- Add ldb-memory-bug-15096-4.15-ldbonly.patch to backport all
  changes for ldb-2.4.4.
  + CVE-2022-32745: samba: ldb: AD users can crash the server
    process with an LDAP add or modify request; (bso#15008);
    (bso#15096); (bsc#1201492).
  + CVE-2022-2031: samba, ldb: AD users can bypass certain
    restrictions associated with changing passwords; (bso#15047);
    (bsc#1201495);
  + CVE-2022-32744: samba, ldb: AD users can forge password change
    requests for any user; (bso#15074); (bso#15047); (bsc#1201493).
- Update to version 2.4.3
  + Fix build problems, waf produces incorrect names for python
    extensions; (bso#15071);
libX11
- U_fix-a-memory-leak-in-XRegisterIMInstantiateCallback.patch
  * security update for CVE-2022-3554 (bsc#1204422)
- U_Fix-two-memory-leaks-in-_XFreeX11XCBStructure.patch
  * security update for CVE-2022-3555 (bsc#1204425)
libapparmor
- add profiles-permit-php-fpm-pid-files-directly-under-run.patch
  https://gitlab.com/apparmor/apparmor/-/merge_requests/914 (bsc#1202344)
libarchive
- Fix CVE-2022-36227, Handle a calloc returning NULL
  (CVE-2022-36227, bsc#1205629)
  * CVE-2022-36227.patch
- Fix CVE-2021-31566, modifies file flags of symlink target
  (CVE-2021-31566, bsc#1192426.patch)
  CVE-2021-31566.patch
- Fix bsc#1192427, processing fixup entries may follow symbolic links
  bsc1192427.patch
- Fix CVE-2021-23177, extracting a symlink with ACLs modifies ACLs of target
  (CVE-2021-23177, bsc#1192425)
  * CVE-2021-23177.patch
libassuan
- update to 2.5.5:
  * Fix a crash in the logging code
  * Upgrade autoconf
- update to 2.5.4:
  * Fix some minor build annoyances
- Update to 2.5.3:
  * Add a timeout for writing to a SOCKS5 proxy.
  * Add workaround for a problem with LD_LIBRARY_PATH on newer systems.
- qemu-disable-fdpassing-test.patch: remove
-Update to 2.5.2:
  * configure.ac: Bump LT version to C8/A8/R2
  * include libassuan.pc in the spec file
libdb-4_8
- Security fix: [bsc#1174414, CVE-2019-2708]
  * libdb: Data store execution leads to partial DoS
  * Backport the upsteam commits:
  - Fixed several possible crashes when running db_verify
    on a corrupted database. [#27864]
  - Fixed several possible hangs when running db_verify
    on a corrupted database. [#27864]
  - Added a warning message when attempting to verify a queue
    database which has many extent files. Verification will take
    a long time if there are many extent files. [#27864]
  * Add libdb-4_8-CVE-2019-2708.patch
libeconf
- Update to version 0.4.6+git20220427.3016f4e:
  * econftool:
  * * Parsing error: Reporting file and line nr.
  * * --delimeters=spaces Taking all kind of spaces for delimiter
  * libeconf:
    Fixed bsc#1198165: Parsing files correctly which have space characters
    AND none space characters as delimiters.
- Update to version 0.4.5+git20220406.c9658f2:
  * econftool:
  * * New call "/syntax"/ for checking the configuration files only.
    Returns an error string with line number if an error occurs.
  * * New options "/--comment"/ and "/--delimeters"/
  * * Parsing one file only if needed.
libgcrypt
- FIPS: Get most of the entropy from rndjent_poll [bsc#1202117]
  * Add libgcrypt-FIPS-rndjent_poll.patch
- FIPS: Check keylength in gcry_fips_indicator_kdf() [bsc#1190700]
  * Consider approved keylength greater or equal to 112 bits.
  * Add libgcrypt-FIPS-kdf-leylength.patch
- FIPS: Zeroize buffer and digest in check_binary_integrity()
  * Add libgcrypt-FIPS-Zeroize-hmac.patch [bsc#1191020]
- FIPS: gpg/gpg2 gets out of core handler in FIPS mode while
  typing Tab key to Auto-Completion. [bsc#1182983]
  * Add libgcrypt-out-of-core-handler.patch
- FIPS: Port libgcrypt to use jitterentropy [bsc#1202117, jsc#SLE-24941]
  * Enable the jitter based entropy generator by default in random.conf
  - Add libgcrypt-jitterentropy-3.3.0.patch
  * Update the internal jitterentropy to version 3.4.0
  - Add libgcrypt-jitterentropy-3.4.0.patch
libgsasl
- fix OOB read in GSSAPI server - CVE-2022-2469 (bsc#1201715)
- Add: CVE-2022-2469.patch
libksba
- Security fix: [bsc#1206579, CVE-2022-47629]
  * Integer overflow in the CRL signature parser.
  * Add libksba-CVE-2022-47629.patch
- Security fix: [bsc#1204357, CVE-2022-3515]
  * Detect a possible overflow directly in the TLV parser.
  * Add libksba-CVE-2022-3515.patch
libsodium
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
-  Revert previous change about cpuid as previous change rejected
  in https://build.opensuse.org/request/show/724809
-  Disable LTO as bypass boo#1148184
-  Add libsodium_configure_cpuid_chg.patch and call autoconf
  to regenerate configure script with proper CPUID checking.
  Required at least for PowerPC and ARM now that LTO enabled.
- Update to 1.0.18
  - Enterprise versions of Visual Studio are now supported.
  - Visual Studio 2019 is now supported.
  - 32-bit binaries for Visual Studio 2010 are now provided.
  - A test designed to trigger an OOM condition didn't work on
    Linux systems with memory overcommit turned on. It has been
    removed in order to fix Ansible builds.
  - Emscripten: print and printErr functions are overridden to send
    errors to the console, if there is one.
  - Emscripten: UTF8ToString() is now exported since
    Pointer_stringify() has been deprecated.
  - Libsodium version detection has been fixed in the CMake recipe.
  - Generic hashing got a 10% speedup on AVX2.
  - New target: WebAssembly/WASI
    (compile with dist-builds/wasm32-wasi.sh).
  - New functions to map a hash to an edwards25519 point
    or get a random point:
    core_ed25519_from_hash() and core_ed25519_random().
  - crypto_core_ed25519_scalar_mul() has been implemented for
    scalar*scalar (mod L) multiplication.
  - Support for the Ristretto group has been implemented for
    interoperability with wasm-crypto.
  - Improvements have been made to the test suite.
  - Portability improvements have been made.
  - getentropy() is now used on systems providing this system call.
  - randombytes_salsa20 has been renamed to randombytes_internal.
  - Support for NativeClient has been removed.
  - Most ((nonnull)) attributes have been relaxed to allow 0-length
    inputs to be NULL.
  - The -ftree-vectorize and -ftree-slp-vectorize compiler switches
    are now used, if available, for optimized builds.
- Update to 1.0.17
  - Bug fix: sodium_pad() didn't properly support block sizes
    >= 256 bytes.
  - JS/WebAssembly: some old iOS versions can't instantiate the
    WebAssembly module; fall back to Javascript on these.
  - JS/WebAssembly: compatibility with newer Emscripten versions.
  - Bug fix: crypto_pwhash_scryptsalsa208sha256_str_verify() and
    crypto_pwhash_scryptsalsa208sha256_str_needs_rehash()didn't
    returnEINVAL` on input strings with a short length, unlike
    their high-level counterpart.
  - Added a workaround for Visual Studio 2010 bug causing CPU
    features not to be detected.
  - Portability improvements.
  - Test vectors from Project Wycheproof have been added.
  - New low-level APIs for arithmetic mod the order of the prime
    order group:
  - crypto_core_ed25519_scalar_random(),
    crypto_core_ed25519_scalar_reduce(),
  - crypto_core_ed25519_scalar_invert(),
    crypto_core_ed25519_scalar_negate(),
  - crypto_core_ed25519_scalar_complement(),
    crypto_core_ed25519_scalar_add() and
    crypto_core_ed25519_scalar_sub().
  - New low-level APIs for scalar multiplication without clamping:
    crypto_scalarmult_ed25519_base_noclamp() and
    crypto_scalarmult_ed25519_noclamp().
    These new APIs are especially useful for blinding.
  - sodium_sub() has been implemented.
  - Support for WatchOS has been added.
  - getrandom(2) is now used on FreeBSD 12+.
  - The nonnull attribute has been added to all relevant
    prototypes.
  - More reliable AVX512 detection.
  - Javascript/Webassembly builds now use dynamic memory growth.
libtasn1
- Add libtasn1-CVE-2021-46848.patch: Fixed off-by-one array size check
  that affects asn1_encode_simple_der (CVE-2021-46848, bsc#1204690).
libtirpc
- consider /proc/sys/net/ipv4/ip_local_reserved_ports, before binding
  to a random port (bsc#1199467)
  - add binddynport-honor-ip_local_reserved_ports.patch
- fix CVE-2021-46828: libtirpc: DoS vulnerability with lots of
  connections (bsc#1201680)
  - add 0001-Fix-DoS-vulnerability-in-libtirpc.patch
-exclude ipv6 addresses in client protocol 2 code (bsc#1200800)
  - update 0001-rpcb_clnt.c-config-to-try-protocolversion-2-first.patch
- fix memory leak in params.r_addr assignement (bsc#1198752)
  - add 0001-fix-parms.r_addr-memory-leak.patch
libusb-1_0
- Added 0002-gracefully-handle-buggy-config0-devices.patch
  * Fix regression where some buggy devices no longer work
    if they have a configuration value of 0.
  * [bsc#1201590]
libuv
- Remove epoll syscall wrappers; (bsc#1199062); Add
  * 0001-linux-remove-epoll-syscall-wrappers.patch
  * 0002-linux-drop-code-path-for-epoll_pwait-less-kernels.patch
libxml2
- Add W3C conformance tests to the testsuite (bsc#1204585):
  * Added file xmlts20080827.tar.gz
- Security fixes:
  * [CVE-2022-40303, bsc#1204366] Fix integer overflows with
    XML_PARSE_HUGE
    + Added patch libxml2-CVE-2022-40303.patch
  * [CVE-2022-40304, bsc#1204367] Fix dict corruption caused by
    entity reference cycles
    + Added patch libxml2-CVE-2022-40304.patch
- Update to 2.9.14:
  * Security:
    + [CVE-2022-29824] Integer overflow in xmlBuf and xmlBuffer
    + Fix potential double-free in xmlXPtrStringRangeFunction
    + Fix memory leak in xmlFindCharEncodingHandler
    + Normalize XPath strings in-place
    + Prevent integer-overflow in htmlSkipBlankChars() and
    xmlSkipBlankChars()
    + Fix leak of xmlElementContent
  * Bug fixes:
    + Fix parsing of subtracted regex character classes
    + Fix recursion check in xinclude.c
    + Reset last error in xmlCleanupGlobals
    + Fix certain combinations of regex range quantifiers
    + Fix range quantifier on subregex
  * Improvements:
    + Fix recovery from invalid HTML start tags
  * Build system, portability:
    + Define LFS macros before including system headers
    + Initialize XPath floating-point globals
    + configure: check for icu DEFS
    + configure.ac: produce tar.xz only (GNOME policy)
    + CMakeLists.txt: Fix LIBXML_VERSION_NUMBER
    + Fix build with older Python versions
    + Fix --without-valid build
- Build python bindings in a 2nd run, using multibuild: otherwise,
  libxml2 requires pkgconfig(libxml-2.0) to build, causing issues
  to bootstrap.
- Update to version 2.9.13:
  * Security fixes:
    + [CVE-2022-23308] Use-after-free of ID and IDREF attributes
    (boo#1196490);
    + Several memory leaks and another issues.
  * Many regressions fixes.
  * Numerous bug fixes, including, among many others:
    + xmllint's --maxmem option should work as expected now;
    + xmllint now returns an error if arguments are missing.
  * Numerous tests and code and fuzzing fixes and improvements.
  * Updated documentation.
- The full Libxml2 2.9.13 NEWS can be found here:
  https://download.gnome.org/sources/libxml2/2.9/+  libxml2-2.9.13.news.
- Replace version-release macros in all 3 Obsoletes tag with
  plain 2.9.13 to avoid unwanted behaviors in the future.
- Remove dropped upstream AUTHORS file from list of files to be
  installed in the documentation location with 'cp' command.
- Update http://xmlsoft.org URL tag to Libxml2's new web home:
  https://gitlab.gnome.org/GNOME/libxml2.
- Update ftp://xmlsoft.org Source tag to Libxml2's new download
  host: https://download.gnome.org.
- Drop deprecated Python-2-related macro definitions/conditional
  statement from spec file.
- Drop merged upstream patches:
  libxml2-fix-lxml-corrupted-subtree-structures.patch;
  libxml2-fix-regression-in-xmlNodeDumpOutputInternal.patch.
- Drop libxml2.keyring source file as the new download host doesn't
  offer GPG signatures.
- Use ldconfig_scriptlets macro for post(un) handling.
  * Fix CVE-2021-3541, CVE-2021-3537 (bsc#1185698, bsc#1185879),
    CVE-2021-3518, CVE-2021-3517, CVE-2021-3516, CVE-2020-7595,
    CVE-2019-20388, CVE-2020-24977, and CVE-2019-19956 (bsc#1159928)
- Security fix: [bsc#1185698, CVE-2021-3537]
    decompression (boo#1088279 boo#1105166).
    (boo#1102046).
libyajl
- add libyajl-CVE-2022-24795.patch (CVE-2022-24795, bsc#1198405)
libzypp
- Resolver: Fix missing --[no]-recommends initialization in
  update (fixes #openSUSE/zypper#459, bsc#1201972)
- Log ONLY_NAMESPACE_RECOMMENDED because this is what corresponds
  to --[no]-recommends.
- version 17.31.2 (22)
- UsrEtc: Store logrotate files in %{_distconfdir} if defined
  (fixes #402)
- Log backtrace on SIGABRT too.
- Need to explicitly enable building experimental code. Otherwise
  an old Notcurses++ package which happens to be present in the
  buildenv breaks the build (fixes #412).
- Work around libyui/libyui#78 on code 15.4 and older.
- Stop using std::*ary_function; deprecated and removed in c++17.
- Don't expose header files which use types not available in
  c++11.  In 15.3 and older, YAST and PK compile with -std=c++11.
- Remove no longer needed %post code (bsc#1203649)
- Enable zck support for SLE15-SP4 and newer. On Leap it is enabled
  since 15.1 (bsc#1189282)
- version 17.31.1 (22)
- Add PoolItem::statusReinit to reset the status it's initial
  state in the ResPool (might help bsc#1199895)
  This may either be 'KEEP_STATE bySOLVER' or 'LOCKED byUSER' if
  the PoolItem matched a hard lock defined in /etc/zypp/locks.
- Fix building with GCC 13 on i586 (fixes #407, fixes #396)
- Be prepared to receive exceptions from curl_easy_cleanup
  (bsc#1201092)
- Don't auto-flag kernel-firmware as 'reboot-needed' (bsc#1200993)
- Remove Medianetwork and dependend code.
  This commit removes the MediaNetwork tech preview and all related
  code. First reason for this is that MediaNetwork was just meant
  as a way to test the new CURL based downloader and second: since
  the Provide API is going to completely replace the current media
  backend it would be extra work to ensure that changes on the
  Downloader do not break MediaNetwork.
- version 17.31.0 (22)
- Fix building with GCC 12.x release (#396)
- version 17.30.3 (22)
- appdata plugin: Pass path to the repodata/ directory inside the
  cache (bsc#1197684)
- zypp-rpm: flush rpm script output buffer before sending
  endOfScriptTag.
- version 17.30.2 (22)
- PluginRepoverification: initial version hooked into
  repo::Downloader and repo refresh.
- Immediately start monitoring the download.transfer_timeout.
  Do not wait until the first data arrived. (bsc#1199042)
- singletrans: no dry-run commit if doing just download-only.
- Work around cases where sat repo.start points to an invalid
  solvable.  May happen if (wrong arch) solvables were removed
  at the  beginning of the repo.
- fix misplaced #endif SINGLE_RPMTRANS_AS_DEFAULT_FOR_ZYPPER
  (fixes #388)
- version 17.30.1 (22)
linux-glibc-devel
- Add the rest of 1.0 IAA operation definitions to the user header (jsc#PED-813).
  + dmaengine-idxd-update-IAA-definitions-for-user-heade.patch
lvm2
- killed lvmlockd doesn't clear/adopt locks leading to inability to start volume group (bsc#1203216)
  - bug-1203216_lvmlockd-purge-the-lock-resources-left-in-previous-l.patch
- dracut-initqueue timeouts with 5.3.18-150300.59.63 kernel on ppc64le (bsc#1199074)
  - in lvm2.spec, change device_mapper_version from 1.02.163 to %{lvm2_version}_1.02.163
- lvmlockd is not supporting sanlock (bsc#1203482)
  - set 1 for _supportsanlock in lvm2.spec for enabling sanlock.
- lvm2.spec %post deletes libdevmapper and triggers kernel panic (bsc#1198523)
  - change %post behaviour, only do deleting job for non-link folder
- lvm reports udev database has incomplete information on devices (bsc#1202011)
  + bug-1202011_vgchange-monitor-don-t-use-udev-info.patch
mozilla-nspr
- update to version 4.34.1
  * add file descriptor sanity checks in the NSPR poll function.
mozilla-nss
- Add upstream patch nss-fix-bmo1774654.patch to fix CVE-2022-3479
  (bsc#1204272)
- update to NSS 3.79.3 (bsc#1207038)
  * Bug 1803453 - Set CKA_NSS_SERVER_DISTRUST_AFTER and
    CKA_NSS_EMAIL_DISTRUST_AFTER for 3 TrustCor Root Certificates
    (CVE-2022-23491)
- Update nss-fips-approved-crypto-non-ec.patch to disapprove the
  creation of DSA keys, i.e. mark them as not-fips (bsc#1201298)
- Update nss-fips-approved-crypto-non-ec.patch to allow the use SHA
  keygen mechs (bsc#1191546).
- Update nss-fips-constructor-self-tests.patch to ensure abort() is
  called when the repeat integrity check fails (bsc#1198980).
- Require libjitter only for SLE15-SP4 and greater
- update to NSS 3.79.2 (bsc#1204729)
  * bmo#1785846 - Bump minimum NSPR version to 4.34.1.
  * bmo#1777672 - Gracefully handle null nickname in CERT_GetCertNicknameWithValidity.
- Add nss-allow-slow-tests.patch, which allows a timed test to run
  longer than 1s. This avoids turning slow builds into broken
  builds.
- Update nss-fips-approved-crypto-non-ec.patch to allow the use of
  DSA keys (verification only) (bsc#1201298).
- Update nss-fips-constructor-self-tests.patch to add
  sftk_FIPSRepeatIntegrityCheck() to softoken's .def file
  (bsc#1198980).
- Update nss-fips-approved-crypto-non-ec.patch to allow the use of
  longer symmetric keys via the service level indicator
  (bsc#1191546).
- Update nss-fips-constructor-self-tests.patch to hopefully export
  sftk_FIPSRepeatIntegrityCheck() correctly (bsc#1198980).
- Update nss-fips-approved-crypto-non-ec.patch to prevent sessions
  from getting flagged as non-FIPS (bsc#1191546).
- Mark DSA keygen unapproved (bsc#1191546, bsc#1201298).
- Enable nss-fips-drbg-libjitter.patch now that we have a patched
  libjitter to build with (bsc#1202870).
- Update nss-fips-approved-crypto-non-ec.patch to prevent keys
  from getting flagged as non-FIPS and add remaining TLS mechanisms.
- Add nss-fips-drbg-libjitter.patch to use libjitterentropy for
  entropy. This is disabled until we can avoid the inline assembler
  in the latter's header file that relies on GNU extensions.
- Update nss-fips-constructor-self-tests.patch to fix an abort()
  when both NSS_FIPS and /proc FIPS mode are enabled.
- update to NSS 3.79.1 (bsc#1202645)
  * bmo#1366464 - compare signature and signatureAlgorithm fields in legacy certificate verifier.
  * bmo#1771498 - Uninitialized value in cert_ComputeCertType.
  * bmo#1759794 - protect SFTKSlot needLogin with slotLock.
  * bmo#1760998 - avoid data race on primary password change.
  * bmo#1330271 - check for null template in sec_asn1{d,e}_push_state.
- Update nss-fips-approved-crypto-non-ec.patch to unapprove the
  rest of the DSA ciphers, keeping signature verification only
  (bsc#1201298).
- Update nss-fips-constructor-self-tests.patch to fix compiler
  warning.
- Update nss-fips-constructor-self-tests.patch to add on-demand
  integrity tests through sftk_FIPSRepeatIntegrityCheck()
  (bsc#1198980).
- Update nss-fips-approved-crypto-non-ec.patch to mark algorithms
  as approved/non-approved according to security policy
  (bsc#1191546, bsc#1201298).
- Update nss-fips-approved-crypto-non-ec.patch to remove hard
  disabling of unapproved algorithms. This requirement is now
  fulfilled by the service level indicator (bsc#1200325).
- Remove nss-fips-tls-allow-md5-prf.patch, since we no longer need
  the workaround in FIPS mode (bsc#1200325).
- Remove nss-fips-tests-skip.patch. This is no longer needed since
  we removed the code to short-circuit broken hashes and moved to
  using the SLI.
- Remove upstreamed patches:
  * nss-fips-version-indicators.patch
  * nss-fips-tests-pin-paypalee-cert.patch
- update to NSS 3.79
  - bmo#205717 - Use PK11_GetSlotInfo instead of raw C_GetSlotInfo calls.
  - bmo#1766907 - Update mercurial in clang-format docker image.
  - bmo#1454072 - Use of uninitialized pointer in lg_init after alloc fail.
  - bmo#1769295 - selfserv and tstclnt should use PR_GetPrefLoopbackAddrInfo.
  - bmo#1753315 - Add SECMOD_LockedModuleHasRemovableSlots.
  - bmo#1387919 - Fix secasn1d parsing of indefinite SEQUENCE inside indefinite GROUP.
  - bmo#1765753 - Added RFC8422 compliant TLS <= 1.2 undefined/compressed ECPointFormat extension alerts.
  - bmo#1765753 - TLS 1.3 Server: Send protocol_version alert on unsupported ClientHello.legacy_version.
  - bmo#1764788 - Correct invalid record inner and outer content type alerts.
  - bmo#1757075 - NSS does not properly import or export pkcs12 files with large passwords and pkcs5v2 encoding.
  - bmo#1766978 - improve error handling after nssCKFWInstance_CreateObjectHandle.
  - bmo#1767590 - Initialize pointers passed to NSS_CMSDigestContext_FinishMultiple.
  - bmo#1769302 - NSS 3.79 should depend on NSPR 4.34
- update to NSS 3.78.1
  * bmo#1767590 - Initialize pointers passed to
    NSS_CMSDigestContext_FinishMultiple
- update to NSS 3.78
    bmo#1755264 - Added TLS 1.3 zero-length inner plaintext checks and tests, zero-length record/fragment handling tests.
    bmo#1294978 - Reworked overlong record size checks and added TLS1.3 specific boundaries.
    bmo#1763120 - Add ECH Grease Support to tstclnt
    bmo#1765003 - Add a strict variant of moz::pkix::CheckCertHostname.
    bmo#1166338 - Change SSL_REUSE_SERVER_ECDHE_KEY default to false.
    bmo#1760813 - Make SEC_PKCS12EnableCipher succeed
    bmo#1762489 - Update zlib in NSS to 1.2.12.
- update to NSS 3.77
  * Bug 1762244 - resolve mpitests build failure on Windows.
  * bmo#1761779 - Fix link to TLS page on wireshark wiki
  * bmo#1754890 - Add two D-TRUST 2020 root certificates.
  * bmo#1751298 - Add Telia Root CA v2 root certificate.
  * bmo#1751305 - Remove expired explicitly distrusted certificates
    from certdata.txt.
  * bmo#1005084 - support specific RSA-PSS parameters in mozilla::pkix
  * bmo#1753535 - Remove obsolete stateEnd check in SEC_ASN1DecoderUpdate.
  * bmo#1756271 - Remove token member from NSSSlot struct.
  * bmo#1602379 - Provide secure variants of mpp_pprime and mpp_make_prime.
  * bmo#1757279 - Support UTF-8 library path in the module spec string.
  * bmo#1396616 - Update nssUTF8_Length to RFC 3629 and fix buffer overrun.
  * bmo#1760827 - Add a CI Target for gcc-11.
  * bmo#1760828 - Change to makefiles for gcc-4.8.
  * bmo#1741688 - Update googletest to 1.11.0
  * bmo#1759525 - Add SetTls13GreaseEchSize to experimental API.
  * bmo#1755264 - TLS 1.3 Illegal legacy_version handling/alerts.
  * bmo#1755904 - Fix calculation of ECH HRR Transcript.
  * bmo#1758741 - Allow ld path to be set as environment variable.
  * bmo#1760653 - Ensure we don't read uninitialized memory in ssl gtests.
  * bmo#1758478 - Fix DataBuffer Move Assignment.
  * bmo#1552254 - internal_error alert on Certificate Request with
    sha1+ecdsa in TLS 1.3
  * bmo#1755092 - rework signature verification in mozilla::pkix
- Require nss-util in nss.pc and subsequently remove -lnssutil3
- update to NSS 3.76.1
  NSS 3.76.1
  * bmo#1756271 - Remove token member from NSSSlot struct.
  NSS 3.76
  * bmo#1755555 - Hold tokensLock through nssToken_GetSlot calls in
    nssTrustDomain_GetActiveSlots.
  * bmo#1370866 - Check return value of PK11Slot_GetNSSToken.
  * bmo#1747957 - Use Wycheproof JSON for RSASSA-PSS
  * bmo#1679803 - Add SHA256 fingerprint comments to old
    certdata.txt entries.
  * bmo#1753505 - Avoid truncating files in nss-release-helper.py.
  * bmo#1751157 - Throw illegal_parameter alert for illegal extensions
    in handshake message.
- Add nss-util pkgconfig and config files (copied from RH/Fedora)
- update to NSS 3.75
  * bmo#1749030 - This patch adds gcc-9 and gcc-10 to the CI.
  * bmo#1749794 - Make DottedOIDToCode.py compatible with python3.
  * bmo#1749475 - Avoid undefined shift in SSL_CERT_IS while fuzzing.
  * bmo#1748386 - Remove redundant key type check.
  * bmo#1749869 - Update ABI expectations to match ECH changes.
  * bmo#1748386 - Enable CKM_CHACHA20.
  * bmo#1747327 - check return on NSS_NoDB_Init and NSS_Shutdown.
  * bmo#1747310 - real move assignment operator.
  * bmo#1748245 - Run ECDSA test vectors from bltest as part of the CI tests.
  * bmo#1743302 - Add ECDSA test vectors to the bltest command line tool.
  * bmo#1747772 - Allow to build using clang's integrated assembler.
  * bmo#1321398 - Allow to override python for the build.
  * bmo#1747317 - test HKDF output rather than input.
  * bmo#1747316 - Use ASSERT macros to end failed tests early.
  * bmo#1747310 - move assignment operator for DataBuffer.
  * bmo#1712879 - Add test cases for ECH compression and unexpected
    extensions in SH.
  * bmo#1725938 - Update tests for ECH-13.
  * bmo#1725938 - Tidy up error handling.
  * bmo#1728281 - Add tests for ECH HRR Changes.
  * bmo#1728281 - Server only sends GREASE HRR extension if enabled
    by preference.
  * bmo#1725938 - Update generation of the Associated Data for ECH-13.
  * bmo#1712879 - When ECH is accepted, reject extensions which were
    only advertised in the Outer Client Hello.
  * bmo#1712879 - Allow for compressed, non-contiguous, extensions.
  * bmo#1712879 - Scramble the PSK extension in CHOuter.
  * bmo#1712647 - Split custom extension handling for ECH.
  * bmo#1728281 - Add ECH-13 HRR Handling.
  * bmo#1677181 - Client side ECH padding.
  * bmo#1725938 - Stricter ClientHelloInner Decompression.
  * bmo#1725938 - Remove ECH_inner extension, use new enum format.
  * bmo#1725938 - Update the version number for ECH-13 and adjust
    the ECHConfig size.
- update to NSS 3.74
  * bmo#966856 - mozilla::pkix: support SHA-2 hashes in CertIDs in
    OCSP responses
  * bmo#1553612 - Ensure clients offer consistent ciphersuites after HRR
  * bmo#1721426 - NSS does not properly restrict server keys based on policy
  * bmo#1733003 - Set nssckbi version number to 2.54
  * bmo#1735407 - Replace Google Trust Services LLC (GTS) R4 root certificate
  * bmo#1735407 - Replace Google Trust Services LLC (GTS) R3 root certificate
  * bmo#1735407 - Replace Google Trust Services LLC (GTS) R2 root certificate
  * bmo#1735407 - Replace Google Trust Services LLC (GTS) R1 root certificate
  * bmo#1735407 - Replace GlobalSign ECC Root CA R4
  * bmo#1733560 - Remove Expired Root Certificates - DST Root CA X3
  * bmo#1740807 - Remove Expiring Cybertrust Global Root and GlobalSign root
    certificates
  * bmo#1741930 - Add renewed Autoridad de Certificacion Firmaprofesional
    CIF A62634068 root certificate
  * bmo#1740095 - Add iTrusChina ECC root certificate
  * bmo#1740095 - Add iTrusChina RSA root certificate
  * bmo#1738805 - Add ISRG Root X2 root certificate
  * bmo#1733012 - Add Chunghwa Telecom's HiPKI Root CA - G1 root certificate
  * bmo#1738028 - Avoid a clang 13 unused variable warning in opt build
  * bmo#1735028 - Check for missing signedData field
  * bmo#1737470 - Ensure DER encoded signatures are within size limits
- enable key logging option (boo#1195040)
- update to NSS 3.73.1:
  * Add SHA-2 support to mozilla::pkix's OSCP implementation
- update to NSS 3.73
  * bmo#1735028 - check for missing signedData field.
  * bmo#1737470 - Ensure DER encoded signatures are within size limits.
  * bmo#1729550 - NSS needs FiPS 140-3 version indicators.
  * bmo#1692132 - pkix_CacheCert_Lookup doesn't return cached certs
  * bmo#1738600 - sunset Coverity from NSS
  MFSA 2021-51 (bsc#1193170)
  * CVE-2021-43527 (bmo#1737470)
    Memory corruption via DER-encoded DSA and RSA-PSS signatures
- update to NSS 3.72
  * Remove newline at the end of coreconf.dep
  * bmo#1731911 - Fix nsinstall parallel failure.
  * bmo#1729930 - Increase KDF cache size to mitigate perf
    regression in about:logins
- update to NSS 3.71
  * bmo#1717716 - Set nssckbi version number to 2.52.
  * bmo#1667000 - Respect server requirements of tlsfuzzer/test-tls13-signature-algorithms.py
  * bmo#1373716 - Import of PKCS#12 files with Camellia encryption is not supported
  * bmo#1717707 - Add HARICA Client ECC Root CA 2021.
  * bmo#1717707 - Add HARICA Client RSA Root CA 2021.
  * bmo#1717707 - Add HARICA TLS ECC Root CA 2021.
  * bmo#1717707 - Add HARICA TLS RSA Root CA 2021.
  * bmo#1728394 - Add TunTrust Root CA certificate to NSS.
- update to NSS 3.70
  * bmo#1726022 - Update test case to verify fix.
  * bmo#1714579 - Explicitly disable downgrade check in TlsConnectStreamTls13.EchOuterWith12Max
  * bmo#1714579 - Explicitly disable downgrade check in TlsConnectTest.DisableFalseStartOnFallback
  * bmo#1681975 - Avoid using a lookup table in nssb64d.
  * bmo#1724629 - Use HW accelerated SHA2 on AArch64 Big Endian.
  * bmo#1714579 - Change default value of enableHelloDowngradeCheck to true.
  * bmo#1726022 - Cache additional PBE entries.
  * bmo#1709750 - Read HPKE vectors from official JSON.
- Update to NSS 3.69.1
  * bmo#1722613 (Backout) - Disable DTLS 1.0 and 1.1 by default
  * bmo#1720226 (Backout) - integrity checks in key4.db not happening
    on private components with AES_CBC
  NSS 3.69
  * bmo#1722613 - Disable DTLS 1.0 and 1.1 by default (backed out again)
  * bmo#1720226 - integrity checks in key4.db not happening on private
    components with AES_CBC (backed out again)
  * bmo#1720235 - SSL handling of signature algorithms ignores
    environmental invalid algorithms.
  * bmo#1721476 - sqlite 3.34 changed it's open semantics, causing
    nss failures.
    (removed obsolete nss-btrfs-sqlite.patch)
  * bmo#1720230 - Gtest update changed the gtest reports, losing gtest
    details in all.sh reports.
  * bmo#1720228 - NSS incorrectly accepting 1536 bit DH primes in FIPS mode
  * bmo#1720232 - SQLite calls could timeout in starvation situations.
  * bmo#1720225 - Coverity/cpp scanner errors found in nss 3.67
  * bmo#1709817 - Import the NSS documentation from MDN in nss/doc.
  * bmo#1720227 - NSS using a tempdir to measure sql performance not active
- add nss-fips-stricter-dh.patch
- updated existing patches with latest SLE
- Mozilla NSS 3.68.4 (bsc#1200027)
  * Initialize pointers passed to NSS_CMSDigestContext_FinishMultiple.
    (bmo#1767590)
- Update nss-fips-constructor-self-tests.patch to scan
  LD_LIBRARY_PATH for external libraries to be checksummed.
- Run test suite at build time, and make it pass (bsc#1198486).
  Based on work by Marcus Meissner.
- Add nss-fips-tests-skip.patch to skip algorithms that are hard
  disabled in FIPS mode.
- Add nss-fips-tests-pin-paypalee-cert.patch to prevent expired
  PayPalEE cert from failing the tests.
- Add nss-fips-tests-enable-fips.patch, which enables FIPS during
  test certificate creation and disables the library checksum
  validation during same.
- Update nss-fips-constructor-self-tests.patch to allow
  checksumming to be disabled, but only if we entered FIPS mode
  due to NSS_FIPS being set, not if it came from /proc.
mvel2
- Declare the LICENSE file as license and not doc
ncurses
- Add patch ncurses-bnc1198627.patch
  * Fix bsc#1198627: CVE-2022-29458: ncurses: segfaulting OOB read
net-snmp
- Hardening systemd services setting "/ProtectHome=true"/ caused home directory
  size and allocation to be listed incorrectly (bsc#1206044).
  add:
  * net-snmp-5.9.3-harden_snmpd.service.patch
  * net-snmp-5.9.3-harden_snmptrapd.service.patch
  delete:
  * net-snmp-5.9.1-harden_snmpd.service.patch
  * net-snmp-5.9.1-harden_snmptrapd.service.patch
- Fixed NULL pointer exception issue when handling ipDefaultTTL or
  pv6IpForwarding (bsc#1205148, CVE-2022-44793, bsc#1205150, CVE-2022-44792).
  add:
  * net-snmp-5.9.3-disallow_SET_requests_with_NULL_varbind.patch
- Enable AES-192 and AES-256 privacy protocol (bsc#1206828).
- update to 5.9.3 (bsc#1201103, jsc#SLE-11203):
  - security:
  - These two CVEs can be exploited by a user with read-only credentials:
  - CVE-2022-24805 A buffer overflow in the handling of the INDEX of
    NET-SNMP-VACM-MIB can cause an out-of-bounds memory access.
  - CVE-2022-24809 A malformed OID in a GET-NEXT to the nsVacmAccessTable
    can cause a NULL pointer dereference.
  - These CVEs can be exploited by a user with read-write credentials:
  - CVE-2022-24806 Improper Input Validation when SETing malformed
    OIDs in master agent and subagent simultaneously
  - CVE-2022-24807 A malformed OID in a SET request to
    SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable can cause an
    out-of-bounds memory access.
  - CVE-2022-24808 A malformed OID in a SET request to
    NET-SNMP-AGENT-MIB::nsLogTable can cause a NULL pointer dereference
  - CVE-2022-24810 A malformed OID in a SET to the nsVacmAccessTable
    can cause a NULL pointer dereference.
  - Fixed library versioning bug found in 5.9.2.
  - Library version change to libsnmp40.
- Moved logrotate files from user specific directory /etc/logrotate.d
  to vendor specific directory /usr/etc/logrotate.d.
- Fixed python2 backward compability.
  add:
  * net-snmp-5.9.3-fixed-python2-bindings.patch
- Migration to /usr/etc: Saving user changed configuration files
  in /etc and restoring them while an RPM update.
- Change to use systemd service files directly from net-snmp package.
  add:
  * net-snmp-5.9.1-suse-systemd-service-files.patch
  * net-snmp-5.9.1-harden_snmpd.service.patch
  * net-snmp-5.9.1-harden_snmptrapd.service.patch
  remove:
  * snmpd.service
  * snmptrapd.service
  * harden_snmpd.service.patch
  * harden_snmptrapd.service.patch
- Refactor and remove obsolete patches to work with version number 5.9.3:
  add:
  * net-snmp-5.9.3-pie.patch
  * net-snmp-5.9.3-fix-create-v3-user-outfile.patch
  * net-snmp-5.9.1-add-lustre-fs-support.patch
  * net-snmp-5.9.1-fix-Makefile.PL.patch
  * net-snmp-5.9.1-modern-rpm-api.patch
  * net-snmp-5.9.1-net-snmp-config-headercheck.patch
  * net-snmp-5.9.1-perl-tk-warning.patch
  * net-snmp-5.9.1-snmpstatus-suppress-output.patch
  * net-snmp-5.9.1-socket-path.patch
  * net-snmp-5.9.1-subagent-set-response.patch
  * net-snmp-5.9.1-testing-empty-arptable.patch
  * net-snmp-5.9.1-velocity-mib.patch
  remove:
  * net-snmp-5.9.1-pie.patch
  * net-snmp-5.9.1-fix-create-v3-user-outfile.patch
  * net-snmp-5.7.3-add-lustre-fs-support.patch
  * net-snmp-5.7.3-Fix-Makefile.PL.patch
  * net-snmp-5.7.3-modern-rpm-api.patch
  * net-snmp-5.7.3-net-snmp-config-headercheck.patch
  * net-snmp-5.7.3-perl-tk-warning.patch
  * net-snmp-5.7.3-snmpstatus-suppress-output.patch
  * net-snmp-5.7.3-socket-path.patch
  * net-snmp-5.7.3-subagent-set-response.patch
  * net-snmp-5.7.3-testing-empty-arptable.patch
  * net-snmp-5.7.3-velocity-mib.patch
  * net-snmp-5.7.3-fix-create-v3-user-outfile.patch
  * net-snmp-5.7.3-pie.patch
  * net-snmp-4.7.2-systemd.patch
  * net-snmp-5.7.3-build-with-openssl-1.1.patch
  * net-snmp-5.7.3-fix-agentx-freezing-on-timeout.patch
  * net-snmp-5.7.3-fix-missing-mib-hrStorage-indexes.patch
  * net-snmp-5.7.3-fix-snmpd-crashing-when-an-agentx-disconnects.patch
  * net-snmp-5.7.3-fix-snmp_pdu_parse-incomplete.patch
  * net-snmp-5.7.3-fix-subagent-data-corruption.patch
  * net-snmp-5.7.3-helpers-table-skip-if-next-handler-called.patch
  * net-snmp-5.7.3-host-mib-skip-autofs-entries.patch
  * net-snmp-5.7.3-make-extended-mib-read-only.patch
  * net-snmp-5.7.3-netgroups.patch
  * net-snmp-5.7.3-Remove-U64-typedef.patch
  * net-snmp-5.7.3-snmptrapd-add-forwarder-info.patch
  * net-snmp-5.7.3-swintst_rpm-Protect-against-unspecified-Group-name.patch
  * net-snmp-5.7.3-ucd-snmp-mib-add-64-bit-mem-obj.patch
  * net-snmp-python3.patch
netty
- Security update
  * The ZlibDecoders allow for unbounded memory allocation while
    decoding a byte stream (bsc#1168932 CVE-2020-11612)
  * Information disclosure via the local system temporary
    directory (bsc#1182103 CVE-2021-21290)
  * Bzip2Decoder doesn't allow setting size restrictions for
    decompressed data (bsc#1190610 CVE-2021-37136)
  * Snappy frame decoder doesn't restrict the chunk length
    and may buffer skippable chunks (bsc#1190613 CVE-2021-37137)
- Added:
  * netty-CVE-2020-11612.patch
  * netty-CVE-2021-21290.patch
  * netty-CVE-2021-37136.patch
  * netty-CVE-2021-37137.patch
nfs-utils
- add 0025-nfsdcltrack-getopt_long-fails-on-a-non-x86_64-archs.patch
  Fix nfsdcltrack bug that affected non-x86 archs.
  (bsc#1202627)
- 0024-systemd-Apply-all-sysctl-settings-when-NFS-related-m.patch
  Ensure sysctl setting work (bsc#1199856)
nfsidmap
- 0001-Removed-some-unused-and-set-but-not-used-warnings.patch
  0002-Handle-NULL-names-better.patch
  0003-Strip-newlines-out-of-IDMAP_LOG-messages.patch
  0004-onf_parse_line-Ignore-whitespace-at-the-beginning-of.patch
  0005-nss.c-wrong-check-of-return-value.patch
  0006-Fixed-a-memory-leak-nss_name_to_gid.patch
  Various bugfixes and improvemes from upstream
  In particular, 0001 fixes a crash that can happen when
  a 'static' mapping is configured.
  (bnc#1200901)
open-iscsi
- Modify SPEC file so systemd unit files are mode 644 (not 755)
  (bsc#1200570)
- For Tumbleweed, moved logrotate files from user-specific
  directory /etc/logrotate.d to vendor-specific
  /usr/etc/logrotate.d
  (for Stefan Schubert <schubi@suse.com>)
openldap2
- bsc#1198341 - Prevent memory reuse which may lead to instability
  * 0243-Change-malloc-to-use-calloc-to-prevent-memory-reuse-.patch
openssh
- Add openssh-dbus.sh, openssh-dbus.csh, openssh-dbus.fish: Make ssh
  connections update their dbus environment (bsc#1179465).
- Add openssh-do-not-send-empty-message.patch: Prevent empty
  messages from being sent. This avoids a superfluous new line
  (bsc#1192439).
openssl-1_1
- FIPS: Service-level indicator [bsc#1190651]
  * Mark PBKDF2 with key shorter than 112 bits as non-approved
  * Add openssl-1_1-ossl-sli-007-pbkdf2-keylen.patch
- FIPS: Service-level indicator [bsc#1190651]
  * Consider RSA siggen/sigver with PKCS1 padding also approved
  * Add openssl-1_1-ossl-sli-006-rsa_pkcs1_padding.patch
- FIPS: Service-level indicator [bsc#1190651]
  * Return the correct indicator for a given EC group order bits
  * Add openssl-1_1-ossl-sli-005-EC_group_order_bits.patch
- FIPS: Add a missing dependency on jitterentropy-devel for
  libopenssl-1_1-devel [bsc#1202148]
- FIPS: OpenSSL service-level indicator - Allow AES XTS 256 [bsc#1190651]
  * Add patches: openssl-1_1-ossl-sli-004-allow-aes-xts-256.patch
- FIPS: Default to RFC-7919 groups for genparam and dhparam
  * Add openssl-1_1-FIPS-default-RFC7919.patch [bsc#1180995]
- FIPS: list only FIPS approved digest and public key algorithms
  [bsc#1121365, bsc#1190888, bsc#1193859, bsc#1198471, bsc#1198472]
  * Add openssl-1_1-fips-list-only-approved-digest-and-pubkey-algorithms.patch
  * Disabled test 15-test_ec.t in FIPS mode
- FIPS: Add KAT for the RAND_DRBG implementation [bsc#1203069]
  * Add openssl-1_1-fips-drbg-selftest.patch
- FIPS: openssl: RAND api should call into FIPS DRBG [bsc#1201293]
  * The FIPS_drbg implementation is not FIPS validated anymore. To
    provide backwards compatibility for applications that need FIPS
    compliant RNG number generation and use FIPS_drbg_generate,
    this function was re-wired to call the FIPS validated DRBG
    instance instead through the RAND_bytes() call.
  * Add openssl-1_1-FIPS_drbg-rewire.patch
- Fix memory leaks introduced by openssl-1.1.1-fips.patch [bsc#1203046]
  * Add patch openssl-1.1.1-fips-fix-memory-leaks.patch
- FIPS: OpenSSL: Port openssl to use jitterentropy
  [bsc#1202148, jsc#SLE-24941]
  * Add openssl-1_1-jitterentropy-3.4.0.patch
  * Add build dependency on jitterentropy-devel >= 3.4.0 and
    libjitterentropy3 >= 3.4.0
- FIPS: OpenSSL Provide a service-level indicator [bsc#1190651]
  * Add patches:
  - openssl-1_1-ossl-sli-000-fix-build-error.patch
  - openssl-1_1-ossl-sli-001-fix-faults-preventing-make-update.patch
  - openssl-1_1-ossl-sli-002-ran-make-update.patch
  - openssl-1_1-ossl-sli-003-add-sli.patch
- FIPS: Add zeroization of temporary variables to the hmac integrity
  function FIPSCHECK_verify(). [bsc#1190653]
  * Add openssl-1_1-Zeroization.patch
optaplanner
- Declare the LICENSE file as license and not doc
pam
- Update pam_motd to the most current version. This fixes various issues
  and adds support for mot.d directories [jsc#PED-1712].
  * Added: pam-ped1712-pam_motd-directory-feature.patch
patterns-suse-manager
- Strictly require OpenJDK 11 (bsc#1202142)
pcre2
- Added pcre2-bsc1199235-CVE-2022-1587.patch
  * CVE-2022-1587 / bsc#1199235
  * Fix out-of-bounds read due to bug in recursions
  * Sourced from:
  - https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0
perl
- fix File::Path rmtree/remove_tree race condition
  [bnc#1047178] [CVE-2017-6512]
  new patch: perl-file_path_rmtree_fchmod.diff
perl-Bootloader
- merge gh#openSUSE/perl-bootloader#139
- fix sysconfig parsing (bsc#1198828)
- 0.939
- merge gh#openSUSE/perl-bootloader#138
- grub2/install: reset error code when passing through recover code
  (bsc#1198197)
- 0.938
perl-DBD-Pg
- fix testsuite [bsc#1197797]
- added patches
  fix https://github.com/bucardo/dbdpg/commit/e01ade96d9e6676385df37d2d8f1907bb68417f2
  + perl-DBD-Pg-fix-tests.patch
perl-HTTP-Daemon
- Fix request smuggling in HTTP::Daemon
  (CVE-2022-31081, bsc#1201157)
  * CVE-2022-31081.patch
  * CVE-2022-31081-2.patch
  * CVE-2022-31081-Add-new-test-for-Content-Length-issues.patch
permissions
  * permissions for enlightenment helper on 32bit arches (bsc#1194047)
- Update to version 20201225:
  * fix regression introduced by backport of security fix (bsc#1203911)
- Update to version 20201225:
  * chkstat: also consider group controlled paths (bsc#1203018, CVE-2022-31252)
- Update to version 20201225:
  * postfix: add postlog setgid for maildrop binary (bsc#1201385)
- Update to version 20201225:
  * apptainer: fix starter-suid location (bsc#1198720)
- Update to version 20201225:
  * static permissions: remove deprecated bind / named chroot entries (bsc#1200747)
- Update to version 20201225:
polkit-default-privs
- Update to version 13.2+20221216.a0c29e6:
  * backport usbguard actions (bsc#1206414)
postgresql
- avoid bashisms in /bin/sh based startup script
- Bump to postgresql 15
- Change to systemd-sysusers
- Fix the pg_server_requires macro on older rpm versions (SLE-12).
- Avoid a dependency on awk in postgresql-script.
- Move the dependency of llvmjit-devel on clang and llvm to the
  implementation packages where we can depend on the correct
  versions.
- fix postgresql_has_llvm usage
- First round of changes to make it easier to build extensions for
  - add postgresql-llvmjit-devel subpackage:
    This package will pull in clang and llvm if the distro has a
    recent enough version, otherwise it will just pull
    postgresql-server-devel.
  - add postgresql macros to the postgresql-server-devel package
    those cover all the variables from pg_config and some macros
    to remove repitition from the spec files
- Bump version to 14.
- Bump default to 14 on Factory and future SPs.
postgresql-jdbc
- fix createTempFile vulnerability - CVE-2022-41946 (bsc#1206921)
  * Added: fix-createTempFile-vulnerability-CVE-2022-41946.patch
- Address SQL Injection Vulnerability CVE-2022-31197
  (bsc#1202170)
  * Add: fix-SQL-Injection-CVE-2022-31197.patch
- Address arbitrary File Write Vulnerability CVE-2022-26520
  (bsc#1197356)
  * Add: CVE-2022-26520.patch
postgresql14
- bsc#1205300: Update to 14.6:
  * https://www.postgresql.org/about/news/2543/
  * https://www.postgresql.org/docs/14/release-14-6.html
- Sync spec file with postgresql15.
- Create mechanism to specify the latest supported LLVM version.
  Automatically pin to that version if the distribution has a newer
  unsupported default version.
- Sync spec file with postgresql15.
- Disable LLVM JIT on riscv64
-  Update to 14.5:
  * bsc#1202368, CVE-2022-2625: Extension scripts replace objects
    not belonging to the extension.
  * https://www.postgresql.org/docs/release/14.5/
- bsc#1200437: Upgrade to 14.4:
  * Prevent possible corruption of indexes created or rebuilt with
    the CONCURRENTLY option.
  * https://www.postgresql.org/docs/release/14.4/
  * https://www.postgresql.org/about/news/p-2470/
- bsc#1198166: Pin to llvm13 until the next patchlevel update.
procps
- Add the patches
  * procps-3.3.17-library-bsc1181475.patch
  * procps-3.3.17-top-bsc1181475.patch
  which are backports of current newlib tree to solve bug bsc#1181475
  * 'free' command reports misleading "/used"/ value
protobuf
- Fix a potential DoS issue in protobuf-cpp and protobuf-python,
  CVE-2022-1941, bsc#1203681
  * Add protobuf-CVE-2022-1941.patch
- Fix a potential DoS issue when parsing with binary data in
  protobuf-java, CVE-2022-3171, bsc#1204256
  * Add protobuf-CVE-2022-3171.patch
- Refresh protobuf-CVE-2021-22570.patch
- Backport changes from 3.16.x tree for apply recent CVE patches
  * Add protobuf-51026d922970e06475f005b39287963594134b96.patch
  * Add protobuf-6ee16a9c60e734104aeb738503fe3f411c97bd88.patch
  * Add protobuf-73e0d748b9acdc40b693f2879ce82ecb1a849b81.patch
  * Add protobuf-7bff8393cab939bfbb9b5c69b3fe76b4d83c41ee.patch
  * Add protobuf-4f02f056b5cea99052bfdfb6698afe47a3cf2964.patch
  * Add protobuf-763c3588740b97e8e80b1b1a1a2dc4f417647133.patch
  * Add protobuf-6c92f9dff1807c142edf6780d775b58a3b078591.patch
  * Add protobuf-4e93585e8bb234efeacb7737b8d080968c5ab91e.patch
  * Add protobuf-58d4420e2dd8a3cd354fff9db0052881c25369ce.patch
- Reorganize patch set ordering
- Fix potential Denial of Service in protobuf-java in the parsing procedure
  for binary data, CVE-2021-22569, bsc#1194530
  * Add protobuf-improve-performance-of-parsing-unknown-fields-in-Java.patch
publicsuffix
- Update to version 20220903:
  * util: gTLD data autopull updates for 2022-09-03T15:15:24 UTC (#1606)
  * Update public_suffix_list.dat (#1594)
  * Add streamlitapp.com (#1591)
  * Update public_suffix_list.dat (#1573)
  * Add Framer Sites domains to PSL (#1570)
  * new TLD .ישראל and SLDs for Israel by ISOC-IL (#1595)
- Update to version 20220805:
  * Updates to NIXI `.in` subspace in ICANN section of PSL (#1588)
  * util: gTLD data autopull updates for 2022-07-28T15:14:54 UTC (#1592)
  * util: gTLD data autopull updates for 2022-07-03T15:13:52 UTC (#1587)
  * Add messerli.app (#1535)
  * Add iservschule.de, schulplattform.de, update IServ GmbH contact information (#1580)
  * Add `lolipopmc.jp` (#1555)
  * Add ibxos.it and iliadboxos.it domains (#1549)
  * Simplify the instance and endpoint domains using wildcard syntax (#1584)
  * util: gTLD data autopull updates for 2022-06-14T15:15:19 UTC (#1581)
  * doc (.in): update ref uri to registry policies (#1577)
  * util: gTLD data autopull updates for 2022-06-02T15:16:31 UTC (#1579)
- Update to version 20220518:
  * util: gTLD data autopull updates for 2022-05-18T15:16:02 UTC (#1567)
  * fixed wordwrap; added # of users q
  * Add builder.code.com, stg-builder.code.com, and dev-builder.code.com (#1566)
  * UPDATE HOSTBIP RECORDS (`name.pm` `sch.tf` `biz.wf` `sch.wf` `org.yt`) (#1473)
  * Fix comments delete space and deprecation of io/ioutil (#1557)
- Update to version 20220510:
  * Cleaned up the wording and formatting
  * Clarified 3rd party workaround stuff; fixed #1559
  * Add gov.nl (#1558)
  * util: gTLD data autopull updates for 2022-04-30T15:14:45 UTC (#1564)
- Update to version 20220415:
  * util: gTLD data autopull updates for 2022-04-14T15:15:34 UTC (#1554)
  * Add `1.azurestaticapps.net` DNS suffix (#1514)
  * add support for scaleway subdomains (#1507)
python-M2Crypto
- update CVE-2020-25657-Bleichenbacher-attack.patch to actually
  contain the fix rather than just being empty (CVE-2020-25657,
  bsc#1178829)
python-PyNaCl
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- six is needed by testsuite
- Update to 1.4.0
  * Update ``libsodium`` to 1.0.18.
  * **BACKWARDS INCOMPATIBLE:** We no longer distribute 32-bit ``manylinux1``
    wheels. Continuing to produce them was a maintenance burden.
  * Added support for Python 3.8, and removed support for Python 3.4.
  * Add low level bindings for extracting the seed and the public key
    from crypto_sign_ed25519 secret key
  * Add low level bindings for deterministic random generation.
  * Add ``wheel`` and ``setuptools`` setup_requirements in ``setup.py`` (#485)
  * Fix checks on very slow builders (#481, #495)
  * Add low-level bindings to ed25519 arithmetic functions
  * Update low-level blake2b state implementation
  * Fix wrong short-input behavior of SealedBox.decrypt() (#517)
  * Raise CryptPrefixError exception instead of InvalidkeyError when trying
    to check a password against a verifier stored in a unknown format (#519)
  * Add support for minimal builds of libsodium. Trying to call functions
    not available in a minimal build will raise an UnavailableError
    exception. To compile a minimal build of the bundled libsodium, set
    the SODIUM_INSTALL_MINIMAL environment variable to any non-empty
    string (e.g. ``SODIUM_INSTALL_MINIMAL=1``) for setup.
- removed obsolete back-port patch:
  * fix_tests.patch
  * hypothesis-no-unilmited.patch
  * python-PyNaCl-hypothesis-remove-average_size.patch
- Fix tests with latest hypothesis:
  * hypothesis-no-unilmited.patch
- Add missing runtime dependency on cffi
- add fix_tests.patch for new pytest
- run the testsuite
- added patches
  https://github.com/pyca/pynacl/commit/a8c08b18f3a2e8f2140c531afaf42715fcab68e7
  + python-PyNaCl-hypothesis-remove-average_size.patch
- Update to 1.3.0
  * Added support for Python 3.7.
  * Run and test all code examples in PyNaCl docs through sphinx's doctest
    builder.
  * Add low-level bindings for chacha20-poly1305 AEAD constructions.
  * Add low-level bindings for the chacha20-poly1305 secretstream
    constructions.
  * Add low-level bindings for ed25519ph pre-hashed signing construction.
  * Add low-level bindings for constant-time increment and addition on
    fixed-precision big integers represented as little-endian byte sequences.
  * Add low-level bindings for the ISO/IEC 7816-4 compatible padding API.
  * Add low-level bindings for libsodium's crypto_kx... key exchange
    construction.
  * Set hypothesis deadline to None in tests/test_pwhash.py to avoid incorrect
    test failures on slower processor architectures.
python-boto3
- Update to version 1.23.4 (bsc#1199716)
  * api-change:``gamesparks``: [``botocore``] This release adds an optional DeploymentResult field in
    the responses of GetStageDeploymentIntegrationTests and ListStageDeploymentIntegrationTests APIs.
  * enhancement:StreamingBody: [``botocore``] Allow StreamingBody to be used as a context manager
  * api-change:``lookoutmetrics``: [``botocore``] In this release we added SnsFormat to
    SNSConfiguration to support human readable alert.
