- aaa_base
-
- modify git-47-04210f8df15da0ba4d741cfe1693af06f5978a1d.patch
to also fix the typo to set JAVA_BINDIR in the csh variant
of the alljava profile script (bsc#1221361)
- modify git-47-04210f8df15da0ba4d741cfe1693af06f5978a1d.patch
drop the stderr redirection for csh (bsc#1221361)
- add git-49-3f8f26123d91f70c644677a323134fc79318c818.patch
drop sysctl.d/50-default-s390.conf (bsc#1211721)
- add aaa_base-preinstall.patch
make sure the script does not exit with 1 if a file
with content is found (bsc#1222547)
- add patch git-48-477bc3c05fcdabf9319e84278a1cba2c12c9ed5a.patch
home and end button not working from ssh client (bsc#1221407)
- use autosetup in prep stage of specfile
- silence the output in the case of broken symlinks (bsc#1218232)
- fix git-47-04210f8df15da0ba4d741cfe1693af06f5978a1d.patch
to actually apply
- replace git-47-04210f8df15da0ba4d741cfe1693af06f5978a1d.patch
by git-47-056fc66c699a8544c7692a03c905fca568f5390b.patch
* fix the issues from bsc#1107342 and bsc#1215434 and just
use the settings from update-alternatives to set JAVA_HOME
- audit-secondary
-
- Fix plugin termination when using systemd service units (bsc#1215377)
* add auditd.service-fix-plugin-termination.patch
- btrfsprogs
-
- btrfs-progs: fix defrag -c option parsing (bsc#1218029)
* btrfs-progs-fix-defrag-c-option-parsing.patch
- ca-certificates
-
- Update to version 2+git20240416.98ae794 (bsc#1221184):
* Use flock to serialize calls (boo#1188500)
* Make certbundle.run container friendly
* Create /var/lib/ca-certificates if needed
- catatonit
-
- Update to catatonit v0.2.0.
* Change license to GPL-2.0-or-later.
- Remove upstreamed patches:
- 99bb9048f.patch
- chrony
-
- Use make quickcheck instead of make check to avoid >1h build
times and failures due to timeouts. This was the default before
3.2 but it changed to make tests more reliable. Here a seed is
already set to get deterministic execution.
- Use shorter NTS-KE retry interval when network is down
(bsc#1213551, chrony-burst_total_samples_to_go.patch,
chrony-retry_interval_ke_start.patch).
- cloud-netconfig
-
- Update to version 1.14
+ Use '-s' instead of '--no-progress-meter' for curl (bsc#1221757)
- Add version settings to Provides/Obsoletes
- Update to version 1.12 (bsc#1221202)
+ If token access succeeds using IPv4 do not use the IPv6 endpoint
only use the IPv6 IMDS endpoint if IPv4 access fails.
- Add Provides/Obsoletes for dropped cloud-netconfig-nm
- Install dispatcher script into /etc/NetworkManager/dispatcher.d
on older distributions
- Add BuildReqires: NetworkManager to avoid owning dispatcher.d
parent directory
- Update to version 1.11:
+ Revert address metadata lookup in GCE to local lookup (bsc#1219454)
+ Fix hang on warning log messages
+ Check whether getting IPv4 addresses from metadata failed and abort
if true
+ Only delete policy rules if they exist
+ Skip adding/removing IPv4 ranges if metdata lookup failed
+ Improve error handling and logging in Azure
+ Set SCRIPTDIR when installing netconfig wrapper
- Update to version 1.10:
+ Drop cloud-netconfig-nm sub package and include NM dispatcher
script in main packages (bsc#1219007)
+ Spec file cleanup
- Update to version 1.9:
+ Drop package dependency on sysconfig-netconfig
+ Improve log level handling
+ Support IPv6 IMDS endpoint in EC2 (bsc#1218069)
- cloud-regionsrv-client
-
- Update to version 10.3.0 (bsc#1227308, bsc#1222985)
+ Add support for sidecar registry
Podman and rootless Docker support to set up the necessary
configuration for the container engines to run as defined
+ Add running command as root through sudoers file
- Update to version 10.2.0 (bsc#1223571, bsc#1224014, bsc#1224016)
+ In addition to logging, write message to stderr when registration fails
+ Detect transactional-update system with read only setup and use
the transactional-update command to register
+ Handle operation in a different target root directory for credentials
checking
- Update to version 10.1.7 (bsc#1220164, bsc#1220165)
+ Fix the failover path to a new target update server. At present a new
server is not found since credential validation fails. We targeted
the server detected in down condition to verify the credentials instead
of the replacement server.
- Update EC2 plugin to 1.0.4 (bsc#1219156, bsc#1219159)
+ Fix the algorithm to determine the region from the availability zone
information retrieved from IMDS.
- Update to version 10.1.6
+ Support specifying an IPv6 address for a manually configured target
update server.
- cockpit
-
- remove_rh_links.patch: remove additional hardcoded RH refs (bsc#1221336)
- hide-pcp.patch: don't display info about cockpit-pcp - uninstallable
- suse-microos-branding.patch: install branding
- CVE-2024-6126.patch: Fix insecure killing of session ssh-agent
(CVE-2024-6126, bsc#1226040)
- libssh.patch: backport compatibility fixes for libssh (still bsc#1220385)
- Remove SELinux file context for /usr/bin/cockpit-bridge, this
is already defined in the main selinux-policy package (bsc#1220385).
- containerd
-
- Revert noarch for devel subpackage
Switching to noarch causes issues on SLES maintenance updates, reverting it
fixes our image builds
- Update to containerd v1.7.17. Upstream release notes:
<https://github.com/containerd/containerd/releases/tag/v1.7.17>
- Switch back to using tar_scm service. Aside from obs_scm using more bandwidth
and storage than a locally-compressed tar.xz, it seems there's some weird
issue with paths in obscpio that break our SLE-12-only patch.
- Rebase patches:
* 0001-BUILD-SLE12-revert-btrfs-depend-on-kernel-UAPI-inste.patch
- Update to containerd v1.7.16. Upstream release notes:
<https://github.com/containerd/containerd/releases/tag/v1.7.16>
CVE-2023-45288 bsc#1221400
- Use obs_scm service instead of tar_scm
- Removed patch 0002-shim-Create-pid-file-with-0644-permissions.patch
(merged upstream at
<https://github.com/containerd/containerd/pull/9571>)
- Update to containerd v1.7.15. Upstream release notes:
<https://github.com/containerd/containerd/releases/tag/v1.7.15>
- Update to containerd v1.7.14. Upstream release notes:
<https://github.com/containerd/containerd/releases/tag/v1.7.14>
- Update to containerd v1.7.13. Upstream release notes:
<https://github.com/containerd/containerd/releases/tag/v1.7.13>
- Update to containerd v1.7.12. Upstream release notes:
<https://github.com/containerd/containerd/releases/tag/v1.7.12>
- Update to containerd v1.7.11. Upstream release notes:
<https://github.com/containerd/containerd/releases/tag/v1.7.11>
GHSA-jq35-85cj-fj4p bsc#1224323
- Use %patch -P N instead of deprecated %patchN.
- Enable manpage generation
- Make devel package noarch
- adjust rpmlint filters
- Add patch for bsc#1217952:
+ 0002-shim-Create-pid-file-with-0644-permissions.patch
- Update to containerd v1.7.10. Upstream release notes:
<https://github.com/containerd/containerd/releases/tag/v1.7.10>
- Rebase patches:
* 0001-BUILD-SLE12-revert-btrfs-depend-on-kernel-UAPI-inste.patch
- coreutils
-
- ls: avoid triggering automounts (bsc#1221632)
- add coreutils-ls-avoid-triggering-automounts.patch
- tail: fix tailing sysfs files where PAGE_SIZE > BUFSIZ (bsc#1219321)
- add coreutils-tail-fix-tailing-sysfs-files-where-PAGE_SIZE-BUFSIZ.patch
- cpio
-
- Fix cpio not working after the fix in bsc#1218571, fixes bsc#1219238
* fix-bsc1219238.patch
- Fix CVE-2023-7207, path traversal vulnerability (bsc#1218571)
* fix-CVE-2023-7207.patch
- curl
-
- Security fix: [bsc#1221665, CVE-2024-2004]
* Usage of disabled protocol
* Add curl-CVE-2024-2004.patch
- Security fix: [bsc#1221667, CVE-2024-2398]
* curl: HTTP/2 push headers memory-leak
* Add curl-CVE-2024-2398.patch
- docker
-
- Add patch to fix bsc#1220339
* 0007-daemon-overlay2-remove-world-writable-permission-fro.patch
- rebase patches:
* 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
* 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
* 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
* 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
* 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch
* 0006-Vendor-in-latest-buildkit-v0.11-branch-including-CVE.patch
- Allow to disable apparmor support (ALP supports only SELinux)
- Vendor latest buildkit v0.11:
Add patch 0006-Vendor-in-latest-buildkit-v0.11-branch-including-CVE.patch that
vendors in the latest v0.11 buildkit branch including bugfixes for the following:
* bsc#1219438: CVE-2024-23653
* bsc#1219268: CVE-2024-23652
* bsc#1219267: CVE-2024-23651
- rebase patches:
* 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
* 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
* 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
* 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
* 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch
- switch from %patchN to %patch -PN syntax
- remove unused rpmlint filters and add filters to silence pointless bash & zsh
completion warnings
- transactional-update
-
- Version 4.1.8
- tukit: Properly handle overlay syncing failures: If the system
would not be rebooted and several snapshots accumulated in the
meantime, it was possible that the previous base snapshot -
required for /etc syncing - was deleted already. In that case
changes in /etc might have been reset.
[gh#openSUSE/transactional-update#116]
[gh#kube-hetzner/terraform-hcloud-kube-hetzner#1287]
- Version 4.1.7
- Always use zypper of installed system [bsc#1221346]
- Version 4.1.6
- Use permissions of real /etc when creating overlay
[bsc#1215878]
- Version 4.1.5
- Add support for configuration file snippets
- dracut
-
- Update to version 055+suse.382.g80b55af2:
* fix(dracut): correct regression with multiple `rd.break=` options (bsc#1221675)
* fix(dracut-util): do not call `strcmp` if the `value` argument is NULL (bsc#1219841)
* fix(zfcp_rules): correct shellcheck regression when parsing ccw args (bsc#1220485)
* fix(dracut.sh): skip README for AMD microcode generation (bsc#1217083)
- e2fsprogs
-
EA Inode handling fixes:
- ext2fs-avoid-re-reading-inode-multiple-times.patch: ext2fs: avoid re-reading
inode multiple times (bsc#1223596)
- e2fsck-fix-potential-out-of-bounds-read-in-inc_ea_in.patch: e2fsck: fix
potential out-of-bounds read in inc_ea_inode_refs() (bsc#1223596)
- e2fsck-add-more-checks-for-ea-inode-consistency.patch: e2fsck: add more
checks for ea inode consistency (bsc#1223596)
- e2fsck-fix-golden-output-of-several-tests.patch: e2fsck: fix golden output of
several tests (bsc#1223596)
- glib2
-
- Add patches to fix CVE-2024-34397 (boo#1224044):
glib2-CVE-2024-34397.patch (glgo#GNOME/glib#3268).
glib2-fix-ibus-regression.patch (glgo#GNOME/glib#3353)
- glibc
-
- nscd-netgroup-cache-timeout.patch: Use time_t for return type of
addgetnetgrentX (CVE-2024-33602, bsc#1223425)
- ulp-prologue-into-asm-functions.patch: Avoid creating ULP prologue
for _start routine (bsc#1221940)
- glibc-CVE-2024-33599-nscd-Stack-based-buffer-overflow-in-n.patch:
nscd: Stack-based buffer overflow in netgroup cache
(CVE-2024-33599, bsc#1223423, BZ #31677)
- glibc-CVE-2024-33600-nscd-Avoid-null-pointer-crashes-after.patch:
nscd: Avoid null pointer crashes after notfound response
(CVE-2024-33600, bsc#1223424, BZ #31678)
- glibc-CVE-2024-33600-nscd-Do-not-send-missing-not-found-re.patch:
nscd: Do not send missing not-found response in addgetnetgrentX
(CVE-2024-33600, bsc#1223424, BZ #31678)
- glibc-CVE-2024-33601-CVE-2024-33602-nscd-netgroup-Use-two.patch:
netgroup: Use two buffers in addgetnetgrentX (CVE-2024-33601,
CVE-2024-33602, bsc#1223425, BZ #31680)
- iconv-iso-2022-cn-ext.patch: iconv: ISO-2022-CN-EXT: fix out-of-bound
writes when writing escape sequence (CVE-2024-2961, bsc#1222992)
- duplocale-global-locale.patch: duplocale: protect use of global locale
(bsc#1220441, BZ #23970)
- qsort-invalid-cmp.patch: qsort: handle degenerated compare function
(bsc#1218866)
- getaddrinfo-eai-memory.patch: getaddrinfo: translate ENOMEM to
EAI_MEMORY (bsc#1217589, BZ #31163)
- aarch64-rawmemchr-unwind.patch: aarch64: correct CFI in rawmemchr
(bsc#1217445, BZ #31113)
- grub2
-
- Fix LPAR falls into grub shell after installation with lvm (bsc#1221866)
* 0001-ofdisk-Enhance-canonical-path-handling-for-bootpath.patch
- Fix memdisk becomes the default boot entry, resolving no graphic display
device error in guest vnc console (bsc#1221779)
* grub2-xen-pv-firmware.cfg
- Fix grub.xen memdisk script doesn't look for /boot/grub/grub.cfg
(bsc#1219248) (bsc#1181762)
* grub2-xen-pv-firmware.cfg
* 0001-disk-Optimize-disk-iteration-by-moving-memdisk-to-th.patch
- Fix PowerPC grub loads 5 to 10 minutes slower on SLE-15-SP5 compared to
SLE-15-SP2 (bsc#1217102)
* add 0001-ofdisk-enhance-boot-time-by-focusing-on-boot-disk-re.patch
* add 0002-ofdisk-add-early_log-support.patch
- ignition
-
- Update to version 2.17.0:
* Features
* providers/hetzner: add support for Hetzner Cloud
* providers/applehv: Add Apple Hypervisor
* packit: add initial support
* Other notable Changes
* Add vsock modules into ramdisk
* stages/disks: retry `sgdisk --zap-all` invocation
* Add optionally-installed grub2 code
* internal/exec/stages/disks: prevent races with udev
- Updates from version 2.16.x [jsc#SMO-314] [bsc#1217533]:
* Features
* Add support for Hyper-V platform
* Other notable changes
* dracut: make hv_utils module optional
* internal/exec: don't relabel a mountpoint that already exists
* internal/exec/util: check if unit exists before disabling
* platform: allow provider fetch to save files to write from files stage
* providers: rename noop to metal
* platform: drop function pointer indirection for fetch method
* providers: add Config wrapper structs for cmdline and system providers
- Fix segmentation fault if filesystem section of Ignition JSON
doesn't contain path entry in
0002-allow-multiple-mounts-of-same-device.patch
- Add 0003-Move-the-GPT-header-on-resized-disks.patch
- Increased required Go version
- iputils
-
- Update 0002-arping-Fix-unsolicited-ARP-regressions-on-c-1.patch
after upstream merged the fix, update git commit hashes.
- Backport proposed fix for regression in upstream commit 4db1de6 (bsc#1224877)
0002-arping-Fix-unsolicited-ARP-regressions-on-c-1.patch
- Backport upstream fix for bsc#1224877
4db1de6 ("arping: Fix 1s delay on exit for unsolicited arpings")
0001-arping-Fix-1s-delay-on-exit-for-unsolicited-arpings.patch
- kdump
-
- spec: return success from pre, post, preun and postun scriplets
(bsc#1222228, bsc#1191410)
- spec: differentiate between uninstall and upgrade in postun/preun
(bsc#1191410)
- dracut: always create fstab, even if empty (bsc#1218494)
- fix NOSPLIT option
- Honor the KDUMP_VERBOSE setting in kdump-save
- kernel-default
-
- usb: typec: ucsi: Limit read size on v1.2 (CVE-2024-35924
bsc#1224657).
- commit 578815c
- net: preserve kabi for sk_buff (CVE-2024-26921 bsc#1223138).
- commit 68cb9bf
- xsk: validate user input for XDP_{UMEM|COMPLETION}_FILL_RING
(bsc#1224575 CVE-2024-35976).
- commit bc0a82d
- bpf, skmsg: Fix NULL pointer dereference in
sk_psock_skb_ingress_enqueue (bsc#1225761 CVE-2024-36938).
- commit 38f788d
- inet: inet_defrag: prevent sk release while still in use
(CVE-2024-26921 bsc#1223138).
- commit fb20c1d
- Update references
- commit 006ab15
- kABI: bpf: struct bpf_insn_aux_data kABI workaround
(bsc#1225756).
- commit b5b7cd0
- bpf: Protect against int overflow for stack access size
(bsc#1224488 CVE-2024-35905).
- commit 1edb341
- vhost-vdpa: fix use after free in vhost_vdpa_probe()
(CVE-2023-52795 bsc#1225085).
- commit 423f910
- smb3: fix lock ordering potential deadlock in
cifs_sync_mid_result (bsc#1224020, bsc#1224549, CVE-2024-35998).
- commit fbb4c17
- smb: client: fix potential deadlock when releasing mids
(bsc#1224020, bsc#1225548, CVE-2023-52757).
- commit edc36f8
- ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array (bsc#1225506 CVE-2021-47548)
- commit b006eef
- Update
patches.suse/scsi-core-Fix-unremoved-procfs-host-directory-regression.patch
(git-fixes bsc#1223675 CVE-2024-269355).
Adding the CVE references.
- commit 2df316d
- cifs: fix underflow in parse_server_interfaces() (bsc#1223084,
CVE-2024-26828).
- commit cade548
- bpf: remove unnecessary prune and jump points (bsc#1225756).
- bpf: mostly decouple jump history management from
is_state_visited() (bsc#1225756).
- bpf: decouple prune and jump points (bsc#1225756).
- commit 574a67d
- Refresh patches.suse/swiotlb-Fix-double-allocation-of-slots-due-to-broken-alignment-handling.patch
This fixes following build warning:
Changed build warnings:
* **** 1 warnings *****
* comparison of distinct pointer types lacks a cast in ../kernel/dma/swiotlb.c in swiotlb_do_find_slots (from ../include/linux/minmax.h)
In file included from ../include/linux/kernel.h:17:0,
../kernel/dma/swiotlb.c: In function 'swiotlb_do_find_slots':
../include/linux/minmax.h:20:28: warning: comparison of distinct pointer types lacks a cast
../include/linux/minmax.h:26:4: note: in expansion of macro '__typecheck'
../include/linux/minmax.h:36:24: note: in expansion of macro '__safe_cmp'
../include/linux/minmax.h:52:19: note: in expansion of macro '__careful_cmp'
../kernel/dma/swiotlb.c:648:12: note: in expansion of macro 'max'
- commit a52b0ca
- blacklist.conf: add d380ce70058a4ccddc3e5f5c2063165dc07672c6
netrom: Fix data-races around sysctl_net_busy_read
(CVE-2024-27419 bsc#1224759)
- commit b538410
- bpf: handle ldimm64 properly in check_cfg() (bsc#1225756).
- commit 7a7f193
- blacklist.conf: added fix that needs code not present
- commit 9671fd4
- smb: client: set correct id, uid and cruid for multiuser
automounts (bsc#1223011, CVE-2024-26822).
- commit 04cc660
- smb3: missing lock when picking channel (bsc#1224020,
bsc#1224550, CVE-2024-35999).
- commit dfca6b0
- smb: client: fix potential UAF in
cifs_signal_cifsd_for_reconnect() (bsc#1224020, bsc#1224766,
CVE-2024-35861).
- commit 40c4ccf
- smb: client: fix potential UAF in smb2_is_network_name_deleted()
(bsc#1224020, bsc#1224764, CVE-2024-35862).
- commit 464e649
- smb: client: fix potential UAF in is_valid_oplock_break()
(bsc#1224763, CVE-2024-35863).
- smb: client: fix potential UAF in is_valid_oplock_break()
(bsc#1224020, bsc#1224763, CVE-2024-35863).
- commit bfa9e6b
- smb: client: fix potential UAF in smb2_is_valid_oplock_break()
(bsc#1224020, bsc#1224668, CVE-2024-35865).
- commit 08baf42
- smb: client: fix potential UAF in smb2_is_valid_lease_break()
(bsc#1224020, bsc#1224765, CVE-2024-35864).
- commit b0dc4df
- smb: client: fix potential UAF in cifs_stats_proc_show()
(bsc#1224664, CVE-2024-35867).
- smb: client: fix potential UAF in cifs_stats_proc_show()
(bsc#1224020, bsc#1224664, CVE-2024-35867).
- commit 45bad5a
- smb: client: fix potential UAF in cifs_stats_proc_write()
(bsc#1224678, CVE-2024-35868).
- smb: client: fix potential UAF in cifs_stats_proc_write()
(bsc#1224020, bsc#1224678, CVE-2024-35868).
- commit 3ae3416
- smb: client: fix potential UAF in cifs_dump_full_key()
(bsc#1224020, bsc#1224667, CVE-2024-35866).
- commit f99c74f
- smb: client: fix potential UAF in cifs_debug_files_proc_show()
(bsc#1223532, CVE-2024-26928).
- smb: client: fix potential UAF in cifs_debug_files_proc_show()
(bsc#1224020, bsc#1223532, CVE-2024-26928).
- commit e95e3a6
- smb: client: guarantee refcounted children from parent session
(bsc#1224020, bsc#1224679, CVE-2024-35869).
- commit 6773173
- smb: client: fix UAF in smb2_reconnect_server() (bsc#1224020,
bsc#1224672, CVE-2024-35870).
- commit 69f157e
- cifs: failure to add channel on iface should bump up weight
(git-fixes, bsc#1224020).
- commit f21b7f9
- Revert "cifs: reconnect work should have reference on server
struct" (git-fixes, bsc#1224020).
- commit 04d1a0e
- cifs: fix leak of iface for primary channel (git-fixes,
bsc#1224020).
- commit 0af0c46
- smb: client: fix mount when dns_resolver key is not available
(git-fixes, bsc#1224020).
- commit 751b43e
- cifs: handle cases where multiple sessions share connection
(bsc#1224020).
- commit caf101a
- smb3: show beginning time for per share stats (bsc#1224020).
- commit 9120f21
- cifs: cifs_chan_is_iface_active should be called with chan_lock
held (bsc#1224020).
- commit 8eaf345
- cifs: do not pass cifs_sb when trying to add channels
(bsc#1224020).
- commit 0be08c0
- smb: client: remove extra @chan_count check in
__cifs_put_smb_ses() (bsc#1224020).
- commit 48869a9
- cifs: reconnect work should have reference on server struct
(bsc#1224020).
- commit 4099f48
- cifs: handle cases where a channel is closed (bsc#1224020).
- commit 856c9d4
- smb: client: reduce stack usage in cifs_try_adding_channels()
(bsc#1224020).
- commit 664baaf
- smb: client: get rid of dfs code dep in namespace.c
(bsc#1224020).
- commit fd4a262
- smb: client: get rid of dfs naming in automount code
(bsc#1224020).
- commit ffae390
- smb: client: rename cifs_dfs_ref.c to namespace.c (bsc#1224020).
- commit 28e987f
- smb: client: ensure to try all targets when finding nested links
(bsc#1224020).
- commit af0feb9
- smb: client: introduce DFS_CACHE_TGT_LIST() (bsc#1224020).
- commit ba31c72
- cifs: fix charset issue in reconnection (bsc#1224020).
- commit 18aa95e
- cifs: account for primary channel in the interface list
(bsc#1224020).
- commit a4889d1
- smb: Fix regression in writes when non-standard maximum write
size negotiated (bsc#1222464, CVE-2024-26692).
- commit 3c009aa
- cifs: distribute channels across interfaces based on speed
(bsc#1224020).
- commit 607d036
- Update
patches.suse/ACPI-processor_idle-Fix-memory-leak-in-acpi_processo.patch
(git-fixes CVE-2024-26894 bsc#1223043).
- Update
patches.suse/ALSA-hda-intel-sdw-acpi-fix-usage-of-device_get_name.patch
(git-fixes CVE-2024-36955 bsc#1225810).
- Update
patches.suse/ALSA-usb-audio-Stop-parsing-channels-bits-when-all-c.patch
(git-fixes CVE-2024-27436 bsc#1224803).
- Update
patches.suse/ARM-9381-1-kasan-clear-stale-stack-poison.patch
(git-fixes CVE-2024-36906 bsc#1225715).
- Update
patches.suse/Bluetooth-Avoid-potential-use-after-free-in-hci_erro.patch
(git-fixes CVE-2024-26801 bsc#1222413).
- Update
patches.suse/Bluetooth-Fix-memory-leak-in-hci_req_sync_complete.patch
(git-fixes CVE-2024-35978 bsc#1224571).
- Update
patches.suse/Bluetooth-L2CAP-Fix-not-validating-setsockopt-user-i.patch
(git-fixes CVE-2024-35965 bsc#1224579).
- Update
patches.suse/Bluetooth-RFCOMM-Fix-not-validating-setsockopt-user-.patch
(git-fixes CVE-2024-35966 bsc#1224576).
- Update
patches.suse/Bluetooth-SCO-Fix-not-validating-setsockopt-user-inp.patch
(git-fixes CVE-2024-35967 bsc#1224587).
- Update
patches.suse/Bluetooth-btintel-Fix-null-ptr-deref-in-btintel_read.patch
(stable-fixes CVE-2024-35933 bsc#1224640).
- Update
patches.suse/Bluetooth-hci_event-Fix-handling-of-HCI_EV_IO_CAPA_R.patch
(git-fixes CVE-2024-27416 bsc#1224723).
- Update
patches.suse/Bluetooth-hci_sock-Fix-not-validating-setsockopt-use.patch
(git-fixes CVE-2024-35963 bsc#1224582).
- Update
patches.suse/Bluetooth-l2cap-fix-null-ptr-deref-in-l2cap_chan_tim.patch
(git-fixes CVE-2024-27399 bsc#1224177).
- Update
patches.suse/Bluetooth-msft-fix-slab-use-after-free-in-msft_do_cl.patch
(git-fixes CVE-2024-36012 bsc#1225502).
- Update
patches.suse/Bluetooth-qca-add-missing-firmware-sanity-checks.patch
(git-fixes CVE-2024-36880 bsc#1225722).
- Update
patches.suse/Bluetooth-qca-fix-NULL-deref-on-non-serdev-suspend.patch
(git-fixes CVE-2024-35851 bsc#1224509).
- Update
patches.suse/Bluetooth-qca-fix-info-leak-when-fetching-fw-build-i.patch
(git-fixes CVE-2024-36032 bsc#1225720).
- Update
patches.suse/IB-hfi1-Fix-a-memleak-in-init_credit_return.patch
(git-fixes CVE-2024-26839 bsc#1222975).
- Update
patches.suse/NFSv4.2-fix-nfs4_listxattr-kernel-BUG-at-mm-usercopy.patch
(git-fixes CVE-2024-26870 bsc#1223113).
- Update
patches.suse/PCI-PM-Drain-runtime-idle-callbacks-before-driver-re.patch
(git-fixes CVE-2024-35809 bsc#1224738).
- Update
patches.suse/RDMA-irdma-Fix-KASAN-issue-with-tasklet.patch
(git-fixes CVE-2024-26838 bsc#1222974).
- Update
patches.suse/RDMA-mlx5-Fix-fortify-source-warning-while-accessing.patch
(git-fixes CVE-2024-26907 bsc#1223203).
- Update
patches.suse/Revert-drm-amd-flush-any-delayed-gfxoff-on-suspend-e.patch
(git-fixes CVE-2024-26916 bsc#1223137).
- Update
patches.suse/SUNRPC-fix-some-memleaks-in-gssx_dec_option_array.patch
(git-fixes CVE-2024-27388 bsc#1223744).
- Update
patches.suse/USB-core-Fix-access-violation-during-port-device-rem.patch
(git-fixes CVE-2024-36896 bsc#1225734).
- Update
patches.suse/USB-core-Fix-deadlock-in-usb_deauthorize_interface.patch
(git-fixes CVE-2024-26934 bsc#1223671).
- Update
patches.suse/arm64-hibernate-Fix-level3-translation-fault-in-swsu.patch
(git-fixes CVE-2024-26989 bsc#1223748).
- Update
patches.suse/ax25-fix-use-after-free-bugs-caused-by-ax25_ds_del_t.patch
(git-fixes CVE-2024-35887 bsc#1224663).
- Update
patches.suse/batman-adv-Avoid-infinite-loop-trying-to-resize-loca.patch
(git-fixes CVE-2024-35982 bsc#1224566).
- Update patches.suse/bpf-Check-bloom-filter-map-value-size.patch
(bsc#1224488 CVE-2024-35905 CVE-2024-36918 bsc#1225766).
- Update
patches.suse/btrfs-fix-information-leak-in-btrfs_ioctl_logical_to.patch
(git-fixes CVE-2024-35849 bsc#1224733).
- Update
patches.suse/clk-Get-runtime-PM-before-walking-tree-during-disabl.patch
(git-fixes CVE-2024-27004 bsc#1223762).
- Update
patches.suse/clk-zynq-Prevent-null-pointer-dereference-caused-by-.patch
(git-fixes CVE-2024-27037 bsc#1223717).
- Update
patches.suse/comedi-vmk80xx-fix-incomplete-endpoint-checking.patch
(git-fixes CVE-2024-27001 bsc#1223698).
- Update
patches.suse/cpufreq-brcmstb-avs-cpufreq-add-check-for-cpufreq_cp.patch
(git-fixes CVE-2024-27051 bsc#1223769).
- Update
patches.suse/crypto-qat-resolve-race-condition-during-AER-recover.patch
(git-fixes CVE-2024-26974 bsc#1223638).
- Update
patches.suse/dm-call-the-resume-method-on-internal-suspend-65e8.patch
(git-fixes CVE-2024-26880 bsc#1223188).
- Update patches.suse/dma-xilinx_dpdma-Fix-locking.patch
(git-fixes CVE-2024-35990 bsc#1224559).
- Update
patches.suse/dmaengine-fsl-qdma-Fix-a-memory-leak-related-to-the-.patch
(git-fixes CVE-2024-35833 bsc#1224632).
- Update
patches.suse/dmaengine-fsl-qdma-init-irq-after-reg-initialization.patch
(git-fixes CVE-2024-26788 bsc#1222783).
- Update
patches.suse/dmaengine-idxd-Fix-oops-during-rmmod-on-single-CPU-p.patch
(git-fixes CVE-2024-35989 bsc#1224558).
- Update
patches.suse/drm-amd-display-Atom-Integrated-System-Info-v2_2-for.patch
(stable-fixes CVE-2024-36897 bsc#1225735).
- Update
patches.suse/drm-amd-display-Fix-a-potential-buffer-overflow-in-d.patch
(git-fixes CVE-2024-27045 bsc#1223826).
- Update
patches.suse/drm-amd-pm-fixes-a-random-hang-in-S4-for-SMU-v13.0.4.patch
(stable-fixes CVE-2024-36026 bsc#1225705).
- Update
patches.suse/drm-amdgpu-once-more-fix-the-call-oder-in-amdgpu_ttm.patch
(git-fixes CVE-2024-27400 bsc#1224180).
- Update
patches.suse/drm-amdgpu-validate-the-parameters-of-bo-mapping-ope.patch
(git-fixes CVE-2024-26922 bsc#1223315).
- Update
patches.suse/drm-arm-malidp-fix-a-possible-null-pointer-dereferen.patch
(git-fixes CVE-2024-36014 bsc#1225593).
- Update patches.suse/drm-ast-Fix-soft-lockup.patch (git-fixes
CVE-2024-35952 bsc#1224705).
- Update
patches.suse/drm-client-Fully-protect-modes-with-dev-mode_config..patch
(stable-fixes CVE-2024-35950 bsc#1224703).
- Update
patches.suse/drm-i915-bios-Tolerate-devdata-NULL-in-intel_bios_en.patch
(stable-fixes CVE-2024-26938 bsc#1223678).
- Update
patches.suse/drm-i915-gt-Reset-queue_priority_hint-on-parking.patch
(git-fixes CVE-2024-26937 bsc#1223677).
- Update
patches.suse/drm-lima-fix-a-memleak-in-lima_heap_alloc.patch
(git-fixes CVE-2024-35829 bsc#1224707).
- Update
patches.suse/drm-mediatek-Fix-a-null-pointer-crash-in-mtk_drm_crt.patch
(git-fixes CVE-2024-26874 bsc#1223048).
- Update patches.suse/drm-nv04-Fix-out-of-bounds-access.patch
(git-fixes CVE-2024-27008 bsc#1223802).
- Update
patches.suse/drm-vc4-don-t-check-if-plane-state-fb-state-fb.patch
(stable-fixes CVE-2024-35932 bsc#1224650).
- Update
patches.suse/drm-vmwgfx-Create-debugfs-ttm_resource_manager-entry.patch
(git-fixes CVE-2024-26940 bsc#1223718).
- Update
patches.suse/dyndbg-fix-old-BUG_ON-in-control-parser.patch
(stable-fixes CVE-2024-35947 bsc#1224647).
- Update
patches.suse/fbdev-savage-Error-out-if-pixclock-equals-zero.patch
(git-fixes CVE-2024-26778 bsc#1222770).
- Update
patches.suse/fbdev-sis-Error-out-if-pixclock-equals-zero.patch
(git-fixes CVE-2024-26777 bsc#1222765).
- Update
patches.suse/fbmon-prevent-division-by-zero-in-fb_videomode_from_.patch
(stable-fixes CVE-2024-35922 bsc#1224660).
- Update
patches.suse/i2c-smbus-fix-NULL-function-pointer-dereference.patch
(git-fixes CVE-2024-35984 bsc#1224567).
- Update
patches.suse/init-main.c-Fix-potential-static_command_line-memory.patch
(git-fixes CVE-2024-26988 bsc#1223747).
- Update
patches.suse/irqchip-gic-v3-its-Prevent-double-free-on-error.patch
(git-fixes CVE-2024-35847 bsc#1224697).
- Update
patches.suse/kprobes-Fix-possible-use-after-free-issue-on-kprobe-registration.patch
(git-fixes CVE-2024-35955 bsc#1224676).
- Update
patches.suse/media-dvb-frontends-avoid-stack-overflow-warnings-wi.patch
(git-fixes CVE-2024-27075 bsc#1223842).
- Update
patches.suse/media-go7007-fix-a-memleak-in-go7007_load_encoder.patch
(git-fixes CVE-2024-27074 bsc#1223844).
- Update
patches.suse/media-imx-csc-scaler-fix-v4l2_ctrl_handler-memory-le.patch
(git-fixes CVE-2024-27076 bsc#1223779).
- Update patches.suse/media-ir_toy-fix-a-memleak-in-irtoy_tx.patch
(git-fixes CVE-2024-26829 bsc#1223027).
- Update
patches.suse/media-ttpci-fix-two-memleaks-in-budget_av_attach.patch
(git-fixes CVE-2024-27073 bsc#1223843).
- Update
patches.suse/media-usbtv-Remove-useless-locks-in-usbtv_video_free.patch
(git-fixes CVE-2024-27072 bsc#1223837).
- Update
patches.suse/media-v4l2-mem2mem-fix-a-memleak-in-v4l2_m2m_registe.patch
(git-fixes CVE-2024-27077 bsc#1223780).
- Update
patches.suse/media-v4l2-tpg-fix-some-memleaks-in-tpg_alloc.patch
(git-fixes CVE-2024-27078 bsc#1223781).
- Update
patches.suse/mmc-core-Avoid-negative-index-with-array-access.patch
(git-fixes CVE-2024-35813 bsc#1224618).
- Update
patches.suse/mmc-sdhci-msm-pervent-access-to-suspended-controller.patch
(git-fixes CVE-2024-36029 bsc#1225708).
- Update
patches.suse/msft-hv-2940-hv_netvsc-Fix-race-condition-between-netvsc_probe-an.patch
(git-fixes CVE-2024-26698 bsc#1222374).
- Update
patches.suse/msft-hv-2971-net-mana-Fix-Rx-DMA-datasize-and-skb_over_panic.patch
(git-fixes CVE-2024-35901 bsc#1224495).
- Update
patches.suse/net-bnx2x-Prevent-access-to-a-freed-page-in-page_poo.patch
(bsc#1215322 CVE-2024-26859 bsc#1223049).
- Update
patches.suse/net-ll_temac-platform_get_resource-replaced-by-wrong.patch
(git-fixes CVE-2024-35796 bsc#1224615).
- Update
patches.suse/net-phy-fix-phy_get_internal_delay-accessing-an-empt.patch
(git-fixes CVE-2024-27047 bsc#1223828).
- Update
patches.suse/net-qualcomm-rmnet-fix-global-oob-in-rmnet_policy.patch
(git-fixes CVE-2024-26597 bsc#1220363).
- Update
patches.suse/nfc-nci-Fix-uninit-value-in-nci_dev_up-and-nci_ntf_p.patch
(git-fixes CVE-2024-35915 bsc#1224479).
- Update
patches.suse/nouveau-fix-instmem-race-condition-around-ptr-stores.patch
(git-fixes CVE-2024-26984 bsc#1223633).
- Update
patches.suse/nvme-fc-do-not-wait-in-vain-when-unloading-module.patch
(git-fixes CVE-2024-26846 bsc#1223023).
- Update
patches.suse/nvme-fix-reconnection-fail-due-to-reserved-tag-alloc.patch
(git-fixes CVE-2024-27435 bsc#1224717).
- Update patches.suse/pci_iounmap-Fix-MMIO-mapping-leak.patch
(git-fixes CVE-2024-26977 bsc#1223631).
- Update
patches.suse/power-supply-bq27xxx-i2c-Do-not-free-non-existing-IR.patch
(git-fixes CVE-2024-27412 bsc#1224437).
- Update
patches.suse/powerpc-pseries-iommu-LPAR-panics-during-boot-up-wit.patch
(bsc#1222011 ltc#205900 CVE-2024-36926 bsc#1225829).
- Update
patches.suse/ppdev-Add-an-error-check-in-register_device.patch
(git-fixes CVE-2024-36015 bsc#1225640).
- Update
patches.suse/pstore-zone-Add-a-null-pointer-check-to-the-psz_kmsg.patch
(stable-fixes CVE-2024-35940 bsc#1224537).
- Update
patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch
(bsc#1141539 git-fixes CVE-2024-27054 bsc#1223819).
- Update
patches.suse/s390-cio-Ensure-the-copied-buf-is-NUL-terminated.patch
(git-fixes bsc#1223875 CVE-2024-36931 bsc#1225747).
- Update
patches.suse/s390-qeth-Fix-kernel-panic-after-setting-hsuid.patch
(git-fixes bsc#1223879 CVE-2024-36928 bsc#1225775).
- Update
patches.suse/s390-zcrypt-fix-reference-counting-on-zcrypt-card-objects.patch
(git-fixes bsc#1223595 CVE-2024-26957 bsc#1223666).
- Update
patches.suse/scsi-lpfc-Fix-possible-memory-leak-in-lpfc_rcv_padis.patch
(bsc#1220021 CVE-2024-35930 bsc#1224651).
- Update
patches.suse/scsi-lpfc-Release-hbalock-before-calling-lpfc_worker.patch
(bsc#1221777 CVE-2024-36924 bsc#1225820).
- Update
patches.suse/scsi-qla2xxx-Fix-command-flush-on-cable-pull.patch
(bsc1221816 CVE-2024-26931 bsc#1223627).
- Update patches.suse/scsi-qla2xxx-Fix-double-free-of-fcport.patch
(bsc1221816 CVE-2024-26929 bsc#1223715).
- Update
patches.suse/scsi-qla2xxx-Fix-double-free-of-the-ha-vp_map-pointer.patch
(bsc1221816 CVE-2024-26930 bsc#1223626).
- Update
patches.suse/serial-mxs-auart-add-spinlock-around-changing-cts-st.patch
(git-fixes CVE-2024-27000 bsc#1223757).
- Update
patches.suse/serial-pmac_zilog-Remove-flawed-mitigation-for-rx-ir.patch
(git-fixes CVE-2024-26999 bsc#1223754).
- Update
patches.suse/soc-fsl-qbman-Always-disable-interrupts-when-taking-.patch
(git-fixes CVE-2024-35806 bsc#1224699).
- Update patches.suse/speakup-Avoid-crash-on-very-long-word.patch
(git-fixes CVE-2024-26994 bsc#1223750).
- Update
patches.suse/spi-spi-mt65xx-Fix-NULL-pointer-access-in-interrupt-.patch
(git-fixes CVE-2024-27028 bsc#1223788).
- Update
patches.suse/tty-n_gsm-fix-possible-out-of-bounds-in-gsm0_receive.patch
(git-fixes CVE-2024-36016 bsc#1225642).
- Update
patches.suse/ubifs-Set-page-uptodate-in-the-correct-place.patch
(git-fixes CVE-2024-35821 bsc#1224629).
- Update
patches.suse/usb-cdc-wdm-close-race-between-read-and-workqueue.patch
(git-fixes CVE-2024-35812 bsc#1224624).
- Update
patches.suse/usb-cdns3-fix-memory-double-free-when-handle-zero-pa.patch
(git-fixes CVE-2024-26748 bsc#1222513).
- Update
patches.suse/usb-dwc2-host-Fix-dereference-issue-in-DDMA-completi.patch
(git-fixes CVE-2024-26997 bsc#1223741).
- Update
patches.suse/usb-gadget-f_ncm-Fix-UAF-ncm-object-at-re-bind-after.patch
(stable-fixes CVE-2024-26996 bsc#1223752).
- Update
patches.suse/usb-gadget-ncm-Avoid-dropping-datagrams-of-properly-.patch
(git-fixes CVE-2024-27405 bsc#1224423).
- Update
patches.suse/usb-gadget-ncm-Fix-handling-of-zero-block-length-pac.patch
(git-fixes CVE-2024-35825 bsc#1224681).
- Update
patches.suse/usb-typec-tcpm-Check-for-port-partner-validity-befor.patch
(git-fixes CVE-2024-36893 bsc#1225748).
- Update
patches.suse/usb-udc-remove-warning-when-queue-disabled-ep.patch
(stable-fixes CVE-2024-35822 bsc#1224739).
- Update
patches.suse/usb-xhci-Add-error-handling-in-xhci_map_urb_for_dma.patch
(git-fixes CVE-2024-26964 bsc#1223650).
- Update
patches.suse/vt-fix-unicode-buffer-corruption-when-deleting-chara.patch
(git-fixes CVE-2024-35823 bsc#1224692).
- Update
patches.suse/wifi-ath11k-decrease-MHI-channel-buffer-length-to-8K.patch
(bsc#1207948 CVE-2024-35938 bsc#1224643).
- Update
patches.suse/wifi-iwlwifi-dbg-tlv-ensure-NUL-termination.patch
(git-fixes CVE-2024-35845 bsc#1224731).
- Update
patches.suse/wifi-iwlwifi-mvm-rfi-fix-potential-response-leaks.patch
(git-fixes CVE-2024-35912 bsc#1224487).
- Update
patches.suse/wifi-libertas-fix-some-memleaks-in-lbs_allocate_cmd_.patch
(git-fixes CVE-2024-35828 bsc#1224622).
- Update
patches.suse/wifi-mac80211-check-clear-fast-rx-for-non-4addr-sta-.patch
(stable-fixes CVE-2024-35789 bsc#1224749).
- Update
patches.suse/wifi-nl80211-don-t-free-NULL-coalescing-rule.patch
(git-fixes CVE-2024-36941 bsc#1225835).
- Update
patches.suse/wifi-nl80211-reject-iftype-change-with-mesh-ID-chang.patch
(git-fixes CVE-2024-27410 bsc#1224432).
- Update
patches.suse/wifi-rtl8xxxu-add-cancel_work_sync-for-c2hcmd_work.patch
(git-fixes CVE-2024-27052 bsc#1223829).
- Update
patches.suse/wifi-wilc1000-fix-RCU-usage-in-connect-path.patch
(git-fixes CVE-2024-27053 bsc#1223737).
- Update
patches.suse/x86-fpu-Keep-xfd_state-in-sync-with-MSR_IA32_XFD.patch
(git-fixes CVE-2024-35801 bsc#1224732).
- commit aea06f9
- Update
patches.suse/ACPI-LPIT-Avoid-u32-multiplication-overflow.patch
(git-fixes CVE-2023-52683 bsc#1224627).
- Update
patches.suse/ACPI-video-check-for-error-while-searching-for-backl.patch
(git-fixes CVE-2023-52693 bsc#1224686).
- Update
patches.suse/IB-mlx5-Fix-init-stage-error-handling-to-avoid-doubl.patch
(git-fixes CVE-2023-52851 bsc#1225587).
- Update
patches.suse/Revert-drm-amd-pm-resolve-reboot-exception-for-si-ol.patch
(git-fixes CVE-2023-52657 bsc#1224722).
- Update
patches.suse/SUNRPC-Fix-RPC-client-cleaned-up-the-freed-pipefs-de.patch
(git-fixes CVE-2023-52803 bsc#1225008).
- Update
patches.suse/SUNRPC-fix-a-memleak-in-gss_import_v2_context.patch
(git-fixes bsc#1223858 CVE-2023-52653 bsc#1223712).
- Update
patches.suse/ceph-blocklist-the-kclient-when-receiving-corrupted-snap-trace.patch
(jsc#SES-1880 CVE-2023-52732 bsc#1225222).
- Update
patches.suse/crypto-s390-aes-Fix-buffer-overread-in-CTR-mode.patch
(git-fixes CVE-2023-52669 bsc#1224637).
- Update
patches.suse/drm-amd-display-fix-a-NULL-pointer-dereference-in-am.patch
(git-fixes CVE-2023-52773 bsc#1225041).
- Update
patches.suse/drm-amd-pm-fix-a-double-free-in-si_dpm_init.patch
(git-fixes CVE-2023-52691 bsc#1224607).
- Update
patches.suse/drm-amdgpu-vkms-fix-a-possible-null-pointer-derefere.patch
(git-fixes CVE-2023-52815 bsc#1225568).
- Update
patches.suse/drm-amdkfd-Confirm-list-is-non-empty-before-utilizin.patch
(git-fixes CVE-2023-52678 bsc#1224617).
- Update
patches.suse/drm-bridge-it66121-Fix-invalid-connector-dereference.patch
(git-fixes CVE-2023-52861 bsc#1224941).
- Update
patches.suse/drm-bridge-tpd12s015-Drop-buggy-__exit-annotation-fo.patch
(git-fixes CVE-2023-52694 bsc#1224598).
- Update
patches.suse/drm-tegra-dsi-Add-missing-check-for-of_find_device_b.patch
(git-fixes CVE-2023-52650 bsc#1223770).
- Update
patches.suse/drm-tegra-rgb-Fix-missing-clk_put-in-the-error-handl.patch
(git-fixes CVE-2023-52661 bsc#1224445).
- Update
patches.suse/drm-vmwgfx-fix-a-memleak-in-vmw_gmrid_man_get_node.patch
(git-fixes CVE-2023-52662 bsc#1224449).
- Update
patches.suse/fbdev-Fix-invalid-page-access-after-closing-deferred.patch
(bsc#1207284 CVE-2023-52731 bsc#1224929).
- Update
patches.suse/iio-core-fix-memleak-in-iio_device_register_sysfs.patch
(git-fixes CVE-2023-52643 bsc#1222960).
- Update
patches.suse/media-rc-bpf-attach-detach-requires-write-permission.patch
(git-fixes CVE-2023-52642 bsc#1223031).
- Update
patches.suse/nilfs2-fix-underflow-in-second-superblock-position-c.patch
(git-fixes CVE-2023-52705 bsc#1225480).
- Update
patches.suse/of-Fix-double-free-in-of_parse_phandle_with_args_map.patch
(git-fixes CVE-2023-52679 bsc#1224508).
- Update
patches.suse/powerpc-powernv-Add-a-null-pointer-check-in-opal_pow.patch
(bsc#1181674 ltc#189159 git-fixes CVE-2023-52696 bsc#1224601).
- Update
patches.suse/pstore-ram_core-fix-possible-overflow-in-persistent_.patch
(git-fixes CVE-2023-52685 bsc#1224728).
- Update
patches.suse/scsi-hisi_sas-Set-debugfs_dir-pointer-to-NULL-after-removing-debugfs.patch
(git-fixes CVE-2023-52808 bsc#1225555).
- Update
patches.suse/scsi-ibmvfc-Remove-BUG_ON-in-the-case-of-an-empty-ev.patch
(bsc#1209834 ltc#202097 CVE-2023-52811 bsc#1225559).
- Update
patches.suse/scsi-libfc-Fix-potential-NULL-pointer-dereference-in-fc_lport_ptp_setup.patch
(git-fixes CVE-2023-52809 bsc#1225556).
- Update
patches.suse/sysv-don-t-call-sb_bread-with-pointers_lock-held.patch
(git-fixes CVE-2023-52699 bsc#1224659).
- Update
patches.suse/wifi-ath11k-fix-gtk-offload-status-event-locking.patch
(git-fixes CVE-2023-52777 bsc#1224992).
- Update
patches.suse/wifi-b43-Stop-wake-correct-queue-in-DMA-Tx-path-when.patch
(git-fixes CVE-2023-52644 bsc#1222961).
- Update
patches.suse/x86-mm-Ensure-input-to-pfn_to_kaddr-is-treated-as-a-64-bit-type.patch
(jsc#PED-7167 git-fixes CVE-2023-52659 bsc#1224442).
- commit c90a371
- Update
patches.suse/1622-drm-gma500-Fix-WARN_ON-lock-magic-lock-error.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225 jsc#PED-2849
CVE-2022-48633 bsc#1223489).
- Update
patches.suse/powerpc-pseries-Fix-potential-memleak-in-papr_get_at.patch
(bsc#1200465 ltc#197256 jsc#SLE-18130 git-fixes CVE-2022-48669
bsc#1223756).
- Update
patches.suse/wifi-mt76-mt7921e-fix-crash-in-chip-reset-fail.patch
(bsc#1209980 CVE-2022-48705 bsc#1223895).
- commit 5061b21
- Update
patches.suse/1321-drm-msm-devfreq-Fix-OPP-refcnt-leak.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225
CVE-2021-47532 bsc#1225444).
- Update
patches.suse/1322-drm-msm-Fix-mmap-to-include-VM_IO-and-VM_DONTDUMP.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225
CVE-2021-47531 bsc#1225443).
- Update
patches.suse/1323-drm-msm-Fix-wait_fence-submitqueue-leak.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225
CVE-2021-47530 bsc#1225442).
- Update
patches.suse/blk-mq-cancel-blk-mq-dispatch-work-in-both-blk_clean.patch
(jsc#PED-1183 CVE-2021-47552 bsc#1225513).
- Update
patches.suse/btrfs-free-exchange-changeset-on-failures.patch
(git-fixes CVE-2021-47508 bsc#1225408).
- Update
patches.suse/io_uring-ensure-task_work-gets-run-as-part-of-cancel.patch
(bsc#1205205 CVE-2021-47504 bsc#1225382).
- Update
patches.suse/io_uring-fail-cancellation-for-EXITING-tasks.patch
(bsc#1205205 CVE-2021-47569 bsc#1225515).
- Update
patches.suse/net-sched-fq_pie-prevent-dismantle-issue.patch
(bsc#1207361 CVE-2021-47512 bsc#1225424).
- Update
patches.suse/net-sched-sch_ets-don-t-peek-at-classes-beyond-nband.patch
(bsc#1207361 CVE-2021-47557 bsc#1225468).
- Update
patches.suse/net-vlan-fix-underflow-for-the-real_dev-refcnt.patch
(git-fixes CVE-2021-47555 bsc#1225467).
- commit 89b5f8b
- Update
patches.suse/ALSA-hda-Do-not-unset-preset-when-cleaning-up-codec.patch
(git-fixes CVE-2023-52736 bsc#1225486).
- Update
patches.suse/ALSA-hda-Fix-possible-null-ptr-deref-when-assigning-.patch
(git-fixes CVE-2023-52806 bsc#1225554).
- Update
patches.suse/Bluetooth-btusb-Add-date-evt_skb-is-NULL-check.patch
(git-fixes CVE-2023-52833 bsc#1225595).
- Update
patches.suse/Fix-page-corruption-caused-by-racy-check-in-__free_pages.patch
(bsc#1208149 CVE-2023-52739 bsc#1225118).
- Update
patches.suse/IB-IPoIB-Fix-legacy-IPoIB-due-to-wrong-number-of-que.patch
(git-fixes CVE-2023-52745 bsc#1225032).