- from version 1.23.3
  * api-change:``greengrassv2``: [``botocore``] This release adds the new DeleteDeployment API
    operation that you can use to delete deployment resources. This release also adds support for
    discontinued AWS-provided components, so AWS can communicate when a component has any issues that
    you should consider before you deploy it.
  * api-change:``quicksight``: [``botocore``] API UpdatePublicSharingSettings enables IAM admins to
    enable/disable account level setting for public access of dashboards. When enabled,
    owners/co-owners for dashboards can enable public access on their dashboards. These dashboards can
    only be accessed through share link or embedding.
  * api-change:``appmesh``: [``botocore``] This release updates the existing Create and Update APIs
    for meshes and virtual nodes by adding a new IP preference field. This new IP preference field can
    be used to control the IP versions being used with the mesh and allows for IPv6 support within App
    Mesh.
  * api-change:``batch``: [``botocore``] Documentation updates for AWS Batch.
  * api-change:``iotevents-data``: [``botocore``] Introducing new API for deleting detectors:
    BatchDeleteDetector.
  * api-change:``transfer``: [``botocore``] AWS Transfer Family now supports SetStat server
    configuration option, which provides the ability to ignore SetStat command issued by file transfer
    clients, enabling customers to upload files without any errors.
- from version 1.23.2
  * api-change:``kms``: [``botocore``] Add HMAC best practice tip, annual rotation of AWS managed
    keys.
  * api-change:``glue``: [``botocore``] This release adds a new optional parameter called
    codeGenNodeConfiguration to CRUD job APIs that allows users to manage visual jobs via APIs. The
    updated CreateJob and UpdateJob will create jobs that can be viewed in Glue Studio as a visual
    graph. GetJob can be used to get codeGenNodeConfiguration.
- Remove unnecessary version constraint for python3-pytest in BuildRequires
- Update BuildRequires and Requires from setup.py
- Update to version 1.23.1
  * api-change:``resiliencehub``: [``botocore``] In this release, we are introducing support for
    Amazon Elastic Container Service, Amazon Route 53, AWS Elastic Disaster Recovery, AWS Backup in
    addition to the existing supported Services.  This release also supports Terraform file input from
    S3 and scheduling daily assessments
  * api-change:``servicecatalog``: [``botocore``] Updated the descriptions for the
    ListAcceptedPortfolioShares API description and the PortfolioShareType parameters.
  * api-change:``discovery``: [``botocore``] Add Migration Evaluator Collector details to the
    GetDiscoverySummary API response
  * api-change:``sts``: [``botocore``] Documentation updates for AWS Security Token Service.
  * api-change:``workspaces-web``: [``botocore``] Amazon WorkSpaces Web now supports Administrator
    timeout control
  * api-change:``rekognition``: [``botocore``] Documentation updates for Amazon Rekognition.
  * api-change:``cloudfront``: [``botocore``] Introduced a new error
    (TooLongCSPInResponseHeadersPolicy) that is returned when the value of the Content-Security-Policy
    header in a response headers policy exceeds the maximum allowed length.
- from version 1.23.0
  * feature:Loaders: [``botocore``] Support for loading gzip compressed model files.
  * api-change:``grafana``: [``botocore``] This release adds APIs for creating and deleting API keys
    in an Amazon Managed Grafana workspace.
- from version 1.22.13
  * api-change:``ivschat``: [``botocore``] Documentation-only updates for IVS Chat API Reference.
  * api-change:``lambda``: [``botocore``] Lambda releases NodeJs 16 managed runtime to be available
    in all commercial regions.
  * api-change:``kendra``: [``botocore``] Amazon Kendra now provides a data source connector for
    Jira. For more information, see https://docs.aws.amazon.com/kendra/latest/dg/data-source-jira.html
  * api-change:``transfer``: [``botocore``] AWS Transfer Family now accepts ECDSA keys for server
    host keys
  * api-change:``iot``: [``botocore``] Documentation update for China region ListMetricValues for IoT
  * api-change:``workspaces``: [``botocore``] Increased the character limit of the login message from
    600 to 850 characters.
  * api-change:``finspace-data``: [``botocore``] We've now deprecated CreateSnapshot permission for
    creating a data view, instead use CreateDataView permission.
  * api-change:``lightsail``: [``botocore``] This release adds support to include inactive database
    bundles in the response of the GetRelationalDatabaseBundles request.
  * api-change:``outposts``: [``botocore``] Documentation updates for AWS Outposts.
  * api-change:``ec2``: [``botocore``] This release introduces a target type Gateway Load Balancer
    Endpoint for mirrored traffic. Customers can now specify GatewayLoadBalancerEndpoint option during
    the creation of a traffic mirror target.
  * api-change:``ssm-incidents``: [``botocore``] Adding support for dynamic SSM Runbook parameter
    values. Updating validation pattern for engagements. Adding ConflictException to
    UpdateReplicationSet API contract.
- from version 1.22.12
  * api-change:``secretsmanager``: [``botocore``] Doc only update for Secrets Manager that fixes
    several customer-reported issues.
  * api-change:``ec2``: [``botocore``] This release updates AWS PrivateLink APIs to support IPv6 for
    PrivateLink Services and Endpoints of type 'Interface'.
- Update BuildRequires and Requires from setup.py
- Update to version 1.22.11
  * api-change:``migration-hub-refactor-spaces``: [``botocore``] AWS Migration Hub Refactor Spaces
    documentation only update to fix a formatting issue.
  * api-change:``ec2``: [``botocore``] Added support for using NitroTPM and UEFI Secure Boot on EC2
    instances.
  * api-change:``emr``: [``botocore``] Update emr client to latest version
  * api-change:``compute-optimizer``: [``botocore``] Documentation updates for Compute Optimizer
  * api-change:``eks``: [``botocore``] Adds BOTTLEROCKET_ARM_64_NVIDIA and BOTTLEROCKET_x86_64_NVIDIA
    AMI types to EKS managed nodegroups
- from version 1.22.10
  * api-change:``evidently``: [``botocore``] Add detail message inside GetExperimentResults API
    response to indicate experiment result availability
  * api-change:``ssm-contacts``: [``botocore``] Fixed an error in the DescribeEngagement example for
    AWS Incident Manager.
  * api-change:``cloudcontrol``: [``botocore``] SDK release for Cloud Control API to include
    paginators for Python SDK.
- from version 1.22.9
  * api-change:``rds``: [``botocore``] Various documentation improvements.
  * api-change:``redshift``: [``botocore``] Introduces new field 'LoadSampleData' in CreateCluster
    operation. Customers can now specify 'LoadSampleData' option during creation of a cluster, which
    results in loading of sample data in the cluster that is created.
  * api-change:``ec2``: [``botocore``] Add new state values for IPAMs, IPAM Scopes, and IPAM Pools.
  * api-change:``mediapackage``: [``botocore``] This release adds Dvb Dash 2014 as an available
    profile option for Dash Origin Endpoints.
  * api-change:``securityhub``: [``botocore``] Documentation updates for Security Hub API reference
  * api-change:``location``: [``botocore``] Amazon Location Service now includes a MaxResults
    parameter for ListGeofences requests.
- from version 1.22.8
  * api-change:``ec2``: [``botocore``] Amazon EC2 I4i instances are powered by 3rd generation Intel
    Xeon Scalable processors and feature up to 30 TB of local AWS Nitro SSD storage
  * api-change:``kendra``: [``botocore``] AWS Kendra now supports hierarchical facets for a query.
    For more information, see https://docs.aws.amazon.com/kendra/latest/dg/filtering.html
  * api-change:``iot``: [``botocore``] AWS IoT Jobs now allows you to create up to 100,000 active
    continuous and snapshot jobs by using concurrency control.
  * api-change:``datasync``: [``botocore``] AWS DataSync now supports a new ObjectTags Task API
    option that can be used to control whether Object Tags are transferred.
- from version 1.22.7
  * api-change:``ssm``: [``botocore``] This release adds the TargetMaps parameter in SSM State
    Manager API.
  * api-change:``backup``: [``botocore``] Adds support to 2 new filters about job complete time for 3
    list jobs APIs in AWS Backup
  * api-change:``lightsail``: [``botocore``] Documentation updates for Lightsail
  * api-change:``iotsecuretunneling``: [``botocore``] This release introduces a new API
    RotateTunnelAccessToken that allow revoking the existing tokens and generate new tokens
- from version 1.22.6
  * api-change:``ec2``: [``botocore``] Adds support for allocating Dedicated Hosts on AWS  Outposts.
    The AllocateHosts API now accepts an OutpostArn request  parameter, and the DescribeHosts API now
    includes an OutpostArn response parameter.
  * api-change:``s3``: [``botocore``] Documentation only update for doc bug fixes for the S3 API docs.
  * api-change:``kinesisvideo``: [``botocore``] Add support for multiple image feature related APIs
    for configuring image generation and notification of a video stream. Add "/GET_IMAGES"/ to the list
    of supported API names for the GetDataEndpoint API.
  * api-change:``sagemaker``: [``botocore``] SageMaker Autopilot adds new metrics for all candidate
    models generated by Autopilot experiments; RStudio on SageMaker now allows users to bring your own
    development environment in a custom image.
  * api-change:``kinesis-video-archived-media``: [``botocore``] Add support for GetImages API  for
    retrieving images from a video stream
- from version 1.22.5
  * api-change:``organizations``: [``botocore``] This release adds the INVALID_PAYMENT_INSTRUMENT as
    a fail reason and an error message.
  * api-change:``synthetics``: [``botocore``] CloudWatch Synthetics has introduced a new feature to
    provide customers with an option to delete the underlying resources that Synthetics canary creates
    when the user chooses to delete the canary.
  * api-change:``outposts``: [``botocore``] This release adds a new API called ListAssets to the
    Outposts SDK, which lists the hardware assets in an Outpost.
- from version 1.22.4
  * api-change:``rds``: [``botocore``] Feature - Adds support for Internet Protocol Version 6 (IPv6)
    on RDS database instances.
  * api-change:``codeguru-reviewer``: [``botocore``] Amazon CodeGuru Reviewer now supports
    suppressing recommendations from being generated on specific files and directories.
  * api-change:``ssm``: [``botocore``] Update the StartChangeRequestExecution, adding TargetMaps to
    the Runbook parameter
  * api-change:``mediaconvert``: [``botocore``] AWS Elemental MediaConvert SDK nows supports creation
    of Dolby Vision profile 8.1, the ability to generate black frames of video, and introduces
    audio-only DASH and CMAF support.
  * api-change:``wafv2``: [``botocore``] You can now inspect all request headers and all cookies. You
    can now specify how to handle oversize body contents in your rules that inspect the body.
- from version 1.22.3
  * api-change:``auditmanager``: [``botocore``] This release adds documentation updates for Audit
    Manager. We provided examples of how to use the Custom_ prefix for the keywordValue attribute. We
    also provided more details about the DeleteAssessmentReport operation.
  * api-change:``network-firewall``: [``botocore``] AWS Network Firewall adds support for stateful
    threat signature AWS managed rule groups.
  * api-change:``ec2``: [``botocore``] This release adds support to query the public key and creation
    date of EC2 Key Pairs. Additionally, the format (pem or ppk) of a key pair can be specified when
    creating a new key pair.
  * api-change:``braket``: [``botocore``] This release enables Braket Hybrid Jobs with Embedded
    Simulators to have multiple instances.
  * api-change:``guardduty``: [``botocore``] Documentation update for API description.
  * api-change:``connect``: [``botocore``] This release introduces an API for changing the current
    agent status of a user in Connect.
- from version 1.22.2
  * api-change:``rekognition``: [``botocore``] This release adds support to configure
    stream-processor resources for label detections on streaming-videos. UpateStreamProcessor API is
    also launched with this release, which could be used to update an existing stream-processor.
  * api-change:``cloudtrail``: [``botocore``] Increases the retention period maximum to 2557 days.
    Deprecates unused fields of the ListEventDataStores API response. Updates documentation.
  * api-change:``lookoutequipment``: [``botocore``] This release adds the following new features: 1)
    Introduces an option for automatic schema creation 2) Now allows for Ingestion of data containing
    most common errors and allows automatic data cleaning 3) Introduces new API ListSensorStatistics
    that gives further information about the ingested data
  * api-change:``iotwireless``: [``botocore``] Add list support for event configurations, allow to
    get and update event configurations by resource type, support LoRaWAN events; Make
    NetworkAnalyzerConfiguration as a resource, add List, Create, Delete API support; Add FCntStart
    attribute support for ABP WirelessDevice.
  * api-change:``amplify``: [``botocore``] Documentation only update to support the Amplify GitHub
    App feature launch
  * api-change:``chime-sdk-media-pipelines``: [``botocore``] For Amazon Chime SDK meetings, the
    Amazon Chime Media Pipelines SDK allows builders to capture audio, video, and content share
    streams. You can also capture meeting events, live transcripts, and data messages. The pipelines
    save the artifacts to an Amazon S3 bucket that you designate.
  * api-change:``sagemaker``: [``botocore``] Amazon SageMaker Autopilot adds support for custom
    validation dataset and validation ratio through the CreateAutoMLJob and DescribeAutoMLJob APIs.
- Update BuildRequires and Requires from setup.py
- Update to version 1.22.1
  * api-change:``lightsail``: [``botocore``] This release adds support for Lightsail load balancer
    HTTP to HTTPS redirect and TLS policy configuration.
  * api-change:``sagemaker``: [``botocore``] SageMaker Inference Recommender now accepts customer KMS
    key ID for encryption of endpoints and compilation outputs created during inference recommendation.
  * api-change:``pricing``: [``botocore``] Documentation updates for Price List API
  * api-change:``glue``: [``botocore``] This release adds documentation for the APIs to create, read,
    delete, list, and batch read of AWS Glue custom patterns, and for Lake Formation configuration
    settings in the AWS Glue crawler.
  * api-change:``cloudfront``: [``botocore``] CloudFront now supports the Server-Timing header in
    HTTP responses sent from CloudFront. You can use this header to view metrics that help you gain
    insights about the behavior and performance of CloudFront. To use this header, enable it in a
    response headers policy.
  * api-change:``ivschat``: [``botocore``] Adds new APIs for IVS Chat, a feature for building
    interactive chat experiences alongside an IVS broadcast.
  * api-change:``network-firewall``: [``botocore``] AWS Network Firewall now enables customers to use
    a customer managed AWS KMS key for the encryption of their firewall resources.
- from version 1.22.0
  * api-change:``gamelift``: [``botocore``] Documentation updates for Amazon GameLift.
  * api-change:``mq``: [``botocore``] This release adds the CRITICAL_ACTION_REQUIRED broker state and
    the ActionRequired API property. CRITICAL_ACTION_REQUIRED informs you when your broker is degraded.
    ActionRequired provides you with a code which you can use to find instructions in the Developer
    Guide on how to resolve the issue.
  * feature:IMDS: [``botocore``] Added resiliency mechanisms to IMDS Credential Fetcher
  * api-change:``securityhub``: [``botocore``] Security Hub now lets you opt-out of auto-enabling the
    defaults standards (CIS and FSBP) in accounts that are auto-enabled with Security Hub via Security
    Hub's integration with AWS Organizations.
  * api-change:``connect``: [``botocore``] This release adds SearchUsers API which can be used to
    search for users with a Connect Instance
  * api-change:``rds-data``: [``botocore``] Support to receive SQL query results in the form of a
    simplified JSON string. This enables developers using the new JSON string format to more easily
    convert it to an object using popular JSON string parsing libraries.
- from version 1.21.46
  * api-change:``chime-sdk-meetings``: [``botocore``] Include additional exceptions types.
  * api-change:``ec2``: [``botocore``] Adds support for waiters that automatically poll for a deleted
    NAT Gateway until it reaches the deleted state.
- from version 1.21.45
  * api-change:``wisdom``: [``botocore``] This release updates the GetRecommendations API to include
    a trigger event list for classifying and grouping recommendations.
  * api-change:``elasticache``: [``botocore``] Doc only update for ElastiCache
  * api-change:``iottwinmaker``: [``botocore``] General availability (GA) for AWS IoT TwinMaker. For
    more information, see https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/Welcome.html
  * api-change:``secretsmanager``: [``botocore``] Documentation updates for Secrets Manager
  * api-change:``mediatailor``: [``botocore``] This release introduces tiered channels and adds
    support for live sources. Customers using a STANDARD channel can now create programs using live
    sources.
  * api-change:``storagegateway``: [``botocore``] This release adds support for minimum of 5
    character length virtual tape barcodes.
  * api-change:``lookoutmetrics``: [``botocore``] Added DetectMetricSetConfig API for detecting
    configuration required for creating metric set from provided S3 data source.
  * api-change:``iotsitewise``: [``botocore``] This release adds 3 new batch data query APIs :
    BatchGetAssetPropertyValue, BatchGetAssetPropertyValueHistory and BatchGetAssetPropertyAggregates
  * api-change:``glue``: [``botocore``] This release adds APIs to create, read, delete, list, and
    batch read of Glue custom entity types
- from version 1.21.44
  * api-change:``macie2``: [``botocore``] Sensitive data findings in Amazon Macie now indicate how
    Macie found the sensitive data that produced a finding (originType).
  * api-change:``rds``: [``botocore``] Added a new cluster-level attribute to set the capacity range
    for Aurora Serverless v2 instances.
  * api-change:``mgn``: [``botocore``] Removed required annotation from input fields in Describe
    operations requests. Added quotaValue to ServiceQuotaExceededException
  * api-change:``connect``: [``botocore``] This release adds APIs to search, claim, release, list,
    update, and describe phone numbers. You can also use them to associate and disassociate contact
    flows to phone numbers.
- from version 1.21.43
  * api-change:``textract``: [``botocore``] This release adds support for specifying and extracting
    information from documents using the Queries feature within Analyze Document API
  * api-change:``worklink``: [``botocore``] Amazon WorkLink is no longer supported. This will be
    removed in a future version of the SDK.
  * api-change:``ssm``: [``botocore``] Added offset support for specifying the number of days to wait
    after the date and time specified by a CRON expression when creating SSM association.
  * api-change:``autoscaling``: [``botocore``] EC2 Auto Scaling now adds default instance warm-up
    times for all scaling activities, health check replacements, and other replacement events in the
    Auto Scaling instance lifecycle.
  * api-change:``personalize``: [``botocore``] Adding StartRecommender and StopRecommender APIs for
    Personalize.
  * api-change:``kendra``: [``botocore``] Amazon Kendra now provides a data source connector for
    Quip. For more information, see https://docs.aws.amazon.com/kendra/latest/dg/data-source-quip.html
  * api-change:``polly``: [``botocore``] Amazon Polly adds new Austrian German voice - Hannah. Hannah
    is available as Neural voice only.
  * api-change:``transfer``: [``botocore``] This release contains corrected HomeDirectoryMappings
    examples for several API functions: CreateAccess, UpdateAccess, CreateUser, and UpdateUser,.
  * api-change:``kms``: [``botocore``] Adds support for KMS keys and APIs that generate and verify
    HMAC codes
  * api-change:``redshift``: [``botocore``] Introduces new fields for LogDestinationType and
    LogExports on EnableLogging requests and Enable/Disable/DescribeLogging responses. Customers can
    now select CloudWatch Logs as a destination for their Audit Logs.
- from version 1.21.42
  * api-change:``lightsail``: [``botocore``] This release adds support to describe the
    synchronization status of the account-level block public access feature for your Amazon Lightsail
    buckets.
  * api-change:``rds``: [``botocore``] Removes Amazon RDS on VMware with the deletion of APIs related
    to Custom Availability Zones and Media installation
  * api-change:``athena``: [``botocore``] This release adds subfields, ErrorMessage, Retryable, to
    the AthenaError response object in the GetQueryExecution API when a query fails.
- from version 1.21.41
  * api-change:``batch``: [``botocore``] Enables configuration updates for compute environments with
    BEST_FIT_PROGRESSIVE and SPOT_CAPACITY_OPTIMIZED allocation strategies.
  * api-change:``ec2``: [``botocore``] Documentation updates for Amazon EC2.
  * api-change:``cloudwatch``: [``botocore``] Update cloudwatch client to latest version
  * api-change:``appstream``: [``botocore``] Includes updates for create and update fleet APIs to
    manage the session scripts locations for Elastic fleets.
  * api-change:``glue``: [``botocore``] Auto Scaling for Glue version 3.0 and later jobs to
    dynamically scale compute resources. This SDK change provides customers with the auto-scaled DPU
    usage
  * api-change:``appflow``: [``botocore``] Enables users to pass custom token URL parameters for
    Oauth2 authentication during create connector profile
- from version 1.21.40
  * api-change:``cloudwatch``: [``botocore``] Update cloudwatch client to latest version
  * api-change:``fsx``: [``botocore``] This release adds support for deploying FSx for ONTAP file
    systems in a single Availability Zone.
- from version 1.21.39
  * api-change:``ec2``: [``botocore``] X2idn and X2iedn instances are powered by 3rd generation Intel
    Xeon Scalable processors with an all-core turbo frequency up to 3.5 GHzAmazon EC2. C6a instances
    are powered by 3rd generation AMD EPYC processors.
  * api-change:``devops-guru``: [``botocore``] This release adds new APIs DeleteInsight to deletes
    the insight along with the associated anomalies, events and recommendations.
  * api-change:``efs``: [``botocore``] Update efs client to latest version
  * api-change:``iottwinmaker``: [``botocore``] This release adds the following new features: 1)
    ListEntities API now supports search using ExternalId. 2) BatchPutPropertyValue and
    GetPropertyValueHistory API now allows users to represent time in sub-second level precisions.
- from version 1.21.38
  * api-change:``amplifyuibuilder``: [``botocore``] In this release, we have added the ability to
    bind events to component level actions.
  * api-change:``apprunner``: [``botocore``] This release adds tracing for App Runner services with
    X-Ray using AWS Distro for OpenTelemetry. New APIs: CreateObservabilityConfiguration,
    DescribeObservabilityConfiguration, ListObservabilityConfigurations, and
    DeleteObservabilityConfiguration. Updated APIs: CreateService and UpdateService.
  * api-change:``workspaces``: [``botocore``] Added API support that allows customers to create
    GPU-enabled WorkSpaces using EC2 G4dn instances.
- from version 1.21.37
  * api-change:``mediaconvert``: [``botocore``] AWS Elemental MediaConvert SDK has added support for
    the pass-through of WebVTT styling to WebVTT outputs, pass-through of KLV metadata to supported
    formats, and improved filter support for processing 444/RGB content.
  * api-change:``wafv2``: [``botocore``] Add a new CurrentDefaultVersion field to
    ListAvailableManagedRuleGroupVersions API response; add a new VersioningSupported boolean to each
    ManagedRuleGroup returned from ListAvailableManagedRuleGroups API response.
  * api-change:``mediapackage-vod``: [``botocore``] This release adds ScteMarkersSource as an
    available field for Dash Packaging Configurations. When set to MANIFEST, MediaPackage will source
    the SCTE-35 markers from the manifest. When set to SEGMENTS, MediaPackage will source the SCTE-35
    markers from the segments.
- from version 1.21.36
  * api-change:``apigateway``: [``botocore``] ApiGateway CLI command get-usage now includes
    usagePlanId, startDate, and endDate fields in the output to match documentation.
  * api-change:``personalize``: [``botocore``] This release provides tagging support in AWS
    Personalize.
  * api-change:``pi``: [``botocore``] Adds support for DocumentDB to the Performance Insights API.
  * api-change:``events``: [``botocore``] Update events client to latest version
  * api-change:``docdb``: [``botocore``] Added support to enable/disable performance insights when
    creating or modifying db instances
  * api-change:``sagemaker``: [``botocore``] Amazon Sagemaker Notebook Instances now supports G5
    instance types
- from version 1.21.35
  * bugfix:Proxy: [``botocore``] Fix failure case for IP proxy addresses using TLS-in-TLS.
    `boto/botocore#2652 <https://github.com/boto/botocore/pull/2652>`__
  * api-change:``config``: [``botocore``] Add resourceType enums for AWS::EMR::SecurityConfiguration
    and AWS::SageMaker::CodeRepository
  * api-change:``panorama``: [``botocore``] Added Brand field to device listings.
  * api-change:``lambda``: [``botocore``] This release adds new APIs for creating and managing Lambda
    Function URLs and adds a new FunctionUrlAuthType parameter to the AddPermission API. Customers can
    use Function URLs to create built-in HTTPS endpoints on their functions.
  * api-change:``kendra``: [``botocore``] Amazon Kendra now provides a data source connector for Box.
    For more information, see https://docs.aws.amazon.com/kendra/latest/dg/data-source-box.html
- from version 1.21.34
  * api-change:``securityhub``: [``botocore``] Added additional ASFF details for RdsSecurityGroup
    AutoScalingGroup, ElbLoadBalancer, CodeBuildProject and RedshiftCluster.
  * api-change:``fsx``: [``botocore``] Provide customers more visibility into file system status by
    adding new "/Misconfigured Unavailable"/ status for Amazon FSx for Windows File Server.
  * api-change:``s3control``: [``botocore``] Documentation-only update for doc bug fixes for the S3
    Control API docs.
  * api-change:``datasync``: [``botocore``] AWS DataSync now supports Amazon FSx for OpenZFS
    locations.
- from version 1.21.33
  * api-change:``iot``: [``botocore``] AWS IoT - AWS IoT Device Defender adds support to list metric
    datapoints collected for IoT devices through the ListMetricValues API
  * api-change:``servicecatalog``: [``botocore``] This release adds ProvisioningArtifictOutputKeys to
    DescribeProvisioningParameters to reference the outputs of a Provisioned Product and deprecates
    ProvisioningArtifactOutputs.
  * api-change:``sms``: [``botocore``] Revised product update notice for SMS console deprecation.
  * api-change:``proton``: [``botocore``] SDK release to support tagging for AWS Proton Repository
    resource
  * enhancement:AWSCRT: [``botocore``] Upgrade awscrt version to 0.13.8
- Update BuildRequires and Requires from setup.py
- Update to version 1.21.32
  * api-change:``connect``: [``botocore``] This release updates these APIs: UpdateInstanceAttribute,
    DescribeInstanceAttribute and ListInstanceAttributes. You can use it to programmatically
    enable/disable multi-party conferencing using attribute type MULTI_PARTY_CONFERENCING on the
    specified Amazon Connect instance.
- from version 1.21.31
  * api-change:``cloudcontrol``: [``botocore``] SDK release for Cloud Control API in Amazon Web
    Services China (Beijing) Region, operated by Sinnet, and Amazon Web Services China (Ningxia)
    Region, operated by NWCD
  * api-change:``pinpoint-sms-voice-v2``: [``botocore``] Amazon Pinpoint now offers a version 2.0
    suite of SMS and voice APIs, providing increased control over sending and configuration. This
    release is a new SDK for sending SMS and voice messages called PinpointSMSVoiceV2.
  * api-change:``workspaces``: [``botocore``] Added APIs that allow you to customize the logo, login
    message, and help links in the WorkSpaces client login page. To learn more, visit
    https://docs.aws.amazon.com/workspaces/latest/adminguide/customize-branding.html
  * api-change:``route53-recovery-cluster``: [``botocore``] This release adds a new API
    "/ListRoutingControls"/ to list routing control states using the highly reliable Route 53 ARC data
    plane endpoints.
  * api-change:``databrew``: [``botocore``] This AWS Glue Databrew release adds feature to support
    ORC as an input format.
  * api-change:``auditmanager``: [``botocore``] This release adds documentation updates for Audit
    Manager. The updates provide data deletion guidance when a customer deregisters Audit Manager or
    deregisters a delegated administrator.
  * api-change:``grafana``: [``botocore``] This release adds tagging support to the Managed Grafana
    service. New APIs: TagResource, UntagResource and ListTagsForResource. Updates: add optional field
    tags to support tagging while calling CreateWorkspace.
- from version 1.21.30
  * api-change:``iot-data``: [``botocore``] Update the default AWS IoT Core Data Plane endpoint from
    VeriSign signed to ATS signed. If you have firewalls with strict egress rules, configure the rules
    to grant you access to data-ats.iot.[region].amazonaws.com or
    data-ats.iot.[region].amazonaws.com.cn.
  * api-change:``ec2``: [``botocore``] This release simplifies the auto-recovery configuration
    process enabling customers to set the recovery behavior to disabled or default
  * api-change:``fms``: [``botocore``] AWS Firewall Manager now supports the configuration of
    third-party policies that can use either the centralized or distributed deployment models.
  * api-change:``fsx``: [``botocore``] This release adds support for modifying throughput capacity
    for FSx for ONTAP file systems.
  * api-change:``iot``: [``botocore``] Doc only update for IoT that fixes customer-reported issues.
- from version 1.21.29
  * api-change:``organizations``: [``botocore``] This release provides the new CloseAccount API that
    enables principals in the management account to close any member account within an organization.
- from version 1.21.28
  * api-change:``medialive``: [``botocore``] This release adds support for selecting a maintenance
    window.
  * api-change:``acm-pca``: [``botocore``] Updating service name entities
- from version 1.21.27
  * api-change:``ec2``: [``botocore``] This is release adds support for Amazon VPC Reachability
    Analyzer to analyze path through a Transit Gateway.
  * api-change:``ssm``: [``botocore``] This Patch Manager release supports creating, updating, and
    deleting Patch Baselines for Rocky Linux OS.
  * api-change:``batch``: [``botocore``] Bug Fix: Fixed a bug where shapes were marked as unboxed and
    were not serialized and sent over the wire, causing an API error from the service.
- from version 1.21.26
  * api-change:``lambda``: [``botocore``] Adds support for increased ephemeral storage (/tmp) up to
    10GB for Lambda functions. Customers can now provision up to 10 GB of ephemeral storage per
    function instance, a 20x increase over the previous limit of 512 MB.
  * api-change:``config``: [``botocore``] Added new APIs GetCustomRulePolicy and
    GetOrganizationCustomRulePolicy, and updated existing APIs PutConfigRule, DescribeConfigRule,
    DescribeConfigRuleEvaluationStatus, PutOrganizationConfigRule, DescribeConfigRule to support a new
    feature for building AWS Config rules with AWS CloudFormation Guard
  * api-change:``transcribe``: [``botocore``] This release adds an additional parameter for
    subtitling with Amazon Transcribe batch jobs: outputStartIndex.
- from version 1.21.25
  * api-change:``redshift``: [``botocore``] This release adds a new [--encrypted | --no-encrypted]
    field in restore-from-cluster-snapshot API. Customers can now restore an unencrypted snapshot to a
    cluster encrypted with AWS Managed Key or their own KMS key.
  * api-change:``ebs``: [``botocore``] Increased the maximum supported value for the Timeout
    parameter of the StartSnapshot API from 60 minutes to 4320 minutes.  Changed the HTTP error code
    for ConflictException from 503 to 409.
  * api-change:``gamesparks``: [``botocore``] Released the preview of Amazon GameSparks, a fully
    managed AWS service that provides a multi-service backend for game developers.
  * api-change:``elasticache``: [``botocore``] Doc only update for ElastiCache
  * api-change:``transfer``: [``botocore``] Documentation updates for AWS Transfer Family to describe
    how to remove an associated workflow from a server.
  * api-change:``auditmanager``: [``botocore``] This release updates 1 API parameter, the SnsArn
    attribute. The character length and regex pattern for the SnsArn attribute have been updated, which
    enables you to deselect an SNS topic when using the UpdateSettings operation.
  * api-change:``ssm``: [``botocore``] Update AddTagsToResource, ListTagsForResource, and
    RemoveTagsFromResource APIs to reflect the support for tagging Automation resources. Includes other
    minor documentation updates.
- from version 1.21.24
  * api-change:``location``: [``botocore``] Amazon Location Service now includes a MaxResults
    parameter for GetDevicePositionHistory requests.
  * api-change:``polly``: [``botocore``] Amazon Polly adds new Catalan voice - Arlet. Arlet is
    available as Neural voice only.
  * api-change:``lakeformation``: [``botocore``] The release fixes the incorrect permissions called
    out in the documentation - DESCRIBE_TAG, ASSOCIATE_TAG, DELETE_TAG, ALTER_TAG. This trebuchet
    release fixes the corresponding SDK and documentation.
  * api-change:``ecs``: [``botocore``] Documentation only update to address tickets
  * api-change:``ce``: [``botocore``] Added three new APIs to support tagging and resource-level
    authorization on Cost Explorer resources: TagResource, UntagResource, ListTagsForResource.  Added
    optional parameters to CreateCostCategoryDefinition, CreateAnomalySubscription and
    CreateAnomalyMonitor APIs to support Tag On Create.
- from version 1.21.23
  * api-change:``ram``: [``botocore``] Document improvements to the RAM API operations and parameter
    descriptions.
  * api-change:``ecr``: [``botocore``] This release includes a fix in the DescribeImageScanFindings
    paginated output.
  * api-change:``quicksight``: [``botocore``] AWS QuickSight Service Features - Expand public API
    support for group management.
  * api-change:``chime-sdk-meetings``: [``botocore``] Add support for media replication to link
    multiple WebRTC media sessions together to reach larger and global audiences. Participants
    connected to a replica session can be granted access to join the primary session and can switch
    sessions with their existing WebRTC connection
  * api-change:``mediaconnect``: [``botocore``] This release adds support for selecting a maintenance
    window.
- from version 1.21.22
  * enhancement:jmespath: [``botocore``] Add env markers to get working version of jmespath for
    python 3.6
  * api-change:``glue``: [``botocore``] Added 9 new APIs for AWS Glue Interactive Sessions:
    ListSessions, StopSession, CreateSession, GetSession, DeleteSession, RunStatement, GetStatement,
    ListStatements, CancelStatement
- from version 1.21.21
  * enhancement:Dependency: [``botocore``] Added support for jmespath 1.0
  * api-change:``amplifybackend``: [``botocore``] Adding the ability to customize Cognito
    verification messages for email and SMS in CreateBackendAuth and UpdateBackendAuth. Adding
    deprecation documentation for ForgotPassword in CreateBackendAuth and UpdateBackendAuth
  * api-change:``acm-pca``: [``botocore``] AWS Certificate Manager (ACM) Private Certificate
    Authority (CA) now supports customizable certificate subject names and extensions.
  * api-change:``ssm-incidents``: [``botocore``] Removed incorrect validation pattern for
    IncidentRecordSource.invokedBy
  * enhancement:Dependency: Added support for jmespath 1.0
  * api-change:``billingconductor``: [``botocore``] This is the initial SDK release for AWS Billing
    Conductor. The AWS Billing Conductor is a customizable billing service, allowing you to customize
    your billing data to match your desired business structure.
  * api-change:``s3outposts``: [``botocore``] S3 on Outposts is releasing a new API,
    ListSharedEndpoints, that lists all endpoints associated with S3 on Outpost, that has been shared
    by Resource Access Manager (RAM).
- from version 1.21.20
  * api-change:``robomaker``: [``botocore``] This release deprecates ROS, Ubuntu and Gazbeo from
    RoboMaker Simulation Service Software Suites in favor of user-supplied containers and Relaxed
    Software Suites.
  * api-change:``dataexchange``: [``botocore``] This feature enables data providers to use the
    RevokeRevision operation to revoke subscriber access to a given revision. Subscribers are unable to
    interact with assets within a revoked revision.
  * api-change:``ec2``: [``botocore``] Adds the Cascade parameter to the DeleteIpam API. Customers
    can use this parameter to automatically delete their IPAM, including non-default scopes, pools,
    cidrs, and allocations. There mustn't be any pools provisioned in the default public scope to use
    this parameter.
  * api-change:``cognito-idp``: [``botocore``] Updated EmailConfigurationType and
    SmsConfigurationType to reflect that you can now choose Amazon SES and Amazon SNS resources in the
    same Region.
  * enhancement:AWSCRT: [``botocore``] Upgrade awscrt extra to 0.13.5
  * api-change:``location``: [``botocore``] New HERE style "/VectorHereExplore"/ and
    "/VectorHereExploreTruck"/.
  * api-change:``ecs``: [``botocore``] Documentation only update to address tickets
  * api-change:``keyspaces``: [``botocore``] Fixing formatting issues in CLI and SDK documentation
  * api-change:``rds``: [``botocore``] Various documentation improvements
- from version 1.21.19
  * api-change:``kendra``: [``botocore``] Amazon Kendra now provides a data source connector for
    Slack. For more information, see https://docs.aws.amazon.com/kendra/latest/dg/data-source-slack.html
  * api-change:``timestream-query``: [``botocore``] Amazon Timestream Scheduled Queries now support
    Timestamp datatype in a multi-measure record.
  * enhancement:Stubber: [``botocore``] Added support for modeled exception fields when adding errors
    to a client stub. Implements boto/boto3`#3178 <https://github.com/boto/botocore/issues/3178>`__.
  * api-change:``elasticache``: [``botocore``] Doc only update for ElastiCache
  * api-change:``config``: [``botocore``] Add resourceType enums for AWS::ECR::PublicRepository and
    AWS::EC2::LaunchTemplate
- from version 1.21.18
  * api-change:``outposts``: [``botocore``] This release adds address filters for listSites
  * api-change:``lambda``: [``botocore``] Adds PrincipalOrgID support to AddPermission API. Customers
    can use it to manage permissions to lambda functions at AWS Organizations level.
  * api-change:``secretsmanager``: [``botocore``] Documentation updates for Secrets Manager.
  * api-change:``connect``: [``botocore``] This release adds support for enabling Rich Messaging when
    starting a new chat session via the StartChatContact API. Rich Messaging enables the following
    formatting options: bold, italics, hyperlinks, bulleted lists, and numbered lists.
  * api-change:``chime``: [``botocore``] Chime VoiceConnector Logging APIs will now support
    MediaMetricLogs. Also CreateMeetingDialOut now returns AccessDeniedException.
- from version 1.21.17
  * api-change:``transcribe``: [``botocore``] Documentation fix for API
    `StartMedicalTranscriptionJobRequest`, now showing min sample rate as 16khz
  * api-change:``transfer``: [``botocore``] Adding more descriptive error types for managed workflows
  * api-change:``lexv2-models``: [``botocore``] Update lexv2-models client to latest version
- from version 1.21.16
  * api-change:``comprehend``: [``botocore``] Amazon Comprehend now supports extracting the sentiment
    associated with entities such as brands, products and services from text documents.
- from version 1.21.15
  * api-change:``eks``: [``botocore``] Introducing a new enum for NodeGroup error code:
    Ec2SubnetMissingIpv6Assignment
  * api-change:``keyspaces``: [``botocore``] Adding link to CloudTrail section in Amazon Keyspaces
    Developer Guide
  * api-change:``mediaconvert``: [``botocore``] AWS Elemental MediaConvert SDK has added support for
    reading timecode from AVCHD sources and now provides the ability to segment WebVTT at the same
    interval as the video and audio in HLS packages.
- from version 1.21.14
  * api-change:``chime-sdk-meetings``: [``botocore``] Adds support for Transcribe language
    identification feature to the StartMeetingTranscription API.
  * api-change:``ecs``: [``botocore``] Amazon ECS UpdateService API now supports additional
    parameters: loadBalancers, propagateTags, enableECSManagedTags, and serviceRegistries
  * api-change:``migration-hub-refactor-spaces``: [``botocore``] AWS Migration Hub Refactor Spaces
    documentation update.
- from version 1.21.13
  * api-change:``synthetics``: [``botocore``] Allow custom handler function.
  * api-change:``transfer``: [``botocore``] Add waiters for server online and offline.
  * api-change:``devops-guru``: [``botocore``] Amazon DevOps Guru now integrates with Amazon CodeGuru
    Profiler. You can view CodeGuru Profiler recommendations for your AWS Lambda function in DevOps
    Guru. This feature is enabled by default for new customers as of 3/4/2022. Existing customers can
    enable this feature with UpdateEventSourcesConfig.
  * api-change:``macie``: [``botocore``] Amazon Macie Classic (macie) has been discontinued and is no
    longer available. A new Amazon Macie (macie2) is now available with significant design improvements
    and additional features.
  * api-change:``ec2``: [``botocore``] Documentation updates for Amazon EC2.
  * api-change:``sts``: [``botocore``] Documentation updates for AWS Security Token Service.
  * api-change:``connect``: [``botocore``] This release updates the *InstanceStorageConfig APIs so
    they support a new ResourceType: REAL_TIME_CONTACT_ANALYSIS_SEGMENTS. Use this resource type to
    enable streaming for real-time contact analysis and to associate the Kinesis stream where real-time
    contact analysis segments will be published.
- from version 1.21.12
  * api-change:``greengrassv2``: [``botocore``] Doc only update that clarifies Create Deployment
    section.
  * api-change:``fsx``: [``botocore``] This release adds support for data repository associations to
    use root ("//"/) as the file system path
  * api-change:``kendra``: [``botocore``] Amazon Kendra now suggests spell corrections for a query.
    For more information, see https://docs.aws.amazon.com/kendra/latest/dg/query-spell-check.html
  * api-change:``appflow``: [``botocore``] Launching Amazon AppFlow Marketo as a destination
    connector SDK.
  * api-change:``timestream-query``: [``botocore``] Documentation only update for SDK and CLI
- from version 1.21.11
  * api-change:``gamelift``: [``botocore``] Minor updates to address errors.
  * api-change:``cloudtrail``: [``botocore``] Add bytesScanned field into responses of DescribeQuery
    and GetQueryResults.
  * api-change:``athena``: [``botocore``] This release adds support for S3 Object Ownership by
    allowing the S3 bucket owner full control canned ACL to be set when Athena writes query results to
    S3 buckets.
  * api-change:``keyspaces``: [``botocore``] This release adds support for data definition language
    (DDL) operations
  * api-change:``ecr``: [``botocore``] This release adds support for tracking images
    lastRecordedPullTime.
- Update BuildRequires and Requires from setup.py
- Update to version 1.21.10
  * api-change:``mediapackage``: [``botocore``] This release adds Hybridcast as an available profile
    option for Dash Origin Endpoints.
  * api-change:``rds``: [``botocore``] Documentation updates for Multi-AZ DB clusters.
  * api-change:``mgn``: [``botocore``] Add support for GP3 and IO2 volume types. Add bootMode to
    LaunchConfiguration object (and as a parameter to UpdateLaunchConfigurationRequest).
  * api-change:``kafkaconnect``: [``botocore``] Adds operation for custom plugin deletion
    (DeleteCustomPlugin) and adds new StateDescription field to DescribeCustomPlugin and
    DescribeConnector responses to return errors from asynchronous resource creation.
- from version 1.21.9
  * api-change:``finspace-data``: [``botocore``] Add new APIs for managing Users and Permission
    Groups.
  * api-change:``amplify``: [``botocore``] Add repositoryCloneMethod field for hosting an Amplify
    app. This field shows what authorization method is used to clone the repo: SSH, TOKEN, or SIGV4.
  * api-change:``fsx``: [``botocore``] This release adds support for the following FSx for OpenZFS
    features: snapshot lifecycle transition messages, force flag for deleting file systems with child
    resources, LZ4 data compression, custom record sizes, and unsetting volume quotas and reservations.
  * api-change:``fis``: [``botocore``] This release adds logging support for AWS Fault Injection
    Simulator experiments. Experiment templates can now be configured to send experiment activity logs
    to Amazon CloudWatch Logs or to an S3 bucket.
  * api-change:``route53-recovery-cluster``: [``botocore``] This release adds a new API option to
    enable overriding safety rules to allow routing control state updates.
  * api-change:``amplifyuibuilder``: [``botocore``] We are adding the ability to configure workflows
    and actions for components.
  * api-change:``athena``: [``botocore``] This release adds support for updating an existing named
    query.
  * api-change:``ec2``: [``botocore``] This release adds support for new AMI property
    'lastLaunchedTime'
  * api-change:``servicecatalog-appregistry``: [``botocore``] AppRegistry is deprecating Application
    and Attribute-Group Name update feature. In this release, we are marking the name attributes for
    Update APIs as deprecated to give a heads up to our customers.
- from version 1.21.8
  * api-change:``elasticache``: [``botocore``] Doc only update for ElastiCache
  * api-change:``panorama``: [``botocore``] Added NTP server configuration parameter to
    ProvisionDevice operation. Added alternate software fields to DescribeDevice response
- from version 1.21.7
  * api-change:``route53``: [``botocore``] SDK doc update for Route 53 to update some parameters with
    new information.
  * api-change:``databrew``: [``botocore``] This AWS Glue Databrew release adds feature to merge job
    outputs into a max number of files for S3 File output type.
  * api-change:``transfer``: [``botocore``] Support automatic pagination when listing AWS Transfer
    Family resources.
  * api-change:``s3control``: [``botocore``] Amazon S3 Batch Operations adds support for new
    integrity checking capabilities in Amazon S3.
  * api-change:``s3``: [``botocore``] This release adds support for new integrity checking
    capabilities in Amazon S3. You can choose from four supported checksum algorithms for data
    integrity checking on your upload and download requests. In addition, AWS SDK can automatically
    calculate a checksum as it streams data into S3
  * api-change:``fms``: [``botocore``] AWS Firewall Manager now supports the configuration of AWS
    Network Firewall policies with either centralized or distributed deployment models. This release
    also adds support for custom endpoint configuration, where you can choose which Availability Zones
    to create firewall endpoints in.
  * api-change:``lightsail``: [``botocore``] This release adds support to delete and create Lightsail
    default key pairs that you can use with Lightsail instances.
  * api-change:``autoscaling``: [``botocore``] You can now hibernate instances in a warm pool to stop
    instances without deleting their RAM contents. You can now also return instances to the warm pool
    on scale in, instead of always terminating capacity that you will need later.
- from version 1.21.6
  * api-change:``transfer``: [``botocore``] The file input selection feature provides the ability to
    use either the originally uploaded file or the output file from the previous workflow step,
    enabling customers to make multiple copies of the original file while keeping the source file
    intact for file archival.
  * api-change:``lambda``: [``botocore``] Lambda releases .NET 6 managed runtime to be available in
    all commercial regions.
  * api-change:``textract``: [``botocore``] Added support for merged cells and column header for
    table response.
- from version 1.21.5
  * api-change:``translate``: [``botocore``] This release enables customers to use translation
    settings for formality customization in their synchronous translation output.
  * api-change:``wafv2``: [``botocore``] Updated descriptions for logging configuration.
  * api-change:``apprunner``: [``botocore``] AWS App Runner adds a Java platform (Corretto 8,
    Corretto 11 runtimes) and a Node.js 14 runtime.
- from version 1.21.4
  * api-change:``imagebuilder``: [``botocore``] This release adds support to enable faster launching
    for Windows AMIs created by EC2 Image Builder.
  * api-change:``customer-profiles``: [``botocore``] This release introduces apis
    CreateIntegrationWorkflow, DeleteWorkflow, ListWorkflows, GetWorkflow and GetWorkflowSteps. These
    apis are used to manage and view integration workflows.
  * api-change:``dynamodb``: [``botocore``] DynamoDB ExecuteStatement API now supports Limit as a
    request parameter to specify the maximum number of items to evaluate. If specified, the service
    will process up to the Limit and the results will include a LastEvaluatedKey value to continue the
    read in a subsequent operation.
- from version 1.21.3
  * api-change:``transfer``: [``botocore``] Properties for Transfer Family used with SFTP, FTP, and
    FTPS protocols. Display Banners are bodies of text that can be displayed before and/or after a user
    authenticates onto a server using one of the previously mentioned protocols.
  * api-change:``gamelift``: [``botocore``] Increase string list limit from 10 to 100.
  * api-change:``budgets``: [``botocore``] This change introduces
    DescribeBudgetNotificationsForAccount API which returns budget notifications for the specified
    account
- from version 1.21.2
  * api-change:``iam``: [``botocore``] Documentation updates for AWS Identity and Access Management
    (IAM).
  * api-change:``redshift``: [``botocore``] SDK release for Cross region datasharing and cost-control
    for cross region datasharing
  * api-change:``evidently``: [``botocore``] Add support for filtering list of experiments and
    launches by status
  * api-change:``backup``: [``botocore``] AWS Backup add new S3_BACKUP_OBJECT_FAILED and
    S3_RESTORE_OBJECT_FAILED event types in BackupVaultNotifications events list.
- from version 1.21.1
  * api-change:``ec2``: [``botocore``] Documentation updates for EC2.
  * api-change:``budgets``: [``botocore``] Adds support for auto-adjusting budgets, a new budget
    method alongside fixed and planned. Auto-adjusting budgets introduces new metadata to configure a
    budget limit baseline using a historical lookback average or current period forecast.
  * api-change:``ce``: [``botocore``] AWS Cost Anomaly Detection now supports SNS FIFO topic
    subscribers.
  * api-change:``glue``: [``botocore``] Support for optimistic locking in UpdateTable
  * api-change:``ssm``: [``botocore``] Assorted ticket fixes and updates for AWS Systems Manager.
- Update BuildRequires and Requires from setup.py
- actually does not require python-mock for build
- Update to version 1.21.0
  * api-change:``appflow``: [``botocore``] Launching Amazon AppFlow SAP as a destination connector
    SDK.
  * feature:Parser: [``botocore``] Adding support for parsing int/long types in rest-json response
    headers.
  * api-change:``rds``: [``botocore``] Adds support for determining which Aurora PostgreSQL versions
    support Babelfish.
  * api-change:``athena``: [``botocore``] This release adds a subfield, ErrorType, to the AthenaError
    response object in the GetQueryExecution API when a query fails.
- from version 1.20.54
  * api-change:``ssm``: [``botocore``] Documentation updates for AWS Systems Manager.
- from version 1.20.53
  * api-change:``cloudformation``: [``botocore``] This SDK release adds AWS CloudFormation Hooks
    HandlerErrorCodes
  * api-change:``lookoutvision``: [``botocore``] This release makes CompilerOptions in Lookout for
    Vision's StartModelPackagingJob's Configuration object optional.
  * api-change:``pinpoint``: [``botocore``] This SDK release adds a new paramater creation date for
    GetApp and GetApps Api call
  * api-change:``sns``: [``botocore``] Customer requested typo fix in API documentation.
  * api-change:``wafv2``: [``botocore``] Adds support for AWS WAF Fraud Control account takeover
    prevention (ATP), with configuration options for the new managed rule group
    AWSManagedRulesATPRuleSet and support for application integration SDKs for Android and iOS mobile
    apps.
- from version 1.20.52
  * api-change:``cloudformation``: [``botocore``] This SDK release is for the feature launch of AWS
    CloudFormation Hooks.
- from version 1.20.51
  * api-change:``kendra``: [``botocore``] Amazon Kendra now provides a data source connector for
    Amazon FSx. For more information, see
    https://docs.aws.amazon.com/kendra/latest/dg/data-source-fsx.html
  * api-change:``apprunner``: [``botocore``] This release adds support for App Runner to route
    outbound network traffic of a service through an Amazon VPC. New API: CreateVpcConnector,
    DescribeVpcConnector, ListVpcConnectors, and DeleteVpcConnector. Updated API: CreateService,
    DescribeService, and UpdateService.
  * api-change:``s3control``: [``botocore``] This release adds support for S3 Batch Replication.
    Batch Replication lets you replicate existing objects, already replicated objects to new
    destinations, and objects that previously failed to replicate. Customers will receive object-level
    visibility of progress and a detailed completion report.
  * api-change:``sagemaker``: [``botocore``] Autopilot now generates an additional report with
    information on the performance of the best model, such as a Confusion matrix and  Area under the
    receiver operating characteristic (AUC-ROC). The path to the report can be found in
    CandidateArtifactLocations.
- from version 1.20.50
  * api-change:``auditmanager``: [``botocore``] This release updates 3 API parameters.
    UpdateAssessmentFrameworkControlSet now requires the controls attribute, and
    CreateAssessmentFrameworkControl requires the id attribute. Additionally, UpdateAssessmentFramework
    now has a minimum length constraint for the controlSets attribute.
  * api-change:``synthetics``: [``botocore``] Adding names parameters to the Describe APIs.
  * api-change:``ssm-incidents``: [``botocore``] Update RelatedItem enum to support SSM Automation
  * api-change:``events``: [``botocore``] Update events client to latest version
  * enhancement:Lambda Request Header: [``botocore``] Adding request header for Lambda recursion
    detection.
- from version 1.20.49
  * api-change:``athena``: [``botocore``] You can now optionally specify the account ID that you
    expect to be the owner of your query results output location bucket in Athena. If the account ID of
    the query results bucket owner does not match the specified account ID, attempts to output to the
    bucket will fail with an S3 permissions error.
  * api-change:``rds``: [``botocore``] updates for RDS Custom for Oracle 12.1 support
  * api-change:``lakeformation``: [``botocore``] Add support for calling Update Table Objects without
    a TransactionId.
- from version 1.20.48
  * api-change:``ec2``: [``botocore``] adds support for AMIs in Recycle Bin
  * api-change:``robomaker``: [``botocore``] The release deprecates the use various APIs of RoboMaker
    Deployment Service in favor of AWS IoT GreenGrass v2.0.
  * api-change:``meteringmarketplace``: [``botocore``] Add CustomerAWSAccountId to ResolveCustomer
    API response and increase UsageAllocation limit to 2500.
  * api-change:``rbin``: [``botocore``] Add EC2 Image recycle bin support.
- from version 1.20.47
  * api-change:``emr``: [``botocore``] Update emr client to latest version
  * api-change:``personalize``: [``botocore``] Adding minRecommendationRequestsPerSecond attribute to
    recommender APIs.
  * enhancement:Request headers: [``botocore``] Adding request headers with retry information.
  * api-change:``appflow``: [``botocore``] Launching Amazon AppFlow Custom Connector SDK.
  * api-change:``dynamodb``: [``botocore``] Documentation update for DynamoDB Java SDK.
  * api-change:``iot``: [``botocore``] This release adds support for configuring AWS IoT logging
    level per client ID, source IP, or principal ID.
  * api-change:``comprehend``: [``botocore``] Amazon Comprehend now supports sharing and importing
    custom trained models from one AWS account to another within the same region.
  * api-change:``ce``: [``botocore``] Doc-only update for Cost Explorer API that adds
    INVOICING_ENTITY dimensions
  * api-change:``fis``: [``botocore``] Added GetTargetResourceType and ListTargetResourceTypesAPI
    actions. These actions return additional details about resource types and parameters that can be
    targeted by FIS actions. Added a parameters field for the targets that can be specified in
    experiment templates.
  * api-change:``es``: [``botocore``] Allows customers to get progress updates for blue/green
    deployments
  * api-change:``glue``: [``botocore``] Launch Protobuf support for AWS Glue Schema Registry
  * api-change:``elasticache``: [``botocore``] Documentation update for AWS ElastiCache
- Update BuildRequires and Requires from setup.py
- Update to version 1.20.46
  * api-change:``appconfigdata``: [``botocore``] Documentation updates for AWS AppConfig Data.
  * api-change:``athena``: [``botocore``] This release adds a field, AthenaError, to the
    GetQueryExecution response object when a query fails.
  * api-change:``appconfig``: [``botocore``] Documentation updates for AWS AppConfig
  * api-change:``cognito-idp``: [``botocore``] Doc updates for Cognito user pools API Reference.
  * api-change:``secretsmanager``: [``botocore``] Feature are ready to release on Jan 28th
  * api-change:``sagemaker``: [``botocore``] This release added a new NNA accelerator compilation
    support for Sagemaker Neo.
- from version 1.20.45
  * api-change:``ec2``: [``botocore``] X2ezn instances are powered by Intel Cascade Lake CPUs that
    deliver turbo all core frequency of up to 4.5 GHz and up to 100 Gbps of networking bandwidth
  * api-change:``kafka``: [``botocore``] Amazon MSK has updated the CreateCluster and
    UpdateBrokerStorage API that allows you to specify volume throughput during cluster creation and
    broker volume updates.
  * api-change:``connect``: [``botocore``] This release adds support for configuring a custom chat
    duration when starting a new chat session via the StartChatContact API. The default value for chat
    duration is 25 hours, minimum configurable value is 1 hour (60 minutes) and maximum configurable
    value is 7 days (10,080 minutes).
  * api-change:``amplify``: [``botocore``] Doc only update to the description of basicauthcredentials
    to describe the required encoding and format.
  * api-change:``opensearch``: [``botocore``] Allows customers to get progress updates for blue/green
    deployments
- from version 1.20.44
  * api-change:``frauddetector``: [``botocore``] Added new APIs for viewing past predictions and
    obtaining prediction metadata including prediction explanations: ListEventPredictions and
    GetEventPredictionMetadata
  * api-change:``ebs``: [``botocore``] Documentation updates for Amazon EBS Direct APIs.
  * api-change:``codeguru-reviewer``: [``botocore``] Added failure state and adjusted timeout in
    waiter
  * api-change:``securityhub``: [``botocore``] Adding top level Sample boolean field
  * api-change:``sagemaker``: [``botocore``] API changes relating to Fail steps in model building
    pipeline and add PipelineExecutionFailureReason in PipelineExecutionSummary.
- from version 1.20.43
  * api-change:``fsx``: [``botocore``] This release adds support for growing SSD storage capacity and
    growing/shrinking SSD IOPS for FSx for ONTAP file systems.
  * api-change:``efs``: [``botocore``] Update efs client to latest version
  * api-change:``connect``: [``botocore``] This release adds support for custom vocabularies to be
    used with Contact Lens. Custom vocabularies improve transcription accuracy for one or more specific
    words.