- Update
patches.suse/IB-hfi1-Restore-allocated-resources-on-failed-copyou.patch
(git-fixes CVE-2023-52747 bsc#1224931).
- Update
patches.suse/Input-synaptics-rmi4-fix-use-after-free-in-rmi_unreg.patch
(git-fixes CVE-2023-52840 bsc#1224928).
- Update
patches.suse/RDMA-irdma-Fix-potential-NULL-ptr-dereference.patch
(git-fixes CVE-2023-52744 bsc#1225121).
- Update
patches.suse/atl1c-Work-around-the-DMA-RX-overflow-issue.patch
(git-fixes CVE-2023-52834 bsc#1225599).
- Update
patches.suse/can-dev-can_put_echo_skb-don-t-crash-kernel-if-can_p.patch
(git-fixes CVE-2023-52878 bsc#1225000).
- Update
patches.suse/cifs-Fix-use-after-free-in-rdata-read_into_pages-.patch
(git-fixes CVE-2023-52741 bsc#1225479).
- Update
patches.suse/clk-mediatek-clk-mt2701-Add-check-for-mtk_alloc_clk_.patch
(git-fixes CVE-2023-52875 bsc#1225096).
- Update
patches.suse/clk-mediatek-clk-mt6765-Add-check-for-mtk_alloc_clk_.patch
(git-fixes CVE-2023-52870 bsc#1224937).
- Update
patches.suse/clk-mediatek-clk-mt6779-Add-check-for-mtk_alloc_clk_.patch
(git-fixes CVE-2023-52873 bsc#1225589).
- Update
patches.suse/clk-mediatek-clk-mt6797-Add-check-for-mtk_alloc_clk_.patch
(git-fixes CVE-2023-52865 bsc#1225086).
- Update
patches.suse/clk-mediatek-clk-mt7629-Add-check-for-mtk_alloc_clk_.patch
(git-fixes CVE-2023-52858 bsc#1225566).
- Update
patches.suse/clk-mediatek-clk-mt7629-eth-Add-check-for-mtk_alloc_.patch
(git-fixes CVE-2023-52876 bsc#1225036).
- Update
patches.suse/drm-amd-Fix-UBSAN-array-index-out-of-bounds-for-Pola.patch
(git-fixes CVE-2023-52819 bsc#1225532).
- Update
patches.suse/drm-amd-Fix-UBSAN-array-index-out-of-bounds-for-SMU7.patch
(git-fixes CVE-2023-52818 bsc#1225530).
- Update
patches.suse/drm-amd-display-Avoid-NULL-dereference-of-timing-gen.patch
(git-fixes CVE-2023-52753 bsc#1225478).
- Update
patches.suse/drm-amdgpu-Fix-a-null-pointer-access-when-the-smc_rr.patch
(git-fixes CVE-2023-52817 bsc#1225569).
- Update
patches.suse/drm-amdgpu-Fix-potential-null-pointer-derefernce.patch
(git-fixes CVE-2023-52814 bsc#1225565).
- Update
patches.suse/drm-amdgpu-fence-Fix-oops-due-to-non-matching-drm_sc.patch
(git-fixes CVE-2023-52738 bsc#1225005).
- Update
patches.suse/drm-amdkfd-Fix-a-race-condition-of-vram-buffer-unref.patch
(git-fixes CVE-2023-52825 bsc#1225076).
- Update
patches.suse/drm-amdkfd-Fix-shift-out-of-bounds-issue.patch
(git-fixes CVE-2023-52816 bsc#1225529).
- Update
patches.suse/drm-bridge-lt8912b-Fix-crash-on-bridge-detach.patch
(git-fixes CVE-2023-52856 bsc#1224932).
- Update
patches.suse/drm-panel-fix-a-possible-null-pointer-dereference.patch
(git-fixes CVE-2023-52821 bsc#1225022).
- Update
patches.suse/drm-panel-panel-tpo-tpg110-fix-a-possible-null-point.patch
(git-fixes CVE-2023-52826 bsc#1225077).
- Update patches.suse/drm-radeon-possible-buffer-overflow.patch
(git-fixes CVE-2023-52867 bsc#1225009).
- Update
patches.suse/fbdev-imsttfb-fix-a-resource-leak-in-probe.patch
(git-fixes CVE-2023-52838 bsc#1225031).
- Update
patches.suse/fs-jfs-Add-check-for-negative-db_l2nbperpage.patch
(git-fixes CVE-2023-52810 bsc#1225557).
- Update
patches.suse/fs-jfs-Add-validity-check-for-db_maxag-and-db_agpref.patch
(git-fixes CVE-2023-52804 bsc#1225550).
- Update patches.suse/gfs2-ignore-negated-quota-changes.patch
(git-fixes CVE-2023-52759 bsc#1225560).
- Update
patches.suse/hid-cp2112-Fix-duplicate-workqueue-initialization.patch
(git-fixes CVE-2023-52853 bsc#1224988).
- Update
patches.suse/i2c-core-Run-atomic-i2c-xfer-when-preemptible.patch
(git-fixes CVE-2023-52791 bsc#1225108).
- Update
patches.suse/i3c-master-mipi-i3c-hci-Fix-a-kernel-panic-for-acces.patch
(git-fixes CVE-2023-52763 bsc#1225570).
- Update
patches.suse/i915-perf-Fix-NULL-deref-bugs-with-drm_dbg-calls.patch
(git-fixes CVE-2023-52788 bsc#1225106).
- Update
patches.suse/ice-Do-not-use-WQ_MEM_RECLAIM-flag-for-workqueue.patch
(git-fixes CVE-2023-52743 bsc#1225003).
- Update
patches.suse/jfs-fix-array-index-out-of-bounds-in-dbFindLeaf.patch
(git-fixes CVE-2023-52799 bsc#1225472).
- Update
patches.suse/jfs-fix-array-index-out-of-bounds-in-diAlloc.patch
(git-fixes CVE-2023-52805 bsc#1225553).
- Update
patches.suse/media-bttv-fix-use-after-free-error-due-to-btv-timeo.patch
(git-fixes CVE-2023-52847 bsc#1225588).
- Update
patches.suse/media-gspca-cpia1-shift-out-of-bounds-in-set_flicker.patch
(git-fixes CVE-2023-52764 bsc#1225571).
- Update
patches.suse/media-imon-fix-access-to-invalid-resource-for-the-se.patch
(git-fixes CVE-2023-52754 bsc#1225490).
- Update
patches.suse/media-vidtv-mux-Add-check-and-kfree-for-kstrdup.patch
(git-fixes CVE-2023-52841 bsc#1225592).
- Update patches.suse/media-vidtv-psi-Add-check-for-kstrdup.patch
(git-fixes CVE-2023-52844 bsc#1225590).
- Update
patches.suse/mmc-mmc_spi-fix-error-handling-in-mmc_spi_probe.patch
(git-fixes CVE-2023-52708 bsc#1225483).
- Update
patches.suse/mmc-sdio-fix-possible-resource-leaks-in-some-error-p.patch
(git-fixes CVE-2023-52730 bsc#1224956).
- Update
patches.suse/net-USB-Fix-wrong-direction-WARNING-in-plusb.c.patch
(git-fixes CVE-2023-52742 bsc#1225482).
- Update
patches.suse/net-openvswitch-fix-possible-memory-leak-in-ovs_mete.patch
(git-fixes CVE-2023-52702 bsc#1224945).
- Update
patches.suse/net-usb-kalmia-Don-t-pass-act_len-in-usb_bulk_msg-er.patch
(git-fixes CVE-2023-52703 bsc#1225549).
- Update
patches.suse/padata-Fix-refcnt-handling-in-padata_free_shell.patch
(git-fixes CVE-2023-52854 bsc#1225584).
- Update
patches.suse/platform-x86-wmi-Fix-opening-of-char-device.patch
(git-fixes CVE-2023-52864 bsc#1225132).
- Update
patches.suse/powerpc-64s-interrupt-Fix-interrupt-exit-race-with-s.patch
(bsc#1194869 CVE-2023-52740 bsc#1225471).
- Update
patches.suse/powerpc-powernv-Add-a-null-pointer-check-in-opal_eve.patch
(bsc#1065729 CVE-2023-52686 bsc#1224682).
- Update
patches.suse/powerpc-powernv-Add-a-null-pointer-check-to-scom_deb.patch
(bsc#1194869 CVE-2023-52690 bsc#1224611).
- Update patches.suse/pwm-Fix-double-shift-bug.patch (git-fixes
CVE-2023-52756 bsc#1225461).
- Update
patches.suse/s390-dasd-protect-device-queue-against-concurrent-access.patch
(git-fixes bsc#1217515 CVE-2023-52774 bsc#1225572).
- Update
patches.suse/s390-decompressor-specify-__decompress-buf-len-to-avoid-overflow.patch
(git-fixes bsc#1213863 CVE-2023-52733 bsc#1225488).
- Update
patches.suse/sched-psi-Fix-use-after-free-in-ep_remove_wait_queue.patch
(bsc#1209799 CVE-2023-52707 bsc#1225109).
- Update
patches.suse/soc-qcom-llcc-Handle-a-second-device-without-data-co.patch
(git-fixes CVE-2023-52871 bsc#1225534).
- Update
patches.suse/thermal-core-prevent-potential-string-overflow.patch
(git-fixes CVE-2023-52868 bsc#1225044).
- Update
patches.suse/tty-n_gsm-fix-race-condition-in-status-line-change-o.patch
(git-fixes CVE-2023-52872 bsc#1225591).
- Update
patches.suse/tty-n_gsm-require-CAP_NET_ADMIN-to-attach-N_GSM0710-.patch
(bsc#1222619 CVE-2023-52880).
- Update
patches.suse/tty-vcc-Add-check-for-kstrdup-in-vcc_probe.patch
(git-fixes CVE-2023-52789 bsc#1225180).
- Update
patches.suse/usb-config-fix-iteration-issue-in-usb_get_bos_descri.patch
(git-fixes CVE-2023-52781 bsc#1225092).
- Update
patches.suse/usb-dwc2-fix-possible-NULL-pointer-dereference-cause.patch
(git-fixes CVE-2023-52855 bsc#1225583).
- Update
patches.suse/usb-typec-tcpm-Fix-NULL-pointer-dereference-in-tcpm_.patch
(git-fixes CVE-2023-52877 bsc#1224944).
- Update
patches.suse/wifi-ath11k-fix-dfs-radar-event-locking.patch
(git-fixes CVE-2023-52798 bsc#1224947).
- Update
patches.suse/wifi-mac80211-don-t-return-unset-power-in-ieee80211_.patch
(git-fixes CVE-2023-52832 bsc#1225577).
- commit c6aceca
- Update
patches.suse/drm-radeon-fix-a-possible-null-pointer-dereference.patch
(git-fixes CVE-2022-48710 bsc#1225230).
- Update
patches.suse/ice-switch-fix-potential-memleak-in-ice_add_adv_reci.patch
(git-fixes CVE-2022-48709 bsc#1225095).
- Update
patches.suse/pinctrl-single-fix-potential-NULL-dereference.patch
(git-fixes CVE-2022-48708 bsc#1224942).
- commit 41f6d79
- Update
patches.suse/ALSA-pcm-oss-Fix-negative-period-buffer-sizes.patch
(git-fixes CVE-2021-47511 bsc#1225411).
- Update
patches.suse/ALSA-pcm-oss-Limit-the-period-size-to-16MB.patch
(git-fixes CVE-2021-47509 bsc#1225409).
- Update
patches.suse/ASoC-SOF-Fix-DSP-oops-stack-dump-output-contents.patch
(git-fixes stable-5.14.10 CVE-2021-47381 bsc#1225206).
- Update
patches.suse/ASoC-codecs-wcd934x-handle-channel-mappping-list-cor.patch
(git-fixes CVE-2021-47502 bsc#1225369).
- Update
patches.suse/HID-amd_sfh-Fix-potential-NULL-pointer-dereference.patch
(stable-5.14.10 CVE-2021-47380 bsc#1225205).
- Update
patches.suse/HID-betop-fix-slab-out-of-bounds-Write-in-betop_prob.patch
(stable-5.14.10 CVE-2021-47404 bsc#1225303).
- Update
patches.suse/HID-bigbenff-prevent-null-pointer-dereference.patch
(git-fixes CVE-2021-47522 bsc#1225437).
- Update
patches.suse/HID-usbhid-free-raw_report-buffers-in-usbhid_stop.patch
(stable-5.14.10 CVE-2021-47405 bsc#1225238).
- Update
patches.suse/IB-hfi1-Fix-leak-of-rcvhdrtail_dummy_kvaddr.patch
(jsc#SLE-19242 CVE-2021-47523 bsc#1225438).
- Update
patches.suse/IB-qib-Protect-from-buffer-overflow-in-struct-qib_us.patch
(stable-5.14.16 CVE-2021-47485 bsc#1224904).
- Update
patches.suse/KVM-PPC-Book3S-HV-Fix-stack-handling-in-idle_kvm_sta.patch
(stable-5.14.15 bko#206669 bsc#1174585 bsc#1192107
CVE-2021-43056 CVE-2021-47465 bsc#1225341).
- Update
patches.suse/KVM-SVM-fix-missing-sev_decommission-in-sev_receive_.patch
(stable-5.14.10 CVE-2021-47389 bsc#1225126).
- Update
patches.suse/KVM-arm64-Fix-host-stage-2-PGD-refcount.patch
(stable-5.14.15 CVE-2021-47450 bsc#1225258).
- Update
patches.suse/KVM-x86-Fix-stack-out-of-bounds-memory-access-from-i.patch
(stable-5.14.10 CVE-2021-47390 bsc#1225125).
- Update
patches.suse/KVM-x86-Handle-SRCU-initialization-failure-during-pa.patch
(stable-5.14.10 CVE-2021-47407 bsc#1225306).
- Update
patches.suse/NFC-digital-fix-possible-memory-leak-in-digital_in_s.patch
(stable-5.14.14 CVE-2021-47442 bsc#1225263).
- Update
patches.suse/NFC-digital-fix-possible-memory-leak-in-digital_tg_l.patch
(stable-5.14.14 CVE-2021-47443 bsc#1225262).
- Update
patches.suse/RDMA-cma-Ensure-rdma_addr_cancel-happens-before-issu.patch
(stable-5.14.10 CVE-2021-47391 bsc#1225318).
- Update
patches.suse/RDMA-cma-Fix-listener-leak-in-rdma_cma_listen_on_all.patch
(stable-5.14.10 CVE-2021-47392 bsc#1225320).
- Update patches.suse/RDMA-hfi1-Fix-kernel-pointer-leak.patch
(stable-5.14.10 CVE-2021-47398 bsc#1225131).
- Update
patches.suse/RDMA-mlx5-Initialize-the-ODP-xarray-when-creating-an.patch
(stable-5.14.16 CVE-2021-47481 bsc#1224910).
- Update
patches.suse/afs-Fix-corruption-in-reads-at-fpos-2G-4G-from-an-Op.patch
(stable-5.14.9 CVE-2021-47366 bsc#1225160).
- Update
patches.suse/aio-fix-use-after-free-due-to-missing-POLLFREE-handl.patch
(CVE-2021-39698 bsc#1196956 CVE-2021-47505 bsc#1225400).
- Update
patches.suse/audit-fix-possible-null-pointer-dereference-in-audit.patch
(stable-5.14.15 CVE-2021-47464 bsc#1225393).
- Update patches.suse/binder-make-sure-fd-closes-complete.patch
(stable-5.14.9 CVE-2021-47360 bsc#1225122).
- Update
patches.suse/blk-cgroup-fix-UAF-by-grabbing-blkcg-lock-before-des.patch
(stable-5.14.9 CVE-2021-47379 bsc#1225203).
- Update
patches.suse/blktrace-Fix-uaf-in-blk_trace-access-after-removing-.patch
(stable-5.14.9 CVE-2021-47375 bsc#1225193).
- Update
patches.suse/block-don-t-call-rq_qos_ops-done_bio-if-the-bio-isn-.patch
(stable-5.14.11 CVE-2021-47412 bsc#1225332).
- Update
patches.suse/bpf-Add-oversize-check-before-call-kvcalloc.patch
(stable-5.14.9 CVE-2021-47376 bsc#1225195).
- Update
patches.suse/bpf-s390-Fix-potential-memory-leak-about-jit_data.patch
(stable-5.14.12 CVE-2021-47426 bsc#1225370).
- Update
patches.suse/btrfs-fix-abort-logic-in-btrfs_replace_file_extents.patch
(stable-5.14.14 CVE-2021-47433 bsc#1225392).
- Update
patches.suse/btrfs-fix-re-dirty-process-of-tree-log-nodes.patch
(bsc#1197915 CVE-2021-47510 bsc#1225410).
- Update
patches.suse/can-isotp-isotp_sendmsg-add-result-check-for-wait_ev.patch
(stable-5.14.15 CVE-2021-47457 bsc#1225235).
- Update
patches.suse/can-j1939-j1939_netdev_start-fix-UAF-for-rx_kref-of-.patch
(stable-5.14.15 CVE-2021-47459 bsc#1225253).
- Update
patches.suse/can-pch_can-pch_can_rx_normal-fix-use-after-free.patch
(git-fixes CVE-2021-47520 bsc#1225431).
- Update patches.suse/can-peak_pci-peak_pci_remove-fix-UAF.patch
(stable-5.14.15 CVE-2021-47456 bsc#1225256).
- Update
patches.suse/can-sja1000-fix-use-after-free-in-ems_pcmcia_add_car.patch
(git-fixes CVE-2021-47521 bsc#1225435).
- Update
patches.suse/cfg80211-fix-management-registrations-locking.patch
(git-fixes stable-5.14.16 CVE-2021-47494 bsc#1225450).
- Update
patches.suse/cgroup-Fix-memory-leak-caused-by-missing-cgroup_bpf_.patch
(stable-5.14.16 CVE-2021-47488 bsc#1224902).
- Update patches.suse/cifs-Fix-soft-lockup-during-fsstress.patch
(stable-5.14.9 CVE-2021-47359 bsc#1225145).
- Update
patches.suse/comedi-Fix-memory-leak-in-compat_insnlist.patch
(stable-5.14.9 CVE-2021-47364 bsc#1225158).
- Update patches.suse/comedi-dt9812-fix-DMA-buffers-on-stack.patch
(git-fixes stable-5.14.18 CVE-2021-47477 bsc#1224912).
- Update
patches.suse/comedi-ni_usb6501-fix-NULL-deref-in-command-paths.patch
(git-fixes stable-5.14.18 CVE-2021-47476 bsc#1224913).
- Update
patches.suse/comedi-vmk80xx-fix-bulk-buffer-overflow.patch
(git-fixes stable-5.14.18 CVE-2021-47474 bsc#1224915).
- Update
patches.suse/comedi-vmk80xx-fix-transfer-buffer-overflows.patch
(git-fixes stable-5.14.18 CVE-2021-47475 bsc#1224914).
- Update
patches.suse/cpufreq-schedutil-Use-kobject-release-method-to-free.patch
(stable-5.14.10 CVE-2021-47387 bsc#1225316).
- Update
patches.suse/devlink-fix-netns-refcount-leak-in-devlink_nl_cmd_re.patch
(git-fixes CVE-2021-47514 bsc#1225425).
- Update
patches.suse/dm-fix-mempool-NULL-pointer-race-when-completing-IO.patch
(stable-5.14.14 CVE-2021-47435 bsc#1225247).
- Update
patches.suse/dm-rq-don-t-queue-request-to-blk-mq-during-DM-suspen.patch
(stable-5.14.14 CVE-2021-47498 bsc#1225357).
- Update
patches.suse/dma-debug-prevent-an-error-message-from-causing-runt.patch
(stable-5.14.9 CVE-2021-47374 bsc#1225191).
- Update patches.suse/drm-amd-amdgpu-fix-potential-memleak.patch
(git-fixes CVE-2021-47550 bsc#1225379).
- Update
patches.suse/drm-amd-amdkfd-Fix-kernel-panic-when-reset-failed-an.patch
(git-fixes CVE-2021-47551 bsc#1225510).
- Update
patches.suse/drm-amd-pm-Update-intermediate-power-state-for-SI.patch
(stable-5.14.9 CVE-2021-47362 bsc#1225153).
- Update patches.suse/drm-amdgpu-fix-gart.bo-pin_count-leak.patch
(stable-5.14.13 CVE-2021-47431 bsc#1225390).
- Update
patches.suse/drm-amdgpu-handle-the-case-of-pci_channel_io_frozen-.patch
(git-fixes stable-5.14.12 CVE-2021-47421 bsc#1225353).
- Update
patches.suse/drm-amdkfd-fix-a-potential-ttm-sg-memory-leak.patch
(git-fixes stable-5.14.12 CVE-2021-47420 bsc#1225339).
- Update
patches.suse/drm-amdkfd-fix-svm_migrate_fini-warning.patch
(stable-5.14.11 CVE-2021-47410 bsc#1225331).
- Update
patches.suse/drm-edid-In-connector_bad_edid-cap-num_of_ext-by-num.patch
(git-fixes stable-5.14.14 CVE-2021-47444 bsc#1225243).
- Update
patches.suse/drm-msm-Fix-null-pointer-dereference-on-pointer-edp.patch
(git-fixes stable-5.14.14 CVE-2021-47445 bsc#1225261).
- Update
patches.suse/drm-msm-a3xx-fix-error-handling-in-a3xx_gpu_init.patch
(git-fixes stable-5.14.14 CVE-2021-47447 bsc#1225260).
- Update
patches.suse/drm-msm-a4xx-fix-error-handling-in-a4xx_gpu_init.patch
(git-fixes stable-5.14.14 CVE-2021-47446 bsc#1225240).
- Update
patches.suse/drm-msm-a6xx-Allocate-enough-space-for-GMU-registers.patch
(git-fixes CVE-2021-47535 bsc#1225446).
- Update
patches.suse/drm-mxsfb-Fix-NULL-pointer-dereference-crash-on-unlo.patch
(stable-5.14.15 CVE-2021-47471 bsc#1225187).
- Update
patches.suse/drm-nouveau-debugfs-fix-file-release-memory-leak.patch
(git-fixes stable-5.14.12 CVE-2021-47423 bsc#1225366).
- Update
patches.suse/drm-nouveau-kms-nv50-fix-file-release-memory-leak.patch
(git-fixes stable-5.14.12 CVE-2021-47422 bsc#1225233).
- Update
patches.suse/drm-ttm-fix-memleak-in-ttm_transfered_destroy.patch
(stable-5.14.16 CVE-2021-47490 bsc#1225436).
- Update
patches.suse/drm-vc4-kms-Clear-the-HVS-FIFO-commit-pointer-once-d.patch
(git-fixes CVE-2021-47533 bsc#1225445).
- Update
patches.suse/enetc-Fix-illegal-access-when-reading-affinity_hint.patch
(stable-5.14.9 CVE-2021-47368 bsc#1225161).
- Update
patches.suse/ethtool-ioctl-fix-potential-NULL-deref-in-ethtool_se.patch
(jsc#SLE-19253 CVE-2021-47556 bsc#1225383).
- Update
patches.suse/ext4-add-error-checking-to-ext4_ext_replay_set_ibloc.patch
(stable-5.14.10 CVE-2021-47406 bsc#1225304).
- Update
patches.suse/hwmon-mlxreg-fan-Return-non-zero-value-when-fan-curr.patch
(git-fixes stable-5.14.10 CVE-2021-47393 bsc#1225321).
- Update
patches.suse/hwmon-w83791d-Fix-NULL-pointer-dereference-by-removi.patch
(stable-5.14.10 CVE-2021-47386 bsc#1225268).
- Update
patches.suse/hwmon-w83792d-Fix-NULL-pointer-dereference-by-removi.patch
(stable-5.14.10 CVE-2021-47385 bsc#1225210).
- Update
patches.suse/hwmon-w83793-Fix-NULL-pointer-dereference-by-removin.patch
(stable-5.14.10 CVE-2021-47384 bsc#1225209).
- Update
patches.suse/i2c-acpi-fix-resource-leak-in-reconfiguration-device.patch
(git-fixes stable-5.14.12 CVE-2021-47425 bsc#1225223).
- Update
patches.suse/i40e-Fix-NULL-pointer-dereference-in-i40e_dbg_dump_d.patch
(jsc#SLE-18378 CVE-2021-47501 bsc#1225361).
- Update
patches.suse/i40e-Fix-freeing-of-uninitialized-misc-IRQ-vector.patch
(stable-5.14.12 CVE-2021-47424 bsc#1225367).
- Update
patches.suse/ice-Avoid-crash-from-unnecessary-IDA-free.patch
(stable-5.14.15 CVE-2021-47453 bsc#1225239).
- Update patches.suse/ice-avoid-bpf_prog-refcount-underflow.patch
(jsc#SLE-18375 CVE-2021-47563 bsc#1225500).
- Update
patches.suse/ice-fix-locking-for-Tx-timestamp-tracking-flush.patch
(stable-5.14.14 CVE-2021-47449 bsc#1225259).
- Update patches.suse/ice-fix-vsi-txq_map-sizing.patch
(jsc#SLE-18375 CVE-2021-47562 bsc#1225499).
- Update
patches.suse/iio-accel-kxcjk-1013-Fix-possible-memory-leak-in-pro.patch
(git-fixes CVE-2021-47499 bsc#1225358).
- Update
patches.suse/iio-adis16475-fix-deadlock-on-frequency-set.patch
(git-fixes stable-5.14.14 CVE-2021-47437 bsc#1225245).
- Update
patches.suse/iio-mma8452-Fix-trigger-reference-couting.patch
(git-fixes CVE-2021-47500 bsc#1225360).
- Update
patches.suse/ipack-ipoctal-fix-module-reference-leak.patch
(stable-5.14.10 CVE-2021-47403 bsc#1225241).
- Update
patches.suse/ipack-ipoctal-fix-stack-information-leak.patch
(stable-5.14.10 CVE-2021-47401 bsc#1225242).
- Update
patches.suse/irqchip-gic-v3-its-Fix-potential-VPE-leak-on-error.patch
(stable-5.14.9 CVE-2021-47373 bsc#1225190).
- Update
patches.suse/isdn-mISDN-Fix-sleeping-function-called-from-invalid.patch
(stable-5.14.15 CVE-2021-47468 bsc#1225346).
- Update
patches.suse/isofs-Fix-out-of-bound-access-for-corrupted-isofs-im.patch
(stable-5.14.18 CVE-2021-47478 bsc#1225198).
- Update
patches.suse/iwlwifi-Fix-memory-leaks-in-error-handling-path.patch
(git-fixes CVE-2021-47529 bsc#1225373).
- Update
patches.suse/iwlwifi-mvm-Fix-possible-NULL-dereference.patch
(git-fixes stable-5.14.12 CVE-2021-47415 bsc#1225335).
- Update
patches.suse/ixgbe-Fix-NULL-pointer-dereference-in-ixgbe_xdp_setu.patch
(stable-5.14.10 CVE-2021-47399 bsc#1225328).
- Update
patches.suse/kunit-fix-reference-count-leak-in-kfree_at_end.patch
(stable-5.14.15 CVE-2021-47467 bsc#1225344).
- Update patches.suse/libbpf-Fix-memory-leak-in-strset.patch
(git-fixes stable-5.14.12 CVE-2021-47417 bsc#1225227).
- Update
patches.suse/mac80211-fix-use-after-free-in-CCMP-GCMP-RX.patch
(git-fixes stable-5.14.10 CVE-2021-47388 bsc#1225214).
- Update
patches.suse/mac80211-hwsim-fix-late-beacon-hrtimer-handling.patch
(git-fixes stable-5.14.10 CVE-2021-47396 bsc#1225327).
- Update
patches.suse/mac80211-limit-injected-vht-mcs-nss-in-ieee80211_par.patch
(git-fixes stable-5.14.10 CVE-2021-47395 bsc#1225326).
- Update
patches.suse/mcb-fix-error-handling-in-mcb_alloc_bus.patch
(stable-5.14.9 CVE-2021-47361 bsc#1225151).
- Update
patches.suse/mlxsw-spectrum-Protect-driver-from-buggy-firmware.patch
(git-fixes CVE-2021-47560 bsc#1225495).
- Update
patches.suse/mlxsw-thermal-Fix-out-of-bounds-memory-accesses.patch
(stable-5.14.14 CVE-2021-47441 bsc#1225224).
- Update
patches.suse/mm-mempolicy-do-not-allow-illegal-MPOL_F_NUMA_BALANC.patch
(stable-5.14.15 CVE-2021-47462 bsc#1225250).
- Update
patches.suse/mm-secretmem-fix-NULL-page-mapping-dereference-in-pa.patch
(stable-5.14.15 CVE-2021-47463 bsc#1225127).
- Update
patches.suse/mm-slub-fix-potential-memoryleak-in-kmem_cache_open.patch
(stable-5.14.15 CVE-2021-47466 bsc#1225342).
- Update
patches.suse/mm-slub-fix-potential-use-after-free-in-slab_debugfs.patch
(stable-5.14.15 CVE-2021-47470 bsc#1225186).
- Update
patches.suse/mptcp-ensure-tx-skbs-always-have-the-MPTCP-ext.patch
(stable-5.14.9 CVE-2021-47370 bsc#1225183).
- Update patches.suse/mptcp-fix-possible-stall-on-recvmsg.patch
(stable-5.14.14 CVE-2021-47448 bsc#1225129).
- Update
patches.suse/mt76-mt7915-fix-NULL-pointer-dereference-in-mt7915_g.patch
(git-fixes CVE-2021-47540 bsc#1225386).
- Update patches.suse/net-batman-adv-fix-error-handling.patch
(git-fixes stable-5.14.16 CVE-2021-47482 bsc#1224909).
- Update
patches.suse/net-dsa-felix-Fix-memory-leak-in-felix_setup_mmio_fi.patch
(git-fixes CVE-2021-47513 bsc#1225380).
- Update
patches.suse/net-dsa-microchip-Added-the-condition-for-scheduling.patch
(stable-5.14.14 CVE-2021-47439 bsc#1225246).
- Update
patches.suse/net-encx24j600-check-error-in-devm_regmap_init_encx2.patch
(stable-5.14.14 CVE-2021-47440 bsc#1225248).
- Update
patches.suse/net-hns3-do-not-allow-call-hns3_nic_net_open-repeate.patch
(stable-5.14.10 CVE-2021-47400 bsc#1225329).
- Update patches.suse/net-macb-fix-use-after-free-on-rmmod.patch
(stable-5.14.9 CVE-2021-47372 bsc#1225184).
- Update
patches.suse/net-marvell-prestera-fix-double-free-issue-on-err-pa.patch
(git-fixes CVE-2021-47564 bsc#1225501).
- Update
patches.suse/net-mdiobus-Fix-memory-leak-in-__mdiobus_register.patch
(stable-5.14.15 CVE-2021-47472 bsc#1225189).
- Update
patches.suse/net-mlx4_en-Fix-an-use-after-free-bug-in-mlx4_en_try.patch
(jsc#SLE-19256 CVE-2021-47541 bsc#1225453).
- Update
patches.suse/net-mlx5e-Fix-memory-leak-in-mlx5_core_destroy_cq-er.patch
(stable-5.14.14 CVE-2021-47438 bsc#1225229).
- Update
patches.suse/net-qlogic-qlcnic-Fix-a-NULL-pointer-dereference-in-.patch
(git-fixes CVE-2021-47542 bsc#1225455).
- Update
patches.suse/net-sched-flower-protect-fl_walk-with-rcu.patch
(stable-5.14.10 CVE-2021-47402 bsc#1225301).
- Update
patches.suse/net-sched-sch_taprio-properly-cancel-timer-from-tapr.patch
(stable-5.14.12 CVE-2021-47419 bsc#1225338).
- Update
patches.suse/net-smc-Fix-NULL-pointer-dereferencing-in-smc_vlan_by_tcpsk
(git-fixes CVE-2021-47559 bsc#1225396).
- Update
patches.suse/net-smc-fix-wrong-list_del-in-smc_lgr_cleanup_early
(git-fixes CVE-2021-47536 bsc#1225447).
- Update
patches.suse/net-stmmac-Disable-Tx-queues-when-reconfiguring-the-.patch
(jsc#SLE-19033 CVE-2021-47558 bsc#1225492).
- Update
patches.suse/net-tls-Fix-flipped-sign-in-tls_err_abort-calls.patch
(stable-5.14.16 CVE-2021-47496 bsc#1225354).
- Update
patches.suse/net_sched-fix-NULL-deref-in-fifo_set_limit.patch
(stable-5.14.12 CVE-2021-47418 bsc#1225337).
- Update
patches.suse/netfilter-conntrack-serialize-hash-resizes-and-clean.patch
(stable-5.14.10 CVE-2021-47408 bsc#1225236).
- Update
patches.suse/netfilter-nf_tables-skip-netdev-events-generated-on-.patch
(stable-5.14.15 CVE-2021-47452 bsc#1225257).
- Update
patches.suse/netfilter-nf_tables-unlink-table-before-deleting-it.patch
(stable-5.14.10 CVE-2021-47394 bsc#1225323).
- Update
patches.suse/netfilter-xt_IDLETIMER-fix-panic-that-occurs-when-ti.patch
(stable-5.14.15 CVE-2021-47451 bsc#1225237).
- Update
patches.suse/nexthop-Fix-division-by-zero-while-replacing-a-resil.patch
(stable-5.14.9 CVE-2021-47363 bsc#1225156).
- Update
patches.suse/nexthop-Fix-memory-leaks-in-nexthop-notification-cha.patch
(stable-5.14.9 CVE-2021-47371 bsc#1225167).
- Update
patches.suse/nfc-fix-potential-NULL-pointer-deref-in-nfc_genl_dum.patch
(git-fixes CVE-2021-47518 bsc#1225372).
- Update
patches.suse/nfp-Fix-memory-leak-in-nfp_cpp_area_cache_add.patch
(git-fixes CVE-2021-47516 bsc#1225427).
- Update patches.suse/nfsd-Fix-nsfd-startup-race-again.patch
(git-fixes CVE-2021-47507 bsc#1225405).
- Update
patches.suse/nfsd-fix-use-after-free-due-to-delegation-race.patch
(git-fixes CVE-2021-47506 bsc#1225404).
- Update
patches.suse/nvme-rdma-destroy-cm-id-before-destroy-qp-to-avoid-u.patch
(bsc#1190569 stable-5.14.9 CVE-2021-47378 bsc#1225201).
- Update
patches.suse/nvmem-Fix-shift-out-of-bound-UBSAN-with-byte-size-ce.patch
(stable-5.14.14 CVE-2021-47497 bsc#1225355).
- Update
patches.suse/ocfs2-fix-data-corruption-after-conversion-from-inli.patch
(stable-5.14.15 CVE-2021-47460 bsc#1225251).
- Update
patches.suse/ocfs2-fix-race-between-searching-chunks-and-release-.patch
(stable-5.14.16 CVE-2021-47493 bsc#1225439).
- Update
patches.suse/ocfs2-mount-fails-with-buffer-overflow-in-strlen.patch
(stable-5.14.15 CVE-2021-47458 bsc#1225252).
- Update
patches.suse/octeontx2-af-Fix-a-memleak-bug-in-rvu_mbox_init.patch
(git-fixes CVE-2021-47537 bsc#1225375).
- Update
patches.suse/octeontx2-af-Fix-possible-null-pointer-dereference.patch
(stable-5.14.16 CVE-2021-47484 bsc#1224905).
- Update patches.suse/phy-mdio-fix-memory-leak.patch (git-fixes
stable-5.14.12 CVE-2021-47416 bsc#1225336).
- Update
patches.suse/powerpc-64s-Fix-unrecoverable-MCE-calling-async-hand.patch
(stable-5.14.12 CVE-2021-47429 bsc#1225388).
- Update
patches.suse/powerpc-64s-fix-program-check-interrupt-emergency-st.patch
(stable-5.14.12 CVE-2021-47428 bsc#1225387).
- Update
patches.suse/powerpc-smp-do-not-decrement-idle-task-preempt-count.patch
(stable-5.14.15 CVE-2021-47454 bsc#1225255).
- Update
patches.suse/ptp-Fix-possible-memory-leak-in-ptp_clock_register.patch
(stable-5.14.15 CVE-2021-47455 bsc#1225254).
- Update
patches.suse/regmap-Fix-possible-double-free-in-regcache_rbtree_e.patch
(git-fixes stable-5.14.16 CVE-2021-47483 bsc#1224907).
- Update
patches.suse/riscv-Flush-current-cpu-icache-before-other-cpus.patch
(stable-5.14.12 CVE-2021-47414 bsc#1225334).
- Update
patches.suse/riscv-bpf-Fix-potential-NULL-dereference.patch
(stable-5.14.16 CVE-2021-47486 bsc#1224903).
- Update
patches.suse/s390-qeth-fix-NULL-deref-in-qeth_clear_working_pool_.patch
(stable-5.14.9 CVE-2021-47369 bsc#1225164).
- Update
patches.suse/s390-qeth-fix-deadlock-during-failing-recovery.patch
(stable-5.14.10 CVE-2021-47382 bsc#1225207).
- Update
patches.suse/sata_fsl-fix-UAF-in-sata_fsl_port_stop-when-rmmod-sa.patch
(git-fixes CVE-2021-47549 bsc#1225508).
- Update
patches.suse/sched-scs-Reset-task-stack-state-in-bringup_cpu.patch
(git-fixes CVE-2021-47553 bsc#1225464).
- Update
patches.suse/scsi-core-Put-LLD-module-refcnt-after-SCSI-device-is.patch
(stable-5.14.17 CVE-2021-47480 bsc#1225322).
- Update
patches.suse/scsi-iscsi-Fix-iscsi_task-use-after-free.patch
(stable-5.14.12 CVE-2021-47427 bsc#1225225).
- Update
patches.suse/scsi-mpt3sas-Fix-kernel-panic-during-drive-powercycle-test
(git-fixes CVE-2021-47565 bsc#1225384).
- Update
patches.suse/scsi-pm80xx-Do-not-call-scsi_remove_host-in-pm8001_alloc
(git-fixes CVE-2021-47503 bsc#1225374).
- Update
patches.suse/scsi-qla2xxx-Fix-a-memory-leak-in-an-error-path-of-q.patch
(stable-5.14.15 CVE-2021-47473 bsc#1225192).
- Update
patches.suse/sctp-break-out-if-skb_header_pointer-returns-NULL-in.patch
(stable-5.14.10 CVE-2021-47397 bsc#1225082).
- Update
patches.suse/serial-core-fix-transmit-buffer-reset-and-memleak.patch
(git-fixes CVE-2021-47527 bsc#1194288).
- Update
patches.suse/serial-liteuart-Fix-NULL-pointer-dereference-in-remo.patch
(git-fixes CVE-2021-47526 bsc#1225376).
- Update
patches.suse/serial-liteuart-fix-minor-number-leak-on-probe-error.patch
(git-fixes CVE-2021-47524 bsc#1225377).
- Update
patches.suse/serial-liteuart-fix-use-after-free-and-memleak-on-un.patch
(git-fixes CVE-2021-47525 bsc#1225441).
- Update
patches.suse/spi-Fix-deadlock-when-adding-SPI-controllers-on-SPI-.patch
(stable-5.14.15 CVE-2021-47469 bsc#1225347).
- Update
patches.suse/staging-greybus-uart-fix-tty-use-after-free.patch
(stable-5.14.9 CVE-2021-47358 bsc#1224920).
- Update
patches.suse/staging-rtl8712-fix-use-after-free-in-rtl8712_dl_fw.patch
(git-fixes stable-5.14.18 CVE-2021-47479 bsc#1224911).
- Update
patches.suse/tcp-fix-page-frag-corruption-on-page-fault.patch
(git-fixes CVE-2021-47544 bsc#1225463).
- Update
patches.suse/tty-Fix-out-of-bound-vmalloc-access-in-imageblit.patch
(stable-5.14.10 CVE-2021-47383 bsc#1225208).
- Update
patches.suse/usb-cdnsp-Fix-a-NULL-pointer-dereference-in-cdnsp_en.patch
(git-fixes CVE-2021-47528 bsc#1225368).
- Update
patches.suse/usb-chipidea-ci_hdrc_imx-Also-search-for-phys-phandl.patch
(git-fixes stable-5.14.12 CVE-2021-47413 bsc#1225333).
- Update
patches.suse/usb-dwc2-check-return-value-after-calling-platform_g.patch
(stable-5.14.11 CVE-2021-47409 bsc#1225330).
- Update patches.suse/usb-musb-dsps-Fix-the-probe-error-path.patch
(git-fixes stable-5.14.14 CVE-2021-47436 bsc#1225244).
- Update patches.suse/usbnet-sanity-check-for-maxpacket.patch
(stable-5.14.16 CVE-2021-47495 bsc#1225351).
- Update
patches.suse/userfaultfd-fix-a-race-between-writeprotect-and-exit.patch
(stable-5.14.15 CVE-2021-47461 bsc#1225249).
- Update
patches.suse/vdpa_sim-avoid-putting-an-uninitialized-iova_domain.patch
(git-fixes CVE-2021-47554 bsc#1225466).
- Update
patches.suse/virtio-net-fix-pages-leaking-when-building-skb-in-bi.patch
(stable-5.14.9 CVE-2021-47367 bsc#1225123).
- Update
patches.suse/x86-entry-Clear-X86_FEATURE_SMAP-when-CONFIG_X86_SMA.patch
(stable-5.14.12 CVE-2021-47430 bsc#1225228).
- Update
patches.suse/xhci-Fix-command-ring-pointer-corruption-while-abort.patch
(stable-5.14.14 CVE-2021-47434 bsc#1225232).
- commit 3a2e44b
- blacklist.conf: add fix that requires absent infrastruucture
- commit dbb8058
- scsi: lpfc: Copyright updates for 14.4.0.2 patches
(bsc#1225842).
- scsi: lpfc: Update lpfc version to 14.4.0.2 (bsc#1225842).
- scsi: lpfc: Add support for 32 byte CDBs (bsc#1225842).
- scsi: lpfc: Change lpfc_hba hba_flag member into a bitmask
(bsc#1225842).
Refresh:
- patches.suse/lpfc-reintroduce-old-irq-probe-logic.patch
- scsi: lpfc: Introduce rrq_list_lock to protect active_rrq_list
(bsc#1225842).
- scsi: lpfc: Clear deferred RSCN processing flag when driver
is unloading (bsc#1225842).
- scsi: lpfc: Update logging of protection type for T10 DIF I/O
(bsc#1225842).
- scsi: lpfc: Change default logging level for unsolicited CT
MIB commands (bsc#1225842).
- commit 5e95ee6
- Update
patches.suse/1321-drm-msm-devfreq-Fix-OPP-refcnt-leak.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225 bsc#1225444
CVE-2021-47532).
- Update
patches.suse/1322-drm-msm-Fix-mmap-to-include-VM_IO-and-VM_DONTDUMP.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225 bsc#1225443
CVE-2021-47531).
- Update
patches.suse/1323-drm-msm-Fix-wait_fence-submitqueue-leak.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225 bsc#1225442
CVE-2021-47530).
- Update
patches.suse/1622-drm-gma500-Fix-WARN_ON-lock-magic-lock-error.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225 jsc#PED-2849
bsc#1223489 CVE-2022-48633).
- Update
patches.suse/ACPI-LPIT-Avoid-u32-multiplication-overflow.patch
(git-fixes bsc#1224627 CVE-2023-52683).
- Update
patches.suse/ACPI-processor_idle-Fix-memory-leak-in-acpi_processo.patch
(git-fixes bsc#1223043 CVE-2024-26894).
- Update
patches.suse/ACPI-video-check-for-error-while-searching-for-backl.patch
(git-fixes bsc#1224686 CVE-2023-52693).
- Update
patches.suse/ALSA-hda-Do-not-unset-preset-when-cleaning-up-codec.patch
(git-fixes bsc#1225486 CVE-2023-52736).
- Update
patches.suse/ALSA-hda-Fix-possible-null-ptr-deref-when-assigning-.patch
(git-fixes bsc#1225554 CVE-2023-52806).
- Update
patches.suse/ALSA-hda-intel-sdw-acpi-fix-usage-of-device_get_name.patch
(git-fixes CVE-2024-36955).
- Update
patches.suse/ALSA-pcm-oss-Fix-negative-period-buffer-sizes.patch
(git-fixes bsc#1225411 CVE-2021-47511).
- Update
patches.suse/ALSA-pcm-oss-Limit-the-period-size-to-16MB.patch
(git-fixes bsc#1225409 CVE-2021-47509).
- Update
patches.suse/ALSA-usb-audio-Stop-parsing-channels-bits-when-all-c.patch
(git-fixes bsc#1224803 CVE-2024-27436).
- Update
patches.suse/ARM-9381-1-kasan-clear-stale-stack-poison.patch
(git-fixes bsc#1225715 CVE-2024-36906).
- Update
patches.suse/ASoC-SOF-Fix-DSP-oops-stack-dump-output-contents.patch
(git-fixes stable-5.14.10 bsc#1225206 CVE-2021-47381).
- Update
patches.suse/ASoC-codecs-wcd934x-handle-channel-mappping-list-cor.patch
(git-fixes bsc#1225369 CVE-2021-47502).
- Update
patches.suse/Bluetooth-Avoid-potential-use-after-free-in-hci_erro.patch
(git-fixes bsc#1222413 CVE-2024-26801).
- Update
patches.suse/Bluetooth-Fix-memory-leak-in-hci_req_sync_complete.patch
(git-fixes bsc#1224571 CVE-2024-35978).
- Update
patches.suse/Bluetooth-L2CAP-Fix-not-validating-setsockopt-user-i.patch
(git-fixes bsc#1224579 CVE-2024-35965).
- Update
patches.suse/Bluetooth-RFCOMM-Fix-not-validating-setsockopt-user-.patch
(git-fixes bsc#1224576 CVE-2024-35966).
- Update
patches.suse/Bluetooth-SCO-Fix-not-validating-setsockopt-user-inp.patch
(git-fixes bsc#1224587 CVE-2024-35967).
- Update
patches.suse/Bluetooth-btintel-Fix-null-ptr-deref-in-btintel_read.patch
(stable-fixes bsc#1224640 CVE-2024-35933).
- Update
patches.suse/Bluetooth-btusb-Add-date-evt_skb-is-NULL-check.patch
(git-fixes bsc#1225595 CVE-2023-52833).
- Update
patches.suse/Bluetooth-hci_core-Fix-possible-buffer-overflow.patch
(git-fixes CVE-2024-26889).
- Update
patches.suse/Bluetooth-hci_event-Fix-handling-of-HCI_EV_IO_CAPA_R.patch
(git-fixes bsc#1224723 CVE-2024-27416).
- Update
patches.suse/Bluetooth-hci_sock-Fix-not-validating-setsockopt-use.patch
(git-fixes bsc#1224582 CVE-2024-35963).
- Update
patches.suse/Bluetooth-l2cap-fix-null-ptr-deref-in-l2cap_chan_tim.patch
(git-fixes bsc#1224177 CVE-2024-27399).
- Update
patches.suse/Bluetooth-msft-fix-slab-use-after-free-in-msft_do_cl.patch
(git-fixes bsc#1225502 CVE-2024-36012).
- Update
patches.suse/Bluetooth-qca-add-missing-firmware-sanity-checks.patch
(git-fixes bsc#1225722 CVE-2024-36880).
- Update
patches.suse/Bluetooth-qca-fix-NULL-deref-on-non-serdev-suspend.patch
(git-fixes bsc#1224509 CVE-2024-35851).
- Update
patches.suse/Bluetooth-qca-fix-firmware-check-error-path.patch
(git-fixes CVE-2024-36942).
- Update
patches.suse/Bluetooth-qca-fix-info-leak-when-fetching-fw-build-i.patch
(git-fixes bsc#1225720 CVE-2024-36032).
- Update
patches.suse/Fix-page-corruption-caused-by-racy-check-in-__free_pages.patch
(bsc#1208149 bsc#1225118 CVE-2023-52739).
- Update
patches.suse/HID-amd_sfh-Fix-potential-NULL-pointer-dereference.patch
(stable-5.14.10 bsc#1225205 CVE-2021-47380).
- Update
patches.suse/HID-betop-fix-slab-out-of-bounds-Write-in-betop_prob.patch
(stable-5.14.10 bsc#1225303 CVE-2021-47404).
- Update
patches.suse/HID-bigbenff-prevent-null-pointer-dereference.patch
(git-fixes bsc#1225437 CVE-2021-47522).
- Update
patches.suse/HID-usbhid-free-raw_report-buffers-in-usbhid_stop.patch
(stable-5.14.10 bsc#1225238 CVE-2021-47405).
- Update
patches.suse/IB-IPoIB-Fix-legacy-IPoIB-due-to-wrong-number-of-que.patch
(git-fixes bsc#1225032 CVE-2023-52745).
- Update
patches.suse/IB-hfi1-Fix-a-memleak-in-init_credit_return.patch
(git-fixes bsc#1222975 CVE-2024-26839).
- Update
patches.suse/IB-hfi1-Fix-leak-of-rcvhdrtail_dummy_kvaddr.patch
(jsc#SLE-19242 bsc#1225438 CVE-2021-47523).
- Update
patches.suse/IB-hfi1-Restore-allocated-resources-on-failed-copyou.patch
(git-fixes bsc#1224931 CVE-2023-52747).
- Update
patches.suse/IB-mlx5-Fix-init-stage-error-handling-to-avoid-doubl.patch
(git-fixes bsc#1225587 CVE-2023-52851).
- Update
patches.suse/IB-qib-Protect-from-buffer-overflow-in-struct-qib_us.patch
(stable-5.14.16 bsc#1224904 CVE-2021-47485).
- Update
patches.suse/Input-synaptics-rmi4-fix-use-after-free-in-rmi_unreg.patch
(git-fixes bsc#1224928 CVE-2023-52840).
- Update
patches.suse/KVM-PPC-Book3S-HV-Fix-stack-handling-in-idle_kvm_sta.patch
(stable-5.14.15 bko#206669 bsc#1174585 bsc#1192107
CVE-2021-43056 bsc#1225341 CVE-2021-47465).
- Update
patches.suse/KVM-SVM-fix-missing-sev_decommission-in-sev_receive_.patch
(stable-5.14.10 bsc#1225126 CVE-2021-47389).
- Update
patches.suse/KVM-arm64-Fix-host-stage-2-PGD-refcount.patch
(stable-5.14.15 bsc#1225258 CVE-2021-47450).
- Update
patches.suse/KVM-x86-Fix-stack-out-of-bounds-memory-access-from-i.patch
(stable-5.14.10 bsc#1225125 CVE-2021-47390).
- Update
patches.suse/KVM-x86-Handle-SRCU-initialization-failure-during-pa.patch
(stable-5.14.10 bsc#1225306 CVE-2021-47407).
- Update
patches.suse/NFC-digital-fix-possible-memory-leak-in-digital_in_s.patch
(stable-5.14.14 bsc#1225263 CVE-2021-47442).
- Update
patches.suse/NFC-digital-fix-possible-memory-leak-in-digital_tg_l.patch
(stable-5.14.14 bsc#1225262 CVE-2021-47443).
- Update
patches.suse/NFSv4.2-fix-nfs4_listxattr-kernel-BUG-at-mm-usercopy.patch
(git-fixes bsc#1223113 CVE-2024-26870).
- Update
patches.suse/PCI-PM-Drain-runtime-idle-callbacks-before-driver-re.patch
(git-fixes bsc#1224738 CVE-2024-35809).
- Update
patches.suse/RDMA-cma-Ensure-rdma_addr_cancel-happens-before-issu.patch
(stable-5.14.10 bsc#1225318 CVE-2021-47391).
- Update
patches.suse/RDMA-cma-Fix-listener-leak-in-rdma_cma_listen_on_all.patch
(stable-5.14.10 bsc#1225320 CVE-2021-47392).
- Update patches.suse/RDMA-hfi1-Fix-kernel-pointer-leak.patch
(stable-5.14.10 bsc#1225131 CVE-2021-47398).
- Update
patches.suse/RDMA-irdma-Fix-KASAN-issue-with-tasklet.patch
(git-fixes bsc#1222974 CVE-2024-26838).
- Update
patches.suse/RDMA-irdma-Fix-potential-NULL-ptr-dereference.patch
(git-fixes bsc#1225121 CVE-2023-52744).
- Update
patches.suse/RDMA-mlx5-Fix-fortify-source-warning-while-accessing.patch
(git-fixes bsc#1223203 CVE-2024-26907).
- Update
patches.suse/RDMA-mlx5-Initialize-the-ODP-xarray-when-creating-an.patch
(stable-5.14.16 bsc#1224910 CVE-2021-47481).
- Update
patches.suse/Reapply-drm-qxl-simplify-qxl_fence_wait.patch
(stable-fixes CVE-2024-36944).
- Update
patches.suse/Revert-drm-amd-flush-any-delayed-gfxoff-on-suspend-e.patch
(git-fixes bsc#1223137 CVE-2024-26916).
- Update
patches.suse/Revert-drm-amd-pm-resolve-reboot-exception-for-si-ol.patch
(git-fixes bsc#1224722 CVE-2023-52657).
- Update
patches.suse/SUNRPC-Fix-RPC-client-cleaned-up-the-freed-pipefs-de.patch
(git-fixes bsc#1225008 CVE-2023-52803).
- Update
patches.suse/SUNRPC-fix-a-memleak-in-gss_import_v2_context.patch
(git-fixes bsc#1223858 bsc#1223712 CVE-2023-52653).
- Update
patches.suse/SUNRPC-fix-some-memleaks-in-gssx_dec_option_array.patch
(git-fixes bsc#1223744 CVE-2024-27388).
- Update
patches.suse/USB-core-Fix-access-violation-during-port-device-rem.patch
(git-fixes bsc#1225734 CVE-2024-36896).
- Update
patches.suse/USB-core-Fix-deadlock-in-usb_deauthorize_interface.patch
(git-fixes bsc#1223671 CVE-2024-26934).
- Update
patches.suse/aio-fix-use-after-free-due-to-missing-POLLFREE-handl.patch
(CVE-2021-39698 bsc#1196956 bsc#1225400 CVE-2021-47505).
- Update
patches.suse/arm64-hibernate-Fix-level3-translation-fault-in-swsu.patch
(git-fixes bsc#1223748 CVE-2024-26989).
- Update
patches.suse/atl1c-Work-around-the-DMA-RX-overflow-issue.patch
(git-fixes bsc#1225599 CVE-2023-52834).
- Update
patches.suse/audit-fix-possible-null-pointer-dereference-in-audit.patch
(stable-5.14.15 bsc#1225393 CVE-2021-47464).
- Update
patches.suse/ax25-fix-use-after-free-bugs-caused-by-ax25_ds_del_t.patch
(git-fixes bsc#1224663 CVE-2024-35887).
- Update
patches.suse/batman-adv-Avoid-infinite-loop-trying-to-resize-loca.patch
(git-fixes bsc#1224566 CVE-2024-35982).
- Update patches.suse/binder-make-sure-fd-closes-complete.patch
(stable-5.14.9 bsc#1225122 CVE-2021-47360).
- Update
patches.suse/blk-cgroup-fix-UAF-by-grabbing-blkcg-lock-before-des.patch
(stable-5.14.9 bsc#1225203 CVE-2021-47379).
- Update
patches.suse/blk-mq-cancel-blk-mq-dispatch-work-in-both-blk_clean.patch
(jsc#PED-1183 bsc#1225513 CVE-2021-47552).
- Update
patches.suse/blktrace-Fix-uaf-in-blk_trace-access-after-removing-.patch
(stable-5.14.9 bsc#1225193 CVE-2021-47375).
- Update
patches.suse/block-don-t-call-rq_qos_ops-done_bio-if-the-bio-isn-.patch
(stable-5.14.11 bsc#1225332 CVE-2021-47412).
- Update
patches.suse/bpf-Add-oversize-check-before-call-kvcalloc.patch
(stable-5.14.9 bsc#1225195 CVE-2021-47376).
- Update patches.suse/bpf-Check-bloom-filter-map-value-size.patch
(bsc#1224488 CVE-2024-35905 bsc#1225766 CVE-2024-36918).
- Update
patches.suse/bpf-s390-Fix-potential-memory-leak-about-jit_data.patch
(stable-5.14.12 bsc#1225370 CVE-2021-47426).
- Update
patches.suse/btrfs-fix-abort-logic-in-btrfs_replace_file_extents.patch
(stable-5.14.14 bsc#1225392 CVE-2021-47433).
- Update
patches.suse/btrfs-fix-information-leak-in-btrfs_ioctl_logical_to.patch
(git-fixes bsc#1224733 CVE-2024-35849).
- Update
patches.suse/btrfs-fix-re-dirty-process-of-tree-log-nodes.patch
(bsc#1197915 bsc#1225410 CVE-2021-47510).
- Update
patches.suse/btrfs-free-exchange-changeset-on-failures.patch
(git-fixes bsc#1225408 CVE-2021-47508).
- Update
patches.suse/can-dev-can_put_echo_skb-don-t-crash-kernel-if-can_p.patch
(git-fixes bsc#1225000 CVE-2023-52878).
- Update
patches.suse/can-isotp-isotp_sendmsg-add-result-check-for-wait_ev.patch
(stable-5.14.15 bsc#1225235 CVE-2021-47457).
- Update
patches.suse/can-j1939-j1939_netdev_start-fix-UAF-for-rx_kref-of-.patch
(stable-5.14.15 bsc#1225253 CVE-2021-47459).
- Update
patches.suse/can-pch_can-pch_can_rx_normal-fix-use-after-free.patch
(git-fixes bsc#1225431 CVE-2021-47520).
- Update patches.suse/can-peak_pci-peak_pci_remove-fix-UAF.patch
(stable-5.14.15 bsc#1225256 CVE-2021-47456).
- Update
patches.suse/can-sja1000-fix-use-after-free-in-ems_pcmcia_add_car.patch
(git-fixes bsc#1225435 CVE-2021-47521).
- Update
patches.suse/ceph-blocklist-the-kclient-when-receiving-corrupted-snap-trace.patch
(jsc#SES-1880 bsc#1225222 CVE-2023-52732).
- Update
patches.suse/cfg80211-fix-management-registrations-locking.patch
(git-fixes stable-5.14.16 bsc#1225450 CVE-2021-47494).
- Update
patches.suse/cgroup-Fix-memory-leak-caused-by-missing-cgroup_bpf_.patch
(stable-5.14.16 bsc#1224902 CVE-2021-47488).
- Update patches.suse/cifs-Fix-soft-lockup-during-fsstress.patch
(stable-5.14.9 bsc#1225145 CVE-2021-47359).
- Update
patches.suse/cifs-Fix-use-after-free-in-rdata-read_into_pages-.patch
(git-fixes bsc#1225479 CVE-2023-52741).
- Update
patches.suse/clk-Get-runtime-PM-before-walking-tree-during-disabl.patch
(git-fixes bsc#1223762 CVE-2024-27004).
- Update
patches.suse/clk-mediatek-clk-mt2701-Add-check-for-mtk_alloc_clk_.patch
(git-fixes bsc#1225096 CVE-2023-52875).
- Update
patches.suse/clk-mediatek-clk-mt6765-Add-check-for-mtk_alloc_clk_.patch
(git-fixes bsc#1224937 CVE-2023-52870).
- Update
patches.suse/clk-mediatek-clk-mt6779-Add-check-for-mtk_alloc_clk_.patch
(git-fixes bsc#1225589 CVE-2023-52873).
- Update
patches.suse/clk-mediatek-clk-mt6797-Add-check-for-mtk_alloc_clk_.patch
(git-fixes bsc#1225086 CVE-2023-52865).
- Update
patches.suse/clk-mediatek-clk-mt7629-Add-check-for-mtk_alloc_clk_.patch
(git-fixes bsc#1225566 CVE-2023-52858).
- Update
patches.suse/clk-mediatek-clk-mt7629-eth-Add-check-for-mtk_alloc_.patch
(git-fixes bsc#1225036 CVE-2023-52876).
- Update
patches.suse/clk-zynq-Prevent-null-pointer-dereference-caused-by-.patch
(git-fixes bsc#1223717 CVE-2024-27037).
- Update
patches.suse/comedi-Fix-memory-leak-in-compat_insnlist.patch
(stable-5.14.9 bsc#1225158 CVE-2021-47364).
- Update patches.suse/comedi-dt9812-fix-DMA-buffers-on-stack.patch
(git-fixes stable-5.14.18 bsc#1224912 CVE-2021-47477).
- Update
patches.suse/comedi-ni_usb6501-fix-NULL-deref-in-command-paths.patch
(git-fixes stable-5.14.18 bsc#1224913 CVE-2021-47476).
- Update
patches.suse/comedi-vmk80xx-fix-bulk-buffer-overflow.patch
(git-fixes stable-5.14.18 bsc#1224915 CVE-2021-47474).
- Update
patches.suse/comedi-vmk80xx-fix-incomplete-endpoint-checking.patch
(git-fixes bsc#1223698 CVE-2024-27001).
- Update
patches.suse/comedi-vmk80xx-fix-transfer-buffer-overflows.patch
(git-fixes stable-5.14.18 bsc#1224914 CVE-2021-47475).
- Update
patches.suse/cpufreq-brcmstb-avs-cpufreq-add-check-for-cpufreq_cp.patch
(git-fixes bsc#1223769 CVE-2024-27051).
- Update
patches.suse/cpufreq-schedutil-Use-kobject-release-method-to-free.patch
(stable-5.14.10 bsc#1225316 CVE-2021-47387).
- Update
patches.suse/crypto-qat-resolve-race-condition-during-AER-recover.patch
(git-fixes bsc#1223638 CVE-2024-26974).
- Update
patches.suse/crypto-s390-aes-Fix-buffer-overread-in-CTR-mode.patch
(git-fixes bsc#1224637 CVE-2023-52669).
- Update
patches.suse/devlink-fix-netns-refcount-leak-in-devlink_nl_cmd_re.patch
(git-fixes bsc#1225425 CVE-2021-47514).
- Update
patches.suse/dm-call-the-resume-method-on-internal-suspend-65e8.patch
(git-fixes bsc#1223188 CVE-2024-26880).
- Update
patches.suse/dm-fix-mempool-NULL-pointer-race-when-completing-IO.patch
(stable-5.14.14 bsc#1225247 CVE-2021-47435).
- Update
patches.suse/dm-rq-don-t-queue-request-to-blk-mq-during-DM-suspen.patch
(stable-5.14.14 bsc#1225357 CVE-2021-47498).
- Update
patches.suse/dma-debug-prevent-an-error-message-from-causing-runt.patch
(stable-5.14.9 bsc#1225191 CVE-2021-47374).
- Update patches.suse/dma-xilinx_dpdma-Fix-locking.patch
(git-fixes bsc#1224559 CVE-2024-35990).
- Update
patches.suse/dmaengine-fsl-qdma-Fix-a-memory-leak-related-to-the-.patch
(git-fixes bsc#1224632 CVE-2024-35833).
- Update
patches.suse/dmaengine-fsl-qdma-init-irq-after-reg-initialization.patch
(git-fixes bsc#1222783 CVE-2024-26788).
- Update
patches.suse/dmaengine-idxd-Fix-oops-during-rmmod-on-single-CPU-p.patch
(git-fixes bsc#1224558 CVE-2024-35989).
- Update
patches.suse/drm-amd-Fix-UBSAN-array-index-out-of-bounds-for-Pola.patch
(git-fixes bsc#1225532 CVE-2023-52819).
- Update
patches.suse/drm-amd-Fix-UBSAN-array-index-out-of-bounds-for-SMU7.patch
(git-fixes bsc#1225530 CVE-2023-52818).
- Update patches.suse/drm-amd-amdgpu-fix-potential-memleak.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225 bsc#1225379
CVE-2021-47550).
- Update
patches.suse/drm-amd-amdkfd-Fix-kernel-panic-when-reset-failed-an.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225 bsc#1225510
CVE-2021-47551).
- Update
patches.suse/drm-amd-display-Atom-Integrated-System-Info-v2_2-for.patch
(stable-fixes bsc#1225735 CVE-2024-36897).
- Update
patches.suse/drm-amd-display-Avoid-NULL-dereference-of-timing-gen.patch
(git-fixes bsc#1225478 CVE-2023-52753).
- Update
patches.suse/drm-amd-display-Fix-a-potential-buffer-overflow-in-d.patch
(git-fixes bsc#1223826 CVE-2024-27045).
- Update
patches.suse/drm-amd-display-fix-a-NULL-pointer-dereference-in-am.patch
(git-fixes bsc#1225041 CVE-2023-52773).
- Update
patches.suse/drm-amd-pm-Update-intermediate-power-state-for-SI.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225 bsc#1225153
CVE-2021-47362).
- Update
patches.suse/drm-amd-pm-fix-a-double-free-in-si_dpm_init.patch
(git-fixes bsc#1224607 CVE-2023-52691).
- Update
patches.suse/drm-amd-pm-fixes-a-random-hang-in-S4-for-SMU-v13.0.4.patch
(stable-fixes bsc#1225705 CVE-2024-36026).
- Update
patches.suse/drm-amdgpu-Fix-a-null-pointer-access-when-the-smc_rr.patch
(git-fixes bsc#1225569 CVE-2023-52817).
- Update
patches.suse/drm-amdgpu-Fix-potential-null-pointer-derefernce.patch
(git-fixes bsc#1225565 CVE-2023-52814).
- Update
patches.suse/drm-amdgpu-fence-Fix-oops-due-to-non-matching-drm_sc.patch
(git-fixes bsc#1225005 CVE-2023-52738).
- Update patches.suse/drm-amdgpu-fix-gart.bo-pin_count-leak.patch
(stable-5.14.13 bsc#1225390 CVE-2021-47431).
- Update
patches.suse/drm-amdgpu-handle-the-case-of-pci_channel_io_frozen-.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225 bsc#1225353
CVE-2021-47421).
- Update
patches.suse/drm-amdgpu-once-more-fix-the-call-oder-in-amdgpu_ttm.patch
(git-fixes bsc#1224180 CVE-2024-27400).
- Update
patches.suse/drm-amdgpu-validate-the-parameters-of-bo-mapping-ope.patch
(git-fixes bsc#1223315 CVE-2024-26922).
- Update
patches.suse/drm-amdgpu-vkms-fix-a-possible-null-pointer-derefere.patch
(git-fixes bsc#1225568 CVE-2023-52815).
- Update
patches.suse/drm-amdkfd-Confirm-list-is-non-empty-before-utilizin.patch
(git-fixes bsc#1224617 CVE-2023-52678).
- Update
patches.suse/drm-amdkfd-Fix-a-race-condition-of-vram-buffer-unref.patch
(git-fixes bsc#1225076 CVE-2023-52825).
- Update
patches.suse/drm-amdkfd-Fix-shift-out-of-bounds-issue.patch
(git-fixes bsc#1225529 CVE-2023-52816).
- Update
patches.suse/drm-amdkfd-fix-a-potential-ttm-sg-memory-leak.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225 bsc#1225339
CVE-2021-47420).
- Update
patches.suse/drm-amdkfd-fix-svm_migrate_fini-warning.patch
(stable-5.14.11 bsc#1225331 CVE-2021-47410).
- Update
patches.suse/drm-arm-malidp-fix-a-possible-null-pointer-dereferen.patch
(git-fixes bsc#1225593 CVE-2024-36014).
- Update patches.suse/drm-ast-Fix-soft-lockup.patch (git-fixes
bsc#1224705 CVE-2024-35952).
- Update
patches.suse/drm-bridge-it66121-Fix-invalid-connector-dereference.patch
(git-fixes bsc#1224941 CVE-2023-52861).
- Update
patches.suse/drm-bridge-lt8912b-Fix-crash-on-bridge-detach.patch
(git-fixes bsc#1224932 CVE-2023-52856).
- Update
patches.suse/drm-bridge-tpd12s015-Drop-buggy-__exit-annotation-fo.patch
(git-fixes bsc#1224598 CVE-2023-52694).
- Update
patches.suse/drm-client-Fully-protect-modes-with-dev-mode_config..patch
(stable-fixes bsc#1224703 CVE-2024-35950).
- Update
patches.suse/drm-edid-In-connector_bad_edid-cap-num_of_ext-by-num.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225 bsc#1225243
CVE-2021-47444).
- Update
patches.suse/drm-i915-bios-Tolerate-devdata-NULL-in-intel_bios_en.patch
(stable-fixes bsc#1223678 CVE-2024-26938).
- Update
patches.suse/drm-i915-gt-Reset-queue_priority_hint-on-parking.patch
(git-fixes bsc#1223677 CVE-2024-26937).
- Update
patches.suse/drm-lima-fix-a-memleak-in-lima_heap_alloc.patch
(git-fixes bsc#1224707 CVE-2024-35829).
- Update
patches.suse/drm-mediatek-Fix-a-null-pointer-crash-in-mtk_drm_crt.patch
(git-fixes bsc#1223048 CVE-2024-26874).
- Update
patches.suse/drm-msm-Fix-null-pointer-dereference-on-pointer-edp.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225 bsc#1225261
CVE-2021-47445).
- Update
patches.suse/drm-msm-a3xx-fix-error-handling-in-a3xx_gpu_init.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225 bsc#1225260
CVE-2021-47447).
- Update
patches.suse/drm-msm-a4xx-fix-error-handling-in-a4xx_gpu_init.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225 bsc#1225240
CVE-2021-47446).
- Update
patches.suse/drm-msm-a6xx-Allocate-enough-space-for-GMU-registers.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225 bsc#1225446
CVE-2021-47535).
- Update
patches.suse/drm-mxsfb-Fix-NULL-pointer-dereference-crash-on-unlo.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225 bsc#1225187
CVE-2021-47471).
- Update
patches.suse/drm-nouveau-debugfs-fix-file-release-memory-leak.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225 bsc#1225366
CVE-2021-47423).
- Update
patches.suse/drm-nouveau-kms-nv50-fix-file-release-memory-leak.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225 bsc#1225233
CVE-2021-47422).
- Update patches.suse/drm-nv04-Fix-out-of-bounds-access.patch
(git-fixes bsc#1223802 CVE-2024-27008).
- Update
patches.suse/drm-panel-fix-a-possible-null-pointer-dereference.patch
(git-fixes bsc#1225022 CVE-2023-52821).
- Update
patches.suse/drm-panel-panel-tpo-tpg110-fix-a-possible-null-point.patch
(git-fixes bsc#1225077 CVE-2023-52826).
- Update
patches.suse/drm-radeon-fix-a-possible-null-pointer-dereference.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225 bsc#1225230
CVE-2022-48710).
- Update patches.suse/drm-radeon-possible-buffer-overflow.patch
(git-fixes bsc#1225009 CVE-2023-52867).
- Update
patches.suse/drm-tegra-dsi-Add-missing-check-for-of_find_device_b.patch
(git-fixes bsc#1223770 CVE-2023-52650).
- Update
patches.suse/drm-tegra-rgb-Fix-missing-clk_put-in-the-error-handl.patch
(git-fixes bsc#1224445 CVE-2023-52661).
- Update
patches.suse/drm-ttm-fix-memleak-in-ttm_transfered_destroy.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225 bsc#1225436
CVE-2021-47490).
- Update
patches.suse/drm-vc4-don-t-check-if-plane-state-fb-state-fb.patch
(stable-fixes bsc#1224650 CVE-2024-35932).
- Update
patches.suse/drm-vc4-kms-Add-missing-drm_crtc_commit_put.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225
CVE-2021-47534).
- Update
patches.suse/drm-vc4-kms-Clear-the-HVS-FIFO-commit-pointer-once-d.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225 bsc#1225445
CVE-2021-47533).
- Update
patches.suse/drm-vmwgfx-Create-debugfs-ttm_resource_manager-entry.patch
(git-fixes bsc#1223718 CVE-2024-26940).
- Update
patches.suse/drm-vmwgfx-fix-a-memleak-in-vmw_gmrid_man_get_node.patch
(git-fixes bsc#1224449 CVE-2023-52662).
- Update
patches.suse/dyndbg-fix-old-BUG_ON-in-control-parser.patch
(stable-fixes bsc#1224647 CVE-2024-35947).
- Update
patches.suse/enetc-Fix-illegal-access-when-reading-affinity_hint.patch
(stable-5.14.9 bsc#1225161 CVE-2021-47368).
- Update
patches.suse/ethtool-ioctl-fix-potential-NULL-deref-in-ethtool_se.patch
(jsc#SLE-19253 bsc#1225383 CVE-2021-47556).
- Update
patches.suse/ext4-add-error-checking-to-ext4_ext_replay_set_ibloc.patch
(stable-5.14.10 bsc#1225304 CVE-2021-47406).
- Update
patches.suse/fbdev-Fix-invalid-page-access-after-closing-deferred.patch
(bsc#1207284 bsc#1224929 CVE-2023-52731).
- Update
patches.suse/fbdev-imsttfb-fix-a-resource-leak-in-probe.patch
(git-fixes bsc#1225031 CVE-2023-52838).
- Update
patches.suse/fbdev-savage-Error-out-if-pixclock-equals-zero.patch
(git-fixes bsc#1222770 CVE-2024-26778).
- Update
patches.suse/fbdev-sis-Error-out-if-pixclock-equals-zero.patch
(git-fixes bsc#1222765 CVE-2024-26777).
- Update
patches.suse/fbmon-prevent-division-by-zero-in-fb_videomode_from_.patch
(stable-fixes bsc#1224660 CVE-2024-35922).
- Update
patches.suse/firewire-ohci-mask-bus-reset-interrupts-between-ISR-.patch
(stable-fixes CVE-2024-36950).
- Update
patches.suse/fs-jfs-Add-check-for-negative-db_l2nbperpage.patch
(git-fixes bsc#1225557 CVE-2023-52810).
- Update
patches.suse/fs-jfs-Add-validity-check-for-db_maxag-and-db_agpref.patch
(git-fixes bsc#1225550 CVE-2023-52804).
- Update patches.suse/gfs2-ignore-negated-quota-changes.patch
(git-fixes bsc#1225560 CVE-2023-52759).
- Update
patches.suse/hid-cp2112-Fix-duplicate-workqueue-initialization.patch
(git-fixes bsc#1224988 CVE-2023-52853).
- Update
patches.suse/hwmon-mlxreg-fan-Return-non-zero-value-when-fan-curr.patch
(git-fixes stable-5.14.10 bsc#1225321 CVE-2021-47393).
- Update
patches.suse/hwmon-w83791d-Fix-NULL-pointer-dereference-by-removi.patch
(stable-5.14.10 bsc#1225268 CVE-2021-47386).
- Update
patches.suse/hwmon-w83792d-Fix-NULL-pointer-dereference-by-removi.patch
(stable-5.14.10 bsc#1225210 CVE-2021-47385).
- Update
patches.suse/hwmon-w83793-Fix-NULL-pointer-dereference-by-removin.patch
(stable-5.14.10 bsc#1225209 CVE-2021-47384).
- Update
patches.suse/i2c-acpi-fix-resource-leak-in-reconfiguration-device.patch
(git-fixes stable-5.14.12 bsc#1225223 CVE-2021-47425).
- Update
patches.suse/i2c-core-Run-atomic-i2c-xfer-when-preemptible.patch
(git-fixes bsc#1225108 CVE-2023-52791).
- Update
patches.suse/i2c-smbus-fix-NULL-function-pointer-dereference.patch
(git-fixes bsc#1224567 CVE-2024-35984).
- Update
patches.suse/i3c-master-mipi-i3c-hci-Fix-a-kernel-panic-for-acces.patch
(git-fixes bsc#1225570 CVE-2023-52763).
- Update
patches.suse/i3c-mipi-i3c-hci-Fix-out-of-bounds-access-in-hci_dma.patch
(git-fixes CVE-2023-52766).
- Update
patches.suse/i40e-Fix-NULL-pointer-dereference-in-i40e_dbg_dump_d.patch
(jsc#SLE-18378 bsc#1225361 CVE-2021-47501).
- Update
patches.suse/i40e-Fix-freeing-of-uninitialized-misc-IRQ-vector.patch
(stable-5.14.12 bsc#1225367 CVE-2021-47424).
- Update
patches.suse/i915-perf-Fix-NULL-deref-bugs-with-drm_dbg-calls.patch
(git-fixes bsc#1225106 CVE-2023-52788).
- Update
patches.suse/ice-Avoid-crash-from-unnecessary-IDA-free.patch
(stable-5.14.15 bsc#1225239 CVE-2021-47453).
- Update
patches.suse/ice-Do-not-use-WQ_MEM_RECLAIM-flag-for-workqueue.patch
(jsc#PED-376 bsc#1225003 CVE-2023-52743).
- Update patches.suse/ice-avoid-bpf_prog-refcount-underflow.patch
(jsc#SLE-18375 bsc#1225500 CVE-2021-47563).
- Update
patches.suse/ice-fix-locking-for-Tx-timestamp-tracking-flush.patch
(stable-5.14.14 bsc#1225259 CVE-2021-47449).
- Update patches.suse/ice-fix-vsi-txq_map-sizing.patch
(jsc#SLE-18375 bsc#1225499 CVE-2021-47562).
- Update
patches.suse/ice-switch-fix-potential-memleak-in-ice_add_adv_reci.patch
(jsc#PED-376 bsc#1225095 CVE-2022-48709).
- Update
patches.suse/iio-accel-kxcjk-1013-Fix-possible-memory-leak-in-pro.patch
(git-fixes bsc#1225358 CVE-2021-47499).
- Update
patches.suse/iio-adis16475-fix-deadlock-on-frequency-set.patch
(git-fixes stable-5.14.14 bsc#1225245 CVE-2021-47437).
- Update
patches.suse/iio-core-fix-memleak-in-iio_device_register_sysfs.patch
(git-fixes bsc#1222960 CVE-2023-52643).
- Update
patches.suse/iio-mma8452-Fix-trigger-reference-couting.patch
(git-fixes bsc#1225360 CVE-2021-47500).
- Update
patches.suse/init-main.c-Fix-potential-static_command_line-memory.patch
(git-fixes bsc#1223747 CVE-2024-26988).
- Update
patches.suse/io_uring-ensure-task_work-gets-run-as-part-of-cancel.patch
(bsc#1205205 bsc#1225382 CVE-2021-47504).
- Update
patches.suse/io_uring-fail-cancellation-for-EXITING-tasks.patch
(bsc#1205205 bsc#1225515 CVE-2021-47569).
- Update
patches.suse/ipack-ipoctal-fix-module-reference-leak.patch
(stable-5.14.10 bsc#1225241 CVE-2021-47403).
- Update
patches.suse/ipack-ipoctal-fix-stack-information-leak.patch
(stable-5.14.10 bsc#1225242 CVE-2021-47401).
- Update
patches.suse/irqchip-gic-v3-its-Fix-potential-VPE-leak-on-error.patch
(stable-5.14.9 bsc#1225190 CVE-2021-47373).
- Update
patches.suse/irqchip-gic-v3-its-Prevent-double-free-on-error.patch
(git-fixes bsc#1224697 CVE-2024-35847).
- Update
patches.suse/isdn-mISDN-Fix-sleeping-function-called-from-invalid.patch
(stable-5.14.15 bsc#1225346 CVE-2021-47468).
- Update
patches.suse/isofs-Fix-out-of-bound-access-for-corrupted-isofs-im.patch
(stable-5.14.18 bsc#1225198 CVE-2021-47478).
- Update
patches.suse/iwlwifi-Fix-memory-leaks-in-error-handling-path.patch
(git-fixes bsc#1225373 CVE-2021-47529).
- Update
patches.suse/iwlwifi-mvm-Fix-possible-NULL-dereference.patch
(git-fixes stable-5.14.12 bsc#1225335 CVE-2021-47415).
- Update
patches.suse/ixgbe-Fix-NULL-pointer-dereference-in-ixgbe_xdp_setu.patch
(stable-5.14.10 bsc#1225328 CVE-2021-47399).
- Update
patches.suse/jfs-fix-array-index-out-of-bounds-in-dbFindLeaf.patch
(git-fixes bsc#1225472 CVE-2023-52799).
- Update
patches.suse/jfs-fix-array-index-out-of-bounds-in-diAlloc.patch
(git-fixes bsc#1225553 CVE-2023-52805).
- Update
patches.suse/kprobes-Fix-possible-use-after-free-issue-on-kprobe-registration.patch
(git-fixes bsc#1224676 CVE-2024-35955).
- Update
patches.suse/kunit-fix-reference-count-leak-in-kfree_at_end.patch
(stable-5.14.15 bsc#1225344 CVE-2021-47467).
- Update patches.suse/libbpf-Fix-memory-leak-in-strset.patch
(git-fixes stable-5.14.12 bsc#1225227 CVE-2021-47417).
- Update
patches.suse/mac80211-fix-use-after-free-in-CCMP-GCMP-RX.patch
(git-fixes stable-5.14.10 bsc#1225214 CVE-2021-47388).
- Update
patches.suse/mac80211-hwsim-fix-late-beacon-hrtimer-handling.patch
(git-fixes stable-5.14.10 bsc#1225327 CVE-2021-47396).
- Update
patches.suse/mac80211-limit-injected-vht-mcs-nss-in-ieee80211_par.patch
(git-fixes stable-5.14.10 bsc#1225326 CVE-2021-47395).
- Update
patches.suse/mcb-fix-error-handling-in-mcb_alloc_bus.patch
(stable-5.14.9 bsc#1225151 CVE-2021-47361).
- Update
patches.suse/md-Don-t-ignore-suspended-array-in-md_check_recovery-1baa.patch
(git-fixes CVE-2024-26758).
- Update
patches.suse/media-bttv-fix-use-after-free-error-due-to-btv-timeo.patch
(git-fixes bsc#1225588 CVE-2023-52847).
- Update
patches.suse/media-dvb-frontends-avoid-stack-overflow-warnings-wi.patch
(git-fixes bsc#1223842 CVE-2024-27075).
- Update
patches.suse/media-go7007-fix-a-memleak-in-go7007_load_encoder.patch
(git-fixes bsc#1223844 CVE-2024-27074).
- Update
patches.suse/media-gspca-cpia1-shift-out-of-bounds-in-set_flicker.patch
(git-fixes bsc#1225571 CVE-2023-52764).
- Update
patches.suse/media-imon-fix-access-to-invalid-resource-for-the-se.patch
(git-fixes bsc#1225490 CVE-2023-52754).
- Update
patches.suse/media-imx-csc-scaler-fix-v4l2_ctrl_handler-memory-le.patch
(git-fixes bsc#1223779 CVE-2024-27076).
- Update patches.suse/media-ir_toy-fix-a-memleak-in-irtoy_tx.patch
(git-fixes bsc#1223027 CVE-2024-26829).
- Update
patches.suse/media-rc-bpf-attach-detach-requires-write-permission.patch
(git-fixes bsc#1223031 CVE-2023-52642).
- Update
patches.suse/media-ttpci-fix-two-memleaks-in-budget_av_attach.patch
(git-fixes bsc#1223843 CVE-2024-27073).
- Update
patches.suse/media-usbtv-Remove-useless-locks-in-usbtv_video_free.patch
(git-fixes bsc#1223837 CVE-2024-27072).
- Update
patches.suse/media-v4l2-mem2mem-fix-a-memleak-in-v4l2_m2m_registe.patch
(git-fixes bsc#1223780 CVE-2024-27077).
- Update
patches.suse/media-v4l2-tpg-fix-some-memleaks-in-tpg_alloc.patch
(git-fixes bsc#1223781 CVE-2024-27078).
- Update
patches.suse/media-vidtv-mux-Add-check-and-kfree-for-kstrdup.patch
(git-fixes bsc#1225592 CVE-2023-52841).
- Update patches.suse/media-vidtv-psi-Add-check-for-kstrdup.patch
(git-fixes bsc#1225590 CVE-2023-52844).
- Update
patches.suse/mlxsw-spectrum-Protect-driver-from-buggy-firmware.patch
(git-fixes bsc#1225495 CVE-2021-47560).
- Update
patches.suse/mlxsw-thermal-Fix-out-of-bounds-memory-accesses.patch
(stable-5.14.14 bsc#1225224 CVE-2021-47441).
- Update
patches.suse/mm-mempolicy-do-not-allow-illegal-MPOL_F_NUMA_BALANC.patch
(stable-5.14.15 bsc#1225250 CVE-2021-47462).
- Update
patches.suse/mm-secretmem-fix-NULL-page-mapping-dereference-in-pa.patch
(stable-5.14.15 bsc#1225127 CVE-2021-47463).
- Update
patches.suse/mm-slub-fix-potential-memoryleak-in-kmem_cache_open.patch
(stable-5.14.15 bsc#1225342 CVE-2021-47466).
- Update
patches.suse/mm-slub-fix-potential-use-after-free-in-slab_debugfs.patch
(stable-5.14.15 bsc#1225186 CVE-2021-47470).
- Update
patches.suse/mmc-core-Avoid-negative-index-with-array-access.patch
(git-fixes bsc#1224618 CVE-2024-35813).
- Update
patches.suse/mmc-mmc_spi-fix-error-handling-in-mmc_spi_probe.patch
(git-fixes bsc#1225483 CVE-2023-52708).
- Update
patches.suse/mmc-sdhci-msm-pervent-access-to-suspended-controller.patch
(git-fixes bsc#1225708 CVE-2024-36029).
- Update
patches.suse/mmc-sdio-fix-possible-resource-leaks-in-some-error-p.patch
(git-fixes bsc#1224956 CVE-2023-52730).
- Update
patches.suse/mptcp-ensure-tx-skbs-always-have-the-MPTCP-ext.patch
(stable-5.14.9 bsc#1225183 CVE-2021-47370).
- Update patches.suse/mptcp-fix-possible-stall-on-recvmsg.patch
(stable-5.14.14 bsc#1225129 CVE-2021-47448).
- Update
patches.suse/msft-hv-2940-hv_netvsc-Fix-race-condition-between-netvsc_probe-an.patch
(git-fixes bsc#1222374 CVE-2024-26698).
- Update
patches.suse/msft-hv-2971-net-mana-Fix-Rx-DMA-datasize-and-skb_over_panic.patch
(git-fixes bsc#1224495 CVE-2024-35901).
- Update
patches.suse/mt76-mt7915-fix-NULL-pointer-dereference-in-mt7915_g.patch
(git-fixes bsc#1225386 CVE-2021-47540).
- Update
patches.suse/net-USB-Fix-wrong-direction-WARNING-in-plusb.c.patch
(git-fixes bsc#1225482 CVE-2023-52742).
- Update patches.suse/net-batman-adv-fix-error-handling.patch
(git-fixes stable-5.14.16 bsc#1224909 CVE-2021-47482).
- Update
patches.suse/net-bnx2x-Prevent-access-to-a-freed-page-in-page_poo.patch
(bsc#1215322 bsc#1223049 CVE-2024-26859).
- Update
patches.suse/net-dsa-felix-Fix-memory-leak-in-felix_setup_mmio_fi.patch
(git-fixes bsc#1225380 CVE-2021-47513).
- Update
patches.suse/net-dsa-microchip-Added-the-condition-for-scheduling.patch
(stable-5.14.14 bsc#1225246 CVE-2021-47439).
- Update
patches.suse/net-encx24j600-check-error-in-devm_regmap_init_encx2.patch
(stable-5.14.14 bsc#1225248 CVE-2021-47440).
- Update
patches.suse/net-hns3-do-not-allow-call-hns3_nic_net_open-repeate.patch
(stable-5.14.10 bsc#1225329 CVE-2021-47400).
- Update
patches.suse/net-ll_temac-platform_get_resource-replaced-by-wrong.patch
(git-fixes bsc#1224615 CVE-2024-35796).
- Update patches.suse/net-macb-fix-use-after-free-on-rmmod.patch
(stable-5.14.9 bsc#1225184 CVE-2021-47372).
- Update
patches.suse/net-marvell-prestera-fix-double-free-issue-on-err-pa.patch
(git-fixes bsc#1225501 CVE-2021-47564).
- Update
patches.suse/net-mdiobus-Fix-memory-leak-in-__mdiobus_register.patch
(stable-5.14.15 bsc#1225189 CVE-2021-47472).
- Update
patches.suse/net-mlx4_en-Fix-an-use-after-free-bug-in-mlx4_en_try.patch
(jsc#SLE-19256 bsc#1225453 CVE-2021-47541).
- Update
patches.suse/net-mlx5e-Fix-memory-leak-in-mlx5_core_destroy_cq-er.patch
(stable-5.14.14 bsc#1225229 CVE-2021-47438).
- Update
patches.suse/net-openvswitch-fix-possible-memory-leak-in-ovs_mete.patch
(git-fixes bsc#1224945 CVE-2023-52702).
- Update
patches.suse/net-phy-fix-phy_get_internal_delay-accessing-an-empt.patch
(git-fixes bsc#1223828 CVE-2024-27047).
- Update
patches.suse/net-qlogic-qlcnic-Fix-a-NULL-pointer-dereference-in-.patch
(git-fixes bsc#1225455 CVE-2021-47542).
- Update
patches.suse/net-qualcomm-rmnet-fix-global-oob-in-rmnet_policy.patch
(git-fixes bsc#1220363 CVE-2024-26597).
- Update
patches.suse/net-sched-flower-protect-fl_walk-with-rcu.patch
(stable-5.14.10 bsc#1225302 CVE-2021-47402).
- Update
patches.suse/net-sched-fq_pie-prevent-dismantle-issue.patch
(bsc#1207361 bsc#1225424 CVE-2021-47512).
- Update
patches.suse/net-sched-sch_ets-don-t-peek-at-classes-beyond-nband.patch
(bsc#1207361 bsc#1225468 CVE-2021-47557).
- Update
patches.suse/net-sched-sch_taprio-properly-cancel-timer-from-tapr.patch
(stable-5.14.12 bsc#1225338 CVE-2021-47419).
- Update
patches.suse/net-smc-Fix-NULL-pointer-dereferencing-in-smc_vlan_by_tcpsk
(git-fixes bsc#1225396 CVE-2021-47559).
- Update
patches.suse/net-smc-fix-wrong-list_del-in-smc_lgr_cleanup_early
(git-fixes bsc#1225447 CVE-2021-47536).
- Update
patches.suse/net-stmmac-Disable-Tx-queues-when-reconfiguring-the-.patch
(jsc#SLE-19033 bsc#1225492 CVE-2021-47558).
- Update
patches.suse/net-tls-Fix-flipped-sign-in-tls_err_abort-calls.patch
(stable-5.14.16 bsc#1225354 CVE-2021-47496).
- Update
patches.suse/net-usb-kalmia-Don-t-pass-act_len-in-usb_bulk_msg-er.patch
(git-fixes bsc#1225549 CVE-2023-52703).
- Update
patches.suse/net-vlan-fix-underflow-for-the-real_dev-refcnt.patch
(git-fixes bsc#1225467 CVE-2021-47555).
- Update
patches.suse/net_sched-fix-NULL-deref-in-fifo_set_limit.patch
(stable-5.14.12 bsc#1225337 CVE-2021-47418).
- Update
patches.suse/netfilter-conntrack-serialize-hash-resizes-and-clean.patch
(stable-5.14.10 bsc#1225236 CVE-2021-47408).
- Update
patches.suse/netfilter-nf_tables-skip-netdev-events-generated-on-.patch
(stable-5.14.15 bsc#1225257 CVE-2021-47452).
- Update
patches.suse/netfilter-nf_tables-unlink-table-before-deleting-it.patch
(stable-5.14.10 bsc#1225323 CVE-2021-47394).
- Update
patches.suse/netfilter-xt_IDLETIMER-fix-panic-that-occurs-when-ti.patch
(stable-5.14.15 bsc#1225237 CVE-2021-47451).
- Update
patches.suse/nexthop-Fix-division-by-zero-while-replacing-a-resil.patch
(stable-5.14.9 bsc#1225156 CVE-2021-47363).
- Update
patches.suse/nexthop-Fix-memory-leaks-in-nexthop-notification-cha.patch
(stable-5.14.9 bsc#1225167 CVE-2021-47371).
- Update
patches.suse/nfc-fix-potential-NULL-pointer-deref-in-nfc_genl_dum.patch
(git-fixes bsc#1225372 CVE-2021-47518).
- Update
patches.suse/nfc-nci-Fix-uninit-value-in-nci_dev_up-and-nci_ntf_p.patch
(git-fixes bsc#1224479 CVE-2024-35915).
- Update
patches.suse/nfp-Fix-memory-leak-in-nfp_cpp_area_cache_add.patch
(git-fixes bsc#1225427 CVE-2021-47516).
- Update patches.suse/nfsd-Fix-nsfd-startup-race-again.patch
(git-fixes bsc#1225405 CVE-2021-47507).
- Update
patches.suse/nfsd-fix-use-after-free-due-to-delegation-race.patch
(git-fixes bsc#1225404 CVE-2021-47506).
- Update
patches.suse/nilfs2-fix-underflow-in-second-superblock-position-c.patch
(git-fixes bsc#1225480 CVE-2023-52705).
- Update
patches.suse/nouveau-dmem-handle-kcalloc-allocation-failure.patch
(git-fixes CVE-2024-26943).
- Update
patches.suse/nouveau-fix-instmem-race-condition-around-ptr-stores.patch
(git-fixes bsc#1223633 CVE-2024-26984).
- Update
patches.suse/nvme-fc-do-not-wait-in-vain-when-unloading-module.patch
(git-fixes bsc#1223023 CVE-2024-26846).
- Update
patches.suse/nvme-fix-reconnection-fail-due-to-reserved-tag-alloc.patch
(git-fixes bsc#1224717 CVE-2024-27435).
- Update
patches.suse/nvme-rdma-destroy-cm-id-before-destroy-qp-to-avoid-u.patch
(bsc#1190569 stable-5.14.9 bsc#1225201 CVE-2021-47378).
- Update
patches.suse/nvmem-Fix-shift-out-of-bound-UBSAN-with-byte-size-ce.patch
(stable-5.14.14 bsc#1225355 CVE-2021-47497).
- Update
patches.suse/ocfs2-fix-data-corruption-after-conversion-from-inli.patch
(stable-5.14.15 bsc#1225251 CVE-2021-47460).
- Update
patches.suse/ocfs2-fix-race-between-searching-chunks-and-release-.patch
(stable-5.14.16 bsc#1225439 CVE-2021-47493).
- Update
patches.suse/ocfs2-mount-fails-with-buffer-overflow-in-strlen.patch
(stable-5.14.15 bsc#1225252 CVE-2021-47458).
- Update
patches.suse/octeontx2-af-Fix-a-memleak-bug-in-rvu_mbox_init.patch
(git-fixes bsc#1225375 CVE-2021-47537).
- Update
patches.suse/octeontx2-af-Fix-possible-null-pointer-dereference.patch
(stable-5.14.16 bsc#1224905 CVE-2021-47484).
- Update
patches.suse/of-Fix-double-free-in-of_parse_phandle_with_args_map.patch
(git-fixes bsc#1224508 CVE-2023-52679).
- Update
patches.suse/padata-Fix-refcnt-handling-in-padata_free_shell.patch
(git-fixes bsc#1225584 CVE-2023-52854).
- Update patches.suse/pci_iounmap-Fix-MMIO-mapping-leak.patch
(git-fixes bsc#1223631 CVE-2024-26977).
- Update patches.suse/phy-mdio-fix-memory-leak.patch (git-fixes
stable-5.14.12 bsc#1225336 CVE-2021-47416).
- Update
patches.suse/pinctrl-core-delete-incorrect-free-in-pinctrl_enable.patch
(git-fixes CVE-2024-36940).
- Update
patches.suse/pinctrl-devicetree-fix-refcount-leak-in-pinctrl_dt_t.patch
(git-fixes CVE-2024-36959).
- Update
patches.suse/pinctrl-single-fix-potential-NULL-dereference.patch
(git-fixes bsc#1224942 CVE-2022-48708).
- Update
patches.suse/platform-x86-wmi-Fix-opening-of-char-device.patch
(git-fixes bsc#1225132 CVE-2023-52864).
- Update
patches.suse/power-supply-bq27xxx-i2c-Do-not-free-non-existing-IR.patch
(git-fixes bsc#1224437 CVE-2024-27412).
- Update
patches.suse/powerpc-64s-Fix-unrecoverable-MCE-calling-async-hand.patch
(stable-5.14.12 bsc#1225388 CVE-2021-47429).
- Update
patches.suse/powerpc-64s-fix-program-check-interrupt-emergency-st.patch
(stable-5.14.12 bsc#1225387 CVE-2021-47428).
- Update
patches.suse/powerpc-64s-interrupt-Fix-interrupt-exit-race-with-s.patch
(bsc#1194869 bsc#1225471 CVE-2023-52740).
- Update
patches.suse/powerpc-powernv-Add-a-null-pointer-check-in-opal_pow.patch
(bsc#1181674 ltc#189159 git-fixes bsc#1224601 CVE-2023-52696).
- Update
patches.suse/powerpc-pseries-Fix-potential-memleak-in-papr_get_at.patch
(bsc#1200465 ltc#197256 jsc#SLE-18130 git-fixes bsc#1223756
CVE-2022-48669).
- Update
patches.suse/powerpc-pseries-iommu-LPAR-panics-during-boot-up-wit.patch
(bsc#1222011 ltc#205900 CVE-2024-36926).
- Update
patches.suse/powerpc-smp-do-not-decrement-idle-task-preempt-count.patch
(stable-5.14.15 bsc#1225255 CVE-2021-47454).
- Update
patches.suse/ppdev-Add-an-error-check-in-register_device.patch
(git-fixes bsc#1225640 CVE-2024-36015).
- Update
patches.suse/pstore-ram_core-fix-possible-overflow-in-persistent_.patch
(git-fixes bsc#1224728 CVE-2023-52685).
- Update
patches.suse/pstore-zone-Add-a-null-pointer-check-to-the-psz_kmsg.patch
(stable-fixes bsc#1224537 CVE-2024-35940).
- Update
patches.suse/ptp-Fix-possible-memory-leak-in-ptp_clock_register.patch
(stable-5.14.15 bsc#1225254 CVE-2021-47455).
- Update patches.suse/pwm-Fix-double-shift-bug.patch (git-fixes
bsc#1225461 CVE-2023-52756).
- Update patches.suse/qibfs-fix-dentry-leak.patch (git-fixes
CVE-2024-36947).
- Update
patches.suse/regmap-Fix-possible-double-free-in-regcache_rbtree_e.patch
(git-fixes stable-5.14.16 bsc#1224907 CVE-2021-47483).
- Update
patches.suse/riscv-Flush-current-cpu-icache-before-other-cpus.patch
(stable-5.14.12 bsc#1225334 CVE-2021-47414).
- Update
patches.suse/riscv-bpf-Fix-potential-NULL-dereference.patch
(stable-5.14.16 bsc#1224903 CVE-2021-47486).
- Update
patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch
(bsc#1141539 git-fixes bsc#1223819 CVE-2024-27054).
- Update
patches.suse/s390-cio-Ensure-the-copied-buf-is-NUL-terminated.patch
(git-fixes bsc#1223875 bsc#1225747 CVE-2024-36931).
- Update
patches.suse/s390-dasd-protect-device-queue-against-concurrent-access.patch
(git-fixes bsc#1217515 bsc#1225572 CVE-2023-52774).
- Update
patches.suse/s390-decompressor-specify-__decompress-buf-len-to-avoid-overflow.patch
(git-fixes bsc#1213863 bsc#1225488 CVE-2023-52733).
- Update
patches.suse/s390-qeth-Fix-kernel-panic-after-setting-hsuid.patch
(git-fixes bsc#1223879 bsc#1225775 CVE-2024-36928).
- Update
patches.suse/s390-qeth-fix-NULL-deref-in-qeth_clear_working_pool_.patch
(stable-5.14.9 bsc#1225164 CVE-2021-47369).
- Update
patches.suse/s390-qeth-fix-deadlock-during-failing-recovery.patch
(stable-5.14.10 bsc#1225207 CVE-2021-47382).
- Update
patches.suse/s390-zcrypt-fix-reference-counting-on-zcrypt-card-objects.patch
(git-fixes bsc#1223595 bsc#1223666 CVE-2024-26957).
- Update
patches.suse/sata_fsl-fix-UAF-in-sata_fsl_port_stop-when-rmmod-sa.patch
(git-fixes bsc#1225508 CVE-2021-47549).
- Update
patches.suse/sched-psi-Fix-use-after-free-in-ep_remove_wait_queue.patch
(bsc#1209799 bsc#1225109 CVE-2023-52707).
- Update
patches.suse/sched-scs-Reset-task-stack-state-in-bringup_cpu.patch
(git-fixes bsc#1225464 CVE-2021-47553).
- Update
patches.suse/scsi-core-Put-LLD-module-refcnt-after-SCSI-device-is.patch
(stable-5.14.17 bsc#1225322 CVE-2021-47480).
- Update
patches.suse/scsi-hisi_sas-Set-debugfs_dir-pointer-to-NULL-after-removing-debugfs.patch
(git-fixes bsc#1225555 CVE-2023-52808).
- Update
patches.suse/scsi-ibmvfc-Remove-BUG_ON-in-the-case-of-an-empty-ev.patch
(bsc#1209834 ltc#202097 bsc#1225559 CVE-2023-52811).
- Update
patches.suse/scsi-iscsi-Fix-iscsi_task-use-after-free.patch
(stable-5.14.12 bsc#1225225 CVE-2021-47427).
- Update
patches.suse/scsi-libfc-Fix-potential-NULL-pointer-dereference-in-fc_lport_ptp_setup.patch
(git-fixes bsc#1225556 CVE-2023-52809).
- Update
patches.suse/scsi-lpfc-Fix-possible-memory-leak-in-lpfc_rcv_padis.patch
(bsc#1220021 bsc#1224651 CVE-2024-35930).
- Update
patches.suse/scsi-lpfc-Move-NPIV-s-transport-unregistration-to-af.patch
(bsc#1221777 CVE-2024-36952).
- Update
patches.suse/scsi-lpfc-Release-hbalock-before-calling-lpfc_worker.patch
(bsc#1221777 CVE-2024-36924).
- Update
patches.suse/scsi-mpt3sas-Fix-kernel-panic-during-drive-powercycle-test
(git-fixes bsc#1225384 CVE-2021-47565).
- Update
patches.suse/scsi-pm80xx-Do-not-call-scsi_remove_host-in-pm8001_alloc
(git-fixes bsc#1225374 CVE-2021-47503).
- Update
patches.suse/scsi-qla2xxx-Fix-a-memory-leak-in-an-error-path-of-q.patch
(stable-5.14.15 bsc#1225192 CVE-2021-47473).
- Update
patches.suse/scsi-qla2xxx-Fix-command-flush-on-cable-pull.patch
(bsc1221816 bsc#1223627 CVE-2024-26931).
- Update
patches.suse/scsi-qla2xxx-Fix-double-free-of-the-ha-vp_map-pointer.patch
(bsc1221816 bsc#1223626 CVE-2024-26930).
- Update
patches.suse/sctp-break-out-if-skb_header_pointer-returns-NULL-in.patch
(stable-5.14.10 bsc#1225082 CVE-2021-47397).
- Update
patches.suse/serial-core-fix-transmit-buffer-reset-and-memleak.patch
(git-fixes bsc#1194288 CVE-2021-47527).
- Update
patches.suse/serial-liteuart-Fix-NULL-pointer-dereference-in-remo.patch
(git-fixes bsc#1225376 CVE-2021-47526).
- Update
patches.suse/serial-liteuart-fix-minor-number-leak-on-probe-error.patch
(git-fixes bsc#1225377 CVE-2021-47524).
- Update
patches.suse/serial-liteuart-fix-use-after-free-and-memleak-on-un.patch
(git-fixes bsc#1225441 CVE-2021-47525).
- Update
patches.suse/serial-mxs-auart-add-spinlock-around-changing-cts-st.patch
(git-fixes bsc#1223757 CVE-2024-27000).
- Update
patches.suse/serial-pmac_zilog-Remove-flawed-mitigation-for-rx-ir.patch
(git-fixes bsc#1223754 CVE-2024-26999).
- Update
patches.suse/soc-fsl-qbman-Always-disable-interrupts-when-taking-.patch
(git-fixes bsc#1224699 CVE-2024-35806).
- Update
patches.suse/soc-qcom-llcc-Handle-a-second-device-without-data-co.patch
(git-fixes bsc#1225534 CVE-2023-52871).
- Update patches.suse/speakup-Avoid-crash-on-very-long-word.patch
(git-fixes bsc#1223750 CVE-2024-26994).
- Update
patches.suse/spi-Fix-deadlock-when-adding-SPI-controllers-on-SPI-.patch
(stable-5.14.15 bsc#1225347 CVE-2021-47469).
- Update
patches.suse/spi-spi-mt65xx-Fix-NULL-pointer-access-in-interrupt-.patch
(git-fixes bsc#1223788 CVE-2024-27028).
- Update
patches.suse/staging-greybus-uart-fix-tty-use-after-free.patch
(stable-5.14.9 bsc#1224920 CVE-2021-47358).