  * api-change:``guardduty``: [``botocore``] Amazon GuardDuty expands threat detection coverage to
    protect Amazon Elastic Kubernetes Service (EKS) workloads.
- from version 1.20.42
  * api-change:``route53-recovery-readiness``: [``botocore``] Updated documentation for Route53
    Recovery Readiness APIs.
- from version 1.20.41
  * enhancement:Exceptions: [``botocore``] ProxyConnectionError previously provided the full proxy
    URL. User info will now be appropriately masked if needed.
  * api-change:``mediaconvert``: [``botocore``] AWS Elemental MediaConvert SDK has added support for
    4K AV1 output resolutions & 10-bit AV1 color, the ability to ingest sidecar Dolby Vision XML
    metadata files, and the ability to flag WebVTT and IMSC tracks for accessibility in HLS.
  * api-change:``transcribe``: [``botocore``] Add support for granular PIIEntityTypes when using
    Batch ContentRedaction.
- Update to version 1.20.40
  * api-change:``guardduty``: [``botocore``] Amazon GuardDuty findings now include
    remoteAccountDetails under AwsApiCallAction section if instance credential is exfiltrated.
  * api-change:``connect``: [``botocore``] This release adds tagging support for UserHierarchyGroups
    resource.
  * api-change:``mediatailor``: [``botocore``] This release adds support for multiple Segment
    Delivery Configurations. Users can provide a list of names and URLs when creating or editing a
    source location. When retrieving content, users can send a header to choose which URL should be
    used to serve content.
  * api-change:``fis``: [``botocore``] Added action startTime and action endTime timestamp fields to
    the ExperimentAction object
  * api-change:``ec2``: [``botocore``] C6i, M6i and R6i instances are powered by a third-generation
    Intel Xeon Scalable processor (Ice Lake) delivering all-core turbo frequency of 3.5 GHz
- from version 1.20.39
  * api-change:``macie2``: [``botocore``] This release of the Amazon Macie API introduces stricter
    validation of requests to create custom data identifiers.
  * api-change:``ec2-instance-connect``: [``botocore``] Adds support for ED25519 keys.
    PushSSHPublicKey Availability Zone parameter is now optional. Adds EC2InstanceStateInvalidException
    for instances that are not running. This was previously a service exception, so this may require
    updating your code to handle this new exception.
- from version 1.20.38
  * api-change:``ivs``: [``botocore``] This release adds support for the new Thumbnail Configuration
    property for Recording Configurations. For more information see
    https://docs.aws.amazon.com/ivs/latest/userguide/record-to-s3.html
  * api-change:``storagegateway``: [``botocore``] Documentation update for adding bandwidth
    throttling support for S3 File Gateways.
  * api-change:``location``: [``botocore``] This release adds the CalculateRouteMatrix API which
    calculates routes for the provided departure and destination positions. The release also deprecates
    the use of pricing plan across all verticals.
  * api-change:``cloudtrail``: [``botocore``] This release fixes a documentation bug in the
    description for the readOnly field selector in advanced event selectors. The description now
    clarifies that users omit the readOnly field selector to select both Read and Write management
    events.
  * api-change:``ec2``: [``botocore``] Add support for AWS Client VPN client login banner and session
    timeout.
- from version 1.20.37
  * enhancement:Configuration: [``botocore``] Adding support for `defaults_mode` configuration. The
    `defaults_mode` will be used to determine how certain default configuration options are resolved in
    the SDK.
- from version 1.20.36
  * api-change:``config``: [``botocore``] Update ResourceType enum with values for CodeDeploy, EC2
    and Kinesis resources
  * api-change:``application-insights``: [``botocore``] Application Insights support for Active
    Directory and SharePoint
  * api-change:``honeycode``: [``botocore``] Added read and write api support for multi-select
    picklist. And added errorcode field to DescribeTableDataImportJob API output, when import job fails.
  * api-change:``ram``: [``botocore``] This release adds the ListPermissionVersions API which lists
    the versions for a given permission.
  * api-change:``lookoutmetrics``: [``botocore``] This release adds a new DeactivateAnomalyDetector
    API operation.
- Update BuildRequires and Requires from setup.py
- Update to version 1.20.35
  * api-change:``pinpoint``: [``botocore``] Adds JourneyChannelSettings to WriteJourneyRequest
  * api-change:``lexv2-runtime``: [``botocore``] Update lexv2-runtime client to latest version
  * api-change:``nimble``: [``botocore``] Amazon Nimble Studio now supports validation for Launch
    Profiles. Launch Profiles now report static validation results after create/update to detect errors
    in network or active directory configuration.
  * api-change:``glue``: [``botocore``] This SDK release adds support to pass run properties when
    starting a workflow run
  * api-change:``ssm``: [``botocore``] AWS Systems Manager adds category support for DescribeDocument
    API
  * api-change:``elasticache``: [``botocore``] AWS ElastiCache for Redis has added a new Engine Log
    LogType in LogDelivery feature. You can now publish the Engine Log from your Amazon ElastiCache for
    Redis clusters to Amazon CloudWatch Logs and Amazon Kinesis Data Firehose.
- from version 1.20.34
  * api-change:``lexv2-models``: [``botocore``] Update lexv2-models client to latest version
  * api-change:``elasticache``: [``botocore``] Doc only update for ElastiCache
  * api-change:``honeycode``: [``botocore``] Honeycode is releasing new APIs to allow user to create,
    delete and list tags on resources.
  * api-change:``ec2``: [``botocore``] Hpc6a instances are powered by a third-generation AMD EPYC
    processors (Milan) delivering all-core turbo frequency of 3.4 GHz
  * api-change:``fms``: [``botocore``] Shield Advanced policies for Amazon CloudFront resources now
    support automatic application layer DDoS mitigation. The max length for SecurityServicePolicyData
    ManagedServiceData is now 8192 characters, instead of 4096.
  * api-change:``pi``: [``botocore``] This release adds three Performance Insights APIs. Use
    ListAvailableResourceMetrics to get available metrics, GetResourceMetadata to get feature metadata,
    and ListAvailableResourceDimensions to list available dimensions. The AdditionalMetrics field in
    DescribeDimensionKeys retrieves per-SQL metrics.
- from version 1.20.33
  * api-change:``finspace-data``: [``botocore``] Documentation updates for FinSpace.
  * api-change:``rds``: [``botocore``] This release adds the db-proxy event type to support
    subscribing to RDS Proxy events.
  * api-change:``ce``: [``botocore``] Doc only update for Cost Explorer API that fixes missing
    clarifications for MatchOptions definitions
  * api-change:``kendra``: [``botocore``] Amazon Kendra now supports advanced query language and
    query-less search.
  * api-change:``workspaces``: [``botocore``] Introducing new APIs for Workspaces audio optimization
    with Amazon Connect: CreateConnectClientAddIn, DescribeConnectClientAddIns,
    UpdateConnectClientAddIn and DeleteConnectClientAddIn.
  * api-change:``iotevents-data``: [``botocore``] This release provides documentation updates for
    Timer.timestamp in the IoT Events API Reference Guide.
  * api-change:``ec2``: [``botocore``] EC2 Capacity Reservations now supports RHEL instance platforms
    (RHEL with SQL Server Standard, RHEL with SQL Server Enterprise, RHEL with SQL Server Web, RHEL
    with HA, RHEL with HA and SQL Server Standard, RHEL with HA and SQL Server Enterprise)
- from version 1.20.32
  * api-change:``ec2``: [``botocore``] New feature: Updated EC2 API to support faster launching for
    Windows images. Optimized images are pre-provisioned, using snapshots to launch instances up to 65%
    faster.
  * api-change:``compute-optimizer``: [``botocore``] Adds support for new Compute Optimizer
    capability that makes it easier for customers to optimize their EC2 instances by leveraging
    multiple CPU architectures.
  * api-change:``lookoutmetrics``: [``botocore``] This release adds FailureType in the response of
    DescribeAnomalyDetector.
  * api-change:``databrew``: [``botocore``] This SDK release adds support for specifying a Bucket
    Owner for an S3 location.
  * api-change:``transcribe``: [``botocore``] Documentation updates for Amazon Transcribe.
- from version 1.20.31
  * api-change:``medialive``: [``botocore``] This release adds support for selecting the Program Date
    Time (PDT) Clock source algorithm for HLS outputs.
- from version 1.20.30
  * api-change:``ec2``: [``botocore``] This release introduces On-Demand Capacity Reservation support
    for Cluster Placement Groups, adds Tags on instance Metadata, and includes documentation updates
    for Amazon EC2.
  * api-change:``mediatailor``: [``botocore``] This release adds support for filler slate when
    updating MediaTailor channels that use the linear playback mode.
  * api-change:``opensearch``: [``botocore``] Amazon OpenSearch Service adds support for Fine Grained
    Access Control for existing domains running Elasticsearch version 6.7 and above
  * api-change:``iotwireless``: [``botocore``] Downlink Queue Management feature provides APIs for
    customers to manage the queued messages destined to device inside AWS IoT Core for LoRaWAN.
    Customer can view, delete or purge the queued message(s). It allows customer to preempt the queued
    messages and let more urgent messages go through.
  * api-change:``es``: [``botocore``] Amazon OpenSearch Service adds support for Fine Grained Access
    Control for existing domains running Elasticsearch version 6.7 and above
  * api-change:``mwaa``: [``botocore``] This release adds a "/Source"/ field that provides the
    initiator of an update, such as due to an automated patch from AWS or due to modification via
    Console or API.
  * api-change:``appsync``: [``botocore``] AppSync: AWS AppSync now supports configurable batching
    sizes for AWS Lambda resolvers, Direct AWS Lambda resolvers and pipeline functions
- from version 1.20.29
  * api-change:``cloudtrail``: [``botocore``] This release adds support for CloudTrail Lake, a new
    feature that lets you run SQL-based queries on events that you have aggregated into event data
    stores. New APIs have been added for creating and managing event data stores, and creating,
    running, and managing queries in CloudTrail Lake.
  * api-change:``iot``: [``botocore``] This release adds an automatic retry mechanism for AWS IoT
    Jobs. You can now define a maximum number of retries for each Job rollout, along with the criteria
    to trigger the retry for FAILED/TIMED_OUT/ALL(both FAILED an TIMED_OUT) job.
  * api-change:``ec2``: [``botocore``] This release adds a new API called
    ModifyVpcEndpointServicePayerResponsibility which allows VPC endpoint service owners to take payer
    responsibility of their VPC Endpoint connections.
  * api-change:``snowball``: [``botocore``] Updating validation rules for interfaces used in the
    Snowball API to tighten security of service.
  * api-change:``lakeformation``: [``botocore``] Add new APIs for 3rd Party Support for Lake Formation
  * api-change:``appstream``: [``botocore``] Includes APIs for App Entitlement management regarding
    entitlement and entitled application association.
  * api-change:``eks``: [``botocore``] Amazon EKS now supports running applications using IPv6
    address space
  * api-change:``quicksight``: [``botocore``] Multiple Doc-only updates for Amazon QuickSight.
  * api-change:``ecs``: [``botocore``] Documentation update for ticket fixes.
  * api-change:``sagemaker``: [``botocore``] Amazon SageMaker now supports running training jobs on
    ml.g5 instance types.
  * api-change:``glue``: [``botocore``] Add Delta Lake target support for Glue Crawler and 3rd Party
    Support for Lake Formation
- Update BuildRequires and Requires from setup.py
- Update to version 1.20.28
  * api-change:``rekognition``: [``botocore``] This release introduces a new field
    IndexFacesModelVersion, which is the version of the face detect and storage model that was used
    when indexing the face vector.
  * api-change:``s3``: [``botocore``] Minor doc-based updates based on feedback bugs received.
  * enhancement:JSONFileCache: [``botocore``] Add support for __delitem__ in JSONFileCache
  * api-change:``s3control``: [``botocore``] Documentation updates for the renaming of Glacier to
    Glacier Flexible Retrieval.
- from version 1.20.27
  * api-change:``sagemaker``: [``botocore``] The release allows users to pass pipeline definitions as
    Amazon S3 locations and control the pipeline execution concurrency using ParallelismConfiguration.
    It also adds support of EMR jobs as pipeline steps.
  * api-change:``rds``: [``botocore``] Multiple doc-only updates for Relational Database Service (RDS)
  * api-change:``mediaconvert``: [``botocore``] AWS Elemental MediaConvert SDK has added strength
    levels to the Sharpness Filter and now permits OGG files to be specified as sidecar audio inputs.
  * api-change:``greengrassv2``: [``botocore``] This release adds the API operations to manage the
    Greengrass role associated with your account and to manage the core device connectivity
    information. Greengrass V2 customers can now depend solely on Greengrass V2 SDK for all the API
    operations needed to manage their fleets.
  * api-change:``detective``: [``botocore``] Added and updated API operations to support the
    Detective integration with AWS Organizations. New actions are used to manage the delegated
    administrator account and the integration configuration.
- from version 1.20.26
  * api-change:``nimble``: [``botocore``] Amazon Nimble Studio adds support for users to upload files
    during a streaming session using NICE DCV native client or browser.
  * api-change:``chime-sdk-messaging``: [``botocore``] The Amazon Chime SDK now supports updating
    message attributes via channel flows
  * api-change:``imagebuilder``: [``botocore``] Added a note to infrastructure configuration actions
    and data types concerning delivery of Image Builder event messages to encrypted SNS topics. The key
    that's used to encrypt the SNS topic must reside in the account that Image Builder runs under.
  * api-change:``workmail``: [``botocore``] This release allows customers to change their email
    monitoring configuration in Amazon WorkMail.
  * api-change:``transfer``: [``botocore``] Property for Transfer Family used with the FTPS protocol.
    TLS Session Resumption provides a mechanism to resume or share a negotiated secret key between the
    control and data connection for an FTPS session.
  * api-change:``lookoutmetrics``: [``botocore``] This release adds support for Causal Relationships.
    Added new ListAnomalyGroupRelatedMetrics API operation and InterMetricImpactDetails API data type
  * api-change:``mediaconnect``: [``botocore``] You can now use the Fujitsu-QoS protocol for your
    MediaConnect sources and outputs to transport content to and from Fujitsu devices.
  * api-change:``qldb``: [``botocore``] Amazon QLDB now supports journal exports in JSON and Ion
    Binary formats. This release adds an optional OutputFormat parameter to the ExportJournalToS3 API.
- from version 1.20.25
  * api-change:``customer-profiles``: [``botocore``] This release adds an optional parameter,
    ObjectTypeNames to the PutIntegration API to support multiple object types per integration option.
    Besides, this release introduces Standard Order Objects which contain data from third party systems
    and each order object belongs to a specific profile.
  * api-change:``sagemaker``: [``botocore``] This release adds a new ContentType field in
    AutoMLChannel for SageMaker CreateAutoMLJob InputDataConfig.
  * api-change:``forecast``: [``botocore``] Adds ForecastDimensions field to the
    DescribeAutoPredictorResponse
  * api-change:``securityhub``: [``botocore``] Added new resource details objects to ASFF, including
    resources for Firewall, and RuleGroup, FirewallPolicy Added additional details for
    AutoScalingGroup, LaunchConfiguration, and S3 buckets.
  * api-change:``location``: [``botocore``] Making PricingPlan optional as part of create resource
    API.
  * api-change:``redshift``: [``botocore``] This release adds API support for managed Redshift
    datashares. Customers can now interact with a Redshift datashare that is managed by a different
    service, such as AWS Data Exchange.
  * api-change:``apigateway``: [``botocore``] Documentation updates for Amazon API Gateway
  * api-change:``devops-guru``: [``botocore``] Adds Tags support to
    DescribeOrganizationResourceCollectionHealth
  * api-change:``imagebuilder``: [``botocore``] This release adds support for importing and exporting
    VM Images as part of the Image Creation workflow via EC2 VM Import/Export.
  * api-change:``datasync``: [``botocore``] AWS DataSync now supports FSx Lustre Locations.
  * api-change:``finspace-data``: [``botocore``] Make dataset description optional and allow s3
    export for dataviews
- Update BuildRequires and Requires from setup.py
- Update to version 1.20.24
  * api-change:``secretsmanager``: [``botocore``] Documentation updates for Secrets Manager
- from version 1.20.23
  * api-change:``lexv2-models``: [``botocore``] Update lexv2-models client to latest version
  * api-change:``network-firewall``: [``botocore``] This release adds support for managed rule groups.
  * api-change:``route53-recovery-control-config``: [``botocore``] This release adds tagging supports
    to Route53 Recovery Control Configuration. New APIs: TagResource, UntagResource and
    ListTagsForResource. Updates: add optional field `tags` to support tagging while calling
    CreateCluster, CreateControlPanel and CreateSafetyRule.
  * api-change:``ec2``: [``botocore``] Adds waiters support for internet gateways.
  * api-change:``sms``: [``botocore``] This release adds SMS discontinuation information to the API
    and CLI references.
  * api-change:``route53domains``: [``botocore``] Amazon Route 53 domain registration APIs now
    support filtering and sorting in the ListDomains API, deleting a domain by using the DeleteDomain
    API and getting domain pricing information by using the ListPrices API.
  * api-change:``savingsplans``: [``botocore``] Adds the ability to specify Savings Plans hourly
    commitments using five digits after the decimal point.
- from version 1.20.22
  * api-change:``lookoutvision``: [``botocore``] This release adds new APIs for packaging an Amazon
    Lookout for Vision model as an AWS IoT Greengrass component.
  * api-change:``sagemaker``: [``botocore``] This release added a new Ambarella device(amba_cv2)
    compilation support for Sagemaker Neo.
  * api-change:``comprehendmedical``: [``botocore``] This release adds a new set of APIs (synchronous
    and batch) to support the SNOMED-CT ontology.
  * api-change:``health``: [``botocore``] Documentation updates for AWS Health
  * api-change:``logs``: [``botocore``] This release adds AWS Organizations support as condition key
    in destination policy for cross account Subscriptions in CloudWatch Logs.
  * api-change:``outposts``: [``botocore``] This release adds the UpdateOutpost API.
  * api-change:``support``: [``botocore``] Documentation updates for AWS Support.
  * api-change:``iot``: [``botocore``] This release allows customer to enable caching of custom
    authorizer on HTTP protocol for clients that use persistent or Keep-Alive connection in order to
    reduce the number of Lambda invocations.
- from version 1.20.21
  * api-change:``location``: [``botocore``] This release adds support for Accuracy position
    filtering, position metadata and autocomplete for addresses and points of interest based on partial
    or misspelled free-form text.
  * api-change:``appsync``: [``botocore``] AWS AppSync now supports custom domain names, allowing you
    to associate a domain name that you own with an AppSync API in your account.
  * api-change:``route53``: [``botocore``] Add PriorRequestNotComplete exception to
    UpdateHostedZoneComment API
- from version 1.20.20
  * api-change:``rekognition``: [``botocore``] This release added new KnownGender types for Celebrity
    Recognition.
- from version 1.20.19
  * api-change:``ram``: [``botocore``] This release adds the ability to use the new
    ResourceRegionScope parameter on List operations that return lists of resources or resource types.
    This new parameter filters the results by letting you differentiate between global or regional
    resource types.
  * api-change:``networkmanager``: [``botocore``] This release adds API support for AWS Cloud WAN.
  * api-change:``amplifyuibuilder``: [``botocore``] This release introduces the actions and data
    types for the new Amplify UI Builder API. The Amplify UI Builder API provides a programmatic
    interface for creating and configuring user interface (UI) component libraries and themes for use
    in Amplify applications.
- from version 1.20.18
  * api-change:``sagemaker``: [``botocore``] This release enables - 1/ Inference endpoint
    configuration recommendations and ability to run custom load tests to meet performance needs. 2/
    Deploy serverless inference endpoints. 3/ Query, filter and retrieve end-to-end ML lineage graph,
    and incorporate model quality/bias detection in ML workflow.
  * api-change:``kendra``: [``botocore``] Experience Builder allows customers to build search
    applications without writing code. Analytics Dashboard provides quality and usability metrics for
    Kendra indexes. Custom Document Enrichment allows customers to build a custom ingestion pipeline to
    pre-process documents and generate metadata.
  * api-change:``directconnect``: [``botocore``] Adds SiteLink support to private and transit virtual
    interfaces. SiteLink is a new Direct Connect feature that allows routing between Direct Connect
    points of presence.
  * api-change:``lexv2-models``: [``botocore``] Update lexv2-models client to latest version
  * api-change:``ec2``: [``botocore``] This release adds support for Amazon VPC IP Address Manager
    (IPAM), which enables you to plan, track, and monitor IP addresses for your workloads. This release
    also adds support for VPC Network Access Analyzer, which enables you to analyze network access to
    resources in your Virtual Private Clouds.
  * api-change:``shield``: [``botocore``] This release adds API support for Automatic Application
    Layer DDoS Mitigation for AWS Shield Advanced. Customers can now enable automatic DDoS mitigation
    in count or block mode for layer 7 protected resources.
  * api-change:``sagemaker-runtime``: [``botocore``] Update sagemaker-runtime client to latest version
  * api-change:``devops-guru``: [``botocore``] DevOps Guru now provides detailed, database-specific
    analyses of performance issues and recommends corrective actions for Amazon Aurora database
    instances with Performance Insights turned on. You can also use AWS tags to choose which resources
    to analyze and define your applications.
  * api-change:``dynamodb``: [``botocore``] Add support for Table Classes and introduce the Standard
    Infrequent Access table class.
- from version 1.20.17
  * api-change:``s3``: [``botocore``] Introduce Amazon S3 Glacier Instant Retrieval storage class and
    a new setting in S3 Object Ownership to disable ACLs for bucket and the objects in it.
  * api-change:``backup-gateway``: [``botocore``] Initial release of AWS Backup gateway which enables
    you to centralize and automate protection of on-premises VMware and VMware Cloud on AWS workloads
    using AWS Backup.
  * api-change:``iot``: [``botocore``] Added the ability to enable/disable IoT Fleet Indexing for
    Device Defender and Named Shadow information, and search them through IoT Fleet Indexing APIs.
  * api-change:``ec2``: [``botocore``] This release adds support for Is4gen and Im4gn instances. This
    release also adds a new subnet attribute, enableLniAtDeviceIndex, to support local network
    interfaces, which are logical networking components that connect an EC2 instance to your
    on-premises network.
  * api-change:``outposts``: [``botocore``] This release adds the SupportedHardwareType parameter to
    CreateOutpost.
  * api-change:``storagegateway``: [``botocore``] Added gateway type VTL_SNOW. Added new SNOWBALL
    HostEnvironment for gateways running on a Snowball device. Added new field HostEnvironmentId to
    serve as an identifier for the HostEnvironment on which the gateway is running.
  * api-change:``kinesis``: [``botocore``] Amazon Kinesis Data Streams now supports on demand streams.
  * api-change:``glue``: [``botocore``] Support for DataLake transactions
  * api-change:``accessanalyzer``: [``botocore``] AWS IAM Access Analyzer now supports policy
    validation for resource policies attached to S3 buckets and access points. You can run additional
    policy checks by specifying the S3 resource type you want to attach to your resource policy.
  * api-change:``lakeformation``: [``botocore``] This release adds support for row and cell-based
    access control in Lake Formation. It also adds support for Lake Formation Governed Tables, which
    support ACID transactions and automatic storage optimizations.
  * api-change:``kafka``: [``botocore``] This release adds three new V2 APIs. CreateClusterV2 for
    creating both provisioned and serverless clusters. DescribeClusterV2 for getting information about
    provisioned and serverless clusters and ListClustersV2 for listing all clusters (both provisioned
    and serverless) in your account.
  * api-change:``redshift-data``: [``botocore``] Data API now supports serverless queries.
  * api-change:``snowball``: [``botocore``] Tapeball is to integrate tape gateway onto snowball, it
    enables customer to transfer local data on the tape to snowball,and then ingest the data into tape
    gateway on the cloud.
  * api-change:``workspaces-web``: [``botocore``] This is the initial SDK release for Amazon
    WorkSpaces Web. Amazon WorkSpaces Web is a low-cost, fully managed WorkSpace built to deliver
    secure web-based workloads and software-as-a-service (SaaS) application access to users within
    existing web browsers.
  * api-change:``iottwinmaker``: [``botocore``] AWS IoT TwinMaker makes it faster and easier to
    create, visualize and monitor digital twins of real-world systems like buildings, factories and
    industrial equipment to optimize operations. Learn more:
    https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/Welcome.html (New Service) (Preview)
  * api-change:``fsx``: [``botocore``] This release adds support for the FSx for OpenZFS file system
    type, FSx for Lustre file systems with the Persistent_2 deployment type, and FSx for Lustre file
    systems with Amazon S3 data repository associations and automatic export policies.
- from version 1.20.16
  * api-change:``s3``: [``botocore``] Amazon S3 Event Notifications adds Amazon EventBridge as a
    destination and supports additional event types. The PutBucketNotificationConfiguration API can now
    skip validation of Amazon SQS, Amazon SNS and AWS Lambda destinations.
  * api-change:``wellarchitected``: [``botocore``] This update provides support for Well-Architected
    API users to use custom lens features.
  * api-change:``rum``: [``botocore``] This is the first public release of CloudWatch RUM
  * api-change:``rbin``: [``botocore``] This release adds support for Recycle Bin.
  * api-change:``iotsitewise``: [``botocore``] AWS IoT SiteWise now supports retention configuration
    for the hot tier storage.
  * api-change:``compute-optimizer``: [``botocore``] Adds support for the enhanced infrastructure
    metrics paid feature. Also adds support for two new sets of resource efficiency metrics, including
    savings opportunity metrics and performance improvement opportunity metrics.
  * api-change:``ecr``: [``botocore``] This release adds supports for pull through cache rules and
    enhanced scanning.
  * api-change:``evidently``: [``botocore``] Introducing Amazon CloudWatch Evidently. This is the
    first public release of Amazon CloudWatch Evidently.
  * api-change:``inspector2``: [``botocore``] This release adds support for the new Amazon Inspector
    API. The new Amazon Inspector can automatically discover and scan Amazon EC2 instances and Amazon
    ECR container images for software vulnerabilities and unintended network exposure, and report
    centralized findings across multiple AWS accounts.
  * api-change:``ssm``: [``botocore``] Added two new attributes to DescribeInstanceInformation called
    SourceId and SourceType along with new string filters SourceIds and SourceTypes to filter instance
    records.
  * api-change:``ec2``: [``botocore``] This release adds support for G5g and M6a instances. This
    release also adds support for Amazon EBS Snapshots Archive, a feature that enables you to archive
    your EBS snapshots; and Recycle Bin, a feature that enables you to protect your EBS snapshots
    against accidental deletion.
  * api-change:``dataexchange``: [``botocore``] This release enables providers and subscribers to use
    Data Set, Job, and Asset operations to work with API assets from Amazon API Gateway. In addition,
    this release enables subscribers to use the SendApiAsset operation to invoke a provider's Amazon
    API Gateway API that they are entitled to.
- from version 1.20.15
  * api-change:``migration-hub-refactor-spaces``: [``botocore``] This is the initial SDK release for
    AWS Migration Hub Refactor Spaces
  * api-change:``textract``: [``botocore``] This release adds support for synchronously analyzing
    identity documents through a new API: AnalyzeID
  * api-change:``personalize-runtime``: [``botocore``] This release adds inference support for
    Recommenders.
  * api-change:``personalize``: [``botocore``] This release adds API support for Recommenders and
    BatchSegmentJobs.
- from version 1.20.14
  * api-change:``autoscaling``: [``botocore``] Documentation updates for Amazon EC2 Auto Scaling.
  * api-change:``mgn``: [``botocore``] Application Migration Service now supports an additional
    replication method that does not require agent installation on each source server. This option is
    available for source servers running on VMware vCenter versions 6.7 and 7.0.
  * api-change:``ec2``: [``botocore``] Documentation updates for EC2.
  * api-change:``iotdeviceadvisor``: [``botocore``] Documentation update for Device Advisor
    GetEndpoint API
  * api-change:``pinpoint``: [``botocore``] Added a One-Time Password (OTP) management feature. You
    can use the Amazon Pinpoint API to generate OTP codes and send them to your users as SMS messages.
    Your apps can then call the API to verify the OTP codes that your users input
  * api-change:``outposts``: [``botocore``] This release adds new APIs for working with Outpost sites
    and orders.
- from version 1.20.13
  * api-change:``timestream-query``: [``botocore``] Releasing Amazon Timestream Scheduled Queries. It
    makes real-time analytics more performant and cost-effective for customers by calculating and
    storing frequently accessed aggregates, and other computations, typically used in operational
    dashboards, business reports, and other analytics applications
  * api-change:``elasticache``: [``botocore``] Doc only update for ElastiCache
  * api-change:``proton``: [``botocore``] This release adds APIs for getting the outputs and
    provisioned stacks for Environments, Pipelines, and ServiceInstances.  You can now add tags to
    EnvironmentAccountConnections.  It also adds APIs for working with PR-based provisioning.  Also, it
    adds APIs for syncing templates with a git repository.
  * api-change:``translate``: [``botocore``] This release enables customers to use translation
    settings to mask profane words and phrases in their translation output.
  * api-change:``lambda``: [``botocore``] Remove Lambda function url apis
  * api-change:``imagebuilder``: [``botocore``] This release adds support for sharing AMIs with
    Organizations within an EC2 Image Builder Distribution Configuration.
  * api-change:``customer-profiles``: [``botocore``] This release introduces a new auto-merging
    feature for profile matching. The auto-merging configurations can be set via CreateDomain API or
    UpdateDomain API. You can use GetIdentityResolutionJob API and ListIdentityResolutionJobs API to
    fetch job status.
  * api-change:``autoscaling``: [``botocore``] Customers can now configure predictive scaling
    policies to proactively scale EC2 Auto Scaling groups based on any CloudWatch metrics that more
    accurately represent the load on the group than the four predefined metrics. They can also use math
    expressions to further customize the metrics.
  * api-change:``timestream-write``: [``botocore``] This release adds support for multi-measure
    records and magnetic store writes. Multi-measure records allow customers to store multiple measures
    in a single table row. Magnetic store writes enable customers to write late arrival data (data with
    timestamp in the past) directly into the magnetic store.
  * api-change:``iotsitewise``: [``botocore``] AWS IoT SiteWise now accepts data streams that aren't
    associated with any asset properties. You can organize data by updating data stream associations.
- from version 1.20.12
  * api-change:``redshift``: [``botocore``] This release adds support for reserved node exchange with
    restore/resize
  * api-change:``elasticache``: [``botocore``] Adding support for r6gd instances for Redis with data
    tiering. In a cluster with data tiering enabled, when available memory capacity is exhausted, the
    least recently used data is automatically tiered to solid state drives for cost-effective capacity
    scaling with minimal performance impact.
  * api-change:``opensearch``: [``botocore``] This release adds an optional parameter dry-run for the
    UpdateDomainConfig API to perform basic validation checks, and detect the deployment type that will
    be required for the configuration change, without actually applying the change.
  * api-change:``backup``: [``botocore``] This release adds new opt-in settings for advanced features
    for DynamoDB backups
  * api-change:``iot``: [``botocore``] This release introduces a new feature, Managed Job Template,
    for AWS IoT Jobs Service. Customers can now use service provided managed job templates to easily
    create jobs for supported standard job actions.
  * api-change:``iotwireless``: [``botocore``] Two new APIs, GetNetworkAnalyzerConfiguration and
    UpdateNetworkAnalyzerConfiguration, are added for the newly released Network Analyzer feature which
    enables customers to view real-time frame information and logs from LoRaWAN devices and gateways.
  * api-change:``workspaces``: [``botocore``] Documentation updates for Amazon WorkSpaces
  * api-change:``s3``: [``botocore``] Introduce two new Filters to S3 Lifecycle configurations -
    ObjectSizeGreaterThan and ObjectSizeLessThan. Introduce a new way to trigger actions on noncurrent
    versions by providing the number of newer noncurrent versions along with noncurrent days.
  * api-change:``elbv2``: [``botocore``] Update elbv2 client to latest version
  * api-change:``macie2``: [``botocore``] Documentation updates for Amazon Macie
  * api-change:``ec2``: [``botocore``] This release adds a new parameter ipv6Native to the allow
    creation of IPv6-only subnets using the CreateSubnet operation, and the operation
    ModifySubnetAttribute includes new parameters to modify subnet attributes to use resource-based
    naming and enable DNS resolutions for Private DNS name.
  * api-change:``sqs``: [``botocore``] Amazon SQS adds a new queue attribute, SqsManagedSseEnabled,
    which enables server-side queue encryption using SQS owned encryption keys.
  * api-change:``ecs``: [``botocore``] Documentation update for ARM support on Amazon ECS.
  * api-change:``sts``: [``botocore``] Documentation updates for AWS Security Token Service.
  * api-change:``finspace-data``: [``botocore``] Update documentation for createChangeset API.
  * api-change:``dynamodb``: [``botocore``] DynamoDB PartiQL now supports ReturnConsumedCapacity,
    which returns capacity units consumed by PartiQL APIs if the request specified
    returnConsumedCapacity parameter. PartiQL APIs include ExecuteStatement, BatchExecuteStatement, and
    ExecuteTransaction.
  * api-change:``lambda``: [``botocore``] Release Lambda event source filtering for SQS, Kinesis
    Streams, and DynamoDB Streams.
  * api-change:``iotdeviceadvisor``: [``botocore``] This release introduces a new feature for Device
    Advisor: ability to execute multiple test suites in parallel for given customer account. You can
    use GetEndpoint API to get the device-level test endpoint and call StartSuiteRun with
    "/parallelRun=true"/ to run suites in parallel.
  * api-change:``rds``: [``botocore``] Adds support for Multi-AZ DB clusters for RDS for MySQL and
    RDS for PostgreSQL.
- from version 1.20.11
  * api-change:``connect``: [``botocore``] This release adds support for UpdateContactFlowMetadata,
    DeleteContactFlow and module APIs. For details, see the Release Notes in the Amazon Connect
    Administrator Guide.
  * api-change:``dms``: [``botocore``] Added new S3 endpoint settings to allow to convert the current
    UTC time into a specified time zone when a date partition folder is created. Using with
    'DatePartitionedEnabled'.
  * api-change:``es``: [``botocore``] This release adds an optional parameter dry-run for the
    UpdateElasticsearchDomainConfig API to perform basic validation checks, and detect the deployment
    type that will be required for the configuration change, without actually applying the change.
  * api-change:``ssm``: [``botocore``] Adds new parameter to CreateActivation API . This parameter is
    for "/internal use only"/.
  * api-change:``chime-sdk-meetings``: [``botocore``] Added new APIs for enabling Echo Reduction with
    Voice Focus.
  * api-change:``eks``: [``botocore``] Adding missing exceptions to RegisterCluster operation
  * api-change:``quicksight``: [``botocore``] Add support for Exasol data source, 1 click enterprise
    embedding and email customization.
  * api-change:``cloudformation``: [``botocore``] This release include SDK changes for the feature
    launch of Stack Import to Service Managed StackSet.
  * api-change:``rds``: [``botocore``] Adds local backup support to Amazon RDS on AWS Outposts.
  * api-change:``braket``: [``botocore``] This release adds support for Amazon Braket Hybrid Jobs.
  * api-change:``s3control``: [``botocore``] Added Amazon CloudWatch publishing option for S3 Storage
    Lens metrics.
  * api-change:``finspace-data``: [``botocore``] Add new APIs for managing Datasets, Changesets, and
    Dataviews.
- from version 1.20.10
  * api-change:``lexv2-runtime``: [``botocore``] Update lexv2-runtime client to latest version
  * api-change:``cloudformation``: [``botocore``] The StackSets ManagedExecution feature will allow
    concurrency for non-conflicting StackSet operations and queuing the StackSet operations that
    conflict at a given time for later execution.
  * api-change:``redshift``: [``botocore``] Added support of default IAM role for CreateCluster,
    RestoreFromClusterSnapshot and ModifyClusterIamRoles APIs
  * api-change:``lambda``: [``botocore``] Add support for Lambda Function URLs. Customers can use
    Function URLs to create built-in HTTPS endpoints on their functions.
  * api-change:``appstream``: [``botocore``] Includes APIs for managing resources for Elastic fleets:
    applications, app blocks, and application-fleet associations.
  * api-change:``medialive``: [``botocore``] This release adds support for specifying a SCTE-35 PID
    on input. MediaLive now supports SCTE-35 PID selection on inputs containing one or more active
    SCTE-35 PIDs.
  * api-change:``batch``: [``botocore``] Documentation updates for AWS Batch.
  * api-change:``application-insights``: [``botocore``] Application Insights now supports monitoring
    for HANA
- from version 1.20.9
  * api-change:``ivs``: [``botocore``] Add APIs for retrieving stream session information and support
    for filtering live streams by health.  For more information, see
    https://docs.aws.amazon.com/ivs/latest/userguide/stream-health.html
  * api-change:``lambda``: [``botocore``] Added support for CLIENT_CERTIFICATE_TLS_AUTH and
    SERVER_ROOT_CA_CERTIFICATE as SourceAccessType for MSK and Kafka event source mappings.
  * api-change:``chime``: [``botocore``] Adds new Transcribe API parameters to
    StartMeetingTranscription, including support for content identification and redaction (PII & PHI),
    partial results stabilization, and custom language models.
  * api-change:``chime-sdk-meetings``: [``botocore``] Adds new Transcribe API parameters to
    StartMeetingTranscription, including support for content identification and redaction (PII & PHI),
    partial results stabilization, and custom language models.
  * api-change:``lexv2-models``: [``botocore``] Update lexv2-models client to latest version
  * api-change:``cloudwatch``: [``botocore``] Update cloudwatch client to latest version
  * api-change:``auditmanager``: [``botocore``] This release introduces a new feature for Audit
    Manager: Dashboard views. You can now view insights data for your active assessments, and quickly
    identify non-compliant evidence that needs to be remediated.
  * api-change:``databrew``: [``botocore``] This SDK release adds the following new features: 1) PII
    detection in profile jobs, 2) Data quality rules, enabling validation of data quality in profile
    jobs, 3) SQL query-based datasets for Amazon Redshift and Snowflake data sources, and 4) Connecting
    DataBrew datasets with Amazon AppFlow flows.
  * api-change:``redshift-data``: [``botocore``] Rolling back Data API serverless features until
    dependencies are live.
  * api-change:``kafka``: [``botocore``] Amazon MSK has added a new API that allows you to update the
    connectivity settings for an existing cluster to enable public accessibility.
  * api-change:``forecast``: [``botocore``] NEW CreateExplanability API that helps you understand how
    attributes such as price, promotion, etc. contributes to your forecasted values; NEW
    CreateAutoPredictor API that trains up to 40% more accurate forecasting model, saves up to 50% of
    retraining time, and provides model level explainability.
  * api-change:``appconfig``: [``botocore``] Add Type to support feature flag configuration profiles
- from version 1.20.8
  * api-change:``appconfigdata``: [``botocore``] AWS AppConfig Data is a new service that allows you
    to retrieve configuration deployed by AWS AppConfig. See the AppConfig user guide for more details
    on getting started. https://docs.aws.amazon.com/appconfig/latest/userguide/what-is-appconfig.html
  * api-change:``drs``: [``botocore``] Introducing AWS Elastic Disaster Recovery (AWS DRS), a new
    service that minimizes downtime and data loss with fast, reliable recovery of on-premises and
    cloud-based applications using affordable storage, minimal compute, and point-in-time recovery.
  * api-change:``apigateway``: [``botocore``] Documentation updates for Amazon API Gateway.
  * api-change:``sns``: [``botocore``] Amazon SNS introduces the PublishBatch API, which enables
    customers to publish up to 10 messages per API request. The new API is valid for Standard and FIFO
    topics.
  * api-change:``redshift-data``: [``botocore``] Data API now supports serverless requests.
  * api-change:``amplifybackend``: [``botocore``] New APIs to support the Amplify Storage category.
    Add and manage file storage in your Amplify app backend.
- from version 1.20.7
  * api-change:``location``: [``botocore``] This release adds the support for Relevance, Distance,
    Time Zone, Language and Interpolated Address for Geocoding and Reverse Geocoding.
  * api-change:``cloudtrail``: [``botocore``] CloudTrail Insights now supports ApiErrorRateInsight,
    which enables customers to identify unusual activity in their AWS account based on API error codes
    and their rate.
- from version 1.20.6
  * api-change:``migrationhubstrategy``: [``botocore``] AWS SDK for Migration Hub Strategy
    Recommendations. It includes APIs to start the portfolio assessment, import portfolio data for
    assessment, and to retrieve recommendations. For more information, see the AWS Migration Hub
    documentation at https://docs.aws.amazon.com/migrationhub/index.html
  * api-change:``ec2``: [``botocore``] Adds a new VPC Subnet attribute "/EnableDns64."/ When enabled on
    IPv6 Subnets, the Amazon-Provided DNS Resolver returns synthetic IPv6 addresses for IPv4-only
    destinations.
  * api-change:``wafv2``: [``botocore``] Your options for logging web ACL traffic now include Amazon
    CloudWatch Logs log groups and Amazon S3 buckets.
  * api-change:``dms``: [``botocore``] Add Settings in JSON format for the source GCP MySQL endpoint
  * api-change:``ssm``: [``botocore``] Adds support for Session Reason and Max Session Duration for
    Systems Manager Session Manager.
  * api-change:``appstream``: [``botocore``] This release includes support for images of AmazonLinux2
    platform type.
  * api-change:``eks``: [``botocore``] Adding Tags support to Cluster Registrations.
  * api-change:``transfer``: [``botocore``] AWS Transfer Family now supports integrating a custom
    identity provider using AWS Lambda
- from version 1.20.5
  * api-change:``ec2``: [``botocore``] C6i instances are powered by a third-generation Intel Xeon
    Scalable processor (Ice Lake) delivering all-core turbo frequency of 3.5 GHz. G5 instances feature
    up to 8 NVIDIA A10G Tensor Core GPUs and second generation AMD EPYC processors.
  * api-change:``ssm``: [``botocore``] This Patch Manager release supports creating Patch Baselines
    for RaspberryPi OS (formerly Raspbian)
  * api-change:``devops-guru``: [``botocore``] Add support for cross account APIs.
  * api-change:``connect``: [``botocore``] This release adds APIs for creating and managing scheduled
    tasks. Additionally, adds APIs to describe and update a contact and list associated references.
  * api-change:``mediaconvert``: [``botocore``] AWS Elemental MediaConvert SDK has added automatic
    modes for GOP configuration and added the ability to ingest screen recordings generated by Safari
    on MacOS 12 Monterey.
- from version 1.20.4
  * api-change:``dynamodb``: [``botocore``] Updated Help section for "/dynamodb
    update-contributor-insights"/ API
  * api-change:``ec2``: [``botocore``] This release provides an additional route target for the VPC
    route table.
  * api-change:``translate``: [``botocore``] This release enables customers to import
    Multi-Directional Custom Terminology and use Multi-Directional Custom Terminology in both real-time
    translation and asynchronous batch translation.
- from version 1.20.3
  * api-change:``backup``: [``botocore``] AWS Backup SDK provides new options when scheduling
    backups: select supported services and resources that are assigned to a particular tag, linked to a
    combination of tags, or can be identified by a partial tag value, and exclude resources from their
    assignments.
  * api-change:``ecs``: [``botocore``] This release adds support for container instance health.
  * api-change:``resiliencehub``: [``botocore``] Initial release of AWS Resilience Hub, a managed
    service that enables you to define, validate, and track the resilience of your applications on AWS
- from version 1.20.2
  * api-change:``batch``: [``botocore``] Adds support for scheduling policy APIs.
  * api-change:``health``: [``botocore``] Documentation updates for AWS Health.
  * api-change:``greengrassv2``: [``botocore``] This release adds support for Greengrass core devices
    running Windows. You can now specify name of a Windows user to run a component.
- from version 1.20.1
  * bugfix:urllib3: [``botocore``] Fix NO_OP_TICKET import bug in older versions of urllib3
- from version 1.20.0
  * feature:EndpointResolver: [``botocore``] Adding support for resolving modeled FIPS and Dualstack
    endpoints.
  * feature:``six``: [``botocore``] Updated vendored version of ``six`` from 1.10.0 to 1.16.0
  * api-change:``sagemaker``: [``botocore``] SageMaker CreateEndpoint and UpdateEndpoint APIs now
    support additional deployment configuration to manage traffic shifting options and automatic
    rollback monitoring. DescribeEndpoint now shows new in-progress deployment details with stage
    status.
  * api-change:``chime-sdk-meetings``: [``botocore``] Updated format validation for ids and regions.
  * api-change:``wafv2``: [``botocore``] You can now configure rules to run a CAPTCHA check against
    web requests and, as needed, send a CAPTCHA challenge to the client.
  * api-change:``ec2``: [``botocore``] This release adds internal validation on the
    GatewayAssociationState field
- from version 1.19.12
  * api-change:``ec2``: [``botocore``] DescribeInstances now returns customer-owned IP addresses for
    instances running on an AWS Outpost.
  * api-change:``translate``: [``botocore``] This release enable customers to use their own KMS keys
    to encrypt output files when they submit a batch transform job.
  * api-change:``resourcegroupstaggingapi``: [``botocore``] Documentation updates and improvements.
- from version 1.19.11
  * api-change:``chime-sdk-meetings``: [``botocore``] The Amazon Chime SDK Meetings APIs allow
    software developers to create meetings and attendees for interactive audio, video, screen and
    content sharing in custom meeting applications which use the Amazon Chime SDK.
  * api-change:``sagemaker``: [``botocore``] ListDevices and DescribeDevice now show Edge Manager
    agent version.
  * api-change:``connect``: [``botocore``] This release adds CRUD operation support for Security
    profile resource in Amazon Connect
  * api-change:``iotwireless``: [``botocore``] Adding APIs for the FUOTA (firmware update over the
    air) and multicast for LoRaWAN devices and APIs to support event notification opt-in feature for
    Sidewalk related events. A few existing APIs need to be modified for this new feature.
  * api-change:``ec2``: [``botocore``] This release adds a new instance replacement strategy for EC2
    Fleet, Spot Fleet. Now you can select an action to perform when your instance gets a rebalance
    notification. EC2 Fleet, Spot Fleet can launch a replacement then terminate the instance that
    received notification after a termination delay
- from version 1.19.10
  * api-change:``finspace``: [``botocore``] Adds superuser and data-bundle parameters to
    CreateEnvironment API
  * api-change:``connectparticipant``: [``botocore``] This release adds a new boolean attribute -
    Connect Participant - to the CreateParticipantConnection API, which can be used to mark the
    participant as connected.
  * api-change:``datasync``: [``botocore``] AWS DataSync now supports Hadoop Distributed File System
    (HDFS) Locations
  * api-change:``macie2``: [``botocore``] This release adds support for specifying the severity of
    findings that a custom data identifier produces, based on the number of occurrences of text that
    matches the detection criteria.
- from version 1.19.9
  * api-change:``cloudfront``: [``botocore``] CloudFront now supports response headers policies to
    add HTTP headers to the responses that CloudFront sends to viewers. You can use these policies to
    add CORS headers, control browser caching, and more, without modifying your origin or writing any
    code.
  * api-change:``connect``: [``botocore``] Amazon Connect Chat now supports real-time message
    streaming.
  * api-change:``nimble``: [``botocore``] Amazon Nimble Studio adds support for users to stop and
    start streaming sessions.
- from version 1.19.8
  * api-change:``rekognition``: [``botocore``] This Amazon Rekognition Custom Labels release
    introduces the management of datasets with  projects
  * api-change:``networkmanager``: [``botocore``] This release adds API support to aggregate
    resources, routes, and telemetry data across a Global Network.
  * api-change:``lightsail``: [``botocore``] This release adds support to enable access logging for
    buckets in the Lightsail object storage service.
  * api-change:``neptune``: [``botocore``] Adds support for major version upgrades to ModifyDbCluster
    API
- from version 1.19.7
  * api-change:``transcribe``: [``botocore``] Transcribe and Transcribe Call Analytics now support
    automatic language identification along with custom vocabulary, vocabulary filter, custom language
    model and PII redaction.
  * api-change:``application-insights``: [``botocore``] Added Monitoring support for SQL Server
    Failover Cluster Instance. Additionally, added a new API to allow one-click monitoring of
    containers resources.
  * api-change:``rekognition``: [``botocore``] This release added new attributes to Rekognition Video
    GetCelebrityRecognition API operations.
  * api-change:``connect``: [``botocore``] Amazon Connect Chat now supports real-time message
    streaming.
  * api-change:``ec2``: [``botocore``] Support added for AMI sharing with organizations and
    organizational units in ModifyImageAttribute API
- Update BuildRequires and Requires from setup.py
- Update to version 1.19.6
  * api-change:``gamelift``: [``botocore``] Added support for Arm-based AWS
    Graviton2 instances, such as M6g, C6g, and R6g.
  * api-change:``ecs``: [``botocore``] Amazon ECS now supports running Fargate
    tasks on Windows Operating Systems Families which includes Windows Server
    2019 Core and Windows Server 2019 Full.
  * api-change:``sagemaker``: [``botocore``] This release adds support for
    RStudio on SageMaker.
  * api-change:``connectparticipant``: [``botocore``] This release adds a new
    boolean attribute - Connect Participant - to the CreateParticipantConnection
    API, which can be used to mark the participant as connected.
  * api-change:``ec2``: [``botocore``] Added new read-only DenyAllIGWTraffic
    network interface attribute. Added support for DL1 24xlarge instances
    powered by Habana Gaudi Accelerators for deep learning model training
    workloads
  * api-change:``ssm-incidents``: [``botocore``] Updating documentation, adding
    new field to ConflictException to indicate earliest retry timestamp for some
    operations, increase maximum length of nextToken fields
- from version 1.19.5
  * api-change:``autoscaling``: [``botocore``] This release adds support for
    attribute-based instance type selection, a new EC2 Auto Scaling feature
    that lets customers express their instance requirements as a set of attributes,
    such as vCPU, memory, and storage.
  * api-change:``ec2``: [``botocore``] This release adds: attribute-based instance
    type selection for EC2 Fleet, Spot Fleet, a feature that lets customers express
    instance requirements as attributes like vCPU, memory, and storage; and Spot
    placement score, a feature that helps customers identify an optimal location
    to run Spot workloads.
  * enhancement:Session: Added `get_partition_for_region` to lookup partition for
    a given region_name
  * api-change:``eks``: [``botocore``] EKS managed node groups now support
    BOTTLEROCKET_x86_64 and BOTTLEROCKET_ARM_64 AMI types.
  * api-change:``sagemaker``: [``botocore``] This release allows customers to
    describe one or more versioned model packages through BatchDescribeModelPackage,
    update project via UpdateProject, modify and read customer metadata properties
    using Create, Update and Describe ModelPackage and enables cross account
    registration of model packages.
  * enhancement:Session: [``botocore``] Added `get_partition_for_region` allowing
    partition lookup by region name.
  * api-change:``textract``: [``botocore``] This release adds support for asynchronously
    analyzing invoice and receipt documents through two new APIs: StartExpenseAnalysis
    and GetExpenseAnalysis
  * enchancement:``s3``: TransferConfig now supports the `max_bandwidth` argument.
- from version 1.19.4
  * api-change:``emr-containers``: [``botocore``] This feature enables auto-generation
    of certificate  to secure the managed-endpoint and removes the need for customer
    provided certificate-arn during managed-endpoint setup.
  * api-change:``chime-sdk-messaging``: [``botocore``] The Amazon Chime SDK now supports
    push notifications through Amazon Pinpoint
  * api-change:``chime-sdk-identity``: [``botocore``] The Amazon Chime SDK now supports
    push notifications through Amazon Pinpoint
- from version 1.19.3
  * api-change:``rds``: [``botocore``] This release adds support for Amazon RDS Custom,
    which is a new RDS management type that gives you full access to your database and
    operating system.
    For more information, see https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-custom.html
  * api-change:``auditmanager``: [``botocore``] This release introduces a new feature for
    Audit Manager: Custom framework sharing. You can now share your custom frameworks with
    another AWS account, or replicate them into another AWS Region under your own account.
  * api-change:``ec2``: [``botocore``] This release adds support to create a VPN Connection
    that is not attached to a Gateway at the time of creation. Use this to create VPNs
    associated with Core Networks, or modify your VPN and attach a gateway using the modify
    API after creation.
  * api-change:``route53resolver``: [``botocore``] New API for ResolverConfig, which allows
    autodefined rules for reverse DNS resolution to be disabled for a VPC
- from version 1.19.2
  * api-change:``quicksight``: [``botocore``] Added QSearchBar option for
    GenerateEmbedUrlForRegisteredUser ExperienceConfiguration to support
    Q search bar embedding
  * api-change:``auditmanager``: [``botocore``] This release introduces character restrictions
    for ControlSet names. We updated regex patterns for the following attributes: ControlSet,
    CreateAssessmentFrameworkControlSet, and UpdateAssessmentFrameworkControlSet.
  * api-change:``chime``: [``botocore``] Chime VoiceConnector and VoiceConnectorGroup
    APIs will now return an ARN.
- from version 1.19.1
  * api-change:``connect``: [``botocore``] Released Amazon Connect hours of operation API
    for general availability (GA). This API also supports AWS CloudFormation. For more
    information, see Amazon Connect Resource Type Reference in the AWS CloudFormation
    User Guide.
- from version 1.19.0
  * api-change:``appflow``: [``botocore``] Feature to add support for  JSON-L format
    for S3 as a source.
  * api-change:``mediapackage-vod``: [``botocore``] MediaPackage passes through digital
    video broadcasting (DVB) subtitles into the output.
  * api-change:``mediaconvert``: [``botocore``] AWS Elemental MediaConvert SDK has added
    support for specifying caption time delta in milliseconds and the ability to apply
    color range legalization to source content other than AVC video.
  * api-change:``mediapackage``: [``botocore``] When enabled, MediaPackage passes through
    digital video broadcasting (DVB) subtitles into the output.
  * api-change:``panorama``: [``botocore``] General availability for AWS Panorama. AWS
    SDK for Panorama includes APIs to manage your devices and nodes, and deploy computer
    vision applications to the edge. For more information, see the AWS Panorama
    documentation at http://docs.aws.amazon.com/panorama
  * feature:Serialization: [``botocore``] rest-json serialization defaults
    aligned across AWS SDKs
  * api-change:``directconnect``: [``botocore``] This release adds 4 new APIS,
    which needs to be public able
  * api-change:``securityhub``: [``botocore``] Added support for cross-Region finding
    aggregation, which replicates findings from linked Regions to a single aggregation
    Region. Added operations to view, enable, update, and delete the finding aggregation.
- from version 1.18.65
  * api-change:``dataexchange``: [``botocore``] This release adds support for our public
    preview of AWS Data Exchange for Amazon Redshift. This enables data providers to list
    products including AWS Data Exchange datashares for Amazon Redshift, giving subscribers
    read-only access to provider data in Amazon Redshift.
  * api-change:``chime-sdk-messaging``: [``botocore``] The Amazon Chime SDK now allows
    developers to execute business logic on in-flight messages before they are delivered
    to members of a messaging channel with channel flows.
- from version 1.18.64
  * api-change:``quicksight``: [``botocore``] AWS QuickSight Service  Features - Add IP
    Restriction UI and public APIs support.
  * enchancement:AWSCRT: [``botocore``] Upgrade awscrt extra to 0.12.5
  * api-change:``ivs``: [``botocore``] Bug fix: remove unsupported maxResults and
    nextToken pagination parameters from ListTagsForResource
- from version 1.18.63
  * api-change:``efs``: [``botocore``] Update efs client to latest version
  * api-change:``glue``: [``botocore``] Enable S3 event base crawler API.
- from version 1.18.62
  * api-change:``elbv2``: [``botocore``] Update elbv2 client to latest version
  * api-change:``autoscaling``: [``botocore``] Amazon EC2 Auto Scaling now supports
    filtering describe Auto Scaling groups API using tags
  * api-change:``sagemaker``: [``botocore``] This release updates the provisioning
    artifact ID to an optional parameter in CreateProject API. The provisioning
    artifact ID defaults to the latest provisioning artifact ID of the product
    if you don't provide one.
  * api-change:``robomaker``: [``botocore``] Adding support to GPU simulation jobs
    as well as non-ROS simulation jobs.
- from version 1.18.61
  * api-change:``config``: [``botocore``] Adding Config support for AWS::OpenSearch::Domain
  * api-change:``ec2``: [``botocore``] This release adds support for additional
    VPC Flow Logs delivery options to S3, such as Apache Parquet formatted files,
    Hourly partitions and Hive-compatible S3 prefixes
  * api-change:``storagegateway``: [``botocore``] Adding support for Audit Logs
    on NFS shares and Force Closing Files on SMB shares.
  * api-change:``workmail``: [``botocore``] This release adds APIs for adding,
    removing and retrieving details of mail domains
  * api-change:``kinesisanalyticsv2``: [``botocore``] Support for Apache Flink 1.13
    in Kinesis Data Analytics. Changed the required status of some Update properties
    to better fit the corresponding Create properties.
- from version 1.18.60
  * api-change:``cloudsearch``: [``botocore``] Adds an additional validation exception
    for Amazon CloudSearch configuration APIs for better error handling.