- Update
patches.suse/staging-rtl8712-fix-use-after-free-in-rtl8712_dl_fw.patch
(git-fixes stable-5.14.18 bsc#1224911 CVE-2021-47479).
- Update
patches.suse/tcp-fix-page-frag-corruption-on-page-fault.patch
(git-fixes bsc#1225463 CVE-2021-47544).
- Update
patches.suse/thermal-core-prevent-potential-string-overflow.patch
(git-fixes bsc#1225044 CVE-2023-52868).
- Update
patches.suse/tracing-trigger-Fix-to-return-error-if-failed-to-alloc-snapshot.patch
(git-fixes CVE-2024-26920).
- Update
patches.suse/tty-Fix-out-of-bound-vmalloc-access-in-imageblit.patch
(stable-5.14.10 bsc#1225208 CVE-2021-47383).
- Update
patches.suse/tty-n_gsm-fix-possible-out-of-bounds-in-gsm0_receive.patch
(git-fixes bsc#1225642 CVE-2024-36016).
- Update
patches.suse/tty-n_gsm-fix-race-condition-in-status-line-change-o.patch
(git-fixes bsc#1225591 CVE-2023-52872).
- Update
patches.suse/tty-n_gsm-require-CAP_NET_ADMIN-to-attach-N_GSM0710-.patch
(bsc#1222619 CVE-2023-52880).
- Update
patches.suse/tty-vcc-Add-check-for-kstrdup-in-vcc_probe.patch
(git-fixes bsc#1225180 CVE-2023-52789).
- Update
patches.suse/usb-cdc-wdm-close-race-between-read-and-workqueue.patch
(git-fixes bsc#1224624 CVE-2024-35812).
- Update
patches.suse/usb-cdns3-fix-memory-double-free-when-handle-zero-pa.patch
(git-fixes bsc#1222513 CVE-2024-26748).
- Update
patches.suse/usb-cdnsp-Fix-a-NULL-pointer-dereference-in-cdnsp_en.patch
(git-fixes bsc#1225368 CVE-2021-47528).
- Update
patches.suse/usb-chipidea-ci_hdrc_imx-Also-search-for-phys-phandl.patch
(git-fixes stable-5.14.12 bsc#1225333 CVE-2021-47413).
- Update
patches.suse/usb-config-fix-iteration-issue-in-usb_get_bos_descri.patch
(git-fixes bsc#1225092 CVE-2023-52781).
- Update
patches.suse/usb-dwc2-check-return-value-after-calling-platform_g.patch
(stable-5.14.11 bsc#1225330 CVE-2021-47409).
- Update
patches.suse/usb-dwc2-fix-possible-NULL-pointer-dereference-cause.patch
(git-fixes bsc#1225583 CVE-2023-52855).
- Update
patches.suse/usb-dwc2-host-Fix-dereference-issue-in-DDMA-completi.patch
(git-fixes bsc#1223741 CVE-2024-26997).
- Update
patches.suse/usb-gadget-f_ncm-Fix-UAF-ncm-object-at-re-bind-after.patch
(stable-fixes bsc#1223752 CVE-2024-26996).
- Update
patches.suse/usb-gadget-ncm-Avoid-dropping-datagrams-of-properly-.patch
(git-fixes bsc#1224423 CVE-2024-27405).
- Update
patches.suse/usb-gadget-ncm-Fix-handling-of-zero-block-length-pac.patch
(git-fixes bsc#1224681 CVE-2024-35825).
- Update patches.suse/usb-musb-dsps-Fix-the-probe-error-path.patch
(git-fixes stable-5.14.14 bsc#1225244 CVE-2021-47436).
- Update
patches.suse/usb-typec-tcpm-Check-for-port-partner-validity-befor.patch
(git-fixes bsc#1225748 CVE-2024-36893).
- Update
patches.suse/usb-typec-tcpm-Fix-NULL-pointer-dereference-in-tcpm_.patch
(git-fixes bsc#1224944 CVE-2023-52877).
- Update
patches.suse/usb-udc-remove-warning-when-queue-disabled-ep.patch
(stable-fixes bsc#1224739 CVE-2024-35822).
- Update
patches.suse/usb-xhci-Add-error-handling-in-xhci_map_urb_for_dma.patch
(git-fixes bsc#1223650 CVE-2024-26964).
- Update patches.suse/usbnet-sanity-check-for-maxpacket.patch
(stable-5.14.16 bsc#1225351 CVE-2021-47495).
- Update
patches.suse/userfaultfd-fix-a-race-between-writeprotect-and-exit.patch
(stable-5.14.15 bsc#1225249 CVE-2021-47461).
- Update
patches.suse/vdpa_sim-avoid-putting-an-uninitialized-iova_domain.patch
(git-fixes bsc#1225466 CVE-2021-47554).
- Update
patches.suse/virtio-net-fix-pages-leaking-when-building-skb-in-bi.patch
(stable-5.14.9 bsc#1225123 CVE-2021-47367).
- Update
patches.suse/vt-fix-unicode-buffer-corruption-when-deleting-chara.patch
(git-fixes bsc#1224692 CVE-2024-35823).
- Update
patches.suse/wifi-ath11k-decrease-MHI-channel-buffer-length-to-8K.patch
(bsc#1207948 bsc#1224643 CVE-2024-35938).
- Update
patches.suse/wifi-ath11k-fix-dfs-radar-event-locking.patch
(git-fixes bsc#1224947 CVE-2023-52798).
- Update
patches.suse/wifi-ath11k-fix-gtk-offload-status-event-locking.patch
(git-fixes bsc#1224992 CVE-2023-52777).
- Update patches.suse/wifi-ath11k-fix-htt-pktlog-locking.patch
(git-fixes CVE-2023-52800).
- Update
patches.suse/wifi-b43-Stop-wake-correct-queue-in-DMA-Tx-path-when.patch
(git-fixes bsc#1222961 CVE-2023-52644).
- Update
patches.suse/wifi-iwlwifi-dbg-tlv-ensure-NUL-termination.patch
(git-fixes bsc#1224731 CVE-2024-35845).
- Update
patches.suse/wifi-iwlwifi-mvm-rfi-fix-potential-response-leaks.patch
(git-fixes bsc#1224487 CVE-2024-35912).
- Update
patches.suse/wifi-libertas-fix-some-memleaks-in-lbs_allocate_cmd_.patch
(git-fixes bsc#1224622 CVE-2024-35828).
- Update
patches.suse/wifi-mac80211-check-clear-fast-rx-for-non-4addr-sta-.patch
(stable-fixes bsc#1224749 CVE-2024-35789).
- Update
patches.suse/wifi-mac80211-don-t-return-unset-power-in-ieee80211_.patch
(git-fixes bsc#1225577 CVE-2023-52832).
- Update
patches.suse/wifi-mt76-mt7921e-fix-crash-in-chip-reset-fail.patch
(bsc#1209980 bsc#1223895 CVE-2022-48705).
- Update
patches.suse/wifi-nl80211-don-t-free-NULL-coalescing-rule.patch
(git-fixes CVE-2024-36941).
- Update
patches.suse/wifi-nl80211-reject-iftype-change-with-mesh-ID-chang.patch
(git-fixes bsc#1224432 CVE-2024-27410).
- Update
patches.suse/wifi-rtl8xxxu-add-cancel_work_sync-for-c2hcmd_work.patch
(git-fixes bsc#1223829 CVE-2024-27052).
- Update
patches.suse/wifi-wilc1000-fix-RCU-usage-in-connect-path.patch
(git-fixes bsc#1223737 CVE-2024-27053).
- Update
patches.suse/x86-entry-Clear-X86_FEATURE_SMAP-when-CONFIG_X86_SMA.patch
(stable-5.14.12 bsc#1225228 CVE-2021-47430).
- Update
patches.suse/x86-fpu-Keep-xfd_state-in-sync-with-MSR_IA32_XFD.patch
(git-fixes bsc#1224732 CVE-2024-35801).
- Update
patches.suse/x86-mm-Ensure-input-to-pfn_to_kaddr-is-treated-as-a-64-bit-type.patch
(jsc#PED-7167 git-fixes bsc#1224442 CVE-2023-52659).
- Update
patches.suse/xhci-Fix-command-ring-pointer-corruption-while-abort.patch
(stable-5.14.14 bsc#1225232 CVE-2021-47434).
- commit 7e29329
- powerpc/pseries/lparcfg: drop error message from guest name
lookup (bsc#1187716 ltc#193451 git-fixes).
- commit 1d8f6b6
- blacklist.conf: PPC fsl_msi is not used
- commit 346d509
- powerpc/uaccess: Use YZ asm constraint for ld (bsc#1194869).
- powerpc/uaccess: Fix build errors seen with GCC 13/14
(bsc#1194869).
- commit 0f3f8d5
- nvmet: fix ns enable/disable possible hang (git-fixes).
- nvme-multipath: fix io accounting on failover (git-fixes).
- nvme: fix multipath batched completion accounting (git-fixes).
- commit dd54933
- netfilter: nf_tables: release mutex after nft_gc_seq_end from
abort path (CVE-2024-26925 bsc#1223390).
- commit d38b98f
- cls_rsvp: check user supplied offsets (CVE-2023-42755
bsc#1215702).
- commit b6c6fb3
- bpf: Fix precision tracking for BPF_ALU | BPF_TO_BE | BPF_END
(git-fixes).
- commit 53d4b05
- bpf: fix precision backtracking instruction iteration
(bsc#1225756).
- commit 5aec043
- drivers/nvme: Add quirks for device 126f:2262 (git-fixes).
- nvme: fix miss command type check (git-fixes).
- commit b122221
- nvme: ensure disabling pairs with unquiesce (bsc#1224534).
- commit e08ce4d
- idpf: extend tx watchdog timeout (bsc#1224137).
- commit 65a74c5
- Bluetooth: ISO: Fix not validating setsockopt user input
(bsc#1224581 CVE-2024-35964).
- commit cf9835d
- printk: Update @console_may_schedule in
console_trylock_spinning() (bsc#1225616).
- commit 9f61f12
- Bluetooth: ISO: Add support for BT_PKT_STATUS (bsc#1224581
CVE-2024-35964).
- commit 9488226
- Bluetooth: af_bluetooth: Make BT_PKT_STATUS generic (bsc#1224581
CVE-2024-35964).
- Refresh
patches.suse/Bluetooth-SCO-Fix-not-validating-setsockopt-user-inp.patch.
- commit 07d66e7
- swiotlb: extend buffer pre-padding to alloc_align_mask if necessary (bsc#1224331).
Update patches.kabi/kABI-Work-around-kABI-changes-after-20347fca71a3-swi.patch (jsc#PED-3259, bsc#1224331).
- commit 861d481
- iommu/dma: Force swiotlb_max_mapping_size on an untrusted device (bsc#1224331)
- commit 00a5ac9
- swiotlb: Fix alignment checks when both allocation and DMA masks are (bsc#1224331)
- commit be23e64
- swiotlb: Honour dma_alloc_coherent() alignment in swiotlb_alloc() (bsc#1224331)
- commit ec1f4ec
- swiotlb: Fix double-allocation of slots due to broken alignment (bsc#1224331)
- commit cdb0386
- calipso: fix memory leak in netlbl_calipso_add_pass()
(CVE-2023-52698 bsc#1224621)
- commit 77eb4f6
- blacklist.conf: add commit for config change not needed
- commit 938b50b
- scsi: qla2xxx: Fix off by one in qla_edif_app_getstats()
(git-fixes).
- scsi: sd: Unregister device if device_add_disk() failed in
sd_probe() (git-fixes).
- scsi: mylex: Fix sysfs buffer lengths (git-fixes).
- scsi: core: Fix unremoved procfs host directory regression
(git-fixes).
- scsi: bfa: Fix function pointer type mismatch for hcb_qe->cbfn
(git-fixes).
- scsi: csiostor: Avoid function pointer casts (git-fixes).
- scsi: mpt3sas: Prevent sending diag_reset when the controller
is ready (git-fixes).
- scsi: core: Consult supported VPD page list prior to fetching
page (git-fixes).
- scsi: libfc: Fix up timeout error in fc_fcp_rec_error()
(git-fixes).
- scsi: libfc: Don't schedule abort twice (git-fixes).
- scsi: arcmsr: Support new PCI device IDs 1883 and 1886
(git-fixes).
- commit f4328c2
- net: atlantic: eliminate double free in error handling logic
(CVE-2023-52664 bsc#1224747).
- Refresh
patches.suse/net-atlantic-Fix-DMA-mapping-for-PTP-hwts-ring.patch.
- commit 3161f6b
- blacklist.conf: arm: kernel does not support folios
- commit 44a14d2
- Delete BT and WiFi cleanup patches for netif_rx()
Drop two cleanup patches that are likely broken: SLE15-SP5 kernel has
no prerequisite commit baebdf48c3600 backported (yet):
patches.suse/bluetooth-Use-netif_rx-d33d0dc9.patch
patches.suse/wireless-Atheros-Use-netif_rx.patch
- commit d16d77f
- net: hns3: fix out-of-bounds access may occur when coalesce
info is read via debugfs (CVE-2023-52807 bsc#1225097).
- commit 2628336
- tpm_tis_spi: Account for SPI header when allocating TPM SPI xfer (bsc#1225535)
- commit 58a5216
- blacklist.conf: Add c5b0a7eefc70 sched/fair: Remove sysctl_sched_migration_cost condition
- commit 251d591
- cpumap: Zero-initialise xdp_rxq_info struct before running
XDP program (bsc#1224718 CVE-2024-27431).
- commit 1d6e754
- blacklist.conf: optimization, not a fix
- commit 6b6d3e6
- PCI: dwc: Use the bitmap API to allocate bitmaps (git-fixes).
- commit 60a3fbf
- PCI: dwc: ep: Fix DBI access failure for drivers requiring
refclk from host (git-fixes).
- PCI: dwc: Detect iATU settings after getting "addr_space"
resource (git-fixes).
- commit a26d4db
- kABI: bpf: struct bpf_link and bpf_link_ops kABI workaround
(bsc#1224531 CVE-2024-35860).
- commit 35186ef
- ppdev: Add an error check in register_device (git-fixes).
- commit cd9959b
- bpf: support deferring bpf_link dealloc to after RCU grace
period (bsc#1224531 CVE-2024-35860).
- commit 5cff30d
- blacklist.conf: kABI
- commit f83467b
- tpm_tis_spi: Account for SPI header when allocating TPM SPI
xfer buffer (git-fixes).
- commit 65639af
- drm/amd/display: Fix hang/underflow when transitioning to ODM4:1 (CVE-2023-52671 bsc#1224729).
- commit d5b1287
- blacklist.conf: Ignore all devicetree schemes changes
We do not use them, so lets silence all git-fixes for them.
- commit c94d164
- drm/amd/display: Prevent crash when disable stream (CVE-2024-35799 bsc#1224740).
- commit 7764a6b
- drm/panfrost: Fix the error path in panfrost_mmu_map_fault_addr() (CVE-2024-35951 bsc#1224701).
- commit c3405cd
- efi/capsule-loader: fix incorrect allocation size (bsc#1224438
CVE-2024-27413).
- commit bcbd0b7
- Update
patches.suse/ring-buffer-Fix-a-race-between-readers-and-resize-checks.patch
(bsc#1222893).
- commit 7df29b0
- drm/amdgpu: amdgpu_ttm_gart_bind set gtt bound flag (CVE-2024-35817 bsc#1224736).
- commit 3fd949a
- x86/mm/pat: fix VM_PAT handling in COW mappings (bsc#1224525
CVE-2024-35877).
- commit b573b7a
- ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr
(CVE-2024-35969 bsc#1224580)
- commit 217a49b
- Refresh patches.suse/x86-coco-Require-seeding-RNG-with-RDRAND-on-CoCo-systems.patch.
Remove defined but unused variable warning.
- commit 2a387cc
- xfrm/compat: prevent potential spectre v1 gadget in xfrm_xlate32_attr()
(CVE-2023-52746 bsc#1225114)
- commit 1a99ba9
- mm/secretmem: fix GUP-fast succeeding on secretmem folios
(CVE-2024-35872 bsc#1224530).
- commit 1a7a850
- Update CVE references (CVE-2024-35935 bsc#1224645)
Update patches.suse/btrfs-send-handle-path-ref-underflow-in-header-itera.patch
(CVE-2024-35935 bsc#1224645).
- commit 1afc656
- Update CVE references (CVE-2024-35936 bsc#1224644)
- Update patches.suse/btrfs-add-missing-mutex_unlock-in-btrfs_relocate_sys.patch
(CVE-2024-35936 bsc#1224644).
- Update patches.suse/btrfs-handle-chunk-tree-lookup-error-in-btrfs_reloca.patch
(CVE-2024-35936 bsc#1224644).
- commit 46ae3a6
- x86/bugs: Replace CONFIG_SPECTRE_BHI_{ON,OFF} with CONFIG_MITIGATION_SPECTRE_BHI (git-fixes).
- Update config files.
- commit 99579af
- x86/bugs: Remove CONFIG_BHI_MITIGATION_AUTO and spectre_bhi=auto (git-fixes).
- Update config files.
- commit 6a0eda0
- mlxsw: spectrum_acl_tcam: Fix memory leak when canceling rehash
work (CVE-2024-35852 bsc#1224502).
- mlxsw: spectrum_acl_tcam: Fix incorrect list API usage
(CVE-2024-36006 bsc#1224541).
- mlxsw: spectrum_acl_tcam: Fix warning during rehash
(CVE-2024-36007 bsc#1224543).
- mlxbf_gige: stop interface during shutdown (CVE-2024-35885
bsc#1224519).
- mlxbf_gige: call request_irq() after NAPI initialized
(CVE-2024-35907 bsc#1224492).
- mlxbf_gige: stop PHY during open() error paths (git-fixes).
- mlxbf_gige: Enable the GigE port in mlxbf_gige_open (git-fixes).
- mlxbf_gige: Fix intermittent no ip issue (git-fixes).
- ipvlan: add ipvlan_route_v6_outbound() helper (CVE-2023-52796
bsc#1224930).
- commit de506c4
- tracing: Add MODULE_DESCRIPTION() to preemptirq_delay_test
(git-fixes).
- commit 9feb6d7
- ring-buffer: Fix a race between readers and resize checks
(git-fixes).
- commit 1627912
- tracing: hide unused ftrace_event_id_fops (git-fixes).
- commit 8692851
- blacklist.conf: add a not-relevant tracing commit
- commit 784f511
- dma-direct: Leak pages on dma_set_decrypted() failure (bsc#1224535 CVE-2024-35939).
- commit 7213b4b
- x86/coco: Require seeding RNG with RDRAND on CoCo systems (bsc#1224665 CVE-2024-35875).
- Refresh patches.suse/suse-hv-cc_attr_cpu_hotplug_disabled.patch.
- commit 234fdb1
- x86/sev: Check for MWAITX and MONITORX opcodes in the #VC handler (git-fixes).
- commit 450733a
- x86: Fix CPUIDLE_FLAG_IRQ_ENABLE leaking timer reprogram (git-fixes).
- commit bab84b2
- x86/tdx: Preserve shared bit on mprotect() (git-fixes).
- commit caf6529
- x86/sme: Fix memory encryption setting if enabled by default and not overridden (git-fixes).
- commit 085895e
- x86/retpoline: Do the necessary fixup to the Zen3/4 srso return thunk for !SRSO (git-fixes).
- commit 76ca8ec
- x86/boot: Ignore NMIs during very early boot (git-fixes).
- commit 20c646a
- x86/lib: Fix overflow when counting digits (git-fixes).
- commit 5eb97ad
- x86/mce: Make sure to grab mce_sysfs_mutex in set_bank() (git-fixes).
- commit f16b82f
- x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file (git-fixes).
- Refresh patches.suse/x86-bhi-Add-BHI-mitigation-knob.patch.
- commit 22da5da
- x86/nmi: Drop unused declaration of proc_nmi_enabled() (git-fixes).
- commit f63acb6
- blacklist.conf: Blacklist broken patch that gets reverted subsequently
- commit 5a2bbf2
- KVM: x86: Mark target gfn of emulated atomic instruction as
dirty (bsc#1224638, CVE-2024-35804).
- commit e14475b
- Rename colliding patches before origin/cve/linux-5.14-LTSS -> SLE15-SP5 merge
- commit ead7031
- KVM: SVM: Flush pages under kvm->lock to fix UAF in
svm_register_enc_region() (bsc#1224725, CVE-2024-35791).
- commit 5b89286
- selinux: avoid dereference of garbage after mount failure
(bsc#1224494 CVE-2024-35904).
- commit dad5bc3
- nilfs2: fix unexpected freezing of nilfs_segctor_sync()
(git-fixes).
- nilfs2: fix use-after-free of timer for log writer thread
(git-fixes).
- i3c: master: svc: fix invalidate IBI type and miss call client
IBI handler (git-fixes).
- i3c: master: svc: change ENXIO to EAGAIN when IBI occurs during
start frame (git-fixes).
- serial: kgdboc: Fix NMI-safety problems from keyboard reset code
(stable-fixes).
- drm/amd/display: Fix division by zero in setup_dsc_config
(stable-fixes).
- docs: kernel_include.py: Cope with docutils 0.21 (stable-fixes).
- pinctrl: core: handle radix_tree_insert() errors in
pinctrl_register_one_pin() (stable-fixes).
- commit 062f495
- media: rkisp1: Fix IRQ handling due to shared interrupts
(CVE-2023-52660 bsc#1224443).
- commit aadfd1f
- Input: cyapa - add missing input core locking to suspend/resume
functions (git-fixes).
- Input: pm8xxx-vibrator - correct VIB_MAX_LEVELS calculation
(git-fixes).
- Input: ims-pcu - fix printf string overflow (git-fixes).
- ASoC: tas2552: Add TX path for capturing AUDIO-OUT data
(git-fixes).
- ALSA: core: Fix NULL module pointer assignment at card init
(git-fixes).
- speakup: Fix sizeof() vs ARRAY_SIZE() bug (git-fixes).
- serial: sc16is7xx: fix bug in sc16is7xx_set_baud() when using
prescaler (git-fixes).
- serial: 8250_bcm7271: use default_mux_rate if possible
(git-fixes).
- tty: n_gsm: fix missing receive state reset after mode switch
(git-fixes).
- tty: n_gsm: fix possible out-of-bounds in gsm0_receive()
(git-fixes).
- commit 1d7ff63
- kABI workaround for drivers/of/dynamic.c (CVE-2024-35879
bsc#1224524).
- commit 2e9ad08
- pmdomain: ti: Add a null pointer check to the
omap_prm_domain_init (CVE-2024-35943 bsc#1224649).
- commit aa89394
- of: module: prevent NULL pointer dereference in vsnprintf()
(CVE-2024-35878 bsc#1224671).
- commit 715f7d4
- of: dynamic: Synchronize of_changeset_destroy() with the
devlink removals (CVE-2024-35879 bsc#1224524).
- driver core: Introduce device_link_wait_removal()
(CVE-2024-35879 bsc#1224524).
- commit fe69cd8
- drivers/perf: hisi: use cpuhp_state_remove_instance_nocalls()
for hisi_hns3_pmu uninit process (CVE-2023-52860 bsc#1224936).
- commit 1703104
- sched/topology: Optimize topology_span_sane() (bsc#1225053).
- cpumask: Add for_each_cpu_from() (bsc#1225053).
- commit f0643dd
- net/mlx5e: Fix mlx5e_priv_init() cleanup flow (CVE-2024-35959
bsc#1224666).
- Refresh
patches.suse/powerpc-Avoid-nmi_enter-nmi_exit-in-real-mode-interr.patch.
- Refresh
patches.suse/powerpc-eeh-Permanently-disable-the-removed-device.patch.
- commit 2088b29
- mlxsw: spectrum_acl_tcam: Fix possible use-after-free during
rehash (CVE-2024-35854 bsc#1224636).
- commit 0674818
- geneve: fix header validation in geneve[6]_xmit_skb
(CVE-2024-35973 bsc#1224586).
- commit ef0dd47
- ipv6: fix potential "struct net" leak in inet6_rtm_getaddr()
(CVE-2024-27417 bsc#1224721)
- commit 9d4dafd
- af_unix: annote lockless accesses to unix_tot_inflight &
gc_in_progress (bsc#1223384).
- Refresh
patches.suse/io_uring-af_unix-defer-registered-files-gc-to-io_uri.patch.
- commit 478234c
- Update patch reference for media fix (CVE-2024-35830 bsc#1224680)
- commit aae637c
- regulator: bd71828: Don't overwrite runtime voltages
(git-fixes).
- nfc: nci: Fix handling of zero-length payload packets in
nci_rx_work() (git-fixes).
- nfc: nci: Fix uninit-value in nci_rx_work (git-fixes).
- tools/latency-collector: Fix -Wformat-security compile warns
(git-fixes).
- commit 6c22f99
- bpf: Protect against int overflow for stack access size
(bsc#1224488 CVE-2024-35905).
- bpf: Check bloom filter map value size (bsc#1224488
CVE-2024-35905).
- commit c3a457f
- io_uring: drop any code related to SCM_RIGHTS (git-fixes
CVE-2023-52656 bsc#1224187).
- io_uring/unix: drop usage of io_uring socket (git-fixes).
- commit 2c7c0cc
- autofs: use wake_up() instead of wake_up_interruptible(()
(bsc#1224166).
- commit 63af67f
- Update patches.suse/io_uring-af_unix-disable-sending-io_uring-over-socke.patch
(bsc#1218447 CVE-2023-6531 CVE-2023-52654 bsc#1224099)
This commit was merged twice, through the net and io_uring maintainer
trees. Add an Alt-commit entry to document that.
- commit 8d7b4ed
- Update patches.suse/scsi-qedf-Wait-for-stag-work-during-unload.patch (bsc#1214852)
- Update patches.suse/scsi-qedf-Don-t-process-stag-work-during-unload.patch (bsc#1214852)
- commit c7be571
- Update patches.suse/afs-Fix-page-leak.patch (stable-5.14.9
CVE-2021-47365 bsc#1224895).
- commit c17c3b1
- Update
patches.suse/afs-Fix-corruption-in-reads-at-fpos-2G-4G-from-an-Op.patch
(stable-5.14.9 CVE-2021-47366 bsc#1225160).
- commit f8c347d
- s390/ipl: Fix incorrect initialization of len fields in nvme
reipl block (git-fixes bsc#1225139).
- commit fa2a3c7
- s390/ipl: Fix incorrect initialization of nvme dump block
(git-fixes bsc#1225138).
- commit 99842eb
- ALSA: scarlett2: Add clamp() in scarlett2_mixer_ctl_put()
(CVE-2023-52674 bsc#1224727).
- ALSA: scarlett2: Add missing error checks to *_ctl_get()
(CVE-2023-52680 bsc#1224608).
- ALSA: scarlett2: Add missing error check to
scarlett2_usb_set_config() (CVE-2023-52692 bsc#1224628).
- commit 76e573a
- spmi: hisi-spmi-controller: Do not override device identifier
(git-fixes).
- extcon: max8997: select IRQ_DOMAIN instead of depending on it
(git-fixes).
- vmci: prevent speculation leaks by sanitizing event in
event_deliver() (git-fixes).
- VMCI: Fix an error handling path in vmci_guest_probe_device()
(git-fixes).
- iio: pressure: dps310: support negative temperature values
(git-fixes).
- iio: core: Leave private pointer NULL when no private data
supplied (git-fixes).
- serial: sh-sci: protect invalidating RXDMA on shutdown
(git-fixes).
- serial: sc16is7xx: add proper sched.h include for
sched_set_fifo() (git-fixes).
- serial: max3100: Fix bitwise types (git-fixes).
- serial: max3100: Update uart_driver_registered on driver removal
(git-fixes).
- serial: max3100: Lock port->lock when calling
uart_handle_cts_change() (git-fixes).
- usb: typec: tipd: fix event checking for tps6598x (git-fixes).
- usb: typec: ucsi: displayport: Fix potential deadlock
(git-fixes).
- usb: gadget: u_audio: Clear uac pointer when freed (git-fixes).
- leds: pwm: Disable PWM when going to suspend (git-fixes).
- VMCI: Fix possible memcpy() run-time warning in
vmci_datagram_invoke_guest_handler() (stable-fixes).
- VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host()
(stable-fixes CVE-2024-35944 bsc#1224648).
- spmi: Add a check for remove callback when removing a SPMI
driver (git-fixes).
- commit d71c003
- Update
patches.suse/efi-libstub-Implement-support-for-unaccepted-memory.patch
(jsc#PED-7167, bsc#1224169).
- commit a57eb93
- libsubcmd: Fix parse-options memory leak (git-fixes).
- dmaengine: axi-dmac: fix possible race in remove() (git-fixes).
- dmaengine: idma64: Add check for dma_set_max_seg_size
(git-fixes).
- remoteproc: mediatek: Make sure IPI buffer fits in L2TCM
(git-fixes).
- PCI: tegra194: Fix probe path for Endpoint mode (git-fixes).
- PCI: rockchip-ep: Remove wrong mask on subsys_vendor_id
(git-fixes).
- PCI/EDR: Align EDR_PORT_LOCATE_DSM with PCI Firmware r3.3
(git-fixes).
- PCI/EDR: Align EDR_PORT_DPC_ENABLE_DSM with PCI Firmware r3.3
(git-fixes).
- KEYS: trusted: Do not use WARN when encode fails (git-fixes).
- KEYS: trusted: Fix memory leak in tpm2_key_encode() (git-fixes).
- firmware: dmi-id: add a release callback function (git-fixes).
- watchdog: rti_wdt: Set min_hw_heartbeat_ms to accommodate a
safety margin (git-fixes).
- watchdog: cpu5wdt.c: Fix use-after-free bug caused by
cpu5wdt_trigger (git-fixes).
- pinctrl: armada-37xx: remove an unused variable (git-fixes).
- nilfs2: make superblock data array index computation sparse
friendly (git-fixes).
- clk: qcom: mmcc-msm8998: fix venus clock issue (git-fixes).
- watchdog: ixp4xx: Make sure restart always works (git-fixes).
- commit 4148cf4
- Update
patches.suse/bpf-sockmap-Prevent-lock-inversion-deadlock-in-map-d.patch
(bsc#1209657 CVE-2023-0160 CVE-2024-35895 bsc#1224511).
- Update
patches.suse/fs-aio-Check-IOCB_AIO_RW-before-the-struct-aio_kiocb.patch
(bsc#1222721 CVE-2024-26764 CVE-2024-35815 bsc#1224685).
- Update
patches.suse/nfsd-Fix-error-cleanup-path-in-nfsd_rename.patch
(bsc#1221044 CVE-2023-52591 CVE-2024-35914 bsc#1224482).
- Update
patches.suse/wifi-brcmfmac-Fix-use-after-free-bug-in-brcmf_cfg802.patch
(CVE-2023-47233 bsc#1216702 CVE-2024-35811 bsc#1224592).
- commit 78f49e4
- Update
patches.suse/bpf-Guard-stack-limits-against-32bit-overflow.patch
(git-fixes CVE-2023-52676 bsc#1224730).
- commit bdae745
- Update patches.suse/afs-Fix-page-leak.patch (stable-5.14.9
CVE-2021-47365 bsc#1224895).
- Update
patches.suse/drm-amdgpu-Fix-even-more-out-of-bound-writes-from-de.patch
(bsc#1191949 CVE-2021-42327 stable-5.14.16 CVE-2021-47489
bsc#1224901).
- Update
patches.suse/mm-khugepaged-skip-huge-page-collapse-for-special-fi.patch
(stable-5.14.16 bsc#1193983 CVE-2021-4148 CVE-2021-47491
bsc#1224900).
- Update
patches.suse/mm-thp-bail-out-early-in-collapse_file-for-writeback.patch
(stable-5.14.16 CVE-2021-47492 bsc#1224898).
- commit 9ce4e35
- Update
patches.suse/drm-nouveau-avoid-a-use-after-free-when-BO-init-fail.patch
(git-fixes stable-5.14.12 CVE-2020-36788 bsc#1224816).
- commit 92d2a7f
- Update patches.suse/powerpc-powernv-Add-a-null-pointer-check-in-opal_eve.patch
(bsc#1065729 CVE-2023-52686).
- Update patches.suse/powerpc-powernv-Add-a-null-pointer-check-to-scom_deb.patch
(bsc#1194869 CVE-2023-52690).
- commit 2a79a5d
- blacklist.conf: Add a1fd0b9d751f sched/fair: Allow disabling sched_balance_newidle with sched_relax_domain_level
- commit b928aae
- blacklist.conf: Add 8b8ace080319 block: fix q->blkg_list corruption during disk rebind
...and its prerequisite.
- commit c97b9f9
- s390/cio: fix tracepoint subchannel type field (git-fixes
bsc#1224796).
- commit 681015b
- s390/bpf: Emit a barrier for BPF_FETCH instructions (git-fixes
bsc#1224795).
- commit 99a2b7b
- KVM: s390: Check kvm pointer when testing KVM_CAP_S390_HPAGE_1M
(git-fixes bsc#1224794).
- commit 9db7bb3
- blacklist.conf: add "libbpf: Fix NULL pointer dereference in bpf_object__collect_prog_relos"
- commit 10a4e51
- scsi: qla2xxx: Fix double free of fcport (bsc#1223715
CVE-2024-26929).
- commit b3136a1
- scsi: smartpqi: Fix disable_managed_interrupts (git-fixes
bsc#1222608 CVE-2024-26742).
- commit c1f56fa
- Update
patches.suse/sysv-don-t-call-sb_bread-with-pointers_lock-held.patch
(git-fixes CVE-2023-52699).
- commit ff72612
- Update
patches.suse/ubifs-Set-page-uptodate-in-the-correct-place.patch
(git-fixes CVE-2024-35821).
- commit 06c29ae
- blacklist.conf: ("dt-bindings: iio: health: maxim,max30102: fix compatible check")
- commit 07f5bfe
- blacklist.conf: ("dt-bindings: display: ti,am65x-dss: Add support for common1 region")
- commit a826456
- blacklist.conf: ("dt-bindings: arm: rockchip: Correct vendor for Orange Pi RK3399 board")
- commit f64b409
- dt-bindings: clock: qcom: Add missing UFS QREF clocks (git-fixes)
- commit 75af646
- blacklist.conf: ("dt-bindings: arm: qcom: drop the superfluous device compatibility")
- commit 98f7e2c
- blacklist.conf: ("dt-bindings: riscv: cpus: Clarify mmu-type interpretation")
- commit 4c1baf8
- blacklist.conf: ("dt-bindings: rtc: qcom-pm8xxx: fix inconsistent example")
- commit 540d1b9
- blacklist.conf: ("dt-bindings: media: renesas,vin: Fix field-even-active spelling")
- commit 22e1af0
- blacklist.conf: ("dt-bindings: iio/adc: qcom,spmi-vadc: fix example node names")
- commit fb5277a
- blacklist.conf: ("dt-bindings: iio/adc: qcom,spmi-iadc: fix example node name")
- commit 543ec38
- blacklist.conf: ("dt-bindings: mfd: hisilicon,hi6421-spmi-pmic: Fix regulator binding")
- commit f5d6a06
- blacklist.conf: ("dt-bindings: mfd: hisilicon,hi6421-spmi-pmic: Fix up binding")
- commit 15133cc
- blacklist.conf: ("dt-bindings: mmc: sdhci-pxa: Fix 'regs' typo")
- commit c7887f6
- blacklist.conf: ("dt-bindings: Remove alt_ref from versal")
- commit a75ae45
- blacklist.conf: ("dt-bindings: thermal: qcom-spmi-adc-tm5/hc: Fix example node names")
- commit 67fe04a
- blacklist.conf: ("dt-bindings: nvmem: mxs-ocotp: Document fsl,ocotp")
- commit 5e81b59
- blacklist.conf: ("dt-bindings: panel-simple-dsi: move LG 5" HD TFT LCD panel into DSI")
- commit 33d5f8a
- blacklist.conf: ("dt-bindings: trivial-devices: Fix MEMSIC MXC4005 compatible string")
- commit 89a2df5
- blacklist.conf: ("dt-bindings: net: mediatek,net: add missing mediatek,mt7621-eth")
- commit 727c548
- blacklist.conf: ("dt-bindings: net: rockchip-dwmac: fix {tx|rx}-delay defaults/range in")
- commit ab68edc
- blacklist.conf: ("dt-bindings: clock: qcom,gcc-sm8250: add missing bi_tcxo_ao clock")
- commit 52da43d
- blacklist.conf: ("dt-bindings: pm8941-misc: Fix usb_id and usb_vbus definitions")
- commit a42a970
- blacklist.conf: ("dt-bindings: iio: ad7192: Add mandatory reference voltage source")
- commit b4e9e96
- blacklist.conf: ("dt-bindings: display/msm: dsi-controller-main: Document qcom,")
- commit bd4cacf
- blacklist.conf: ("dt-bindings: mailbox: qcom,apcs-kpss-global: correct SDX55 clocks")
- commit 2028c09
- blacklist.conf: ("dt-bindings: display: novatek,nt36672a: correct VDDIO supply")
- commit 4857fdf
- blacklist.conf: ("dt-bindings: gpu: mali-bifrost: Fix power-domain-names validation")
- commit db0bde8
- blacklist.conf: ("dt-bindings: mailbox: qcom: correct the list of platforms using")
- commit 0ce56a3
- blacklist.conf: ("dt-bindings: mailbox: qcom: add SDX55 compatible")
- commit a74bad0
- blacklist.conf: ("dt-bindings: phy: amlogic,g12a-usb3-pcie-phy: add missing optional")
- commit 2e226ef
- blacklist.conf: ("ASoC: qcom: dt-bindings: lpass-va-macro: Update clock name")
- commit f62ea0a
- blacklist.conf: ("dt-bindings: phy: g12a-usb2-phy: fix compatible string documentation")
- commit 208b061
- blacklist.conf: ("dt-bindings: phy: g12a-usb3-pcie-phy: fix compatible string")
- commit 8a48b9d
- blacklist.conf: ("dt-bindings: msm: dsi-controller-main: Fix power-domain constraint")
- commit c5566b8
- blacklist.conf: ("dt-bindings: mmc: mtk-sd: Set clocks based on compatible")
- commit 53afd50
- blacklist.conf: ("dt-bindings: PCI: fu740-pci: fix missing clock-names")
- commit 6782e29
- blacklist.conf: ("dt-bindings: mailbox: fix the mpfs' reg property")
- commit bfd3dd0
- blacklist.conf: ("dt-bindings: phy: qcom,qmp-usb: add missing qcom,sc7180-qmp-usb3-phy")
- commit f5485ba
- blacklist.conf: ("dt-bindings: phy: qcom,qmp-usb: add missing child node schema")
- commit 582911b
- blacklist.conf: ("dt-bindings: phy: qcom,qmp-ufs: add missing child node schema")
- commit 15f94b3
- blacklist.conf: ("dt-bindings: phy: qcom,qmp-pcie: add missing child node schema")
- commit b698bb5
- blacklist.conf: ("dt-bindings: phy: qcom,msm8996-qmp-pcie: add missing child node")
- commit 357977a
- blacklist.conf: ("dt-bindings: hwmon: sparx5: use correct clock")
- commit 3cdd468
- blacklist.conf: ("dt-bindings: riscv: fix SiFive l2-cache's cache-sets")
- commit 6986322
- blacklist.conf: ("dt-bindings: arm: qcom: fix Longcheer L8150 compatibles")
- commit e170deb
- blacklist.conf: ("dt-bindings: remoteproc: mediatek: Make l1tcm reg exclusive to mt819x")
- commit 5f209c0
- blacklist.conf: ("dt-bindings: pinctrl: aspeed-g6: remove FWQSPID group")
- commit 3a53ac7
- blacklist.conf: ("dt-bindings: mfd: samsung,exynos5433-lpass: Fix")
- commit 407acb7
- blacklist.conf: ("dt-bindings: net: snps: remove duplicate name")
- commit f7543e1
- blacklist.conf: ("dt-bindings: memory: mtk-smi: Correct minItems to 2 for the gals")
- commit 5970048
- blacklist.conf: ("dt-bindings: memory: mtk-smi: Rename clock to clocks")
- commit 96f85b3
- blacklist.conf: ("Revert "dt-bindings: pinctrl: bcm4708-pinmux: rework binding to use")
- commit 89b2a7f
- bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq (git-fixes)
- commit 4e2227a
- RDMA/rxe: Add ibdev_dbg macros for rxe (git-fixes)
- commit c90aa66
- RDMA/rxe: Fix incorrect rxe_put in error path (git-fixes)
- commit 101e7e8
- RDMA/rxe: Replace pr_xxx by rxe_dbg_xxx in rxe_net.c (git-fixes)
- commit 9b195ba
- RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt (git-fixes)
- commit 8706619
- RDMA/rxe: Split rxe_run_task() into two subroutines (git-fixes)
- commit dda4cd3
- RDMA/IPoIB: Fix format truncation compilation errors (git-fixes)
- commit 8a7e34d
- IB/mlx5: Use __iowrite64_copy() for write combining stores (git-fixes)
- commit babd9f3
- RDMA/hns: Modify the print level of CQE error (git-fixes)
- commit a60c9b0
- RDMA/hns: Use complete parentheses in macros (git-fixes)
- commit dd98c69
- RDMA/hns: Fix GMV table pagesize (git-fixes)
- commit 1491654
- RDMA/hns: Fix UAF for cq async event (git-fixes)
- commit 6714845
- RDMA/hns: Fix deadlock on SRQ async events. (git-fixes)
- commit d4ad30e
- RDMA/hns: Add max_ah and cq moderation capacities in query_device() (git-fixes)
- commit 10645e8
- RDMA/hns: Fix return value in hns_roce_map_mr_sg (git-fixes)
- commit c414cca
- RDMA/mlx5: Adding remote atomic access flag to updatable flags (git-fixes)
- commit ffe591d
- qibfs: fix dentry leak (git-fixes)
- commit 610d1c4
- RDMA/mlx5: Fix port number for counter query in multi-port configuration (git-fixes)
- commit 38a61b1
- RDMA/rxe: Fix the problem "mutex_destroy missing" (git-fixes)
- commit e67f56e
- blacklist.conf: Add unaffecting CVE
for branch-reachability CVE checker
- commit c6313c8
- powerpc/pseries/vio: Don't return ENODEV if node or compatible
missing (bsc#1220783).
- commit 1f4ad41
- fs/9p: drop inodes immediately on non-.L too (git-fixes).
- commit f8629fb
- 9p: explicitly deny setlease attempts (git-fixes).
- commit 87fc9de
- fs/9p: translate O_TRUNC into OTRUNC (git-fixes).
- commit 5d62c08
- fs/9p: only translate RWX permissions for plain 9P2000
(git-fixes).
- commit 4c1bbf3
- blacklist.conf: Add reverted dmaengine commit entries
- commit c217056
- Bluetooth: qca: fix firmware check error path (git-fixes).
- dyndbg: fix old BUG_ON in >control parser (stable-fixes).
- mei: me: add lunar lake point M DID (stable-fixes).
- ASoC: meson: axg-fifo: use threaded irq to check periods
(git-fixes).
- drm/amd/display: Atom Integrated System Info v2_2 for DCN35
(stable-fixes).
- drm/amd/display: Handle Y carry-over in VCP X.Y calculation
(stable-fixes).
- regulator: mt6360: De-capitalize devicetree regulator subnodes
(git-fixes).
- power: rt9455: hide unused rt9455_boost_voltage_values
(git-fixes).
- pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map()
(git-fixes).
- pinctrl: core: delete incorrect free in pinctrl_enable()
(git-fixes).
- pinctrl/meson: fix typo in PDM's pin name (git-fixes).
- pinctrl: pinctrl-aspeed-g6: Fix register offset for pinconf
of GPIOR-T (git-fixes).
- clk: Don't hold prepare_lock when calling kref_put()
(stable-fixes).
- drm/nouveau/dp: Don't probe eDP ports twice harder
(stable-fixes).
- net:usb:qmi_wwan: support Rolling modules (stable-fixes).
- gpio: crystalcove: Use -ENOTSUPP consistently (stable-fixes).
- gpio: wcove: Use -ENOTSUPP consistently (stable-fixes).
- gpu: host1x: Do not setup DMA for virtual devices
(stable-fixes).
- drm/amdgpu: Refine IB schedule error logging (stable-fixes).
- firewire: ohci: mask bus reset interrupts between ISR and
bottom half (stable-fixes).
- ata: sata_gemini: Check clk_enable() result (stable-fixes).
- ALSA: line6: Zero-initialize message buffers (stable-fixes).
- wifi: cfg80211: fix rdev_dump_mpp() arguments order
(stable-fixes).
- wifi: mac80211: fix ieee80211_bss_*_flags kernel-doc
(stable-fixes).
- ASoC: meson: axg-fifo: use FIELD helpers (stable-fixes).
- commit 5c4ce2b
- Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout
(bsc#1224174 CVE-2024-27398).
- commit d55ff83
- af_unix: Replace BUG_ON() with WARN_ON_ONCE() (bsc#1223384).
- af_unix: Do not use atomic ops for unix_sk(sk)->inflight (bsc#1223384).
- commit 2a3dbea
- dm-multipath: dont't attempt SG_IO on non-SCSI-disks
(bsc#1223575).
- commit f1fed0b
- btrfs: fix silent failure when deleting root reference (git-fixes)
- commit f078eaa
- btrfs: add error messages to all unrecognized mount options (git-fixes)
- commit c636d84
- btrfs: repair super block num_devices automatically (git-fixes)
- commit 32923eb
- btrfs: fix btrfs_submit_compressed_write cgroup attribution (git-fixes)
- commit d70817a
- btrfs: fix qgroup reserve overflow the qgroup limit (git-fixes)
- commit ff787e8
- btrfs: fix fallocate to use file_modified to update permissions consistently (git-fixes)
- commit b395410
- btrfs: extend locking to all space_info members accesses (git-fixes)
- commit 4332b8c
- btrfs: make search_csum_tree return 0 if we get -EFBIG (git-fixes)
- commit 41ad45c
- btrfs: prevent copying too big compressed lzo segment (git-fixes)
- commit bc68d31
- blacklist.conf: btrfs: cleanup, unused variable removal
- commit f116b06
- btrfs: send: in case of IO error log it (git-fixes)
- commit ae97fc7
- btrfs: fix use-after-free after failure to create a snapshot (git-fixes)
- commit 83c095f
- btrfs: tree-checker: check item_size for dev_item (git-fixes)
- commit 8756aca
- btrfs: tree-checker: check item_size for inode_item (git-fixes)
- commit 23fe652
- btrfs: remove BUG_ON(!eie) in find_parent_nodes (git-fixes)
- commit a052f3d
- btrfs: remove BUG_ON() in find_parent_nodes() (git-fixes)
- commit e0cc982
- btrfs: fix missing blkdev_put() call in btrfs_scan_one_device() (git-fixes)
- commit 602c5bc
- btrfs: replace the BUG_ON in btrfs_del_root_ref with proper error handling (git-fixes)
- commit cb7f515
- btrfs: free exchange changeset on failures (git-fixes)
- commit caf57c7
- blacklist.conf: btrfs: check-integrity not built
- commit ea24c09
- blacklist.conf: btrfs: cleanup, unused variable removal
- commit c0b042e
- blacklist.conf: btrfs: comment removal
- commit de4bb23
- platform/x86/intel-uncore-freq: Don't present root domain on
error (git-fixes).
- platform/x86: xiaomi-wmi: Fix race condition when reporting
key events (git-fixes).
- mtd: rawnand: hynix: fixed typo (git-fixes).
- mtd: core: Report error if first mtd_otp_size() call fails in
mtd_otp_nvmem_add() (git-fixes).
- mmc: sdhci_am654: Write ITAPDLY for DDR52 timing (git-fixes).
- mmc: sdhci_am654: Add tuning algorithm for delay chain
(git-fixes).
- media: stk1160: fix bounds checking in stk1160_copy_video()
(git-fixes).
- media: mc: mark the media devnode as registered from the,
start (git-fixes).
- media: atomisp: ssh_css: Fix a null-pointer dereference in
load_video_binaries (git-fixes).
- media: dt-bindings: ovti,ov2680: Fix the power supply names
(git-fixes).
- media: ngene: Add dvb_ca_en50221_init return value check
(git-fixes).
- ASoC: tracing: Export SND_SOC_DAPM_DIR_OUT to its value
(git-fixes).
- ASoC: Intel: avs: Fix potential integer overflow (git-fixes).
- ASoC: Intel: avs: Fix ASRC module initialization (git-fixes).
- ASoC: kirkwood: Fix potential NULL dereference (git-fixes).
- ASoC: Intel: avs: ssm4567: Do not ignore route checks
(git-fixes).
- ASoC: Intel: Disable route checks for Skylake boards
(git-fixes).
- ASoC: mediatek: mt8192: fix register configuration for tdm
(git-fixes).
- ALSA: hda/cs_dsp_ctl: Use private_free for control cleanup
(git-fixes).
- fbdev: savage: Handle err return when savagefb_check_var failed
(git-fixes).
- fbdev: sisfb: hide unused variables (git-fixes).
- fbdev: shmobile: fix snprintf truncation (git-fixes).
- Revert "drm/bridge: ti-sn65dsi83: Fix enable error path"
(git-fixes).
- drm/msm/dpu: Always flush the slave INTF on the CTL (git-fixes).
- drm/msm/dsi: Print dual-DSI-adjusted pclk instead of original
mode pclk (git-fixes).
- drm/msm/dp: allow voltage swing / pre emphasis of 3 (git-fixes).
- drm/mediatek: Add 0 size check to mtk_drm_gem_obj (git-fixes).
- drm/bridge: tc358775: fix support for jeida-18 and jeida-24
(git-fixes).
- drm/panel: simple: Add missing Innolux G121X1-L03 format,
flags, connector (git-fixes).
- drm/panel: novatek-nt35950: Don't log an error when DSI host
can't be found (git-fixes).
- drm/bridge: dpc3433: Don't log an error when DSI host can't
be found (git-fixes).
- drm/bridge: tc358775: Don't log an error when DSI host can't
be found (git-fixes).
- drm/bridge: lt9611: Don't log an error when DSI host can't be
found (git-fixes).
- drm/bridge: lt8912b: Don't log an error when DSI host can't
be found (git-fixes).
- drm/bridge: icn6211: Don't log an error when DSI host can't
be found (git-fixes).
- drm/bridge: anx7625: Don't log an error when DSI host can't
be found (git-fixes).
- drm: vc4: Fix possible null pointer dereference (git-fixes).
- drm/arm/malidp: fix a possible null pointer dereference
(git-fixes).
- drm/amd: Flush GFXOFF requests in prepare stage (git-fixes).
- drm/amd/display: Fix potential index out of bounds in color
transformation function (git-fixes).
- drm: bridge: cdns-mhdp8546: Fix possible null pointer
dereference (git-fixes).
- drm/meson: vclk: fix calculation of 59.94 fractional rates
(git-fixes).
- drm/panel: atna33xc20: Fix unbalanced regulator in the case
HPD doesn't assert (git-fixes).
- drm/lcdif: Do not disable clocks on already suspended hardware
(git-fixes).
- Bluetooth: qca: Fix error code in qca_read_fw_build_info()
(git-fixes).
- wifi: mwl8k: initialize cmd->addr[] properly (git-fixes).
- wifi: ar5523: enable proper endpoint verification (git-fixes).
- wifi: carl9170: add a proper sanity check for endpoints
(git-fixes).
- wifi: ath10k: populate board data for WCN3990 (git-fixes).
- wifi: ath10k: Fix an error code problem in
ath10k_dbg_sta_write_peer_debug_trigger() (git-fixes).
- wifi: carl9170: re-fix fortified-memset warning (git-fixes).
- net: nfc: remove inappropriate attrs check (stable-fixes).
- wifi: ath11k: don't force enable power save on non-running vdevs
(git-fixes).
- wifi: ath10k: poll service ready message before failing
(git-fixes).
- ata: pata_legacy: make legacy_exit() work again (git-fixes).
- efi: libstub: only free priv.runtime_map when allocated
(git-fixes).
- HID: intel-ish-hid: ipc: Add check for pci_alloc_irq_vectors
(git-fixes).
- hwmon: (lm70) fix links in doc and comments (git-fixes).
- ACPI: LPSS: Advertise number of chip selects via property
(git-fixes).
- ACPI: Fix Generic Initiator Affinity _OSC bit (git-fixes).
- ACPI: bus: Indicate support for _TFP thru _OSC (git-fixes).
- ACPI: disable -Wstringop-truncation (git-fixes).
- cppc_cpufreq: Fix possible null pointer dereference (git-fixes).
- thermal/drivers/tsens: Fix null pointer dereference (git-fixes).