  * api-change:``ecs``: [``botocore``] Documentation only update to address tickets.
  * api-change:``mediatailor``: [``botocore``] MediaTailor now supports ad prefetching.
  * api-change:``ec2``: [``botocore``] EncryptionSupport for InstanceStorageInfo added
    to DescribeInstanceTypes API
- from version 1.18.59
  * api-change:``elbv2``: [``botocore``] Update elbv2 client to latest version
  * bugfix:Signing: [``botocore``] SigV4QueryAuth and CrtSigV4QueryAuth now properly
    respect AWSRequest.params while signing boto/botocore (#2521)
  * api-change:``medialive``: [``botocore``] This release adds support for Transport
    Stream files as an input type to MediaLive encoders.
  * api-change:``ec2``: [``botocore``] Documentation update for Amazon EC2.
  * api-change:``frauddetector``: [``botocore``] New model type: Transaction Fraud
    Insights, which is optimized for online transaction fraud. Stored Events, which
    allows customers to send and store data directly within Amazon Fraud Detector.
    Batch Import, which allows customers to upload a CSV file of historic event
    data for processing and storage
- from version 1.18.58
  * api-change:``lexv2-runtime``: [``botocore``] Update lexv2-runtime client to latest version
  * api-change:``lexv2-models``: [``botocore``] Update lexv2-models client to latest version
  * api-change:``secretsmanager``: [``botocore``] Documentation updates for Secrets Manager
  * api-change:``securityhub``: [``botocore``] Added new resource details objects to
    ASFF, including resources for WAF rate-based rules, EC2 VPC endpoints, ECR repositories,
    EKS clusters, X-Ray encryption, and OpenSearch domains. Added additional details for
    CloudFront distributions, CodeBuild projects, ELB V2 load balancers, and S3 buckets.
  * api-change:``mediaconvert``: [``botocore``] AWS Elemental MediaConvert has added the
    ability to set account policies which control access restrictions for HTTP, HTTPS,
    and S3 content sources.
  * api-change:``ec2``: [``botocore``] This release removes a requirement for filters
    on SearchLocalGatewayRoutes operations.
- from version 1.18.57
  * api-change:``kendra``: [``botocore``] Amazon Kendra now supports indexing and
    querying documents in different languages.
  * api-change:``grafana``: [``botocore``] Initial release of the SDK for Amazon
    Managed Grafana API.
  * api-change:``firehose``: [``botocore``] Allow support for Amazon Opensearch
    Service(successor to Amazon Elasticsearch Service) as a Kinesis Data Firehose
    delivery destination.
  * api-change:``backup``: [``botocore``] Launch of AWS Backup Vault Lock, which protects
    your backups from malicious and accidental actions, works with existing backup policies,
    and helps you meet compliance requirements.
  * api-change:``schemas``: [``botocore``] Removing unused request/response objects.
  * api-change:``chime``: [``botocore``] This release enables customers to configure
    Chime MediaCapturePipeline via API.
- from version 1.18.56
  * api-change:``sagemaker``: [``botocore``] This release adds a new TrainingInputMode
    FastFile for SageMaker Training APIs.
  * api-change:``amplifybackend``: [``botocore``] Adding a new field 'AmplifyFeatureFlags'
    to the response of the GetBackend operation. It will return a stringified version of
    the cli.json file for the given Amplify project.
  * api-change:``fsx``: [``botocore``] This release adds support for Lustre 2.12 to FSx for Lustre.
  * api-change:``kendra``: [``botocore``] Amazon Kendra now supports integration with AWS SSO
- from version 1.18.55
  * api-change:``workmail``: [``botocore``] This release allows customers to change their
    inbound DMARC settings in Amazon WorkMail.
  * api-change:``location``: [``botocore``] Add support for PositionFiltering.
  * api-change:``application-autoscaling``: [``botocore``] With this release, Application
    Auto Scaling adds support for Amazon Neptune. Customers can now automatically add or
    remove Read Replicas of their Neptune clusters to keep the average CPU Utilization at
    the target value specified by the customers.
  * api-change:``ec2``: [``botocore``] Released Capacity Reservation Fleet, a feature of
    Amazon EC2 Capacity Reservations, which provides a way to manage reserved capacity
    across instance types.
    For more information: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/cr-fleets.html
  * api-change:``glue``: [``botocore``] This release adds tag as an input of CreateConnection
  * api-change:``backup``: [``botocore``] AWS Backup Audit Manager framework report.
- from version 1.18.54
  * api-change:``codebuild``: [``botocore``] CodeBuild now allows you to select how batch
    build statuses are sent to the source provider for a project.
  * api-change:``efs``: [``botocore``] Update efs client to latest version
  * api-change:``kms``: [``botocore``] Added SDK examples for ConnectCustomKeyStore,
    CreateCustomKeyStore, CreateKey, DeleteCustomKeyStore, DescribeCustomKeyStores,
    DisconnectCustomKeyStore, GenerateDataKeyPair, GenerateDataKeyPairWithoutPlaintext,
    GetPublicKey, ReplicateKey, Sign, UpdateCustomKeyStore and Verify APIs
- from version 1.18.53
  * api-change:``synthetics``: [``botocore``] CloudWatch Synthetics now enables customers
    to choose a customer managed AWS KMS key or an Amazon S3-managed key instead of an
    AWS managed key (default) for the encryption of artifacts that the canary stores
    in Amazon S3. CloudWatch Synthetics also supports artifact S3 location updation now.
  * api-change:``ssm``: [``botocore``] When "/AutoApprovable"/ is true for a Change Template,
    then specifying --auto-approve (boolean) in Start-Change-Request-Execution will create
    a change request that bypasses approver review. (except for change calendar restrictions)
  * api-change:``apprunner``: [``botocore``] This release contains several minor bug fixes.
- from version 1.18.52
  * api-change:``network-firewall``: [``botocore``] This release adds support for strict
    ordering for stateful rule groups. Using strict ordering, stateful rules are evaluated
    in the exact order in which you provide them.
  * api-change:``dataexchange``: [``botocore``] This release enables subscribers to set up
    automatic exports of newly published revisions using the new EventAction API.
  * api-change:``workmail``: [``botocore``] This release adds support for mobile device
    access overrides management in Amazon WorkMail.
  * api-change:``account``: [``botocore``] This release of the Account Management API enables
    customers to manage the alternate contacts for their AWS accounts.
    For more information, see https://docs.aws.amazon.com/accounts/latest/reference/accounts-welcome.html
  * api-change:``workspaces``: [``botocore``] Added CreateUpdatedWorkspaceImage API to update
    WorkSpace images with latest software and drivers. Updated DescribeWorkspaceImages API to
    display if there are updates available for WorkSpace images.
  * api-change:``cloudcontrol``: [``botocore``] Initial release of the SDK for AWS Cloud Control API
  * api-change:``macie2``: [``botocore``] Amazon S3 bucket metadata now indicates whether an
    error or a bucket's permissions settings prevented Amazon Macie from retrieving data about
    the bucket or the bucket's objects.
- from version 1.18.51
  * api-change:``lambda``: [``botocore``] Adds support for Lambda functions powered by AWS Graviton2
    processors. Customers can now select the CPU architecture for their functions.
  * api-change:``sesv2``: [``botocore``] This release includes the ability to use 2048 bits RSA key
    pairs for DKIM in SES, either with Easy DKIM or Bring Your Own DKIM.
  * api-change:``amp``: [``botocore``] This release adds alert manager and rule group namespace APIs
- from version 1.18.50
  * api-change:``transfer``: [``botocore``] Added changes for managed workflows feature APIs.
  * api-change:``imagebuilder``: [``botocore``] Fix description for AmiDistributionConfiguration
    Name property, which actually refers to the output AMI name. Also updated for consistent
    terminology to use "/base"/ image, and another update to fix description text.
- from version 1.18.49
  * api-change:``appintegrations``: [``botocore``] The Amazon AppIntegrations service enables you
    to configure and reuse connections to external applications.
  * api-change:``wisdom``: [``botocore``] Released Amazon Connect Wisdom, a feature of Amazon Connect,
    which provides real-time recommendations and search functionality in general availability (GA).
    For more information, see https://docs.aws.amazon.com/wisdom/latest/APIReference/Welcome.html.
  * api-change:``pinpoint``: [``botocore``] Added support for journey with contact center activity
  * api-change:``voice-id``: [``botocore``] Released the Amazon Voice ID SDK, for usage with the
    Amazon Connect Voice ID feature released for Amazon Connect.
  * api-change:``connect``: [``botocore``] This release updates a set of APIs: CreateIntegrationAssociation,
    ListIntegrationAssociations, CreateUseCase, and StartOutboundVoiceContact. You can use it to create
    integrations with Amazon Pinpoint for the Amazon Connect Campaigns use case, Amazon Connect Voice ID,
    and Amazon Connect Wisdom.
  * api-change:``elbv2``: [``botocore``] Update elbv2 client to latest version
- from version 1.18.48
  * api-change:``license-manager``: [``botocore``] AWS License Manager now allows customers to get
    the LicenseArn in the Checkout API Response.
  * api-change:``ec2``: [``botocore``] DescribeInstances now returns Platform Details, Usage Operation,
    and Usage Operation Update Time.
- from version 1.18.47
  * api-change:``mediaconvert``: [``botocore``] This release adds style and positioning support for
    caption or subtitle burn-in from rich text sources such as TTML. This release also introduces
    configurable image-based trick play track generation.
  * api-change:``appsync``: [``botocore``] Documented the new OpenSearchServiceDataSourceConfig data
    type. Added deprecation notes to the ElasticsearchDataSourceConfig data type.
  * api-change:``ssm``: [``botocore``] Added cutoff behavior support for preventing new task invocations
    from starting when the maintenance window cutoff time is reached.
- from version 1.18.46
  * api-change:``imagebuilder``: [``botocore``] This feature adds support for specifying GP3 volume
    throughput and configuring instance metadata options for instances launched by EC2 Image Builder.
  * api-change:``wafv2``: [``botocore``] Added the regex match rule statement, for matching web requests
    against a single regular expression.
  * api-change:``mediatailor``: [``botocore``] This release adds support to configure logs
    for playback configuration.
  * api-change:``lexv2-models``: [``botocore``] Update lexv2-models client to latest version
  * api-change:``iam``: [``botocore``] Added changes to OIDC API about not using port
    numbers in the URL.
  * api-change:``license-manager``: [``botocore``] AWS License Manager now allows customers to change
    their Windows Server or SQL license types from Bring-Your-Own-License (BYOL) to License Included
    or vice-versa (using the customer's media).
  * api-change:``mediapackage-vod``: [``botocore``] MediaPackage VOD will now return the current
    processing statuses of an asset's endpoints. The status can be QUEUED, PROCESSING, PLAYABLE,
    or FAILED.
- from version 1.18.45
  * api-change:``comprehend``: [``botocore``] Amazon Comprehend now supports versioning of custom
    models, improved training with ONE_DOC_PER_FILE text documents for custom entity recognition,
    ability to provide specific test sets during training, and live migration to new model endpoints.
  * api-change:``iot``: [``botocore``] This release adds support for verifying, viewing and filtering
    AWS IoT Device Defender detect violations with four verification states.
  * api-change:``ecr``: [``botocore``] This release adds additional support for repository replication
  * api-change:``ec2``: [``botocore``] This update adds support for downloading configuration templates
    using new APIs (GetVpnConnectionDeviceTypes and GetVpnConnectionDeviceSampleConfiguration) and
    Internet Key Exchange version 2 (IKEv2) parameters for many popular CGW devices.
- from version 1.18.44
  * api-change:``opensearch``: [``botocore``] This release adds an optional parameter in the
    ListDomainNames API to filter domains based on the engine type (OpenSearch/Elasticsearch).
  * api-change:``es``: [``botocore``] This release adds an optional parameter in the ListDomainNames API
    to filter domains based on the engine type (OpenSearch/Elasticsearch).
  * api-change:``dms``: [``botocore``] Optional flag force-planned-failover added to
    reboot-replication-instance API call. This flag can be used to test a planned failover
    scenario used during some maintenance operations.
- from version 1.18.43
  * api-change:``kafkaconnect``: [``botocore``] This is the initial SDK release for Amazon
    Managed Streaming for Apache Kafka Connect (MSK Connect).
  * api-change:``macie2``: [``botocore``] This release adds support for specifying which
    managed data identifiers are used by a classification job, and retrieving a list of
    managed data identifiers that are available.
  * api-change:``robomaker``: [``botocore``] Adding support to create container based
    Robot and Simulation applications by introducing an environment field
  * api-change:``s3``: [``botocore``] Add support for access point arn filtering in
    S3 CW Request Metrics
  * api-change:``transcribe``: [``botocore``] This release adds support for subtitling
    with Amazon Transcribe batch jobs.
  * api-change:``sagemaker``: [``botocore``] Add API for users to retry a failed pipeline
    execution or resume a stopped one.
  * api-change:``pinpoint``: [``botocore``] This SDK release adds a new feature for
    Pinpoint campaigns, in-app messaging.
- from versionm 1.18.42
  * api-change:``sagemaker``: [``botocore``] This release adds support for "/Project Search"/
  * api-change:``ec2``: [``botocore``] This release adds support for vt1 3xlarge, 6xlarge
    and 24xlarge instances powered by Xilinx Alveo U30 Media Accelerators for video
    transcoding workloads
  * api-change:``wafv2``: [``botocore``] This release adds support for including rate
    based rules in a rule group.
  * api-change:``chime``: [``botocore``] Adds support for SipHeaders parameter for
    CreateSipMediaApplicationCall.
  * api-change:``comprehend``: [``botocore``] Amazon Comprehend now allows you to train
    and run PDF and Word documents for custom entity recognition. With PDF and Word formats,
    you can extract information from documents containing headers, lists and tables.
- from version 1.18.41
  * api-change:``iot``: [``botocore``] AWS IoT Rules Engine adds OpenSearch action. The
    OpenSearch rule action lets you stream data from IoT sensors and applications to Amazon
    OpenSearch Service which is a successor to Amazon Elasticsearch Service.
  * api-change:``ec2``: [``botocore``] Adds support for T3 instances on Amazon EC2 Dedicated Hosts.
  * enhancement:Tagged Unions: [``botocore``] Introducing support for the `union` trait
    on structures in request and response objects.
- from version 1.18.40
  * api-change:``cloudformation``: [``botocore``] Doc only update for CloudFormation that
    fixes several customer-reported issues.
  * api-change:``rds``: [``botocore``] This release adds support for providing a custom timeout
    value for finding a scaling point during autoscaling in Aurora Serverless v1.
  * api-change:``ecr``: [``botocore``] This release updates terminology around KMS keys.
  * api-change:``sagemaker``: [``botocore``] This release adds support for
    "/Lifecycle Configurations"/ to SageMaker Studio
  * api-change:``transcribe``: [``botocore``] This release adds an API option for
    startTranscriptionJob and startMedicalTranscriptionJob that allows the user to
    specify encryption context key value pairs for batch jobs.
  * api-change:``quicksight``: [``botocore``] Add new data source type for Amazon
    OpenSearch (successor to Amazon ElasticSearch).
- from version 1.18.39
  * api-change:``emr``: [``botocore``] Update emr client to latest version
  * api-change:``codeguru-reviewer``: [``botocore``] The Amazon CodeGuru Reviewer API
    now includes the RuleMetadata data object and a Severity attribute on a
    RecommendationSummary object. A RuleMetadata object contains information about a
    rule that generates a recommendation. Severity indicates how severe the issue
    associated with a recommendation is.
  * api-change:``lookoutequipment``: [``botocore``] Added OffCondition parameter to CreateModel API
- from version 1.18.38
  * api-change:``opensearch``: [``botocore``] Updated Configuration APIs for Amazon
    OpenSearch Service (successor to Amazon Elasticsearch Service)
  * api-change:``ram``: [``botocore``] A minor text-only update that fixes several
    customer issues.
  * api-change:``kafka``: [``botocore``] Amazon MSK has added a new API that allows
    you to update the encrypting and authentication settings for an existing cluster.
- from version 1.18.37
  * api-change:``elasticache``: [``botocore``] Doc only update for ElastiCache
  * api-change:``amp``: [``botocore``] This release adds tagging support for
    Amazon Managed Service for Prometheus workspace.
  * api-change:``forecast``: [``botocore``] Predictor creation now supports selecting
    an accuracy metric to optimize in AutoML and hyperparameter optimization. This
    release adds additional accuracy metrics for predictors - AverageWeightedQuantileLoss,
    MAPE and MASE.
  * api-change:``xray``: [``botocore``] Updated references to AWS KMS keys and customer
    managed keys to reflect current terminology.
  * api-change:``ssm-contacts``: [``botocore``] Added SDK examples for SSM-Contacts.
  * api-change:``mediapackage``: [``botocore``] SPEKE v2 support for live CMAF packaging
    type. SPEKE v2 is an upgrade to the existing SPEKE API to support multiple encryption
    keys, it supports live DASH currently.
  * api-change:``eks``: [``botocore``] Adding RegisterCluster and DeregisterCluster operations,
    to support connecting external clusters to EKS.
- from version 1.18.36
  * api-change:``chime-sdk-identity``: [``botocore``] Documentation updates for Chime
  * api-change:``chime-sdk-messaging``: [``botocore``] Documentation updates for Chime
  * api-change:``outposts``: [``botocore``] This release adds a new API CreateOrder.
  * api-change:``frauddetector``: [``botocore``] Enhanced GetEventPrediction API response
    to include risk scores from imported SageMaker models
  * api-change:``codeguru-reviewer``: [``botocore``] Added support for CodeInconsistencies
    detectors
- from version 1.18.35
  * api-change:``acm-pca``: [``botocore``] Private Certificate Authority Service now allows
    customers to enable an online certificate status protocol (OCSP) responder service on
    their private certificate authorities. Customers can also optionally configure a custom
    CNAME for their OCSP responder.
  * api-change:``s3control``: [``botocore``] S3 Multi-Region Access Points provide a single
    global endpoint to access a data set that spans multiple S3 buckets in different AWS Regions.
  * api-change:``accessanalyzer``: [``botocore``] Updates service API, documentation, and
    paginators to support multi-region access points from Amazon S3.
  * api-change:``schemas``: [``botocore``] This update include the support for Schema Discoverer
    to discover the events sent to the bus from another account. The feature will be enabled by
    default when discoverer is created or updated but can also be opt-in or opt-out by specifying
    the value for crossAccount.
  * api-change:``securityhub``: [``botocore``] New ASFF Resources: AwsAutoScalingLaunchConfiguration,
    AwsEc2VpnConnection, AwsEcrContainerImage. Added KeyRotationStatus to AwsKmsKey. Added
    AccessControlList, BucketLoggingConfiguration,BucketNotificationConfiguration and
    BucketNotificationConfiguration to AwsS3Bucket.
  * enhancement:s3: [``botocore``] Added support for S3 Multi-Region Access Points
  * api-change:``efs``: [``botocore``] Update efs client to latest version
  * api-change:``transfer``: [``botocore``] AWS Transfer Family introduces Managed Workflows
    for creating, executing, monitoring, and standardizing post file transfer processing
  * api-change:``ebs``: [``botocore``] Documentation updates for Amazon EBS direct APIs.
  * api-change:``quicksight``: [``botocore``] This release adds support for referencing parent
    datasets as sources in a child dataset.
  * api-change:``fsx``: [``botocore``] Announcing Amazon FSx for NetApp ONTAP, a new service
    that provides fully managed shared storage in the AWS Cloud with the data access and
    management capabilities of ONTAP.
  * enhancement:Signers: [``botocore``] Added support for Sigv4a Signing Algorithm
  * api-change:``lex-models``: [``botocore``] Lex now supports Korean (ko-KR) locale.
- from version 1.18.34
  * api-change:``ec2``: [``botocore``] Added LaunchTemplate support for the IMDS IPv6 endpoint
  * api-change:``cloudtrail``: [``botocore``] Documentation updates for CloudTrail
  * api-change:``mediatailor``: [``botocore``] This release adds support for wall
    clock programs in LINEAR channels.
  * api-change:``config``: [``botocore``] Documentation updates for config
  * api-change:``servicecatalog-appregistry``: [``botocore``] Introduction of
    GetAssociatedResource API and GetApplication response extension for Resource
    Groups support.
- Switch tests from nose to pytest
- Update BuildRequires and Requires from setup.py
- Update to version 1.18.33
  * sync python-botocore dependency with setup.py
  * api-change:``iot``: [``botocore``] Added
  Create/Update/Delete/Describe/List APIs for a new IoT resource named
  FleetMetric. Added a new Fleet Indexing query API named
  GetBucketsAggregation. Added a new field named DisconnectedReason in
  Fleet Indexing query response. Updated their related documentations.
  * api-change:``polly``: [``botocore``] Amazon Polly adds new South
  African English voice - Ayanda. Ayanda is available as Neural voice
  only.
  * api-change:``compute-optimizer``: [``botocore``] Documentation
  updates for Compute Optimizer
  * api-change:``sqs``: [``botocore``] Amazon SQS adds a new queue
  attribute, RedriveAllowPolicy, which includes the dead-letter queue
  redrive permission parameters. It defines which source queues can
  specify dead-letter queues as a JSON object.
  * api-change:``memorydb``: [``botocore``] Documentation updates for
  MemoryDB
- from version 1.18.32
  * api-change:``codebuild``: [``botocore``] Documentation updates for
  CodeBuild
  * api-change:``firehose``: [``botocore``] This release adds the
  Dynamic Partitioning feature to Kinesis Data Firehose service for S3
  destinations.
  * api-change:``kms``: [``botocore``] This release has changes to KMS
  nomenclature to remove the word master from both the "/Customer master
  key"/ and "/CMK"/ abbreviation and replace those naming conventions with
  "/KMS key"/.
  * api-change:``cloudformation``: [``botocore``] AWS CloudFormation
  allows you to iteratively develop your applications when failures are
  encountered without rolling back successfully provisioned resources.
  By specifying stack failure options, you can troubleshoot resources in
  a CREATE_FAILED or UPDATE_FAILED status.
- from version 1.18.31
  * api-change:``s3``: [``botocore``] Documentation updates for Amazon
  S3.
  * api-change:``emr``: [``botocore``] Update emr client to latest
  version
  * api-change:``ec2``: [``botocore``] This release adds the BootMode
  flag to the ImportImage API and showing the detected BootMode of an
  ImportImage task.
- from version 1.18.30
  * api-change:``transcribe``: [``botocore``] This release adds support
  for batch transcription in six new languages - Afrikaans, Danish,
  Mandarin Chinese (Taiwan), New Zealand English, South African English,
  and Thai.
  * api-change:``rekognition``: [``botocore``] This release added new
  attributes to Rekognition RecognizeCelebities and GetCelebrityInfo API
  operations.
  * api-change:``ec2``: [``botocore``] Support added for resizing VPC
  prefix lists
  * api-change:``compute-optimizer``: [``botocore``] Adds support for 1)
  the AWS Graviton (AWS_ARM64) recommendation preference for Amazon EC2
  instance and Auto Scaling group recommendations, and 2) the ability to
  get the enrollment statuses for all member accounts of an
  organization.
- from version 1.18.29
  * api-change:``fms``: [``botocore``] AWS Firewall Manager now supports
  triggering resource cleanup workflow when account or resource goes out
  of policy scope for AWS WAF, Security group, AWS Network Firewall, and
  Amazon Route 53 Resolver DNS Firewall policies.
  * api-change:``ec2``: [``botocore``] Support added for IMDS IPv6
  endpoint
  * api-change:``datasync``: [``botocore``] Added include filters to
  CreateTask and UpdateTask, and added exclude filters to
  StartTaskExecution, giving customers more granular control over how
  DataSync transfers files, folders, and objects.
  * api-change:``events``: [``botocore``] AWS CWEvents adds an enum of
  EXTERNAL for EcsParameters LaunchType for PutTargets API
- from version 1.18.28
  * api-change:``mediaconvert``: [``botocore``] AWS Elemental
  MediaConvert SDK has added MBAFF encoding support for AVC video and
  the ability to pass encryption context from the job settings to S3.
  * api-change:``polly``: [``botocore``] Amazon Polly adds new New
  Zealand English voice - Aria. Aria is available as Neural voice only.
  * api-change:``transcribe``: [``botocore``] This release adds support
  for feature tagging with Amazon Transcribe batch jobs.
  * api-change:``ssm``: [``botocore``] Updated Parameter Store property
  for logging improvements.
  * api-change:``iot-data``: [``botocore``] Updated Publish with support
  for new Retain flag and added two new API operations:
  GetRetainedMessage, ListRetainedMessages.
- from version 1.18.27
  * api-change:``dms``: [``botocore``] Amazon AWS DMS service now
  support Redis target endpoint migration. Now S3 endpoint setting is
  capable to setup features which are used to be configurable only in
  extract connection attributes.
  * api-change:``frauddetector``: [``botocore``] Updated an element of
  the DescribeModelVersion API response (LogitMetrics -> logOddsMetrics)
  for clarity. Added new exceptions to several APIs to protect against
  unlikely scenarios.
  * api-change:``iotsitewise``: [``botocore``] Documentation updates for
  AWS IoT SiteWise
  * api-change:``dlm``: [``botocore``] Added AMI deprecation support for
  Amazon Data Lifecycle Manager EBS-backed AMI policies.
  * api-change:``glue``: [``botocore``] Add support for Custom
  Blueprints
  * api-change:``apigateway``: [``botocore``] Adding some of the pending
  releases (1) Adding WAF Filter to GatewayResponseType enum (2)
  Ensuring consistent error model for all operations (3) Add missing BRE
  to GetVpcLink operation
  * api-change:``backup``: [``botocore``] AWS Backup - Features:
  Evaluate your backup activity and generate audit reports.
- from version 1.18.26
  * api-change:``eks``: [``botocore``] Adds support for EKS add-ons
  "/preserve"/ flag, which allows customers to maintain software on their
  EKS clusters after removing it from EKS add-ons management.
  * api-change:``comprehend``: [``botocore``] Add tagging support for
  Comprehend async inference job.
  * api-change:``robomaker``: [``botocore``] Documentation updates for
  RoboMaker
  * api-change:``ec2``: [``botocore``] encryptionInTransitSupported
  added to DescribeInstanceTypes API
- from version 1.18.25
  * api-change:``ec2``: [``botocore``] The ImportImage API now supports
  the ability to create AMIs with AWS-managed licenses for Microsoft SQL
  Server for both Windows and Linux.
  * api-change:``memorydb``: [``botocore``] AWS MemoryDB  SDK now
  supports all APIs for newly launched MemoryDB service.
  * api-change:``application-autoscaling``: [``botocore``] This release
  extends Application Auto Scaling support for replication group of
  Amazon ElastiCache Redis clusters. Auto Scaling monitors and
  automatically expands node group count and number of replicas per node
  group when a critical usage threshold is met or according to customer-
  defined schedule.
  * api-change:``appflow``: [``botocore``] This release adds support for
  SAPOData connector and extends Veeva connector for document
  extraction.
- from version 1.18.24
  * api-change:``codebuild``: [``botocore``] CodeBuild now allows you to
  make the build results for your build projects available to the public
  without requiring access to an AWS account.
  * api-change:``route53``: [``botocore``] Documentation updates for
  route53
  * api-change:``sagemaker-runtime``: [``botocore``] Update sagemaker-
  runtime client to latest version
  * api-change:``route53resolver``: [``botocore``] Documentation updates
  for Route 53 Resolver
  * api-change:``sagemaker``: [``botocore``] Amazon SageMaker now
  supports Asynchronous Inference endpoints. Adds PlatformIdentifier
  field that allows Notebook Instance creation with different platform
  selections. Increases the maximum number of containers in multi-
  container endpoints to 15. Adds more instance types to InstanceType
  field.
- from version 1.18.23
  * api-change:``cloud9``: [``botocore``] Added DryRun parameter to
  CreateEnvironmentEC2 API. Added ManagedCredentialsActions parameter to
  UpdateEnvironment API
  * api-change:``ec2``: [``botocore``] This release adds support for EC2
  ED25519 key pairs for authentication
  * api-change:``clouddirectory``: [``botocore``] Documentation updates
  for clouddirectory
  * api-change:``ce``: [``botocore``] This release is a new feature for
  Cost Categories: Split charge rules. Split charge rules enable you to
  allocate shared costs between your cost category values.
  * api-change:``logs``: [``botocore``] Documentation-only update for
  CloudWatch Logs
- from version 1.18.22
  * api-change:``iotsitewise``: [``botocore``] AWS IoT SiteWise added
  query window for the interpolation interval. AWS IoT SiteWise computes
  each interpolated value by using data points from the timestamp of
  each interval minus the window to the timestamp of each interval plus
  the window.
  * api-change:``s3``: [``botocore``] Documentation updates for Amazon
  S3
  * api-change:``codebuild``: [``botocore``] CodeBuild now allows you to
  select how batch build statuses are sent to the source provider for a
  project.
  * api-change:``ds``: [``botocore``] This release adds support for
  describing client authentication settings.
  * api-change:``config``: [``botocore``] Update ResourceType enum with
  values for Backup Plan, Selection, Vault, RecoveryPoint; ECS Cluster,
  Service, TaskDefinition; EFS AccessPoint, FileSystem; EKS Cluster; ECR
  Repository resources
  * api-change:``license-manager``: [``botocore``] AWS License Manager
  now allows end users to call CheckoutLicense API using new
  CheckoutType PERPETUAL. Perpetual checkouts allow sellers to check out
  a quantity of entitlements to be drawn down for consumption.
- from version 1.18.21
  * api-change:``quicksight``: [``botocore``] Documentation updates for
  QuickSight.
  * api-change:``emr``: [``botocore``] Update emr client to latest
  version
  * api-change:``customer-profiles``: [``botocore``] This release
  introduces Standard Profile Objects, namely Asset and Case which
  contain values populated by data from third party systems and belong
  to a specific profile. This release adds an optional parameter,
  ObjectFilter to the ListProfileObjects API in order to search for
  these Standard Objects.
  * api-change:``elasticache``: [``botocore``] This release adds
  ReplicationGroupCreateTime field to ReplicationGroup which indicates
  the UTC time when ElastiCache ReplicationGroup is created
- from version 1.18.20
  * api-change:``sagemaker``: [``botocore``] Amazon SageMaker Autopilot
  adds new metrics for all candidate models generated by Autopilot
  experiments.
  * api-change:``apigatewayv2``: [``botocore``] Adding support for ACM
  imported or private CA certificates for mTLS enabled domain names
  * api-change:``apigateway``: [``botocore``] Adding support for ACM
  imported or private CA certificates for mTLS enabled domain names
  * api-change:``databrew``: [``botocore``] This SDK release adds
  support for the output of a recipe job results to Tableau Hyper
  format.
  * api-change:``lambda``: [``botocore``] Lambda Python 3.9 runtime
  launch
- from version 1.18.19
  * api-change:``snow-device-management``: [``botocore``] AWS Snow
  Family customers can remotely monitor and operate their connected AWS
  Snowcone devices.
  * api-change:``ecs``: [``botocore``] Documentation updates for ECS.
  * api-change:``nimble``: [``botocore``] Add new attribute 'ownedBy' in
  Streaming Session APIs. 'ownedBy' represents the AWS SSO Identity
  Store User ID of the owner of the Streaming Session resource.
  * api-change:``codebuild``: [``botocore``] CodeBuild now allows you to
  make the build results for your build projects available to the public
  without requiring access to an AWS account.
  * api-change:``ebs``: [``botocore``] Documentation updates for Amazon
  EBS direct APIs.
  * api-change:``route53``: [``botocore``] Documentation updates for
  route53
- from version 1.18.18
  * api-change:``chime``: [``botocore``] Add support for "/auto"/ in
  Region field of StartMeetingTranscription API request.
  * enchancement:Client: [``botocore``] Improve client performance by
  caching _alias_event_name on EventAliaser
- from version 1.18.17
  * api-change:``wafv2``: [``botocore``] This release adds APIs to
  support versioning feature of AWS WAF Managed rule groups
  * api-change:``rekognition``: [``botocore``] This release adds support
  for four new types of segments (opening credits, content segments,
  slates, and studio logos), improved accuracy for credits and shot
  detection and new filters to control black frame detection.
  * api-change:``ssm``: [``botocore``] Documentation updates for AWS
  Systems Manager.
- from version 1.18.16
  * api-change:``synthetics``: [``botocore``] Documentation updates for
  Visual Monitoring feature and other doc ticket fixes.
  * api-change:``chime-sdk-identity``: [``botocore``] The Amazon Chime
  SDK Identity APIs allow software developers to create and manage
  unique instances of their messaging applications.
  * api-change:``chime-sdk-messaging``: [``botocore``] The Amazon Chime
  SDK Messaging APIs allow software developers to send and receive
  messages in custom messaging applications.
  * api-change:``connect``: [``botocore``] This release adds support for
  agent status and hours of operation. For details, see the Release
  Notes in the Amazon Connect Administrator Guide.
  * api-change:``lightsail``: [``botocore``] This release adds support
  to track when a bucket access key was last used.
  * api-change:``athena``: [``botocore``] Documentation updates for
  Athena.
- from version 1.18.15
  * api-change:``lexv2-models``: [``botocore``] Update lexv2-models
  client to latest version
  * api-change:``autoscaling``: [``botocore``] EC2 Auto Scaling adds
  configuration checks and Launch Template validation to Instance
  Refresh.
- from version 1.18.14
  * api-change:``rds``: [``botocore``] This release adds
  AutomaticRestartTime to the DescribeDBInstances and DescribeDBClusters
  operations. AutomaticRestartTime indicates the time when a stopped DB
  instance or DB cluster is restarted automatically.
  * api-change:``imagebuilder``: [``botocore``] Updated list actions to
  include a list of valid filters that can be used in the request.
  * api-change:``transcribe``: [``botocore``] This release adds support
  for call analytics (batch) within Amazon Transcribe.
  * api-change:``events``: [``botocore``] Update events client to latest
  version
  * api-change:``ssm-incidents``: [``botocore``] Documentation updates
  for Incident Manager.
- from version 1.18.13
  * api-change:``redshift``: [``botocore``] API support for Redshift
  Data Sharing feature.
  * api-change:``iotsitewise``: [``botocore``] My AWS Service
  (placeholder) - This release introduces custom Intervals and offset
  for tumbling window in metric for AWS IoT SiteWise.
  * api-change:``glue``: [``botocore``] Add
  ConcurrentModificationException to create-table, delete-table, create-
  database, update-database, delete-database
  * api-change:``mediaconvert``: [``botocore``] AWS Elemental
  MediaConvert SDK has added control over the passthrough of XDS
  captions metadata to outputs.
  * api-change:``proton``: [``botocore``] Docs only add idempotent
  create apis
- from version 1.18.12
  * api-change:``ssm-contacts``: [``botocore``] Added new attribute in
  AcceptCode API. AcceptCodeValidation takes in two values - ENFORCE,
  IGNORE. ENFORCE forces validation of accept code and IGNORE ignores it
  which is also the default behavior; Corrected TagKeyList length from
  200 to 50
  * api-change:``greengrassv2``: [``botocore``] This release adds
  support for component system resource limits and idempotent Create
  operations. You can now specify the maximum amount of CPU and memory
  resources that each component can use.
- from version 1.18.11
  * api-change:``appsync``: [``botocore``] AWS AppSync now supports a
  new authorization mode allowing you to define your own authorization
  logic using an AWS Lambda function.
  * api-change:``elbv2``: [``botocore``] Update elbv2 client to latest
  version
  * api-change:``secretsmanager``: [``botocore``] Add support for
  KmsKeyIds in the ListSecretVersionIds API response
  * api-change:``sagemaker``: [``botocore``] API changes with respect to
  Lambda steps in model building pipelines. Adds several waiters to
  async Sagemaker Image APIs. Add more instance types to AppInstanceType
  field
- from version 1.18.10
  * api-change:``savingsplans``: [``botocore``] Documentation update for
  valid Savings Plans offering ID pattern
  * api-change:``ec2``: [``botocore``] This release adds support for
  G4ad xlarge and 2xlarge instances powered by AMD Radeon Pro V520 GPUs
  and AMD 2nd Generation EPYC processors
  * api-change:``chime``: [``botocore``] Adds support for live
  transcription of meetings with Amazon Transcribe and Amazon Transcribe
  Medical.  The new APIs, StartMeetingTranscription and
  StopMeetingTranscription, control the generation of user-attributed
  transcriptions sent to meeting clients via Amazon Chime SDK data
  messages.
  * api-change:``iotsitewise``: [``botocore``] Added support for AWS IoT
  SiteWise Edge. You can now create an AWS IoT SiteWise gateway that
  runs on AWS IoT Greengrass V2. With the gateway,  you can collect
  local server and equipment data, process the data, and export the
  selected data from the edge to the AWS Cloud.
  * api-change:``iot``: [``botocore``] Increase maximum credential
  duration of role alias to 12 hours.
- from version 1.18.9
  * api-change:``sso-admin``: [``botocore``] Documentation updates for
  arn:aws:trebuchet:::service:v1:03a2216d-1cda-4696-9ece-1387cb6f6952
  * api-change:``cloudformation``: [``botocore``] SDK update to support
  Importing existing Stacks to new/existing Self Managed StackSet -
  Stack Import feature.
- from version 1.18.8
  * api-change:``route53``: [``botocore``] This release adds support for
  the RECOVERY_CONTROL health check type to be used in conjunction with
  Route53 Application Recovery Controller.
  * api-change:``iotwireless``: [``botocore``] Add
  SidewalkManufacturingSn as an identifier to allow Customer to query
  WirelessDevice, in the response, AmazonId is added in the case that
  Sidewalk device is return.
  * api-change:``route53-recovery-control-config``: [``botocore``]
  Amazon Route 53 Application Recovery Controller's routing control -
  Routing Control Configuration APIs help you create and delete
  clusters, control panels, routing controls and safety rules. State
  changes (On/Off) of routing controls are not part of configuration
  APIs.
  * api-change:``route53-recovery-readiness``: [``botocore``] Amazon
  Route 53 Application Recovery Controller's readiness check capability
  continually monitors resource quotas, capacity, and network routing
  policies to ensure that the recovery environment is scaled and
  configured to take over when needed.
  * api-change:``quicksight``: [``botocore``] Add support to use row-
  level security with tags when embedding dashboards for users not
  provisioned in QuickSight
  * api-change:``iotanalytics``: [``botocore``] IoT Analytics now
  supports creating a dataset resource with IoT SiteWise
  MultiLayerStorage data stores, enabling customers to query industrial
  data within the service. This release includes adding JOIN
  functionality for customers to query multiple data sources in a
  dataset.
  * api-change:``shield``: [``botocore``] Change name of DDoS Response
  Team (DRT) to Shield Response Team (SRT)
  * api-change:``lexv2-models``: [``botocore``] Update lexv2-models
  client to latest version
  * api-change:``redshift-data``: [``botocore``] Added structures to
  support new Data API operation BatchExecuteStatement, used to execute
  multiple SQL statements within a single transaction.
  * api-change:``route53-recovery-cluster``: [``botocore``] Amazon Route
  53 Application Recovery Controller's routing control - Routing Control
  Data Plane APIs help you update the state (On/Off) of the routing
  controls to reroute traffic across application replicas in a 100%
  available manner.
  * api-change:``batch``: [``botocore``] Add support for ListJob filters
python-botocore
- Update to 1.26.4 (bsc#1199716)
  * api-change:``gamesparks``: This release adds an optional DeploymentResult field in the responses
    of GetStageDeploymentIntegrationTests and ListStageDeploymentIntegrationTests APIs.
  * enhancement:StreamingBody: Allow StreamingBody to be used as a context manager
  * api-change:``lookoutmetrics``: In this release we added SnsFormat to SNSConfiguration to support
    human readable alert.
- from version 1.26.3
  * api-change:``greengrassv2``: This release adds the new DeleteDeployment API operation that you
    can use to delete deployment resources. This release also adds support for discontinued
    AWS-provided components, so AWS can communicate when a component has any issues that you should
    consider before you deploy it.
  * api-change:``quicksight``: API UpdatePublicSharingSettings enables IAM admins to enable/disable
    account level setting for public access of dashboards. When enabled, owners/co-owners for
    dashboards can enable public access on their dashboards. These dashboards can only be accessed
    through share link or embedding.
  * api-change:``appmesh``: This release updates the existing Create and Update APIs for meshes and
    virtual nodes by adding a new IP preference field. This new IP preference field can be used to
    control the IP versions being used with the mesh and allows for IPv6 support within App Mesh.
  * api-change:``batch``: Documentation updates for AWS Batch.
  * api-change:``iotevents-data``: Introducing new API for deleting detectors: BatchDeleteDetector.
  * api-change:``transfer``: AWS Transfer Family now supports SetStat server configuration option,
    which provides the ability to ignore SetStat command issued by file transfer clients, enabling
    customers to upload files without any errors.
- from version 1.26.2
  * api-change:``kms``: Add HMAC best practice tip, annual rotation of AWS managed keys.
  * api-change:``glue``: This release adds a new optional parameter called codeGenNodeConfiguration
    to CRUD job APIs that allows users to manage visual jobs via APIs. The updated CreateJob and
    UpdateJob will create jobs that can be viewed in Glue Studio as a visual graph. GetJob can be used
    to get codeGenNodeConfiguration.
- Update to 1.26.1
  * api-change:``resiliencehub``: In this release, we are introducing support for Amazon Elastic
    Container Service, Amazon Route 53, AWS Elastic Disaster Recovery, AWS Backup in addition to the
    existing supported Services.  This release also supports Terraform file input from S3 and
    scheduling daily assessments
  * api-change:``servicecatalog``: Updated the descriptions for the ListAcceptedPortfolioShares API
    description and the PortfolioShareType parameters.
  * api-change:``discovery``: Add Migration Evaluator Collector details to the GetDiscoverySummary
    API response
  * api-change:``sts``: Documentation updates for AWS Security Token Service.
  * api-change:``workspaces-web``: Amazon WorkSpaces Web now supports Administrator timeout control
  * api-change:``rekognition``: Documentation updates for Amazon Rekognition.
  * api-change:``cloudfront``: Introduced a new error (TooLongCSPInResponseHeadersPolicy) that is
    returned when the value of the Content-Security-Policy header in a response headers policy exceeds
    the maximum allowed length.
- from version 1.26.0
  * feature:Loaders: Support for loading gzip compressed model files.
  * api-change:``grafana``: This release adds APIs for creating and deleting API keys in an Amazon
    Managed Grafana workspace.
- from version 1.25.13
  * api-change:``ivschat``: Documentation-only updates for IVS Chat API Reference.
  * api-change:``lambda``: Lambda releases NodeJs 16 managed runtime to be available in all
    commercial regions.
  * api-change:``kendra``: Amazon Kendra now provides a data source connector for Jira. For more
    information, see https://docs.aws.amazon.com/kendra/latest/dg/data-source-jira.html
  * api-change:``transfer``: AWS Transfer Family now accepts ECDSA keys for server host keys
  * api-change:``iot``: Documentation update for China region ListMetricValues for IoT
  * api-change:``workspaces``: Increased the character limit of the login message from 600 to 850
    characters.
  * api-change:``finspace-data``: We've now deprecated CreateSnapshot permission for creating a data
    view, instead use CreateDataView permission.
  * api-change:``lightsail``: This release adds support to include inactive database bundles in the
    response of the GetRelationalDatabaseBundles request.
  * api-change:``outposts``: Documentation updates for AWS Outposts.
  * api-change:``ec2``: This release introduces a target type Gateway Load Balancer Endpoint for
    mirrored traffic. Customers can now specify GatewayLoadBalancerEndpoint option during the creation
    of a traffic mirror target.
  * api-change:``ssm-incidents``: Adding support for dynamic SSM Runbook parameter values. Updating
    validation pattern for engagements. Adding ConflictException to UpdateReplicationSet API contract.
- from version 1.25.12
  * api-change:``secretsmanager``: Doc only update for Secrets Manager that fixes several
    customer-reported issues.
  * api-change:``ec2``: This release updates AWS PrivateLink APIs to support IPv6 for PrivateLink
    Services and Endpoints of type 'Interface'.
- Update to 1.25.11
  * api-change:``migration-hub-refactor-spaces``: AWS Migration Hub Refactor Spaces documentation
    only update to fix a formatting issue.
  * api-change:``ec2``: Added support for using NitroTPM and UEFI Secure Boot on EC2 instances.
  * api-change:``emr``: Update emr client to latest version
  * api-change:``compute-optimizer``: Documentation updates for Compute Optimizer
  * api-change:``eks``: Adds BOTTLEROCKET_ARM_64_NVIDIA and BOTTLEROCKET_x86_64_NVIDIA AMI types to
    EKS managed nodegroups
- from version 1.25.10
  * api-change:``evidently``: Add detail message inside GetExperimentResults API response to indicate
    experiment result availability
  * api-change:``ssm-contacts``: Fixed an error in the DescribeEngagement example for AWS Incident
    Manager.
  * api-change:``cloudcontrol``: SDK release for Cloud Control API to include paginators for Python
    SDK.
- from version 1.25.9
  * api-change:``rds``: Various documentation improvements.
  * api-change:``redshift``: Introduces new field 'LoadSampleData' in CreateCluster operation.
    Customers can now specify 'LoadSampleData' option during creation of a cluster, which results in
    loading of sample data in the cluster that is created.
  * api-change:``ec2``: Add new state values for IPAMs, IPAM Scopes, and IPAM Pools.
  * api-change:``mediapackage``: This release adds Dvb Dash 2014 as an available profile option for
    Dash Origin Endpoints.
  * api-change:``securityhub``: Documentation updates for Security Hub API reference
  * api-change:``location``: Amazon Location Service now includes a MaxResults parameter for
    ListGeofences requests.
- from version 1.25.8
  * api-change:``ec2``: Amazon EC2 I4i instances are powered by 3rd generation Intel Xeon Scalable
    processors and feature up to 30 TB of local AWS Nitro SSD storage
  * api-change:``kendra``: AWS Kendra now supports hierarchical facets for a query. For more
    information, see https://docs.aws.amazon.com/kendra/latest/dg/filtering.html
  * api-change:``iot``: AWS IoT Jobs now allows you to create up to 100,000 active continuous and
    snapshot jobs by using concurrency control.
  * api-change:``datasync``: AWS DataSync now supports a new ObjectTags Task API option that can be
    used to control whether Object Tags are transferred.
- from version 1.25.7
  * api-change:``ssm``: This release adds the TargetMaps parameter in SSM State Manager API.
  * api-change:``backup``: Adds support to 2 new filters about job complete time for 3 list jobs APIs
    in AWS Backup
  * api-change:``lightsail``: Documentation updates for Lightsail
  * api-change:``iotsecuretunneling``: This release introduces a new API RotateTunnelAccessToken that
    allow revoking the existing tokens and generate new tokens
- from version 1.25.6
  * api-change:``ec2``: Adds support for allocating Dedicated Hosts on AWS  Outposts. The
    AllocateHosts API now accepts an OutpostArn request  parameter, and the DescribeHosts API now
    includes an OutpostArn response parameter.
  * api-change:``s3``: Documentation only update for doc bug fixes for the S3 API docs.
  * api-change:``kinesisvideo``: Add support for multiple image feature related APIs for configuring
    image generation and notification of a video stream. Add "/GET_IMAGES"/ to the list of supported API
    names for the GetDataEndpoint API.
  * api-change:``sagemaker``: SageMaker Autopilot adds new metrics for all candidate models generated
    by Autopilot experiments; RStudio on SageMaker now allows users to bring your own development
    environment in a custom image.
  * api-change:``kinesis-video-archived-media``: Add support for GetImages API  for retrieving images
    from a video stream
- from version 1.25.5
  * api-change:``organizations``: This release adds the INVALID_PAYMENT_INSTRUMENT as a fail reason
    and an error message.
  * api-change:``synthetics``: CloudWatch Synthetics has introduced a new feature to provide
    customers with an option to delete the underlying resources that Synthetics canary creates when the
    user chooses to delete the canary.
  * api-change:``outposts``: This release adds a new API called ListAssets to the Outposts SDK, which
    lists the hardware assets in an Outpost.
- from version 1.25.4
  * api-change:``rds``: Feature - Adds support for Internet Protocol Version 6 (IPv6) on RDS database
    instances.
  * api-change:``codeguru-reviewer``: Amazon CodeGuru Reviewer now supports suppressing
    recommendations from being generated on specific files and directories.
  * api-change:``ssm``: Update the StartChangeRequestExecution, adding TargetMaps to the Runbook
    parameter
  * api-change:``mediaconvert``: AWS Elemental MediaConvert SDK nows supports creation of Dolby
    Vision profile 8.1, the ability to generate black frames of video, and introduces audio-only DASH
    and CMAF support.
  * api-change:``wafv2``: You can now inspect all request headers and all cookies. You can now
    specify how to handle oversize body contents in your rules that inspect the body.
- from version 1.25.3
  * api-change:``auditmanager``: This release adds documentation updates for Audit Manager. We
    provided examples of how to use the Custom_ prefix for the keywordValue attribute. We also provided
    more details about the DeleteAssessmentReport operation.
  * api-change:``network-firewall``: AWS Network Firewall adds support for stateful threat signature
    AWS managed rule groups.
  * api-change:``ec2``: This release adds support to query the public key and creation date of EC2
    Key Pairs. Additionally, the format (pem or ppk) of a key pair can be specified when creating a new
    key pair.
  * api-change:``braket``: This release enables Braket Hybrid Jobs with Embedded Simulators to have
    multiple instances.
  * api-change:``guardduty``: Documentation update for API description.
  * api-change:``connect``: This release introduces an API for changing the current agent status of a
    user in Connect.
- from version 1.25.2
  * api-change:``rekognition``: This release adds support to configure stream-processor resources for
    label detections on streaming-videos. UpateStreamProcessor API is also launched with this release,
    which could be used to update an existing stream-processor.
  * api-change:``cloudtrail``: Increases the retention period maximum to 2557 days. Deprecates unused
    fields of the ListEventDataStores API response. Updates documentation.
  * api-change:``lookoutequipment``: This release adds the following new features: 1) Introduces an
    option for automatic schema creation 2) Now allows for Ingestion of data containing most common
    errors and allows automatic data cleaning 3) Introduces new API ListSensorStatistics that gives
    further information about the ingested data
  * api-change:``iotwireless``: Add list support for event configurations, allow to get and update
    event configurations by resource type, support LoRaWAN events; Make NetworkAnalyzerConfiguration as
    a resource, add List, Create, Delete API support; Add FCntStart attribute support for ABP
    WirelessDevice.
  * api-change:``amplify``: Documentation only update to support the Amplify GitHub App feature launch
  * api-change:``chime-sdk-media-pipelines``: For Amazon Chime SDK meetings, the Amazon Chime Media
    Pipelines SDK allows builders to capture audio, video, and content share streams. You can also
    capture meeting events, live transcripts, and data messages. The pipelines save the artifacts to an
    Amazon S3 bucket that you designate.
  * api-change:``sagemaker``: Amazon SageMaker Autopilot adds support for custom validation dataset
    and validation ratio through the CreateAutoMLJob and DescribeAutoMLJob APIs.
- Update to 1.25.1
  * api-change:``lightsail``: This release adds support for Lightsail load balancer HTTP to HTTPS
    redirect and TLS policy configuration.
  * api-change:``sagemaker``: SageMaker Inference Recommender now accepts customer KMS key ID for
    encryption of endpoints and compilation outputs created during inference recommendation.
  * api-change:``pricing``: Documentation updates for Price List API
  * api-change:``glue``: This release adds documentation for the APIs to create, read, delete, list,
    and batch read of AWS Glue custom patterns, and for Lake Formation configuration settings in the
    AWS Glue crawler.
  * api-change:``cloudfront``: CloudFront now supports the Server-Timing header in HTTP responses
    sent from CloudFront. You can use this header to view metrics that help you gain insights about the
    behavior and performance of CloudFront. To use this header, enable it in a response headers policy.
  * api-change:``ivschat``: Adds new APIs for IVS Chat, a feature for building interactive chat
    experiences alongside an IVS broadcast.
  * api-change:``network-firewall``: AWS Network Firewall now enables customers to use a customer
    managed AWS KMS key for the encryption of their firewall resources.
- from version 1.25.0
  * api-change:``gamelift``: Documentation updates for Amazon GameLift.
  * api-change:``mq``: This release adds the CRITICAL_ACTION_REQUIRED broker state and the
    ActionRequired API property. CRITICAL_ACTION_REQUIRED informs you when your broker is degraded.
    ActionRequired provides you with a code which you can use to find instructions in the Developer
    Guide on how to resolve the issue.
  * feature:IMDS: Added resiliency mechanisms to IMDS Credential Fetcher
  * api-change:``securityhub``: Security Hub now lets you opt-out of auto-enabling the defaults
    standards (CIS and FSBP) in accounts that are auto-enabled with Security Hub via Security Hub's
    integration with AWS Organizations.
  * api-change:``connect``: This release adds SearchUsers API which can be used to search for users
    with a Connect Instance
  * api-change:``rds-data``: Support to receive SQL query results in the form of a simplified JSON
    string. This enables developers using the new JSON string format to more easily convert it to an
    object using popular JSON string parsing libraries.
- from version 1.24.46
  * api-change:``chime-sdk-meetings``: Include additional exceptions types.
  * api-change:``ec2``: Adds support for waiters that automatically poll for a deleted NAT Gateway
    until it reaches the deleted state.
- from version 1.24.45
  * api-change:``wisdom``: This release updates the GetRecommendations API to include a trigger event
    list for classifying and grouping recommendations.
  * api-change:``elasticache``: Doc only update for ElastiCache
  * api-change:``iottwinmaker``: General availability (GA) for AWS IoT TwinMaker. For more
    information, see https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/Welcome.html
  * api-change:``secretsmanager``: Documentation updates for Secrets Manager
  * api-change:``mediatailor``: This release introduces tiered channels and adds support for live
    sources. Customers using a STANDARD channel can now create programs using live sources.
  * api-change:``storagegateway``: This release adds support for minimum of 5 character length
    virtual tape barcodes.
  * api-change:``lookoutmetrics``: Added DetectMetricSetConfig API for detecting configuration
    required for creating metric set from provided S3 data source.
  * api-change:``iotsitewise``: This release adds 3 new batch data query APIs :
    BatchGetAssetPropertyValue, BatchGetAssetPropertyValueHistory and BatchGetAssetPropertyAggregates
  * api-change:``glue``: This release adds APIs to create, read, delete, list, and batch read of Glue
    custom entity types
- from version 1.24.44
  * api-change:``macie2``: Sensitive data findings in Amazon Macie now indicate how Macie found the
    sensitive data that produced a finding (originType).
  * api-change:``rds``: Added a new cluster-level attribute to set the capacity range for Aurora
    Serverless v2 instances.
  * api-change:``mgn``: Removed required annotation from input fields in Describe operations
    requests. Added quotaValue to ServiceQuotaExceededException
  * api-change:``connect``: This release adds APIs to search, claim, release, list, update, and
    describe phone numbers. You can also use them to associate and disassociate contact flows to phone
    numbers.
- from version 1.24.43
  * api-change:``textract``: This release adds support for specifying and extracting information from
    documents using the Queries feature within Analyze Document API
  * api-change:``worklink``: Amazon WorkLink is no longer supported. This will be removed in a future
    version of the SDK.
  * api-change:``ssm``: Added offset support for specifying the number of days to wait after the date
    and time specified by a CRON expression when creating SSM association.
  * api-change:``autoscaling``: EC2 Auto Scaling now adds default instance warm-up times for all
    scaling activities, health check replacements, and other replacement events in the Auto Scaling
    instance lifecycle.
  * api-change:``personalize``: Adding StartRecommender and StopRecommender APIs for Personalize.
  * api-change:``kendra``: Amazon Kendra now provides a data source connector for Quip. For more
    information, see https://docs.aws.amazon.com/kendra/latest/dg/data-source-quip.html
  * api-change:``polly``: Amazon Polly adds new Austrian German voice - Hannah. Hannah is available
    as Neural voice only.
  * api-change:``transfer``: This release contains corrected HomeDirectoryMappings examples for
    several API functions: CreateAccess, UpdateAccess, CreateUser, and UpdateUser,.
  * api-change:``kms``: Adds support for KMS keys and APIs that generate and verify HMAC codes
  * api-change:``redshift``: Introduces new fields for LogDestinationType and LogExports on
    EnableLogging requests and Enable/Disable/DescribeLogging responses. Customers can now select
    CloudWatch Logs as a destination for their Audit Logs.
- from version 1.24.42
  * api-change:``lightsail``: This release adds support to describe the synchronization status of the
    account-level block public access feature for your Amazon Lightsail buckets.
  * api-change:``rds``: Removes Amazon RDS on VMware with the deletion of APIs related to Custom
    Availability Zones and Media installation
  * api-change:``athena``: This release adds subfields, ErrorMessage, Retryable, to the AthenaError
    response object in the GetQueryExecution API when a query fails.
- from version 1.24.41
  * api-change:``batch``: Enables configuration updates for compute environments with
    BEST_FIT_PROGRESSIVE and SPOT_CAPACITY_OPTIMIZED allocation strategies.