- crypto: x86/sha512-avx2 - add missing vzeroupper (git-fixes).
- crypto: x86/sha256-avx2 - add missing vzeroupper (git-fixes).
- crypto: x86/nh-avx2 - add missing vzeroupper (git-fixes).
- crypto: ccp - drop platform ifdef checks (git-fixes).
- crypto: bcm - Fix pointer arithmetic (git-fixes).
- crypto: ecdsa - Fix module auto-load on add-key (git-fixes).
- admin-guide/hw-vuln/core-scheduling: fix return type of
PR_SCHED_CORE_GET (git-fixes).
- soc: mediatek: cmdq: Fix typo of CMDQ_JUMP_RELATIVE (git-fixes).
- soc: qcom: rpmh-rsc: Enhance check for VRM in-flight request
(git-fixes).
- firmware: raspberrypi: Use correct device for DMA mappings
(git-fixes).
- Bluetooth: hci_sync: Avoid use-after-free in dbg for
hci_add_adv_monitor() (git-fixes).
- commit b58e70a
- drm/msm/dpu: Add mutex lock in control vblank irq (CVE-2023-52586 bsc#1221081).
- commit 29edf8b
- Move upstreamed patches into sorted section
- commit 5da5b18
- scsi: qla2xxx: Fix double free of the ha->vp_map pointer
(bsc#1223626 CVE-2024-26930).
- commit dba3cc6
- Update
patches.suse/io_uring-af_unix-disable-sending-io_uring-over-socke.patch
(bsc#1218447 CVE-2023-6531 CVE-2023-52654 bsc#1224099).
- commit 659f245
- s390/cpum_cf: make crypto counters upward compatible across
machine types (bsc#1224346).
- commit 92b222a
- blacklist.conf: mfd fixes that break KABI and are not relevant
- commit dc96e9c
- net: usb: ax88179_178a: fix link status when link is set to
down/up (git-fixes).
- commit e11b05f
- net: usb: smsc95xx: stop lying about skb->truesize (git-fixes).
- commit 3074ef8
- net: usb: sr9700: stop lying about skb->truesize (git-fixes).
- commit 7392ae5
- usb: aqc111: stop lying about skb->truesize (git-fixes).
- commit b6e5b9b
- powerpc/eeh: Use a goto for recovery failures (bsc#1223991
ltc#205740).
- powerpc/eeh: Small refactor of eeh_handle_normal_event()
(bsc#1223991 ltc#205740).
- Refresh patches.suse/powerpc-eeh-Set-channel-state-after-notifying-the-dr.patch
- commit de617cf
- powerpc/eeh: Permanently disable the removed device (bsc#1223991
ltc#205740).
- commit 2349f02
- iomap: iomap: fix memory corruption when recording errors during writeback (git-fixes)
- commit 440eb05
- iomap: Support partial direct I/O on user copy failures (git-fixes)
- commit 0f43a22
- iomap: Fix inline extent handling in iomap_readpage (git-fixes)
- commit 61ce074
- net: openvswitch: Fix Use-After-Free in ovs_ct_exit (bsc#1224098
CVE-2024-27395).
- commit 9dd8826
- Refresh
patches.suse/powerpc-pseries-iommu-LPAR-panics-during-boot-up-wit.patch.
- Refresh
patches.suse/x86-boot-Ignore-relocations-in-.notes-sections-in-walk_rel.patch.
- commit 9696669
- net: gtp: Fix Use-After-Free in gtp_dellink (bsc#1224096
CVE-2024-27396).
- commit 3a088c1
- usb: dwc3: gadget: Fix NULL pointer dereference in
dwc3_gadget_suspend (bsc#1222561 CVE-2024-26715).
- commit a21446a
- usb: dwc3: Remove DWC3 locking during gadget suspend/resume
(bsc#1222561 CVE-2024-26715).
- Refresh
patches.suse/usb-dwc3-gadget-Improve-dwc3_gadget_suspend-and-dwc3.patch.
- commit a8e6e1a
- btrfs: add missing mutex_unlock in btrfs_relocate_sys_chunks() (git-fixes)
- commit 20c1915
- Bluetooth: hci_sync: Don't double print name in add/remove
adv_monitor (bsc#1216358).
- commit c312f28
- usb: ulpi: Fix debugfs directory leak (bsc#1223847
CVE-2024-26919).
- commit 97ae025
- xfs: fix exception caused by unexpected illegal bestcount in
leaf dir (git-fixes).
- commit 354440e
- xfs: Fix false ENOSPC when performing direct write on a delalloc
extent in cow fork (git-fixes).
- commit 09541ce
- xfs: fix inode reservation space for removing transaction
(git-fixes).
- commit 47013bd
- xfs: add missing cmap->br_state = XFS_EXT_NORM update
(git-fixes).
- commit 4d7f88f
- xfs: fix imprecise logic in xchk_btree_check_block_owner
(git-fixes).
- commit 0e818cc
- xfs: shrink failure needs to hold AGI buffer (git-fixes).
- commit 9c49a44
- sysv: don't call sb_bread() with pointers_lock held (git-fixes).
- commit 55f88f8
- jffs2: prevent xattr node from overflowing the eraseblock
(git-fixes).
- commit d6d35af
- nilfs2: fix out-of-range warning (git-fixes).
- commit 5e5e50a
- Update
patches.suse/usb-aqc111-check-packet-for-fixup-for-true-limit.patch
(bsc#1217169 CVE-2023-52655).
Added bugzilla ID and CVE
- commit a741c33
- Update
patches.suse/usb-aqc111-check-packet-for-fixup-for-true-limit.patch
(bsc#1217169 CVE-2023-52655).
Added bugzilla ID and CVE
- commit e177a81
- btrfs: send: return EOPNOTSUPP on unknown flags (git-fixes)
- commit df207bd
- selftests/pidfd: Fix config for pidfd_setns_test (git-fixes).
- firewire: nosy: ensure user_length is taken into account when
fetching packet contents (CVE-2024-27401 bsc#1224181).
- commit c84510f
- btrfs: export: handle invalid inode or root reference in btrfs_get_parent() (git-fixes)
- commit 262f224
- btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks() (git-fixes)
- commit 616144a
- btrfs: fix information leak in btrfs_ioctl_logical_to_ino() (git-fixes)
- commit 7d4e374
- btrfs: fix off-by-one chunk length calculation at contains_pending_extent() (git-fixes)
- commit 7ffe18f
- btrfs: send: handle path ref underflow in header iterate_inode_ref() (git-fixes)
- commit 41270ad
- md: fix kmemleak of rdev->serial (CVE-2024-26900, bsc#1223046).
- commit 46303cd
- btrfs: send: ensure send_fd is writable (git-fixes)
- commit bb19617
- aoe: avoid potential deadlock at set_capacity (CVE-2024-26775,
bsc#1222627).
- commit 6e30008
- blacklist.conf: add 13f3956eb5681a4045a8dfdef48df5dc4d9f58a6 which
breaks KABI
- commit 61d5c73
- fail_function: fix wrong use of fei_attr_remove().
- commit fbd7566
- KVM: x86: Delete duplicate documentation for
KVM_X86_SET_MSR_FILTER (git-fixes).
- commit db41c1c
- blacklist.conf: pure cleanup
- commit 2720339
- blacklist.conf: relevant only without a config option we always set
- commit b3ed637
- locking/atomic: Make test_and_*_bit() ordered on failure
(git-fixes).
- commit 1d020ff
- blacklist.conf: not relevant in our build
- commit 09d07f3
- cpu/hotplug: Remove the 'cpu' member of cpuhp_cpu_state
(git-fixes).
- commit 6a4baff
- nfs: fix UAF in direct writes (bsc#1223653 CVE-2024-26958).
- commit e54fcee
- drm/connector: Add \n to message about demoting connector
force-probes (git-fixes).
- drm/meson: dw-hdmi: add bandgap setting for g12 (git-fixes).
- drm/meson: dw-hdmi: power up phy on device init (git-fixes).
- drm/amdkfd: don't allow mapping the MMIO HDP page with large
pages (git-fixes).
- dm/amd/pm: Fix problems with reboot/shutdown for some SMU
13.0.4/13.0.11 users (git-fixes).
- drm/i915/bios: Fix parsing backlight BDB data (git-fixes).
- regulator: core: fix debugfs creation regression (git-fixes).
- commit 0e34b53
- netfilter: nf_tables: mark set as dead when unbinding anonymous
set with timeout (bsc#1221829 CVE-2024-26643).
- commit cfcc70a
- x86/kvm: Do not try to disable kvmclock if it was not enabled (git-fixes).
- commit 1ace211
- mfd: intel-lpss: Revert "Add missing check for
platform_get_resource" (git-fixes).
- mfd: tqmx86: Specify IO port register range more precisely
(git-fixes).
- mfd: ti_am335x_tscadc: Support the correctly spelled DT property
(git-fixes).
- counter: stm32-timer-cnt: Provide defines for slave mode
selection (git-fixes).
- counter: stm32-lptimer-cnt: Provide defines for clock polarities
(git-fixes).
- commit 763351d
- block/rnbd-srv: Check for unlikely string overflow (bsc#1221615
CVE-2023-52618).
- commit 7417f1e
- hwmon: (pmbus/ucd9000) Increase delay from 250 to 500us
(git-fixes).
- hwmon: (corsair-cpro) Protect ccp->wait_input_report with a
spinlock (git-fixes).
- hwmon: (corsair-cpro) Use complete_all() instead of complete()
in ccp_raw_event() (git-fixes).
- hwmon: (corsair-cpro) Use a separate buffer for sending commands
(git-fixes).
- Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout
(git-fixes).
- Bluetooth: qca: fix info leak when fetching fw build id
(git-fixes).
- Bluetooth: qca: fix NVM configuration parsing (git-fixes).
- Bluetooth: qca: add missing firmware sanity checks (git-fixes).
- Bluetooth: msft: fix slab-use-after-free in msft_do_close()
(git-fixes).
- Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout
(git-fixes).
- ARM: 9381/1: kasan: clear stale stack poison (git-fixes).
- commit 9f11ba4
- Update
patches.suse/xen-netfront-Add-missing-skb_mark_for_recycle.patch
(git-fixes CVE-2024-27393 bsc#1224076).
- commit 80c2241
- kcm: do not sense pfmemalloc status in kcm_sendpage()
(git-fixes bsc#1223959)
- commit 99fbfaf
- net: do not sense pfmemalloc status in skb_append_pagefrags()
(git-fixes bsc#1223959)
- commit 08d0491
- net: introduce __skb_fill_page_desc_noacc
(git-fixes bsc#1223959)
- commit 4746bcf
- tcp: TX zerocopy should not sense pfmemalloc status
(CVE-2022-48689 bsc#1223959)
- commit 04462e7
- net: vmxnet3: Fix NULL pointer dereference in
vmxnet3_rq_rx_complete() (bsc#1223360).
- commit 7acf5e5
- Update
patches.suse/USB-core-Fix-deadlock-in-port-disable-sysfs-attribut.patch
(bsc#1223670 CVE-2024-26933).
- commit 00172be
- netfilter: nf_tables: clean up hook list when offload flags check fails
(CVE-2022-48691 bsc#1223961)
- commit 0430a1c
- netfilter: nf_tables: bail out early if hardware offload is not supported
(git-fixes bsc#1223961)
- commit faaa2c1
- Update
patches.suse/USB-usb-storage-Prevent-divide-by-0-error-in-isd200_.patch
(bsc#1223738 CVE-2024-27059).
Added CVE and bugzilla ID
- commit a7346fe
- drm/amdgpu: Reset IH OVERFLOW_CLEAR bit (bsc#1223207 CVE-2024-26915)
- commit 8adefb2
- Update
patches.suse/crypto-xilinx-call-finalize-with-bh-disabled.patch
(bsc#1223140 CVE-2024-26877).
CVE and bugzilla id added
- commit 73d8093
- x86/bugs: Rename various 'ia32_cap' variables to 'x86_arch_cap_msr' (git-fixes).
- Refresh patches.suse/x86-bugs-Fix-BHI-handling-of-RRSBA.patch.
- commit 2155e75
- x86/bugs: Fix BHI retpoline check (git-fixes).
- commit 54de3e2
- x86/bugs: Fix BHI handling of RRSBA (git-fixes).
- commit 7067d06
- x86/bugs: Fix BHI documentation (git-fixes).
- commit c9aeaed
- blacklist.conf: We don't have syscall hardening
- commit 22f583b
- x86/bugs: Cache the value of MSR_IA32_ARCH_CAPABILITIES (git-fixes).
- commit 7152334
- x86/bugs: Fix return type of spectre_bhi_state() (git-fixes).
- commit f36b29c
- Fix "drm/amd/display: Fix MST Null Ptr for RV" (CVE-2024-26700 bsc#1222870)
Attibute the patch to the correct bsc# and CVE numbers.
- commit ba486d5
- Update "drm/vmwgfx: Fix possible null pointer derefence with invalid contexts" (CVE-2024-26979 bsc#1223628)
- commit 2fa33a2
- Update
patches.suse/SUNRPC-fix-a-memleak-in-gss_import_v2_context.patch
(git-fixes bsc#1223858).
- commit 5cca6aa
- drm/i915/vma: Fix UAF on destroy against retire race (CVE-2024-26939 bsc#1223679).
- commit 017ecd8
- Update
patches.suse/sched-debug-fix-dentry-leak-in-update_sched_domain_d.patch
(git-fixes CVE-2022-48699 bsc#1223996).
- commit 201a58f
- USB: core: Add hub_get() and hub_put() routines (git-fixes).
- commit 2f340e7
- btrfs: dev-replace: properly validate device names (CVE-2024-26791 bsc#1222793)
- commit 71c7afc
- Update
patches.suse/cachefiles-fix-memory-leak-in-cachefiles_add_cache.patch
(bsc#1220267 bsc#1222976 CVE-2024-26840).
- commit a7d6da2
- Update patches.suse/aio-fix-mremap-after-fork-null-deref.patch
(git-fixes CVE-2023-52646 bsc#1223432).
- commit 2adb86a
- inet: read sk->sk_family once in inet_recv_error() (bsc#1222385
CVE-2024-26679).
- commit b5f1323
- USB: core: Fix access violation during port device removal
(git-fixes).
- commit 3a8cd11
- USB: core: Fix deadlock in port "disable" sysfs attribute
(git-fixes).
- commit 200e4b0
- usb: dwc3: core: Prevent phy suspend during init (Git-fixes).
- commit 49cc1c1
- Update
patches.suse/net-sched-act_mirred-don-t-override-retval-if-we-alr.patch
references (CVE-2024-26739 bsc#1222559, drop incorrect references).
- commit 892e634
- Update
patches.suse/1631-drm-i915-gem-Really-move-i915_gem_context.link-under.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225 jsc#PED-2849
a4e7ccdac38e ("drm/i915: Move context management under GEM")
CVE-2022-48662 bsc#1223505).
- commit a7faced
- netfilter: nft_ct: fix l3num expectations with inet pseudo
family (git-fixes).
- commit 87e8a80
- Reapply "drm/qxl: simplify qxl_fence_wait" (stable-fixes).
- commit 8f3269f
- Update
patches.suse/1576-drm-amd-display-fix-memory-leak-when-using-debugfs_l.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225 jsc#PED-2849
CVE-2022-48698 bsc#1223956).
- commit a0e3008
- Update patches.suse/ice-Fix-DMA-mappings-leak.patch (jsc#PED-376
CVE-2022-48690 bsc#1223960).
- commit 7e1bf3d
- Update
patches.suse/ALSA-emu10k1-Fix-out-of-bounds-access-in-snd_emu10k1.patch
(git-fixes CVE-2022-48702 bsc#1223923).
- Update
patches.suse/ALSA-usb-audio-Fix-an-out-of-bounds-bug-in-__snd_usb.patch
(git-fixes CVE-2022-48701 bsc#1223921).
- Update
patches.suse/RDMA-irdma-Fix-drain-SQ-hang-with-no-completion.patch
(jsc#SLE-18383 CVE-2022-48694 bsc#1223964).
- Update
patches.suse/RDMA-srp-Set-scmnd-result-only-when-scmnd-is-not-NUL.patch
(git-fixes CVE-2022-48692 bsc#1223962).
- Update
patches.suse/cgroup-Add-missing-cpus_read_lock-to-cgroup_attach_task_all.patch
(bsc#1196869 CVE-2022-48671 bsc#1223929).
- Update
patches.suse/drm-radeon-add-a-force-flush-to-delay-work-when-rade.patch
(git-fixes CVE-2022-48704 bsc#1223932).
- Update
patches.suse/i40e-Fix-kernel-crash-during-module-removal.patch
(jsc#SLE-18378 CVE-2022-48688 bsc#1223953).
- Update
patches.suse/ipv6-sr-fix-out-of-bounds-read-when-setting-HMAC-dat.patch
(bsc#1211592 CVE-2023-2860 CVE-2022-48687 bsc#1223952).
- Update
patches.suse/net-smc-Fix-possible-access-to-freed-memory-in-link-clear
(git-fixes CVE-2022-48673 bsc#1223934).
- Update
patches.suse/nvme-tcp-fix-uaf-when-detecting-digest-errors.patch
(bsc#1200313 bsc#1201489 CVE-2022-48686 bsc#1223948).
- Update patches.suse/nvmet-fix-a-use-after-free.patch (git-fixes
CVE-2022-48697 bsc#1223922).
- Update
patches.suse/of-fdt-fix-off-by-one-error-in-unflatten_dt_nodes.patch
(git-fixes CVE-2022-48672 bsc#1223931).
- Update
patches.suse/scsi-mpt3sas-Fix-use-after-free-warning.patch
(git-fixes CVE-2022-48695 bsc#1223941).
- Update
patches.suse/soc-brcmstb-pm-arm-Fix-refcount-leak-and-__iomem-lea.patch
(git-fixes CVE-2022-48693 bsc#1223963).
- Update
patches.suse/thermal-int340x_thermal-handle-data_vault-when-the-v.patch
(bsc#1201308 CVE-2022-48703 bsc#1223924).
- Update patches.suse/vfio-type1-Unpin-zero-pages.patch (git-fixes
CVE-2022-48700 bsc#1223957).
- commit c8677b5
- packet: annotate data-races around ignore_outgoing
(CVE-2024-26862 bsc#1223111).
- commit 6e591e7
- sctp: fix potential deadlock on &net->sctp.addr_wq_lock
(CVE-2024-0639 bsc#1218917).
- commit 517d4f7
- Update
patches.suse/drm-i915-gem-Really-move-i915_gem_context.link-under.patch
(CVE-2022-48662 bsc#1223505).
Unbreak metadata (References: collides with our internal tracking,
switch to Fixes: when referencing a commit).
- commit cd38265
- netfilter: nft_ct: sanitize layer 3 and 4 protocol number in
custom expectations (bsc#1222368 CVE-2024-26673).
- commit 785b7d0
- igc: avoid returning frame twice in XDP_REDIRECT (bsc#1223061
CVE-2024-26853).
- commit 021db33
- net: sparx5: Fix use after free inside sparx5_del_mact_entry
(bsc#1223052 CVE-2024-26856).
- commit fc5c6ad
- fs: sysfs: Fix reference leak in sysfs_break_active_protection() (CVE-2024-26993 bsc#1223693)
- commit b0c9830
- Update
patches.suse/IB-core-Fix-a-nested-dead-lock-as-part-of-ODP-flow.patch
(git-fixes CVE-2022-48675 bsc#1223894).
- Update
patches.suse/drm-gma500-Fix-BUG-sleeping-function-called-from-inv.patch
(git-fixes CVE-2022-48634 bsc#1223501).
- Update
patches.suse/drm-i915-gem-Really-move-i915_gem_context.link-under.patch
(CVE-2022-48662 bsc#1223505a4e7ccdac38e ("drm/i915: Move
context management under GEM") bsc#1223505).
- Update
patches.suse/i2c-mlxbf-prevent-stack-overflow-in-mlxbf_i2c_smbus_.patch
(git-fixes CVE-2022-48632 bsc#1223481).
- Update
patches.suse/ice-Fix-crash-by-keep-old-cfg-when-update-TCs-more-t.patch
(git-fixes CVE-2022-48652 bsc#1223520).
- Update
patches.suse/s390-dasd-fix-Oops-in-dasd_alias_get_start_dev-due-to-missing-pavgroup
(git-fixes CVE-2022-48636 bsc#1223512).
- commit 523501c
- blacklist.conf: add a not-relevant module-loader patch
- commit 90c64db
- ring-buffer: Only update pages_touched when a new page is
touched (git-fixes).
- commit b42aba1
- kprobes: Fix possible use-after-free issue on kprobe
registration (git-fixes).
- commit e007447
- ring-buffer: use READ_ONCE() to read cpu_buffer->commit_page
in concurrent environment (git-fixes).
- commit 118cfcd
- tracing/net_sched: Fix tracepoints that save qdisc_dev()
as a string (git-fixes).
- commit a272f90
- tracing: Show size of requested perf buffer (git-fixes).
- commit f8d068b
- Bluetooth: Add new quirk for broken read key length on ATS2851
(git-fixes).
- commit 9ac913a
- Bluetooth: hci_event: Fix sending HCI_OP_READ_ENC_KEY_SIZE
(git-fixes).
- commit 83cd609
- fuse: don't unhash root (bsc#1223951).
- fuse: fix root lookup with nonzero generation (bsc#1223950).
- virtio: treat alloc_dax() -EOPNOTSUPP failure as non-fatal
(bsc#1223949).
- commit fdf9216
- RDMA/cm: Print the old state when cm_destroy_id gets timeout
(git-fixes).
- commit 9b2934b
- nouveau: lock the client object tree. (bsc#1223834 CVE-2024-27062)
- commit e828498
- drm/nouveau/nvkm: add a replacement for nvkm_notify (bsc#1223834)
- commit 5647172
- drm/amdgpu: Fix potential out-of-bounds access in 'amdgpu_discovery_reg_base_init()' (CVE-2024-27042 bsc#1223823).
- commit f41733d
- drm/amd/display: fix NULL checks for adev->dm.dc in amdgpu_dm_fini() (CVE-2024-27041 bsc#1223714)
- commit ae6f7a9
- tun: limit printing rate when illegal packet received by tun
dev (bsc#1223745 CVE-2024-27013).
- net/mlx5e: Prevent deadlock while disabling aRFS (bsc#1223735
CVE-2024-27014).
- octeontx2-af: Use separate handlers for interrupts (bsc#1223790
CVE-2024-27030).
- wireguard: netlink: access device through ctx instead of peer
(bsc#1223661 CVE-2024-26950).
- wireguard: netlink: check for dangling peer via is_dead instead
of empty list (bsc#1223660 CVE-2024-26951).
- wireguard: receive: annotate data-race around
receiving_counter.counter (bsc#1223076 CVE-2024-26861).
- nfp: flower: handle acti_netdevs allocation failure (bsc#1223827
CVE-2024-27046).
- commit b495510
- drm/amd/display: Add a dc_state NULL check in dc_state_release (CVE-2024-26948 bsc#1223664)
- commit 211db77
- slimbus: qcom-ngd-ctrl: Add timeout for wait operation
(git-fixes).
- iio:imu: adis16475: Fix sync mode setting (git-fixes).
- iio: accel: mxc4005: Interrupt handling fixes (git-fixes).
- usb: typec: tcpm: Check for port partner validity before
consuming it (git-fixes).
- usb: typec: tcpm: unregister existing source caps before
re-registration (bsc#1220569).
- usb: Fix regression caused by invalid ep0 maxpacket in virtual
SuperSpeed device (git-fixes).
- usb: ohci: Prevent missed ohci interrupts (git-fixes).
- usb: gadget: f_fs: Fix a race condition when processing setup
packets (git-fixes).
- usb: gadget: composite: fix OS descriptors w_value logic
(git-fixes).
- commit d9cff03
- pstore: inode: Only d_invalidate() is needed (bsc#1223705
CVE-2024-27389).
- commit bbe965a
- ALSA: hda/realtek: Fix mute led of HP Laptop 15-da3001TU
(stable-fixes).
- ALSA: hda/realtek: Add quirk for HP SnowWhite laptops
(stable-fixes).
- commit 86753e0
- ASoC: meson: axg-tdm-interface: manage formatters in trigger
(git-fixes).
- ASoC: meson: axg-card: make links nonatomic (git-fixes).
- ASoC: meson: cards: select SND_DYNAMIC_MINORS (git-fixes).
- ASoC: ti: davinci-mcasp: Fix race condition during probe
(git-fixes).
- ASoC: tegra: Fix DSPK 16-bit playback (git-fixes).
- ALSA: hda: intel-sdw-acpi: fix usage of
device_get_named_child_node() (git-fixes).
- drm/panel: ili9341: Use predefined error codes (git-fixes).
- drm/panel: ili9341: Respect deferred probe (git-fixes).
- drm/vmwgfx: Fix invalid reads in fence signaled events
(git-fixes).
- drm/amdgpu: once more fix the call oder in amdgpu_ttm_move()
v2 (git-fixes).
- spi: hisi-kunpeng: Delete the dump interface of data registers
in debugfs (git-fixes).
- commit 79c4a57
- wifi: iwlwifi: mvm: ensure offloading TID queue exists
(CVE-2024-27056 bsc#1223822).
- wifi: iwlwifi: mvm: protect TXQ list manipulation
(CVE-2024-27056 bsc#1223822).
- commit 5895d13
- media: edia: dvbdev: fix a use-after-free (CVE-2024-27043
bsc#1223824).
- commit e3d9ce5
- clk: hisilicon: hi3559a: Fix an erroneous devm_kfree()
(CVE-2024-27039 bsc#1223821).
- commit 70ad74a
- clk: Fix clk_core_get NULL dereference (CVE-2024-27038
bsc#1223816).
- commit bcf8ce4
- Rename to
patches.suse/drm-i915-gem-Really-move-i915_gem_context.link-under.patch.
- commit e953a9a
- s390/qeth: Fix kernel panic after setting hsuid (git-fixes
bsc#1223879).
- commit 1b0c7f2
- s390/mm: Fix storage key clearing for guest huge pages
(git-fixes bsc#1223878).
- commit fc57acc
- s390/mm: Fix clearing storage keys for huge pages (git-fixes
bsc#1223877).
- commit c73273d
- s390/vdso: Add CFI for RA register to asm macro vdso_func
(git-fixes bsc#1223876).
- commit 15b93ff
- s390/cio: Ensure the copied buf is NUL terminated (git-fixes
bsc#1223875).
- commit c670b5d
- NTB: fix possible name leak in ntb_register_device()
(CVE-2023-52652 bsc#1223686).
- commit 206337a
- mm: swap: fix race between free_swap_and_cache() and swapoff()
(CVE-2024-26960 bsc#1223655).
- commit b6bee56
- swap: comments get_swap_device() with usage rule (CVE-2024-26960
bsc#1223655).
- commit 15510e4
- Refresh patches.suse/powerpc-pseries-iommu-LPAR-panics-when-rebooted-with.patch.
- commit 2ecdc0a
- clk: qcom: mmcc-msm8974: fix terminating of frequency table
arrays (CVE-2024-26965 bsc#1223648).
- commit 1dd34df
- clk: qcom: mmcc-apq8084: fix terminating of frequency table
arrays (CVE-2024-26966 bsc#1223646).
- commit a12a96e
- clk: qcom: gcc-ipq8074: fix terminating of frequency table
arrays (CVE-2024-26969 bsc#1223645).
- commit 8dca0be
- xfrm6: fix inet6_dev refcount underflow problem (git-fixes).
- commit f5401a7
- drm/bridge: adv7511: fix crash on irq during probe (CVE-2024-26876 bsc#1223119).
- commit baf14c5
- ipv6/addrconf: fix a potential refcount underflow for idev
(git-fixes).
- commit cdd225e
- net: fix skb leak in __skb_tstamp_tx() (git-fixes).
- commit 87fa6a6
- tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp
(git-fixes).
- commit 77fb94f
- net: stream: purge sk_error_queue in sk_stream_kill_queues()
(git-fixes).
- commit cb9fa4c
- netfilter: br_netfilter: Drop dst references before setting
(git-fixes).
- commit 28508ef
- net: mld: fix reference count leak in mld_{query |
report}_work() (git-fixes).
- commit 389c7c7
- net: ipv6: ensure we call ipv6_mc_down() at most once
(git-fixes).
- commit e46b1a5
- net: fix a memleak when uncloning an skb dst and its metadata
(git-fixes).
- commit 9e895dd
- net: bridge: vlan: fix memory leak in __allowed_ingress
(git-fixes).
- commit 26122cb
- Update patches.suse/nfsd-use-__fput_sync-to-avoid-delayed-closing-of-fil.patch
(bsc#1223380 bsc#1217408 bsc#1223640).
- commit 48bb894
- netfilter: ipt_CLUSTERIP: fix refcount leak in
clusterip_tg_check() (git-fixes).
- commit 014c7bb
- net: vlan: fix underflow for the real_dev refcnt (git-fixes).
- commit f6e1f81
- x86/sev: Skip ROM range scans and validation for SEV-SNP guests
(jsc#PED-7167 git-fixes).
- Refresh
patches.suse/0003-efi-Lock-down-the-kernel-if-booted-in-secure-boot-mode.patch.
- Refresh
patches.suse/0004-efi-Lock-down-the-kernel-at-the-integrity-level-if-b.patch.
- commit 8eb012f
- x86/mm: Ensure input to pfn_to_kaddr() is treated as a 64-bit
type (jsc#PED-7167 git-fixes).
- commit 554f303
- Update
patches.suse/ext4-fix-bug-in-extents-parsing-when-eh_entries-0-an.patch
(bsc#1206881 bsc#1223475 CVE-2022-48631).
- commit 718df1c
- clk: qcom: gcc-ipq6018: fix terminating of frequency table
arrays (CVE-2024-26970 bsc#1223644).
- commit 0c0dddd
- mtd: diskonchip: work around ubsan link failure (stable-fixes).
- drm/amdgpu/sdma5.2: use legacy HDP flush for SDMA2/3
(stable-fixes).
- drm/amdgpu: Fix leak when GPU memory allocation fails
(stable-fixes).
- Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0bda:0x4853
(stable-fixes).
- Bluetooth: Fix type of len in {l2cap,sco}_sock_getsockopt_old()
(stable-fixes).
- serial: core: fix kernel-doc for uart_port_unlock_irqrestore()
(git-fixes).
- serial: core: Provide port lock wrappers (stable-fixes).
- drm-print: add drm_dbg_driver to improve namespace symmetry
(stable-fixes).
- commit ac12ea7
- net/ipv6: avoid possible UAF in ip6_route_mpath_notify()
(CVE-2024-26852 bsc#1223057)
- commit d89430d
- arm64: dts: rockchip: Remove unsupported node from the Pinebook Pro (git-fixes)
- commit 4bfffd4
- arm64: dts: rockchip: enable internal pull-up on PCIE_WAKE# for (git-fixes)
- commit 1d62037
- arm64: dts: rockchip: enable internal pull-up on Q7_USB_ID for RK3399 (git-fixes)
- commit 93fb4e2
- arm64: dts: rockchip: enable internal pull-up for Q7_THRM# on RK3399 (git-fixes)
- commit 5fec238
- arm64: dts: imx8-ss-conn: fix usdhc wrong lpcg clock order (git-fixes)
- commit 8f27cd5
- md/raid5: fix atomicity violation in raid5_cache_count
(bsc#1219169, CVE-2024-23307).
- commit d2d22f0
- s390/decompressor: fix misaligned symbol build error (git-fixes
bsc#1223785).
- commit 47fb728
- arm64: dts: rockchip: fix rk3399 hdmi ports node (git-fixes)
- commit c7b5bd6
- arm64: dts: rockchip: fix rk3328 hdmi ports node (git-fixes)
- commit a134662
- s390/scm: fix virtual vs physical address confusion (git-fixes bsc#1223784).
- commit bb84f10
- kABI workaround for cec_adapter (CVE-2024-23848 bsc#1219104).
- media: cec: core: avoid recursive cec_claim_log_addrs
(CVE-2024-23848 bsc#1219104).
- media: cec: core: avoid confusing "transmit timed out" message
(CVE-2024-23848 bsc#1219104).
- media: cec: cec-api: add locking in cec_release()
(CVE-2024-23848 bsc#1219104).
- media: cec: cec-adap: always cancel work in cec_transmit_msg_fh
(CVE-2024-23848 bsc#1219104).
- commit 70ecf73
- mm/slub: fix to return errno if kmalloc() fails (CVE-2022-48659
bsc#1223498).
- commit d72759d
- drm/amdgpu: Fix possible NULL dereference in amdgpu_ras_query_error_status_helper() (CVE-2023-52585 bsc#1221080).
- commit cde7c84
- bonding: fix NULL deref in bond_rr_gen_slave_id (bsc#1223499
CVE-2022-48640).
- commit 9f14266
- media: cec: abort if the current transmit was canceled
(CVE-2024-23848 bsc#1219104).
- commit e51b978
- Squashfs: check the inode number is not the invalid value of
zero (bsc#1223634 CVE-2024-26982).
- commit 8ad2647
- Update
patches.suse/ubifs-ubifs_symlink-Fix-memleak-of-inode-i_link-in-error-path.patch
(git-fixes CVE-2024-26972 bsc#1223643).
- commit c1d0983
- Update
patches.suse/nilfs2-prevent-kernel-bug-at-submit_bh_wbc.patch
(git-fixes CVE-2024-26955 bsc#1223657).
- commit 59db655
- Update
patches.suse/nilfs2-fix-failure-to-detect-DAT-corruption-in-btree.patch
(git-fixes CVE-2024-26956 bsc#1223663).
- commit b968ba7
- Update patches.suse/nilfs2-fix-OOB-in-nilfs_set_de_type.patch
(git-fixes CVE-2024-26981 bsc#1223668).
- commit 7b2eba5
- ASoC: SOF: Add some bounds checking to firmware data
(CVE-2024-26927 bsc#1223525).
- commit 797ef67
- Update
patches.suse/gpio-mockup-fix-NULL-pointer-dereference-when-removi.patch
(git-fixes CVE-2022-48663 bsc#1223523).
- commit fb50f4d
- Update
patches.suse/cgroup-cgroup_get_from_id-must-check-the-looked-up-kn-is-a-directory.patch
(bsc#1203906 CVE-2022-48638 bsc#1223522).
- commit 1b1d545
- Update
patches.suse/sfc-fix-TX-channel-offset-when-using-legacy-interrup.patch
(git-fixes CVE-2022-48647 bsc#1223519).
- commit 2df3009
- Update
patches.suse/smb3-fix-temporary-data-corruption-in-insert-range.patch
(bsc#1193629 CVE-2022-48667 bsc#1223518).
- commit 2544640
- Update
patches.suse/bnxt-prevent-skb-UAF-after-handing-over-to-PTP-worke.patch
(jsc#SLE-18978 CVE-2022-48637 bsc#1223517).
- commit 8af9f52
- Update
patches.suse/smb3-fix-temporary-data-corruption-in-collapse-range.patch
(bsc#1193629 CVE-2022-48668 bsc#1223516).
- commit ea57df6
- drm/i915/gem: Really move i915_gem_context.link under ref
protection (CVE-2022-48662 bsc#1223505).
- commit 1ea0422
- Update
patches.suse/net-sched-taprio-avoid-disabling-offload-when-it-was.patch
(bsc#1207361 CVE-2022-48644 bsc#1223511).
- commit 32036dc
- Update
patches.suse/1631-drm-i915-gem-Really-move-i915_gem_context.link-under.patch
(jsc#PED-1166 jsc#PED-1168 jsc#PED-1170 jsc#PED-1218
jsc#PED-1220 jsc#PED-1222 jsc#PED-1223 jsc#PED-1225
jsc#PED-2849a4e7ccdac38e ("drm/i915: Move context management
under GEM") CVE-2022-48662 bsc#1223505).
- commit 16b0082
- netfilter: nf_tables: disallow timeout for anonymous sets
(CVE-2023-52620 bsc#1221825).
- commit 19a9222
- Update
patches.suse/scsi-qla2xxx-Fix-memory-leak-in-__qlt_24xx_handle_ab.patch
(bsc#1203935 CVE-2022-48650 bsc#1223509).
- commit a4b4019
- Update
patches.suse/scsi-qla2xxx-Fix-memory-leak-in-__qlt_24xx_handle_ab.patch
(bsc#1203935 CVE-2022-48650 bsc#1223509).
- commit ecd523c
- Update
patches.suse/sfc-fix-null-pointer-dereference-in-efx_hard_start_x.patch
(git-fixes CVE-2022-48648 bsc#1223503).
- commit 2cd307a
- Update
patches.suse/sfc-siena-fix-null-pointer-dereference-in-efx_hard_s.patch
(jsc#PED-1565 CVE-2022-48646 bsc#1223502).
- commit 54704c0
- Update
patches.suse/net-sched-fix-possible-refcount-leak-in-tc_new_tfilt.patch
(bsc#1207361 CVE-2022-48639 bsc#1223490).
- commit 1b88973
- Update
patches.suse/gpiolib-cdev-Set-lineevent_state-irq-after-IRQ-regis.patch
(git-fixes CVE-2022-48660 bsc#1223487).
- commit 30d7811
- Update
patches.suse/arm64-topology-fix-possible-overflow-in-amu_fie_setu.patch
(git-fixes CVE-2022-48657 bsc#1223484).
- commit d7e1659
- Update
patches.suse/netfilter-nfnetlink_osf-fix-possible-bogus-match-in-.patch
(bsc#1204614 CVE-2022-48654 bsc#1223482).
- commit a8a2952
- Update
patches.suse/dmaengine-ti-k3-udma-private-Fix-refcount-leak-bug-i.patch
(git-fixes CVE-2022-48656 bsc#1223479).
- commit 90546f3
- netfilter: nf_tables: fix percpu memory leak at
nf_tables_addchain() (bsc#1223478 CVE-2022-48642).
- commit 839888a
- blacklist.conf: code refactoring
- commit f72ed44
- dump_stack: Do not get cpu_sync for panic CPU (bsc#1223574).
- commit 15c6bc2
- printk: Avoid non-panic CPUs writing to ringbuffer
(bsc#1223574).
- commit d14ad8e
- Update
patches.suse/ice-Don-t-double-unplug-aux-on-peer-initiated-reset.patch
(git-fixes CVE-2022-48653 bsc#1223474).
- commit dba84ad
- blacklist.conf: refactoring, not a fix
- commit ef0f94f
- s390/vdso: drop '-fPIC' from LDFLAGS (git-fixes bsc#1223598).
- commit ed11fe0
- printk: Disable passing console lock owner completely during
panic() (bsc#1223574).
- commit d98358d
- s390/zcrypt: fix reference counting on zcrypt card objects
(git-fixes bsc#1223595).
- commit 0483eb1
- Update
patches.suse/media-pvrusb2-fix-uaf-in-pvr2_context_set_notify.patch
(git-fixes CVE-2024-26875 bsc#1223118).
- commit fd5a947
- printk: ringbuffer: Skip non-finalized records in panic
(bsc#1223574).
- commit c9df6e3
- printk: Wait for all reserved records with pr_flush()
(bsc#1223574).
- commit d04f93d
- Update
patches.suse/RDMA-srpt-Do-not-register-event-handler-until-srpt-d.patch
(git-fixes CVE-2024-26872 bsc#1223115).
- commit 66d99f5
- printk: ringbuffer: Cleanup reader terminology (bsc#1223574).
- commit a92ce86
- printk: Add this_cpu_in_panic() (bsc#1223574).
- commit 0b039ad
- quota: Fix potential NULL pointer dereference (bsc#1223060
CVE-2024-26878).
- commit 93c484c
- do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak
(bsc#1223198 CVE-2024-26901).
- commit a397ff1
- blk-mq: fix IO hang from sbitmap wakeup race (bsc#1222357
CVE-2024-26671).
- commit 9908e06
- ext4: avoid allocating blocks from corrupted group in
ext4_mb_find_by_goal() (bsc#1222613 CVE-2024-26772).
- commit be73fd6
- printk: Rename abandon_console_lock_in_panic() to
other_cpu_in_panic() (bsc#1223574).
- commit 6336c25
- Update
patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch
(bsc#1141539 git-fixes).
- commit 111a038
- printk: Drop console_sem during panic (bsc#1223574).
- commit 725427c
- clk: meson: Add missing clocks to axg_clk_regmaps
(CVE-2024-26879 bsc#1223066).
- commit 46eee50
- printk: ringbuffer: Clarify special lpos values (bsc#1223574).
- commit 0f13b5c
- printk: ringbuffer: Do not skip non-finalized records with
prb_next_seq() (bsc#1223574).
- commit 28b403a
- printk: ringbuffer: Improve prb_next_seq() performance
(bsc#1223574).
- commit 6a93375
- Update
patches.suse/msft-hv-2942-hv_netvsc-Register-VF-in-netvsc_probe-if-NET_DEVICE_.patch
(git-fixes CVE-2024-26820 bsc#1223078).
- commit d0bb689
- Update
patches.suse/nfc-nci-free-rx_data_reassembly-skb-on-NCI-device-cl.patch
(git-fixes CVE-2024-26825 bsc#1223065).
- commit 4685711
- wifi: wfx: fix memory leak when starting AP (CVE-2024-26896
bsc#1223042).
- commit f3e25cb
- Update
patches.suse/scsi-Revert-scsi-fcoe-Fix-potential-deadlock-on-fip-ctlr_lock.patch
(git-fixes bsc#1219141 CVE-2024-26917 bsc#1223056).
- commit f3895d7
- printk: Use prb_first_seq() as base for 32bit seq macros
(bsc#1223574).
- commit e3b59e0
- irqchip/gic-v3-its: Prevent double free on error (git-fixes).
- commit 7e7615e
- printk: Adjust mapping for 32bit seq macros (bsc#1223574).
- commit 6dcabeb
- printk: nbcon: Relocate 32bit seq macros (bsc#1223574).
- commit c13f8d3
- PM / devfreq: Fix buffer overflow in trans_stat_show
(CVE-2023-52614 bsc#1221617).
- commit 43b7d5b
- Update
patches.suse/0002-iommu-vt-d-Don-t-issue-ATS-Invalidation-request-when.patch
(git-fixes CVE-2024-26891 bsc#1223037).
- commit 7b52ba2
- Update
patches.suse/drm-amd-display-Fix-memory-leak-in-dm_sw_fini.patch
(git-fixes CVE-2024-26833 bsc#1223036).
- commit 6c18411
- ipvlan: Fix out-of-bound bugs caused by unset skb->mac_header
(bsc#1223513 CVE-2022-48651).
- commit c96a663
- net: hns3: fix kernel crash when 1588 is received on HIP08
devices (bsc#1223041 CVE-2024-26881).
- net: ice: Fix potential NULL pointer dereference in
ice_bridge_setlink() (bsc#1223051 CVE-2024-26855).
- geneve: make sure to pull inner header in geneve_rx()
(bsc#1223058 CVE-2024-26857).
- ppp_async: limit MRU to 64K (bsc#1222379 CVE-2024-26675).
- commit 61a60e2
- Update
patches.suse/efi-runtime-Fix-potential-overflow-of-soft-reserved-.patch
(git-fixes CVE-2024-26843 bsc#1223014).
- commit 3f9577f
- net: usb: ax88179_178a: stop lying about skb->truesize
(git-fixes).
- commit 416a90a
- Update
patches.suse/wifi-ath9k-delay-all-of-ath9k_wmi_event_tasklet-unti.patch
(git-fixes CVE-2024-26897 bsc#1223323).
- commit 938950f
- drm/amd/display: Fix MST Null Ptr for RV (CVE-2021-47200 bsc#1222838)
- commit 3d0cc91
- Update
patches.suse/wifi-wilc1000-prevent-use-after-free-on-vif-when-cle.patch
(git-fixes CVE-2024-26895 bsc#1223197).
- commit 73cb93c
- amdkfd: use calloc instead of kzalloc to avoid integer overflow (CVE-2024-26817 bsc#1222812)
- commit 5946a4f
- Update patches.suse/firmware-arm_scmi-Harden-accesses-to-the-reset-domai.patch (git-fixes CVE-2022-48655 bsc#1223477)
- commit 2dabafb
- mm: slub: fix flush_cpu_slab()/__free_slab() invocations in
task context (CVE-2022-48658 bsc#1223496).
- commit 3480d23
- firmware: arm_scmi: Fix double free in SMC transport cleanup
path (CVE-2024-26893 bsc#1223196).
- commit 689202d
- nfsd: use __fput_sync() to avoid delayed closing of files
(bsc#1223380 bsc#1217408).
- commit aa925bb
- Revert "ice: Fix ice VF reset during iavf initialization (jsc#PED-376)." (bsc#1223275)
This reverts commit b92b60703522e3531f77c5af2f34b4b165007b3a.
This commit was reverted upstream by commit 0ecff05e6c59dd82dbcb9706db911f7fd9f40fb8
with note:
ice_check_vf_ready_for_cfg() already contain waiting for reset.
New condition in ice_check_vf_ready_for_reset() causing only problems.
- commit 33e8bb2
- Sort recent BHI patches
- Refresh patches.suse/KVM-x86-Add-BHI_NO.patch.
- Refresh patches.suse/x86-bhi-Add-BHI-mitigation-knob.patch.
- Refresh
patches.suse/x86-bhi-Add-support-for-clearing-branch-history-at-syscall.patch.
- Refresh patches.suse/x86-bhi-Define-SPEC_CTRL_BHI_DIS_S.patch.
- Refresh
patches.suse/x86-bhi-Enumerate-Branch-History-Injection-BHI-bug.patch.
- Refresh patches.suse/x86-bhi-Mitigate-KVM-by-default.patch.
- commit 065fb7d
- Update patches.suse/powerpc-pseries-vas-Hold-mmap_mutex-after-mmap-lock-.patch
(jsc#PED-542 git-fixes bsc#1213573 ltc#203238).
- commit 29ca2f7
- x86/cpufeatures: Add CPUID_LNX_5 to track recently added Linux-defined word (bsc#1217339 CVE-2024-2201).
- Refresh
patches.suse/x86-bhi-Add-support-for-clearing-branch-history-at-syscall.patch.
- Delete
patches.suse/x86-cpufeature-Add-missing-leaf-enumeration.patch.
- commit b2ddc32
- livepatch: Fix missing newline character in
klp_resolve_symbols() (bsc#1223539).
- commit ccf2afb
- blacklist.conf: cosmetic; kind of code documentation
- commit 6c8cbf7
- blacklist.conf: workqueue: prevent false circular dependency by lockdep,
code churn, primary useful when developing new code, lockdep is
disabled on production kernels (bsc#1223536)
- commit 6ab7164
- Update
patches.suse/spi-spi-zynqmp-gqspi-Handle-error-for-dma_set_mask.patch
(git-fixes CVE-2021-47047 bsc#1220761).
- commit 1f6461d
- crypto: lib/mpi - Fix unexpected pointer access in mpi_ec_init
(CVE-2023-52616 bsc#1221612).
- commit 6fa74bc
- mm/vmscan: fix a bug calling wakeup_kswapd() with a wrong zone
index (bsc#1222615 CVE-2024-26783).
- commit d2a6383
- mm/vmscan: make sure wakeup_kswapd with managed zone
(bsc#1223473).
- commit c954567
- x86/boot: Ignore relocations in .notes sections in walk_relocs() too (bsc#1222624 CVE-2024-26816).
- commit 9c9dbbd
- x86, relocs: Ignore relocations in .notes section (bsc#1222624 CVE-2024-26816).
- commit 9bcfc48
- hugetlb, userfaultfd: fix reservation restore on userfaultfd
error (bsc#1222710 CVE-2021-47214).
- commit 4a75d88
- drm/amdgpu: fix use-after-free bug (CVE-2024-26656 bsc#1222307)
- commit 2c0e8cb
- i2c: smbus: fix NULL function pointer dereference (git-fixes).
- dmaengine: idxd: Fix oops during rmmod on single-CPU platforms
(git-fixes).
- dma: xilinx_dpdma: Fix locking (git-fixes).
- idma64: Don't try to serve interrupts when device is powered
off (git-fixes).
- dmaengine: tegra186: Fix residual calculation (git-fixes).
- dmaengine: owl: fix register access functions (git-fixes).
- USB: serial: option: add Telit FN920C04 rmnet compositions
(stable-fixes).
- USB: serial: option: add Rolling RW101-GL and RW135-GL support
(stable-fixes).
- USB: serial: option: add Lonsung U8300/U9300 product
(stable-fixes).
- USB: serial: option: add support for Fibocom FM650/FG650
(stable-fixes).
- USB: serial: option: support Quectel EM060K sub-models
(stable-fixes).
- USB: serial: option: add Fibocom FM135-GL variants
(stable-fixes).
- thunderbolt: Avoid notify PM core about runtime PM resume
(stable-fixes).
- thunderbolt: Fix wake configurations after device unplug
(stable-fixes).
- usb: Disable USB3 LPM at shutdown (stable-fixes).
- usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb
ep transport error (stable-fixes).
- clk: Get runtime PM before walking tree during disable_unused
(git-fixes).
- clk: Initialize struct clk_core kref earlier (stable-fixes).
- arm64: hibernate: Fix level3 translation fault in swsusp_save()
(git-fixes).
- ALSA: hda/realtek - Enable audio jacks of Haier Boyue G42 with
ALC269VC (stable-fixes).
- drm/vmwgfx: Fix crtc's atomic check conditional (git-fixes).
- drm/amd/display: Do not recursively call manual trigger
programming (stable-fixes).
- drm/amdgpu: fix incorrect number of active RBs for gfx11
(stable-fixes).
- drm: panel-orientation-quirks: Add quirk for Lenovo Legion Go
(stable-fixes).
- ALSA: scarlett2: Add Focusrite Clarett 2Pre and 4Pre USB support
(stable-fixes).
- ALSA: scarlett2: Add Focusrite Clarett+ 2Pre and 4Pre support
(stable-fixes).
- ALSA: scarlett2: Add correct product series name to messages
(stable-fixes).
- ALSA: scarlett2: Add support for Clarett 8Pre USB
(stable-fixes).
- ALSA: scarlett2: Move USB IDs out from device_info struct
(stable-fixes).
- ALSA: scarlett2: Default mixer driver to enabled (stable-fixes).
- clk: Print an info line before disabling unused clocks
(stable-fixes).
- drm/amdgpu: fix incorrect active rb bitmap for gfx11
(stable-fixes).
- clk: remove extra empty line (stable-fixes).
- clk: Mark 'all_lists' as const (stable-fixes).
- commit 2a4676e
- i40e: Fix VF MAC filter removal (git-fixes).
- commit 03f8d56
- mmc: sdhci-msm: pervent access to suspended controller
(git-fixes).
- fbdev: fix incorrect address computation in deferred IO
(git-fixes).
- wifi: nl80211: don't free NULL coalescing rule (git-fixes).
- wifi: iwlwifi: mvm: return uid from iwl_mvm_build_scan_cmd
(git-fixes).
- wifi: iwlwifi: mvm: remove old PASN station when adding a new
one (git-fixes).
- Bluetooth: qca: fix NULL-deref on non-serdev suspend
(git-fixes).
- NFC: trf7970a: disable all regulators on removal (git-fixes).
- HID: logitech-dj: allow mice to use all types of reports
(git-fixes).
- HID: intel-ish-hid: ipc: Fix dev_err usage with uninitialized
dev->devc (git-fixes).
- init/main.c: Fix potential static_command_line memory overflow
(git-fixes).
- ax25: fix use-after-free bugs caused by ax25_ds_del_timer
(git-fixes).
- commit eb0d29c
- blacklist.conf: Add 246f80a0b17f8 ("sh: push-switch: Reorder cleanup operations to avoid use-after-free bug")
- commit 701f2ea
- Update
patches.suse/aoe-fix-the-potential-use-after-free-problem-in-aoec.patch
(bsc#1218562 CVE-2023-6270 CVE-2024-26898 bsc#1223016).
- commit 5a56f33
- i40e: Do not allow untrusted VF to remove administratively
set MAC (git-fixes CVE-2024-26830 bsc#1223012).
- commit 67a5cff
- net: ip_tunnel: make sure to pull inner header in
ip_tunnel_rcv() (git-fixes CVE-2024-26882 bsc#1223034).
- commit 1915836
- PM / devfreq: Synchronize devfreq_monitor_[start/stop]
(CVE-2023-52635 bsc#1222294).
- commit 6f88f1b
- powerpc/rtas: export rtas_error_rc() for reuse (bsc#1223369
ltc#205888).
- powerpc/rtas: define pr_fmt and convert printk call sites
(bsc#1223369 ltc#205888).