  * api-change:``ec2``: Documentation updates for Amazon EC2.
  * api-change:``cloudwatch``: Update cloudwatch client to latest version
  * api-change:``appstream``: Includes updates for create and update fleet APIs to manage the session
    scripts locations for Elastic fleets.
  * api-change:``glue``: Auto Scaling for Glue version 3.0 and later jobs to dynamically scale
    compute resources. This SDK change provides customers with the auto-scaled DPU usage
  * api-change:``appflow``: Enables users to pass custom token URL parameters for Oauth2
    authentication during create connector profile
- from version 1.24.40
  * api-change:``cloudwatch``: Update cloudwatch client to latest version
  * api-change:``fsx``: This release adds support for deploying FSx for ONTAP file systems in a
    single Availability Zone.
- from version 1.24.39
  * api-change:``ec2``: X2idn and X2iedn instances are powered by 3rd generation Intel Xeon Scalable
    processors with an all-core turbo frequency up to 3.5 GHzAmazon EC2. C6a instances are powered by
    3rd generation AMD EPYC processors.
  * api-change:``devops-guru``: This release adds new APIs DeleteInsight to deletes the insight along
    with the associated anomalies, events and recommendations.
  * api-change:``efs``: Update efs client to latest version
  * api-change:``iottwinmaker``: This release adds the following new features: 1) ListEntities API
    now supports search using ExternalId. 2) BatchPutPropertyValue and GetPropertyValueHistory API now
    allows users to represent time in sub-second level precisions.
- from version 1.24.38
  * api-change:``amplifyuibuilder``: In this release, we have added the ability to bind events to
    component level actions.
  * api-change:``apprunner``: This release adds tracing for App Runner services with X-Ray using AWS
    Distro for OpenTelemetry. New APIs: CreateObservabilityConfiguration,
    DescribeObservabilityConfiguration, ListObservabilityConfigurations, and
    DeleteObservabilityConfiguration. Updated APIs: CreateService and UpdateService.
  * api-change:``workspaces``: Added API support that allows customers to create GPU-enabled
    WorkSpaces using EC2 G4dn instances.
- from version 1.24.37
  * api-change:``mediaconvert``: AWS Elemental MediaConvert SDK has added support for the
    pass-through of WebVTT styling to WebVTT outputs, pass-through of KLV metadata to supported
    formats, and improved filter support for processing 444/RGB content.
  * api-change:``wafv2``: Add a new CurrentDefaultVersion field to
    ListAvailableManagedRuleGroupVersions API response; add a new VersioningSupported boolean to each
    ManagedRuleGroup returned from ListAvailableManagedRuleGroups API response.
  * api-change:``mediapackage-vod``: This release adds ScteMarkersSource as an available field for
    Dash Packaging Configurations. When set to MANIFEST, MediaPackage will source the SCTE-35 markers
    from the manifest. When set to SEGMENTS, MediaPackage will source the SCTE-35 markers from the
    segments.
- from version 1.24.36
  * api-change:``apigateway``: ApiGateway CLI command get-usage now includes usagePlanId, startDate,
    and endDate fields in the output to match documentation.
  * api-change:``personalize``: This release provides tagging support in AWS Personalize.
  * api-change:``pi``: Adds support for DocumentDB to the Performance Insights API.
  * api-change:``events``: Update events client to latest version
  * api-change:``docdb``: Added support to enable/disable performance insights when creating or
    modifying db instances
  * api-change:``sagemaker``: Amazon Sagemaker Notebook Instances now supports G5 instance types
- from version 1.24.35
  * bugfix:Proxy: Fix failure case for IP proxy addresses using TLS-in-TLS. `boto/botocore#2652
    <https://github.com/boto/botocore/pull/2652>`__
  * api-change:``config``: Add resourceType enums for AWS::EMR::SecurityConfiguration and
    AWS::SageMaker::CodeRepository
  * api-change:``panorama``: Added Brand field to device listings.
  * api-change:``lambda``: This release adds new APIs for creating and managing Lambda Function URLs
    and adds a new FunctionUrlAuthType parameter to the AddPermission API. Customers can use Function
    URLs to create built-in HTTPS endpoints on their functions.
  * api-change:``kendra``: Amazon Kendra now provides a data source connector for Box. For more
    information, see https://docs.aws.amazon.com/kendra/latest/dg/data-source-box.html
- from version 1.24.34
  * api-change:``securityhub``: Added additional ASFF details for RdsSecurityGroup AutoScalingGroup,
    ElbLoadBalancer, CodeBuildProject and RedshiftCluster.
  * api-change:``fsx``: Provide customers more visibility into file system status by adding new
    "/Misconfigured Unavailable"/ status for Amazon FSx for Windows File Server.
  * api-change:``s3control``: Documentation-only update for doc bug fixes for the S3 Control API docs.
  * api-change:``datasync``: AWS DataSync now supports Amazon FSx for OpenZFS locations.
- from version 1.24.33
  * api-change:``iot``: AWS IoT - AWS IoT Device Defender adds support to list metric datapoints
    collected for IoT devices through the ListMetricValues API
  * api-change:``servicecatalog``: This release adds ProvisioningArtifictOutputKeys to
    DescribeProvisioningParameters to reference the outputs of a Provisioned Product and deprecates
    ProvisioningArtifactOutputs.
  * api-change:``sms``: Revised product update notice for SMS console deprecation.
  * api-change:``proton``: SDK release to support tagging for AWS Proton Repository resource
  * enhancement:AWSCRT: Upgrade awscrt version to 0.13.8
- Update to 1.24.32
  * api-change:``connect``: This release updates these APIs: UpdateInstanceAttribute,
    DescribeInstanceAttribute and ListInstanceAttributes. You can use it to programmatically
    enable/disable multi-party conferencing using attribute type MULTI_PARTY_CONFERENCING on the
    specified Amazon Connect instance.
- from version 1.24.31
  * api-change:``cloudcontrol``: SDK release for Cloud Control API in Amazon Web Services China
    (Beijing) Region, operated by Sinnet, and Amazon Web Services China (Ningxia) Region, operated by
    NWCD
  * api-change:``pinpoint-sms-voice-v2``: Amazon Pinpoint now offers a version 2.0 suite of SMS and
    voice APIs, providing increased control over sending and configuration. This release is a new SDK
    for sending SMS and voice messages called PinpointSMSVoiceV2.
  * api-change:``workspaces``: Added APIs that allow you to customize the logo, login message, and
    help links in the WorkSpaces client login page. To learn more, visit
    https://docs.aws.amazon.com/workspaces/latest/adminguide/customize-branding.html
  * api-change:``route53-recovery-cluster``: This release adds a new API "/ListRoutingControls"/ to
    list routing control states using the highly reliable Route 53 ARC data plane endpoints.
  * api-change:``databrew``: This AWS Glue Databrew release adds feature to support ORC as an input
    format.
  * api-change:``auditmanager``: This release adds documentation updates for Audit Manager. The
    updates provide data deletion guidance when a customer deregisters Audit Manager or deregisters a
    delegated administrator.
  * api-change:``grafana``: This release adds tagging support to the Managed Grafana service. New
    APIs: TagResource, UntagResource and ListTagsForResource. Updates: add optional field tags to
    support tagging while calling CreateWorkspace.
- from version 1.24.30
  * api-change:``iot-data``: Update the default AWS IoT Core Data Plane endpoint from VeriSign signed
    to ATS signed. If you have firewalls with strict egress rules, configure the rules to grant you
    access to data-ats.iot.[region].amazonaws.com or data-ats.iot.[region].amazonaws.com.cn.
  * api-change:``ec2``: This release simplifies the auto-recovery configuration process enabling
    customers to set the recovery behavior to disabled or default
  * api-change:``fms``: AWS Firewall Manager now supports the configuration of third-party policies
    that can use either the centralized or distributed deployment models.
  * api-change:``fsx``: This release adds support for modifying throughput capacity for FSx for ONTAP
    file systems.
  * api-change:``iot``: Doc only update for IoT that fixes customer-reported issues.
- from version 1.24.29
  * api-change:``organizations``: This release provides the new CloseAccount API that enables
    principals in the management account to close any member account within an organization.
- from version 1.24.28
  * api-change:``medialive``: This release adds support for selecting a maintenance window.
  * api-change:``acm-pca``: Updating service name entities
- from version 1.24.27
  * api-change:``ec2``: This is release adds support for Amazon VPC Reachability Analyzer to analyze
    path through a Transit Gateway.
  * api-change:``ssm``: This Patch Manager release supports creating, updating, and deleting Patch
    Baselines for Rocky Linux OS.
  * api-change:``batch``: Bug Fix: Fixed a bug where shapes were marked as unboxed and were not
    serialized and sent over the wire, causing an API error from the service.
- from version 1.24.26
  * api-change:``lambda``: Adds support for increased ephemeral storage (/tmp) up to 10GB for Lambda
    functions. Customers can now provision up to 10 GB of ephemeral storage per function instance, a
    20x increase over the previous limit of 512 MB.
  * api-change:``config``: Added new APIs GetCustomRulePolicy and GetOrganizationCustomRulePolicy,
    and updated existing APIs PutConfigRule, DescribeConfigRule, DescribeConfigRuleEvaluationStatus,
    PutOrganizationConfigRule, DescribeConfigRule to support a new feature for building AWS Config
    rules with AWS CloudFormation Guard
  * api-change:``transcribe``: This release adds an additional parameter for subtitling with Amazon
    Transcribe batch jobs: outputStartIndex.
- from version 1.24.25
  * api-change:``redshift``: This release adds a new [--encrypted | --no-encrypted] field in
    restore-from-cluster-snapshot API. Customers can now restore an unencrypted snapshot to a cluster
    encrypted with AWS Managed Key or their own KMS key.
  * api-change:``ebs``: Increased the maximum supported value for the Timeout parameter of the
    StartSnapshot API from 60 minutes to 4320 minutes.  Changed the HTTP error code for
    ConflictException from 503 to 409.
  * api-change:``gamesparks``: Released the preview of Amazon GameSparks, a fully managed AWS service
    that provides a multi-service backend for game developers.
  * api-change:``elasticache``: Doc only update for ElastiCache
  * api-change:``transfer``: Documentation updates for AWS Transfer Family to describe how to remove
    an associated workflow from a server.
  * api-change:``auditmanager``: This release updates 1 API parameter, the SnsArn attribute. The
    character length and regex pattern for the SnsArn attribute have been updated, which enables you to
    deselect an SNS topic when using the UpdateSettings operation.
  * api-change:``ssm``: Update AddTagsToResource, ListTagsForResource, and RemoveTagsFromResource
    APIs to reflect the support for tagging Automation resources. Includes other minor documentation
    updates.
- from version 1.24.24
  * api-change:``location``: Amazon Location Service now includes a MaxResults parameter for
    GetDevicePositionHistory requests.
  * api-change:``polly``: Amazon Polly adds new Catalan voice - Arlet. Arlet is available as Neural
    voice only.
  * api-change:``lakeformation``: The release fixes the incorrect permissions called out in the
    documentation - DESCRIBE_TAG, ASSOCIATE_TAG, DELETE_TAG, ALTER_TAG. This trebuchet release fixes
    the corresponding SDK and documentation.
  * api-change:``ecs``: Documentation only update to address tickets
  * api-change:``ce``: Added three new APIs to support tagging and resource-level authorization on
    Cost Explorer resources: TagResource, UntagResource, ListTagsForResource.  Added optional
    parameters to CreateCostCategoryDefinition, CreateAnomalySubscription and CreateAnomalyMonitor APIs
    to support Tag On Create.
- from version 1.24.23
  * api-change:``ram``: Document improvements to the RAM API operations and parameter descriptions.
  * api-change:``ecr``: This release includes a fix in the DescribeImageScanFindings paginated output.
  * api-change:``quicksight``: AWS QuickSight Service Features - Expand public API support for group
    management.
  * api-change:``chime-sdk-meetings``: Add support for media replication to link multiple WebRTC
    media sessions together to reach larger and global audiences. Participants connected to a replica
    session can be granted access to join the primary session and can switch sessions with their
    existing WebRTC connection
  * api-change:``mediaconnect``: This release adds support for selecting a maintenance window.
- Update to 1.24.22
  * enhancement:jmespath: Add env markers to get working version of jmespath for python 3.6
  * api-change:``glue``: Added 9 new APIs for AWS Glue Interactive Sessions: ListSessions,
    StopSession, CreateSession, GetSession, DeleteSession, RunStatement, GetStatement, ListStatements,
    CancelStatement
- from version 1.24.21
  * enhancement:Dependency: Added support for jmespath 1.0
  * api-change:``amplifybackend``: Adding the ability to customize Cognito verification messages for
    email and SMS in CreateBackendAuth and UpdateBackendAuth. Adding deprecation documentation for
    ForgotPassword in CreateBackendAuth and UpdateBackendAuth
  * api-change:``acm-pca``: AWS Certificate Manager (ACM) Private Certificate Authority (CA) now
    supports customizable certificate subject names and extensions.
  * api-change:``ssm-incidents``: Removed incorrect validation pattern for
    IncidentRecordSource.invokedBy
  * api-change:``billingconductor``: This is the initial SDK release for AWS Billing Conductor. The
    AWS Billing Conductor is a customizable billing service, allowing you to customize your billing
    data to match your desired business structure.
  * api-change:``s3outposts``: S3 on Outposts is releasing a new API, ListSharedEndpoints, that lists
    all endpoints associated with S3 on Outpost, that has been shared by Resource Access Manager (RAM).
- from version 1.24.20
  * api-change:``robomaker``: This release deprecates ROS, Ubuntu and Gazbeo from RoboMaker
    Simulation Service Software Suites in favor of user-supplied containers and Relaxed Software Suites.
  * api-change:``dataexchange``: This feature enables data providers to use the RevokeRevision
    operation to revoke subscriber access to a given revision. Subscribers are unable to interact with
    assets within a revoked revision.
  * api-change:``ec2``: Adds the Cascade parameter to the DeleteIpam API. Customers can use this
    parameter to automatically delete their IPAM, including non-default scopes, pools, cidrs, and
    allocations. There mustn't be any pools provisioned in the default public scope to use this
    parameter.
  * api-change:``cognito-idp``: Updated EmailConfigurationType and SmsConfigurationType to reflect
    that you can now choose Amazon SES and Amazon SNS resources in the same Region.
  * enhancement:AWSCRT: Upgrade awscrt extra to 0.13.5
  * api-change:``location``: New HERE style "/VectorHereExplore"/ and "/VectorHereExploreTruck"/.
  * api-change:``ecs``: Documentation only update to address tickets
  * api-change:``keyspaces``: Fixing formatting issues in CLI and SDK documentation
  * api-change:``rds``: Various documentation improvements
- from version 1.24.19
  * api-change:``kendra``: Amazon Kendra now provides a data source connector for Slack. For more
    information, see https://docs.aws.amazon.com/kendra/latest/dg/data-source-slack.html
  * api-change:``timestream-query``: Amazon Timestream Scheduled Queries now support Timestamp
    datatype in a multi-measure record.
  * enhancement:Stubber: Added support for modeled exception fields when adding errors to a client
    stub. Implements boto/boto3`#3178 <https://github.com/boto/botocore/issues/3178>`__.
  * api-change:``elasticache``: Doc only update for ElastiCache
  * api-change:``config``: Add resourceType enums for AWS::ECR::PublicRepository and
    AWS::EC2::LaunchTemplate
- from version 1.24.18
  * api-change:``outposts``: This release adds address filters for listSites
  * api-change:``lambda``: Adds PrincipalOrgID support to AddPermission API. Customers can use it to
    manage permissions to lambda functions at AWS Organizations level.
  * api-change:``secretsmanager``: Documentation updates for Secrets Manager.
  * api-change:``connect``: This release adds support for enabling Rich Messaging when starting a new
    chat session via the StartChatContact API. Rich Messaging enables the following formatting options:
    bold, italics, hyperlinks, bulleted lists, and numbered lists.
  * api-change:``chime``: Chime VoiceConnector Logging APIs will now support MediaMetricLogs. Also
    CreateMeetingDialOut now returns AccessDeniedException.
- from version 1.24.17
  * api-change:``transcribe``: Documentation fix for API `StartMedicalTranscriptionJobRequest`, now
    showing min sample rate as 16khz
  * api-change:``transfer``: Adding more descriptive error types for managed workflows
  * api-change:``lexv2-models``: Update lexv2-models client to latest version
- from version 1.24.16
  * api-change:``comprehend``: Amazon Comprehend now supports extracting the sentiment associated
    with entities such as brands, products and services from text documents.
- from version 1.24.15
  * api-change:``eks``: Introducing a new enum for NodeGroup error code:
    Ec2SubnetMissingIpv6Assignment
  * api-change:``keyspaces``: Adding link to CloudTrail section in Amazon Keyspaces Developer Guide
  * api-change:``mediaconvert``: AWS Elemental MediaConvert SDK has added support for reading
    timecode from AVCHD sources and now provides the ability to segment WebVTT at the same interval as
    the video and audio in HLS packages.
- from version 1.24.14
  * api-change:``chime-sdk-meetings``: Adds support for Transcribe language identification feature to
    the StartMeetingTranscription API.
  * api-change:``ecs``: Amazon ECS UpdateService API now supports additional parameters:
    loadBalancers, propagateTags, enableECSManagedTags, and serviceRegistries
  * api-change:``migration-hub-refactor-spaces``: AWS Migration Hub Refactor Spaces documentation
    update.
- from version 1.24.13
  * api-change:``synthetics``: Allow custom handler function.
  * api-change:``transfer``: Add waiters for server online and offline.
  * api-change:``devops-guru``: Amazon DevOps Guru now integrates with Amazon CodeGuru Profiler. You
    can view CodeGuru Profiler recommendations for your AWS Lambda function in DevOps Guru. This
    feature is enabled by default for new customers as of 3/4/2022. Existing customers can enable this
    feature with UpdateEventSourcesConfig.
  * api-change:``macie``: Amazon Macie Classic (macie) has been discontinued and is no longer
    available. A new Amazon Macie (macie2) is now available with significant design improvements and
    additional features.
  * api-change:``ec2``: Documentation updates for Amazon EC2.
  * api-change:``sts``: Documentation updates for AWS Security Token Service.
  * api-change:``connect``: This release updates the *InstanceStorageConfig APIs so they support a
    new ResourceType: REAL_TIME_CONTACT_ANALYSIS_SEGMENTS. Use this resource type to enable streaming
    for real-time contact analysis and to associate the Kinesis stream where real-time contact analysis
    segments will be published.
- from version 1.24.12
  * api-change:``greengrassv2``: Doc only update that clarifies Create Deployment section.
  * api-change:``fsx``: This release adds support for data repository associations to use root ("//"/)
    as the file system path
  * api-change:``kendra``: Amazon Kendra now suggests spell corrections for a query. For more
    information, see https://docs.aws.amazon.com/kendra/latest/dg/query-spell-check.html
  * api-change:``appflow``: Launching Amazon AppFlow Marketo as a destination connector SDK.
  * api-change:``timestream-query``: Documentation only update for SDK and CLI
- from version 1.24.11
  * api-change:``gamelift``: Minor updates to address errors.
  * api-change:``cloudtrail``: Add bytesScanned field into responses of DescribeQuery and
    GetQueryResults.
  * api-change:``athena``: This release adds support for S3 Object Ownership by allowing the S3
    bucket owner full control canned ACL to be set when Athena writes query results to S3 buckets.
  * api-change:``keyspaces``: This release adds support for data definition language (DDL) operations
  * api-change:``ecr``: This release adds support for tracking images lastRecordedPullTime.
- Version update to 1.24.10
  * api-change:``mediapackage``: This release adds Hybridcast as an available profile option for Dash
    Origin Endpoints.
  * api-change:``rds``: Documentation updates for Multi-AZ DB clusters.
  * api-change:``mgn``: Add support for GP3 and IO2 volume types. Add bootMode to LaunchConfiguration
    object (and as a parameter to UpdateLaunchConfigurationRequest).
  * api-change:``kafkaconnect``: Adds operation for custom plugin deletion (DeleteCustomPlugin) and
    adds new StateDescription field to DescribeCustomPlugin and DescribeConnector responses to return
    errors from asynchronous resource creation.
- from version 1.24.9
  * api-change:``finspace-data``: Add new APIs for managing Users and Permission Groups.
  * api-change:``amplify``: Add repositoryCloneMethod field for hosting an Amplify app. This field
    shows what authorization method is used to clone the repo: SSH, TOKEN, or SIGV4.
  * api-change:``fsx``: This release adds support for the following FSx for OpenZFS features:
    snapshot lifecycle transition messages, force flag for deleting file systems with child resources,
    LZ4 data compression, custom record sizes, and unsetting volume quotas and reservations.
  * api-change:``fis``: This release adds logging support for AWS Fault Injection Simulator
    experiments. Experiment templates can now be configured to send experiment activity logs to Amazon
    CloudWatch Logs or to an S3 bucket.
  * api-change:``route53-recovery-cluster``: This release adds a new API option to enable overriding
    safety rules to allow routing control state updates.
  * api-change:``amplifyuibuilder``: We are adding the ability to configure workflows and actions for
    components.
  * api-change:``athena``: This release adds support for updating an existing named query.
  * api-change:``ec2``: This release adds support for new AMI property 'lastLaunchedTime'
  * api-change:``servicecatalog-appregistry``: AppRegistry is deprecating Application and
    Attribute-Group Name update feature. In this release, we are marking the name attributes for Update
    APIs as deprecated to give a heads up to our customers.
- from version 1.24.8
  * api-change:``elasticache``: Doc only update for ElastiCache
  * api-change:``panorama``: Added NTP server configuration parameter to ProvisionDevice operation.
    Added alternate software fields to DescribeDevice response
- from version 1.24.7
  * api-change:``route53``: SDK doc update for Route 53 to update some parameters with new
    information.
  * api-change:``databrew``: This AWS Glue Databrew release adds feature to merge job outputs into a
    max number of files for S3 File output type.
  * api-change:``transfer``: Support automatic pagination when listing AWS Transfer Family resources.
  * api-change:``s3control``: Amazon S3 Batch Operations adds support for new integrity checking
    capabilities in Amazon S3.
  * api-change:``s3``: This release adds support for new integrity checking capabilities in Amazon
    S3. You can choose from four supported checksum algorithms for data integrity checking on your
    upload and download requests. In addition, AWS SDK can automatically calculate a checksum as it
    streams data into S3
  * api-change:``fms``: AWS Firewall Manager now supports the configuration of AWS Network Firewall
    policies with either centralized or distributed deployment models. This release also adds support
    for custom endpoint configuration, where you can choose which Availability Zones to create firewall
    endpoints in.
  * api-change:``lightsail``: This release adds support to delete and create Lightsail default key
    pairs that you can use with Lightsail instances.
  * api-change:``autoscaling``: You can now hibernate instances in a warm pool to stop instances
    without deleting their RAM contents. You can now also return instances to the warm pool on scale
    in, instead of always terminating capacity that you will need later.
- from version 1.24.6
  * api-change:``transfer``: The file input selection feature provides the ability to use either the
    originally uploaded file or the output file from the previous workflow step, enabling customers to
    make multiple copies of the original file while keeping the source file intact for file archival.
  * api-change:``lambda``: Lambda releases .NET 6 managed runtime to be available in all commercial
    regions.
  * api-change:``textract``: Added support for merged cells and column header for table response.
- from version 1.24.5
  * api-change:``translate``: This release enables customers to use translation settings for
    formality customization in their synchronous translation output.
  * api-change:``wafv2``: Updated descriptions for logging configuration.
  * api-change:``apprunner``: AWS App Runner adds a Java platform (Corretto 8, Corretto 11 runtimes)
    and a Node.js 14 runtime.
- from version 1.24.4
  * api-change:``imagebuilder``: This release adds support to enable faster launching for Windows
    AMIs created by EC2 Image Builder.
  * api-change:``customer-profiles``: This release introduces apis CreateIntegrationWorkflow,
    DeleteWorkflow, ListWorkflows, GetWorkflow and GetWorkflowSteps. These apis are used to manage and
    view integration workflows.
  * api-change:``dynamodb``: DynamoDB ExecuteStatement API now supports Limit as a request parameter
    to specify the maximum number of items to evaluate. If specified, the service will process up to
    the Limit and the results will include a LastEvaluatedKey value to continue the read in a
    subsequent operation.
- from version 1.24.3
  * api-change:``transfer``: Properties for Transfer Family used with SFTP, FTP, and FTPS protocols.
    Display Banners are bodies of text that can be displayed before and/or after a user authenticates
    onto a server using one of the previously mentioned protocols.
  * api-change:``gamelift``: Increase string list limit from 10 to 100.
  * api-change:``budgets``: This change introduces DescribeBudgetNotificationsForAccount API which
    returns budget notifications for the specified account
- from version 1.24.2
  * api-change:``iam``: Documentation updates for AWS Identity and Access Management (IAM).
  * api-change:``redshift``: SDK release for Cross region datasharing and cost-control for cross
    region datasharing
  * api-change:``evidently``: Add support for filtering list of experiments and launches by status
  * api-change:``backup``: AWS Backup add new S3_BACKUP_OBJECT_FAILED and S3_RESTORE_OBJECT_FAILED
    event types in BackupVaultNotifications events list.
- from version 1.24.1
  * api-change:``ec2``: Documentation updates for EC2.
  * api-change:``budgets``: Adds support for auto-adjusting budgets, a new budget method alongside
    fixed and planned. Auto-adjusting budgets introduces new metadata to configure a budget limit
    baseline using a historical lookback average or current period forecast.
  * api-change:``ce``: AWS Cost Anomaly Detection now supports SNS FIFO topic subscribers.
  * api-change:``glue``: Support for optimistic locking in UpdateTable
  * api-change:``ssm``: Assorted ticket fixes and updates for AWS Systems Manager.
- Version update to 1.24.0
  * api-change:``appflow``: Launching Amazon AppFlow SAP as a destination connector SDK.
  * feature:Parser: Adding support for parsing int/long types in rest-json response headers.
  * api-change:``rds``: Adds support for determining which Aurora PostgreSQL versions support
    Babelfish.
  * api-change:``athena``: This release adds a subfield, ErrorType, to the AthenaError response
    object in the GetQueryExecution API when a query fails.
- from version 1.23.54
  * api-change:``ssm``: Documentation updates for AWS Systems Manager.
- from version 1.23.53
  * api-change:``cloudformation``: This SDK release adds AWS CloudFormation Hooks HandlerErrorCodes
  * api-change:``lookoutvision``: This release makes CompilerOptions in Lookout for Vision's
    StartModelPackagingJob's Configuration object optional.
  * api-change:``pinpoint``: This SDK release adds a new paramater creation date for GetApp and
    GetApps Api call
  * api-change:``sns``: Customer requested typo fix in API documentation.
  * api-change:``wafv2``: Adds support for AWS WAF Fraud Control account takeover prevention (ATP),
    with configuration options for the new managed rule group AWSManagedRulesATPRuleSet and support for
    application integration SDKs for Android and iOS mobile apps.
- from version 1.23.52
  * api-change:``cloudformation``: This SDK release is for the feature launch of AWS CloudFormation
    Hooks.
- from version 1.23.51
  * api-change:``kendra``: Amazon Kendra now provides a data source connector for Amazon FSx. For
    more information, see https://docs.aws.amazon.com/kendra/latest/dg/data-source-fsx.html
  * api-change:``apprunner``: This release adds support for App Runner to route outbound network
    traffic of a service through an Amazon VPC. New API: CreateVpcConnector, DescribeVpcConnector,
    ListVpcConnectors, and DeleteVpcConnector. Updated API: CreateService, DescribeService, and
    UpdateService.
  * api-change:``s3control``: This release adds support for S3 Batch Replication. Batch Replication
    lets you replicate existing objects, already replicated objects to new destinations, and objects
    that previously failed to replicate. Customers will receive object-level visibility of progress and
    a detailed completion report.
  * api-change:``sagemaker``: Autopilot now generates an additional report with information on the
    performance of the best model, such as a Confusion matrix and  Area under the receiver operating
    characteristic (AUC-ROC). The path to the report can be found in CandidateArtifactLocations.
- from version 1.23.50
  * api-change:``auditmanager``: This release updates 3 API parameters.
    UpdateAssessmentFrameworkControlSet now requires the controls attribute, and
    CreateAssessmentFrameworkControl requires the id attribute. Additionally, UpdateAssessmentFramework
    now has a minimum length constraint for the controlSets attribute.
  * api-change:``synthetics``: Adding names parameters to the Describe APIs.
  * api-change:``ssm-incidents``: Update RelatedItem enum to support SSM Automation
  * api-change:``events``: Update events client to latest version
  * enhancement:Lambda Request Header: Adding request header for Lambda recursion detection.
- from version 1.23.49
  * api-change:``athena``: You can now optionally specify the account ID that you expect to be the
    owner of your query results output location bucket in Athena. If the account ID of the query
    results bucket owner does not match the specified account ID, attempts to output to the bucket will
    fail with an S3 permissions error.
  * api-change:``rds``: updates for RDS Custom for Oracle 12.1 support
  * api-change:``lakeformation``: Add support for calling Update Table Objects without a
    TransactionId.
- from version 1.23.48
  * api-change:``ec2``: adds support for AMIs in Recycle Bin
  * api-change:``robomaker``: The release deprecates the use various APIs of RoboMaker Deployment
    Service in favor of AWS IoT GreenGrass v2.0.
  * api-change:``meteringmarketplace``: Add CustomerAWSAccountId to ResolveCustomer API response and
    increase UsageAllocation limit to 2500.
  * api-change:``rbin``: Add EC2 Image recycle bin support.
- from version 1.23.47
  * api-change:``emr``: Update emr client to latest version
  * api-change:``personalize``: Adding minRecommendationRequestsPerSecond attribute to recommender
    APIs.
  * enhancement:Request headers: Adding request headers with retry information.
  * api-change:``appflow``: Launching Amazon AppFlow Custom Connector SDK.
  * api-change:``dynamodb``: Documentation update for DynamoDB Java SDK.
  * api-change:``iot``: This release adds support for configuring AWS IoT logging level per client
    ID, source IP, or principal ID.
  * api-change:``comprehend``: Amazon Comprehend now supports sharing and importing custom trained
    models from one AWS account to another within the same region.
  * api-change:``ce``: Doc-only update for Cost Explorer API that adds INVOICING_ENTITY dimensions
  * api-change:``fis``: Added GetTargetResourceType and ListTargetResourceTypesAPI actions. These
    actions return additional details about resource types and parameters that can be targeted by FIS
    actions. Added a parameters field for the targets that can be specified in experiment templates.
  * api-change:``es``: Allows customers to get progress updates for blue/green deployments
  * api-change:``glue``: Launch Protobuf support for AWS Glue Schema Registry
  * api-change:``elasticache``: Documentation update for AWS ElastiCache
- Version update to 1.23.46
  * api-change:``appconfigdata``: Documentation updates for AWS AppConfig Data.
  * api-change:``athena``: This release adds a field, AthenaError, to the GetQueryExecution response
    object when a query fails.
  * api-change:``appconfig``: Documentation updates for AWS AppConfig
  * api-change:``cognito-idp``: Doc updates for Cognito user pools API Reference.
  * api-change:``secretsmanager``: Feature are ready to release on Jan 28th
  * api-change:``sagemaker``: This release added a new NNA accelerator compilation support for
    Sagemaker Neo.
- from version 1.23.45
  * api-change:``ec2``: X2ezn instances are powered by Intel Cascade Lake CPUs that deliver turbo all
    core frequency of up to 4.5 GHz and up to 100 Gbps of networking bandwidth
  * api-change:``kafka``: Amazon MSK has updated the CreateCluster and UpdateBrokerStorage API that
    allows you to specify volume throughput during cluster creation and broker volume updates.
  * api-change:``connect``: This release adds support for configuring a custom chat duration when
    starting a new chat session via the StartChatContact API. The default value for chat duration is 25
    hours, minimum configurable value is 1 hour (60 minutes) and maximum configurable value is 7 days
    (10,080 minutes).
  * api-change:``amplify``: Doc only update to the description of basicauthcredentials to describe
    the required encoding and format.
  * api-change:``opensearch``: Allows customers to get progress updates for blue/green deployments
- from version 1.23.44
  * api-change:``frauddetector``: Added new APIs for viewing past predictions and obtaining
    prediction metadata including prediction explanations: ListEventPredictions and
    GetEventPredictionMetadata
  * api-change:``ebs``: Documentation updates for Amazon EBS Direct APIs.
  * api-change:``codeguru-reviewer``: Added failure state and adjusted timeout in waiter
  * api-change:``securityhub``: Adding top level Sample boolean field
  * api-change:``sagemaker``: API changes relating to Fail steps in model building pipeline and add
    PipelineExecutionFailureReason in PipelineExecutionSummary.
- from version 1.23.43
  * api-change:``fsx``: This release adds support for growing SSD storage capacity and
    growing/shrinking SSD IOPS for FSx for ONTAP file systems.
  * api-change:``efs``: Update efs client to latest version
  * api-change:``connect``: This release adds support for custom vocabularies to be used with Contact
    Lens. Custom vocabularies improve transcription accuracy for one or more specific words.
  * api-change:``guardduty``: Amazon GuardDuty expands threat detection coverage to protect Amazon
    Elastic Kubernetes Service (EKS) workloads.
- from version 1.23.42
  * api-change:``route53-recovery-readiness``: Updated documentation for Route53 Recovery Readiness
    APIs.
- from version 1.23.41
  * enhancement:Exceptions: ProxyConnectionError previously provided the full proxy URL. User info
    will now be appropriately masked if needed.
  * api-change:``mediaconvert``: AWS Elemental MediaConvert SDK has added support for 4K AV1 output
    resolutions & 10-bit AV1 color, the ability to ingest sidecar Dolby Vision XML metadata files, and
    the ability to flag WebVTT and IMSC tracks for accessibility in HLS.
  * api-change:``transcribe``: Add support for granular PIIEntityTypes when using Batch
    ContentRedaction.
- Version update to 1.23.40
  * api-change:``guardduty``: Amazon GuardDuty findings now include remoteAccountDetails under
    AwsApiCallAction section if instance credential is exfiltrated.
  * api-change:``connect``: This release adds tagging support for UserHierarchyGroups resource.
  * api-change:``mediatailor``: This release adds support for multiple Segment Delivery
    Configurations. Users can provide a list of names and URLs when creating or editing a source
    location. When retrieving content, users can send a header to choose which URL should be used to
    serve content.
  * api-change:``fis``: Added action startTime and action endTime timestamp fields to the
    ExperimentAction object
  * api-change:``ec2``: C6i, M6i and R6i instances are powered by a third-generation Intel Xeon
    Scalable processor (Ice Lake) delivering all-core turbo frequency of 3.5 GHz
- from version 1.23.39
  * api-change:``macie2``: This release of the Amazon Macie API introduces stricter validation of
    requests to create custom data identifiers.
  * api-change:``ec2-instance-connect``: Adds support for ED25519 keys. PushSSHPublicKey Availability
    Zone parameter is now optional. Adds EC2InstanceStateInvalidException for instances that are not
    running. This was previously a service exception, so this may require updating your code to handle
    this new exception.
- from version 1.23.38
  * api-change:``ivs``: This release adds support for the new Thumbnail Configuration property for
    Recording Configurations. For more information see
    https://docs.aws.amazon.com/ivs/latest/userguide/record-to-s3.html
  * api-change:``storagegateway``: Documentation update for adding bandwidth throttling support for
    S3 File Gateways.
  * api-change:``location``: This release adds the CalculateRouteMatrix API which calculates routes
    for the provided departure and destination positions. The release also deprecates the use of
    pricing plan across all verticals.
  * api-change:``cloudtrail``: This release fixes a documentation bug in the description for the
    readOnly field selector in advanced event selectors. The description now clarifies that users omit
    the readOnly field selector to select both Read and Write management events.
  * api-change:``ec2``: Add support for AWS Client VPN client login banner and session timeout.
- from version 1.23.37
  * enhancement:Configuration: Adding support for `defaults_mode` configuration. The `defaults_mode`
    will be used to determine how certain default configuration options are resolved in the SDK.
- from version 1.23.36
  * api-change:``config``: Update ResourceType enum with values for CodeDeploy, EC2 and Kinesis
    resources
  * api-change:``application-insights``: Application Insights support for Active Directory and
    SharePoint
  * api-change:``honeycode``: Added read and write api support for multi-select picklist. And added
    errorcode field to DescribeTableDataImportJob API output, when import job fails.
  * api-change:``ram``: This release adds the ListPermissionVersions API which lists the versions for
    a given permission.
  * api-change:``lookoutmetrics``: This release adds a new DeactivateAnomalyDetector API operation.
- Version update to 1.23.35
  * api-change:``pinpoint``: Adds JourneyChannelSettings to WriteJourneyRequest
  * api-change:``lexv2-runtime``: Update lexv2-runtime client to latest version
  * api-change:``nimble``: Amazon Nimble Studio now supports validation for Launch Profiles. Launch
    Profiles now report static validation results after create/update to detect errors in network or
    active directory configuration.
  * api-change:``glue``: This SDK release adds support to pass run properties when starting a
    workflow run
  * api-change:``ssm``: AWS Systems Manager adds category support for DescribeDocument API
  * api-change:``elasticache``: AWS ElastiCache for Redis has added a new Engine Log LogType in
    LogDelivery feature. You can now publish the Engine Log from your Amazon ElastiCache for Redis
    clusters to Amazon CloudWatch Logs and Amazon Kinesis Data Firehose.
- from version 1.23.34
  * api-change:``lexv2-models``: Update lexv2-models client to latest version
  * api-change:``elasticache``: Doc only update for ElastiCache
  * api-change:``honeycode``: Honeycode is releasing new APIs to allow user to create, delete and
    list tags on resources.
  * api-change:``ec2``: Hpc6a instances are powered by a third-generation AMD EPYC processors (Milan)
    delivering all-core turbo frequency of 3.4 GHz
  * api-change:``fms``: Shield Advanced policies for Amazon CloudFront resources now support
    automatic application layer DDoS mitigation. The max length for SecurityServicePolicyData
    ManagedServiceData is now 8192 characters, instead of 4096.
  * api-change:``pi``: This release adds three Performance Insights APIs. Use
    ListAvailableResourceMetrics to get available metrics, GetResourceMetadata to get feature metadata,
    and ListAvailableResourceDimensions to list available dimensions. The AdditionalMetrics field in
    DescribeDimensionKeys retrieves per-SQL metrics.
- from version 1.23.33
  * api-change:``finspace-data``: Documentation updates for FinSpace.
  * api-change:``rds``: This release adds the db-proxy event type to support subscribing to RDS Proxy
    events.
  * api-change:``ce``: Doc only update for Cost Explorer API that fixes missing clarifications for
    MatchOptions definitions
  * api-change:``kendra``: Amazon Kendra now supports advanced query language and query-less search.
  * api-change:``workspaces``: Introducing new APIs for Workspaces audio optimization with Amazon
    Connect: CreateConnectClientAddIn, DescribeConnectClientAddIns, UpdateConnectClientAddIn and
    DeleteConnectClientAddIn.
  * api-change:``iotevents-data``: This release provides documentation updates for Timer.timestamp in
    the IoT Events API Reference Guide.
  * api-change:``ec2``: EC2 Capacity Reservations now supports RHEL instance platforms (RHEL with SQL
    Server Standard, RHEL with SQL Server Enterprise, RHEL with SQL Server Web, RHEL with HA, RHEL with
    HA and SQL Server Standard, RHEL with HA and SQL Server Enterprise)
- from version 1.23.32
  * api-change:``ec2``: New feature: Updated EC2 API to support faster launching for Windows images.
    Optimized images are pre-provisioned, using snapshots to launch instances up to 65% faster.
  * api-change:``compute-optimizer``: Adds support for new Compute Optimizer capability that makes it
    easier for customers to optimize their EC2 instances by leveraging multiple CPU architectures.
  * api-change:``lookoutmetrics``: This release adds FailureType in the response of
    DescribeAnomalyDetector.
  * api-change:``databrew``: This SDK release adds support for specifying a Bucket Owner for an S3
    location.
  * api-change:``transcribe``: Documentation updates for Amazon Transcribe.
- from version 1.23.31
  * api-change:``medialive``: This release adds support for selecting the Program Date Time (PDT)
    Clock source algorithm for HLS outputs.
- from version 1.23.30
  * api-change:``ec2``: This release introduces On-Demand Capacity Reservation support for Cluster
    Placement Groups, adds Tags on instance Metadata, and includes documentation updates for Amazon EC2.
  * api-change:``mediatailor``: This release adds support for filler slate when updating MediaTailor
    channels that use the linear playback mode.
  * api-change:``opensearch``: Amazon OpenSearch Service adds support for Fine Grained Access Control
    for existing domains running Elasticsearch version 6.7 and above
  * api-change:``iotwireless``: Downlink Queue Management feature provides APIs for customers to
    manage the queued messages destined to device inside AWS IoT Core for LoRaWAN. Customer can view,
    delete or purge the queued message(s). It allows customer to preempt the queued messages and let
    more urgent messages go through.
  * api-change:``es``: Amazon OpenSearch Service adds support for Fine Grained Access Control for
    existing domains running Elasticsearch version 6.7 and above
  * api-change:``mwaa``: This release adds a "/Source"/ field that provides the initiator of an update,
    such as due to an automated patch from AWS or due to modification via Console or API.
  * api-change:``appsync``: AppSync: AWS AppSync now supports configurable batching sizes for AWS
    Lambda resolvers, Direct AWS Lambda resolvers and pipeline functions
- from version 1.23.29
  * api-change:``cloudtrail``: This release adds support for CloudTrail Lake, a new feature that lets
    you run SQL-based queries on events that you have aggregated into event data stores. New APIs have
    been added for creating and managing event data stores, and creating, running, and managing queries
    in CloudTrail Lake.
  * api-change:``iot``: This release adds an automatic retry mechanism for AWS IoT Jobs. You can now
    define a maximum number of retries for each Job rollout, along with the criteria to trigger the
    retry for FAILED/TIMED_OUT/ALL(both FAILED an TIMED_OUT) job.
  * api-change:``ec2``: This release adds a new API called
    ModifyVpcEndpointServicePayerResponsibility which allows VPC endpoint service owners to take payer
    responsibility of their VPC Endpoint connections.
  * api-change:``snowball``: Updating validation rules for interfaces used in the Snowball API to
    tighten security of service.
  * api-change:``lakeformation``: Add new APIs for 3rd Party Support for Lake Formation
  * api-change:``appstream``: Includes APIs for App Entitlement management regarding entitlement and
    entitled application association.
  * api-change:``eks``: Amazon EKS now supports running applications using IPv6 address space
  * api-change:``quicksight``: Multiple Doc-only updates for Amazon QuickSight.
  * api-change:``ecs``: Documentation update for ticket fixes.
  * api-change:``sagemaker``: Amazon SageMaker now supports running training jobs on ml.g5 instance
    types.
  * api-change:``glue``: Add Delta Lake target support for Glue Crawler and 3rd Party Support for
    Lake Formation
- Version update to 1.23.28
  * api-change:``rekognition``: This release introduces a new field IndexFacesModelVersion, which is
    the version of the face detect and storage model that was used when indexing the face vector.
  * api-change:``s3``: Minor doc-based updates based on feedback bugs received.
  * enhancement:JSONFileCache: Add support for __delitem__ in JSONFileCache
  * api-change:``s3control``: Documentation updates for the renaming of Glacier to Glacier Flexible
    Retrieval.
- from version 1.23.27
  * api-change:``sagemaker``: The release allows users to pass pipeline definitions as Amazon S3
    locations and control the pipeline execution concurrency using ParallelismConfiguration. It also
    adds support of EMR jobs as pipeline steps.
  * api-change:``rds``: Multiple doc-only updates for Relational Database Service (RDS)
  * api-change:``mediaconvert``: AWS Elemental MediaConvert SDK has added strength levels to the
    Sharpness Filter and now permits OGG files to be specified as sidecar audio inputs.
  * api-change:``greengrassv2``: This release adds the API operations to manage the Greengrass role
    associated with your account and to manage the core device connectivity information. Greengrass V2
    customers can now depend solely on Greengrass V2 SDK for all the API operations needed to manage
    their fleets.
  * api-change:``detective``: Added and updated API operations to support the Detective integration
    with AWS Organizations. New actions are used to manage the delegated administrator account and the
    integration configuration.
- from version 1.23.26
  * api-change:``nimble``: Amazon Nimble Studio adds support for users to upload files during a
    streaming session using NICE DCV native client or browser.
  * api-change:``chime-sdk-messaging``: The Amazon Chime SDK now supports updating message attributes
    via channel flows
  * api-change:``imagebuilder``: Added a note to infrastructure configuration actions and data types
    concerning delivery of Image Builder event messages to encrypted SNS topics. The key that's used to
    encrypt the SNS topic must reside in the account that Image Builder runs under.
  * api-change:``workmail``: This release allows customers to change their email monitoring
    configuration in Amazon WorkMail.
  * api-change:``transfer``: Property for Transfer Family used with the FTPS protocol. TLS Session
    Resumption provides a mechanism to resume or share a negotiated secret key between the control and
    data connection for an FTPS session.
  * api-change:``lookoutmetrics``: This release adds support for Causal Relationships. Added new
    ListAnomalyGroupRelatedMetrics API operation and InterMetricImpactDetails API data type
  * api-change:``mediaconnect``: You can now use the Fujitsu-QoS protocol for your MediaConnect
    sources and outputs to transport content to and from Fujitsu devices.
  * api-change:``qldb``: Amazon QLDB now supports journal exports in JSON and Ion Binary formats.
    This release adds an optional OutputFormat parameter to the ExportJournalToS3 API.
- from version 1.23.25
  * api-change:``customer-profiles``: This release adds an optional parameter, ObjectTypeNames to the
    PutIntegration API to support multiple object types per integration option. Besides, this release
    introduces Standard Order Objects which contain data from third party systems and each order object
    belongs to a specific profile.
  * api-change:``sagemaker``: This release adds a new ContentType field in AutoMLChannel for
    SageMaker CreateAutoMLJob InputDataConfig.
  * api-change:``forecast``: Adds ForecastDimensions field to the DescribeAutoPredictorResponse
  * api-change:``securityhub``: Added new resource details objects to ASFF, including resources for
    Firewall, and RuleGroup, FirewallPolicy Added additional details for AutoScalingGroup,
    LaunchConfiguration, and S3 buckets.
  * api-change:``location``: Making PricingPlan optional as part of create resource API.
  * api-change:``redshift``: This release adds API support for managed Redshift datashares. Customers
    can now interact with a Redshift datashare that is managed by a different service, such as AWS Data
    Exchange.
  * api-change:``apigateway``: Documentation updates for Amazon API Gateway
  * api-change:``devops-guru``: Adds Tags support to DescribeOrganizationResourceCollectionHealth
  * api-change:``imagebuilder``: This release adds support for importing and exporting VM Images as
    part of the Image Creation workflow via EC2 VM Import/Export.
  * api-change:``datasync``: AWS DataSync now supports FSx Lustre Locations.
  * api-change:``finspace-data``: Make dataset description optional and allow s3 export for dataviews
- Version update to 1.23.24
  * api-change:``secretsmanager``: Documentation updates for Secrets Manager
- from version 1.23.23
  * api-change:``lexv2-models``: Update lexv2-models client to latest version
  * api-change:``network-firewall``: This release adds support for managed rule groups.
  * api-change:``route53-recovery-control-config``: This release adds tagging supports to Route53
    Recovery Control Configuration. New APIs: TagResource, UntagResource and ListTagsForResource.
    Updates: add optional field `tags` to support tagging while calling CreateCluster,
    CreateControlPanel and CreateSafetyRule.
  * api-change:``ec2``: Adds waiters support for internet gateways.
  * api-change:``sms``: This release adds SMS discontinuation information to the API and CLI
    references.
  * api-change:``route53domains``: Amazon Route 53 domain registration APIs now support filtering and
    sorting in the ListDomains API, deleting a domain by using the DeleteDomain API and getting domain
    pricing information by using the ListPrices API.
  * api-change:``savingsplans``: Adds the ability to specify Savings Plans hourly commitments using
    five digits after the decimal point.
- from version 1.23.22
  * api-change:``lookoutvision``: This release adds new APIs for packaging an Amazon Lookout for
    Vision model as an AWS IoT Greengrass component.
  * api-change:``sagemaker``: This release added a new Ambarella device(amba_cv2) compilation support
    for Sagemaker Neo.
  * api-change:``comprehendmedical``: This release adds a new set of APIs (synchronous and batch) to
    support the SNOMED-CT ontology.
  * api-change:``health``: Documentation updates for AWS Health
  * api-change:``logs``: This release adds AWS Organizations support as condition key in destination
    policy for cross account Subscriptions in CloudWatch Logs.
  * api-change:``outposts``: This release adds the UpdateOutpost API.
  * api-change:``support``: Documentation updates for AWS Support.
  * api-change:``iot``: This release allows customer to enable caching of custom authorizer on HTTP
    protocol for clients that use persistent or Keep-Alive connection in order to reduce the number of
    Lambda invocations.
- from version 1.23.21
  * api-change:``location``: This release adds support for Accuracy position filtering, position
    metadata and autocomplete for addresses and points of interest based on partial or misspelled
    free-form text.
  * api-change:``appsync``: AWS AppSync now supports custom domain names, allowing you to associate a
    domain name that you own with an AppSync API in your account.
  * api-change:``route53``: Add PriorRequestNotComplete exception to UpdateHostedZoneComment API
- from version 1.23.20
  * api-change:``rekognition``: This release added new KnownGender types for Celebrity Recognition.
- from version 1.23.19
  * api-change:``ram``: This release adds the ability to use the new ResourceRegionScope parameter on
    List operations that return lists of resources or resource types. This new parameter filters the
    results by letting you differentiate between global or regional resource types.
  * api-change:``networkmanager``: This release adds API support for AWS Cloud WAN.
  * api-change:``amplifyuibuilder``: This release introduces the actions and data types for the new
    Amplify UI Builder API. The Amplify UI Builder API provides a programmatic interface for creating
    and configuring user interface (UI) component libraries and themes for use in Amplify applications.
- from version 1.23.18
  * api-change:``sagemaker``: This release enables - 1/ Inference endpoint configuration
    recommendations and ability to run custom load tests to meet performance needs. 2/ Deploy
    serverless inference endpoints. 3/ Query, filter and retrieve end-to-end ML lineage graph, and
    incorporate model quality/bias detection in ML workflow.
  * api-change:``kendra``: Experience Builder allows customers to build search applications without
    writing code. Analytics Dashboard provides quality and usability metrics for Kendra indexes. Custom
    Document Enrichment allows customers to build a custom ingestion pipeline to pre-process documents
    and generate metadata.
  * api-change:``directconnect``: Adds SiteLink support to private and transit virtual interfaces.
    SiteLink is a new Direct Connect feature that allows routing between Direct Connect points of
    presence.
  * api-change:``lexv2-models``: Update lexv2-models client to latest version
  * api-change:``ec2``: This release adds support for Amazon VPC IP Address Manager (IPAM), which
    enables you to plan, track, and monitor IP addresses for your workloads. This release also adds
    support for VPC Network Access Analyzer, which enables you to analyze network access to resources
    in your Virtual Private Clouds.
  * api-change:``shield``: This release adds API support for Automatic Application Layer DDoS
    Mitigation for AWS Shield Advanced. Customers can now enable automatic DDoS mitigation in count or
    block mode for layer 7 protected resources.
  * api-change:``sagemaker-runtime``: Update sagemaker-runtime client to latest version
  * api-change:``devops-guru``: DevOps Guru now provides detailed, database-specific analyses of
    performance issues and recommends corrective actions for Amazon Aurora database instances with
    Performance Insights turned on. You can also use AWS tags to choose which resources to analyze and
    define your applications.
  * api-change:``dynamodb``: Add support for Table Classes and introduce the Standard Infrequent
    Access table class.
- from version 1.23.17
  * api-change:``s3``: Introduce Amazon S3 Glacier Instant Retrieval storage class and a new setting
    in S3 Object Ownership to disable ACLs for bucket and the objects in it.
  * api-change:``backup-gateway``: Initial release of AWS Backup gateway which enables you to
    centralize and automate protection of on-premises VMware and VMware Cloud on AWS workloads using
    AWS Backup.
  * api-change:``iot``: Added the ability to enable/disable IoT Fleet Indexing for Device Defender
    and Named Shadow information, and search them through IoT Fleet Indexing APIs.
  * api-change:``ec2``: This release adds support for Is4gen and Im4gn instances. This release also
    adds a new subnet attribute, enableLniAtDeviceIndex, to support local network interfaces, which are
    logical networking components that connect an EC2 instance to your on-premises network.
  * api-change:``outposts``: This release adds the SupportedHardwareType parameter to CreateOutpost.
  * api-change:``storagegateway``: Added gateway type VTL_SNOW. Added new SNOWBALL HostEnvironment
    for gateways running on a Snowball device. Added new field HostEnvironmentId to serve as an
    identifier for the HostEnvironment on which the gateway is running.
  * api-change:``kinesis``: Amazon Kinesis Data Streams now supports on demand streams.
  * api-change:``glue``: Support for DataLake transactions
  * api-change:``accessanalyzer``: AWS IAM Access Analyzer now supports policy validation for
    resource policies attached to S3 buckets and access points. You can run additional policy checks by
    specifying the S3 resource type you want to attach to your resource policy.
  * api-change:``lakeformation``: This release adds support for row and cell-based access control in
    Lake Formation. It also adds support for Lake Formation Governed Tables, which support ACID
    transactions and automatic storage optimizations.
  * api-change:``kafka``: This release adds three new V2 APIs. CreateClusterV2 for creating both
    provisioned and serverless clusters. DescribeClusterV2 for getting information about provisioned
    and serverless clusters and ListClustersV2 for listing all clusters (both provisioned and
    serverless) in your account.
  * api-change:``redshift-data``: Data API now supports serverless queries.
  * api-change:``snowball``: Tapeball is to integrate tape gateway onto snowball, it enables customer
    to transfer local data on the tape to snowball,and then ingest the data into tape gateway on the
    cloud.
  * api-change:``workspaces-web``: This is the initial SDK release for Amazon WorkSpaces Web. Amazon
    WorkSpaces Web is a low-cost, fully managed WorkSpace built to deliver secure web-based workloads
    and software-as-a-service (SaaS) application access to users within existing web browsers.
  * api-change:``iottwinmaker``: AWS IoT TwinMaker makes it faster and easier to create, visualize
    and monitor digital twins of real-world systems like buildings, factories and industrial equipment
    to optimize operations. Learn more:
    https://docs.aws.amazon.com/iot-twinmaker/latest/apireference/Welcome.html (New Service) (Preview)
  * api-change:``fsx``: This release adds support for the FSx for OpenZFS file system type, FSx for
    Lustre file systems with the Persistent_2 deployment type, and FSx for Lustre file systems with
    Amazon S3 data repository associations and automatic export policies.
- from version 1.23.16
  * api-change:``s3``: Amazon S3 Event Notifications adds Amazon EventBridge as a destination and
    supports additional event types. The PutBucketNotificationConfiguration API can now skip validation
    of Amazon SQS, Amazon SNS and AWS Lambda destinations.
  * api-change:``wellarchitected``: This update provides support for Well-Architected API users to
    use custom lens features.
  * api-change:``rum``: This is the first public release of CloudWatch RUM
  * api-change:``rbin``: This release adds support for Recycle Bin.
  * api-change:``iotsitewise``: AWS IoT SiteWise now supports retention configuration for the hot
    tier storage.
  * api-change:``compute-optimizer``: Adds support for the enhanced infrastructure metrics paid
    feature. Also adds support for two new sets of resource efficiency metrics, including savings
    opportunity metrics and performance improvement opportunity metrics.
  * api-change:``ecr``: This release adds supports for pull through cache rules and enhanced scanning.
  * api-change:``evidently``: Introducing Amazon CloudWatch Evidently. This is the first public
    release of Amazon CloudWatch Evidently.
  * api-change:``inspector2``: This release adds support for the new Amazon Inspector API. The new
    Amazon Inspector can automatically discover and scan Amazon EC2 instances and Amazon ECR container
    images for software vulnerabilities and unintended network exposure, and report centralized
    findings across multiple AWS accounts.
  * api-change:``ssm``: Added two new attributes to DescribeInstanceInformation called SourceId and
    SourceType along with new string filters SourceIds and SourceTypes to filter instance records.
  * api-change:``ec2``: This release adds support for G5g and M6a instances. This release also adds
    support for Amazon EBS Snapshots Archive, a feature that enables you to archive your EBS snapshots;
    and Recycle Bin, a feature that enables you to protect your EBS snapshots against accidental
    deletion.
  * api-change:``dataexchange``: This release enables providers and subscribers to use Data Set, Job,
    and Asset operations to work with API assets from Amazon API Gateway. In addition, this release
    enables subscribers to use the SendApiAsset operation to invoke a provider's Amazon API Gateway API
    that they are entitled to.
- from version 1.23.15
  * api-change:``migration-hub-refactor-spaces``: This is the initial SDK release for AWS Migration
    Hub Refactor Spaces
  * api-change:``textract``: This release adds support for synchronously analyzing identity documents
    through a new API: AnalyzeID
  * api-change:``personalize-runtime``: This release adds inference support for Recommenders.
  * api-change:``personalize``: This release adds API support for Recommenders and BatchSegmentJobs.
- from version 1.23.14
  * api-change:``autoscaling``: Documentation updates for Amazon EC2 Auto Scaling.
  * api-change:``mgn``: Application Migration Service now supports an additional replication method
    that does not require agent installation on each source server. This option is available for source
    servers running on VMware vCenter versions 6.7 and 7.0.
  * api-change:``ec2``: Documentation updates for EC2.
  * api-change:``iotdeviceadvisor``: Documentation update for Device Advisor GetEndpoint API
  * api-change:``pinpoint``: Added a One-Time Password (OTP) management feature. You can use the
    Amazon Pinpoint API to generate OTP codes and send them to your users as SMS messages. Your apps
    can then call the API to verify the OTP codes that your users input
  * api-change:``outposts``: This release adds new APIs for working with Outpost sites and orders.
- from version 1.23.13
  * api-change:``timestream-query``: Releasing Amazon Timestream Scheduled Queries. It makes
    real-time analytics more performant and cost-effective for customers by calculating and storing
    frequently accessed aggregates, and other computations, typically used in operational dashboards,
    business reports, and other analytics applications
  * api-change:``elasticache``: Doc only update for ElastiCache
  * api-change:``proton``: This release adds APIs for getting the outputs and provisioned stacks for
    Environments, Pipelines, and ServiceInstances.  You can now add tags to
    EnvironmentAccountConnections.  It also adds APIs for working with PR-based provisioning.  Also, it
    adds APIs for syncing templates with a git repository.
  * api-change:``translate``: This release enables customers to use translation settings to mask
    profane words and phrases in their translation output.
  * api-change:``lambda``: Remove Lambda function url apis
  * api-change:``imagebuilder``: This release adds support for sharing AMIs with Organizations within
    an EC2 Image Builder Distribution Configuration.
  * api-change:``customer-profiles``: This release introduces a new auto-merging feature for profile
    matching. The auto-merging configurations can be set via CreateDomain API or UpdateDomain API. You
    can use GetIdentityResolutionJob API and ListIdentityResolutionJobs API to fetch job status.
  * api-change:``autoscaling``: Customers can now configure predictive scaling policies to
    proactively scale EC2 Auto Scaling groups based on any CloudWatch metrics that more accurately
    represent the load on the group than the four predefined metrics. They can also use math
    expressions to further customize the metrics.
  * api-change:``timestream-write``: This release adds support for multi-measure records and magnetic
    store writes. Multi-measure records allow customers to store multiple measures in a single table
    row. Magnetic store writes enable customers to write late arrival data (data with timestamp in the
    past) directly into the magnetic store.
  * api-change:``iotsitewise``: AWS IoT SiteWise now accepts data streams that aren't associated with
    any asset properties. You can organize data by updating data stream associations.
- from version 1.23.12
  * api-change:``redshift``: This release adds support for reserved node exchange with restore/resize
  * api-change:``elasticache``: Adding support for r6gd instances for Redis with data tiering. In a
    cluster with data tiering enabled, when available memory capacity is exhausted, the least recently
    used data is automatically tiered to solid state drives for cost-effective capacity scaling with
    minimal performance impact.
  * api-change:``opensearch``: This release adds an optional parameter dry-run for the
    UpdateDomainConfig API to perform basic validation checks, and detect the deployment type that will
    be required for the configuration change, without actually applying the change.
  * api-change:``backup``: This release adds new opt-in settings for advanced features for DynamoDB
    backups
  * api-change:``iot``: This release introduces a new feature, Managed Job Template, for AWS IoT Jobs
    Service. Customers can now use service provided managed job templates to easily create jobs for
    supported standard job actions.
  * api-change:``iotwireless``: Two new APIs, GetNetworkAnalyzerConfiguration and
    UpdateNetworkAnalyzerConfiguration, are added for the newly released Network Analyzer feature which
    enables customers to view real-time frame information and logs from LoRaWAN devices and gateways.
  * api-change:``workspaces``: Documentation updates for Amazon WorkSpaces
  * api-change:``s3``: Introduce two new Filters to S3 Lifecycle configurations -
    ObjectSizeGreaterThan and ObjectSizeLessThan. Introduce a new way to trigger actions on noncurrent
    versions by providing the number of newer noncurrent versions along with noncurrent days.
  * api-change:``elbv2``: Update elbv2 client to latest version
  * api-change:``macie2``: Documentation updates for Amazon Macie
  * api-change:``ec2``: This release adds a new parameter ipv6Native to the allow creation of
    IPv6-only subnets using the CreateSubnet operation, and the operation ModifySubnetAttribute
    includes new parameters to modify subnet attributes to use resource-based naming and enable DNS
    resolutions for Private DNS name.
  * api-change:``sqs``: Amazon SQS adds a new queue attribute, SqsManagedSseEnabled, which enables
    server-side queue encryption using SQS owned encryption keys.
  * api-change:``ecs``: Documentation update for ARM support on Amazon ECS.
  * api-change:``sts``: Documentation updates for AWS Security Token Service.
  * api-change:``finspace-data``: Update documentation for createChangeset API.
  * api-change:``dynamodb``: DynamoDB PartiQL now supports ReturnConsumedCapacity, which returns
    capacity units consumed by PartiQL APIs if the request specified returnConsumedCapacity parameter.
    PartiQL APIs include ExecuteStatement, BatchExecuteStatement, and ExecuteTransaction.
  * api-change:``lambda``: Release Lambda event source filtering for SQS, Kinesis Streams, and
    DynamoDB Streams.
  * api-change:``iotdeviceadvisor``: This release introduces a new feature for Device Advisor:
    ability to execute multiple test suites in parallel for given customer account. You can use
    GetEndpoint API to get the device-level test endpoint and call StartSuiteRun with
    "/parallelRun=true"/ to run suites in parallel.
  * api-change:``rds``: Adds support for Multi-AZ DB clusters for RDS for MySQL and RDS for
    PostgreSQL.
- from version 1.23.11
  * api-change:``connect``: This release adds support for UpdateContactFlowMetadata,
    DeleteContactFlow and module APIs. For details, see the Release Notes in the Amazon Connect
    Administrator Guide.
  * api-change:``dms``: Added new S3 endpoint settings to allow to convert the current UTC time into
    a specified time zone when a date partition folder is created. Using with 'DatePartitionedEnabled'.
  * api-change:``es``: This release adds an optional parameter dry-run for the
    UpdateElasticsearchDomainConfig API to perform basic validation checks, and detect the deployment
    type that will be required for the configuration change, without actually applying the change.
  * api-change:``ssm``: Adds new parameter to CreateActivation API . This parameter is for "/internal
    use only"/.
  * api-change:``chime-sdk-meetings``: Added new APIs for enabling Echo Reduction with Voice Focus.
  * api-change:``eks``: Adding missing exceptions to RegisterCluster operation
  * api-change:``quicksight``: Add support for Exasol data source, 1 click enterprise embedding and
    email customization.
  * api-change:``cloudformation``: This release include SDK changes for the feature launch of Stack
    Import to Service Managed StackSet.
  * api-change:``rds``: Adds local backup support to Amazon RDS on AWS Outposts.
  * api-change:``braket``: This release adds support for Amazon Braket Hybrid Jobs.
  * api-change:``s3control``: Added Amazon CloudWatch publishing option for S3 Storage Lens metrics.
  * api-change:``finspace-data``: Add new APIs for managing Datasets, Changesets, and Dataviews.
- from version 1.23.10
  * api-change:``lexv2-runtime``: Update lexv2-runtime client to latest version
  * api-change:``cloudformation``: The StackSets ManagedExecution feature will allow concurrency for
    non-conflicting StackSet operations and queuing the StackSet operations that conflict at a given
    time for later execution.
  * api-change:``redshift``: Added support of default IAM role for CreateCluster,
    RestoreFromClusterSnapshot and ModifyClusterIamRoles APIs
  * api-change:``lambda``: Add support for Lambda Function URLs. Customers can use Function URLs to
    create built-in HTTPS endpoints on their functions.
  * api-change:``appstream``: Includes APIs for managing resources for Elastic fleets: applications,
    app blocks, and application-fleet associations.
  * api-change:``medialive``: This release adds support for specifying a SCTE-35 PID on input.
    MediaLive now supports SCTE-35 PID selection on inputs containing one or more active SCTE-35 PIDs.
  * api-change:``batch``: Documentation updates for AWS Batch.
  * api-change:``application-insights``: Application Insights now supports monitoring for HANA
- from version 1.23.9
  * api-change:``ivs``: Add APIs for retrieving stream session information and support for filtering
    live streams by health.  For more information, see
    https://docs.aws.amazon.com/ivs/latest/userguide/stream-health.html
  * api-change:``lambda``: Added support for CLIENT_CERTIFICATE_TLS_AUTH and
    SERVER_ROOT_CA_CERTIFICATE as SourceAccessType for MSK and Kafka event source mappings.
  * api-change:``chime``: Adds new Transcribe API parameters to StartMeetingTranscription, including
    support for content identification and redaction (PII & PHI), partial results stabilization, and
    custom language models.
  * api-change:``chime-sdk-meetings``: Adds new Transcribe API parameters to
    StartMeetingTranscription, including support for content identification and redaction (PII & PHI),
    partial results stabilization, and custom language models.
  * api-change:``lexv2-models``: Update lexv2-models client to latest version
  * api-change:``cloudwatch``: Update cloudwatch client to latest version
  * api-change:``auditmanager``: This release introduces a new feature for Audit Manager: Dashboard
    views. You can now view insights data for your active assessments, and quickly identify
    non-compliant evidence that needs to be remediated.
  * api-change:``databrew``: This SDK release adds the following new features: 1) PII detection in
    profile jobs, 2) Data quality rules, enabling validation of data quality in profile jobs, 3) SQL
    query-based datasets for Amazon Redshift and Snowflake data sources, and 4) Connecting DataBrew
    datasets with Amazon AppFlow flows.
  * api-change:``redshift-data``: Rolling back Data API serverless features until dependencies are
    live.
  * api-change:``kafka``: Amazon MSK has added a new API that allows you to update the connectivity
    settings for an existing cluster to enable public accessibility.
  * api-change:``forecast``: NEW CreateExplanability API that helps you understand how attributes
    such as price, promotion, etc. contributes to your forecasted values; NEW CreateAutoPredictor API
    that trains up to 40% more accurate forecasting model, saves up to 50% of retraining time, and
    provides model level explainability.
  * api-change:``appconfig``: Add Type to support feature flag configuration profiles
- from version 1.23.8
  * api-change:``appconfigdata``: AWS AppConfig Data is a new service that allows you to retrieve
    configuration deployed by AWS AppConfig. See the AppConfig user guide for more details on getting
    started. https://docs.aws.amazon.com/appconfig/latest/userguide/what-is-appconfig.html
  * api-change:``drs``: Introducing AWS Elastic Disaster Recovery (AWS DRS), a new service that
    minimizes downtime and data loss with fast, reliable recovery of on-premises and cloud-based
    applications using affordable storage, minimal compute, and point-in-time recovery.
  * api-change:``apigateway``: Documentation updates for Amazon API Gateway.
  * api-change:``sns``: Amazon SNS introduces the PublishBatch API, which enables customers to
    publish up to 10 messages per API request. The new API is valid for Standard and FIFO topics.
  * api-change:``redshift-data``: Data API now supports serverless requests.
  * api-change:``amplifybackend``: New APIs to support the Amplify Storage category. Add and manage
    file storage in your Amplify app backend.
- from version 1.23.7
  * api-change:``location``: This release adds the support for Relevance, Distance, Time Zone,
    Language and Interpolated Address for Geocoding and Reverse Geocoding.
  * api-change:``cloudtrail``: CloudTrail Insights now supports ApiErrorRateInsight, which enables
    customers to identify unusual activity in their AWS account based on API error codes and their rate.
- from version 1.23.6
  * api-change:``migrationhubstrategy``: AWS SDK for Migration Hub Strategy Recommendations. It
    includes APIs to start the portfolio assessment, import portfolio data for assessment, and to
    retrieve recommendations. For more information, see the AWS Migration Hub documentation at
    https://docs.aws.amazon.com/migrationhub/index.html
  * api-change:``ec2``: Adds a new VPC Subnet attribute "/EnableDns64."/ When enabled on IPv6 Subnets,
    the Amazon-Provided DNS Resolver returns synthetic IPv6 addresses for IPv4-only destinations.
  * api-change:``wafv2``: Your options for logging web ACL traffic now include Amazon CloudWatch Logs
    log groups and Amazon S3 buckets.
  * api-change:``dms``: Add Settings in JSON format for the source GCP MySQL endpoint
  * api-change:``ssm``: Adds support for Session Reason and Max Session Duration for Systems Manager
    Session Manager.
  * api-change:``appstream``: This release includes support for images of AmazonLinux2 platform type.
  * api-change:``eks``: Adding Tags support to Cluster Registrations.
  * api-change:``transfer``: AWS Transfer Family now supports integrating a custom identity provider
    using AWS Lambda
- from version 1.23.5
  * api-change:``ec2``: C6i instances are powered by a third-generation Intel Xeon Scalable processor
    (Ice Lake) delivering all-core turbo frequency of 3.5 GHz. G5 instances feature up to 8 NVIDIA A10G
    Tensor Core GPUs and second generation AMD EPYC processors.
  * api-change:``ssm``: This Patch Manager release supports creating Patch Baselines for RaspberryPi
    OS (formerly Raspbian)
  * api-change:``devops-guru``: Add support for cross account APIs.
  * api-change:``connect``: This release adds APIs for creating and managing scheduled tasks.
    Additionally, adds APIs to describe and update a contact and list associated references.
  * api-change:``mediaconvert``: AWS Elemental MediaConvert SDK has added automatic modes for GOP
    configuration and added the ability to ingest screen recordings generated by Safari on MacOS 12
    Monterey.
- from version 1.23.4
  * api-change:``dynamodb``: Updated Help section for "/dynamodb update-contributor-insights"/ API
  * api-change:``ec2``: This release provides an additional route target for the VPC route table.
  * api-change:``translate``: This release enables customers to import Multi-Directional Custom
    Terminology and use Multi-Directional Custom Terminology in both real-time translation and
    asynchronous batch translation.
- from version 1.23.3
  * api-change:``backup``: AWS Backup SDK provides new options when scheduling backups: select
    supported services and resources that are assigned to a particular tag, linked to a combination of
    tags, or can be identified by a partial tag value, and exclude resources from their assignments.
  * api-change:``ecs``: This release adds support for container instance health.
  * api-change:``resiliencehub``: Initial release of AWS Resilience Hub, a managed service that
    enables you to define, validate, and track the resilience of your applications on AWS
- from version 1.23.2
  * api-change:``batch``: Adds support for scheduling policy APIs.
  * api-change:``health``: Documentation updates for AWS Health.
  * api-change:``greengrassv2``: This release adds support for Greengrass core devices running
    Windows. You can now specify name of a Windows user to run a component.
- from version 1.23.1
  * bugfix:urllib3: Fix NO_OP_TICKET import bug in older versions of urllib3
- from version 1.23.0
  * feature:EndpointResolver: Adding support for resolving modeled FIPS and Dualstack endpoints.
  * feature:``six``: Updated vendored version of ``six`` from 1.10.0 to 1.16.0
  * api-change:``sagemaker``: SageMaker CreateEndpoint and UpdateEndpoint APIs now support additional
    deployment configuration to manage traffic shifting options and automatic rollback monitoring.
    DescribeEndpoint now shows new in-progress deployment details with stage status.
  * api-change:``chime-sdk-meetings``: Updated format validation for ids and regions.
  * api-change:``wafv2``: You can now configure rules to run a CAPTCHA check against web requests
    and, as needed, send a CAPTCHA challenge to the client.
  * api-change:``ec2``: This release adds internal validation on the GatewayAssociationState field
- from version 1.22.12
  * api-change:``ec2``: DescribeInstances now returns customer-owned IP addresses for instances
    running on an AWS Outpost.
  * api-change:``translate``: This release enable customers to use their own KMS keys to encrypt
    output files when they submit a batch transform job.
  * api-change:``resourcegroupstaggingapi``: Documentation updates and improvements.
- from version 1.22.11
  * api-change:``chime-sdk-meetings``: The Amazon Chime SDK Meetings APIs allow software developers
    to create meetings and attendees for interactive audio, video, screen and content sharing in custom
    meeting applications which use the Amazon Chime SDK.
  * api-change:``sagemaker``: ListDevices and DescribeDevice now show Edge Manager agent version.
  * api-change:``connect``: This release adds CRUD operation support for Security profile resource in
    Amazon Connect
  * api-change:``iotwireless``: Adding APIs for the FUOTA (firmware update over the air) and
    multicast for LoRaWAN devices and APIs to support event notification opt-in feature for Sidewalk
    related events. A few existing APIs need to be modified for this new feature.
  * api-change:``ec2``: This release adds a new instance replacement strategy for EC2 Fleet, Spot
    Fleet. Now you can select an action to perform when your instance gets a rebalance notification.
    EC2 Fleet, Spot Fleet can launch a replacement then terminate the instance that received
    notification after a termination delay
- from version 1.22.10
  * api-change:``finspace``: Adds superuser and data-bundle parameters to CreateEnvironment API
  * api-change:``connectparticipant``: This release adds a new boolean attribute - Connect
    Participant - to the CreateParticipantConnection API, which can be used to mark the participant as
    connected.
  * api-change:``datasync``: AWS DataSync now supports Hadoop Distributed File System (HDFS) Locations
  * api-change:``macie2``: This release adds support for specifying the severity of findings that a
    custom data identifier produces, based on the number of occurrences of text that matches the
    detection criteria.
- from version 1.22.9
  * api-change:``cloudfront``: CloudFront now supports response headers policies to add HTTP headers
    to the responses that CloudFront sends to viewers. You can use these policies to add CORS headers,
    control browser caching, and more, without modifying your origin or writing any code.
  * api-change:``connect``: Amazon Connect Chat now supports real-time message streaming.
  * api-change:``nimble``: Amazon Nimble Studio adds support for users to stop and start streaming
    sessions.
- from version 1.22.8
  * api-change:``rekognition``: This Amazon Rekognition Custom Labels release introduces the
    management of datasets with  projects
  * api-change:``networkmanager``: This release adds API support to aggregate resources, routes, and
    telemetry data across a Global Network.
  * api-change:``lightsail``: This release adds support to enable access logging for buckets in the
    Lightsail object storage service.
  * api-change:``neptune``: Adds support for major version upgrades to ModifyDbCluster API
- from version 1.22.7
  * api-change:``transcribe``: Transcribe and Transcribe Call Analytics now support automatic
    language identification along with custom vocabulary, vocabulary filter, custom language model and
    PII redaction.
  * api-change:``application-insights``: Added Monitoring support for SQL Server Failover Cluster
    Instance. Additionally, added a new API to allow one-click monitoring of containers resources.
  * api-change:``rekognition``: This release added new attributes to Rekognition Video
    GetCelebrityRecognition API operations.
  * api-change:``connect``: Amazon Connect Chat now supports real-time message streaming.
  * api-change:``ec2``: Support added for AMI sharing with organizations and organizational units in
    ModifyImageAttribute API
- Version update to 1.22.6
  * api-change:``gamelift``: Added support for Arm-based AWS Graviton2 instances,
    such as M6g, C6g, and R6g.
  * api-change:``ecs``: Amazon ECS now supports running Fargate tasks on Windows
    Operating Systems Families which includes Windows Server 2019 Core and Windows
    Server 2019 Full.
  * api-change:``sagemaker``: This release adds support for RStudio on SageMaker.
  * api-change:``connectparticipant``: This release adds a new boolean attribute
  - Connect Participant - to the CreateParticipantConnection API, which can be
    used to mark the participant as connected.
  * api-change:``ec2``: Added new read-only DenyAllIGWTraffic network interface
    attribute. Added support for DL1 24xlarge instances powered by Habana Gaudi
    Accelerators for deep learning model training workloads
  * api-change:``ssm-incidents``: Updating documentation, adding new field to
    ConflictException to indicate earliest retry timestamp for some operations,
    increase maximum length of nextToken fields
- from version 1.22.5
  * api-change:``autoscaling``: This release adds support for attribute-based
    instance type selection, a new EC2 Auto Scaling feature that lets customers
    express their instance requirements as a set of attributes, such as vCPU,
    memory, and storage.
  * api-change:``ec2``: This release adds: attribute-based instance type selection
    for EC2 Fleet, Spot Fleet, a feature that lets customers express instance
    requirements as attributes like vCPU, memory, and storage; and Spot placement
    score, a feature that helps customers identify an optimal location to run
    Spot workloads.
  * api-change:``eks``: EKS managed node groups now support BOTTLEROCKET_x86_64
    and BOTTLEROCKET_ARM_64 AMI types.
  * api-change:``sagemaker``: This release allows customers to describe one or
    more versioned model packages through BatchDescribeModelPackage, update
    project via UpdateProject, modify and read customer metadata properties
    using Create, Update and Describe ModelPackage and enables cross account
    registration of model packages.
  * enhancement:Session: Added `get_partition_for_region` allowing partition
    lookup by region name.
  * api-change:``textract``: This release adds support for asynchronously analyzing
    invoice and receipt documents through two new APIs: StartExpenseAnalysis and
    GetExpenseAnalysis
- from version 1.22.4
  * api-change:``emr-containers``: This feature enables auto-generation of certificate
    to secure the managed-endpoint and removes the need for customer provided
    certificate-arn during managed-endpoint setup.
  * api-change:``chime-sdk-messaging``: The Amazon Chime SDK now supports push
    notifications through Amazon Pinpoint
  * api-change:``chime-sdk-identity``: The Amazon Chime SDK now supports push
    notifications through Amazon Pinpoint
- from version 1.22.3
  * api-change:``rds``: This release adds support for Amazon RDS Custom, which
    is a new RDS management type that gives you full access to your database
    and operating system.
    For more information, see https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-custom.html
  * api-change:``auditmanager``: This release introduces a new feature for Audit
    Manager: Custom framework sharing. You can now share your custom frameworks
    with another AWS account, or replicate them into another AWS Region under
    your own account.
  * api-change:``ec2``: This release adds support to create a VPN Connection
    that is not attached to a Gateway at the time of creation. Use this to
    create VPNs associated with Core Networks, or modify your VPN and attach
    a gateway using the modify API after creation.
  * api-change:``route53resolver``: New API for ResolverConfig, which allows
    autodefined rules for reverse DNS resolution to be disabled for a VPC
- from version 1.22.2
  * api-change:``quicksight``: Added QSearchBar option for GenerateEmbedUrlForRegisteredUser
    ExperienceConfiguration to support Q search bar embedding
  * api-change:``auditmanager``: This release introduces character restrictions for
    ControlSet names. We updated regex patterns for the following attributes:
    ControlSet, CreateAssessmentFrameworkControlSet, and UpdateAssessmentFrameworkControlSet.
  * api-change:``chime``: Chime VoiceConnector and VoiceConnectorGroup APIs
    will now return an ARN.
- from version 1.22.1
  * api-change:``connect``: Released Amazon Connect hours of operation API for
    general availability (GA). This API also supports AWS CloudFormation. For
    more information, see Amazon Connect Resource Type Reference in the AWS
    CloudFormation User Guide.
- from version 1.22.0
  * api-change:``appflow``: Feature to add support for  JSON-L format
    for S3 as a source.
  * api-change:``mediapackage-vod``: MediaPackage passes through digital
    video broadcasting (DVB) subtitles into the output.
  * api-change:``mediaconvert``: AWS Elemental MediaConvert SDK has added
    support for specifying caption time delta in milliseconds and the ability
    to apply color range legalization to source content other than AVC video.
  * api-change:``mediapackage``: When enabled, MediaPackage passes through
    digital video broadcasting (DVB) subtitles into the output.
  * api-change:``panorama``: General availability for AWS Panorama. AWS SDK
    for Panorama includes APIs to manage your devices and nodes, and deploy
    computer vision applications to the edge. For more information, see the
    AWS Panorama documentation at http://docs.aws.amazon.com/panorama
  * feature:Serialization: rest-json serialization defaults aligned across AWS SDKs
  * api-change:``directconnect``: This release adds 4 new APIS, which needs to be public able
  * api-change:``securityhub``: Added support for cross-Region finding aggregation,
    which replicates findings from linked Regions to a single aggregation Region.
    Added operations to view, enable, update, and delete the finding aggregation.
- from version 1.21.65
  * api-change:``dataexchange``: This release adds support for our public preview
    of AWS Data Exchange for Amazon Redshift. This enables data providers to list
    products including AWS Data Exchange datashares for Amazon Redshift, giving
    subscribers read-only access to provider data in Amazon Redshift.
  * api-change:``chime-sdk-messaging``: The Amazon Chime SDK now allows developers
    to execute business logic on in-flight messages before they are delivered to
    members of a messaging channel with channel flows.
- from version 1.21.64
  * api-change:``quicksight``: AWS QuickSight Service  Features - Add IP Restriction
    UI and public APIs support.
  * enchancement:AWSCRT: Upgrade awscrt extra to 0.12.5
  * api-change:``ivs``: Bug fix: remove unsupported maxResults and nextToken
    pagination parameters from ListTagsForResource
- from version 1.21.63
  * api-change:``efs``: Update efs client to latest version
  * api-change:``glue``: Enable S3 event base crawler API.
- from version 1.21.62
  * api-change:``elbv2``: Update elbv2 client to latest version
  * api-change:``autoscaling``: Amazon EC2 Auto Scaling now supports filtering
    describe Auto Scaling groups API using tags
  * api-change:``sagemaker``: This release updates the provisioning artifact ID
    to an optional parameter in CreateProject API. The provisioning artifact ID
    defaults to the latest provisioning artifact ID of the product if you don't
    provide one.
  * api-change:``robomaker``: Adding support to GPU simulation jobs as well
    as non-ROS simulation jobs.
- from version 1.21.61
  * api-change:``config``: Adding Config support for AWS::OpenSearch::Domain
  * api-change:``ec2``: This release adds support for additional VPC Flow Logs
    delivery options to S3, such as Apache Parquet formatted files, Hourly
    partitions and Hive-compatible S3 prefixes
  * api-change:``storagegateway``: Adding support for Audit Logs on NFS shares
    and Force Closing Files on SMB shares.
  * api-change:``workmail``: This release adds APIs for adding, removing and
    retrieving details of mail domains
  * api-change:``kinesisanalyticsv2``: Support for Apache Flink 1.13 in Kinesis
    Data Analytics. Changed the required status of some Update properties to better
    fit the corresponding Create properties.
- from version 1.21.60
  * api-change:``cloudsearch``: Adds an additional validation exception for
    Amazon CloudSearch configuration APIs for better error handling.
  * api-change:``ecs``: Documentation only update to address tickets.
  * api-change:``mediatailor``: MediaTailor now supports ad prefetching.
  * api-change:``ec2``: EncryptionSupport for InstanceStorageInfo added
    to DescribeInstanceTypes API
- from version 1.21.59
  * api-change:``elbv2``: Update elbv2 client to latest version
  * bugfix:Signing: SigV4QueryAuth and CrtSigV4QueryAuth now properly respect
    AWSRequest.params while signing boto/botocore (#2521)
  * api-change:``medialive``: This release adds support for Transport Stream
    files as an input type to MediaLive encoders.
  * api-change:``ec2``: Documentation update for Amazon EC2.
  * api-change:``frauddetector``: New model type: Transaction Fraud Insights,
    which is optimized for online transaction fraud. Stored Events, which allows
    customers to send and store data directly within Amazon Fraud Detector.
    Batch Import, which allows customers to upload a CSV file of historic
    event data for processing and storage
- from version 1.21.58
  * api-change:``lexv2-runtime``: Update lexv2-runtime client to latest version
  * api-change:``lexv2-models``: Update lexv2-models client to latest version
  * api-change:``secretsmanager``: Documentation updates for Secrets Manager
  * api-change:``securityhub``: Added new resource details objects to ASFF,
    including resources for WAF rate-based rules, EC2 VPC endpoints, ECR
    repositories, EKS clusters, X-Ray encryption, and OpenSearch domains.
    Added additional details for CloudFront distributions, CodeBuild projects,
    ELB V2 load balancers, and S3 buckets.
  * api-change:``mediaconvert``: AWS Elemental MediaConvert has added the ability
    to set account policies which control access restrictions for HTTP, HTTPS,
    and S3 content sources.
  * api-change:``ec2``: This release removes a requirement for filters on
    SearchLocalGatewayRoutes operations.
- from version 1.21.57
  * api-change:``kendra``: Amazon Kendra now supports indexing and querying
    documents in different languages.
  * api-change:``grafana``: Initial release of the SDK for Amazon Managed Grafana API.
  * api-change:``firehose``: Allow support for Amazon Opensearch Service(successor
    to Amazon Elasticsearch Service) as a Kinesis Data Firehose delivery destination.
  * api-change:``backup``: Launch of AWS Backup Vault Lock, which protects your
    backups from malicious and accidental actions, works with existing backup policies,
    and helps you meet compliance requirements.
  * api-change:``schemas``: Removing unused request/response objects.
  * api-change:``chime``: This release enables customers to configure Chime
    MediaCapturePipeline via API.
- from version 1.21.56
  * api-change:``sagemaker``: This release adds a new TrainingInputMode FastFile
    for SageMaker Training APIs.
  * api-change:``amplifybackend``: Adding a new field 'AmplifyFeatureFlags' to the
    response of the GetBackend operation. It will return a stringified version of
    the cli.json file for the given Amplify project.
  * api-change:``fsx``: This release adds support for Lustre 2.12 to FSx for Lustre.
  * api-change:``kendra``: Amazon Kendra now supports integration with AWS SSO
- from version 1.21.55
  * api-change:``workmail``: This release allows customers to change their inbound
    DMARC settings in Amazon WorkMail.
  * api-change:``location``: Add support for PositionFiltering.
  * api-change:``application-autoscaling``: With this release, Application Auto
    Scaling adds support for Amazon Neptune. Customers can now automatically add
    or remove Read Replicas of their Neptune clusters to keep the average CPU
    Utilization at the target value specified by the customers.
  * api-change:``ec2``: Released Capacity Reservation Fleet, a feature of Amazon
    EC2 Capacity Reservations, which provides a way to manage reserved capacity
    across instance types.
    For more information: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/cr-fleets.html
  * api-change:``glue``: This release adds tag as an input of CreateConnection
  * api-change:``backup``: AWS Backup Audit Manager framework report.
- Remove unnecessary dependencies from BuildRequires
- Skip integration tests as these require an internet connection
- Switch package to multibuild and split tests into separate package
- Switch tests from nose to pytest
- Version update to 1.21.54
  * api-change:``codebuild``: CodeBuild now allows you to select how batch
    build statuses are sent to the source provider for a project.
  * api-change:``efs``: Update efs client to latest version
  * api-change:``kms``: Added SDK examples for ConnectCustomKeyStore, CreateCustomKeyStore,
    CreateKey, DeleteCustomKeyStore, DescribeCustomKeyStores, DisconnectCustomKeyStore,
    GenerateDataKeyPair, GenerateDataKeyPairWithoutPlaintext, GetPublicKey, ReplicateKey,
    Sign, UpdateCustomKeyStore and Verify APIs
- from version 1.21.53
  * api-change:``synthetics``: CloudWatch Synthetics now enables customers to choose a customer
    managed AWS KMS key or an Amazon S3-managed key instead of an AWS managed key (default)
    for the encryption of artifacts that the canary stores in Amazon S3. CloudWatch Synthetics
    also supports artifact S3 location updation now.
  * api-change:``ssm``: When "/AutoApprovable"/ is true for a Change Template, then specifying
  - -auto-approve (boolean) in Start-Change-Request-Execution will create a change request
    that bypasses approver review. (except for change calendar restrictions)
  * api-change:``apprunner``: This release contains several minor bug fixes.
- from version 1.21.52
  * api-change:``network-firewall``: This release adds support for strict ordering for stateful
    rule groups. Using strict ordering, stateful rules are evaluated in the exact order in which
    you provide them.
  * api-change:``dataexchange``: This release enables subscribers to set up automatic exports of
    newly published revisions using the new EventAction API.
  * api-change:``workmail``: This release adds support for mobile device access overrides management
    in Amazon WorkMail.
  * api-change:``account``: This release of the Account Management API enables customers to manage
    the alternate contacts for their AWS accounts.
    For more information, see https://docs.aws.amazon.com/accounts/latest/reference/accounts-welcome.html
  * api-change:``workspaces``: Added CreateUpdatedWorkspaceImage API to update WorkSpace images with
    latest software and drivers. Updated DescribeWorkspaceImages API to display if there are updates
    available for WorkSpace images.
  * api-change:``cloudcontrol``: Initial release of the SDK for AWS Cloud Control API
  * api-change:``macie2``: Amazon S3 bucket metadata now indicates whether an error or a bucket's
    permissions settings prevented Amazon Macie from retrieving data about the bucket or the bucket's
    objects.
- from version 1.21.51
  * api-change:``lambda``: Adds support for Lambda functions powered by AWS Graviton2 processors.
    Customers can now select the CPU architecture for their functions.
  * api-change:``sesv2``: This release includes the ability to use 2048 bits RSA key pairs for DKIM
    in SES, either with Easy DKIM or Bring Your Own DKIM.
  * api-change:``amp``: This release adds alert manager and rule group namespace APIs
- from version 1.21.50
  * api-change:``transfer``: Added changes for managed workflows feature APIs.
  * api-change:``imagebuilder``: Fix description for AmiDistributionConfiguration Name property,
    which actually refers to the output AMI name. Also updated for consistent terminology to use
    "/base"/ image, and another update to fix description text.
- from version 1.21.49
  * api-change:``appintegrations``: The Amazon AppIntegrations service enables you to configure
    and reuse connections to external applications.
  * api-change:``wisdom``: Released Amazon Connect Wisdom, a feature of Amazon Connect, which provides
    real-time recommendations and search functionality in general availability (GA).
    For more information, see https://docs.aws.amazon.com/wisdom/latest/APIReference/Welcome.html.
  * api-change:``pinpoint``: Added support for journey with contact center activity
  * api-change:``voice-id``: Released the Amazon Voice ID SDK, for usage with the Amazon Connect
    Voice ID feature released for Amazon Connect.
  * api-change:``connect``: This release updates a set of APIs: CreateIntegrationAssociation,
    ListIntegrationAssociations, CreateUseCase, and StartOutboundVoiceContact. You can use it to
    create integrations with Amazon Pinpoint for the Amazon Connect Campaigns use case, Amazon
    Connect Voice ID, and Amazon Connect Wisdom.
  * api-change:``elbv2``: Update elbv2 client to latest version
- from version 1.21.48
  * api-change:``license-manager``: AWS License Manager now allows customers to get the LicenseArn
    in the Checkout API Response.
  * api-change:``ec2``: DescribeInstances now returns Platform Details, Usage Operation, and Usage
    Operation Update Time.
- from version 1.21.47
  * api-change:``mediaconvert``: This release adds style and positioning support for caption or
    subtitle burn-in from rich text sources such as TTML. This release also introduces configurable
    image-based trick play track generation.
  * api-change:``appsync``: Documented the new OpenSearchServiceDataSourceConfig data type. Added
    deprecation notes to the ElasticsearchDataSourceConfig data type.
  * api-change:``ssm``: Added cutoff behavior support for preventing new task invocations from
    starting when the maintenance window cutoff time is reached.
- from version 1.21.46
  * api-change:``imagebuilder``: This feature adds support for specifying GP3 volume throughput and
    configuring instance metadata options for instances launched by EC2 Image Builder.
  * api-change:``wafv2``: Added the regex match rule statement, for matching web requests against
    a single regular expression.
  * api-change:``mediatailor``: This release adds support to configure logs for playback configuration.
  * api-change:``lexv2-models``: Update lexv2-models client to latest version
  * api-change:``iam``: Added changes to OIDC API about not using port numbers in the URL.
  * api-change:``license-manager``: AWS License Manager now allows customers to change their Windows
    Server or SQL license types from Bring-Your-Own-License (BYOL) to License Included or vice-versa
    (using the customer's media).
  * api-change:``mediapackage-vod``: MediaPackage VOD will now return the current processing statuses
    of an asset's endpoints. The status can be QUEUED, PROCESSING, PLAYABLE, or FAILED.
- from version 1.21.45
  * api-change:``comprehend``: Amazon Comprehend now supports versioning of custom models, improved
    training with ONE_DOC_PER_FILE text documents for custom entity recognition, ability to provide
    specific test sets during training, and live migration to new model endpoints.
  * api-change:``iot``: This release adds support for verifying, viewing and filtering AWS IoT Device
    Defender detect violations with four verification states.
  * api-change:``ecr``: This release adds additional support for repository replication
  * api-change:``ec2``: This update adds support for downloading configuration templates using new
    APIs (GetVpnConnectionDeviceTypes and GetVpnConnectionDeviceSampleConfiguration) and Internet
    Key Exchange version 2 (IKEv2) parameters for many popular CGW devices.
- from version 1.21.44
  * api-change:``opensearch``: This release adds an optional parameter in the ListDomainNames API to
    filter domains based on the engine type (OpenSearch/Elasticsearch).
  * api-change:``es``: This release adds an optional parameter in the ListDomainNames API to filter
    domains based on the engine type (OpenSearch/Elasticsearch).
  * api-change:``dms``: Optional flag force-planned-failover added to reboot-replication-instance
    API call. This flag can be used to test a planned failover scenario used during some maintenance
    operations.
- from version 1.21.43
  * api-change:``kafkaconnect``: This is the initial SDK release for Amazon Managed Streaming for
    Apache Kafka Connect (MSK Connect).
  * api-change:``macie2``: This release adds support for specifying which managed data identifiers
    are used by a classification job, and retrieving a list of managed data identifiers that are
    available.
  * api-change:``robomaker``: Adding support to create container based Robot and Simulation
    applications by introducing an environment field
  * api-change:``s3``: Add support for access point arn filtering in S3 CW Request Metrics
  * api-change:``transcribe``: This release adds support for subtitling with Amazon
    Transcribe batch jobs.
  * api-change:``sagemaker``: Add API for users to retry a failed pipeline execution
    or resume a stopped one.
  * api-change:``pinpoint``: This SDK release adds a new feature for Pinpoint campaigns,
    in-app messaging.
- from version 1.21.42
  * api-change:``sagemaker``: This release adds support for "/Project Search"/
  * api-change:``ec2``: This release adds support for vt1 3xlarge, 6xlarge and 24xlarge instances
    powered by Xilinx Alveo U30 Media Accelerators for video transcoding workloads
  * api-change:``wafv2``: This release adds support for including rate based rules in a rule group.
  * api-change:``chime``: Adds support for SipHeaders parameter for CreateSipMediaApplicationCall.
  * api-change:``comprehend``: Amazon Comprehend now allows you to train and run PDF and Word
    documents for custom entity recognition. With PDF and Word formats, you can extract information
    from documents containing headers, lists and tables.
- from version 1.21.41
  * api-change:``iot``: AWS IoT Rules Engine adds OpenSearch action. The OpenSearch rule action
    lets you stream data from IoT sensors and applications to Amazon OpenSearch Service which
    is a successor to Amazon Elasticsearch Service.
  * api-change:``ec2``: Adds support for T3 instances on Amazon EC2 Dedicated Hosts.
  * enhancement:Tagged Unions: Introducing support for the `union` trait on structures in request
    and response objects.
- from version 1.21.40
  * api-change:``cloudformation``: Doc only update for CloudFormation that fixes several
    customer-reported issues.
  * api-change:``rds``: This release adds support for providing a custom timeout value for
    finding a scaling point during autoscaling in Aurora Serverless v1.
  * api-change:``ecr``: This release updates terminology around KMS keys.
  * api-change:``sagemaker``: This release adds support for "/Lifecycle Configurations"/ to
    SageMaker Studio
  * api-change:``transcribe``: This release adds an API option for startTranscriptionJob and
    startMedicalTranscriptionJob that allows the user to specify encryption context key value
    pairs for batch jobs.
  * api-change:``quicksight``: Add new data source type for Amazon OpenSearch
    (successor to Amazon ElasticSearch).
- from version 1.21.39
  * api-change:``emr``: Update emr client to latest version
  * api-change:``codeguru-reviewer``: The Amazon CodeGuru Reviewer API now includes the
    RuleMetadata data object and a Severity attribute on a RecommendationSummary object.
    A RuleMetadata object contains information about a rule that generates a recommendation.
    Severity indicates how severe the issue associated with a recommendation is.
  * api-change:``lookoutequipment``: Added OffCondition parameter to CreateModel API
- from version 1.21.38
  * api-change:``opensearch``: Updated Configuration APIs for Amazon OpenSearch Service
    (successor to Amazon Elasticsearch Service)
  * api-change:``ram``: A minor text-only update that fixes several customer issues.
  * api-change:``kafka``: Amazon MSK has added a new API that allows you to update the
    encrypting and authentication settings for an existing cluster.
- from version 1.21.37
  * api-change:``elasticache``: Doc only update for ElastiCache
  * api-change:``amp``: This release adds tagging support for Amazon Managed Service
    for Prometheus workspace.
  * api-change:``forecast``: Predictor creation now supports selecting an accuracy metric
    to optimize in AutoML and hyperparameter optimization. This release adds additional
    accuracy metrics for predictors - AverageWeightedQuantileLoss, MAPE and MASE.
  * api-change:``xray``: Updated references to AWS KMS keys and customer managed
    keys to reflect current terminology.
  * api-change:``ssm-contacts``: Added SDK examples for SSM-Contacts.
  * api-change:``mediapackage``: SPEKE v2 support for live CMAF packaging type. SPEKE v2
    is an upgrade to the existing SPEKE API to support multiple encryption keys, it supports
    live DASH currently.
  * api-change:``eks``: Adding RegisterCluster and DeregisterCluster operations, to support
    connecting external clusters to EKS.
- from version 1.21.36
  * api-change:``chime-sdk-identity``: Documentation updates for Chime
  * api-change:``chime-sdk-messaging``: Documentation updates for Chime
  * api-change:``outposts``: This release adds a new API CreateOrder.
  * api-change:``frauddetector``: Enhanced GetEventPrediction API response to include
    risk scores from imported SageMaker models
  * api-change:``codeguru-reviewer``: Added support for CodeInconsistencies detectors
- from version 1.21.35
  * api-change:``acm-pca``: Private Certificate Authority Service now allows customers
    to enable an online certificate status protocol (OCSP) responder service on their
    private certificate authorities. Customers can also optionally configure a custom
    CNAME for their OCSP responder.
  * api-change:``s3control``: S3 Multi-Region Access Points provide a single global
    endpoint to access a data set that spans multiple S3 buckets in different AWS Regions.
  * api-change:``accessanalyzer``: Updates service API, documentation, and paginators to
    support multi-region access points from Amazon S3.
  * api-change:``schemas``: This update include the support for Schema Discoverer to
    discover the events sent to the bus from another account. The feature will be enabled
    by default when discoverer is created or updated but can also be opt-in or opt-out
    by specifying the value for crossAccount.
  * api-change:``securityhub``: New ASFF Resources: AwsAutoScalingLaunchConfiguration,
    AwsEc2VpnConnection, AwsEcrContainerImage. Added KeyRotationStatus to AwsKmsKey.
    Added AccessControlList, BucketLoggingConfiguration,BucketNotificationConfiguration
    and BucketNotificationConfiguration to AwsS3Bucket.
  * enhancement:s3: Added support for S3 Multi-Region Access Points
  * api-change:``efs``: Update efs client to latest version
  * api-change:``transfer``: AWS Transfer Family introduces Managed Workflows for creating,
    executing, monitoring, and standardizing post file transfer processing
  * api-change:``ebs``: Documentation updates for Amazon EBS direct APIs.
  * api-change:``quicksight``: This release adds support for referencing parent
    datasets as sources in a child dataset.
  * api-change:``fsx``: Announcing Amazon FSx for NetApp ONTAP, a new service that provides
    fully managed shared storage in the AWS Cloud with the data access and management
    capabilities of ONTAP.
  * enhancement:Signers: Added support for Sigv4a Signing Algorithm
  * api-change:``lex-models``: Lex now supports Korean (ko-KR) locale.
- from version 1.21.34
  * api-change:``ec2``: Added LaunchTemplate support for the IMDS IPv6 endpoint
  * api-change:``cloudtrail``: Documentation updates for CloudTrail
  * api-change:``mediatailor``: This release adds support for wall clock
    programs in LINEAR channels.
  * api-change:``config``: Documentation updates for config
  * api-change:``servicecatalog-appregistry``: Introduction of GetAssociatedResource
    API and GetApplication response extension for Resource Groups support.
- Version update to 1.21.33
  * api-change:iot: Added Create/Update/Delete/Describe/List APIs for a new
    IoT resource named FleetMetric. Added a new Fleet Indexing query API named
    GetBucketsAggregation. Added a new field named DisconnectedReason in Fleet
    Indexing query response. Updated their related documentations.
  * api-change:polly: Amazon Polly adds new South African English voice -
    Ayanda. Ayanda is available as Neural voice only.
  * api-change:compute-optimizer: Documentation updates for Compute Optimizer
  * api-change:sqs: Amazon SQS adds a new queue attribute, RedriveAllowPolicy,
    which includes the dead-letter queue redrive permission parameters. It defines
    which source queues can specify dead-letter queues as a JSON object.
  * api-change:memorydb: Documentation updates for MemoryDB
- from version 1.21.32
  * api-change:codebuild: Documentation updates for CodeBuild
  * api-change:firehose: This release adds the Dynamic Partitioning feature to
    Kinesis Data Firehose service for S3 destinations.
  * api-change:kms: This release has changes to KMS nomenclature to remove the
    word master from both the "/Customer master key"/ and "/CMK"/ abbreviation and
    replace those naming conventions with "/KMS key"/.
  * api-change:cloudformation: AWS CloudFormation allows you to iteratively
    develop your applications when failures are encountered without rolling back
    successfully provisioned resources. By specifying stack failure options, you
    can troubleshoot resources in a CREATE_FAILED or UPDATE_FAILED status.
- from version 1.21.31
  * api-change:s3: Documentation updates for Amazon S3.
  * api-change:emr: Update emr client to latest version
  * api-change:ec2: This release adds the BootMode flag to the ImportImage API
    and showing the detected BootMode of an ImportImage task.
- from version 1.21.30
  * api-change:transcribe: This release adds support for batch transcription
    in six new languages - Afrikaans, Danish, Mandarin Chinese (Taiwan), New
    Zealand English, South African English, and Thai.
  * api-change:rekognition: This release added new attributes to Rekognition
    RecognizeCelebities and GetCelebrityInfo API operations.
  * api-change:ec2: Support added for resizing VPC prefix lists
  * api-change:compute-optimizer: Adds support for 1) the AWS Graviton
    (AWS_ARM64) recommendation preference for Amazon EC2 instance and Auto Scaling
    group recommendations, and 2) the ability to get the enrollment statuses for
    all member accounts of an organization.
- from version 1.21.29
  * api-change:fms: AWS Firewall Manager now supports triggering resource
    cleanup workflow when account or resource goes out of policy scope for AWS WAF,
    Security group, AWS Network Firewall, and Amazon Route 53 Resolver DNS Firewall
    policies.
  * api-change:ec2: Support added for IMDS IPv6 endpoint
  * api-change:datasync: Added include filters to CreateTask and UpdateTask,
    and added exclude filters to StartTaskExecution, giving customers more granular
    control over how DataSync transfers files, folders, and objects.  *
    api-change:events: AWS CWEvents adds an enum of EXTERNAL for EcsParameters
    LaunchType for PutTargets API
- from version 1.21.28
  * api-change:mediaconvert: AWS Elemental MediaConvert SDK has added MBAFF
    encoding support for AVC video and the ability to pass encryption context from
    the job settings to S3.
  * api-change:polly: Amazon Polly adds new New Zealand English voice - Aria.
    Aria is available as Neural voice only.  * api-change:transcribe: This release
    adds support for feature tagging with Amazon Transcribe batch jobs.
  * api-change:ssm: Updated Parameter Store property for logging improvements.
  * api-change:iot-data: Updated Publish with support for new Retain flag and
    added two new API operations: GetRetainedMessage, ListRetainedMessages.
- from version 1.21.27
  * api-change:dms: Amazon AWS DMS service now support Redis target endpoint
    migration. Now S3 endpoint setting is capable to setup features which are used
    to be configurable only in extract connection attributes.
  * api-change:frauddetector: Updated an element of the DescribeModelVersion
    API response (LogitMetrics -> logOddsMetrics) for clarity. Added new exceptions
    to several APIs to protect against unlikely scenarios.
  * api-change:iotsitewise: Documentation updates for AWS IoT SiteWise
  * api-change:dlm: Added AMI deprecation support for Amazon Data Lifecycle
    Manager EBS-backed AMI policies.
  * api-change:glue: Add support for Custom Blueprints
  * api-change:apigateway: Adding some of the pending releases (1) Adding WAF
    Filter to GatewayResponseType enum (2) Ensuring consistent error model for all
    operations (3) Add missing BRE to GetVpcLink operation
  * api-change:backup: AWS Backup - Features: Evaluate your backup activity
    and generate audit reports.
- from version 1.21.26
  * api-change:eks: Adds support for EKS add-ons "/preserve"/ flag, which allows
    customers to maintain software on their EKS clusters after removing it from EKS
    add-ons management.
  * api-change:comprehend: Add tagging support for Comprehend async inference job.
  * api-change:robomaker: Documentation updates for RoboMaker
  * api-change:ec2: encryptionInTransitSupported added to DescribeInstanceTypes API
- from version 1.21.25
  * api-change:ec2: The ImportImage API now supports the ability to create
    AMIs with AWS-managed licenses for Microsoft SQL Server for both Windows and
    Linux.
  * api-change:memorydb: AWS MemoryDB SDK now supports all APIs for newly launched MemoryDB service.
  * api-change:application-autoscaling: This release extends Application Auto
    Scaling support for replication group of Amazon ElastiCache Redis clusters.
    Auto Scaling monitors and automatically expands node group count and number of
    replicas per node group when a critical usage threshold is met or according to
    customer-defined schedule.
  * api-change:appflow: This release adds support for SAPOData connector and
    extends Veeva connector for document extraction.
- from version 1.21.24
  * api-change:codebuild: CodeBuild now allows you to make the build results
    for your build projects available to the public without requiring access to an
    AWS account.
  * api-change:route53: Documentation updates for route53
  * api-change:sagemaker-runtime: Update sagemaker-runtime client to latest version
  * api-change:route53resolver: Documentation updates for Route 53 Resolver
  * api-change:sagemaker: Amazon SageMaker now supports Asynchronous Inference
    endpoints. Adds PlatformIdentifier field that allows Notebook Instance creation
    with different platform selections. Increases the maximum number of containers
    in multi-container endpoints to 15. Adds more instance types to InstanceType
    field.
- from version 1.21.23
  * api-change:cloud9: Added DryRun parameter to CreateEnvironmentEC2 API.
    Added ManagedCredentialsActions parameter to UpdateEnvironment API
  * api-change:ec2: This release adds support for EC2 ED25519 key pairs for authentication
  * api-change:clouddirectory: Documentation updates for clouddirectory
  * api-change:ce: This release is a new feature for Cost Categories: Split
    charge rules. Split charge rules enable you to allocate shared costs between
    your cost category values.
  * api-change:logs: Documentation-only update for CloudWatch Logs
- from version 1.21.22
  * api-change:iotsitewise: AWS IoT SiteWise added query window for the
    interpolation interval. AWS IoT SiteWise computes each interpolated value by
    using data points from the timestamp of each interval minus the window to the
    timestamp of each interval plus the window.
  * api-change:s3: Documentation updates for Amazon S3
  * api-change:codebuild: CodeBuild now allows you to select how batch build
    statuses are sent to the source provider for a project.
  * api-change:ds: This release adds support for describing client authentication settings.
  * api-change:config: Update ResourceType enum with values for Backup Plan,
    Selection, Vault, RecoveryPoint; ECS Cluster, Service, TaskDefinition; EFS
    AccessPoint, FileSystem; EKS Cluster; ECR Repository resources
  * api-change:license-manager: AWS License Manager now allows end users to
    call CheckoutLicense API using new CheckoutType PERPETUAL. Perpetual checkouts
    allow sellers to check out a quantity of entitlements to be drawn down for
    consumption.
- from version 1.21.21
  * api-change:quicksight: Documentation updates for QuickSight.
  * api-change:emr: Update emr client to latest version
  * api-change:customer-profiles: This release introduces Standard Profile
    Objects, namely Asset and Case which contain values populated by data from
    third party systems and belong to a specific profile. This release adds an
    optional parameter, ObjectFilter to the ListProfileObjects API in order to
    search for these Standard Objects.
  * api-change:elasticache: This release adds ReplicationGroupCreateTime field
    to ReplicationGroup which indicates the UTC time when ElastiCache
    ReplicationGroup is created
- from version 1.21.20
  * api-change:sagemaker: Amazon SageMaker Autopilot adds new metrics for all
    candidate models generated by Autopilot experiments.
  * api-change:apigatewayv2: Adding support for ACM imported or private CA
    certificates for mTLS enabled domain names
  * api-change:apigateway: Adding support for ACM imported or private CA
    certificates for mTLS enabled domain names
  * api-change:databrew: This SDK release adds support for the output of a
    recipe job results to Tableau Hyper format.
  * api-change:lambda: Lambda Python 3.9 runtime launch
- from version 1.21.19
  * api-change:snow-device-management: AWS Snow Family customers can remotely
    monitor and operate their connected AWS Snowcone devices.
  * api-change:ecs: Documentation updates for ECS.
  * api-change:nimble: Add new attribute 'ownedBy' in Streaming Session APIs.
    'ownedBy' represents the AWS SSO Identity Store User ID of the owner of the
    Streaming Session resource.
  * api-change:codebuild: CodeBuild now allows you to make the build results
    for your build projects available to the public without requiring access to an
    AWS account.
  * api-change:ebs: Documentation updates for Amazon EBS direct APIs.
  * api-change:route53: Documentation updates for route53
- from version 1.21.18
  * api-change:chime: Add support for "/auto"/ in Region field of StartMeetingTranscription API request.
  * enchancement:Client: Improve client performance by caching _alias_event_name on EventAliaser
- from version 1.21.17
  * api-change:wafv2: This release adds APIs to support versioning
    feature of AWS WAF Managed rule groups
  * api-change:rekognition: This release adds support for four new types of
    segments (opening credits, content segments, slates, and studio logos),
    improved accuracy for credits and shot detection and new filters to control
    black frame detection.
  * api-change:ssm: Documentation updates for AWS Systems Manager.
  - from version 1.21.16
  * api-change:synthetics: Documentation updates for Visual Monitoring feature
    and other doc ticket fixes.
  * api-change:chime-sdk-identity: The Amazon Chime SDK Identity APIs allow
    software developers to create and manage unique instances of their messaging
    applications.
  * api-change:chime-sdk-messaging: The Amazon Chime SDK Messaging APIs allow
    software developers to send and receive messages in custom messaging
    applications.
  * api-change:connect: This release adds support for agent status and hours
    of operation. For details, see the Release Notes in the Amazon Connect
    Administrator Guide.
  * api-change:lightsail: This release adds support to track when a bucket
    access key was last used.
  * api-change:athena: Documentation updates for Athena.
- from version 1.21.15
  * api-change:lexv2-models: Update lexv2-models client to latest version
  * api-change:autoscaling: EC2 Auto Scaling adds configuration checks and
    Launch Template validation to Instance Refresh.
- from version 1.21.14
  * api-change:rds: This release adds AutomaticRestartTime to the
    DescribeDBInstances and DescribeDBClusters operations. AutomaticRestartTime
    indicates the time when a stopped DB instance or DB cluster is restarted
    automatically.
  * api-change:imagebuilder: Updated list actions to include a list of valid
    filters that can be used in the request.
  * api-change:transcribe: This release adds support for call analytics
    (batch) within Amazon Transcribe.
  * api-change:events: Update events client to latest version
  * api-change:ssm-incidents: Documentation updates for Incident Manager.
- from version 1.21.13
  * api-change:redshift: API support for Redshift Data Sharing feature.
  * api-change:iotsitewise: My AWS Service (placeholder) - This release
    introduces custom Intervals and offset for tumbling window in metric for AWS
    IoT SiteWise.
  * api-change:glue: Add ConcurrentModificationException to create-table,
    delete-table, create-database, update-database, delete-database
  * api-change:mediaconvert: AWS Elemental MediaConvert SDK has added control
    over the passthrough of XDS captions metadata to outputs.
  * api-change:proton: Docs only add idempotent create apis
- from version 1.21.12
  * api-change:ssm-contacts: Added new attribute in AcceptCode API.