- commit 13f68b5
- Update
patches.suse/Bluetooth-rfcomm-Fix-null-ptr-deref-in-rfcomm_check_.patch
(bsc#1219170 CVE-2024-22099 CVE-2024-26903 bsc#1223187).
- commit 1a4ee0a
- Renamepatches before cve/linux-5.14-LTSS
- commit 0b096bb
- PCI: rpaphp: Error out on busy status from get-sensor-state
(bsc#1223369 ltc#205888).
- commit f9716ef
- bpf: Fix stackmap overflow check on 32-bit arches (bsc#1223035
CVE-2024-26883).
- bpf: Fix hashtab overflow check on 32-bit arches (bsc#1223189
CVE-2024-26884).
- bpf: Fix DEVMAP_HASH overflow check on 32-bit arches
(bsc#1223190 CVE-2024-26885).
- commit c435af8
- Update
patches.suse/scsi-target-pscsi-Fix-bio_put-for-error-case.patch
(bsc#1222596 cve-2024-26760), updating CVE number.
- commit 0b78c9a
- powerpc/kasan: Don't instrument non-maskable or raw interrupts
(bsc#1223191).
- powerpc: Refactor verification of MSR_RI (bsc#1223191).
- Refresh patches.suse/powerpc-64s-Fix-unrecoverable-MCE-calling-async-hand.patch
- commit 8a00767
- powerpc: Avoid nmi_enter/nmi_exit in real mode interrupt
(bsc#1221645 ltc#205739 bsc#1223191).
- commit caf6e20
- comedi: vmk80xx: fix incomplete endpoint checking (git-fixes).
- mei: me: disable RPL-S on SPS and IGN firmwares (git-fixes).
- speakup: Avoid crash on very long word (git-fixes).
- serial/pmac_zilog: Remove flawed mitigation for rx irq flood
(git-fixes).
- serial: mxs-auart: add spinlock around changing cts state
(git-fixes).
- Revert "usb: cdc-wdm: close race between read and workqueue"
(git-fixes).
- usb: dwc2: host: Fix dereference issue in DDMA completion flow
(git-fixes).
- usb: typec: ucsi: Fix connector check on init (git-fixes).
- commit 28e1f50
- x86/cpufeatures: Fix dependencies for GFNI, VAES, and VPCLMULQDQ (git-fixes).
- commit e92aa40
- blacklist.conf: We don't support FRED
- commit ce7dd35
- clk: Remove prepare_lock hold assertion in __clk_release()
(git-fixes).
- commit 7812d3f
- nilfs2: fix OOB in nilfs_set_de_type (git-fixes).
- commit 236cddf
- drm/panel: visionox-rm69299: don't unregister DSI device
(git-fixes).
- drm/vmwgfx: Sort primary plane formats by order of preference
(git-fixes).
- drm: nv04: Fix out of bounds access (git-fixes).
- nouveau: fix instmem race condition around ptr stores
(git-fixes).
- drm/amdgpu: validate the parameters of bo mapping operations
more clearly (git-fixes).
- nilfs2: fix OOB in nilfs_set_de_type (git-fixes).
- commit d2ecf52
- pmdomain: mediatek: fix race conditions with genpd
(CVE-2023-52645 bsc#1223033).
- commit 9a65bfe
- spi: spi-fsl-lpspi: remove redundant spi_controller_put call
(CVE-2024-26866 bsc#1223024).
- commit 1408e84
- spi: lpspi: Avoid potential use-after-free in probe()
(CVE-2024-26866 bsc#1223024).
- commit 233d8aa
- platform/x86: think-lmi: Fix password opcode ordering for
workstations (CVE-2024-26836 bsc#1222968).
- platform/x86: think-lmi: Enable opcode support on BIOS settings
(CVE-2024-26836 bsc#1222968).
- commit 13fd3e3
- net: usb: ax88179_178a: avoid writing the mac address before
first reading (git-fixes).
- drm/msm/dp: fix typo in dp_display_handle_port_status_changed()
(git-fixes).
- drm/vmwgfx: Enable DMA mappings with SEV (git-fixes).
- drm/client: Fully protect modes[] with dev->mode_config.mutex
(stable-fixes).
- nouveau: fix function cast warning (git-fixes).
- Revert "drm/qxl: simplify qxl_fence_wait" (git-fixes).
- drm/ast: Fix soft lockup (git-fixes).
- drm/amd/display: fix disable otg wa logic in DCN316
(stable-fixes).
- drm/amd/pm: fixes a random hang in S4 for SMU v13.0.4/11
(stable-fixes).
- drm/amdgpu: Reset dGPU if suspend got aborted (stable-fixes).
- drm/amdgpu: always force full reset for SOC21 (stable-fixes).
- drm/amdkfd: Reset GPU on queue preemption failure
(stable-fixes).
- drm/i915/vrr: Disable VRR when using bigjoiner (stable-fixes).
- drm/i915: Disable port sync when bigjoiner is used
(stable-fixes).
- drm/i915/cdclk: Fix CDCLK programming order when pipes are
active (git-fixes).
- Bluetooth: hci_sock: Fix not validating setsockopt user input
(git-fixes).
- Bluetooth: L2CAP: Fix not validating setsockopt user input
(git-fixes).
- Bluetooth: RFCOMM: Fix not validating setsockopt user input
(git-fixes).
- Bluetooth: SCO: Fix not validating setsockopt user input
(git-fixes).
- Bluetooth: Fix memory leak in hci_req_sync_complete()
(git-fixes).
- batman-adv: Avoid infinite loop trying to resize local TT
(git-fixes).
- platform/x86: intel-vbtn: Update tablet mode switch at end of
probe (git-fixes).
- i2c: pxa: hide unused icr_bits[] variable (git-fixes).
- ALSA: hda/realtek - Fix inactive headset mic jack
(stable-fixes).
- Bluetooth: Fix TOCTOU in HCI debugfs implementation (git-fixes).
- Bluetooth: hci_event: set the conn encrypted before conn
establishes (stable-fixes).
- Bluetooth: add quirk for broken address properties (git-fixes).
- usb: typec: ucsi: Clear UCSI_CCI_RESET_COMPLETE before reset
(stable-fixes).
- usb: typec: ucsi: Ack unsupported commands (stable-fixes).
- usb: udc: remove warning when queue disabled ep (stable-fixes).
- Revert "usb: phy: generic: Get the vbus supply" (git-fixes).
- USB: UAS: return ENODEV when submit urbs fail with device not
attached (stable-fixes).
- wifi: mac80211: check/clear fast rx for non-4addr sta VLAN
changes (stable-fixes).
- fbmon: prevent division by zero in fb_videomode_from_videomode()
(stable-fixes).
- fbdev: viafb: fix typo in hw_bitblt_1 and hw_bitblt_2
(stable-fixes).
- ASoC: soc-core.c: Skip dummy codec when adding platforms
(stable-fixes).
- speakup: Fix 8bit characters from direct synth (git-fixes).
- USB: serial: cp210x: add pid/vid for TDK NC0110013M and
MM0110113M (stable-fixes).
- USB: serial: option: add MeiG Smart SLM320 product
(stable-fixes).
- USB: serial: cp210x: add ID for MGP Instruments PDS100
(stable-fixes).
- USB: serial: add device ID for VeriFone adapter (stable-fixes).
- USB: serial: ftdi_sio: add support for GMC Z216C Adapter IR-USB
(stable-fixes).
- usb: gadget: tegra-xudc: Fix USB3 PHY retrieval logic
(git-fixes).
- phy: tegra: xusb: Add API to retrieve the port number of phy
(stable-fixes).
- usb: sl811-hcd: only defined function checkdone if QUIRK2 is
defined (stable-fixes).
- usb: typec: tcpci: add generic tcpci fallback compatible
(stable-fixes).
- ahci: asm1064: asm1166: don't limit reported ports (git-fixes).
- Input: synaptics-rmi4 - fail probing if memory allocation for
"phys" fails (stable-fixes).
- media: sta2x11: fix irq handler cast (stable-fixes).
- media: cec: core: remove length check of Timer Status
(stable-fixes).
- ALSA: firewire-lib: handle quirk to calculate payload quadlets
as data block counter (stable-fixes).
- Revert "ACPI: PM: Block ASUS B1400CEAE from suspend to idle
by default" (stable-fixes).
- platform/x86: touchscreen_dmi: Add an extra entry for a variant
of the Chuwi Vi8 tablet (stable-fixes).
- Input: allocate keycode for Display refresh rate toggle
(stable-fixes).
- pinctrl: renesas: checker: Limit cfg reg enum checks to provided
IDs (stable-fixes).
- drm/amd/display: Fix nanosec stat overflow (stable-fixes).
- drm: panel-orientation-quirks: Add quirk for GPD Win Mini
(stable-fixes).
- drm/vc4: don't check if plane->state->fb == state->fb
(stable-fixes).
- hwmon: (amc6821) add of_match table (stable-fixes).
- Bluetooth: btintel: Fixe build regression (git-fixes).
- Bluetooth: btintel: Fix null ptr deref in btintel_read_version
(stable-fixes).
- wifi: ath9k: fix LNA selection in ath_ant_try_scan()
(stable-fixes).
- pstore/zone: Add a null pointer check to the psz_kmsg_read
(stable-fixes).
- mei: me: add arrow lake point H DID (stable-fixes).
- mei: me: add arrow lake point S DID (stable-fixes).
- ahci: asm1064: correct count of reported ports (stable-fixes).
- Documentation: Add missing documentation for EXPORT_OP flags
(stable-fixes).
- HID: uhid: Use READ_ONCE()/WRITE_ONCE() for ->running
(stable-fixes).
- docs: Document the FAN_FS_ERROR event (stable-fixes).
- commit 5f4b68d
- Update
patches.suse/fbcon-always-restore-the-old-font-data-in-fbcon_do_s.patch
(git-fixes CVE-2024-26798 bsc#1222798).
- commit 3f5154a
- Update
patches.suse/0001-fs-hugetlb-fix-NULL-pointer-dereference-in-hugetlbs_.patch
(bsc#1219264 CVE-2024-0841 CVE-2024-26688 bsc#1222482).
- Update
patches.suse/btrfs-fix-double-free-of-anonymous-device-after-snap.patch
(bsc#1219126 CVE-2024-23850 CVE-2024-26792 bsc#1222430).
- Update
patches.suse/net-sched-act_mirred-don-t-override-retval-if-we-alr.patch
(CVE-2024-26733 bsc#1222585 CVE-2024-26739 bsc#1222559).
- commit ac0df3e
- Update
patches.suse/ALSA-gus-fix-null-pointer-dereference-on-pointer-blo.patch
(git-fixes CVE-2021-47207 bsc#1222790).
- Update
patches.suse/ALSA-usb-audio-fix-null-pointer-dereference-on-point.patch
(bsc#1192354 CVE-2021-47211 bsc#1222869).
- Update
patches.suse/RDMA-core-Set-send-and-receive-CQ-before-forwarding-.patch
(jsc#SLE-19249 CVE-2021-47196 bsc#1222773).
- Update
patches.suse/arm64-dts-qcom-msm8998-Fix-CPU-L2-idle-state-latency.patch
(git-fixes CVE-2021-47187 bsc#1222703).
- Update
patches.suse/cfg80211-call-cfg80211_stop_ap-when-switch-from-P2P_.patch
(git-fixes CVE-2021-47194 bsc#1222829).
- Update
patches.suse/clk-sunxi-ng-Unregister-clocks-resets-when-unbinding.patch
(git-fixes CVE-2021-47205 bsc#1222888).
- Update
patches.suse/drm-prime-Fix-use-after-free-in-mmap-with-drm_gem_tt.patch
(git-fixes CVE-2021-47200 bsc#1222838).
- Update
patches.suse/i40e-Fix-NULL-ptr-dereference-on-VSI-filter-sync.patch
(jsc#SLE-18378 CVE-2021-47184 bsc#1222666).
- Update
patches.suse/iavf-free-q_vectors-before-queues-in-iavf_disable_vf.patch
(jsc#SLE-18385 CVE-2021-47201 bsc#1222792).
- Update
patches.suse/msft-hv-2480-x86-hyperv-Fix-NULL-deref-in-set_hv_tscchange_cb-if-.patch
(git-fixes CVE-2021-47217 bsc#1222836).
- Update
patches.suse/net-dpaa2-eth-fix-use-after-free-in-dpaa2_eth_remove.patch
(git-fixes CVE-2021-47204 bsc#1222787).
- Update
patches.suse/net-mlx5-Update-error-handler-for-UCTX-and-UMEM.patch
(jsc#SLE-19253 CVE-2021-47212 bsc#1222709).
- Update
patches.suse/net-mlx5e-CT-Fix-multiple-allocations-and-memleak-of.patch
(jsc#SLE-19253 CVE-2021-47199 bsc#1222785).
- Update
patches.suse/net-mlx5e-kTLS-Fix-crash-in-RX-resync-flow.patch
(jsc#SLE-19253 CVE-2021-47215 bsc#1222704).
- Update
patches.suse/net-mlx5e-nullify-cq-dbg-pointer-in-mlx5_debug_cq_re.patch
(jsc#SLE-19253 CVE-2021-47197 bsc#1222776).
- Update
patches.suse/sched-fair-Prevent-dead-task-groups-from-regaining-cfs_rq-s.patch
(bsc#1192837 CVE-2021-47209 bsc#1222796).
- Update patches.suse/scsi-advansys-Fix-kernel-pointer-leak.patch
(git-fixes CVE-2021-47216 bsc#1222876).
- Update
patches.suse/scsi-core-sysfs-Fix-hang-when-device-state-is-set-via-sysfs
(git-fixes CVE-2021-47192 bsc#1222867).
- Update
patches.suse/scsi-lpfc-Fix-list_add-corruption-in-lpfc_drain_txq.patch
(bsc#1190576 CVE-2021-47203 bsc#1222881).
- Update
patches.suse/scsi-lpfc-Fix-use-after-free-in-lpfc_unreg_rpi-routi.patch
(bsc#1192145 CVE-2021-47198 bsc#1222883).
- Update
patches.suse/scsi-pm80xx-Fix-memory-leak-during-rmmod.patch
(git-fixes CVE-2021-47193 bsc#1222879).
- Update
patches.suse/scsi-scsi_debug-Fix-out-of-bound-read-in-resp_readcap16.patch
(git-fixes CVE-2021-47191 bsc#1222866).
- Update
patches.suse/scsi-scsi_debug-Fix-out-of-bound-read-in-resp_report_tgtpgs.patch
(git-fixes CVE-2021-47219 bsc#1222824).
- Update patches.suse/scsi-ufs-core-Improve-SCSI-abort-handling
(git-fixes CVE-2021-47188 bsc#1222671).
- Update
patches.suse/selinux-fix-NULL-pointer-dereference-when-hashtab-al.patch
(git-fixes CVE-2021-47218 bsc#1222791).
- Update
patches.suse/thermal-Fix-NULL-pointer-dereferences-in-of_thermal_.patch
(stable-5.14.21 CVE-2021-47202 bsc#1222878).
- Update
patches.suse/tty-tty_buffer-Fix-the-softlockup-issue-in-flush_to_.patch
(git-fixes CVE-2021-47185 bsc#1222669).
- Update
patches.suse/usb-host-ohci-tmio-check-return-value-after-calling-.patch
(git-fixes CVE-2021-47206 bsc#1222894).
- Update
patches.suse/usb-typec-tipd-Remove-WARN_ON-in-tps6598x_block_read.patch
(git-fixes CVE-2021-47210 bsc#1222901).
- commit 48b69db
- iommu/arm-smmu-v3: Work around MMU-600 erratum 1076982
(git-fixes).
- Refresh
patches.suse/coresight-etm-Override-TRCIDR3.CCITMIN-on-errata-affected-cpus.patch.
- commit d93f0f0
- Update
patches.suse/wifi-mac80211-fix-race-condition-on-enabling-fast-xm.patch
(git-fixes CVE-2024-26779 bsc#1222772).
- commit c8c8675
- wifi: wfx: fix possible NULL pointer dereference in
wfx_set_mfp_ap() (CVE-2023-52593 bsc#1221042).
- commit 846e85e
- iommu/mediatek: Flush IOTLB completely only if domain has
been attached (git-fixes).
- commit 623c929
- media: rkisp1: Fix IRQ disable race issue (CVE-2023-52589
bsc#1221084).
- commit e4627b0
- iommu/amd: Fix domain flush size when syncing iotlb (git-fixes).
- commit b3bdbef
- Update patch reference of iio fix (CVE-2024-26702 bsc#1222424)
- commit 9b2027c
- iommu/amd: Don't block updates to GATag if guest mode is on
(git-fixes).
- commit 9ffdfc7
- iommu/rockchip: Fix unwind goto issue (git-fixes).
- commit c8c9239
- wifi: iwlwifi: fix a memory corruption (CVE-2024-26610
bsc#1221299).
- commit e7967c5
- iommu/sprd: Release dma buffer to avoid memory leak (git-fixes).
- commit 6d1aa27
- iommu/fsl: fix all kernel-doc warnings in fsl_pamu.c
(git-fixes).
- commit 452d862
- iommu/arm-smmu-v3: Acknowledge pri/event queue overflow if any
(git-fixes).
- commit 161366f
- x86/xen: add CPU dependencies for 32-bit build (git-fixes).
- commit b3ada40
- xen/events: close evtchn after mapping cleanup (CVE-2024-26687,
bsc#1222435).
- commit eb41ab9
- xen/xenbus: document will_handle argument for
xenbus_watch_path() (git-fixes).
- commit c749895
- blacklist.conf: Append 'drm/amdgpu: Fix variable 'mca_funcs' dereferenced before NULL check in 'amdgpu_mca_smu_get_mca_entry()''
- commit f765ec7
- Update patches.suse/arp-Prevent-overflow-in-arp_req_get.patch
- fix build warning
- commit b98055d
- blacklist.conf: Append 'drm/amd/display: Fix 'panel_cntl' could be null in 'dcn21_set_backlight_level()''
- commit 182dade
- ceph: stop copying to iter at EOF on sync reads (bsc#1223068).
- libceph: init the cursor when preparing sparse read in msgr2
(bsc#1222247 CVE-2023-52636).
- ceph: switch to corrected encoding of max_xattr_size in mdsmap
(bsc#1223067).
- libceph: just wait for more data to be available on the socket
(bsc#1222247 CVE-2023-52636).
- libceph: rename read_sparse_msg_*() to
read_partial_sparse_msg_*() (bsc#1222247 CVE-2023-52636).
- commit c683288
- serial: sc16is7xx: convert from _raw_ to _noinc_ regmap
functions for FIFO (bsc#1221162 CVE-2023-52488).
- commit 0ac4803
- iommu/arm-smmu-qcom: Limit the SMR groups to 128 (git-fixes).
- commit aa65491
- Refresh patches.kabi/kabi-allow-extra-bugints.patch. (bsc#1222952)
- commit a04a1a9
- iommu/amd: Fix "Guest Virtual APIC Table Root Pointer"
configuration in IRTE (git-fixes).
- commit 9b574c1
- afs: Fix endless loop in directory parsing (bsc#1223030
CVE-2024-26848).
- commit 38522d0
- iommu/vt-d: Allow zero SAGAW if second-stage not supported
(git-fixes).
- commit 9bb9de0
- ext4: regenerate buddy after block freeing failed if under fc
replay (bsc#1220342 CVE-2024-26601).
- commit c12e20f
- iommu: Fix error unwind in iommu_group_alloc() (git-fixes).
- commit f532194
- iommu/amd: Add a length limitation for the ivrs_acpihid
command-line parameter (git-fixes).
- commit 8f23b5e
- x86/xen: fix percpu vcpu_info allocation (git-fixes).
- commit 87554ac
- xen-netfront: Add missing skb_mark_for_recycle (git-fixes).
- commit 6fc55b4
- blacklist.conf: Blacklist 83e80a6e3543f3
- commit 62a580e
- fs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion
(bsc#1222721 CVE-2024-26764).
- commit b81d662
- fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via
libaio (bsc#1222721 CVE-2024-26764).
- commit 6f0ed6e
- ext4: avoid allocating blocks from corrupted group in
ext4_mb_try_best_found() (bsc#1222618 CVE-2024-26773).
- commit 821043d
- x86/xen: Add some null pointer checking to smp.c (git-fixes).
- commit 78b0780
- xen-netback: properly sync TX responses (git-fixes).
- commit b347f75
- xen/gntdev: Fix the abuse of underlying struct page in DMA-buf
import (git-fixes).
- commit 78d5534
- Update patches.suse/thermal-Fix-NULL-pointer-dereferences-in-of_thermal_.patch (stable-5.14.21 CVE-2021-47202 bsc#1222878)
- commit 9b2ed28
- drm/amd/display: Implement bounds check for stream encoder creation (bsc#1222266 CVE-2024-26660)
- commit 3a8faf0
- iommu/amd: Fix error handling for pdev_pri_ats_enable()
(git-fixes).
- commit 9598a5a
- Update
patches.suse/usb-roles-fix-NULL-pointer-issue-when-put-module-s-r.patch
(bsc#1222609 CVE-2024-26747).
Added CVE reference
- commit c356fce
- iommu/vt-d: Fix error handling in sva enable/disable paths
(git-fixes).
- commit a7d0d80
- iommu/iova: Fix alloc iova overflows issue (git-fixes).
- commit 997077c
- iommu/vt-d: Allocate local memory for page request queue
(git-fixes).
- commit 29949ff
- powerpc/pseries/iommu: LPAR panics when rebooted with a frozen
PE (bsc#1222011 ltc#205900).
- commit 92932bc
- Update references in
patches.suse/ocfs2-Avoid-touching-renamed-directory-if-parent-doe.patch
(bsc#1221044 bsc#1221088 CVE-2023-52591 CVE-2023-52590).
- commit 6a6852e
- Update patches.suse/spi-fix-use-after-free-of-the-add_lock-mutex.patch (git-fixes CVE-2021-47195 bsc#1222832)
- commit e8d48f1
- mm/vmalloc: huge vmalloc backing pages should be split rather
than compound (bsc#1217829).
- commit 539be83
- netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter
(bsc#1222630 CVE-2024-26805).
- commit 62396b0
- IB/hfi1: Fix sdma.h tx->num_descs off-by-one error (bsc#1222726 CVE-2024-26766)
- commit dc4bba0
- spi: cadence-qspi: fix pointer reference in runtime PM hooks (CVE-2024-26807 bsc#1222801)
- commit 4dd5f9f
- Update
patches.suse/nvmet-fc-avoid-deadlock-on-delete-association-path.patch
(git-fixes CVE-2024-26769 bsc#1222727).
- commit fb3505a
- Update patches.suse/RDMA-srpt-Support-specifying-the-srpt_service_guid-p.patch
(git-fixes bsc#1222449 CVE-2024-26744)
- Update patches.suse/RDMA-qedr-Fix-qedr_create_user_qp-error-flow.patch
(git-fixes bsc#1222677 CVE-2024-26743)
- Update patches.suse/IB-hfi1-Fix-sdma.h-tx-num_descs-off-by-one-error.patch
(git-fixes bsc#1222726 CVE-2024-26766)
- commit c5a8a5e
- RDMA/cm: add timeout to cm_destroy_id wait (git-fixes)
- commit 1af9c1e
- NFS: avoid spurious warning of lost lock that is being unlocked
(bsc#1221791).
- commit 1efde72
- gtp: fix use-after-free and null-ptr-deref in
gtp_genl_dump_pdp() (bsc#1222428 CVE-2024-26793 bsc#1222632
CVE-2024-26754).
- commit eebe79d
- Update patches.suse/mmc-mmci-stm32-fix-DMA-API-overlapping-mappings-warn.patch (git-fixes CVE-2024-26787 bsc#1222781)
- commit 3445a30
- Update patches.suse/dmaengine-fsl-qdma-fix-SoC-may-hang-on-16-byte-unali.patch (git-fixes CVE-2024-26790 bsc#1222784)
- commit fa581a2
- Update patches.suse/spi-hisi-sfc-v3xx-Return-IRQ_NONE-if-no-interrupts-w.patch (git-fixes CVE-2024-26776 bsc#1222764)
- commit 97121f5
- iio:adc:ad7091r: Move exports into IIO_AD7091R namespace. (CVE-2023-52627 bsc#1222051)
- commit e5bef1f
- dm: don't lock fs when the map is NULL during suspend or resume
(git-fixes).
- commit 78ef342
- blacklist.conf: add a commit for bcache typo fix.
- commit 22e6069
- dm integrity: fix out-of-range warning (git-fixes).
- dm: call the resume method on internal suspend (git-fixes).
- dm raid: fix false positive for requeue needed during reshape
(git-fixes).
- dm-raid: fix lockdep waring in "pers->hot_add_disk" (git-fixes).
- md: don't clear MD_RECOVERY_FROZEN for new dm-raid until resume
(git-fixes).
- md/raid1: fix choose next idle in read_balance() (git-fixes).
- md: Don't clear MD_CLOSING when the raid is about to stop
(git-fixes).
- dm-verity, dm-crypt: align "struct bvec_iter" correctly
(git-fixes).
- dm-crypt: don't modify the data when using authenticated
encryption (bsc#1222720, CVE-2024-26763).
- dm-crypt, dm-verity: disable tasklets (bsc#1222416, CVE-2024-26718).
- dm-integrity: don't modify bio's immutable bio_vec in
integrity_metadata() (git-fixes).
- bcache: revert replacing IS_ERR_OR_NULL with IS_ERR (git-fixes).
- dm-verity: align struct dm_verity_fec_io properly (git-fixes).
- dm verity: don't perform FEC for failed readahead IO
(git-fixes).
- bcache: avoid NULL checking to c->root in run_cache_set()
(git-fixes).
- bcache: add code comments for bch_btree_node_get() and
__bch_btree_node_alloc() (git-fixes).
- bcache: replace a mistaken IS_ERR() by IS_ERR_OR_NULL() in
btree_gc_coalesce() (git-fixes).
- bcache: fixup multi-threaded bch_sectors_dirty_init() wake-up
race (git-fixes).
- bcache: fixup lock c->root error (git-fixes).
- bcache: fixup init dirty data errors (git-fixes).
- bcache: prevent potential division by zero error (git-fixes).
- bcache: remove redundant assignment to variable cur_idx
(git-fixes).
- bcache: check return value from btree_node_alloc_replacement()
(git-fixes).
- bcache: avoid oversize memory allocation by small stripe_size
(git-fixes).
- dm-delay: fix a race between delay_presuspend and delay_bio
(git-fixes).
- nd_btt: Make BTT lanes preemptible (git-fixes).
- libnvdimm/of_pmem: Use devm_kstrdup instead of kstrdup and
check its return value (git-fixes).
- dm zoned: free dmz->ddev array in dmz_put_zoned_devices
(git-fixes).
- nvdimm: Fix dereference after free in register_nvdimm_pmu()
(git-fixes).
- nvdimm: Fix memleak of pmu attr_groups in
unregister_nvdimm_pmu() (git-fixes).
- dm cache policy smq: ensure IO doesn't prevent cleaner policy
progress (git-fixes).
- dm raid: clean up four equivalent goto tags in raid_ctr()
(git-fixes).
- dm raid: fix missing reconfig_mutex unlock in raid_ctr()
error paths (git-fixes).
- dm integrity: reduce vmalloc space footprint on 32-bit
architectures (git-fixes).
- dm thin metadata: Fix ABBA deadlock by resetting dm_bufio_client
(git-fixes).
- bcache: fixup btree_cache_wait list damage (git-fixes).
- bcache: Fix __bch_btree_node_alloc to make the failure behavior
consistent (git-fixes).
- bcache: Remove unnecessary NULL point check in node allocations
(git-fixes).
- bcache: Remove dead references to cache_readaheads (git-fixes).
- dm thin metadata: check fail_io before using data_sm
(git-fixes).
- dm: don't lock fs when the map is NULL in process of resume
(git-fixes).
- dm flakey: fix a crash with invalid table line (git-fixes).
- dm integrity: call kmem_cache_destroy() in dm_integrity_init()
error path (git-fixes).
- dm clone: call kmem_cache_destroy() in dm_clone_init() error
path (git-fixes).
- dm verity: fix error handling for check_at_most_once on FEC
(git-fixes).
- dm stats: check for and propagate alloc_percpu failure
(git-fixes).
- dm crypt: avoid accessing uninitialized tasklet (git-fixes).
- dm crypt: add cond_resched() to dmcrypt_write() (git-fixes).
- commit 876bda1
- dm thin: fix deadlock when swapping to thin device
(bsc#1177529).
- Use above upstream patch, delete in-house patch,
patches.suse/Avoid-deadlock-for-recursive-I-O-on-dm-thin-when-used-as-swap-4905.patch.
- commit f651b2e
- dm cache: add cond_resched() to various workqueue loops
(git-fixes).
- dm thin: add cond_resched() to various workqueue loops
(git-fixes).
- dm: add cond_resched() to dm_wq_work() (git-fixes).
- dm: remove flush_scheduled_work() during local_exit()
(git-fixes).
- dm: send just one event on resize, not two (git-fixes).
- dm flakey: fix logic when corrupting a bio (git-fixes).
- dm flakey: fix a bug with 32-bit highmem systems (git-fixes).
- dm flakey: don't corrupt the zero page (git-fixes).
- dm init: add dm-mod.waitfor to wait for asynchronously probed
block devices (git-fixes).
- libnvdimm/region: Allow setting align attribute on regions
without mappings (git-fixes).
- bcache:: fix repeated words in comments (git-fixes).
- bcache: bset: Fix comment typos (git-fixes).
- bcache: remove unused bch_mark_cache_readahead function def
in stats.h (git-fixes).
- bcache: remove unnecessary flush_workqueue (git-fixes).
- nvdimm/namespace: drop nested variable in
create_namespace_pmem() (git-fixes).
- bcache: remove EXPERIMENTAL for Kconfig option 'Asynchronous
device registration' (git-fixes).
- nvdimm: Fix badblocks clear off-by-one error (git-fixes).
- nvdimm: Fix firmware activation deadlock scenarios (git-fixes).
- nvdimm: Allow overwrite in the presence of disabled dimms
(git-fixes).
- bcache: use default_groups in kobj_type (git-fixes).
- bcache: fixup bcache_dev_sectors_dirty_add() multithreaded
CPU false sharing (git-fixes).
- bcache: use bvec_kmap_local in bio_csum (git-fixes).
- bcache: fix NULL pointer reference in cached_dev_detach_finish
(git-fixes).
- bcache: replace snprintf in show functions with sysfs_emit
(git-fixes).
- bcache: move uapi header bcache.h to bcache code directory
(git-fixes).
- bcache: remove bch_crc64_update (git-fixes).
- bcache: use bvec_kmap_local in bch_data_verify (git-fixes).
- commit fd7b7d9
- bcache: remove the backing_dev_name field from struct cached_dev
(git-fixes).
- Rebased for the above change,
patches.suse/0017-bcache-avoid-unnecessary-soft-lockup-in-kworker-upda.patch.
- commit fddbf12
- bcache: remove the cache_dev_name field from struct cache
(git-fixes).
- bcache: move calc_cached_dev_sectors to proper place on backing
device detach (git-fixes).
- bcache: fix error info in register_bcache() (git-fixes).
- commit b239072
- scsi: target: pscsi: Fix bio_put() for error case (bsc#1222596
cve-2024-267600).
- commit 54b96d8
- arm64: dts: qcom: sdm845-db845c: Mark cont splash memory region as (CVE-2023-52561 bsc#1220935)
- commit 003c2c9
- selftests/bpf: Test racing between bpf_timer_cancel_and_free
and bpf_timer_cancel (bsc#1222557 CVE-2024-26737).
- bpf: Fix racing between bpf_timer_cancel_and_free and
bpf_timer_cancel (bsc#1222557 CVE-2024-26737).
- commit 141641a
- iio: adc: ad7091r: Allow users to configure device events (CVE-2023-52627 bsc#1222051)
- commit 4afaad3
- ARM: ep93xx: Add terminator to gpiod_lookup_table (CVE-2024-26751 bsc#1222724)
- commit 9f7da20
- Update patches.suse/dmaengine-ti-edma-Add-some-null-pointer-checks-to-th.patch (git-fixes CVE-2024-26771 bsc#1222610)
- commit fb21423
- Update
patches.suse/btrfs-fix-memory-ordering-between-normal-and-ordered-work-functions.patch
(git-fixes CVE-2021-47189 bsc#1222706).
- commit 95bc72d
- Refresh patches.kabi/kabi-allow-extra-bugints.patch.
Properly check whether the feature we are patching in the alternatives
is a feature or a bug. This was broken because in apply_alternative()
boot_cpu_has is used and if we have an alternative that depends on a bug
bit (such as X86_BUG_SYSRET_SS_ATTRS) the boot_cpu_has will erroneously
check if this bit is set in the feature ints rather than the bug ints.
While at it ensure that static_cpu_has isn't called with extended
bugs features as those aren't supported right now.
- commit 793068f
- Refresh
patches.kabi/PCI-Add-locking-to-RMW-PCI-Express-Capability-Regist.patch.
Drop a bogus hunk. It was introduced by mistake.
Fixes: acf0d9920aee
- commit 3a754ef
- Update
patches.suse/usb-cdns3-fixed-memory-use-after-free-at-cdns3_gadge.patch
(git-fixes CVE-2024-26749 bsc#1222680).
- commit 515d996
- Update
patches.suse/powerpc-pseries-iommu-IOMMU-table-is-not-initialized.patch
(bsc#1220492 ltc#205270 CVE-2024-26745 bsc#1222678).
- commit 3731b61
- blacklist.conf: Add f7ec1cd5cc7e getrusage: use sig->stats_lock rather than lock_task_sighand()
and its prereqs
- commit 0650209
- tee: amdtee: fix use-after-free vulnerability in
amdtee_close_session (bsc#1220915 CVE-2023-52503).
- commit 926b64b
- RAS: Avoid build errors when CONFIG_DEBUG_FS=n (jsc#PED-7619).
- Delete
patches.suse/RAS-AMD-FMPM-Fix-build-when-debugfs-is-not-enabled.patch.
- commit bf0e61f
- Update
patches.suse/tty-tty_buffer-Fix-the-softlockup-issue-in-flush_to_.patch
(git-fixes CVE-2021-47185).
- commit de9e1db
- Update
patches.suse/scsi-lpfc-Fix-link-down-processing-to-address-NULL-p.patch
(bsc#1192145 CVE-2021-47183 bsc#1222664).
- commit 720685d
- blacklist.conf: Add d9b3ce8769e3 mm: writeback: ratelimit stat flush from mem_cgroup_wb_stats
- commit 3201b4c
- Update
patches.suse/scsi-core-Fix-scsi_mode_sense-buffer-length-handling.patch
(git-fixes CVE-2021-47182 bsc#1222662).
- commit 641c737
- Update
patches.suse/usb-musb-tusb6010-check-return-value-after-calling-p.patch
(git-fixes CVE-2021-47181 bsc#1222660).
- commit 27da195
- ceph: prevent use-after-free in encode_cap_msg() (CVE-2024-26689
bsc#1222503).
- commit c307f9b
- tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc
(bsc#1222619).
- commit 3d3186c
- PCI/PM: Drain runtime-idle callbacks before driver removal
(git-fixes).
- PCI/DPC: Quirk PIO log size for Intel Raptor Lake Root Ports
(git-fixes).
- PCI/AER: Block runtime suspend when handling errors (git-fixes).
- PCI/DPC: Quirk PIO log size for Intel Ice Lake Root Ports
(git-fixes).
- PCI/DPC: Quirk PIO log size for certain Intel Root Ports
(git-fixes).
- Refresh
patches.suse/PCI-Lengthen-reset-delay-for-VideoPropulsion-Torrent.patch.
- PCI: Drop pci_device_remove() test of pci_dev->driver
(git-fixes).
- commit 1625155
- arp: Prevent overflow in arp_req_get() (CVE-2024-26733
bsc#1222585).
- commit aed9764
- net/sched: act_mirred: don't override retval if we already
lost the skb (CVE-2024-26733 bsc#1222585).
- commit 57213f3
- mm,page_owner: Defer enablement of static branch (bsc#1222366).
- commit aa158b4
- kprobes: Fix double free of kretprobe_holder (bsc#1220901).
- commit 7ab1530
- Update
patches.suse/afs-Increase-buffer-size-in-afs_update_volume_status.patch
(git-fixes CVE-2024-26736 bsc#1222586).
- commit 95b873b
- Update
patches.suse/btrfs-do-not-ASSERT-if-the-newly-created-subvolume-a.patch
(bsc#1219126 CVE-2024-23850 CVE-2024-26727 bsc#1222536).
- commit 9619dfe
- Update
patches.suse/nilfs2-fix-data-corruption-in-dsync-block-recovery-for-small-block-sizes.patch
(git-fixes CVE-2024-26697 bsc#1222550).
- commit a10bcda
- nilfs2: fix hang in nilfs_lookup_dirty_data_buffers()
(bsc#1222549 CVE-2024-26696).
- commit b7a4096
- Update
patches.suse/ASoC-rt5645-Fix-deadlock-in-rt5645_jack_detect_work.patch
(git-fixes CVE-2024-26722 bsc#1222520).
- commit 227851b
- blacklist.conf: kABI
- commit b7c2dcf
- blacklist.conf: kABI
- commit 4fed026
- blacklist.conf: kABI
- commit 9643918
- ring-buffer: Make wake once of ring_buffer_wait() more robust
(git-fixes).
- commit 9369b70
- tracing/ring-buffer: Fix wait_on_pipe() race (git-fixes).
- kABI: Adjust trace_iterator.wait_index (git-fixes).
- commit 0c26abb
- ext4: fix double-free of blocks due to wrong extents moved_len
(bsc#1222422 CVE-2024-26704).
- commit 4e96ad3
- net: stmmac: xgmac: use #define for string constants
(bsc#1222445 CVE-2024-26684).
- net: stmmac: xgmac: fix a typo of register name in DPP safety
handling (bsc#1222445 CVE-2024-26684).
- commit d142965
- netdevsim: avoid potential loop in nsim_dev_trap_report_work()
(git-fixes CVE-2024-26681 bsc#1222431).
- commit 6e625f6
- References update
- commit e2989ce
- stackdepot: rename pool_index to pool_index_plus_1 (git-fixes).
- commit 4edf006
- net: stmmac: xgmac: fix handling of DPP safety error for DMA
channels (bsc#1222445 CVE-2024-26684).
- commit f5bac1a
- gtp: fix use-after-free and null-ptr-deref in gtp_newlink()
(bsc#1222428 CVE-2024-26793).
- net: atlantic: Fix DMA mapping for PTP hwts ring (bsc#1222427
CVE-2024-26680).
- commit 8477f57
- ring-buffer: Use wait_event_interruptible() in
ring_buffer_wait() (git-fixes).
- commit a852b18
- ring-buffer: Fix full_waiters_pending in poll (git-fixes).
- commit a44bf56
- ring-buffer: Do not set shortest_full when full target is hit
(git-fixes).
- commit 4381c01
- tracing: Use .flush() call to wake up readers (git-fixes).
- commit d993c13
- ring-buffer: Fix resetting of shortest_full (git-fixes).
- commit 966f555
- ring-buffer: Fix waking up ring buffer readers (git-fixes).
- commit 676cf24
- tracing: Remove precision vsnprintf() check from print event
(git-fixes).
- commit 6b7c133
- tracing: Have saved_cmdlines arrays all in one allocation
(git-fixes).
- commit 49f31e7
- blacklist.conf: We don't have annotate_noendbr in this kernel
So shut up the warning.
- commit f6d75ac
- RAS: Avoid build errors when CONFIG_DEBUG_FS=n (git-fixes).
- commit eb744cd
- fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super
(bsc#1219264 CVE-2024-0841).
- commit fe3c052
- fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super
(bsc#1219264 CVE-2024-0841).
- commit aa8204a
- nilfs2: fix potential bug in end_buffer_async_write (bsc#1222437
CVE-2024-26685).
- commit dafe6fe
- nfsd: Fix error cleanup path in nfsd_rename() (bsc#1221044
CVE-2023-52591).
- commit a849be1
- blacklist.conf: kABI
- commit 94d8026
- net: usb: ax88179_178a: avoid the interface always configured
as random address (git-fixes).
- commit c53377c
- pci_iounmap(): Fix MMIO mapping leak (git-fixes).
- commit 629693d
- net: mana: Fix Rx DMA datasize and skb_over_panic (git-fixes).
- RDMA/mana_ib: Fix bug in creation of dma regions (git-fixes).
- Drivers: hv: vmbus: Calculate ring buffer size for more
efficient use of memory (git-fixes).
- hv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER
missed (git-fixes).
- hv_netvsc: Fix race condition between netvsc_probe and
netvsc_remove (git-fixes).
- scsi: storvsc: Fix ring buffer size calculation (git-fixes).
- hv_netvsc: Calculate correct ring size when PAGE_SIZE is not
4 Kbytes (git-fixes).
- commit 82617ea
- arm64: dts: broadcom: bcmbca: bcm4908: drop invalid switch cells (git-fixes)
- commit 22061fc
- arm64: dts: marvell: reorder crypto interrupts on Armada SoCs (git-fixes)
- commit a61527a
- blacklist.conf: ("arm64: dts: imx8mm-kontron: Use the VSELECT signal to switch SD card")
- commit 4b90502
- arm64: dts: imx8mm-kontron: Add support for ultra high speed modes on (git-fixes)
- commit b828266
- blacklist.conf: add a couple of PCI git-fixes
- commit 37743ca
- ata: sata_mv: Fix PCI device ID table declaration compilation
warning (git-fixes).
- ata: sata_sx4: fix pdc20621_get_from_dimm() on 64-bit
(git-fixes).
- ASoC: amd: acp: fix for acp_init function error handling
(git-fixes).
- ASoC: rt711-sdw: fix locking sequence (git-fixes).
- ASoC: rt711-sdca: fix locking sequence (git-fixes).
- ASoC: rt5682-sdw: fix locking sequence (git-fixes).
- ASoC: ops: Fix wraparound for mask in snd_soc_get_volsw
(git-fixes).
- ALSA: hda/realtek: Update Panasonic CF-SZ6 quirk to support
headset with microphone (git-fixes).
- drm/i915/gt: Do not generate the command streamer for all the
CCS (git-fixes).
- drm/display: fix typo (git-fixes).
- drm/panfrost: fix power transition timeout warnings (git-fixes).
- commit 56ef24f
- scsi: pm80xx: Avoid leaking tags when processing
OPC_INB_SET_CONTROLLER_CONFIG command (bsc#1220883
cve-2023-52500).
- commit fc88013
- KVM: x86: Add BHI_NO (bsc#1217339 CVE-2024-2201).
- commit c0e1ffe
- Update
patches.suse/ALSA-sh-aica-reorder-cleanup-operations-to-avoid-UAF.patch
(git-fixes CVE-2024-26654 bsc#1222304).
- Update
patches.suse/HID-i2c-hid-of-fix-NULL-deref-on-failed-power-up.patch
(git-fixes CVE-2024-26717 bsc#1222360).
- Update
patches.suse/arm64-entry-fix-ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD.patch
(bsc#1219443 CVE-2024-26670 bsc#1222356).
- Update
patches.suse/crypto-ccp-Fix-null-pointer-dereference-in-__sev_pla.patch
(git-fixes CVE-2024-26695 bsc#1222373).
- Update
patches.suse/drm-msm-dpu-check-for-valid-hw_pp-in-dpu_encoder_hel.patch
(git-fixes CVE-2024-26667 bsc#1222331).
- Update
patches.suse/hwmon-coretemp-Fix-out-of-bounds-memory-access.patch
(git-fixes CVE-2024-26664 bsc#1222355).
- Update patches.suse/nfsd-fix-RELEASE_LOCKOWNER.patch
(bsc#1218968 CVE-2024-26629 bsc#1221379).
- Update
patches.suse/pwm-Fix-out-of-bounds-access-in-of_pwm_single_xlate.patch
(git-fixes CVE-2024-26599 bsc#1220365).
- Update
patches.suse/sched-membarrier-reduce-the-ability-to-hammer-on-sys.patch
(git-fixes bsc1220398 CVE-2024-26602 bsc#1220398).
- Update
patches.suse/scsi-core-Move-scsi_host_busy-out-of-host-lock-for-waking-up-EH-handler.patch
(git-fixes CVE-2024-26627 bsc#1221090).
- Update
patches.suse/sr9800-Add-check-for-usbnet_get_endpoints.patch
(git-fixes CVE-2024-26651 bsc#1221337).
- Update
patches.suse/tracing-Ensure-visibility-when-inserting-an-element-into-tracing_map.patch
(git-fixes CVE-2024-26645 bsc#1222056).
- Update
patches.suse/xhci-handle-isoc-Babble-and-Buffer-Overrun-events-pr.patch
(git-fixes CVE-2024-26659 bsc#1222317).
- commit bd16cf6
- Update
patches.suse/Bluetooth-hci_codec-Fix-leaking-content-of-local_cod.patch
(git-fixes CVE-2023-52518 bsc#1221056).
- Update
patches.suse/FS-JFS-UBSAN-array-index-out-of-bounds-in-dbAdjTree.patch
(git-fixes CVE-2023-52604 bsc#1221067).
- Update patches.suse/IB-ipoib-Fix-mcast-list-locking.patch
(git-fixes CVE-2023-52587 bsc#1221082).
- Update
patches.suse/KVM-s390-vsie-fix-race-during-shadow-creation.patch
(git-fixes bsc#1220393 CVE-2023-52639 bsc#1222300).
- Update
patches.suse/PCI-switchtec-Fix-stdev_release-crash-after-surprise.patch
(git-fixes CVE-2023-52617 bsc#1221613).
- Update
patches.suse/SUNRPC-Fix-a-suspicious-RCU-usage-warning.patch
(git-fixes CVE-2023-52623 bsc#1222060).
- Update
patches.suse/UBSAN-array-index-out-of-bounds-in-dtSplitRoot.patch
(git-fixes CVE-2023-52603 bsc#1221066).
- Update
patches.suse/bus-mhi-host-Add-alignment-check-for-event-ring-read.patch
(git-fixes CVE-2023-52494 bsc#1221273).
- Update
patches.suse/bus-mhi-host-Drop-chan-lock-before-queuing-buffers.patch
(git-fixes CVE-2023-52493 bsc#1221274).
- Update
patches.suse/can-j1939-Fix-UAF-in-j1939_sk_match_filter-during-se.patch
(git-fixes CVE-2023-52637 bsc#1222291).
- Update
patches.suse/crypto-scomp-fix-req-dst-buffer-overflow.patch
(git-fixes CVE-2023-52612 bsc#1221616).
- Update
patches.suse/drm-Don-t-unref-the-same-fb-many-times-by-mistake-du.patch
(git-fixes CVE-2023-52486 bsc#1221277).
- Update
patches.suse/drm-amdkfd-Fix-lock-dependency-warning-with-srcu.patch
(git-fixes CVE-2023-52632 bsc#1222274).
- Update
patches.suse/drm-meson-fix-memory-leak-on-hpd_notify-callback.patch
(git-fixes CVE-2023-52563 bsc#1220937).
- Update
patches.suse/hwrng-core-Fix-page-fault-dead-lock-on-mmap-ed-hwrng.patch
(git-fixes CVE-2023-52615 bsc#1221614).
- Update
patches.suse/iommu-arm-smmu-v3-Fix-soft-lockup-triggered-by-arm_smmu_mm_invalidate_range.patch
(bsc#1215921 CVE-2023-52484 bsc#1220797).
- Update
patches.suse/jfs-fix-array-index-out-of-bounds-in-dbAdjTree.patch
(git-fixes CVE-2023-52601 bsc#1221068).
- Update
patches.suse/jfs-fix-array-index-out-of-bounds-in-diNewExt.patch
(git-fixes CVE-2023-52599 bsc#1221062).
- Update
patches.suse/jfs-fix-slab-out-of-bounds-Read-in-dtSearch.patch
(git-fixes CVE-2023-52602 bsc#1221070).
- Update patches.suse/jfs-fix-uaf-in-jfs_evict_inode.patch
(git-fixes CVE-2023-52600 bsc#1221071).
- Update
patches.suse/perf-x86-intel-uncore-Fix-NULL-pointer-dereference-issue-in-upi_fill_topology.patch
(bsc#1218958 CVE-2023-52450 bsc#1220237).
- Update
patches.suse/pstore-ram-Fix-crash-when-setting-number-of-cpus-to-.patch
(git-fixes CVE-2023-52619 bsc#1221618).
- Update
patches.suse/scsi-pm80xx-Avoid-leaking-tags-when-processing-OPC_INB_SET_CONTROLLER_CONFIG-command.patch
(git-fixes CVE-2023-52500 bsc#1220883).
- Update
patches.suse/wifi-ath9k-Fix-potential-array-index-out-of-bounds-r.patch
(git-fixes CVE-2023-52594 bsc#1221045).
- Update
patches.suse/wifi-rt2x00-restart-beacon-queue-when-hardware-reset.patch
(git-fixes CVE-2023-52595 bsc#1221046).
- commit b1046c1
- Update
patches.suse/netfilter-nftables-exthdr-fix-4-byte-stack-OOB-write.patch
(CVE-2023-4881 bsc#1215221 CVE-2023-52628 bsc#1222117).
- commit fd3aabc
- mm,page_owner: Fix printing of stack records (bsc#1222366).
- commit a7b445d
- mm,page_owner: Fix accounting of pages when migrating
(bsc#1222366).
- commit 37b3731
- mm,page_owner: Fix refcount imbalance (bsc#1222366).
- commit 4dc29b0
- iommu/mediatek: Fix forever loop in error handling (git-fixes).
- commit 21d467e
- selinux: saner handling of policy reloads (bsc#1222230 bsc#1221044
CVE-2023-52591).
- commit 66a189d
- mm,page_owner: Update metadata for tail pages (bsc#1222366).
- commit b2b2b31
- mm,page_owner: fix recursion (bsc#1222366).
- commit 4517a6d
- mm,page_owner: drop unnecessary check (bsc#1222366).
- commit 0c42427
- mm,page_owner: check for null stack_record before bumping its
refcount (bsc#1222366).
- commit 81f3531
- Update patches metadata
- commit f6df04d
- x86/bhi: Mitigate KVM by default (bsc#1217339 CVE-2024-2201).
- commit e8a52ff
- x86/bhi: Add BHI mitigation knob (bsc#1217339 CVE-2024-2201).
- Update config files.
- commit 66b3207
- x86/bhi: Enumerate Branch History Injection (BHI) bug (bsc#1217339 CVE-2024-2201).
- commit 797a250
- KVM: x86: Advertise CPUID.(EAX=7,ECX=2):EDX[5:0] to userspace (bsc#1217339 CVE-2024-2201).
- Refresh patches.suse/x86-bhi-Define-SPEC_CTRL_BHI_DIS_S.patch.
- commit d9a50a1
- x86/bhi: Define SPEC_CTRL_BHI_DIS_S (bsc#1217339 CVE-2024-2201).
- commit c5355fd
- Refresh patches.kabi/kabi-allow-extra-bugints.patch.
Extend existing functionality to allow adding extra feature words in
addition to extra bug words. This code is adjusted from SLE12-SP5 patch.
- commit 44177f4
- x86/bhi: Add support for clearing branch history at syscall entry (bsc#1217339 CVE-2024-2201).
- commit 7297553
- x86/cpufeature: Add missing leaf enumeration (bsc#1217339 CVE-2024-2201).
- commit 72a3a61
- vboxsf: Avoid an spurious warning if load_nls_xxx() fails
(git-fixes).
- drm/i915/bios: Tolerate devdata==NULL in
intel_bios_encoder_supports_dp_dual_mode() (stable-fixes).
- drm/amdkfd: fix TLB flush after unmap for GFX9.4.2
(stable-fixes).
- drm/amd/display: Return the correct HDCP error code
(stable-fixes).
- drm/amdgpu: amdgpu_ttm_gart_bind set gtt bound flag
(stable-fixes).
- drm/exynos: do not return negative values from .get_modes()
(stable-fixes).
- drm/panel: do not return negative error codes from
drm_panel_get_modes() (stable-fixes).
- drm/probe-helper: warn about negative .get_modes()
(stable-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for HP EliteBook
(stable-fixes).
- ALSA: hda/realtek - Add Headset Mic supported Acer NB platform
(stable-fixes).
- drm/amdgpu/pm: Fix the error of pwm1_enable setting
(stable-fixes).
- drm/amd/display: handle range offsets in VRR ranges
(stable-fixes).
- commit 9310237
- bpf, sockmap: Prevent lock inversion deadlock in map delete elem
(bsc#1209657 CVE-2023-0160).