    AcceptCodeValidation takes in two values - ENFORCE, IGNORE. ENFORCE forces
    validation of accept code and IGNORE ignores it which is also the default
    behavior; Corrected TagKeyList length from 200 to 50
  * api-change:greengrassv2: This release adds support for component system
    resource limits and idempotent Create operations. You can now specify the
    maximum amount of CPU and memory resources that each component can use.
- from version 1.21.11
  * api-change:appsync: AWS AppSync now supports a new authorization mode
    allowing you to define your own authorization logic using an AWS Lambda
    function.
  * api-change:elbv2: Update elbv2 client to latest version
  * api-change:secretsmanager: Add support for KmsKeyIds in the
    ListSecretVersionIds API response
  * api-change:sagemaker: API changes with respect to Lambda steps in model
    building pipelines. Adds several waiters to async Sagemaker Image APIs. Add
    more instance types to AppInstanceType field
- from version 1.21.10
  * api-change:savingsplans: Documentation update for valid Savings Plans offering ID pattern
  * api-change:ec2: This release adds support for G4ad xlarge and 2xlarge
    instances powered by AMD Radeon Pro V520 GPUs and AMD 2nd Generation EPYC
    processors
  * api-change:chime: Adds support for live transcription of meetings with
    Amazon Transcribe and Amazon Transcribe Medical. The new APIs,
    StartMeetingTranscription and StopMeetingTranscription, control the generation
    of user-attributed transcriptions sent to meeting clients via Amazon Chime SDK
    data messages.
  * api-change:iotsitewise: Added support for AWS IoT SiteWise Edge. You can
    now create an AWS IoT SiteWise gateway that runs on AWS IoT Greengrass V2. With
    the gateway, you can collect local server and equipment data, process the data,
    and export the selected data from the edge to the AWS Cloud.
  * api-change:iot: Increase maximum credential duration of role alias to 12 hours.
- from version 1.21.9
  * api-change:sso-admin: Documentation updates for
    arn:aws:trebuchet:::service:v1:03a2216d-1cda-4696-9ece-1387cb6f6952
  * api-change:cloudformation: SDK update to support Importing existing Stacks
    to new/existing Self Managed StackSet - Stack Import feature.
- from version 1.21.8
  * api-change:route53: This release adds support for the RECOVERY_CONTROL
    health check type to be used in conjunction with Route53 Application Recovery
    Controller.
  * api-change:iotwireless: Add SidewalkManufacturingSn as an identifier to
    allow Customer to query WirelessDevice, in the response, AmazonId is added in
    the case that Sidewalk device is return.
  * api-change:route53-recovery-control-config: Amazon Route 53 Application
    Recovery Controller's routing control - Routing Control Configuration APIs help
    you create and delete clusters, control panels, routing controls and safety
    rules. State changes (On/Off) of routing controls are not part of configuration
    APIs.
  * api-change:route53-recovery-readiness: Amazon Route 53 Application
    Recovery Controller's readiness check capability continually monitors resource
    quotas, capacity, and network routing policies to ensure that the recovery
    environment is scaled and configured to take over when needed.
  * api-change:quicksight: Add support to use row-level security with tags
    when embedding dashboards for users not provisioned in QuickSight
  * api-change:iotanalytics: IoT Analytics now supports creating a dataset
    resource with IoT SiteWise MultiLayerStorage data stores, enabling customers to
    query industrial data within the service. This release includes adding JOIN
    functionality for customers to query multiple data sources in a dataset.
  * api-change:shield: Change name of DDoS Response Team (DRT) to Shield Response Team (SRT)
  * api-change:lexv2-models: Update lexv2-models client to latest version
  * api-change:redshift-data: Added structures to support new Data API
    operation BatchExecuteStatement, used to execute multiple SQL statements within
    a single transaction.
  * api-change:route53-recovery-cluster: Amazon Route 53 Application Recovery
    Controller's routing control - Routing Control Data Plane APIs help you update
    the state (On/Off) of the routing controls to reroute traffic across
    application replicas in a 100% available manner.
  * api-change:batch: Add support for ListJob filters
python-dmidecode
- Fixed memory Type Detail map size (bsc#1194351)
- Use update-alternatives mechanism instead of shared subpackage.
- Realign the spec file for python singlespec
- Added:
  * fix-memory-Type-Detail-map-size.patch
  * 31-version_info-v-version.patch
- fix segfault in dmi_set_vendor (bnc#823328)
- fix dmi_decode assertion during client registration
  (bnc#720885)
- fix Segfault when decoding DMI data in dmi_processor_id()
  (bnc#713982)
python-gobject
- Update to version 3.42.2:
  * Error out instead of crashing when marshaling unsupported
    fundamental types in some cases :mr:`180`
  * Add a workaround for a PyPy 3.9+ bug when threads are used
    :mr:`200`
  * Fix crashes when marshaling zero terminated arrays for certain
    item types :mr:`191`
  * Fix a crash/refcounting error in case marshaling a hash table
    fails :mr:`191`
  * Make the test suite pass again with PyPy :mr:`191`
  * tests: support running tests with (MSVC) CPython 3.8+ on
    Windows :mr:`206`
  * interface: Fix leak when overriding GInterfaceInfo :mr:`204`
  * setup.py: look up pycairo headers without importing the module
    (helps with building on Windows and MSVC CPython 3.8+)
    :mr:`205`
- Add dependency on python-cairo to python-gobject-cairo: The
  introspection wrapper needs the actual pycairo underneath
  (boo#1179584).
- Update to version 3.42.1:
  + Do not error out for unknown scopes.
  + gtk overrides: restore Gtk.ListStore.insert_with_valuesv with
    newer GTK4.
  + gtk overrides: Do not override Treeview.enable_model_drag_xx
    for GTK4.
  + Implement DynamicImporter.find_spec() to silence deprecation
    warning.
  + Some test/CI fixes.
python-hwdata
- Declare the LICENSE file as license and not doc
python-lxml
- add CVE-2022-2309.patch (bsc#1201253, CVE-2022-2309)
python-msgpack
- Loose the filelist for the package info to avoid FTBFS on
  SLE-15-SP5 (bsc#1203743).
python-paramiko
- Add rsa-key-loading-fix.patch (bsc#1205132) fixing loading RSA
  key.
- update to 2.4.3
  * Fix Ed25519 key handling so certain key comment lengths don't cause
    SSHException("/Invalid key"/) (bsc#1200603)
  * Add support for the modern (as of Python 3.3) import location of
    MutableMapping (used in host key management) to avoid the old location
    becoming deprecated in Python 3.8.
- refresh add-support-for-new-OpenSSH-private-key-format.patch
- refresh paramiko-test_extend_timeout.patch
- refresh support-cryptography-25-and-above.patch
  * Fix exploit (CVE-2018-1000805) in Paramiko's server mode (not client mode)
    (bsc#1111151)
python-psutil
- Add patch mem-used-bsc1181475.patch (bsc#1181475)
  * Adopt change of used memory calculation from upstream of procps
python-py
- Update in SLE-15 (bsc#1195916, bsc#1196696, jsc#PM-3356, jsc#SLE-23972)
- Drop CVE-2020-29651.patch, issue fixed upstream in 1.10.0
- Update to 1.10.0
  * Fix a regular expression DoS vulnerability in the py.path.svnwc
    SVN blame functionality (CVE-2020-29651)
- Devendor apipkg and iniconfig
- Add pr_222.patch to activate test suite
- Update to 1.9.0
  * Add type annotation stubs
python-pyOpenSSL
- Add check_inv_ALPN_lists.patch checks for invalid ALPN lists
  before calling OpenSSL (gh#pyca/pyopenssl#1056).
- update to 21.0.0 (bsc#1200771, jsc#SLE-24519):
  - The minimum ``cryptography`` version is now 3.3.
  - Drop support for Python 3.5
  - Raise an error when an invalid ALPN value is set.
  - Added ``OpenSSL.SSL.Context.set_min_proto_version`` and ``OpenSSL.SSL.Context.set_max_proto_version``
  - Updated ``to_cryptography`` and ``from_cryptography`` methods to support an
    upcoming release of ``cryptography`` without raising deprecation warnings.
python-pytz
- update to 2022.1
  * matches tzdata 2022a
  * declare python 3.10 compatibility
- update to 2021.3
  * matches tzdata 2021c
python-rpm-macros
- Update to version 20220809.cf8a7b8 (bsc#1201041):
  * Pass `--ignore-installed` to `pip install` in %pyproject_install
- Update to version 20220725.2ae32d5:
  * restore end-of-line in alternative scriptlets
- Update to version 20220721.0a061eb:
  * make python_flavored_alternatives less verbose
  * Move install of libalts from sciptlets to python_clone -a -- close gh#openSUSE/python-rpm-macros#133
  * hard-code %py_ver -- fix gh#openSUSE/python-rpm-macros#131
  * fix gh#openSUSE/python-rpm-macros#130 print proper error on missing python interpreter
- Update to version 20220618.1ed0055:
  * Update compile-macros.sh
- Update to version 20220610.6dc4cb8:
  * create python_flavored_alternatives and use for testing
- Update to version 20220505.4ab53ec:
  * Switch primary_interpreter from python38 to python310
  * Avoid bashism in %()
  * fix flavor executable substitution
  * Keep python38 as primary python3
  * Add python310 to the buildset
  * Move python39 to the primary place in %pythons
  * Disable python36 flavor in Factory buildset
  * Add python310 flavor macros to compile set
  * no newline after python_install_alternative
python-rsa
- Add cve_2020-25658.patch (CVE-2020-25658 bsc#1178676)
  + Reduce timing sensitivity on devryption for false ciphers
python-urlgrabber
- Incorporate latest changes for the fix of wrong logic on find_proxy
  method causing proxy not being used (bsc#1201788)
- Updated:
  * fix_find_proxy_logic_and_drop_six.patch
- Avoid crashing when setting URLGRABBER_DEBUG=1 environment variable
- Added:
  * avoid_crashing_when_urlgrabber_debug_enabled.patch
- Fix wrong logic on find_proxy method causing proxy not being used
- Added:
  * fix_find_proxy_logic_and_drop_six.patch
python3
- Add bsc1188607-pythreadstate_clear-decref.patch to fix crash in
  the garbage collection (bsc#1188607).
- Add CVE-2022-37454-sha3-buffer-overflow.patch to fix
  bsc#1204577 (CVE-2022-37454, gh#python/cpython#98517) buffer
  overflow in hashlib.sha3_* implementations (originally from the
  XKCP library).
- Add CVE-2020-10735-DoS-no-limit-int-size.patch to fix
  CVE-2020-10735 (bsc#1203125) to limit amount of digits
  converting text to int and vice vera (potential for DoS).
  Originally by Victor Stinner of Red Hat.
- Add patch CVE-2021-28861-double-slash-path.patch:
  * http.server: Fix an open redirection vulnerability in the HTTP server
    when an URI path starts with //. (bsc#1202624, CVE-2021-28861)
- Remove merged patch CVE-2020-8492-urllib-ReDoS.patch,
  CRLF_injection_via_host_part.patch, and
  CVE-2019-18348-CRLF_injection_via_host_part.patch.
python3-ec2imgutils
- Update to version 10.0.1
  + Follow up fix to (bsc#1199722) allow the user a choice of 2.0 and v2.0 as
    tpm versions on the command line
- Update to version 10.0.0 (bsc#1199722)
  + Add --tpm-support as command line option and tpm_support to the API
    to register images that support NitroTPM
  + API change for ec2deprecateimg. It is now possible to deprecate
    an image without providing a successor image.
- Add rpm-macros to build requirements in spec.
python3-ec2metadata
- Update to version 4.0.0 (bsc#1204066)
  + Disambiguate cli options for duplicate endpoints. This is an
    incompatible change for some API versions of IMDS. When a duplicate
    endpoint is detected the cli option for both endpoints is expanded to a
    unique name.
regionServiceClientConfigEC2
- Update to version 4.1.0 (bsc#1203215)
  + New certs for 52.79.82.165 and 54.247.166.75
release-notes-sles
- 15.4.20220930 (tracked in bsc#933411)
- Added note about SUSEConnect tracking (jsc#SLE-23312)
- Added note about global crypto policies (bsc#1203781)
- Added note about PHP7 (bsc#1203461)
- Added note about removal of bind-chrootenv (bsc#1201266)
- Added note about SUSEConnect tracking (jsc#SLE-24988)
- Added AWS Graviton3 (jsc#SLE-24526)
- Updated wording of ULP note (bsc#1203528)
- Fixed broken link (bsc#1203527)
- Fixed incorrect information about ODBC driver location (bsc#1203256)
- Fixed spelling of SUSEConnect and suseconnect-ng (bsc#1203259)
- 15.4.20220906 (tracked in bsc#933411)
- Updated Java lifecycle (jsc#PED-1590)
- 15.4.20220831 (tracked in bsc#933411)
- Added note about zypper async downloads (jsc#SLE-20484)
- Added note about Eclipse removal (jsc#SLE-23694)
- Added note about nodejs16 addition (jsc#SLE-21779)
- Added note about nodejs-common update (jsc#SLE-21233)
- Added note about cloud-init 21.3 (jsc#SLE-22902)
- Added note about GUI apps under WSL (jsc#SLE-21511)
- Added note about AMX (jsc#SLE-21491)
- Added note about Tomoyo (bsc#1202115)
- Updated PHP 8 note to refer to version 8.0.10 (bsc#1201709)
- Updated wording around list of updated packages/modules (bsc#1201370)
release-notes-susemanager
- Update to SUSE Manager 4.3.3.1
  * Bootrapping from UI is not functioning for SLE Micro
- Update to SUSE Manager 4.3.3
  * RHEL 9 and its clones are now supported as clients
  * SUSE Linux Enterprise Micro support has been improved
  * Grafana has been upgraded to 8.5.13
  * Bugs mentioned
    bsc#1200169, bsc#1200296, bsc#1201476, bsc#1201606, bsc#1201607
    bsc#1201788, bsc#1201893, bsc#1202093, bsc#1202217, bsc#1202785
    bsc#1203283, bsc#1203451, bsc#1203532, bsc#1203580, bsc#1203588
    bsc#1203599, bsc#1203611, bsc#1203633, bsc#1203685, bsc#1203698
    bsc#1203884, bsc#1204029, bsc#1204061, bsc#1204195, bsc#1204437
    bsc#1204444, bsc#1204517, bsc#1204519, bsc#1204541, bsc#1204651
    bsc#1204699, bsc#1205212, bsc#1205339, bsc#1205470
- Update to SUSE Manager 4.3.2
  * Containerized proxy and RBS are now fully supported
  * HTTP API is now fully supported
  * Ubuntu 22.04 is now supported as a client
  * Cobbler has been upgraded to version 3.3.3 which also includes
    building ISOs with UEFI support
  * pip support has been added for the Salt Bundle
  * Prometheus exporter for Apache has been upgraded to 0.10.0
  * CVEs fixed
    CVE-2021-41411, CVE-2021-42740, CVE-2021-43138, CVE-2022-0860
    CVE-2022-31129
  * Bugs mentioned
    bsc#1191857, bsc#1195624, bsc#1196729, bsc#1197027, bsc#1198168
    bsc#1198903, bsc#1199726, bsc#1200480, bsc#1200573, bsc#1200629
    bsc#1201210, bsc#1201220, bsc#1201260, bsc#1201626, bsc#1201753
    bsc#1201788, bsc#1201913, bsc#1201918, bsc#1202271, bsc#1202272
    bsc#1202367, bsc#1202455, bsc#1202464, bsc#1202602, bsc#1202728
    bsc#1202729, bsc#1202805, bsc#1202899, bsc#1203026, bsc#1203049
    bsc#1203056, bsc#1203169, bsc#1203287, bsc#1203288, bsc#1203385
    bsc#1203406, bsc#1203422, bsc#1203449, bsc#1203478, bsc#1203484
    bsc#1203564, bsc#1203585, bsc#1203611, bsc#1204208
- Update to SUSE Manager 4.3.1
  * GPG key handling in SUSE Manager
  * Disabling locally defined repositories
  * Bugs mentioned
    bsc#1172179, bsc#1179962, bsc#1186011, bsc#1187028, bsc#1191925,
    bsc#1194394, bsc#1195455, bsc#1198356, bsc#1198358, bsc#1198944,
    bsc#1199147, bsc#1199157, bsc#1199523, bsc#1199629, bsc#1199646,
    bsc#1199656, bsc#1199659, bsc#1199662, bsc#1199663, bsc#1199679,
    bsc#1199714, bsc#1199727, bsc#1199779, bsc#1199817, bsc#1199874,
    bsc#1199950, bsc#1199984, bsc#1199998, bsc#1200276, bsc#1200347,
    bsc#1200532, bsc#1200591, bsc#1200606, bsc#1200707, bsc#1201003,
    bsc#1201142, bsc#1201189, bsc#1201224, bsc#1201411, bsc#1201498,
    bsc#1201782, bsc#1201842
reprepro
- Update to version 5.4.0
  * Updates between 5.3.1 and 5.4.0:
    + Add shunit2 based tests (https://bugs.debian.org/857302)
    + Support multiple versions. (https://bugs.debian.org/570623)
    + Add the commands move, movesrc, movematched, movefilter
    + Add Limit and Archive option
  * Updates between 5.3.0 and 5.3.1:
    + fix manpage to add the behaviour if reprepro is linked against liblzma
    + mark 'dumpcontents' command as deprecated
    + Add Zstd support
- Removed patches (upstream)
  * 0001-add-zstd-support.patch
  * 0002-Flush-stdout-stderr-before-calling-endhook.patch
  * 0001-Bump-up-the-maxsize-on-a-fixed-size-C-buffer-to-avoi.patch
- Removed GPG signature (not provided anymore)
  * reprepro_5.3.0.orig.tar.gz.asc
  * reprepro.keyring
- Add missing changelogs
  * Bump up the maxsize on a fixed-size C buffer to avoid breaking on some
    autogenerated rust packages
  * 0001-Bump-up-the-maxsize-on-a-fixed-size-C-buffer-to-avoi.patch
  * Flush stdout and stderr before execv of an end hook
  * 0002-Flush-stdout-stderr-before-calling-endhook.patch
  * Added GPG signature
- added 0001-add-zstd-support.patch
- Initial package (version 5.3.0) for build.opensuse.org
rpm
- Strip critical bit in signature subpackage parsing
  * modified patch: pgpharden.diff
- Add workaround to make newer dnf versions no longer deadlock
  after it imported a pubkey [bnc#1202750]
  * new patch: keyimportdeadlock.diff
- Support Ed25519 signatures [jsc#SLE-24714]
  * new patch: ed25519.diff
rsync
- Fix --delay-updates never updates after interruption [bsc#1204538]
  * Added patch rsync-fix-delay-updates-never-updates-after-interruption.patch
- Add support for --trust-sender parameter (patch by Jie Gong in
  bsc#1202970). (related to CVE-2022-29154, bsc#1201840)
  * Added patch rsync-CVE-2022-29154-trust-sender-1.patch
  * Added patch rsync-CVE-2022-29154-trust-sender-2.patch
- Security fix: [bsc#1201840, CVE-2022-29154]
  * arbitrary file write vulnerability via do_server_recv function
  * Added patch rsync-rsync-CVE-2022-29154.patch
rsyslog
- fix parsing of legacy config syntax (bsc#1205275)
  * add:
    0001-testbench-add-test-for-legacy-permittedPeer-statemen.patch
    0002-imtcp-bugfix-legacy-config-directives-did-no-longer-.patch
- remove $klogConsoleLogLevel setting from rsyslog.conf (bsc#1191833)
  * this legacy setting from pre-systemd times is obsolete and can
    block important systemd messages
- fix segfault in qDeqLinkedList during shutdown (bsc#1199283)
  * add 0001-queue-Add-NULL-check-in-qDeqLinkedList.patch
ruby2
- Update suse.patch to 41adc98ad1:
  - Cookie Prefix Spoofing in CGI::Cookie.parse (boo#1193081 CVE-2021-41819)
- add back some lost chunks to the suse.patch
rubygem-nokogiri
- add 003-CVE-2022-24836.patch (CVE-2022-24836, bsc#1198408)
    fixes possibility to DoS because of inefficient RE in HTML encoding
- add 004_CVE-2022-29181.patch (CVE-2022-29181, bsc#1199782)
    fixes Improper Handling of Unexpected Data Types
runc
- Update to runc v1.1.4. Upstream changelog is available from
  https://github.com/opencontainers/runc/releases/tag/v1.1.4.
  * Fix mounting via wrong proc fd. When the user and mount namespaces are
    used, and the bind mount is followed by the cgroup mount in the spec,
    the cgroup was mounted using the bind mount's mount fd.
  * Switch kill() in libcontainer/nsenter to sane_kill().
  * Fix "/permission denied"/ error from runc run on noexec fs.
  * Fix failed exec after systemctl daemon-reload. Due to a regression
    in v1.1.3, the DeviceAllow=char-pts rwm rule was no longer added and
    was causing an error open /dev/pts/0: operation not permitted: unknown when systemd was reloaded.
    (boo#1202821)
- Update to runc v1.1.4. Upstream changelog is available from
  https://github.com/opencontainers/runc/releases/tag/v1.1.4.
  bsc#1202021
  * Fix mounting via wrong proc fd. When the user and mount namespaces are
    used, and the bind mount is followed by the cgroup mount in the spec,
    the cgroup was mounted using the bind mount's mount fd.
  * Switch kill() in libcontainer/nsenter to sane_kill().
  * Fix "/permission denied"/ error from runc run on noexec fs.
  * Fix failed exec after systemctl daemon-reload. Due to a regression
    in v1.1.3, the DeviceAllow=char-pts rwm rule was no longer added and
    was causing an error open /dev/pts/0: operation not permitted: unknown when systemd was reloaded.
    (boo#1202821)
salt
- Pass the context to pillar ext modules
- Align Amazon EC2 (Nitro) grains with upstream (bsc#1203685)
- Detect module run syntax version
- Implement automated patches alignment for the Salt Bundle
- Ignore extend declarations from excluded SLS files (bsc#1203886)
- Clarify pkg.installed pkg_verify documentation
- Enhance capture of error messages for Zypper calls in zypperpkg module
- Make pass renderer configurable and fix detected issues
- Workaround fopen line buffering for binary mode (bsc#1203834)
- Added:
  * detect-module.run-syntax.patch
  * fopen-workaround-bad-buffering-for-binary-mode-563.patch
  * make-pass-renderer-configurable-other-fixes-532.patch
  * clarify-pkg.installed-pkg_verify-documentation.patch
  * align-amazon-ec2-nitro-grains-with-upstream-pr-bsc-1.patch
  * pass-the-context-to-pillar-ext-modules.patch
  * ignore-extend-declarations-from-excluded-sls-files.patch
  * include-stdout-in-error-message-for-zypperpkg-559.patch
- Handle non-UTF-8 bytes in core grains generation (bsc#1202165)
- Fix Syndic authentication errors (bsc#1199562)
- Add Amazon EC2 detection for virtual grains (bsc#1195624)
- Fix the regression in schedule module releasded in 3004 (bsc#1202631)
- Fix state.apply in test mode with file state module on user/group checking (bsc#1202167)
- Change the delimeters to prevent possible tracebacks on some packages with dpkg_lowpkg
- Make zypperpkg to retry if RPM lock is temporarily unavailable (bsc#1200596)
- Fix test_ipc unit test
- Added:
  * retry-if-rpm-lock-is-temporarily-unavailable-547.patch
  * change-the-delimeters-to-prevent-possible-tracebacks.patch
  * fix-test_ipc-unit-tests.patch
  * backport-syndic-auth-fixes.patch
  * fix-the-regression-in-schedule-module-releasded-in-3.patch
  * add-amazon-ec2-detection-for-virtual-grains-bsc-1195.patch
  * ignore-non-utf8-characters-while-reading-files-with-.patch
  * fix-state.apply-in-test-mode-with-file-state-module-.patch
- Add support for gpgautoimport in zypperpkg module
- Update Salt to work with Jinja >= and <= 3.1.0 (bsc#1198744)
- Fix salt.states.file.managed() for follow_symlinks=True and test=True (bsc#1199372)
- Make Salt 3004 compatible with pyzmq >= 23.0.0 (bsc#1201082)
- Add support for name, pkgs and diff_attr parameters to upgrade function for zypper and yum (bsc#1198489)
- Fix ownership of salt thin directory when using the Salt Bundle
- Set default target for pip from VENV_PIP_TARGET environment variable
- Normalize package names once with pkg.installed/removed using yum (bsc#1195895)
- Save log to logfile with docker.build
- Use Salt Bundle in dockermod
- Ignore erros on reading license files with dpkg_lowpkg (bsc#1197288)
- Added:
  * fix-ownership-of-salt-thin-directory-when-using-the-.patch
  * add-support-for-name-pkgs-and-diff_attr-parameters-t.patch
  * save-log-to-logfile-with-docker.build.patch
  * add-support-for-gpgautoimport-539.patch
  * fix-jinja2-contextfuntion-base-on-version-bsc-119874.patch
  * normalize-package-names-once-with-pkg.installed-remo.patch
  * use-salt-bundle-in-dockermod.patch
  * ignore-erros-on-reading-license-files-with-dpkg_lowp.patch
  * fix-62092-catch-zmq.error.zmqerror-to-set-hwm-for-zm.patch
  * fix-salt.states.file.managed-for-follow_symlinks-tru.patch
  * set-default-target-for-pip-from-venv_pip_target-envi.patch
- Fix PAM auth issue due missing check for PAM_ACCT_MGM return value (CVE-2022-22967) (bsc#1200566)
salt-netapi-client
- Declare the LICENSE file as license and not doc
samba
- CVE-2022-1615: Do not ignore errors in random number generation;
  (bso#15103); (bsc#1202976);
- CVE-2022-32743: Implement validated dnsHostName write rights;
  (bso#14833); (bsc#1202803);
- Fix Use after free when iterating
  smbd_server_connection->connections after tree disconnect
  failure; (bso#15128); (bsc#1200102).
- CVE-2022-32746: samba: Use-after-free occurring in database
  audit logging; (bso#15009); (bso#15096); (bsc#1201490).
- CVE-2022-32745: samba: ldb: AD users can crash the server
  process with an LDAP add or modify request; (bso#15008);
  (bso#15096); (bsc#1201492).
- CVE-2022-2031: samba, ldb: AD users can bypass certain
  restrictions associated with changing passwords; (bso#15047);
  (bsc#1201495);
- CVE-2022-32742:SMB1 code does not correct verify SMB1write,
  SMB1write_and_close, SMB1write_and_unlock lengths; (bso#15085);
  (bsc#1201496).
- CVE-2022-32744: samba, ldb: AD users can forge password change
  requests for any user; (bso#15074); (bso#15047); (bsc#1201493).
- Update to 4.15.8
  * Use pathref fd instead of io fd in vfs_default_durable_cookie;
    (bso#15042);
  * Setting fruit:resource = stream in vfs_fruit causes a panic;
    (bso#15099);
  * Add support for bind 9.18; (bso#14986);
  * logging dsdb audit to specific files does not work; (bso#15076);
  * vfs_gpfs with vfs_shadowcopy2 fail to restore file if original
    file had been deleted; (bso#15069);
  * netgroups support removed; (bso#15087); (bsc#1199247);
  * net ads info shows LDAP Server: 0.0.0.0 depending on contacted
    server; (bso#14674); (bsc#1199734);
  * waf produces incorrect names for python extensions with Python
    3.11; (bso#15071);
  * smbclient commands del & deltree fail with
    NT_STATUS_OBJECT_PATH_NOT_FOUND with DFS; (bso#15100);
    (bsc#1200556);
  * vfs_gpfs recalls=no option prevents listing files; (bso#15055);
  * waf produces incorrect names for python extensions with Python
    3.11; (bso#15071);
  * Compile error in source3/utils/regedit_hexedit.c; (bso#15091);
  * ldconfig: /lib64/libsmbconf.so.0 is not a symbolic link;
    (bso#15108);
  * smbd doesn't handle UPNs for looking up names; (bso#15054);
  * Out-by-4 error in smbd read reply max_send clamp; (bso#14443);
- Move pdb backends from package samba-libs to package
  samba-client-libs and remove samba-libs requirement from
  samba-winbind; (bsc#1200964); (bsc#1198255);
- Use the canonical realm name to refresh the Kerberos tickets;
  (bsc#1196224); (bso#14979);
- Fix  smbclient commands del & deltree failing with
  NT_STATUS_OBJECT_PATH_NOT_FOUND with DFS; (bso#15100);
  (bsc#1200556).
sg3_utils
- Update to version 1.47+5.d13bc56:
  * rescan-scsi-bus.sh: add timeout parameter (bsc#1199248)
shadow
- Added patch:
  * shadow-4.8.1-AUDIT_NO_ID.patch
    + fix bsc#1205502: useradd audit event user id field cannot
    be interpreted
smdba
- Version 1.7.11
  * fix config update from wal_keep_segments to wal_keep_size for
    newer postgresql versions (bsc#1204519)
- Declare the LICENSE file as license and not doc
snakeyaml
- Upgrade to upstream release 1.31
  * Fixes
    + bsc#1202932 (CVE-2022-25857)
    + bsc#1203149 (CVE-2022-38749)
    + bsc#1203153 (CVE-2022-38751)
    + bsc#1203154 (CVE-2022-38752)
    + bsc#1203158 (CVE-2022-38750)
  * Changes of 1.31
    + Fix #539: false positive CVE-2020-13936 (bsc#1183360)
    + Fix #537: Improved RE for integers
    + Improve restrictions against DoS attacks
    + Fix #525: Restrict nested depth for collections to avoid DoS
    attacks
    + Fix #522: De-serializing key "/on"/ fails with Exception
    + Example with Lombok and ENV variable substitution was added
    + reported issue with trailing TAB
    + fixes for reading and writing comments
  * Changes of 1.30
    + Migrate to new home: snakeyaml/snakeyaml
    + fixes for reading and writing comments
    + Fix #506: Improve parsing a number starting with 0x
  * Changes of 1.29
    + fixes for reading and writing comments
- Modified patches:
  * 0001-replace-bundled-base64coder-with-java.util.Base64.patch
  * 0002-Replace-bundled-gdata-java-client-classes-with-commo.patch
    + rebase
  * Changes of 1.28
    + Add possibility to construct enum with case sensitivity
    + Fix #493: substitution default can contain special characters
    + Add possibility to read and write comments
    + Fix #485: Alias names are too permissive compared to libyaml
    and future spec
  * Changes of 1.27
    + Update #307: add example
    + Add: build with CI on github
    + Fix #481: Serialize anchors that are not used by any alias
    + Fix #416: Improve dumping sequences
    + Fix #480: Anchor allows non ASCII characters while dumping
    + Fix #476: Make constructor of EnvScalarConstructor public
    + Fix #474: Parse the value of byte and short after a narrowing
    primitive conversion
    + Fix yet another OWASP false positive. It complains that the
    Spring controller makes SnakeYAML insecure even though
    SnakeYAML does not use Spring controller and does not depend
    on Spring (but the tests do). Bump spring.version from
    3.2.17.RELEASE to 5.2.4.RELEASE
    + Migrated from hg to git
  * Changes of 1.26
    + Fix #377: Allow configuration for preventing billion laughs
    attack
    + Add: parse ENV variables similar to how it works for
    docker-compose
    + Fix #468: Allow non ASCII characters in the anchor names
    + Add: expose Event.ID in Event via a getter
    + Fix #454: Add example for integer without time pattern
  * Changes of 1.25
    + Fix #441: Restore the way to get anchor for a Node
    + Fix #437: Introduce setting to keep !!str tag for String even
    when it contains non-printable chars
    + Update plugin versions
  * Changes of 1.24
    + BaseConstructor: Factored out postponed mapping logic so
    subclasses can effectively override constructMapping2ndStep()
    and delegate to the postponed mapping logic
    + Fix #431: Customize simple key length when dumping
    + Fix #430: Wrap runtime exceptions into YAMLException.
    + Fix: Null tag constructor not called when parsing top-level
    null value.
    + Fix #429: Provide "/Automatic-Module-Name"/ entry in MANIFEST
    + Fix #426: Fix NPE when duplicate keys are not allowed and the
    key is null
    + Apply pull request #41: Support java.sql classes without the
    need to depend on java.sql module in java9+
    + Update: Java 7 is required.
    + Fix #423: Date Serialization Fails for TimeZones on Daylight
    Savings Time
  * Changes of 1.23
    + Update: run tests under Java 11. This is the last release to
    support Java 6. As of the next release Java 7 will be required.
    + Fix #412: Restore the Boolean constructors for Events and
    Nodes for binary compatibility of dependent projects
    + Fix #411: System Property "/java.runtime.name"/ is not required
    to be defined
    + Fix #409: Dumping Enum breaks when Enum value is Anonymous
    inner class
  * Changes of 1.21
    + Update: Scanner.peekToken() and Scanner.getToken() throw
    exception instead of returning null
    + Update: Enhance output of token IDs
    + Update: Mark - expose buffer and pointer
    + Update: Improvements in the Bitbucket pipeline
    + Fix #397: Plain scalars with colons in flow sequences/mappings
    are valid YAML. This change follows what happens with PyYAML
    and libyaml (thanks to developers from the YAML community)
  * Changes of 1.20
    + Fix #393: Improve reflective access operation to avoid warning
    under Java 9
    + Hold #397: because of the inconsistent corner cases the ':' is
    not yet allowed in a flow context
    + Refactor nodes and events - use enum FlowStyle instead of
    Boolean (minor backwards-incompatible change)
    + Refactor ScalarToken, ScalarNode and ScalarEvent - use enum
    ScalarStyle instead of Character (minor backwards-incompatible
    change)
    + Refactor Mark - remove unused code (minor
    backwards-incompatible change)
    + Fix #395 and #394: Introduce DuplicateKeyException and report
    line number for duplicate keys when creating non-Javabeans
  * Changes of 1.19
    + Apply pull request #22: Only use FIELD access for Android in
    PropertyUtils
    + Apply pull request #27: Add getAnnotations() and
    getAnnotation() methods to Property.
    + Apply pull request #26 and fix #383: Some configuration
    properties of Representer were ignored.
    + Fix issue #386:Fix order of duplicate keys indices to prevent
    wrong removals.
    + Update: major improvement when parsing JavaBeans.
    + Fix issue #382 and #322: MethodProperty should check for
    generic type in getters and setters.
    + Fix issue #377: Add test for billion laughs attack.
    + Fix issue #368: Relax final restriction on TypeDescription.
    + Fix issue #375: Empty YAML file must return null instead of
    throwing an exception when loading a JavaBean.
    + Fix issue #374: Localization settings (e.g. fr_CA) convert
    Number type floats to ints.
    + Apply pull request #20: Provide access to node's anchor
    + Fix issue #370: Remove redundant
    "/Bundle-RequiredExecutionEnvironment: J2SE-1.5"/
    + Fix issue #364: Serializing Calendar objects with certain
    timezone offsets renders invalid YAML
  * Changes of 1.18
    + Add: create Android artifact with android classifier
    + Fix issue #358: Validate DumperOptions to prevent invalid YAML
    to be dumped.
    + Fix issue #355: Fix for emitter to split long plain string
    scalars over multiple lines.
    + Apply pull request #13: Let Mark implement Serializable so
    that ParserException can be serialized
    + Fix issue #337: Throw exception in case of duplicate keys when
    LoaderOptions.allowDuplicateKeys is false.
    + Fix issue #351: Keep same nodes order on merge (preprocess
    keys for MappingNode and remove duplicates keeping the last
    one).
    + Fix issue #349: Ignore white spaces for base64 encoded scalar
    + Fix issue #348: Not removing parent object when composed
    object is an anchor
    + Fix issue #323: Support "/Miscellaneous Symbols and
    Pictographs"/. This fix introduces minor backwards-incompatible
    changes - some of the methods have been renamed. This fixes
    also long standing issue with iOS emoji
    + Fix issue #341: Fix NPE in BaseRepresenter.multiRepresenters
    if it contains 'null' as a key
    + Update plugin versions
spacecmd
- version 4.3.16-1
  * Fix dict_keys not supporting indexing in systems_setconfigchannelorger
  * Improve Proxy FQDN hint message
  * Added a warning message for traditional stack deprecation
  * Stop always showing help for valid proxy_container_config calls
  * Remove "/Undefined return code"/ from debug messages (bsc#1203283)
- version 4.3.15-1
  * Process date values in spacecmd api calls (bsc#1198903)
- version 4.3.14-1
  * Fix missing argument on system_listmigrationtargets (bsc#1201003)
  * Show correct help on calling kickstart_importjson with no arguments
  * Fix tracebacks on spacecmd kickstart_export (bsc#1200591)
  * Change proxy container config default filename to end with tar.gz
spacewalk
- version 4.3.5-1
  * Simplified PostgreSQL14 requirement.
- version 4.3.4-1
  * Update server-migrator to dist-upgrade to openSUSE 15.4
spacewalk-admin
- version 4.3.10-1
  * Ensure "/cobbler mkloaders"/ is executed after restarting services
  * Add --help option to mgr-monitoring-ctl
  * reportdb access: force new report_db_sslrootcert if
    previous default is set
spacewalk-backend
- version 4.3.17-1
  * require python3-debian version which support new compression
    methods to sync ubuntu22-04 repositories (bsc#1205212)
  * Used the legacy reporting system in spacewalk-debug to obtain
    up-to-date information
  * Keep older module metadata files in database (bsc#1201893)
  * Added an optional component_type property to the LOG object
    and included it to a log message
  * Add an optional component property to the log messages
- version 4.3.16-1
  * Prevent mixing credentials for proxy and repository server
    while using basic authentication and avoid hiding errors
    i.e. timeouts while having proxy settings issues
    with extra logging in verbose mode (bsc#1201788)
  * Fix the condition of hiding the token from URL on logging
  * export armored GPG key to salt filesystem as well
  * Upgrade Cobbler requirement to 3.3.3 or later
  * Make reposync use the configured http proxy with mirrorlist (bsc#1198168)
- version 4.3.15-1
  * cleanup leftovers from removing unused xmlrpc endpoint
- version 4.3.14-1
  * Fix issues with "/http proxy"/ not being used by reposync in some cases
spacewalk-certs-tools
- version 4.3.16-1
  * Generated bootstrap scripts installs all needed Salt 3004 dependencies
    for Ubuntu 18.04 (bsc#1204517)
  * add transactional system support to the bootstrap generator
  * change bootstrap script generator to detect SLE Micro
- version 4.3.15-1
  * fix mgr-ssl-cert-setup for root CAs which do not set
    authorityKeyIdentifier (bsc#1203585)
- version 4.3.14-1
  * traditional stack bootstrap: install product packages (bsc#1201142)
  * display messages to restart services after certificate change
  * improve CA Chain checking by comparing authorityKeyIdentifier
    with subjectKeyIdentifier
spacewalk-client-tools
- version 4.3.13-1
  * Update translation strings
- version 4.3.12-1
  * Update translation strings
- version 4.3.11-1
  * Update translation strings
- version 4.3.10-1
  * Update translation strings
spacewalk-config
- version 4.3.9-1
  * fix posttrans error "/RHN-ORG-TRUSTED-SSL-CERT"/ not found
spacewalk-java
- version 4.3.43-1
  * Changed proxy settings retrieval to not include password (bsc#1205339)
- version 4.3.42-1
  * Update jackson-databind version
- version 4.3.41-1
  * Manage reboot in transactional update action chain (bsc#1201476)
  * Enable monitoring for RHEL 9 Salt clients
  * Optimize performance of config channels operations for UI and API (bsc#1204029)
  * Don't add the same channel twice in the System config addChannel API (bsc#1204029)
  * Optimize action chain processing on job return event (bsc#1203532)
  * Re-calculate salt event queue numbers on restart
  * Improved reboot needed handling for SLE Micro
  * Check if system has all formulas correctly assigned
    (bsc#1201607)
  * Remove group formula assignements and data on group delete
    (bsc#1201606)
  * Process salt events in FIFO order (bsc#1203532)
  * Remove 'SSM' column text where not applicable (bsc#1203588)
  * Fix rendering of ssm/MigrateSystems page (bsc#1204651)
  * Pass mgr_sudo_user pillar on salt ssh client cleanup (bsc#1202093)
  * Upgrade Bootstrap to 3.4.1
  * Refresh pillar data for the assigned systems when a CLM channel is built (bsc#1200169)
  * Improve Amazon EC2/Nitro detection (bsc#1203685)
  * Add channel availability check for product migration (bsc#1200296)
  * Deny packages from older module metadata when building CLM projects (bsc#1201893)
  * fix xmlrpc call randomly failing with translation error (bsc#1203633)
  * Do not explicitely remove old pillars on minion rename (bsc#1203451)
  * Fix out of memory error when building a CLM project (bsc#1202217)
  * Added a warning message for traditional stack deprecation
  * Fix hardware update where there is no DNS FQDN changes (bsc#1203611)
- version 4.3.40-1
  * Fix number of handlers for deleted files managed by taskomatic
    growing continuously (bsc#1204050)
- version 4.3.39-1
  * Fix directory path traversal vulnerability CVE-2022-31255 (bsc#1204543)
  * Fix reflected cross site scripting vulnerability CVE-2022-43754 (bsc#1204741)
  * Fix arbitrary file disclosure vulnerability CVE-2022-43753 (bsc#1204716)
- version 4.3.38-1
  * delay hardware refresh action to avoid missing channels (bsc#1204208)
- version 4.3.37-1
  * Fix get_item_resolved_value call
- version 4.3.36-1
  * Fix prerequisite action serialization (bsc#1202899)(bsc#1203484)
  * Fix hardware update where there is no DNS FQDN changes (bsc#1203611)
  * Fix UI crash when filtering on systems list (bsc#1203169)
  * Filter out successors that have no repositories on SP
    migration (bsc#1202367)
  * Reduced the usage of deprecated Hibernate API
  * Use mgrnet.dns_fqdns module to improve FQDN detection (bsc#1199726)
  * Support Pay-as-you-go new CA location for SLES15SP4
    and higher (bsc#1202729)
  * Fixed pagination for completed/failed systems in action details
  * Add support in rhn.conf for smtp port, auth, ssl/tls config
  * Calculate dependencies between cloned channels of vendor
    channels (bsc#1201626)
  * Fix sync for external repositories (bsc#1201753)
  * Detect the clients running on Amazon EC2 (bsc#1195624)
  * Adjust cobbler requirement to version 3.3.3
  * Support inherited values for kernel options from Cobbler API
  * Fix virtFileSize type after cobbler upgrade
  * Redefine available power_management.types for cobbler >= 3.3.1
  * fix state.apply result parsing in test mode (bsc#1201913)
  * require tomcat native interface to prevent misleading warning
    in tomcat startup log (bsc#1202455)
  * Reduce the length of image channel URL (bsc#1201220)
  * Fixed formula deselection in systemgroup (bsc#1202271)
  * Added a new configuration property to allow custom channels to
    be synced together with vendor channels.
  * add onlyRelevant argument to addErrataUpdate API
  * fix taskomatic task remain in progress
- version 4.3.35-1
  * Modify parameter type when communicating with the search server (bsc#1187028)
  * Fix hibernate error on deleting an image with delta
  * Changed logout method to POST on HTTP API (bsc#1199663)
  * Turned API information endpoints public (bsc#1199817)
  * Fix typo and ordering of JSON over HTTP API example scripts
  * Improved log handling in HTTP API (bsc#1199662)
  * set Channel GPG Key info from SCC data
  * set GPG Key Url as channel pillar data (bsc#1199984)
  * new API endpoint for addErrataUpdate, that take
    multiple servers as argument
  * Move ImageSync pillars to database (bsc#1199157)
  * Fix conflict when system is assigned to multiple instances of
    the same formula (bsc#1194394)
  * Fix initial profile and build host on Image Build page (bsc#1199659)
  * Convert formula integer values when upgrading (bsc#1200347)
  * Cleanup salt known_hosts when generating proxy containers config
  * Modify proxy containers configuration files set output
  * Change proxy containers config to tarball with yaml files
  * Fixed date format on scheduler related messages (bsc#1195455)
  * Improved dropdown layout handling
  * Fix download CSV
  * Hide authentication data in PAYG UI (bsc#1199679)
  * Clean grub2 reinstall entry in autoyast snippet (bsc#1199950)
  * Show reboot alert message on all system detail pages (bsc#1199779)
  * Show patch as installed in CVE Audit even if successor patch affects
    additional packages (bsc#1199646)
  * Fix refresh action confirmation message when no system is selected
  * Fix Intenal Server Error when URI contains invalid sysid (bsc#1186011)
  * Fix notification message on system properties update to ensure
    style consistency (bsc#1172179)
  * Fix containerized proxy configuration machine name
  * Improve CLM channel cloning performance (bsc#1199523)
  * Keep the websocket connections alive with ping/pong frames (bsc#1199874)
  * add detection of Ubuntu 22.04
- version 4.3.34-1
  * fix missing remote command history events for big output (bsc#1199656)
  * fix api log message references the wrong user (bsc#1179962)
  * Consistently use conf value for SPA engine timeout
  * fix download of packages with caret sign in the version due
    to missing url decode
  * Add specific requirement for Cobbler 3.2.1 to not conflict with Leap 15.4
  * Fix send login(s) and send password actions to avoid user
    enumeration (bsc#1199629) (CVE-2022-31248)
spacewalk-search
- version 4.3.7-1
  * update dependencies after package rename
- version 4.3.6-1
  * Add method to handle session id as String
  * Migrated from log4j1.x.x to log4j2.x.x
- version 4.3.5-1
  * update ivy development files
spacewalk-setup
- version 4.3.14-1
  * Fix possible wrong autoinstall value from Cobbler collections (bsc#1203478)
- version 4.3.13-1
  * Execute migration of Cobbler version 2 collections (bsc#1203478)
- version 4.3.12-1
  * Fix detected issues to perform migration of Cobbler settings
    and collections.
- version 4.3.11-1
  * Trigger migration of Cobbler settings and collections if necessary
    during package installation (bsc#1203478)
  * Execute "/cobbler mkloaders"/ when setting up cobbler
  * Adjust next_server cobbler settings for cobbler >= 3.3.1
  * fix prototype missmatch in idn_to_ascii (bsc#1203385)
- version 4.3.10-1
  * spacewalk-setup-cobbler assumes /etc/apache2/conf.d now as a
    default instead of /etc/httpd/conf.d (bsc#1198356)
  * Allow alternative usage of perl-Net-LibIDN2.
spacewalk-utils
- version 4.3.15-1
  * Add EL9 Client Tools for SUSE Liberty Linux
- version 4.3.14-1
  * Make spacewalk-hostname-rename working with settings.yaml
    cobbler config file (bsc#1203564)
  * spacewalk-common-channels now syncs the channels automatically
    on creation, if the new configuration property named
    'unify_custom_channel_management' is enabled
- version 4.3.13-1
  * change gpg key urls to file urls where possible
  * spacewalk-hostname-rename now correctly replaces the hostname for
    the mgr-sync configuration file (bsc#1198356)
  * spacewalk-hostname-rename now utilizes the "/--apache2-conf-dir"/
    flag for spacewalk-setup-cobbler
  * Add repositories for Ubuntu 22.04 LTS
  * Add AlmaLinux 9 and Oracle Linux 9 to spacewalk-common-channels
  * Add missing SLES 15 SP4 client tools repositories to
    spacewalk-common-channels.ini
- version 4.3.12-1
  * add deprecation warning for spacewalk-clone-by-date
  * Add EPEL8 for Almalinux 8 and Rocky 8 in spacewalk-common-channels.ini
spacewalk-web
- version 4.3.26-1
  * Prevent proxy data from being logged (bsc#1205339)
- version 4.3.25-1
  * Fix checkbox and radio input misalignment
  * Upgrade Bootstrap to 3.4.1
  * Update translation strings
- version 4.3.24-1
  * Upgrade moment-timezone
  * Fix packaging issues to address CVE-2021-43138 (bsc#1200480)
  * Upgrade shell-quote to fix CVE-2021-42740 (bsc#1203287)
  * Upgrade moment to fix CVE-2022-31129 (bsc#1203288)
  * Fix table header layout for unselectable tables
- version 4.3.23-1
  * Update the version for the WebUI
- version 4.3.22-1
  * Fix initial profile and build host on Image Build page (bsc#1199659)
  * Handle multi line error messages in proxy containers config creation
  * Hide authentication data in PAYG UI (bsc#1199679)
  * add textarea to formulas
- version 4.3.21-1
  * Consistently use conf value for SPA engine timeout
  * Remove nodejs-packaging as a build requirement
  * Update translation strings
sqlite3
- bsc#1206337, CVE-2022-46908, sqlite-CVE-2022-46908.patch:
  relying on --safe for execution of an untrusted CLI script
- update to 3.39.3:
  * Use a statement journal on DML statement affecting two or more
    database rows if the statement makes use of a SQL functions
    that might abort.
  * Use a mutex to protect the PRAGMA temp_store_directory and
    PRAGMA data_store_directory statements, even though they are
    decremented and documented as not being threadsafe.
- update to 3.39.2:
  * Fix a performance regression in the query planner associated
    with rearranging the order of FROM clause terms in the
    presences of a LEFT JOIN.
  * Apply fixes for CVE-2022-35737, Chromium bugs 1343348 and
    1345947, forum post 3607259d3c, and other minor problems
    discovered by internal testing. [boo#1201783]
- update to 3.39.1:
  * Fix an incorrect result from a query that uses a view that
    contains a compound SELECT in which only one arm contains a
    RIGHT JOIN and where the view is not the first FROM clause term
    of the query that contains the view
  * Fix a long-standing problem with ALTER TABLE RENAME that can
    only arise if the sqlite3_limit(SQLITE_LIMIT_SQL_LENGTH) is set
    to a very small value.
  * Fix a long-standing problem in FTS3 that can only arise when
    compiled with the SQLITE_ENABLE_FTS3_PARENTHESIS compile-time
    option.
  * Fix the initial-prefix optimization for the REGEXP extension so
    that it works correctly even if the prefix contains characters
    that require a 3-byte UTF8 encoding.
  * Enhance the sqlite_stmt virtual table so that it buffers all of
    its output.
- update to 3.39.0:
  * Add (long overdue) support for RIGHT and FULL OUTER JOIN
  * Add new binary comparison operators IS NOT DISTINCT FROM and
    IS DISTINCT FROM that are equivalent to IS and IS NOT,
    respective, for compatibility with PostgreSQL and SQL standards
  * Add a new return code (value "/3"/) from the sqlite3_vtab_distinct()
    interface that indicates a query that has both DISTINCT and
    ORDER BY clauses
  * Added the sqlite3_db_name() interface
  * The unix os interface resolves all symbolic links in database
    filenames to create a canonical name for the database before
    the file is opened
  * Defer materializing views until the materialization is actually
    needed, thus avoiding unnecessary work if the materialization
    turns out to never be used
  * The HAVING clause of a SELECT statement is now allowed on any
    aggregate query, even queries that do not have a GROUP BY
    clause
  * Many microoptimizations collectively reduce CPU cycles by about
    2.3%.
- drop sqlite-src-3380100-atof1.patch, included upstream
- add sqlite-src-3390000-func7-pg-181.patch to skip float precision
  related test failures on 32 bit
- update to 3.38.5:
  * Fix a blunder in the CLI of the 3.38.4 release
- includes changes from 3.38.4:
  * fix a byte-code problem in the Bloom filter pull-down
    optimization added by release 3.38.0 in which an error in the
    byte code causes the byte code engine to enter an infinite loop
    when the pull-down optimization encounters a NULL key
- update to 3.38.3:
  * Fix a case of the query planner be overly aggressive with
    optimizing automatic-index and Bloom-filter construction,
    using inappropriate ON clause terms to restrict the size of the
    automatic-index or Bloom filter, and resulting in missing rows
    in the output.
  * Other minor patches. See the timeline for details.
- update to 3.38.2:
  * Fix a problem with the Bloom filter optimization that might
    cause an incorrect answer when doing a LEFT JOIN with a WHERE
    clause constraint that says that one of the columns on the
    right table of the LEFT JOIN is NULL.
  * Other minor patches.
- Remove obsolete configure flags
- Package the Tcl bindings here again so that we only ship one copy
  of SQLite (bsc#1195773).
- update to 3.38.1:
  * Fix problems with the new Bloom filter optimization that might
    cause some obscure queries to get an incorrect answer.
  * Fix the localtime modifier of the date and time functions so
    that it preserves fractional seconds.
  * Fix the sqlite_offset SQL function so that it works correctly
    even in corner cases such as when the argument is a virtual
    column or the column of a view.
  * Fix row value IN operator constraints on virtual tables so that
    they work correctly even if the virtual table implementation
    relies on bytecode to filter rows that do not satisfy the
    constraint.
  * Other minor fixes to assert() statements, test cases, and
    documentation. See the source code timeline for details.
- add upstream patch to run atof1 tests only on x86_64
  sqlite-src-3380100-atof1.patch
- update to 3.38.0
  * Add the -> and ->> operators for easier processing of JSON
  * The JSON functions are now built-ins
  * Enhancements to date and time functions
  * Rename the printf() SQL function to format() for better
    compatibility, with alias for backwards compatibility.
  * Add the sqlite3_error_offset() interface for helping localize
    an SQL error to a specific character in the input SQL text
  * Enhance the interface to virtual tables
  * CLI columnar output modes are enhanced to correctly handle tabs
    and newlines embedded in text, and add options like "/--wrap N"/,
    "/--wordwrap on"/, and "/--quote"/ to the columnar output modes.
  * Query planner enhancements using a Bloom filter to speed up
    large analytic queries, and a balanced merge tree to evaluate
    UNION or UNION ALL compound SELECT statements that have an
    ORDER BY clause.
  * The ALTER TABLE statement is changed to silently ignores
    entries in the sqlite_schema table that do not parse when
    PRAGMA writable_schema=ON
- update to 3.37.2:
  * Fix a bug introduced in version 3.35.0 (2021-03-12) that can
    cause database corruption if a SAVEPOINT is rolled back while
    in PRAGMA temp_store=MEMORY mode, and other changes are made,
    and then the outer transaction commits
  * Fix a long-standing problem with ON DELETE CASCADE and ON
    UPDATE CASCADE in which a cache of the bytecode used to
    implement the cascading change was not being reset following a
    local DDL change
- update to 3.37.1:
  * Fix a bug introduced by the UPSERT enhancements of version
    3.35.0 that can cause incorrect byte-code to be generated for
    some obscure but valid SQL, possibly resulting in a NULL-
    pointer dereference.
  * Fix an OOB read that can occur in FTS5 when reading corrupt
    database files.
  * Improved robustness of the --safe option in the CLI.
  * Other minor fixes to assert() statements and test cases.
- SQLite3 3.37.0:
  * STRICT tables provide a prescriptive style of data type
    management, for developers who prefer that kind of thing.
  * When adding columns that contain a CHECK constraint or a
    generated column containing a NOT NULL constraint, the
    ALTER TABLE ADD COLUMN now checks new constraints against
    preexisting rows in the database and will only proceed if no
    constraints are violated.
  * Added the PRAGMA table_list statement.
  * Add the .connection command, allowing the CLI to keep multiple
    database connections open at the same time.
  * Add the --safe command-line option that disables dot-commands
    and SQL statements that might cause side-effects that extend
    beyond the single database file named on the command-line.
  * CLI: Performance improvements when reading SQL statements that
    span many lines.
  * Added the sqlite3_autovacuum_pages() interface.
  * The sqlite3_deserialize() does not and has never worked
    for the TEMP database. That limitation is now noted in the
    documentation.
  * The query planner now omits ORDER BY clauses on subqueries and
    views if removing those clauses does not change the semantics
    of the query.
  * The generate_series table-valued function extension is modified
    so that the first parameter ("/START"/) is now required. This is
    done as a way to demonstrate how to write table-valued
    functions with required parameters. The legacy behavior is
    available using the -DZERO_ARGUMENT_GENERATE_SERIES
    compile-time option.
  * Added new sqlite3_changes64() and sqlite3_total_changes64()
    interfaces.
  * Added the SQLITE_OPEN_EXRESCODE flag option to sqlite3_open_v2().
  * Use less memory to hold the database schema.
  * bsc#1189802, CVE-2021-36690: Fix an issue with the SQLite Expert
    extension when a column has no collating sequence.
subscription-matcher
- Added Guava maximum version requirement (jsc#SLE-23217)
- Declare the LICENSE file as license and not doc
sudo
- Added sudo-CVE-2023-22809.patch
  * CVE-2023-22809
  * bsc#1207082
  * Prevent '--' in the EDITOR environment variable which can allow
    users to edit sensitive files as root.
- Added sudo-utf8-ldap-schema.patch
  * Change sudo-ldap schema from ASCII to UTF8.
  * Fixes bsc#1197998
  * Credit to William Brown <william.brown@suse.com>
  * https://github.com/sudo-project/sudo/pull/163
- Added sudo-CVE-2022-43995.patch
  * CVE-2022-43995
  * bsc#1204986
  * Fixed a potential heap-based buffer over-read when entering a password
    of seven characters or fewer and using the crypt() password backend.