- blacklist.conf: omit previous incomplete sockmap fix
- bpf, sockmap: Fix preempt_rt splat when using raw_spin_lock_t
(git-fixes).
- commit 9a86a18
- x86/bugs: Fix the SRSO mitigation on Zen3/4 (git-fixes).
- commit f738a42
- bpf, sockmap: Prevent lock inversion deadlock in map delete elem
(bsc#1209657 CVE-2023-0160).
- commit 989b8c6
- blacklist.conf: omit reverted sockmap deadlock fix
- commit 397323e
- netfilter: nf_tables: disallow anonymous set with timeout flag
(CVE-2024-26642 bsc#1221830).
- commit 02a907f
- netfilter: ctnetlink: fix possible refcount leak in
ctnetlink_create_conntrack() (CVE-2023-7192 bsc#1218479).
- commit 0b47032
- usb: typec: ucsi: Check for notifications after init
(git-fixes).
- usb: typec: ucsi: Clear EVENT_PENDING under PPM lock
(git-fixes).
- usb: typec: Return size of buffer if pd_set operation succeeds
(git-fixes).
- usb: dwc3: Properly set system wakeup (git-fixes).
- usb: cdc-wdm: close race between read and workqueue (git-fixes).
- usb: dwc2: gadget: LPM flow fix (git-fixes).
- usb: dwc2: gadget: Fix exiting from clock gating (git-fixes).
- usb: dwc2: host: Fix ISOC flow in DDMA mode (git-fixes).
- usb: dwc2: host: Fix remote wakeup from hibernation (git-fixes).
- usb: dwc2: host: Fix hibernation flow (git-fixes).
- USB: core: Fix deadlock in usb_deauthorize_interface()
(git-fixes).
- staging: vc04_services: fix information leak in
create_component() (git-fixes).
- commit 74f6b3e
- drm/i915/gt: Reset queue_priority_hint on parking (git-fixes).
- drm/qxl: remove unused variable from
`qxl_process_single_command()` (git-fixes).
- drm/qxl: remove unused `count` variable from
`qxl_surface_id_alloc()` (git-fixes).
- drm/vmwgfx: Create debugfs ttm_resource_manager entry only if
needed (git-fixes).
- nouveau/dmem: handle kcalloc() allocation failure (git-fixes).
- ACPICA: debugger: check status of acpi_evaluate_object()
in acpi_db_walk_for_fields() (git-fixes).
- commit 22f136e
- README.BRANCH: Remove copy of branch name
- commit 4834fba
- README.BRANCH: Remove copy of branch name
- commit 9b22290
- thermal: intel: hfi: Add syscore callbacks for system-wide PM
(CVE-2024-26646 bsc#1222070).
- thermal: intel: hfi: Disable an HFI instance when all its CPUs
go offline (CVE-2024-26646 bsc#1222070).
- thermal: intel: hfi: Enable an HFI instance from its first
online CPU (CVE-2024-26646 bsc#1222070).
- thermal: intel: hfi: Refactor enabling code into helper
functions (CVE-2024-26646 bsc#1222070).
- commit 8d3563b
- ASoC: meson: t9015: fix function pointer type mismatch
(git-fixes).
- drm/tegra: hdmi: Fix some error handling paths in
tegra_hdmi_probe() (git-fixes).
- drm/tegra: dsi: Fix some error handling paths in
tegra_dsi_probe() (git-fixes).
- net/x25: fix incorrect parameter validation in the
x25_getsockopt() function (git-fixes).
- Bluetooth: hci_core: Fix possible buffer overflow (git-fixes).
- sr9800: Add check for usbnet_get_endpoints (git-fixes).
- wifi: wilc1000: fix RCU usage in connect path (git-fixes).
- wifi: wilc1000: fix declarations ordering (stable-fixes).
- lib/cmdline: Fix an invalid format specifier in an assertion
msg (git-fixes).
- Input: gpio_keys_polled - suppress deferred probe error for gpio
(stable-fixes).
- firewire: core: use long bus reset on gap count error
(stable-fixes).
- drm/amdgpu: Enable gpu reset for S3 abort cases on Raven series
(stable-fixes).
- Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security
(stable-fixes).
- HID: multitouch: Add required quirk for Synaptics 0xcddc device
(stable-fixes).
- drm/tegra: hdmi: Convert to devm_platform_ioremap_resource()
(stable-fixes).
- drm/tegra: dsi: Make use of the helper function dev_err_probe()
(stable-fixes).
- commit 2335ed9
- ACPI: resource: Add Infinity laptops to
irq1_edge_low_force_override (stable-fixes).
- Refresh
patches.suse/ACPI-resource-Add-MAIBENBEN-X577-to-irq1_edge_low_fo.patch.
- commit a322c3a
- ASoC: meson: aiu: fix function pointer type mismatch
(git-fixes).
- ALSA: hda/realtek: fix ALC285 issues on HP Envy x360 laptops
(stable-fixes).
- ACPI: resource: Do IRQ override on Lunnen Ground laptops
(stable-fixes).
- ASoC: wm8962: Fix up incorrect error message in wm8962_set_fll
(stable-fixes).
- ASoC: wm8962: Enable both SPKOUTR_ENA and SPKOUTL_ENA in mono
mode (stable-fixes).
- ASoC: wm8962: Enable oscillator if selecting WM8962_FLL_OSC
(stable-fixes).
- ASoC: Intel: bytcr_rt5640: Add an extra entry for the Chuwi
Vi8 tablet (stable-fixes).
- ASoC: rt5645: Make LattePanda board DMI match more precise
(stable-fixes).
- ASoC: meson: Use dev_err_probe() helper (stable-fixes).
- commit 8f94a4d
- mmc: core: Avoid negative index with array access (git-fixes).
- mmc: core: Initialize mmc_blk_ioc_data (git-fixes).
- ALSA: aoa: avoid false-positive format truncation warning
(git-fixes).
- ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs
(git-fixes).
- wifi: iwlwifi: fw: don't always use FW dump trig (git-fixes).
- wifi: iwlwifi: mvm: rfi: fix potential response leaks
(git-fixes).
- net: ll_temac: platform_get_resource replaced by wrong function
(git-fixes).
- nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet
(git-fixes).
- ALSA: hda/realtek - ALC285 reduce pop noise from Headphone port
(stable-fixes).
- commit a43d7a1
- ipv6: init the accept_queue's spinlocks in inet6_create
(bsc#1221293 CVE-2024-26614).
- commit 0ab8c0f
- net/bnx2x: Prevent access to a freed page in page_pool
(bsc#1215322).
- commit 6d39ac9
- tcp: make sure init the accept_queue's spinlocks once
(bsc#1221293 CVE-2024-26614).
- commit 943f002
- powerpc/boot: Disable power10 features after BOOTAFLAGS
assignment (bsc#1194869).
- commit 17f8de7
- powerpc/boot: Fix boot wrapper code generation with
CONFIG_POWER10_CPU (bsc#1194869).
- commit 9b67460
- powerpc/lib: Validate size for vector operations (bsc#1194869 CVE-2023-52606 bsc#1221069).
- powerpc/mm: Fix null-pointer dereference in pgtable_cache_add
(CVE-2023-52607 bsc#1221061).
- powerpc: add compile-time support for lbarx, lharx
(bsc#1194869).
- Update config files.
- powerpc/64s: POWER10 CPU Kconfig build option (bsc#1194869).
- Update config files.
- powerpc/sstep: Use bitwise instead of arithmetic operator for
flags (bsc#1194869).
- powerpc/lib/sstep: use truncate_if_32bit() (bsc#1194869).
- powerpc/lib/sstep: Remove unneeded #ifdef __powerpc64__
(bsc#1194869).
- powerpc/lib/sstep: Use l1_dcache_bytes() instead of opencoding
(bsc#1194869).
- powerpc/lib/sstep: Don't use __{get/put}_user() on kernel
addresses (bsc#1194869).
- commit b17389a
- RDMA/mlx5: Relax DEVX access upon modify commands (git-fixes)
- commit 9423a91
- RDMA/mlx5: Fix fortify source warning while accessing Eth segment (git-fixes)
- commit 16e4eca
- Revert "fbdev: flush deferred IO before closing (git-fixes)." (bsc#1221814)
This reverts commit 81476d7e609a6d383f3d404542eebc93cebd0a4d.
This fixes bsc#1221814
- commit bc3a73c
- Update
patches.suse/HID-intel-ish-hid-ipc-Disable-and-reenable-ACPI-GPE-.patch
(git-fixes CVE-2023-52519 bsc#1220920).
- Update
patches.suse/HID-sony-Fix-a-potential-memory-leak-in-sony_probe.patch
(git-fixes CVE-2023-52529 bsc#1220929).
- Update
patches.suse/IB-hfi1-Fix-bugs-with-non-PAGE_SIZE-end-multi-iovec-.patch
(git-fixes CVE-2023-52474 bsc#1220445).
- Update
patches.suse/RDMA-siw-Fix-connection-failure-handling.patch
(git-fixes CVE-2023-52513 bsc#1221022).
- Update
patches.suse/RDMA-srp-Do-not-call-scsi_done-from-srp_abort.patch
(git-fixes CVE-2023-52515 bsc#1221048).
- Update
patches.suse/Revert-tty-n_gsm-fix-UAF-in-gsm_cleanup_mux.patch
(git-fixes CVE-2023-52564 bsc#1220938).
- Update
patches.suse/bpf-Check-rcu_read_lock_trace_held-before-calling-bp.patch
(bsc#1220251 CVE-2023-52447 CVE-2023-52621 bsc#1222073).
- Update
patches.suse/ieee802154-ca8210-Fix-a-potential-UAF-in-ca8210_prob.patch
(git-fixes CVE-2023-52510 bsc#1220898).
- Update
patches.suse/net-nfc-llcp-Add-lock-when-modifying-device-list.patch
(git-fixes CVE-2023-52524 bsc#1220927).
- Update
patches.suse/net-usb-smsc75xx-Fix-uninit-value-access-in-__smsc75.patch
(git-fixes CVE-2023-52528 bsc#1220843).
- Update
patches.suse/nfc-nci-assert-requested-protocol-is-valid.patch
(git-fixes CVE-2023-52507 bsc#1220833).
- Update
patches.suse/nilfs2-fix-potential-use-after-free-in-nilfs_gccache.patch
(git-fixes CVE-2023-52566 bsc#1220940).
- Update
patches.suse/nvme-fc-Prevent-null-pointer-dereference-in-nvme_fc_.patch
(bsc#1214842 CVE-2023-52508 bsc#1221015).
- Update
patches.suse/nvmet-tcp-Fix-a-kernel-panic-when-host-sends-an-inva.patch
(bsc#1217987 bsc#1217988 bsc#1217989 CVE-2023-6535 CVE-2023-6536
CVE-2023-6356 CVE-2023-52454 bsc#1220320).
- Update
patches.suse/platform-x86-think-lmi-Fix-reference-leak.patch
(git-fixes CVE-2023-52520 bsc#1220921).
- Update
patches.suse/ravb-Fix-use-after-free-issue-in-ravb_tx_timeout_wor.patch
(bsc#1212514 CVE-2023-35827 CVE-2023-52509 bsc#1220836).
- Update
patches.suse/ring-buffer-Do-not-attempt-to-read-past-commit.patch
(git-fixes CVE-2023-52501 bsc#1220885).
- Update
patches.suse/serial-8250_port-Check-IRQ-data-before-use.patch
(git-fixes CVE-2023-52567 bsc#1220839).
- Update
patches.suse/spi-sun6i-fix-race-between-DMA-RX-transfer-completio.patch
(git-fixes CVE-2023-52517 bsc#1221055).
- Update
patches.suse/spi-sun6i-reduce-DMA-RX-transfer-width-to-single-byt.patch
(git-fixes CVE-2023-52511 bsc#1221012).
- Update
patches.suse/wifi-mwifiex-Fix-oob-check-condition-in-mwifiex_proc.patch
(git-fixes CVE-2023-52525 bsc#1220840).
- Update
patches.suse/x86-alternatives-disable-kasan-in-apply_alternatives.patch
(git-fixes CVE-2023-52504 bsc#1221553).
- Update
patches.suse/x86-srso-fix-sbpb-enablement-for-spec_rstack_overflow-off.patch
(git-fixes CVE-2023-52575 bsc#1220871).
- commit 5f353b0
- Update patches.suse/0001-mmc-moxart_remove-Fix-UAF.patch
(bsc#1194516 CVE-2022-0487 CVE-2022-48626 bsc#1220366).
- Update
patches.suse/crypto-qcom-rng-ensure-buffer-for-generate-is-comple.patch
(git-fixes CVE-2022-48629 bsc#1220989).
- Update
patches.suse/crypto-qcom-rng-fix-infinite-loop-on-requests-not-mu.patch
(git-fixes CVE-2022-48630 bsc#1220990).
- commit f8cf886
- Update
patches.suse/ALSA-hda-intel-sdw-acpi-harden-detection-of-controll.patch
(git-fixes CVE-2021-46926 bsc#1220478).
- Update
patches.suse/ALSA-rawmidi-fix-the-uninitalized-user_pversion.patch
(git-fixes CVE-2021-47096 bsc#1220981).
- Update
patches.suse/IB-qib-Fix-memory-leak-in-qib_user_sdma_queue_pkts.patch
(git-fixes CVE-2021-47104 bsc#1220960).
- Update
patches.suse/Input-elantech-fix-stack-out-of-bound-access-in-elan.patch
(git-fixes CVE-2021-47097 bsc#1220982).
- Update
patches.suse/KVM-x86-mmu-Don-t-advance-iterator-after-restart-due.patch
(git-fixes CVE-2021-47094 bsc#1221551).
- Update patches.suse/NFSD-Fix-READDIR-buffer-overflow.patch
(git-fixes bsc#1196346 CVE-2021-47107 bsc#1220965).
- Update
patches.suse/asix-fix-uninit-value-in-asix_mdio_read.patch
(git-fixes CVE-2021-47101 bsc#1220987).
- Update
patches.suse/drm-mediatek-hdmi-Perform-NULL-pointer-check-for-mtk.patch
(git-fixes CVE-2021-47108 bsc#1220986).
- Update
patches.suse/hwmon-lm90-Prevent-integer-overflow-underflow-in-hys.patch
(git-fixes CVE-2021-47098 bsc#1220983).
- Update
patches.suse/ipmi-Fix-UAF-when-uninstall-ipmi_si-and-ipmi_msghand.patch
(git-fixes CVE-2021-47100 bsc#1220985).
- Update
patches.suse/ipmi-ssif-initialize-ssif_info-client-early.patch
(bsc#1193490 CVE-2021-47095 bsc#1220979).
- Update
patches.suse/mac80211-fix-locking-in-ieee80211_start_ap-error-pat.patch
(git-fixes CVE-2021-47091 bsc#1220959).
- Update
patches.suse/net-fix-use-after-free-in-tw_timer_handler.patch
(bsc#1217195 CVE-2021-46936 bsc#1220439).
- Update
patches.suse/net-marvell-prestera-fix-incorrect-structure-access.patch
(git-fixes CVE-2021-47102 bsc#1221009).
- Update
patches.suse/net-smc-fix-kernel-panic-caused-by-race-of-smc_sock
(git-fixes CVE-2021-46925 bsc#1220466).
- Update
patches.suse/nitro_enclaves-Use-get_user_pages_unlocked-call-to-handle-mmap-assert.patch
(git fixes (mm/gup) CVE-2021-46927 bsc#1220443).
- Update
patches.suse/platform-x86-intel_pmc_core-fix-memleak-on-registrat.patch
(git-fixes CVE-2021-47093 bsc#1220978).
- Update patches.suse/sctp-use-call_rcu-to-free-endpoint.patch
(CVE-2022-20154 bsc#1200599 CVE-2021-46929 bsc#1220482).
- Update patches.suse/tee-optee-Fix-incorrect-page-free-bug.patch
(jsc#SLE-21844 CVE-2021-47087 bsc#1220954).
- Update
patches.suse/tun-avoid-double-free-in-tun_free_netdev.patch
(bsc#1209635 CVE-2022-4744 git-fixes CVE-2021-47082
bsc#1220969).
- Update
patches.suse/usb-gadget-f_fs-Clear-ffs_eventfd-in-ffs_data_clear.patch
(git-fixes CVE-2021-46933 bsc#1220487).
- Update patches.suse/usb-mtu3-fix-list_head-check-warning.patch
(git-fixes CVE-2021-46930 bsc#1220484).
- Update
patches.suse/veth-ensure-skb-entering-GRO-are-not-cloned.patch
(git-fixes CVE-2021-47099 bsc#1220955).
- commit b15f74e
- RAS/AMD/FMPM: Fix build when debugfs is not enabled (jsc#PED-7619).
- commit 1bac2ee
- RAS/AMD/FMPM: Safely handle saved records of various sizes (jsc#PED-7619).
- commit 0a6b09b
- RAS/AMD/FMPM: Avoid NULL ptr deref in get_saved_records() (jsc#PED-7619).
- commit 11123f1
- selftests/bpf: add generic BPF program tester-loader
(bsc#1222033).
- Refresh patches.suse/selftests-bpf-convenience-macro-for-use-with-asm-vol.patch
- commit fac2b7e
- crypto: qat - avoid division by zero (git-fixes).
- crypto: qat - resolve race condition during AER recovery
(git-fixes).
- crypto: qat - fix deadlock in backlog processing (git-fixes).
- crypto: qat - fix double free during reset (git-fixes).
- crypto: qat - increase size of buffers (git-fixes).
- crypto: qat - fix unregistration of compression algorithms
(git-fixes).
- crypto: qat - fix unregistration of crypto algorithms
(git-fixes).
- crypto: qat - ignore subsequent state up commands (git-fixes).
- commit 57086a4
- crypto: qat - fix state machines cleanup paths (bsc#1218321).
- commit b45a9b9
- PCI: dwc: Fix a 64bit bug in dw_pcie_ep_raise_msix_irq()
(git-fixes).
- PCI: rockchip: Use 64-bit mask on MSI 64-bit PCI address
(git-fixes).
- commit 71917a0
- md/raid5: fix atomicity violation in raid5_cache_count
(bsc#1219169, CVE-2024-23307).
- commit 30c5680
- s390/vtime: fix average steal time calculation (git-fixes
bsc#1221951).
- commit dcc65eb
- s390/ptrace: handle setting of fpc register correctly
(CVE-2023-52598 bsc#1221060 git-fixes).
- commit 997994b
- wifi: ath10k: fix NULL pointer dereference in
ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (bsc#1218336
CVE-2023-7042).
- commit 1784f9f
- ubi: Check for too small LEB size in VTBL code (bsc#1219834
CVE-2024-25739).
- commit ad7e175
- PCI: rockchip: Don't advertise MSI-X in PCIe capabilities
(git-fixes).
- commit 617f4f7
- PCI: rockchip: Fix window mapping and address translation for
endpoint (git-fixes).
- Refresh
patches.suse/PCI-rockchip-Use-u32-variable-to-access-32-bit-regis.patch.
- commit ebc378b
- PCI: qcom: Enable BDF to SID translation properly (git-fixes).
- PCI: mediatek-gen3: Fix translation window size calculation
(git-fixes).
- PCI: mediatek: Clear interrupt status before dispatching handler
(git-fixes).
- PCI: dwc: endpoint: Fix dw_pcie_ep_raise_msix_irq() alignment
support (git-fixes).
- PCI: Lengthen reset delay for VideoPropulsion Torrent QN16e card
(git-fixes).
- Revert "PCI: tegra194: Enable support for 256 Byte payload"
(git-fixes).
- PCI: fu740: Set the number of MSI vectors (git-fixes).
- PCI/ASPM: Use RMW accessors for changing LNKCTL (git-fixes).
- PCI: Make link retraining use RMW accessors for changing LNKCTL
(git-fixes).
- PCI: Add locking to RMW PCI Express Capability Register
accessors (git-fixes).
- kABI: PCI: Add locking to RMW PCI Express Capability Register
accessors (kabi).
- PCI: qcom: Use DWC helpers for modifying the read-only DBI
registers (git-fixes).
- commit 150da46
- x86/CPU/AMD: Update the Zenbleed microcode revisions (git-fixes).
- commit 20654b5
- wifi: ath11k: decrease MHI channel buffer length to 8KB
(bsc#1207948).
- commit ccda276
- x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD (git-fixes).
- commit 76719ba
- nvme: fix reconnection fail due to reserved tag allocation
(git-fixes).
- commit 08c50ef
- blacklist.conf: add a couple of PCI ones
- commit 37e30e0
- bpf, scripts: Correct GPL license name (git-fixes).
- commit b7a1062
- Refresh
patches.suse/nfsd4-add-refcount-for-nfsd4_blocked_lock.patch.
Add another commit id
- commit 6697f38
- blacklist.conf: add unwanted nfs commit
- commit a4cc44e
- NFSv4.2: fix wrong shrinker_id (git-fixes).
- commit 5ba59c3
- Add cherry-picked id of amdgpu patch (git-fixes)
- commit 3498702
- spi: spi-mt65xx: Fix NULL pointer access in interrupt handler
(git-fixes).
- spi: lm70llp: fix links in doc and comments (git-fixes).
- drm: Fix drm_fixp2int_round() making it add 0.5 (git-fixes).
- nouveau: reset the bo resource bus info after an eviction
(git-fixes).
- rtc: mt6397: select IRQ_DOMAIN instead of depending on it
(git-fixes).
- soc: fsl: qbman: Always disable interrupts when taking cgr_lock
(git-fixes).
- kconfig: fix infinite loop when expanding a macro at the end
of file (git-fixes).
- slimbus: core: Remove usage of the deprecated ida_simple_xx()
API (git-fixes).
- iio: dummy_evgen: remove Excess kernel-doc comments (git-fixes).
- serial: 8250_exar: Don't remove GPIO device on suspend
(git-fixes).
- tty: serial: samsung: fix tx_empty() to return TIOCSER_TEMT
(git-fixes).
- serial: max310x: fix syntax error in IRQ error message
(git-fixes).
- tty: vt: fix 20 vs 0x20 typo in EScsiignore (git-fixes).
- usb: gadget: net2272: Use irqflags in the call to
net2272_probe_fin (git-fixes).
- usb: typec: ucsi: Clean up UCSI_CABLE_PROP macros (git-fixes).
- usb: xhci: Add error handling in xhci_map_urb_for_dma
(git-fixes).
- usb: audio-v2: Correct comments for struct
uac_clock_selector_descriptor (git-fixes).
- commit d110a91
- blacklist.conf: add usb gadget patch to be reverted later
- commit d1cbd2f
- Add cherry-picked id to amdgpu patch
- commit 2d7799f
- x86/sev: Harden #VC instruction emulation somewhat (CVE-2024-25742 bsc#1221725).
- commit 02ed75a
- ubifs: Queue up space reservation tasks if retrying many times
(git-fixes).
- commit 061dcaa
- ubifs: dbg_check_idx_size: Fix kmemleak if loading znode failed
(git-fixes).
- commit 493a02c
- ubifs: Remove unreachable code in dbg_check_ltab_lnum
(git-fixes).
- commit 2771652
- ubifs: fix sort function prototype (git-fixes).
- commit 6125609
- Update patches.suse/dmaengine-fix-NULL-pointer-in-channel-unregistration.patch (git-fixes bsc#1221276 CVE-2023-52492)
- commit 7007f7d
- ubifs: Set page uptodate in the correct place (git-fixes).
- commit 219703b
- iommu/vt-d: Allow to use flush-queue when first level is
default (git-fixes).
- commit 1821f9c
- iommu/vt-d: Fix PASID directory pointer coherency (git-fixes).
- commit 23b5322
- iommu/vt-d: Set No Execute Enable bit in PASID table entry
(git-fixes).
- commit 3ba9d71
- iommu/mediatek-v1: Fix an error handling path in
mtk_iommu_v1_probe() (git-fixes).
- commit 3b5ce5d
- Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security
(bsc#1219170 CVE-2024-22099).
- commit ece27a6
- scsi: qla2xxx: Update version to 10.02.09.200-k (bsc1221816).
- scsi: qla2xxx: Delay I/O Abort on PCI error (bsc1221816).
- scsi: qla2xxx: Change debug message during driver unload
(bsc1221816).
- scsi: qla2xxx: Fix double free of fcport (bsc1221816).
- scsi: qla2xxx: Fix double free of the ha->vp_map pointer
(bsc1221816).
- scsi: qla2xxx: Fix command flush on cable pull (bsc1221816).
- scsi: qla2xxx: NVME|FCP prefer flag not being honored
(bsc1221816).
- scsi: qla2xxx: Update manufacturer detail (bsc1221816).
- scsi: qla2xxx: Split FCE|EFT trace control (bsc1221816).
- scsi: qla2xxx: Fix N2N stuck connection (bsc1221816).
- scsi: qla2xxx: Prevent command send on chip reset (bsc1221816).
- commit ac0c897
- scsi: lpfc: Copyright updates for 14.4.0.1 patches
(bsc#1221777).
- scsi: lpfc: Update lpfc version to 14.4.0.1 (bsc#1221777).
- scsi: lpfc: Define types in a union for generic void *context3
ptr (bsc#1221777).
- scsi: lpfc: Define lpfc_dmabuf type for ctx_buf ptr
(bsc#1221777).
- scsi: lpfc: Define lpfc_nodelist type for ctx_ndlp ptr
(bsc#1221777).
- scsi: lpfc: Use a dedicated lock for ras_fwlog state
(bsc#1221777).
- scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up()
(bsc#1221777).
- scsi: lpfc: Replace hbalock with ndlp lock in
lpfc_nvme_unregister_port() (bsc#1221777).
- scsi: lpfc: Update lpfc_ramp_down_queue_handler() logic
(bsc#1221777).
- scsi: lpfc: Remove IRQF_ONESHOT flag from threaded IRQ handling
(bsc#1221777 bsc#1217959).
- scsi: lpfc: Move NPIV's transport unregistration to after
resource clean up (bsc#1221777).
- scsi: lpfc: Remove unnecessary log message in queuecommand path
(bsc#1221777).
- scsi: lpfc: Correct size for cmdwqe/rspwqe for memset()
(bsc#1221777).
- scsi: lpfc: Correct size for wqe for memset() (bsc#1221777).
- commit 173a64c
- firmware: arm_scmi: Check mailbox/SMT channel for consistency (bsc#1221375 CVE-2023-52608)
- commit f829935
- net: Fix features skip in for_each_netdev_feature() (git-fixes).
- commit dfc50d6
- ntfs: fix use-after-free in ntfs_ucsncmp() (bsc#1221713).
- commit c06fc74
- vdpa/mlx5: Allow CVQ size changes (git-fixes).
- commit b983475
- NFS: Fix an off by one in root_nfs_cat() (git-fixes).
- NFSv4.2: fix listxattr maximum XDR buffer size (git-fixes).
- NFSv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102
(git-fixes).
- net: sunrpc: Fix an off by one in rpc_sockaddr2uaddr()
(git-fixes).
- NFSD: Retransmit callbacks after client reconnects (git-fixes).
- NFSD: Reschedule CB operations when backchannel rpc_clnt is
shut down (git-fixes).
- NFSD: Convert the callback workqueue to use delayed_work
(git-fixes).
- NFSD: Reset cb_seq_status after NFS4ERR_DELAY (git-fixes).
- NFSD: fix LISTXATTRS returning more bytes than maxcount
(git-fixes).
- NFSD: fix LISTXATTRS returning a short list with eof=TRUE
(git-fixes).
- NFSD: change LISTXATTRS cookie encoding to big-endian
(git-fixes).
- NFSD: fix nfsd4_listxattr_validate_cookie (git-fixes).
- SUNRPC: fix some memleaks in gssx_dec_option_array (git-fixes).
- SUNRPC: fix a memleak in gss_import_v2_context (git-fixes).
- nfsd: use vfs setgid helper (git-fixes).
- commit 90396a4
- clk: zynq: Prevent null pointer dereference caused by kmalloc
failure (git-fixes).
- commit 6c59283
- media: imx: csc/scaler: fix v4l2_ctrl_handler memory leak
(git-fixes).
- commit c2aa41d
- iommu/dma: Trace bounce buffer usage when mapping buffers
(git-fixes).
- commit e3645be
- media: staging: ipu3-imgu: Set fields before
media_entity_pads_init() (git-fixes).
- commit 5978536
- drm/amd/display: Prevent vtotal from being set to 0 (git-fixes).
- commit 936859f
- Drop temporarily amdgpu patch (to be reapplied later)
- commit 809ae8f
- RDMA/rtrs-clt: Check strnlen return len in sysfs mpath_policy_store() (git-fixes)
- commit 373361b
- RDMA/device: Fix a race between mad_client and cm_client init (git-fixes)
- commit 5b52744
- RDMA/hns: Fix mis-modifying default congestion control algorithm (git-fixes)
- commit 95141c0
- RDMA/srpt: Do not register event handler until srpt device is fully setup (git-fixes)
- commit 5d33595
- RDMA/irdma: Remove duplicate assignment (git-fixes)
- commit 9841c04
- blacklist.conf: cleanup only
- commit ecab69c
- blacklist.conf: kABI
- commit 94731b9
- drm/amd/display: fix hw rotated modes when PSR-SU is enabled
(git-fixes).
- commit dc89308
- drm/amd/display: Fix possible underflow for displays with
large vblank (git-fixes).
- drm/amd/display: Revert vblank change that causes null pointer
crash (git-fixes).
- commit 7e422d7
- Revert "Revert "drm/amdgpu/display: change pipe policy for
DCN 2.0"" (git-fixes).
- drm/amd/display: perform a bounds check before filling dirty
rectangles (git-fixes).
- commit 7922bac
- Refresh patches.suse/drm-amd-display-always-switch-off-ODM-before-committ.patch
Add cherry-pickd id
- commit feac6cf
- Refresh patches.suse/drm-amd-display-Write-to-correct-dirty_rect.patch
Add cherry-picked id
- commit d1b610a
- drm/amd/display: For prefetch mode > 0, extend prefetch if
possible (git-fixes).
- drm/amd/display: Disable PSR-SU on Parade 0803 TCON again
(git-fixes).
- drm/amd/display: Increase frame warning limit with KASAN or
KCSAN in dml (git-fixes).
- drm/amd: Enable PCIe PME from D3 (git-fixes).
- drm/amd/pm: fix a memleak in aldebaran_tables_init (git-fixes).
- drm/amd/display: fix ABM disablement (git-fixes).
- drm/amd/display: Update min Z8 residency time to 2100 for DCN314
(git-fixes).
- drm/amd/display: Remove min_dst_y_next_start check for Z8
(git-fixes).
- drm/amd/display: Use DRAM speed from validation for dummy
p-state (git-fixes).
- drm/amdgpu: Force order between a read and write to the same
address (git-fixes).
- drm/amd/display: Include udelay when waiting for INBOX0 ACK
(git-fixes).
- drm/i915: Call intel_pre_plane_updates() also for pipes getting
enabled (git-fixes).
- drm/panel: auo,b101uan08.3: Fine tune the panel power sequence
(git-fixes).
- drm/amd/display: Enable fast plane updates on DCN3.2 and above
(git-fixes).
- drm/amd/display: fix a NULL pointer dereference in
amdgpu_dm_i2c_xfer() (git-fixes).
- drm/amd/display: Guard against invalid RPTR/WPTR being set
(git-fixes).
- drm/amdgpu: lower CS errors to debug severity (git-fixes).
- drm/amdgpu/smu13: drop compute workload workaround (git-fixes).
- drm/amd/pm: Fix error of MACO flag setting code (git-fixes).
- drm/i915: Add missing CCS documentation (git-fixes).
- drm/amdgpu: Unset context priority is now invalid (git-fixes).
- drm/panel: Move AUX B116XW03 out of panel-edp back to
panel-simple (git-fixes).
- Revert "drm/amd: Disable S/G for APUs when 64GB or more host
memory" (git-fixes).
- drm/amd/display: always switch off ODM before committing more
streams (git-fixes).
- drm/amd/display: Blocking invalid 420 modes on HDMI TMDS for
DCN31 (git-fixes).
- drm/amd/display: Use DTBCLK as refclk instead of DPREFCLK
(git-fixes).
- drm/amd/display: Fix a bug when searching for insert_above_mpcc
(git-fixes).
- commit e9791f4
- Refresh patches.suse/drm-amdgpu-vcn-Disable-indirect-SRAM-on-Vangogh-brok.patch (git-fixes)
Alt-commit
- commit 633cb3b
- Refresh patches.suse/1398-drm-i915-pass-a-pointer-for-tlb-seqno-at-vma_invalid.patch (git-fixes)
Alt-commit
- commit 4cec8c9
- Refresh patches.suse/1866-drm-i915-ttm-fix-32b-build.patch (git-fixes)
Alt-commit
- commit a1a2486
- drm/amd/display: ensure async flips are only accepted for fast
updates (git-fixes).
- drm/exynos: fix a possible null-pointer dereference due to
data race in exynos_drm_crtc_atomic_disable() (git-fixes).
- drm/amdgpu: Update min() to min_t() in 'amdgpu_info_ioctl'
(git-fixes).
- drm/amd/display: Fix underflow issue on 175hz timing
(git-fixes).
- drm/amd/display: dc.h: eliminate kernel-doc warnings
(git-fixes).
- drm/edid: Add quirk for OSVR HDK 2.0 (git-fixes).
- drm/bridge: tc358762: Instruct DSI host to generate HSE packets
(git-fixes).
- drm/amdgpu: Match against exact bootloader status (git-fixes).
- drm/amd/display: Exit idle optimizations before attempt to
access PHY (git-fixes).
- drm/amd/display: Guard DCN31 PHYD32CLK logic against chip family
(git-fixes).
- drm/amd/smu: use AverageGfxclkFrequency* to replace previous
GFX Curr Clock (git-fixes).
- drm/amd/display: Prevent vtotal from being set to 0 (git-fixes).
- drm/amdgpu/pm: make mclk consistent for smu 13.0.7 (git-fixes).
- drm/amdgpu/pm: make gfxclock consistent for sienna cichlid
(git-fixes).
- drm/ttm: Don't leak a resource on eviction error (git-fixes).
- drm/amd/display: Fix the delta clamping for shaper LUT
(git-fixes).
- Revert "drm/amd: Disable PSR-SU on Parade 0803 TCON"
(git-fixes).
- drm/amd/display: Set minimum requirement for using PSR-SU on
Phoenix (git-fixes).
- drm/amd/display: Set minimum requirement for using PSR-SU on
Rembrandt (git-fixes).
- drm/amd/display: Update correct DCN314 register header
(git-fixes).
- drm/amd/display: Fix possible underflow for displays with
large vblank (git-fixes).
- drm/amd/display: update extended blank for dcn314 onwards
(git-fixes).
- drm/amd/display: Restore rptr/wptr for DMCUB as workaround
(git-fixes).
- drm/amd/display: Add FAMS validation before trying to use it
(git-fixes).
- drm/panel: boe-tv101wum-nl6: Fine tune the panel power sequence
(git-fixes).
- drm/amd/display: add ODM case when looking for first split pipe
(git-fixes).
- Revert "drm/amdgpu/display: change pipe policy for DCN 2.0"
(git-fixes).
- Revert "drm/amdgpu/display: change pipe policy for DCN 2.1"
(git-fixes).
- commit 5e1df8b
- drm/amd/display: Keep PHY active for dp config (git-fixes).
- drm/ttm: Don't print error message if eviction was interrupted
(git-fixes).
- Revert "drm/vc4: hdmi: Enforce the minimum rate at
runtime_resume" (git-fixes).
- drm/amd/display: Write to correct dirty_rect (git-fixes).
- drm/amd/display: clean code-style issues in
dcn30_set_mpc_shaper_3dlut (git-fixes).
- drm/amd/display: fix dc/core/dc.c kernel-doc (git-fixes).
- drm/amd/display: add FB_DAMAGE_CLIPS support (git-fixes).
- drm/amd/display: set per pipe dppclk to 0 when dpp is off
(git-fixes).
- drm/amd/display: fix kernel-doc issues in dc.h (git-fixes).
- drm/amd/display: fix unbounded requesting for high pixel rate
modes on dcn315 (git-fixes).
- drm/amd/display: use low clocks for no plane configs
(git-fixes).
- drm/amd/display: Use min transition for all SubVP plane
add/remove (git-fixes).
- drm/amd/display: Rework comments on dc file (git-fixes).
- drm/amd/display: Expand kernel doc for DC (git-fixes).
- drm/amd/display: Avoid ABM when ODM combine is enabled for eDP
(git-fixes).
- drm/amd/display: Update OTG instance in the commit stream
(git-fixes).
- drm/amd/display: Handle seamless boot stream (git-fixes).
- drm/amd/display: Add function for validate and update new stream
(git-fixes).
- drm/amd/display: Handle virtual hardware detect (git-fixes).
- drm/amd/display: Include surface of unaffected streams
(git-fixes).
- drm/amd/display: Copy DC context in the commit streams
(git-fixes).
- drm/amd/display: Enable new commit sequence only for DCN32x
(git-fixes).
- drm/amd/display: Rework context change check (git-fixes).
- drm/amd/display: Check if link state is valid (git-fixes).
- drm: panel-orientation-quirks: Add quirk for Acer Switch V 10
(SW5-017) (git-fixes).
- drm/rockchip: dsi: Clean up 'usage_mode' when failing to attach
(git-fixes).
- drm/vc4: Add module dependency on hdmi-codec (git-fixes).
- drm/i915/gt: Use i915_vm_put on ppgtt_create error paths
(git-fixes).
- commit 17a985c
- watchdog: stm32_iwdg: initialize default timeout (git-fixes).
- crypto: arm/sha - fix function cast warnings (git-fixes).
- crypto: xilinx - call finalize with bh disabled (git-fixes).
- mtd: rawnand: lpc32xx_mlc: fix irq handler prototype
(git-fixes).
- mtd: rawnand: meson: fix scrambling mode value in command macro
(git-fixes).
- mtd: maps: physmap-core: fix flash size larger than 32-bit
(git-fixes).
- media: usbtv: Remove useless locks in usbtv_video_free()
(git-fixes).
- media: ttpci: fix two memleaks in budget_av_attach (git-fixes).
- media: go7007: fix a memleak in go7007_load_encoder (git-fixes).
- media: dvb-frontends: avoid stack overflow warnings with clang
(git-fixes).
- media: pvrusb2: fix uaf in pvr2_context_set_notify (git-fixes).
- media: pvrusb2: fix pvr2_stream_callback casts (git-fixes).
- media: pvrusb2: remove redundant NULL check (git-fixes).
- media: go7007: add check of return value of go7007_read_addr()
(git-fixes).
- media: imx: csc/scaler: fix v4l2_ctrl_handler memory leak
(git-fixes).
- media: sun8i-di: Fix chroma difference threshold (git-fixes).
- media: sun8i-di: Fix power on/off sequences (git-fixes).
- media: sun8i-di: Fix coefficient writes (git-fixes).
- media: edia: dvbdev: fix a use-after-free (git-fixes).
- media: v4l2-mem2mem: fix a memleak in v4l2_m2m_register_entity
(git-fixes).
- media: v4l2-tpg: fix some memleaks in tpg_alloc (git-fixes).
- media: em28xx: annotate unchecked call to
media_device_register() (git-fixes).
- media: xc4000: Fix atomicity violation in xc4000_get_frequency
(git-fixes).
- media: staging: ipu3-imgu: Set fields before
media_entity_pads_init() (git-fixes).
- net: lan78xx: fix runtime PM count underflow on link stop
(git-fixes).
- mmc: mmci: stm32: fix DMA API overlapping mappings warning
(git-fixes).
- drm/amd/display: Wrong colorimetry workaround (git-fixes).
- mmc: mmci: stm32: use a buffer for unaligned DMA requests
(git-fixes).
- commit 6d10a8f
- blacklist.conf: kABI
- commit 6018730
- blacklist.conf: merely a cleanup
- commit f35d79c
- xhci: handle isoc Babble and Buffer Overrun events properly
(git-fixes).
- commit b33a274
- xhci: process isoc TD properly when there was a transaction
error mid TD (git-fixes).
- commit ef9dcf9
- Refresh patches.suse/Revert-drm-amd-pm-resolve-reboot-exception-for-si-ol.patch (git-fixes)
Alt-commit
- commit 51173ed
- Refresh patches.suse/drm-amd-display-Fix-memory-leak-in-dm_sw_fini.patch (git-fixes)
Alt-commit
- commit 9a337ae
- Refresh patches.suse/drm-amdgpu-display-Initialize-gamma-correction-mode-.patch (git-fixes)
Alt-commit
- commit ae35079
- Refresh patches.suse/drm-amd-display-Fix-possible-NULL-dereference-on-dev.patch (git-fixes)
Alt-commit
- commit 968007a
- Refresh patches.suse/Revert-drm-amd-display-increased-min_dcfclk_mhz-and-.patch (git-fixes)
Alt-commit
- commit 29d289f
- Refresh patches.suse/Revert-drm-amd-flush-any-delayed-gfxoff-on-suspend-e.patch (git-fixes)
Alt-commit
- commit 6c8d470
- Refresh patches.suse/drm-amd-display-Fix-possible-buffer-overflow-in-find.patch (git-fixes)
Alt-commit
- commit d66904a
- Refresh patches.suse/drm-amdgpu-Fix-missing-error-code-in-gmc_v6-7-8-9_0_.patch (git-fixes)
Alt-commit
- commit 17a587a
- Refresh patches.suse/drm-bridge-sii902x-Fix-probing-race-issue.patch (git-fixes)
Alt-commit
- commit 0c6bf24
- Refresh patches.suse/drm-i915-dp-Fix-passing-the-correct-DPCD_REV-for-drm.patch (git-fixes)
Alt-commit
- commit eeb30fc
- Refresh patches.suse/drm-amd-Disable-ASPM-for-VI-w-all-Intel-systems.patch (git-fixes)
Alt-commit
- commit 2b0efc6
- Refresh patches.suse/drm-amd-Fix-detection-of-_PR3-on-the-PCIe-root-port.patch (git-fixes)
Alt-commit
- commit 0458ace
- Refresh patches.suse/drm-amd-display-fix-the-white-screen-issue-when-64GB.patch (git-fixes)
Alt-commit
- commit 46ed395
- Refresh patches.suse/drm-amd-display-prevent-potential-division-by-zero-e.patch (git-fixes)
Alt-commit
- commit b7ab8de
- Refresh patches.suse/drm-amd-display-enable-cursor-degamma-for-DCN3-DRM-l.patch (git-fixes)
Alt-commit
- commit 885580e
- Refresh patches.suse/drm-amd-display-Remove-wait-while-locked.patch (git-fixes)
Alt-commit
- commit 43c45c5
- Refresh patches.suse/drm-amd-display-Add-smu-write-msg-id-fail-retry-proc.patch (git-fixes)
Alt-commit
- commit b800d81
- Refresh patches.suse/drm-amd-display-register-edp_backlight_control-for-D.patch (git-fixes)
Alt-commit
- commit 164cdf4
- Refresh patches.suse/drm-amdgpu-fix-Null-pointer-dereference-error-in-amd.patch (git-fixes)
Alt-commit
- commit c814bba
- Refresh patches.suse/drm-amdgpu-gfx10-Disable-gfxoff-before-disabling-pow.patch (git-fixes)
Alt-commit
- commit e937913
- Refresh patches.suse/drm-amd-pm-parse-pp_handle-under-appropriate-conditi.patch (git-fixes)
Alt-commit
- commit f5d987c
- Refresh patches.suse/drm-amd-display-fix-access-hdcp_workqueue-assert.patch (git-fixes)
Alt-commit
- commit 0906f4d
- Refresh patches.suse/drm-amdgpu-nv-Apply-ASPM-quirk-on-Intel-ADL-AMD-Navi.patch (git-fixes)
Alt-commit
- commit c25da25
- Refresh patches.suse/drm-amdgpu-Correct-the-power-calcultion-for-Renior-C.patch (git-fixes)
Alt-commit
- commit bb8f92f
- Refresh patches.suse/0549-drm-amdgpu-enable-Vangogh-VCN-indirect-sram-mode.patch (git-fixes)
Alt-commit
- commit aa42634
- Refresh patches.suse/drm-i915-Never-return-0-if-not-all-requests-retired.patch (git-fixes)
Alt-commit
- commit bf8aa0c
- Refresh patches.suse/drm-i915-Fix-negative-value-passed-as-remaining-time.patch (git-fixes)
Alt-commit
- commit 33c3117
- Refresh patches.suse/drm-display-dp_mst-Fix-drm_dp_mst_add_affected_dsc_c.patch (git-fixes)
Alt-commit
- commit 5f0e59c
- Refresh patches.suse/1631-drm-i915-gem-Really-move-i915_gem_context.link-under.patch (git-fixes)
Alt-commit
- commit ae7a01a
- Refresh patches.suse/drm-amdgpu-dm-dp_mst-Don-t-grab-mst_mgr-lock-when-co.patch (git-fixes)
Alt-commit
- commit a480119
- Refresh patches.suse/drm-amdgpu-dm-mst-Use-the-correct-topology-mgr-point.patch (git-fixes)
Alt-commit
- commit cfd3d6f
- Refresh patches.suse/1625-drm-i915-vdsc-Set-VDSC-PIC_HEIGHT-before-using-for-D.patch (git-fixes)
Alt-commit
- commit 0691a9b
- Refresh patches.suse/1585-drm-i915-slpc-Let-s-fix-the-PCODE-min-freq-table-set.patch (git-fixes)
Alt-commit
- commit b19cad4
- Refresh patches.suse/1536-drm-i915-guc-clear-stalled-request-after-a-reset.patch (git-fixes)
Alt-commit
- commit fb1fad7
- Refresh patches.suse/1396-drm-i915-gt-Batch-TLB-invalidations.patch (git-fixes)
Alt-commit
- commit 1d66c31
- Refresh patches.suse/1394-drm-i915-gt-Invalidate-TLB-of-the-OA-unit-at-TLB-inv.patch (git-fixes)
Alt-commit
- commit 5c89722
- Refresh patches.suse/1393-drm-i915-gt-Ignore-TLB-invalidations-on-idle-engines.patch (git-fixes)
Alt-commit
- commit 43ab4df
- Refresh patches.suse/1536-drm-i915-guc-clear-stalled-request-after-a-reset.patch (git-fixes)
Alt-commit
- commit 9329ad7
- Refresh patches.suse/1859-drm-i915-selftests-fix-subtraction-overflow-bug.patch (git-fixes)
Alt-commit
- commit 3943b71
- Refresh patches.suse/1855-drm-i915-ttm-fix-sg_table-construction.patch (git-fixes)
Alt-commit
- commit d989f7a
- Refresh patches.suse/1644-i915-guc-reset-Make-__guc_reset_context-aware-of-gui.patch (git-fixes)
Alt-commit
- commit 4511955
- Refresh patches.suse/1639-drm-amd-Don-t-reset-dGPUs-if-the-system-is-going-to-.patch (git-fixes)
Alt-commit
- commit 69ca555
- perf/x86/lbr: Filter vsyscall addresses (bsc#1220703,
CVE-2023-52476).
- commit c52b506
- fs: introduce lock_rename_child() helper (bsc#1221044
CVE-2023-52591).
Refresh patches.suse/fs-Establish-locking-order-for-unrelated-directories.patch
- commit 86376e0
- rename(): avoid a deadlock in the case of parents having no
common ancestor (bsc#1221044 CVE-2023-52591).
- commit 16e3098
- kill lock_two_inodes() (bsc#1221044 CVE-2023-52591).
- commit 8b8deef
- rename(): fix the locking of subdirectories (bsc#1221044
CVE-2023-52591).
- commit 146d81f
- f2fs: Avoid reading renamed directory if parent does not change
(bsc#1221044 CVE-2023-52591).
- commit 5344280
- ext4: don't access the source subdirectory content on
same-directory rename (bsc#1221044 CVE-2023-52591).
- commit b2b6374
- ext2: Avoid reading renamed directory if parent does not change
(bsc#1221044 CVE-2023-52591).
- commit 2edcc11
- udf_rename(): only access the child content on cross-directory
rename (bsc#1221044 CVE-2023-52591).
- commit 0257614
- ocfs2: Avoid touching renamed directory if parent does not
change (bsc#1221044 CVE-2023-52591).
- commit e786f3a
- reiserfs: Avoid touching renamed directory if parent does not
change (git-fixes bsc#1221044 CVE-2023-52591).
Refresh patches.suse/reiserfs-add-check-to-detect-corrupted-directory-entry.patch
Refresh patches.suse/reiserfs-don-t-panic-on-bad-directory-entries.patch
- commit 523ddca
- fs: don't assume arguments are non-NULL (bsc#1221044
CVE-2023-52591).
- commit 2177893
- fs: Restrict lock_two_nondirectories() to non-directory inodes
(bsc#1221044 CVE-2023-52591).
- commit a59a7cb
- fs: ocfs2: check status values (bsc#1221044 CVE-2023-52591).
- commit 8c6576f
- s390/pai: fix attr_event_free upper limit for pai device drivers
(git-fixes bsc#1221633).
- commit dcd390e
- KVM: s390: only deliver the set service event bits (git-fixes
bsc#1221631).
- commit 6e3593c
- Update
patches.suse/s390-vfio-ap-always-filter-entire-AP-matrix.patch
(git-fixes bsc#1219012 CVE-2024-26620 bsc#1221298).
- commit 4fb9779
- iommu/vt-d: Don't issue ATS Invalidation request when device
is disconnected (git-fixes).
- commit 4c37f6f
- net/sched: Add module alias for sch_fq_pie (bsc#1210335 CVE-2023-1829).
- commit a69d933
- net/sched: Remove alias of sch_clsact (bsc#1210335 CVE-2023-1829).
- net/sched: Load modules via their alias (bsc#1210335 CVE-2023-1829).
- net/sched: Add module aliases for cls_,sch_,act_ modules
(bsc#1210335 CVE-2023-1829).
- net/sched: Add helper macros with module names (bsc#1210335 CVE-2023-1829).
- net/sched: Remove alias of sch_clsact (bsc#1210335 CVE-2023-1829).
- net/sched: Load modules via their alias (bsc#1210335 CVE-2023-1829).
- net/sched: Add module aliases for cls_,sch_,act_ modules
(bsc#1210335 CVE-2023-1829).
- net/sched: Add helper macros with module names (bsc#1210335 CVE-2023-1829).
- commit 961c535
- nilfs2: prevent kernel bug at submit_bh_wbc() (git-fixes).
- nilfs2: fix failure to detect DAT corruption in btree and
direct mappings (git-fixes).
- ALSA: usb-audio: Stop parsing channels bits when all channels
are found (git-fixes).
- ALSA: aaci: Delete unused variable in aaci_do_suspend
(git-fixes).
- ASoC: meson: axg-tdm-interface: add frame rate constraint
(git-fixes).
- ASoC: meson: axg-tdm-interface: fix mclk setup without mclk-fs
(git-fixes).
- ASoC: amd: acp: Add missing error handling in sof-mach
(git-fixes).
- ALSA: seq: fix function cast warnings (git-fixes).
- ALSA: aw2: avoid casting function pointers (git-fixes).
- ALSA: ctxfi: avoid casting function pointers (git-fixes).
- PCI: dwc: endpoint: Fix advertised resizable BAR size
(git-fixes).
- PCI: switchtec: Fix an error handling path in
switchtec_pci_probe() (git-fixes).
- PCI/P2PDMA: Fix a sleeping issue in a RCU read section
(git-fixes).
- PCI: Mark 3ware-9650SE Root Port Extended Tags as broken
(git-fixes).
- PCI/DPC: Print all TLP Prefixes, not just the first (git-fixes).
- PCI/AER: Fix rootport attribute paths in ABI docs (git-fixes).
- platform/mellanox: mlxreg-hotplug: Remove redundant NULL-check
(git-fixes).
- leds: aw2013: Unlock mutex before destroying it (git-fixes).
- backlight: lp8788: Fully initialize backlight_properties during
probe (git-fixes).
- backlight: lm3639: Fully initialize backlight_properties during
probe (git-fixes).
- backlight: da9052: Fully initialize backlight_properties during
probe (git-fixes).
- backlight: lm3630a: Don't set bl->props.brightness in
get_brightness (git-fixes).
- backlight: lm3630a: Initialize backlight_properties on init
(git-fixes).
- mfd: altera-sysmgr: Call of_node_put() only when
of_parse_phandle() takes a ref (git-fixes).
- mfd: syscon: Call of_node_put() only when of_parse_phandle()
takes a ref (git-fixes).
- pinctrl: mediatek: Drop bogus slew rate register range for
MT8192 (git-fixes).
- HID: lenovo: Add middleclick_workaround sysfs knob for cptkbd
(git-fixes).