- Modified sudo-sudoers.patch
  * bsc#1177578
  * Removed redundant and confusing 'secure_path' settings in
    sudo-sudoers file.
supportutils
- Added lifecycle information (issue#140)
- Changes to version 3.1.21
  + Added type output with df command in fs-diskio.txt (issue#141)
  + Gather all files in /etc/security/limits.d/ (issue#142)
  + Fixed KVM virtualization detection on bare metal (bsc#1184689)
  + Added logging using journalctl (bsc#1200330)
  + Passwords correctly removed from email.txt, updates.txt and fs-iscsi.txt (bsc#1203818)
  + Added system logging configuration and checking in messages_config.txt (issue#103)
  + If rsyslog not installed collect more from journalctl (issue#120)
  + Added systemd-status.txt for the status of all service units (issue#125)
  + autofs includes files in (+dir:<path>) (issue#111)
  + Get current sar data before collecting files (bsc#1192648)
  + Collects everything in /etc/multipath/ (bsc#1192252)
  + Collects power management information in hardware.txt (bsc#1197428)
  + Checks for suseconnect-ng or SUSEConnect packages (bsc#1202337)
  + Fixed conf_files and conf_text_files so y2log is gathered (issue#134, bsc#1202269)
  + Update to nvme_info and block_info #133 (bsc#1202417)
  + Added IO scheduler (issue#136)
  + Added includedir directories from /etc/sudoers (bsc#1188086)
- Added a listing to /dev/mapper/. #129
supportutils-plugin-susemanager
- version 4.3.5-1
  * Added dependency for XML Simple
suse-build-key
- added /usr/share/pki/containers directory for container pem keys
  (cosign/sigstore style), put our PEM key there too (bsc#1204706)
suse-module-tools
- Update to version 15.4.15: Backport bug fixes from factory
  * driver-check.sh, unblacklist: convert egrep to grep -E (bsc#1203092)
  * kernel-scriptlets: don't pass flags to weak-modules2 (bsc#1195391)
  * driver-check.sh: avoid false positive error messages (boo#1200107)
- Update to version 15.4.14:
  * 80-hotplug-cpu-mem.rules: use CONST{arch} (bsc#1204423)
- Update to version 15.4.13:
  * 80-hotplug-cpu-mem.rules: restrict cpu rule to x86_64 (bsc#1204423)
suseconnect-ng
- Update to version 1.0.0~git0.faee7c196dc1:
  * Revert "/packaging: 1.0.0 -> 1.0"/
- Update to version v1.0~git0.32cac3fb5047:
  * packaging: 1.0.0 -> 1.0
- Update to version 1.0.0~git0.60e48564a714 (bsc#1204821):
  * packaging: obsolete suseconnect < 1.0.0
  * packaging: don't end the summary with a dot
- Update to version 0.0.10~git2.ee561b8:
  * Drop .git from tar
- Update to version 0.0.10~git0.5f84106:
  * Fix System-Token support in ruby binding (bsc#1203341)
  * Added the PACKAGE.md file
- Update to version 0.0.9~git10.de887da7231f:
  * Respect the PROXY_ENABLED environment variable
- Update to version 0.0.9~git8.f9adb71:
  * Use standard buildconditionals
  * Strip the binaries (saves ~ 30%)
- Update to version 0.0.9~git5.75890b6:
  * Don't run keepalive on reboot
  * Use system-wide proxy settings (bsc#1200994)
  * Add customer information about keepalive calls
  * Add timer for SUSEConnect --keepalive (bsc#1196076)
  * Add --keepalive to manpage
  * Added support for the System-Token header
  * Add Keepalive command line option
  * Print nested zypper errors (bsc#1200803)
  * Fix migration json error with SMT (bsc#1198625)
  * Add option to run local scc tests
  * Switch to jenkins-hosted credentials
  * Fix "/VCS stamping"/ problem
  * Add missing import
  * Remove redundant code + add comment
- Update to version 0.0.8~git2.368ea44:
  * go1.18 compatibility: BuildRequires:git
susemanager
- version 4.3.21-1
  * Make python3-extras optional, as SLES 15 does not have it and it
    is only required on SP4 or greater (bsc#1204437)
- version 4.3.20-1
  * add bootstrap repository definitions for SLE-Micro 5.2 and 5.3
  * add bootstrap repo definitions for oracle, alma and rocky linux 9
  * add bootstrap repo data for SUSE Liberty Linux 9
  * add python3-extras to bootstrap repo as dependency of
    python3-libxml2 (bsc#1204437)
- version 4.3.19-1
  * mark new dependencies for python-py optional in bootstrap repo
    to fix generation for older service packs (bsc#1203449)
  * add bootstrap repository definition for OES2023 (bsc#1202602)
  * add missing packages on SLES 15
  * remove server-migrator.sh from SUSE Manager installations (bsc#1202728)
  * create bootstrap repository data for Ubuntu 22.04 Vendor Channels
  * remove obsoleted sysv init script (bsc#1191857)
  * mgr-create-bootstrap-repo: flush directory also when called
    for a specific label (bsc#1200573)
  * pg-migrate-x-to-y.sh: improve output (bsc#1201260)
  * remove python-tornado from bootstrap repo, since no longer
    required for salt version >= 3000
  * add missing packages on SLES 12 SP5 bootstrap repo (bsc#1201918)
  * revert "/bootstrap repo: set optional packages"/
- version 4.3.18-1
  * Add missing python3-gnupg to Debian10 bootstrap repo (bsc#1201842)
  * Add clients tool product to generate
    bootstrap repo on OpenSUSE 15.x (bsc#1201189)
  * Add Oracle Linux 9 bootstrap repositories for Uyuni
  * Add AlmaLinux 9 bootstrap repositories for Uyuni
  * Add Red Hat Enterprise Linux 9 repositories for Uyuni
  * Make the Salt Bundle optional for bootstrap repositories
    for Debian 9 and SUSE Manager Proxy 4.2
  * Enable bootstrapping for Ubuntu 22.04 LTS
- version 4.3.17-1
  * fix pg-migrate-x-to-y.sh comment: migration without creating backup
    use -f option
- version 4.3.16-1
  * bootstrap repo: set optional packages
  * Add python3-contextvars and python3-immutables to missing bootstrap repos (bsc#1200606)
  * Update server-migrator to dist-upgrade to openSUSE 15.4
susemanager-build-keys
- Version 15.4.6:
  * rename and update old SUSE PTF key
    + Removed: gpg-pubkey-b37b98a9-5aaa951b.asc
    + Added:   suse_ptf_key_old-B37B98A9.asc
  * add new SUSE PTF Key
    + Added: suse_ptf_key-6F5DA62B.asc
- Version 15.4.5:
  * Add rpmlintrc configuration, so "/W: backup-file-in-package"/ for
    the keyring is ignored. We do not ship backup files, but we own them
    because they are created each time gpg is called, and we want them
    removed if the package is removed
- Added:
  - uyuni-build-keys.rpmlintrc
- Version 15.4.4:
  * Add key for SUSE product addons (required for SUSE Manager EL9 client tools)
- Added:
  * build-addon-0bad8ecc-632aff67.asc
- Add release and auxiliary GPG keys for RedHat
- Add keys for Rocky Linux 9
- Added:
  * RPM-GPG-KEY-redhat-release
  * RPM-GPG-KEY-redhat-auxiliary
  * RPM-GPG-KEY-Rocky-9
- Version 15.4.3
  * Add Uyuni Client Tools key
- Added:
  * gpg-pubkey-0d20833e.asc
- Version 15.4.2
  * Install keys for Client Tools Channels in salt filesystem to
    be able to deploy them to clients
- Version 15.4.1
  * Add openEuler 22.03 key
  * Add AlmaLinux 9 key
  * Add Oracle Linux 9 keys
- Added:
  * RPM-GPG-KEY-openEuler
  * RPM-GPG-KEY-AlmaLinux-9
  * RPM-GPG-KEY-oracle
  * RPM-GPG-KEY-oracle-backup
susemanager-docs_en
- Removed SLE Micro 5.1 notes in Client Configuration Guide
- Added SLE Micro bootstrapping note in Client Configuration Guide
- Added Red Hat Enterprise Linux 9 clients as supported in Client
  Configuration Guide (bsc#1205896)
- Fixed Rocky Linux documentation in Client Configuration Guide.
  Rocky Linux 8 was partially removed by accident (bsc#1205470)
- Added explanation of automatic custom channels synchronization to
  the Administration Guide
- Added Almalinux 9, Oracle Linux 9, and Rocky Linux 9 as supported
  Client systems
- Added Rocky Linux 9 in Client Configuration Guide
- Added note about shell quotation in Mass Migration section of Client
  Configuration Guide.
- Added information  about OES repository enablement to Troubleshooting
  section in the Administration Guide (bsc#1204195)
- Documented the mgr-bootstrap command in Client Configuration Guide
- Removed Debian 9 references due to end of life and added missing
  Debian 11 info
- Fixed description of default notification settings (bsc#1203422)
- Added missing Debian 11 references
- Documented helm deployment of the proxy on k3s and MetalLB in
  Installation and Upgrade Guide
- Added secure mail communication settings in Administration Guide
- Fixed path to state and pillar files
- Documented how pxeboot works with Secure Boot enabled in Client
  Configuration Guide
- Add repository via proxy issues troubleshooting page
- Change import GPG key description
- Added SLE Micro 5.2 and 5.3 as available as a technology preview
  in Client Configuration Guide, and the IBM Z architecture for 5.1,
  5.2, and 5.3
- Added command to remove the obsolete Python module on SUSE Manager
  Server 4.1 in the Installation and Upgrade Guide (bsc#1203026)
- Mention CA certificate directory in the proxy setup description in the
  Installation and Upgrade Guide (bsc#1202805)
- Documented mandatory channels in the Disconnected Setup chapter of the
  Administration Guide (bsc#1202464)
- Documented how to onboard Ubuntu clients with the Salt bundle as a
  regular user
- Documented how to onboard Debian clients with the Salt bundle or
  plain Salt as a regular user
- Fixed the names of updates channels for Leap
- Fixed errors in OpenSCAP chapter of Administration Guide
- Removed CentOS 8 from the list of supported client systems
- Extend the notes about using noexec option for /tmp and /var/tmp
  (bsc#1201210)
- Added Extend Salt Bundle functionality with Python packages using pip
- Salt Configuration Modules are no longer Technology Preview in
  the Salt Guide
- Described disabling local repositories in Client Configuration
  Guide
- Remove misleading installation screen shots in the Installation
  and Upgrade Guide (bsc#1201411)
- Fixed Ubuntu 18 Client registration in Client Configuration Guide
  (bsc#1201224)
- Removed sle-module-pythonX in VM Installation chapter of
  Installation and Upgrade Guide because SUSE Manager 4.3 does not
  require it
- In the Custom Channel section of the Administration Guide add a
  note about synchronizing repositories regularly
- Removed SUSE Linux Enterprise 11 from the list of supported
  client systems
- Update section about changing SSL certificates
- Added ports 1232 and 1233 in the Ports section of the Installation
  and Upgrade Guide; required for Salt SSH Push (bnc#1200532)
- Fixed 'fast' switch ('-f') of the database migration script in
  Installation and Upgrade Guide
- Updated Virtualization chapter in Client Configuration Guide; more
  on limitation other than Xen and KVM
- Added information about registering RHEL clients on Azure in the
  Import Entitlements and Certificates section of the Client
  Configuration Guide (bsc#1198944)
- Fixed VisibleIf documentation in Formula section of the Salt Guide
- Added note about importing CA certifcate in Installation and Upgrade
  Guide (bsc#1198358)
- Documented defining monitored targets using file-based service
  discovery provided in the Prometheus formula in the Salt Guide
- In Supported Clients and Features chapter in Client Configuration
  Guide, remove SUSE Linux Enterprise 11 (bsc#1199147)
- Improve traditional client deprecation statement in Client
  Configuration Guide (bsc#1199714)
susemanager-schema
- version 4.3.15-1
  * added kickstart distribution data for RHEL 9
  * Fix previous 'Amazon EC2' schema upgrade script
    to prevent possible issues on schema upgrade.
  * Change 'Amazon EC2/KVM' to 'Amazon EC2/Nitro' (bsc#1203685)
  * Keep older module metadata files in database (bsc#1201893)
  * Fix setting of last modified date in channel clone procedure
- version 4.3.14-1
  * Add subtypes for Amazon EC2 virtual instances (bsc#1195624)
  * Fix migration of image actions (bsc#1202272)
  * improve schema compatibility with Amazon RDS
- version 4.3.13-1
  * update GPG key urls in channels set by spacewalk-common-channels
  * add gpg key info to suseProductSCCRepository (bsc#1199984)
  * Move ImageSync pillars to database (bsc#1199157)
susemanager-sls
- version 4.3.26-1
  * Manager reboot in transactional update action chain (bsc#1201476)
  * Detect bootstrap repository path for SLE Micro
  * Fix kiwi inspect regexp to allow image names with "/-"/ (bsc#1204541)
  * Add beacon to check if a reboot is required in transactional systems
  * Use the actual sudo user home directory for salt ssh
    clients on bootstrap and clean up (bsc#1202093)
  * dnf repo definition does not support multiline gpgkeys
    (bsc#1204444)
  * remove forced refresh in channel state as gpg key trust is now
    handled in a different way (bsc#1204061)
  * import gpg keys directly to prevent using gpg-auto-import-keys
    on package operations (bsc#1203580)
  * Perform refresh with packages.pkgupdate state (bsc#1203884)
  * Prevent possible tracebacks on reading postgres opts
    with suma_minion salt pillar extension module
- version 4.3.25-1
  * Fix mgrnet availability check
  * Remove dependence on Kiwi libraries
  * disable always the bootstrap repository also when
    "/mgr_disable_local_repos"/ is set to False
  * Use mgrnet.dns_fqdns module to improve FQDN detection (bsc#1199726)
  * fix syntax error - remove trailing colon (bsc#1203049)
  * Add mgrnet salt module with mgrnet.dns_fqnd function implementation
    allowing to get all possible FQDNs from DNS (bsc#1199726)
  * Copy grains file with util.mgr_switch_to_venv_minion state apply
    (bsc#1203056)
  * Remove the message 'rpm: command not found' on using Salt SSH
    with Debian based systems which has no Salt Bundle
- version 4.3.24-1
  * Fix issue bootstrap issue with Debian 9 because missing python3-contextvars (bsc#1201782)
  * Fix deploy of SLE Micro CA Certificate (bsc#1200276)
  * disable local repos before bootstrap and at highstate (bsc#1191925)
  * deploy GPG keys to the clients and define trust in channels (bsc#1199984)
  * Enable basic support for Ubuntu 22.04
  * Add port parameter to mgrutil.remove_ssh_known_host
  * Prevent possible tracebacks on calling module.run from mgrcompat
    by setting proper globals with using LazyLoader
- version 4.3.23-1
  * Fix bootstrapping for Ubuntu 18.04 with classic Salt package (bsc#1200707)
  * create CA certificate symlink on Proxies which might get lost due
    to de-installation of the ca package
susemanager-sync-data
- version 4.3.11-1
  * change "/EL 9 Base"/ to "/RHEL and Liberty 9 Base"/
- version 4.3.10-1
  * add SLES15 SP3 LTSS
  * add sll 9, oraclelinux 9, almalinux 9 and rockylinux 9
  * release oes2023 products
- version 4.3.9-1
  * add oes2023 (bsc#1202602)
  * add Ubuntu 22.04 amd64
sysconfig
- version 0.85.9
- spec: revert to recommend wicked-service on <= 15.4
- netconfig: remove sed dependency
- netconfig/dns-resolver: remove search limit of 6 domains (bsc#1199093)
- netconfig: cleanup /var/run leftovers (bsc#1194557)
- netconfig: update ntp man page documentation, fix typos
- spec: drop legacy migration (from sle11) and rpm-utils
- version 0.85.8
- netconfig: revert NM default policy change change (boo#1185882)
  With the change to the default policy, netconfig with NetworkManager
  as network.service accepted settings from all services/programs
  directly instead only from NetworkManager, where plugins/services
  have to deliver their settings to apply them.
- version 0.85.7
- spec: Drop hard dependency on /sbin/ifup
- spec: Suggest instead of recommend wicked-service
- spec: Mention that the .spec file is in git as well
- Also support service(network) provides
systemd
- Fix systemd-coredump to not allow user to access coredumps with changed
  uid/gid/capabilities (bsc#1205000 CVE-2022-4415)
  Add 5000-coredump-Fix-format-string-type-mismatch.patch
  Add 5001-coredump-drop-an-unused-variable.patch
  Add 5002-coredump-adjust-whitespace.patch
  Add 5003-coredump-do-not-allow-user-to-access-coredumps-with-.patch
- Import commit bcf040075f682f67370ddf7ab93d7a0d8b9cd9cc
  ab0f962e4c core/device: Log on every event received from udev
  2dcb7c77fe udev/net_id: show the correct identifier in the debug output of dev_pci_onboard()
  5b824103e0 udev/net_id: add debug logging for construction of device names
  cb6925410b udev: add one more assertion
  82e343153a udev: drop assertion which is always false
  cef726986b udev: support by-path devlink for multipath nvme block devices (bsc#1200723)
  00b34f08d9 tests: minor simplification in test-execute
  e5b4571c20 tests: make test-execute pass on openSUSE
- Drop the following patches since they have been merged in 'SUSE/v249' branch:
  6000-udev-net_id-add-debug-logging-for-construction-of-de.patch
  6001-udev-net_id-show-the-correct-identifier-in-the-debug.patch
- Import commit 0cd50eedcc0692c1f907b24424215f8db7d3b428
  ae2067b062 time-util: fix buffer-over-run (bsc#1204968 CVE-2022-3821)
  0469b9f2bc pstore: do not try to load all known pstore modules
  ad05f54439 pstore: Run after modules are loaded
  ccad817445 core: Add trigger limit for path units
  281d818fe3 core/mount: also add default before dependency for automount mount units
  ffe5b4afa8 logind: fix crash in logind on user-specified message string
- Add 1012-man-describe-the-net-naming-schemes-specific-to-SLE.patch (bsc#1204179)
- Make "/sle15-sp3"/ net naming scheme still available for backward compatibility
  reason
- Don't replace /etc/systemd/system/tmp.mount symlink with a dangling one
  pointing to /usr/lib/systemd/ (bsc#1201795)
- Update 1009-Drop-or-soften-some-of-the-deprecation-warnings.patch (jsc#PED-944)
  To decrease log level of messages about use of KillMode=none from warning to
  debug. SAP still uses this deprecated option and the warnings emitted by PID1
  confuse both SAP customers and support.
- Import commit 7b70d88264a588fdba36c6e7655d1feea2b0e0a0 (merge of v249.12)
  For a complete list of changes, visit:
  https://github.com/openSUSE/systemd/compare/4949659dd6ce81845e13034504fe06b85a02f08b...7b70d88264a588fdba36c6e7655d1feea2b0e0a0
- Import commit 4949659dd6ce81845e13034504fe06b85a02f08b
  0f096f16ba tmpfiles: check the directory we were supposed to create, not its parent
  82c3793e43 stat-util: replace is_dir() + is_dir_fd() by single is_dir_full() call
  2191a9ae95 logind: don't delay login for root even if systemd-user-sessions.service is not activated yet (bsc#1195059)
systemd-presets-common-SUSE
- enable ignition-delete-config by default (bsc#1199524)
- Modify branding-preset-states to fix systemd-presets-common-SUSE
  not enabling new user systemd service preset configuration just
  as it handles system service presets. By passing an (optional)
  second parameter "/user"/, the save/apply-changes commands now
  work with user services instead of system ones (boo#1200485)
- Add the wireplumber user service preset to enable it by default
  in SLE15-SP4 where it replaced pipewire-media-session, but keep
  pipewire-media-session preset so we don't have to branch the
  systemd-presets-common-SUSE package for SP4 (boo#1200485)
tar
- Fix unexpected inconsistency when making directory, bsc#1203600
  * tar-avoid-overflow-in-symlinks-tests.patch
  * tar-fix-extract-unlink.patch
- Update race condition fix, bsc#1200657
  * tar-fix-race-condition.patch
- Refresh bsc1200657.patch
- bsc1200657.patch was previously incomplete leading to deadlocks
  * bsc#1202436
  * bsc1200657.patch updated
- Fix race condition while creating intermediate subdirectories,
  bsc#1200657
  * bsc1200657.patch
tcl
- Fix a race condition in test socket-13.1
  (tcl-test-socket-13.1.patch).
- Remove the SQLite extension and package it as a subpackage of
  sqlite3 to have only a single copy and keep it more up to date
  (bsc#1195773).
- Clean up the lib dependencies in tclConfig.sh and tcl.pc.
telnet
- Fix CVE-2022-39028, NULL pointer dereference in telnetd
  (CVE-2022-39028, bsc#1203759)
  CVE-2022-39028.patch
timezone
- timezone update 2022g (bsc#1177460):
  * In the Mexican state of Chihuahua, the border strip near the US
    will change to agree with nearby US locations on 2022-11-30.
    The strip's western part, represented by Ciudad Juárez, switches
    from -06 all year to -07/-06 with US DST rules, like El Paso, TX.
    The eastern part, represented by Ojinaga, will observe US DST next
    year, like Presidio, TX.
    A new Zone America/Ciudad_Juarez splits from America/Ojinaga.
  * Much of Greenland, represented by America/Nuuk, stops observing
    winter time after March 2023, so its daylight saving time becomes
    standard time.
  * Changes for pre-1996 northern Canada
  * Update to past DST transition in Colombia (1993), Singapore
    (1981)
  * timegm is now supported by default
- timezone update 2022f (bsc#1177460):
  * Mexico will no longer observe DST except near the US border
  * Chihuahua moves to year-round -06 on 2022-10-30
  * Fiji no longer observes DST
  * Move links to 'backward'
  * In vanguard form, GMT is now a Zone and Etc/GMT a link
  * zic now supports links to links, and vanguard form uses this
  * Simplify four Ontario zones
  * Fix a Y2438 bug when reading TZif data
  * Enable 64-bit time_t on 32-bit glibc platforms
  * Omit large-file support when no longer needed
  * In C code, use some C23 features if available
  * Remove no-longer-needed workaround for Qt bug 53071
- Refreshed patches:
  * fat.patch
  * tzdata-china.diff
- timezone update 2022e (bsc#1177460):
  * Jordan and Syria switch from +02/+03 with DST to year-round +03
- timezone update 2022d:
  * Palestine transitions are now Saturdays at 02:00
  * Simplify three Ukraine zones into one
- timezone update 2022c:
  * Work around awk bug
  * Improve tzselect on intercontinental Zones
- timezone update 2022b:
  * Chile's DST is delayed by a week in September 2022 boo#1202324
  * Iran no longer observes DST after 2022
  * Rename Europe/Kiev to Europe/Kyiv
  * New zic -R option
  * Vanguard form now uses %z
  * Finish moving duplicate-since-1970 zones to 'backzone'
- Refresh tzdata-china.diff
- Remove upstreamed bsc1202310.patch
- Update to reflect new Chile DST change, bsc#1202310
  * bsc1202310.patch
unzip
- Fix CVE-2022-0530, SIGSEGV during the conversion of an utf-8 string
  to a local string (CVE-2022-0530, bsc#1196177)
  * CVE-2022-0530.patch
- Fix CVE-2022-0529, Heap out-of-bound writes and reads during
  conversion of wide string to local string (CVE-2022-0529, bsc#1196180)
  * CVE-2022-0529.patch
util-linux
- Fix file conflict during upgrade (boo#1204211).
- libuuid improvements (bsc#1201959, PED-1150):
  * libuuid: Fix range when parsing UUIDs
    (util-linux-libuuid-uuid_parse-overrun.patch).
  * Improve cache handling for short running applications-increment
    the cache size over runtime
    (util-linux-libuuid-improve-cache-handling.patch).
  * Implement continuous clock handling for time based UUIDs
    (util-linux-libuuid-continuous-clock-handling.patch).
  * Check clock value from clock file to provide seamless libuuid
    update (util-linux-libuuid-check-clock-value.patch).
- agetty: Resolve tty name even if stdin is specified (bsc#1197178,
  util-linux-agetty-resolve-tty-if-stdin-is-specified.patch).
- libmount: When moving a mount point, update all sub mount entries
  in utab (bsc#1198731,
  util-linux-libmount-moving-mount-point-sub-mounts.patch,
  util-linux-libmount-fix-and-improve-utab-on-ms_move.patch).
util-linux-systemd
- Fix file conflict during upgrade (boo#1204211).
- libuuid improvements (bsc#1201959, PED-1150):
  * libuuid: Fix range when parsing UUIDs
    (util-linux-libuuid-uuid_parse-overrun.patch).
  * Improve cache handling for short running applications-increment
    the cache size over runtime
    (util-linux-libuuid-improve-cache-handling.patch).
  * Implement continuous clock handling for time based UUIDs
    (util-linux-libuuid-continuous-clock-handling.patch).
  * Check clock value from clock file to provide seamless libuuid
    update (util-linux-libuuid-check-clock-value.patch).
- agetty: Resolve tty name even if stdin is specified (bsc#1197178,
  util-linux-agetty-resolve-tty-if-stdin-is-specified.patch).
- libmount: When moving a mount point, update all sub mount entries
  in utab (bsc#1198731,
  util-linux-libmount-moving-mount-point-sub-mounts.patch,
  util-linux-libmount-fix-and-improve-utab-on-ms_move.patch).
uyuni-common-libs
- version 4.3.6-1
  * Do not allow creating path if nonexistent user or group in fileutils.
- version 4.3.5-1
  * Fix reposync issue about 'rpm.hdr' object has no attribute 'get'
uyuni-reportdb-schema
- version 4.3.6-1
  * improve schema compatibility with Amazon RDS
vim
- Updated to version 9.0 with patch level 1040, fixes the following security problems
  * Fixing bsc#1206028 VUL-0: CVE-2022-3491: vim: Heap-based Buffer Overflow prior to 9.0.0742
  * Fixing bsc#1206071 VUL-0: CVE-2022-3520: vim: Heap-based Buffer Overflow
  * Fixing bsc#1206072 VUL-0: CVE-2022-3591: vim: Use After Free
  * Fixing bsc#1206075 VUL-0: CVE-2022-4292: vim: Use After Free in GitHub repository vim/vim prior to 9.0.0882.
  * Fixing bsc#1206077 VUL-0: CVE-2022-4293: vim: Floating Point Comparison with Incorrect Operator in GitHub repository vim/vim prior to 9.0.0804.
  * Fixing bsc#1205797 VUL-0: CVE-2022-4141: vim: heap-buffer-overflow in alloc.c 246:11
  * Fixing bsc#1204779 VUL-0: CVE-2022-3705: vim: use after free in function qf_update_buffer of the file quickfix.c
- for the complete list of changes see
  https://github.com/vim/vim/compare/v9.0.814...v9.0.1040
- Updated to version 9.0 with patch level 0814, fixes the following problems
  * Fixing bsc#1192478 VUL-1: CVE-2021-3928: vim: vim is vulnerable to Stack-based Buffer Overflow
  * Fixing bsc#1203508 VUL-0: CVE-2022-3234: vim: Heap-based Buffer Overflow prior to 9.0.0483.
  * Fixing bsc#1203509 VUL-1: CVE-2022-3235: vim: Use After Free in GitHub prior to 9.0.0490.
  * Fixing bsc#1203820 VUL-0: CVE-2022-3324: vim: Stack-based Buffer Overflow in prior to 9.0.0598.
  * Fixing bsc#1204779 VUL-0: CVE-2022-3705: vim: use after free in function qf_update_buffer of the file quickfix.c
  * Fixing bsc#1203152 VUL-1: CVE-2022-2982: vim: use after free in qf_fill_buffer()
  * Fixing bsc#1203796 VUL-1: CVE-2022-3296: vim: stack out of bounds read in ex_finally() in ex_eval.c
  * Fixing bsc#1203797 VUL-1: CVE-2022-3297: vim: use-after-free in process_next_cpt_value() at insexpand.c
  * Fixing bsc#1203110 VUL-1: CVE-2022-3099: vim: Use After Free in ex_docmd.c
  * Fixing bsc#1203194 VUL-1: CVE-2022-3134: vim: use after free in do_tag()
  * Fixing bsc#1203272 VUL-1: CVE-2022-3153: vim: NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0404.
  * Fixing bsc#1203799 VUL-1: CVE-2022-3278: vim: NULL pointer dereference in eval_next_non_blank() in eval.c
  * Fixing bsc#1203924 VUL-1: CVE-2022-3352: vim: vim: use after free
  * Fixing bsc#1203155 VUL-1: CVE-2022-2980: vim: null pointer dereference in do_mouse()
  * Fixing bsc#1202962 VUL-1: CVE-2022-3037: vim: Use After Free in vim prior to 9.0.0321
- ignore-flaky-test-failure.patch: Ignore failure of flaky tests
- disable-unreliable-tests-arch.patch: Removed
- for the complete list of changes see
  https://github.com/vim/vim/compare/v9.0.0313...v9.0.0814
- Updated to version 9.0 with patch level 0313, fixes the following problems
  * Fixing bsc#1200884 Vim: Error on startup
  * Fixing bsc#1200902 VUL-0: CVE-2022-2183: vim: Out-of-bounds Read through get_lisp_indent() Mon 13:32
  * Fixing bsc#1200903 VUL-0: CVE-2022-2182: vim: Heap-based Buffer Overflow through parse_cmd_address() Tue 08:37
  * Fixing bsc#1200904 VUL-0: CVE-2022-2175: vim: Buffer Over-read through cmdline_insert_reg() Tue 08:37
  * Fixing bsc#1201249 VUL-0: CVE-2022-2304: vim: stack buffer overflow in spell_dump_compl()
  * Fixing bsc#1201356 VUL-1: CVE-2022-2343: vim: Heap-based Buffer Overflow in GitHub repository vim prior to 9.0.0044
  * Fixing bsc#1201359 VUL-1: CVE-2022-2344: vim: Another Heap-based Buffer Overflow vim prior to 9.0.0045
  * Fixing bsc#1201363 VUL-1: CVE-2022-2345: vim: Use After Free in GitHub repository vim prior to 9.0.0046.
  * Fixing bsc#1201620 PUBLIC SUSE Linux Enterprise Server 15 SP4 Basesystem zbalogh@suse.com NEW --- SLE-15-SP4-Full-x86_64-GM-Media1 and vim-plugin-tlib-1.27-bp154.2.18.noarch issue
  * Fixing bsc#1202414 VUL-1: CVE-2022-2819: vim: Heap-based Buffer Overflow in compile_lock_unlock()
  * Fixing bsc#1202552 VUL-1: CVE-2022-2874: vim: NULL Pointer Dereference in generate_loadvar()
  * Fixing bsc#1200270 VUL-1: CVE-2022-1968: vim: use after free in utf_ptr2char
  * Fixing bsc#1200697 VUL-1: CVE-2022-2124: vim: out of bounds read in current_quote()
  * Fixing bsc#1200698 VUL-1: CVE-2022-2125: vim: out of bounds read in get_lisp_indent()
  * Fixing bsc#1200700 VUL-1: CVE-2022-2126: vim: out of bounds read in suggest_trie_walk()
  * Fixing bsc#1200701 VUL-1: CVE-2022-2129: vim: out of bounds write in vim_regsub_both()
  * Fixing bsc#1200732 VUL-1: CVE-2022-1720: vim: out of bounds read in grab_file_name()
  * Fixing bsc#1201132 VUL-1: CVE-2022-2264: vim: out of bounds read in inc()
  * Fixing bsc#1201133 VUL-1: CVE-2022-2284: vim: out of bounds read in utfc_ptr2len()
  * Fixing bsc#1201134 VUL-1: CVE-2022-2285: vim: negative size passed to memmove() due to integer overflow
  * Fixing bsc#1201135 VUL-1: CVE-2022-2286: vim: out of bounds read in ins_bytes()
  * Fixing bsc#1201136 VUL-1: CVE-2022-2287: vim: out of bounds read in suggest_trie_walk()
  * Fixing bsc#1201150 VUL-1: CVE-2022-2231: vim: null pointer dereference skipwhite()
  * Fixing bsc#1201151 VUL-1: CVE-2022-2210: vim: out of bounds read in ml_append_int()
  * Fixing bsc#1201152 VUL-1: CVE-2022-2208: vim: null pointer dereference in diff_check()
  * Fixing bsc#1201153 VUL-1: CVE-2022-2207: vim: out of bounds read in ins_bs()
  * Fixing bsc#1201154 VUL-1: CVE-2022-2257: vim: out of bounds read in msg_outtrans_special()
  * Fixing bsc#1201155 VUL-1: CVE-2022-2206: vim: out of bounds read in msg_outtrans_attr()
  * Fixing bsc#1201863 VUL-1: CVE-2022-2522: vim: out of bounds read via nested autocommand
  * Fixing bsc#1202046 VUL-1: CVE-2022-2571: vim: Heap-based Buffer Overflow related to ins_comp_get_next_word_or_line()
  * Fixing bsc#1202049 VUL-1: CVE-2022-2580: vim: Heap-based Buffer Overflow related to eval_string()
  * Fixing bsc#1202050 VUL-1: CVE-2022-2581: vim: Out-of-bounds Read related to cstrchr()
  * Fixing bsc#1202051 VUL-1: CVE-2022-2598: vim: Undefined Behavior for Input to API related to diff_mark_adjust_tp() and ex_diffgetput()
  * Fixing bsc#1202420 VUL-1: CVE-2022-2817: vim: Use After Free in f_assert_fails()
  * Fixing bsc#1202421 VUL-1: CVE-2022-2816: vim: Out-of-bounds Read in check_vim9_unlet()
  * Fixing bsc#1202511 VUL-1: CVE-2022-2862: vim: use-after-free in compile_nested_function()
  * Fixing bsc#1202512 VUL-1: CVE-2022-2849: vim: Invalid memory access related to mb_ptr2len()
  * Fixing bsc#1202515 VUL-1: CVE-2022-2845: vim: Buffer Over-read related to display_dollar()
  * Fixing bsc#1202599 VUL-1: CVE-2022-2889: vim: use-after-free in find_var_also_in_script() in evalvars.c
  * Fixing bsc#1202687 VUL-1: CVE-2022-2923: vim: NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0240
  * Fixing bsc#1202689 VUL-1: CVE-2022-2946: vim: use after free in function vim_vsnprintf_typval
  * Fixing bsc#1202862 VUL-1: CVE-2022-3016: vim: Use After Free in vim prior to 9.0.0285 Mon 12:00
virtual-host-gatherer
- Declare the LICENSE file as license and not doc
wget
- Update 0001-possibly-truncate-pathname-components.patch
  * Truncate file name even if no directory structure
  * [bsc#1204720]
wicked
- version 0.6.70
- build: Link as Position Independent Executable (bsc#1184124)
- dhcp4: Fix issues in reuse of last lease (bsc#1187655)
- dhcp6: Add option to refresh lease (jsc#SLE-9492,jsc#SLE-24307)
- dhcp6: Remove address before release (USGv6 DHCPv6_1_2_07b)
- dhcp6: Ignore lease release status (USGv6 DHCPv6_1_2_07e,1_3_03)
- dhcp6: Consider ppp interfaces supported (gh#openSUSE/wicked#924)
- team: Fix to configure port priority in teamd (bsc#1200505)
- firewall-ext: No config change on ifdown (bsc#1201053,bsc#118950)
- wireless: Fix SEGV on supplicant restart (gh#openSUSE/wicked#931)
- wireless: Add support for WPA3 and PMF (bsc#1198894)
- wireless: Remove libiw dependencies (gh#openSUSE/wicked#910)
- client: Fix SEGV on empty xpath results (gh#openSUSE/wicked#919)
- client: Add release options to ifdown/ifreload (jsc#SLE-10249)
- dbus: Clear string array before append (gh#openSUSE/wicked#913)
- socket: Fix SEGV on heavy socket restart errors (bsc#1192508)
- systemd: Remove systemd-udev-settle dependency (bsc#1186787)
- dbus: cleanup the dbus-service.h file and unused property macros
  e.g. tso has been split into several features and the
- cleanup: add missing/explicit designated field initializers
- dhcp: support to define and request custom options (bsc#988954),
- utils: fixed last byte formatting in ni_format_hex
- ifconfig: re-add broadcast calculation (bcs#971629).
- version 0.6.27
woodstox
- Declare the LICENSE file as license and not doc
xen
- bsc#1193923 - VUL-1: xen: Frontends vulnerable to backends
  (XSA-376)
  61dd5f64-limit-support-statement-for-Linux-and-Windows-frontends.patch
- bsc#1203806 - VUL-0: CVE-2022-33746: xen: P2M pool freeing may
  take excessively long (XSA-410)
  63455f82-Arm-P2M-prevent-adding-mapping-when-dying.patch
  63455fa8-Arm-P2M-preempt-when-freeing-intermediate.patch
  63455fc3-x86-p2m_teardown-allow-skip-root-pt-removal.patch
  63455fe4-x86-HAP-monitor-table-error-handling.patch
  63456000-x86-tolerate-sh_set_toplevel_shadow-failure.patch
  6345601d-x86-tolerate-shadow_prealloc-failure.patch
  6345603a-x86-P2M-refuse-new-alloc-for-dying.patch
  63456057-x86-P2M-truly-free-paging-pool-for-dying.patch
  63456075-x86-P2M-free-paging-pool-preemptively.patch
  63456090-x86-p2m_teardown-preemption.patch
- bcs#1203804 - VUL-0: CVE-2022-33747: xen: unbounded memory consumption
  for 2nd-level page tables on ARM systems (XSA-409)
  63456175-libxl-per-arch-extra-default-paging-memory.patch
  63456177-Arm-construct-P2M-pool-for-guests.patch
  6345617a-Arm-XEN_DOMCTL_shadow_op.patch
  6345617c-Arm-take-P2M-pages-P2M-pool.patch
- bsc#1203807 - VUL-0: CVE-2022-33748: xen: lock order inversion in
  transitive grant copy handling (XSA-411)
  634561aa-gnttab-locking-on-transitive-copy-error-path.patch
- Upstream bug fixes (bsc#1027519)
  6306185f-x86-XSTATE-CPUID-subleaf-1-EBX.patch
  631b5ba6-gnttab-acquire-resource-vaddrs.patch
  634561f1-x86emul-respect-NSCB.patch
  6346e404-VMX-correct-error-handling-in-vmx_create_vmcs.patch
  6351095c-Arm-rework-p2m_init.patch
  6351096a-Arm-P2M-populate-pages-for-GICv2-mapping.patch
  635274c0-EFI-dont-convert-runtime-mem-to-RAM.patch
  635665fb-sched-fix-restore_vcpu_affinity.patch
  63569723-x86-shadow-replace-bogus-assertions.patch
- Drop patches replaced by upstream versions:
  xsa410-01.patch
  xsa410-02.patch
  xsa410-03.patch
  xsa410-04.patch
  xsa410-05.patch
  xsa410-06.patch
  xsa410-07.patch
  xsa410-08.patch
  xsa410-09.patch
  xsa410-10.patch
  xsa411.patch
- bsc#1204482 - VUL-0: CVE-2022-42311, CVE-2022-42312,
  CVE-2022-42313, CVE-2022-42314, CVE-2022-42315, CVE-2022-42316,
  CVE-2022-42317, CVE-2022-42318: xen: Xenstore: Guests can let
  xenstored run out of memory (XSA-326)
  xsa326-01.patch
  xsa326-02.patch
  xsa326-03.patch
  xsa326-04.patch
  xsa326-05.patch
  xsa326-06.patch
  xsa326-07.patch
  xsa326-08.patch
  xsa326-09.patch
  xsa326-10.patch
  xsa326-11.patch
  xsa326-12.patch
  xsa326-13.patch
  xsa326-14.patch
  xsa326-15.patch
  xsa326-16.patch
- bsc#1204485 - VUL-0: CVE-2022-42309: xen: Xenstore: Guests can
  crash xenstored (XSA-414)
  xsa414.patch
- bsc#1204487 - VUL-0: CVE-2022-42310: xen: Xenstore: Guests can
  create orphaned Xenstore nodes (XSA-415)
  xsa415.patch
- bsc#1204488 - VUL-0: CVE-2022-42319: xen: Xenstore: Guests can
  cause Xenstore to not free temporary memory (XSA-416)
  xsa416.patch
- bsc#1204489 - VUL-0: CVE-2022-42320: xen: Xenstore: Guests can
  get access to Xenstore nodes of deleted domains (XSA-417)
  xsa417.patch
- bsc#1204490 - VUL-0: CVE-2022-42321: xen: Xenstore: Guests can
  crash xenstored via exhausting the stack (XSA-418)
  xsa418-01.patch
  xsa418-02.patch
  xsa418-03.patch
  xsa418-04.patch
  xsa418-05.patch
  xsa418-06.patch
  xsa418-07.patch
- bsc#1204494 - VUL-0: CVE-2022-42322,CVE-2022-42323: xen:
  Xenstore: cooperating guests can create arbitrary numbers of
  nodes (XSA-419)
  xsa419-01.patch
  xsa419-02.patch
  xsa419-03.patch
- bsc#1204496 - VUL-0: CVE-2022-42325,CVE-2022-42326: xen:
  Xenstore: Guests can create arbitray number of nodes via
  transactions (XSA-421)
  xsa421-01.patch
  xsa421-02.patch
- bsc#1204483 - VUL-0: CVE-2022-42327: xen: x86: unintended memory
  sharing between guests (XSA-412)
  xsa412.patch
- bsc#1203806 - VUL-0: CVE-2022-33746: xen: P2M pool freeing may
  take excessively long (XSA-410)
  xsa410-01.patch
  xsa410-02.patch
  xsa410-03.patch
  xsa410-04.patch
  xsa410-05.patch
  xsa410-06.patch
  xsa410-07.patch
  xsa410-08.patch
  xsa410-09.patch
  xsa410-10.patch
- bsc#1203807 - VUL-0: CVE-2022-33748: xen: lock order inversion in
  transitive grant copy handling (XSA-411)
  xsa411.patch
- bsc#1201994 - Xen DomU unable to emulate audio device
  62fde97e-tools-libxl-Replace-deprecated-soundhw-on-QEMU-command-line.patch
- Things are compiling fine now with gcc12.
  Drop gcc12-fixes.patch
- Update to Xen 4.16.2 bug fix release (bsc#1027519)
  xen-4.16.2-testing-src.tar.bz2
  * No upstream changelog found in sources or webpage
- Drop patches contained in new tarball
  625fca42-VT-d-reserved-CAP-ND.patch
  626f7ee8-x86-MSR-handle-P5-MC-reads.patch
  627549d6-IO-shutdown-race.patch
  62a1e594-x86-clean-up-_get_page_type.patch
  62a1e5b0-x86-ABAC-race-in-_get_page_type.patch
  62a1e5d2-x86-introduce-_PAGE_-for-mem-types.patch
  62a1e5f0-x86-dont-change-cacheability-of-directmap.patch
  62a1e60e-x86-split-cache_flush-out-of-cache_writeback.patch
  62a1e62b-x86-AMD-work-around-CLFLUSH-ordering.patch
  62a1e649-x86-track-and-flush-non-coherent.patch
  62a99614-IOMMU-x86-gcc12.patch
  62ab0fab-x86-spec-ctrl-VERW-flushing-runtime-cond.patch
  62ab0fac-x86-spec-ctrl-enum-for-MMIO-Stale-Data.patch
  62ab0fad-x86-spec-ctrl-add-unpriv-mmio.patch
  62bdd840-x86-spec-ctrl-only-adjust-idle-with-legacy-IBRS.patch
  62bdd841-x86-spec-ctrl-knobs-for-STIBP-and-PSFD.patch
  62c56cc0-libxc-fix-compilation-error-with-gcc13.patch
  62cc31ed-x86-honour-spec-ctrl-0-for-unpriv-mmio.patch
  62cc31ee-cmdline-extend-parse_boolean.patch
  62cc31ef-x86-spec-ctrl-fine-grained-cmdline-subopts.patch
  62cd91d0-x86-spec-ctrl-rework-context-switching.patch
  62cd91d1-x86-spec-ctrl-rename-SCF_ist_wrmsr.patch
  62cd91d2-x86-spec-ctrl-rename-opt_ibpb.patch
  62cd91d3-x86-spec-ctrl-rework-SPEC_CTRL_ENTRY_FROM_INTR_IST.patch
  62cd91d4-x86-spec-ctrl-IBPB-on-entry.patch
  62cd91d5-x86-cpuid-BTC_NO-enum.patch
  62cd91d6-x86-spec-ctrl-enable-Zen2-chickenbit.patch
  62cd91d7-x86-spec-ctrl-mitigate-Branch-Type-Confusion.patch
  xsa408.patch
- bsc#1167608, bsc#1201631 - fix built-in default of max_event_channels
  A previous change to the built-in default had a logic error,
  effectively restoring the upstream limit of 1023 channels per domU.
  Fix the logic to calculate the default based on the number of vcpus.
  adjust libxl.max_event_channels.patch
- Added --disable-pvshim when running configure in xen.spec.
  We have never shipped the shim and don't need to build it.
- bsc#1199965 - VUL-0: CVE-2022-26362: xen: Race condition
  in typeref acquisition
  62a1e594-x86-clean-up-_get_page_type.patch
  62a1e5b0-x86-ABAC-race-in-_get_page_type.patch
- bsc#1199966 - VUL-0: CVE-2022-26363,CVE-2022-26364: xen:
  Insufficient care with non-coherent mappings
  62a1e5d2-x86-introduce-_PAGE_-for-mem-types.patch
  62a1e5f0-x86-dont-change-cacheability-of-directmap.patch
  62a1e60e-x86-split-cache_flush-out-of-cache_writeback.patch
  62a1e62b-x86-AMD-work-around-CLFLUSH-ordering.patch
  62a1e649-x86-track-and-flush-non-coherent.patch
- bsc#1200549 VUL-0: CVE-2022-21123,CVE-2022-21125,CVE-2022-21166:
  xen: x86: MMIO Stale Data vulnerabilities (XSA-404)
  62ab0fab-x86-spec-ctrl-VERW-flushing-runtime-cond.patch
  62ab0fac-x86-spec-ctrl-enum-for-MMIO-Stale-Data.patch
  62ab0fad-x86-spec-ctrl-add-unpriv-mmio.patch
- bsc#1201469 - VUL-0: CVE-2022-23816,CVE-2022-23825,CVE-2022-29900:
  xen: retbleed - arbitrary speculative code execution with return
  instructions (XSA-407)
  62cc31ed-x86-honour-spec-ctrl-0-for-unpriv-mmio.patch
  62cc31ee-cmdline-extend-parse_boolean.patch
  62cc31ef-x86-spec-ctrl-fine-grained-cmdline-subopts.patch
  62cd91d0-x86-spec-ctrl-rework-context-switching.patch
  62cd91d1-x86-spec-ctrl-rename-SCF_ist_wrmsr.patch
  62cd91d2-x86-spec-ctrl-rename-opt_ibpb.patch
  62cd91d3-x86-spec-ctrl-rework-SPEC_CTRL_ENTRY_FROM_INTR_IST.patch
  62cd91d4-x86-spec-ctrl-IBPB-on-entry.patch
  62cd91d5-x86-cpuid-BTC_NO-enum.patch
  62cd91d6-x86-spec-ctrl-enable-Zen2-chickenbit.patch
  62cd91d7-x86-spec-ctrl-mitigate-Branch-Type-Confusion.patch
- Upstream bug fixes (bsc#1027519)
  62a99614-IOMMU-x86-gcc12.patch
  62bdd840-x86-spec-ctrl-only-adjust-idle-with-legacy-IBRS.patch
  62bdd841-x86-spec-ctrl-knobs-for-STIBP-and-PSFD.patch
- Drop patches replaced by upstream versions
  xsa401-1.patch
  xsa401-2.patch
  xsa402-1.patch
  xsa402-2.patch
  xsa402-3.patch
  xsa402-4.patch
  xsa402-5.patch
- bsc#1201394 - VUL-0: CVE-2022-33745: xen: insufficient TLB flush
  for x86 PV guests in shadow mode (XSA-408)
  xsa408.patch
- Fix gcc13 compilation error
  62c56cc0-libxc-fix-compilation-error-with-gcc13.patch
- Moved logrotate files from user specific directory /etc/logrotate.d
  to vendor specific directory /usr/etc/logrotate.d.
xfsprogs
- mkfs: don't trample the gid set in the protofile (bsc#1205266)
  - Add xfsprogs-mkfs-don-t-trample-the-gid-set-in-the-protofile.patch
- mkfs: prevent corruption of passed-in suboption string values
  (bsc#1205377)
  - Add xfsprogs-mkfs-prevent-corruption-of-passed-in-suboption-strin.patch
- mkfs: terminate getsubopt arrays properly (bsc#1205284)
  - Add xfsprogs-mkfs-terminate-getsubopt-arrays-properly.patch
- xfs_repair: ignore empty xattr leaf blocks (bsc#1205272)
  - Add xfsprogs-xfs_repair-ignore-empty-xattr-leaf-blocks.patch
xmlpull-api
- Declare the LICENSE file as license and not doc
yaml-cpp
- Version 0.6.3 changed ABI without changing SONAME. Re-add symbol
  from the old ABI to prevent ABI breakage and crash of
  applications compiled with 0.6.1 (bsc#1200624, bsc#1178332,
  bsc#1178331, bsc#1160171, yaml-cpp-abi-breakage.patch).
yast2
- Added a parameter to NetworkService.EnableDisableNow method in
  order to ensure that the selected network service is enabled even
  when the selection has not been modified (bsc#1202479)
- 4.4.52
- Do not ask for user input while checking file conflicts if the
  delayed progress popup is not shown (bsc#1201924, bsc#1202892)
- backported from master
- 4.4.51
- Avoid build failures when packager is not available (related to
  bsc#1196674)
- 4.4.50
- Show what product is being installed (bsc#1196674)
- 4.4.49
- Show file conflict checking progress in delayed popup (bsc#1195608)
  PR: https://github.com/yast/yast-yast2/pull/1250
- 4.4.48
yast2-bootloader
- prevent leak of grub2 password to logs(bsc#1201962)
- 4.4.18
yast2-country
- Update language cache when selecting new language to ensure that
  always the correct language translations are used in the license
  translations selection combo box on the next wizard page
  (bsc#1204845, bsc#1193009)
- 4.4.13
yast2-http-server
- bsc#1200016
  - find out php version dynamically to avoid hardcoded version
- 4.4.2
yast2-installation
- Fixed the help in the installation summary to include the texts
  from the corresponding proposals (related to jsc#SLE-24764).
- 4.4.58
- Write config for ssg-apply script according to the enabled
  security policy (part of jsc#SLE-24764).
- Fix copy of entropy pool during installation (bsc#1204559).
- 4.4.57
- Do not use "/xrdb"/ for setting the "/Xft.dpi"/ value, use a specific
  YaST tool from the yast2-x11 package (bsc#1201532)
  (xrdb depends on the C pre-processor increasing the dependencies
  about of 22MB)
- Install yast2-x11 only when GUI (libyui-qt) is installed,
  avoid installing the dependent X libraries in minimal (text mode)
  installation (bsc#1201966)
- 4.4.56
- AutoYaST SecondStage: Revert changes introduced in 4.3.46 running
  the initscript service before systemd-user-sessions again once
  systemd patched logind (bsc#1195059, bsc#1200780)
- 4.4.55
- Do not restart services when updating the package (bsc#1199480,
  bsc#1200274)
- 4.4.54
- AutoYaST Second Stage: Added a missing dependency to the service
  to prevent getty-autogeneration listen on 5901 port (bsc#1199746)
- 4.4.53
yast2-network
- Do not assume wicked will be installed by default anymore and
  return the needed packages by the selected backend when them
  are not installed (bsc#1201235, bsc#1201435)
- 4.4.53
- Fixed issue when writing the NetworkManager config without a
  gateway (bsc#1203866)
- 4.4.52
- Activate s390 devices before importing and reading the network
  configuration or otherwise the related linux devices will not be
  present and could be ignored (bsc#1199746)
- 4.4.51
- At the end of the installation, force an enablement of the
  selected network service even when the selected one has not been
  modified and ensure other backends are disabled (bsc#1202479)
- 4.4.50
- Added a class to generate the configuration needed for a FCoE
  device being aware of it during the installation (bsc#1199554)
- 4.4.49
- AY: Added missing route extrapara element to the networking
  section (bsc#1201129)
- 4.4.48
- Allow more than 6 domains in resolver search list (bsc#1200155).
- 4.4.47
- CFA NM: replace problematic characters when getting the filename
  for the given wireless configuration (bsc#1199451).
- 4.4.46
yast2-nfs-client
- Fix localization of NFS Version widget values (bsc#1198076)
- 4.4.5
yast2-online-update
- bsc#1204907
  - Dropped old workaround from 2.13.15 with unconditional refresh
    of all repositories.
- 4.4.4
yast2-packager
- Do not add an empty repository to the system when upgrading
  a registered system using the Full installation medium
  (bsc#1204399)
- 4.4.33
- Fix package counters in the installation slideshow
  (boo#1199621).
- 4.4.32
yast2-pkg-bindings
- Allow querying orphaned packages (related to bsc#1202007)
- 4.4.5
yast2-registration
- Add reader for products defined in a YAML file.
- Allow forcing registration and configuring a YAML product as
  installed product.
- Related to jsc#PED-1380 and jsc#PM-3439.
- 4.4.23
- Do not crash when cloning an unregistered system with
  additional repositories (bsc#1200035).
- 4.4.22
yast2-schema
- Add 'extrapara' to routes in the networking section (bsc#1201129)
- 4.3.31
- Support for flatten and nested "/category_filter"/ element in the
  "/online_update_configuration"/ section (bsc#1198848).
- 4.3.30
yast2-security
- AutoYaST: export security policy settings (related to
  jsc#SLE-24764).
- 4.4.18
- Fixed wrong steps count causing a crash during saving (bsc#1205918)
- 4.4.17
- Disable the ssg-apply service if the selected SCAP action is
  "/do nothing"/ (related to jsc#SLE-24764).
- 4.4.16
- Add support for DISA STIG security policy validation
  (jsc#SLE-24764).
- 4.4.15
- Do not crash when reading active LSM modules returns nil
  (related to jsc#SLE-22069)
- 4.4.14
yast2-storage-ng
- Validate security policies in both guided proposal and
  partitioner (part of jsc#SLE-24764).
- 4.4.41
- Partitioner: Allow min chunk size of 4 KiB (page size) for RAID0 /
  RAID10 (bsc#1200018)
- 4.4.40
- Mark properly help text in tmpfs widget for localization
  (bsc#1198192)
- 4.4.39
- Fix empty help in some Partitioner dialogs (bsc#1194274)
- 4.4.38
- Fix fstab entry filesystem matching allowing the use of quotes
  surrounding the device UUID or label (bsc#1197692)
- 4.4.37
yast2-update
- Display a warning in the upgrade summary when removing orphaned
  3rd party packages (bsc#1202007)
- 4.4.8
- Use the "/norecovery"/ mount option when searching the root
  partitions (bsc#1195894)
- 4.4.7
yast2-users
- AutoYaST: Fix creation of home for system users (bsc#1202974).
- 4.4.12
- AY: Fix writing ssh keys for user without specified home
  (bsc#1201185)
- 4.4.11
zlib
- Fix bsc#1203652, inflate() does not update strm.adler if DFLTCC is used
  * bsc1203652.patch
- Fix heap-based buffer over-read or buffer overflow in inflate via
  large gzip header extra field (bsc#1202175, CVE-2022-37434,
  CVE-2022-37434-extra-header-1.patch,
  CVE-2022-37434-extra-header-2.patch).
zypper
- BuildRequires:  libzypp-devel >= 17.31.2.
- Fix --[no]-allow-vendor-change feedback in install command
  (bsc#1201972)
- version 1.14.57
- UsrEtc: Store logrotate files in %{_distconfdir} if defined
  (fixes #441, fixes #444)
- Remove unneeded code to compute the PPP status.
  Since libzypp 17.23.0 the PPP status is auto established. No
  extra solver run is needed.
- Make sure 'up' respects solver related CLI options (bsc#1201972)
- Fix tests to use locale "/C.UTF-8"/ rather than "/en_US"/.
- Fix man page (fixes #451)
- version 1.14.56
- lr: Allow shortening the Name column if table is wider than the
  terminal (bsc#1201638)
- Don't accepts install/remove modifier without argument
  (bsc#1201576)
- zypper-download: Set correct ExitInfoCode when failing to
  resolve argument.
- zypper-download: Handle unresolvable arguments as error.
  This commit changes zypper-download such that it behaves more
  consistent to zypper-install when an argument can't be resolved.
- version 1.14.55
- Fix building with GCC 13 (fixes #448)
- Put signing key supplying repository name in quotes.
- version 1.14.54
- Basic JobReport for "/cmdout/monitor"/.
- versioncmp: if verbose, also print the edition 'parts' which are
  compared.
- Make sure MediaAccess is closed on exception (bsc#1194550)
- Display plus-content hint conditionally (fixes #433)
- Honor the NO_COLOR environment variable when auto-detecting
  whether to use color (fixes #432)
- Define table columns which should be sorted natural [case
  insensitive] (fixes #391, closes #396, fixes #424)
- lr/ls: Use highlight color on name and alias as well.
- version 1.14.53