- HID: amd_sfh: Update HPD sensor structure elements (git-fixes).
- commit d46946b
- x86/mmio: Disable KVM mitigation when X86_FEATURE_CLEAR_CPU_BUF is set (bsc#1213456 CVE-2023-28746).
This is an optimisation patch which got added late so there's no hurry
to merge it.
- commit 69db574
- Properly sort already upstream patches
- Refresh
patches.suse/Documentation-hw-vuln-Add-documentation-for-RFDS.patch.
- Refresh
patches.suse/KVM-x86-Export-RFDS_NO-and-RFDS_CLEAR-to-guests.patch.
- Refresh
patches.suse/x86-entry-ia32-Ensure-s32-is-sign-extended-to-s64.patch.
- Refresh
patches.suse/x86-rfds-Mitigate-Register-File-Data-Sampling-RFDS.patch.
- commit fe7e19d
- iommu/amd: Mark interrupt as managed (git-fixes).
- commit 7365cc3
- arm64: dts: imx8mm-venice-gw71xx: fix USB OTG VBUS (git-fixes)
- commit e4605be
- blacklist.conf: ("arm64: dts: imx8mm-kontron: Disable pullups for I2C signals on SL/BL")
- commit 037b20c
- blacklist.conf: ("arm64: dts: imx8mm-kontron: Disable pull resistors for SD card")
- commit a5753b4
- blacklist.conf: ("arm64: dts: imx8mm-kontron: Disable pullups for onboard UART signals")
- commit 1c17a18
- arm64: dts: allwinner: h6: Add RX DMA channel for SPDIF (git-fixes)
- commit f4fdf95
- arm64: dts: rockchip: set num-cs property for spi on px30 (git-fixes)
- commit a51708e
- arm64: mm: fix VA-range sanity check (git-fixes)
- commit dd606ae
- arm64: set __exception_irq_entry with __irq_entry as a default (git-fixes)
- commit 4c81404
- arm64: dts: rockchip: fix regulator name on rk3399-rock-4 (git-fixes)
- commit 59dc2f8
- arm64: dts: rockchip: add SPDIF node for ROCK Pi 4 (git-fixes)
- commit b5996a2
- arm64: dts: rockchip: add ES8316 codec for ROCK Pi 4 (git-fixes)
- commit 499e8df
- Update patches.kabi/kabi-fix-zone-unaccepted-memory.patch
(jsc#PED-7167 bsc#1218643 bsc#1221338 bsc#1220114).
- commit 727559f
- Make NVIDIA Grace-Hopper TPM related drivers build-ins (bsc#1221156)
- commit d2f65b3
- drm/msm/dpu: add division of drm_display_mode's hskew parameter
(git-fixes).
- drm/etnaviv: Restore some id values (git-fixes).
- drm/amdgpu: Fix missing break in ATOM_ARG_IMM Case of
atom_get_src_int() (git-fixes).
- drm/msm/dpu: Only enable DSC_MODE_MULTIPLEX if dsc_merge is
enabled (git-fixes).
- drm/msm/dpu: fix the programming of INTF_CFG2_DATA_HCTL_EN
(git-fixes).
- drm/msm/dpu: improve DSC allocation (git-fixes).
- drm/mediatek: Fix a null pointer crash in
mtk_drm_crtc_finish_page_flip (git-fixes).
- drm/mediatek: dsi: Fix DSI RGB666 formats and definitions
(git-fixes).
- drm/tidss: Fix sync-lost issue with two displays (git-fixes).
- drm/tidss: Fix initial plane zpos values (git-fixes).
- drm/tegra: put drm_gem_object ref on error in tegra_fb_create
(git-fixes).
- drm/radeon/ni: Fix wrong firmware size logging in
ni_init_microcode() (git-fixes).
- drm/amd/display: Fix a potential buffer overflow in
'dp_dsc_clock_en_read()' (git-fixes).
- drm/radeon/ni_dpm: remove redundant NULL check (git-fixes).
- drm/radeon: remove dead code in ni_mc_load_microcode()
(git-fixes).
- drm/vmwgfx: Fix possible null pointer derefence with invalid
contexts (git-fixes).
- media: tc358743: register v4l2 async device only after
successful setup (git-fixes).
- drm/lima: fix a memleak in lima_heap_alloc (git-fixes).
- PM: suspend: Set mem_sleep_current during kernel command line
setup (git-fixes).
- mmc: core: Fix switch on gp3 partition (git-fixes).
- mmc: wmt-sdmmc: remove an incorrect release_mem_region()
call in the .remove function (git-fixes).
- mmc: tmio: avoid concurrent runs of mmc_request_done()
(git-fixes).
- pwm: mediatek: Update kernel doc for struct pwm_mediatek_of_data
(git-fixes).
- commit 7758a76
- drm/panel-edp: use put_sync in unprepare (git-fixes).
- drm/rockchip: lvds: do not print scary message when probing
defer (git-fixes).
- drm/rockchip: lvds: do not overwrite error code (git-fixes).
- drm/vmwgfx: fix a memleak in vmw_gmrid_man_get_node (git-fixes).
- drm: Don't treat 0 as -1 in drm_fixp2int_ceil (git-fixes).
- drm/rockchip: inno_hdmi: Fix video timing (git-fixes).
- drm/tegra: output: Fix missing i2c_put_adapter() in the error
handling paths of tegra_output_probe() (git-fixes).
- drm/tegra: rgb: Fix missing clk_put() in the error handling
paths of tegra_dc_rgb_probe() (git-fixes).
- drm/tegra: rgb: Fix some error handling paths in
tegra_dc_rgb_probe() (git-fixes).
- drm/tegra: dsi: Fix missing pm_runtime_disable() in the error
handling path of tegra_dsi_probe() (git-fixes).
- drm/tegra: dpaux: Fix PM disable depth imbalance in
tegra_dpaux_probe (git-fixes).
- drm/tegra: dsi: Add missing check for of_find_device_by_node
(git-fixes).
- ACPI: processor_idle: Fix memory leak in
acpi_processor_power_exit() (git-fixes).
- ACPI: resource: Add MAIBENBEN X577 to
irq1_edge_low_force_override (git-fixes).
- ACPI: scan: Fix device check notification handling (git-fixes).
- ACPI: CPPC: enable AMD CPPC V2 support for family 17h processors
(git-fixes).
- cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's
return value (git-fixes).
- cpufreq: amd-pstate: Fix min_perf assignment in
amd_pstate_adjust_perf() (git-fixes).
- commit 1cf1fe2
- RAS: Export helper to get ras_debugfs_dir (jsc#PED-7619).
- commit 2d174a0
- powerpc/pseries: Fix potential memleak in papr_get_attr()
(bsc#1200465 ltc#197256 jsc#SLE-18130 git-fixes).
- commit 3aea930
- RAS/AMD/FMPM: Fix off by one when unwinding on error (jsc#PED-7619).
- commit b104443
- RAS/AMD/FMPM: Add debugfs interface to print record entries (jsc#PED-7619).
- commit 0fb8312
- RAS/AMD/FMPM: Save SPA values (jsc#PED-7619).
- commit 749cc57
- Sort the AMD edac patches
- Refresh
patches.suse/Documentation-RAS-Add-index-and-address-translation-sectio.patch.
- Refresh
patches.suse/EDAC-amd64-Use-new-AMD-Address-Translation-Library.patch.
- Refresh
patches.suse/RAS-AMD-ATL-Add-MI300-DRAM-to-normalized-address-translati.patch.
- Refresh
patches.suse/RAS-AMD-ATL-Add-MI300-row-retirement-support.patch.
- Refresh patches.suse/RAS-AMD-ATL-Add-MI300-support.patch.
- Refresh
patches.suse/RAS-AMD-ATL-Fix-array-overflow-in-get_logical_coh_st_fabri.patch.
- Refresh
patches.suse/RAS-AMD-ATL-Fix-bit-overflow-in-denorm_addr_df4_np2.patch.
- Refresh
patches.suse/RAS-Introduce-AMD-Address-Translation-Library.patch.
- Refresh
patches.suse/RAS-Introduce-a-FRU-memory-poison-manager.patch.
- commit 9e22745
- net: phy: fix phy_get_internal_delay accessing an empty array
(git-fixes).
- Bluetooth: Remove superfluous call to hci_conn_check_pending()
(git-fixes).
- Bluetooth: mgmt: Remove leftover queuing of power_off work
(git-fixes).
- Bluetooth: Remove HCI_POWER_OFF_TIMEOUT (git-fixes).
- wifi: rtw88: 8821c: Fix false alarm count (git-fixes).
- wifi: ath11k: initialize rx_mcs_80 and rx_mcs_160 before use
(git-fixes).
- wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init
is complete (git-fixes).
- wifi: brcmsmac: avoid function pointer casts (git-fixes).
- wifi: wilc1000: prevent use-after-free on vif when cleaning
up all interfaces (git-fixes).
- wifi: iwlwifi: mvm: don't set replay counters to 0xff
(git-fixes).
- wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer()
(git-fixes).
- wifi: iwlwifi: mvm: use FW rate for non-data only on new devices
(git-fixes).
- wifi: iwlwifi: fix EWRD table validity check (git-fixes).
- wifi: iwlwifi: dbg-tlv: ensure NUL termination (git-fixes).
- wifi: iwlwifi: mvm: report beacon protection failures
(git-fixes).
- wifi: brcmfmac: fix copyright year mentioned in platform_data
header (git-fixes).
- wifi: ath10k: fix NULL pointer dereference in
ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (git-fixes).
- can: softing: remove redundant NULL check (git-fixes).
- wifi: mwifiex: debugfs: Drop unnecessary error check for
debugfs_create_dir() (git-fixes).
- wifi: wilc1000: fix multi-vif management when deleting a vif
(git-fixes).
- wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work
(git-fixes).
- wifi: b43: Disable QoS for bcm4331 (git-fixes).
- wifi: b43: Stop correct queue in DMA worker when QoS is disabled
(git-fixes).
- wifi: b43: Stop/wake correct queue in PIO Tx path when QoS is
disabled (git-fixes).
- wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is
disabled (git-fixes).
- doc-guide: kernel-doc: tell about object-like macros
(git-fixes).
- commit 15851fa
- nfsd: don't take fi_lock in nfsd_break_deleg_cb() (git-fixes).
- NFSv4.1: fixup use EXCHGID4_FLAG_USE_PNFS_DS for DS server
(git-fixes).
- commit 407c3c5
- Refresh patches.suse/nfsd-fix-RELEASE_LOCKOWNER.patch.
Add git-commit info
- commit bc859f9
- pNFS: Fix the pnfs block driver's calculation of layoutget size
(git-fixes).
- NFSv4.1/pnfs: Ensure we handle the error NFS4ERR_RETURNCONFLICT
(git-fixes).
- blocklayoutdriver: Fix reference leak of pnfs_device_node
(git-fixes).
- SUNRPC: Fix a suspicious RCU usage warning (git-fixes).
- nfsd: fix file memleak on client_opens_release (git-fixes).
- SUNRPC: Fix RPC client cleaned up the freed pipefs dentries
(git-fixes).
- NFSv4.1: fix SP4_MACH_CRED protection for pnfs IO (git-fixes).
- SUNRPC: Add an IS_ERR() check back to where it was (git-fixes).
- SUNRPC: ECONNRESET might require a rebind (git-fixes).
- svcrdma: Drop connection after an RDMA Read error (git-fixes).
- nfsd: lock_rename() needs both directories to live on the same
fs (git-fixes).
- pNFS/flexfiles: Check the layout validity in
ff_layout_mirror_prepare_stats (git-fixes).
- pNFS: Fix a hang in nfs4_evict_inode() (git-fixes).
- Revert "SUNRPC dont update timeout value on connection reset"
(git-fixes).
- NFSv4: Fix a state manager thread deadlock regression
(git-fixes).
- NFSv4: Fix a nfs4_state_manager() race (git-fixes).
- NFSv4.1: use EXCHGID4_FLAG_USE_PNFS_DS for DS server
(git-fixes).
- NFS: rename nfs_client_kset to nfs_kset (git-fixes).
- commit dc5b918
- Refresh patches.kabi/team-Hide-new-member-header-ops.patch.
Fix for kABI workaround.
- commit 6ba2f5d
- ceph: fix deadlock or deadcode of misusing dget() (bsc#1221058
CVE-2023-52583).
- commit 1a81018
- sched/rt: Disallow writing invalid values to sched_rt_period_us
(bsc#1220176).
- commit ee86051
- Update
patches.suse/netfs-fscache-Prevent-Oops-in-fscache_put_cache.patch
(bsc#1220003 bsc#1221291 CVE-2024-26612).
- commit 0607d13
- netfs: Only call folio_start_fscache() one time for each folio
(CVE-2023-52582 bsc#1220878).
- commit dfd082b
- netfs: Only call folio_start_fscache() one time for each folio
(CVE-2023-52582 bsc#1220878).
- commit b301f9c
- Refresh
patches.suse/mm-ima-kexec-of-use-memblock_free_late-from-ima_free.patch.
Fix:
* Section mismatch (function ima_free_kexec_buffer()) in modpost: vmlinux.o in ima_free_kexec_buffer()
WARNING: modpost: vmlinux.o(.text+0xac1250): Section mismatch in reference from the function ima_free_kexec_buffer() to the function .init.text:__memblock_free_late()
- commit 5522f01
- scsi: target: core: Silence the message about unknown VPD pages
(bsc#1221252).
- commit 1d550ca
- sched/rt: sysctl_sched_rr_timeslice show default timeslice
after reset (bsc#1220176).
- commit 4ac46cd
- powerpc/pseries/iommu: IOMMU table is not initialized for
kdump over SR-IOV (bsc#1220492 ltc#205270).
- commit 27b28f5
- Update
patches.suse/usb-hub-Guard-against-accesses-to-uninitialized-BOS-.patch
(bsc#1220790 CVE-2023-52477).
- commit d33bab7
- nvmet-fc: take ref count on tgtport before delete assoc
(git-fixes).
- nvmet-fc: avoid deadlock on delete association path (git-fixes).
- nvmet-fc: abort command when there is no binding (git-fixes).
- nvmet-fc: hold reference on hostport match (git-fixes).
- nvmet-fc: defer cleanup using RCU properly (git-fixes).
- nvmet-fc: release reference on target port (git-fixes).
- nvmet-fcloop: swap the list_add_tail arguments (git-fixes).
- nvme-fc: do not wait in vain when unloading module (git-fixes).
- nvmet-tcp: fix nvme tcp ida memory leak (git-fixes).
- commit 4d1e993
- raid1: fix use-after-free for original bio in
raid1_write_request() (bsc#1221097).
- md: fix data corruption for raid456 when reshape restart while
grow up (git-fixes).
- commit 35ee14b
- i2c: aspeed: Fix the dummy irq expected print (git-fixes).
- i2c: wmt: Fix an error handling path in wmt_i2c_probe()
(git-fixes).
- i2c: i801: Avoid potential double call to
gpiod_remove_lookup_table (git-fixes).
- comedi: comedi_test: Prevent timers rescheduling during deletion
(git-fixes).
- iio: pressure: dlhl60d: Initialize empty DLH bytes (git-fixes).
- tty: serial: fsl_lpuart: avoid idle preamble pending if CTS
is enabled (git-fixes).
- vt: fix unicode buffer corruption when deleting characters
(git-fixes).
- usb: port: Don't try to peer unused USB ports based on location
(git-fixes).
- usb: gadget: ncm: Fix handling of zero block length packets
(git-fixes).
- USB: usb-storage: Prevent divide-by-0 error in
isd200_ata_command (git-fixes).
- Input: synaptics-rmi4 - fix UAF of IRQ domain on driver removal
(git-fixes).
- ASoC: rcar: adg: correct TIMSEL setting for SSI9 (git-fixes).
- ASoC: madera: Fix typo in madera_set_fll_clks shift value
(git-fixes).
- ALSA: hda/realtek - Fix headset Mic no show at resume back
for Lenovo ALC897 platform (git-fixes).
- drm/i915/selftests: Fix dependency of some timeouts on HZ
(git-fixes).
- drm/i915: Check before removing mm notifier (git-fixes).
- commit 5e91dbb
- s390/vfio-ap: wire in the vfio_device_ops request callback
(bsc#1205316).
- commit dc0bc15
- s390/vfio-ap: realize the VFIO_DEVICE_SET_IRQS ioctl
(bsc#1205316).
- commit 17d9de4
- Fix "coresight: etm4x: Change etm4_platform_driver driver for MMIO devices" (bsc#1220775)
Hunk with clk_put(drvdata->pclk) was incorrectly moved to another function.
- Refresh patches.suse/coresight-etm4x-Change-etm4_platform_driver-driver-for-MMIO-devices.patch.
- Refresh patches.suse/coresight-etm4x-Ensure-valid-drvdata-and-clock-before-clk_put.patch.
- commit 8983adc
- raid1: fix use-after-free for original bio in
raid1_write_request() (bsc#1221097).
- commit 5154c94
- s390/vfio-ap: realize the VFIO_DEVICE_GET_IRQ_INFO ioctl
(bsc#1205316).
- commit dbbf2ae
- ALSA: hda/realtek: fix mute/micmute LED For HP mt440
(git-fixes).
- ALSA: hda/realtek: Enable Mute LED on HP 840 G8 (MB 8AB8)
(git-fixes).
- commit d4f6f9f
- drm/radeon: check the alloc_workqueue return value in radeon_crtc_init() (bsc#1220413 CVE-2023-52470).
- commit 9d7d799
- drivers/amd/pm: fix a use-after-free in kv_parse_power_table (bsc#1220411 CVE-2023-52469).
- commit f4f0cf4
- coresight: etm: Override TRCIDR3.CCITMIN on errata affected cpus (bsc#1220775)
- commit 4473cfd
- coresight: etm4x: Do not access TRCIDR1 for identification (bsc#1220775)
- Refresh patches.suse/coresight-etm4x-Change-etm4_platform_driver-driver-for-MMIO-devices.patch.
- Refresh patches.suse/coresight-etm4x-Ensure-valid-drvdata-and-clock-before-clk_put.patch.
- commit ef5cdf7
- IB/ipoib: Fix mcast list locking (git-fixes)
- commit 8d1c71a
- RDMA/IPoIB: Fix error code return in ipoib_mcast_join (git-fixes)
- commit c54bb31
- coresight: etm4x: Fix accesses to TRCSEQRSTEVR and TRCSEQSTR (bsc#1220775)
- commit fba33fc
- group-source-files.pl: Quote filenames (boo#1221077).
The kernel source now contains a file with a space in the name.
Add quotes in group-source-files.pl to avoid splitting the filename.
Also use -print0 / -0 when updating timestamps.
- commit a005e42
- mm,ima,kexec,of: use memblock_free_late from
ima_free_kexec_buffer (bsc#1220872 CVE-2023-52576).
- commit b1b1c9a
- PCI/MSI: Prevent MSI hardware interrupt number truncation (bsc#1218777)
- commit 5410859
- Update patches.suse/phy-ti-phy-omap-usb2-Fix-NULL-pointer-dereference-fo.patch (git-fixes,bsc#1220340,CVE-2024-26600)
- commit e321d5a
- phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP (bsc#1220340,CVE-2024-26600)
- commit 78e2b4a
- erofs: fix lz4 inplace decompression (CVE-2023-52497
bsc#1220879).
- commit ddeedf9
- ACPI: extlog: fix NULL pointer dereference check (bsc#1221039
CVE-2023-52605).
- commit 635c481
- Update patches.suse/arm64-errata-Add-Cortex-A520-speculative-unprivileged-load-workaround.patch (bsc#1219443, bsc#1220887, CVE-2023-52481)
- commit 52243ca
- kernel-binary: Fix i386 build
Fixes: 89eaf4cdce05 ("rpm templates: Move macro definitions below buildrequires")
- commit f7c6351
- btrfs: remove BUG() after failure to insert delayed dir index
item (bsc#1220918 CVE-2023-52569).
- btrfs: improve error message after failure to add delayed dir
index item (bsc#1220918 CVE-2023-52569).
- commit 53e1d2d
- net: nfc: fix races in nfc_llcp_sock_get() and
nfc_llcp_sock_get_sn() (CVE-2023-52502 bsc#1220831).
- commit 8c33586
- kabi: team: Hide new member header_ops (bsc#1220870
CVE-2023-52574).
- commit 9f49992
- KVM: s390: fix setting of fpc register (git-fixes bsc#1220392
bsc#1221040 CVE-2023-52597).
- commit a90b87c
- tracing: Inform kmemleak of saved_cmdlines allocation
(git-fixes).
- commit bb07230
- Update
patches.suse/ceph-drop-messages-from-MDS-when-unmounting.patch
(jsc#SES-1880 CVE-2022-48628 bsc#1220848).
- commit 187fa94
- kernel-binary: vdso: fix filelist for non-usrmerged kernel
Fixes: a6ad8af207e6 ("rpm templates: Always define usrmerged")
- commit fb3f221
- bpf, sockmap: Reject sk_msg egress redirects to non-TCP sockets
(bsc#1220926 CVE-2023-52523).
- commit 90d9f50
- md: Make sure md_do_sync() will set MD_RECOVERY_DONE
(git-fixes).
- md: Don't ignore suspended array in md_check_recovery()
(git-fixes).
- md: Whenassemble the array, consult the superblock of the
freshest device (git-fixes).
- md: don't leave 'MD_RECOVERY_FROZEN' in error path of
md_set_readonly() (git-fixes).
- md/raid6: use valid sector values to determine if an I/O should
wait on the reshape (git-fixes).
- md/raid5: release batch_last before waiting for another
stripe_head (git-fixes).
- md/raid10: check slab-out-of-bounds in md_bitmap_get_counter
(git-fixes).
- md: introduce md_ro_state (git-fixes).
- commit cef73db
- aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts
(bsc#1218562 CVE-2023-6270).
- commit 57a4cd4
- efivarfs: force RO when remounting if SetVariable is not
supported (bsc#1220328 CVE-2023-52463).
- commit eed7fb0
- topology: Fix up build warning in topology_is_visible()
(jsc#PED-7618).
- commit 6c82a8d
- topology/sysfs: Hide PPIN on systems that do not support it
(jsc#PED-7618).
- commit d8d9717
- blacklist.conf: add non-backport md git-fixes commits
- commit b13564d
- iommu/vt-d: Avoid memory allocation in iommu_suspend()
(CVE-2023-52559 bsc#1220933).
- commit c9b01ef
- Refresh patches.suse/0001-powerpc-pseries-memhp-Fix-access-beyond-end-of-drmem.patch.
- update to upstream version
- rename to same name as SLE15 SP5
- commit 1d2def1
- ravb: Fix use-after-free issue in ravb_tx_timeout_work()
(bsc#1212514 CVE-2023-35827).
- team: fix null-ptr-deref when team device type is changed
(bsc#1220870 CVE-2023-52574).
- commit 2cc53f5
- Update
patches.suse/ice-xsk-return-xsk-buffers-back-to-pool-when-cleanin.patch
(jsc#SLE-18375 bsc#1220961 CVE-2021-47105).
- Update patches.suse/net-mana-Fix-TX-CQE-error-handling.patch
(bsc#1215986 bsc#1220932 CVE-2023-52532).
- Update
patches.suse/net-mlx5e-Wrap-the-tx-reporter-dump-callback-to-extr.patch
(jsc#SLE-19253 bsc#1220486 CVE-2021-46931).
Added CVE references.
- commit 3e396c2
- Input: pm8941-powerkey - fix debounce on gen2+ PMICs
(git-fixes).
- commit bbebd44
- Input: pm8941-pwrkey - add support for PON GEN3 base addresses
(git-fixes).
- commit 7ab5a9e
- Update patches.suse/i2c-validate-user-data-in-compat-ioctl.patch
(git-fixes bsc#1220469 CVE-2021-46934).
Add bug and CVE references.
- commit 3a04060
- bpf: fix check for attempt to corrupt spilled pointer
(bsc#1220325 CVE-2023-52462).
- commit 34faa5d
- tracing: Fix wasted memory in saved_cmdlines logic (git-fixes).
- commit 6793acf
- KVM: x86: Export RFDS_NO and RFDS_CLEAR to guests (bsc#1213456 CVE-2023-28746).
- commit 7f00c86
- tracing/probes: Fix to show a parse error for bad type for $comm
(git-fixes).
- commit fceb89f
- x86/rfds: Mitigate Register File Data Sampling (RFDS) (bsc#1213456 CVE-2023-28746).
- commit ee70608
- ring-buffer: Clean ring_buffer_poll_wait() error return
(git-fixes).
- commit 27ae4ee
- Documentation/hw-vuln: Add documentation for RFDS (bsc#1213456 CVE-2023-28746).
- commit c955133
- blacklist.conf: add kABI-breaking tracing fixes, not worth it
- commit 8058748
- wifi: mac80211: fix potential key use-after-free (CVE-2023-52530
bsc#1220930).
- commit 3feca94
- Update patch reference for iwlwifi fix (CVE-2023-52531 bsc#1220931)
- commit bde87cf
- Update patch reference for pinctrl fix (CVE-2021-47083 bsc#1220917)
- commit b608623
- drm/bridge: sii902x: Fix probing race issue (bsc#1220736 CVE-2024-26607).
- commit 70198c4
- Update
patches.suse/vt-fix-memory-overlapping-when-deleting-chars-in-the.patch
(git-fixes bsc#1220845 CVE-2022-48627).
- Update
patches.suse/x86-srso-add-srso-mitigation-for-hygon-processors.patch
(git-fixes bsc#1220735 CVE-2023-52482).
Add CVE references.
- commit dcdac38
- mfd: syscon: Fix null pointer dereference in
of_syscon_register() (bsc#1220433 CVE-2023-52467).
- commit b0262b8
- Input: pm8941-pwrkey - add software key press debouncing support
(git-fixes).
- commit 00016c1
- bpf: Fix re-attachment branch in bpf_tracing_prog_attach
(bsc#1220254 CVE-2024-26591).
- commit fc948d3
- selftests/bpf: Add test for alu on PTR_TO_FLOW_KEYS (bsc#1220255
CVE-2024-26589).
- bpf: Reject variable offset alu on PTR_TO_FLOW_KEYS (bsc#1220255
CVE-2024-26589).
- commit 8a833ce
- tls: fix race between tx work scheduling and socket close
(CVE-2024-26585 bsc#1220187).
- commit 1306bff
- kabi: restore return type of dst_ops::gc() callback
(CVE-2023-52340 bsc#1219295).
- ipv6: remove max_size check inline with ipv4 (CVE-2023-52340
bsc#1219295).
- commit b8eec42
- netfilter: nf_tables: fix 64-bit load issue in
nft_byteorder_eval() (CVE-2024-0607 bsc#1218915).
- netfilter: nf_tables: fix pointer math issue in
nft_byteorder_eval() (CVE-2024-0607 bsc#1218915).
- commit e095cd0
- netfilter: nft_set_pipapo: skip inactive elements during set
walk (CVE-2023-6817 bsc#1218195).
- commit 4032aa7
- tomoyo: fix UAF write bug in tomoyo_write_control() (bsc#1220825
CVE-2024-26622).
- commit c8e5b38
- doc/README.SUSE: Update information about module support status
(jsc#PED-5759)
Following the code change in SLE15-SP6 to have externally supported
modules no longer taint the kernel, update the respective documentation
in README.SUSE:
* Describe that support status can be obtained at runtime for each
module from /sys/module/$MODULE/supported and for the entire system
from /sys/kernel/supported. This provides a way how to now check that
the kernel has any externally supported modules loaded.
* Remove a mention that externally supported modules taint the kernel,
but keep the information about bit 16 (X) and add a note that it is
still tracked per module and can be read from
/sys/module/$MODULE/taint. This per-module information also appears in
Oopses.
- commit 9ed8107
- btrfs: fix double free of anonymous device after snapshot
creation failure (bsc#1219126 CVE-2024-23850).
- commit 257a534
- btrfs: do not ASSERT() if the newly created subvolume already
got read (bsc#1219126 CVE-2024-23850).
- commit a2ac581
- bpf: Minor cleanup around stack bounds (bsc#1220257
CVE-2023-52452).
- bpf: Fix accesses to uninit stack slots (bsc#1220257
CVE-2023-52452).
- bpf: Guard stack limits against 32bit overflow (git-fixes).
- bpf: Fix verification of indirect var-off stack access
(git-fixes).
- bpf: Minor cleanup around stack bounds (bsc#1220257
CVE-2023-52452).
- bpf: Fix accesses to uninit stack slots (bsc#1220257
CVE-2023-52452).
- bpf: Add some comments to stack representation (bsc#1220257
CVE-2023-52452).
- Refresh patches.kabi/kABI-fix-bpf-Tighten-ptr_to_btf_id-checks.patch
- bpf: Guard stack limits against 32bit overflow (git-fixes).
- bpf: Fix verification of indirect var-off stack access
(git-fixes).
- bpf: Minor logging improvement (bsc#1220257).
- commit 7d03125
- Input: i8042 - add Fujitsu Lifebook U728 to i8042 quirk table
(git-fixes).
- commit b66785f
- Input: i8042 - fix strange behavior of touchpad on Clevo NS70PU
(git-fixes).
- commit 33289fd
- Input: xpad - add Lenovo Legion Go controllers (git-fixes).
- commit a41f935
- Input: i8042 - add Fujitsu Lifebook E5411 to i8042 quirk table
(git-fixes).
- commit 80bb041
- blacklist.conf: kABI
- commit e10e64a
- Input: i8042 - add quirk for Fujitsu Lifebook A574/H
(git-fixes).
- commit f166a3d
- blacklist.conf: kABI
- commit 2948031
- serial: 8250: omap: Don't skip resource freeing if
pm_runtime_resume_and_get() failed (bsc#1220350 CVE-2023-52457).
- commit c82f528
- serial: imx: fix tx statemachine deadlock (bsc#1220364
CVE-2023-52456).
- commit cd9f92c
- powerpc/pseries/memhp: Fix access beyond end of drmem array
(bsc#1220250,CVE-2023-52451).
- commit fdc7254
- usb: f_mass_storage: forbid async queue when shutdown happen
(git-fixes).
- commit 35228c0
- usb: hub: Replace hardcoded quirk value with BIT() macro
(git-fixes).
- commit 1d57e38
- net: usb: dm9601: fix wrong return value in dm9601_mdio_read
(git-fixes).
- commit 012813c
- Update patch reference for input fix (CVE-2021-46932 bsc#1220444)
- commit e44e0b1
- lan78xx: enable auto speed configuration for LAN7850 if no
EEPROM is detected (git-commit).
- commit bcacbd9
- usb: dwc3: gadget: Ignore End Transfer delay on teardown
(git-fixes).
- Refresh
patches.suse/usb-dwc3-gadget-Add-1ms-delay-after-end-transfer-com.patch.
- commit 251cd08
- tomoyo: fix UAF write bug in tomoyo_write_control() (git-fixes).
- wifi: nl80211: reject iftype change with mesh ID change
(git-fixes).
- usb: dwc3: gadget: Don't disconnect if not started (git-fixes).
- wifi: mac80211: adding missing drv_mgd_complete_tx() call
(git-fixes).
- usb: f_mass_storage: forbid async queue when shutdown happen
(git-fixes).
- usb: dwc3: host: Set XHCI_SG_TRB_CACHE_SIZE_QUIRK (git-fixes).
- spi: sh-msiof: avoid integer overflow in constants (git-fixes).
- wifi: mac80211: fix race condition on enabling fast-xmit
(git-fixes).
- wifi: cfg80211: fix missing interfaces when dumping (git-fixes).
- usb: dwc3: gadget: Queue PM runtime idle on disconnect event
(git-fixes).
- usb: dwc3: gadget: Handle EP0 request dequeuing properly
(git-fixes).
- usb: hub: Replace hardcoded quirk value with BIT() macro
(git-fixes).
- tty: allow TIOCSLCKTRMIOS with CAP_CHECKPOINT_RESTORE
(git-fixes).
- watchdog: it87_wdt: Keep WDTCTRL bit 3 unmodified for
IT8784/IT8786 (git-fixes).
- wifi: cfg80211: fix RCU dereference in __cfg80211_bss_update
(git-fixes).
- wifi: cfg80211: free beacon_ies when overridden from hidden BSS
(git-fixes).
- wifi: rtlwifi: rtl8723{be,ae}: using calculate_bit_shift()
(git-fixes).
- wifi: rtl8xxxu: Add additional USB IDs for RTL8192EU devices
(git-fixes).
- wifi: ath9k: Fix potential array-index-out-of-bounds read in
ath9k_htc_txstatus() (git-fixes).
- wifi: rt2x00: restart beacon queue when hardware reset
(git-fixes).
- wifi: iwlwifi: mvm: avoid baid size integer overflow
(git-fixes).
- wifi: wext-core: Fix -Wstringop-overflow warning in
ioctl_standard_iw_point() (git-fixes).
- wifi: ath11k: fix registration of 6Ghz-only phy without the
full channel range (git-fixes).
- usb: dwc3: gadget: Refactor EP0 forced stall/restart into a
separate API (git-fixes).
- usb: dwc3: gadget: Submit endxfer command if delayed during
disconnect (git-fixes).
- commit 8b4f9a3
- power: supply: bq27xxx-i2c: Do not free non existing IRQ
(git-fixes).
- mmc: sdhci-xenon: add timeout for PHY init complete (git-fixes).
- mmc: sdhci-xenon: fix PHY init clock stability (git-fixes).
- mmc: core: Fix eMMC initialization with 1-bit bus connection
(git-fixes).
- net: usb: dm9601: fix wrong return value in dm9601_mdio_read
(git-fixes).
- mtd: spinand: gigadevice: Fix the get ecc status issue
(git-fixes).
- nouveau: fix function cast warnings (git-fixes).
- media: ir_toy: fix a memleak in irtoy_tx (git-fixes).
- media: rc: bpf attach/detach requires write permission
(git-fixes).
- mmc: slot-gpio: Allow non-sleeping GPIO ro (git-fixes).
- regulator: pwm-regulator: Add validity checks in continuous
.get_voltage (git-fixes).
- platform/x86: touchscreen_dmi: Add info for the TECLAST X16
Plus tablet (git-fixes).
- spi: hisi-sfc-v3xx: Return IRQ_NONE if no interrupts were
detected (git-fixes).
- PCI: switchtec: Fix stdev_release() crash after surprise hot
remove (git-fixes).
- PCI: Fix 64GT/s effective data rate calculation (git-fixes).
- PCI: Only override AMD USB controller if required (git-fixes).
- PCI/AER: Decode Requester ID when no error info found
(git-fixes).
- media: ddbridge: fix an error code problem in ddb_probe
(git-fixes).
- mmc: mmc_spi: remove custom DMA mapped buffers (git-fixes).
- mmc: core: Use mrq.sbc in close-ended ffu (git-fixes).
- PCI: Add no PM reset quirk for NVIDIA Spectrum devices
(git-fixes).
- pstore/ram: Fix crash when setting number of cpus to an odd
number (git-fixes).
- PNP: ACPI: fix fortify warning (git-fixes).
- regulator: core: Only increment use_count when enable_count
changes (git-fixes).
- PM: core: Remove unnecessary (void *) conversions (git-fixes).
- serial: 8250: Remove serial_rs485 sanitization from em485
(git-fixes).
- PM: runtime: Have devm_pm_runtime_enable() handle
pm_runtime_dont_use_autosuspend() (git-fixes).
- commit 9894050
- gpio: fix resource unwinding order in error path (git-fixes).
- commit f4d7f82
- gpiolib: Fix the error path order in
gpiochip_add_data_with_key() (git-fixes).
- commit 9367441
- Update patches.suse/i2c-Fix-a-potential-use-after-free.patch
(git-fixes bsc#1220409 CVE-2019-25162).
Add bug and CVE references.
- commit 6df4ebd
- Input: iqs269a - switch to DEFINE_SIMPLE_DEV_PM_OPS() and
pm_sleep_ptr() (git-fixes).
- Refresh
patches.suse/Input-iqs269a-do-not-poll-during-suspend-or-resume.patch.
- commit 7360a05
- i2c: imx: Add timer for handling the stop condition (git-fixes).
- Refresh
patches.suse/i2c-imx-Make-sure-to-unregister-adapter-on-remove.patch.
- commit 3a3d0f8
- gpio: 74x164: Enable output pins after registers are reset
(git-fixes).
- efi/capsule-loader: fix incorrect allocation size (git-fixes).
- fbcon: always restore the old font data in fbcon_do_set_font()
(git-fixes).
- lan78xx: enable auto speed configuration for LAN7850 if no
EEPROM is detected (git-fixes).
- i2c: imx: when being a target, mark the last read as processed
(git-fixes).
- i2c: i801: Fix block process call transactions (git-fixes).
- iio: hid-sensor-als: Return 0 for
HID_USAGE_SENSOR_TIME_TIMESTAMP (git-fixes).
- firewire: core: send bus reset promptly on gap count error
(git-fixes).
- efi: Don't add memblocks for soft-reserved memory (git-fixes).
- hwmon: (coretemp) Enlarge per package core count limit
(git-fixes).
- Input: xpad - add Lenovo Legion Go controllers (git-fixes).
- gpiolib: acpi: Ignore touchpad wakeup on GPD G1619-04
(git-fixes).
- fbdev: sis: Error out if pixclock equals zero (git-fixes).
- fbdev: savage: Error out if pixclock equals zero (git-fixes).
- libsubcmd: Fix memory leak in uniq() (git-fixes).
- iio: adc: ad7091r: Set alert bit in config register (git-fixes).
- i3c: master: cdns: Update maximum prescaler value for i2c clock
(git-fixes).
- leds: trigger: panic: Don't register panic notifier if creating
the trigger failed (git-fixes).
- media: rockchip: rga: fix swizzling for RGB formats (git-fixes).
- media: stk1160: Fixed high volume of stk1160_dbg messages
(git-fixes).
- i2c: i801: Remove i801_set_block_buffer_mode (git-fixes).
- HID: apple: Add 2021 magic keyboard FN key mapping (git-fixes).
- HID: apple: Add support for the 2021 Magic Keyboard (git-fixes).
- commit 0f0032c
- dmaengine: ptdma: use consistent DMA masks (git-fixes).
- dmaengine: fsl-qdma: init irq after reg initialization
(git-fixes).
- dmaengine: fsl-qdma: fix SoC may hang on 16 byte unaligned read
(git-fixes).
- Revert "drm/amd/pm: resolve reboot exception for si oland"
(git-fixes).
- drm/buddy: fix range bias (git-fixes).
- drm/amd/display: Fix memory leak in dm_sw_fini() (git-fixes).
- drm/syncobj: call drm_syncobj_fence_add_wait when WAIT_AVAILABLE
flag is set (git-fixes).
- drm/ttm: Fix an invalid freeing on already freed page in error
path (git-fixes).
- drm/amd/display: Preserve original aspect ratio in create stream
(git-fixes).
- Revert "drm/amd/display: increased min_dcfclk_mhz and
min_fclk_mhz" (git-fixes).
- drm/prime: Support page array >= 4GB (git-fixes).
- efi: runtime: Fix potential overflow of soft-reserved region
size (git-fixes).
- drm/amd/display: Increase frame-larger-than for all
display_mode_vba files (git-fixes).
- drm/amdgpu: reset gpu for s3 suspend abort case (git-fixes).
- drm/amdgpu: skip to program GFXDEC registers for suspend abort
(git-fixes).
- dmaengine: fsl-qdma: Fix a memory leak related to the queue
command DMA (git-fixes).
- dmaengine: ti: edma: Add some null pointer checks to the
edma_probe (git-fixes).
- drm/amd/display: increased min_dcfclk_mhz and min_fclk_mhz
(git-fixes).
- dmaengine: fsl-qdma: increase size of 'irq_name' (git-fixes).
- dmaengine: shdma: increase size of 'dev_id' (git-fixes).
- commit 61b82a0
- ALSA: Drop leftover snd-rtctimer stuff from Makefile
(git-fixes).
- ALSA: firewire-lib: fix to check cycle continuity (git-fixes).
- Bluetooth: qca: Fix wrong event type for patch config command
(git-fixes).
- Bluetooth: Enforce validation on max value of connection
interval (git-fixes).
- Bluetooth: hci_event: Fix handling of HCI_EV_IO_CAPA_REQUEST
(git-fixes).
- Bluetooth: hci_event: Fix wrongly recorded wakeup BD_ADDR
(git-fixes).
- Bluetooth: hci_sync: Fix accept_list when attempting to suspend
(git-fixes).
- Bluetooth: Avoid potential use-after-free in hci_error_reset
(git-fixes).
- Bluetooth: hci_sync: Check the correct flag before starting
a scan (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LED For HP mt645
(git-fixes).
- ALSA: hda/conexant: Add quirk for SWS JS201D (git-fixes).
- ASoC: sunxi: sun4i-spdif: Add support for Allwinner H616
(git-fixes).
- ASoC: doc: Fix undefined SND_SOC_DAPM_NOPM argument (git-fixes).
- bus: moxtet: Add spi device table (git-fixes).
- Bluetooth: L2CAP: Fix possible multiple reject send (git-fixes).
- crypto: stm32/crc32 - fix parsing list of devices (git-fixes).
- crypto: octeontx2 - Fix cptvf driver cleanup (git-fixes).
- crypto: api - Disallow identical driver names (git-fixes).
- commit a409ffd
- ALSA: usb-audio: Ignore clock selector errors for single
connection (git-fixes).
- ALSA: hda/realtek: Enable headset mic on Vaio VJFE-ADL
(git-fixes).
- ALSA: hda/realtek: Apply headset jack quirk for non-bass alc287
thinkpads (git-fixes).
- ALSA: usb-audio: Check presence of valid altsetting control
(git-fixes).
- ALSA: hda/realtek: Enable Mute LED on HP Laptop 14-fq0xxx
(git-fixes).
- ALSA: hda/realtek: Fix the external mic not being recognised
for Acer Swift 1 SF114-32 (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for HP ZBook Power
(git-fixes).
- ahci: asm1166: correct count of reported ports (git-fixes).
- ACPI: extlog: fix NULL pointer dereference check (git-fixes).
- ACPI: APEI: set memory failure flags as MF_ACTION_REQUIRED on
synchronous events (git-fixes).
- ACPI: video: Add quirk for the Colorful X15 AT 23 Laptop
(git-fixes).
- ACPI: video: Add backlight=native DMI quirk for Apple iMac12,1
and iMac12,2 (git-fixes).
- ACPI: video: Add backlight=native DMI quirk for Lenovo ThinkPad
X131e (3371 AMD version) (git-fixes).
- ACPI: video: Add backlight=native DMI quirk for Apple iMac11,3
(git-fixes).
- ACPI: button: Add lid disable DMI quirk for Nextbook Ares 8A
(git-fixes).
- ACPI: resource: Skip IRQ override on ASUS ExpertBook B1502CBA
(git-fixes).
- ACPI: resource: Skip IRQ override on Asus Expertbook B2402CBA
(git-fixes).
- ACPI: resource: Add ASUS model S5402ZA to quirks (git-fixes).
- commit 728134a
- efivarfs: force RO when remounting if SetVariable is not
supported (bsc#1220328 CVE-2023-52463).
- commit 6239d33
- kABI: bpf: map_fd_put_ptr() signature kABI workaround
(bsc#1220251 CVE-2023-52447).
- kABI: bpf: struct bpf_map kABI workaround (bsc#1220251
CVE-2023-52447).
- selftests/bpf: Test outer map update operations in syscall
program (bsc#1220251 CVE-2023-52447).
- selftests/bpf: Add test cases for inner map (bsc#1220251
CVE-2023-52447).
- bpf: Defer the free of inner map when necessary (bsc#1220251
CVE-2023-52447).
- Refresh patches.suse/kABI-padding-for-bpf.patch
- bpf: Set need_defer as false when clearing fd array during
map free (bsc#1220251 CVE-2023-52447).
- bpf: Add map and need_defer parameters to .map_fd_put_ptr()
(bsc#1220251 CVE-2023-52447).
- bpf: Check rcu_read_lock_trace_held() before calling bpf map
helpers (bsc#1220251 CVE-2023-52447).
- rcu-tasks: Provide rcu_trace_implies_rcu_gp() (bsc#1220251
CVE-2023-52447).
- commit b7359fc
- btrfs: fix double free of anonymous device after snapshot
creation failure (bsc#1219126 CVE-2024-23850).
- commit f8ba729
- mtd: Fix gluebi NULL pointer dereference caused by ftl notifier
(bsc#1220238 CVE-2023-52449).
- commit c132b67
- fs/mount_setattr: always cleanup mount_kattr (bsc#1220457
CVE-2021-46923).
- commit 89afe2f
- kABI: bpf: map_fd_put_ptr() signature kABI workaround
(bsc#1220251 CVE-2023-52447).
- kABI: bpf: struct bpf_map kABI workaround (bsc#1220251
CVE-2023-52447).
- kABI: bpf: map_fd_put_ptr() signature kABI workaround
(bsc#1220251 CVE-2023-52447).
- kABI: bpf: struct bpf_map kABI workaround (bsc#1220251
CVE-2023-52447).
- commit bec1c61
- selftests/bpf: Test outer map update operations in syscall
program (bsc#1220251 CVE-2023-52447).
- selftests/bpf: Add test cases for inner map (bsc#1220251
CVE-2023-52447).
- bpf: Defer the free of inner map when necessary (bsc#1220251
CVE-2023-52447).
- Refresh patches.suse/kABI-padding-for-bpf.patch
- bpf: Set need_defer as false when clearing fd array during
map free (bsc#1220251 CVE-2023-52447).
- bpf: Add map and need_defer parameters to .map_fd_put_ptr()
(bsc#1220251 CVE-2023-52447).
- bpf: Check rcu_read_lock_trace_held() before calling bpf map
helpers (bsc#1220251 CVE-2023-52447).
- rcu-tasks: Provide rcu_trace_implies_rcu_gp() (bsc#1220251
CVE-2023-52447).
- selftests/bpf: Test outer map update operations in syscall
program (bsc#1220251 CVE-2023-52447).
- selftests/bpf: Add test cases for inner map (bsc#1220251
CVE-2023-52447).
- bpf: Defer the free of inner map when necessary (bsc#1220251
CVE-2023-52447).
- Refresh patches.suse/kABI-padding-for-bpf.patch
- bpf: Set need_defer as false when clearing fd array during
map free (bsc#1220251 CVE-2023-52447).
- bpf: Add map and need_defer parameters to .map_fd_put_ptr()
(bsc#1220251 CVE-2023-52447).
- bpf: Check rcu_read_lock_trace_held() before calling bpf map
helpers (bsc#1220251 CVE-2023-52447).
- rcu-tasks: Provide rcu_trace_implies_rcu_gp() (bsc#1220251
CVE-2023-52447).
- commit aa6db76
- Update patch reference for HID fix (CVE-2023-52478 bsc#1220796)
- commit 4aec836
- Update patch reference for input fix (CVE-2023-52475 bsc#1220649)
- commit 00a87c8
- topology/sysfs: Add PPIN in sysfs under cpu topology (jsc#PED-7618).
- Refresh
patches.suse/drivers-base-fix-userspace-break-from-using-bin_attr.patch.
- commit e74360b
- topology/sysfs: Add format parameter to macro defining "show" functions for proc (jsc#PED-7618).
- Refresh
patches.suse/drivers-base-fix-userspace-break-from-using-bin_attr.patch.
- commit 978a12d
- x86/cpu: X86_FEATURE_INTEL_PPIN finally has a CPUID bit (jsc#PED-7618).
- Refresh patches.suse/x86-speculation-disable-rrsba-behavior.patch.
- commit f7bed0d
- KVM: arm64: vgic-its: Avoid potential UAF in LPI translation
cache (bsc#1220326, CVE-2024-26598).
- commit 74fd0dd
- scsi: lpfc: Replace deprecated strncpy() with strscpy()
(bsc#1220021).
- scsi: lpfc: Copyright updates for 14.4.0.0 patches
(bsc#1220021).
- scsi: lpfc: Update lpfc version to 14.4.0.0 (bsc#1220021).
- scsi: lpfc: Change lpfc_vport load_flag member into a bitmask
(bsc#1220021).
- scsi: lpfc: Change lpfc_vport fc_flag member into a bitmask
(bsc#1220021).
- scsi: lpfc: Protect vport fc_nodes list with an explicit spin
lock (bsc#1220021).
- scsi: lpfc: Change nlp state statistic counters into atomic_t
(bsc#1220021).
- scsi: lpfc: Remove shost_lock protection for fc_host_port
shost APIs (bsc#1220021).
- scsi: lpfc: Move handling of reset congestion statistics events
(bsc#1220021).
- scsi: lpfc: Save FPIN frequency statistics upon receipt of
peer cgn notifications (bsc#1220021).
- scsi: lpfc: Add condition to delete ndlp object after sending
BLS_RJT to an ABTS (bsc#1220021).
- scsi: lpfc: Fix failure to delete vports when discovery is in
progress (bsc#1220021).
- scsi: lpfc: Remove NLP_RCV_PLOGI early return during RSCN
processing for ndlps (bsc#1220021).
- scsi: lpfc: Allow lpfc_plogi_confirm_nport() logic to execute
for Fabric nodes (bsc#1220021).
- scsi: lpfc: Remove D_ID swap log message from trace event logger
(bsc#1220021).
- scsi: lpfc: Use sg_dma_len() API to get struct scatterlist's
length (bsc#1220021).
- scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc()
(bsc#1220021).
- scsi: lpfc: Initialize status local variable in
lpfc_sli4_repost_sgl_list() (bsc#1220021).
- scsi: lpfc: Use PCI_HEADER_TYPE_MFD instead of literal
(bsc#1220021).
- PCI: Add PCI_HEADER_TYPE_MFD definition (bsc#1220021).
- commit 41ec061
- x86/fpu: Stop relying on userspace for info to fault in xsave buffer (bsc#1220335, CVE-2024-26603).
- commit 4cbbdbf
- Update patch reference for NFC fix (CVE-2021-46924 bsc#1220459)
- commit 8ac32a8
- RAS/AMD/ATL: Fix bit overflow in denorm_addr_df4_np2() (git-fixes).
- commit 71868f2
- media: pvrusb2: fix use after free on context disconnection
(CVE-2023-52445 bsc#1220241).
- commit e4643a5
- RAS: Introduce a FRU memory poison manager (jsc#PED-7618).
- commit 62d6d3a
- hisi_acc_vfio_pci: Update migration data pointer correctly on (bsc#1220337,CVE-2023-52453)
- commit 6a9df09
- RAS/AMD/ATL: Add MI300 row retirement support (jsc#PED-7618).
- Delete patches.suse/EDAC-amd64-Add-MI300-row-retirement-support.patch.
- commit 3cc5727
- uio: Fix use-after-free in uio_open (bsc#1220140
CVE-2023-52439).
- commit fbf52b1
- apparmor: avoid crash when parsed profile name is empty
(CVE-2023-52443 bsc#1220240).
- commit 732bc93
- ntfs: check overflow when iterating ATTR_RECORDs (git-fixes).
- commit c9fe433
- ntfs: fix use-after-free in ntfs_attr_find() (git-fixes).
- commit 6df2cbb
- xfs: short circuit xfs_growfs_data_private() if delta is zero
(git-fixes).
- commit fcba050
- xfs: remove unused fields from struct xbtree_ifakeroot
(git-fixes).
- commit 86da8f9
- fs: dlm: fix build with CONFIG_IPV6 disabled (git-fixes).
- commit 595274a
- nilfs2: replace WARN_ONs for invalid DAT metadata block requests
(git-fixes).
- commit 8b6113c
- nilfs2: fix data corruption in dsync block recovery for small
block sizes (git-fixes).
- commit 3bf00f7
- jfs: fix array-index-out-of-bounds in diNewExt (git-fixes).
- commit 95bef1f
- jfs: fix uaf in jfs_evict_inode (git-fixes).
- commit d7a8248
- jfs: fix array-index-out-of-bounds in dbAdjTree (git-fixes).
- commit e676b4f
- jfs: fix slab-out-of-bounds Read in dtSearch (git-fixes).
- commit fc7d276
- UBSAN: array-index-out-of-bounds in dtSplitRoot (git-fixes).
- commit bcf9251
- FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree (git-fixes).
- commit 9b22efe
- afs: Increase buffer size in afs_update_volume_status()
(git-fixes).
- commit dd84cc3
- afs: Hide silly-rename files from userspace (git-fixes).
- commit 3ff836d
- afs: fix the usage of read_seqbegin_or_lock() in
afs_find_server*() (git-fixes).
- commit c7a2b9c
- afs: fix the usage of read_seqbegin_or_lock() in
afs_lookup_volume_rcu() (git-fixes).
- commit 4fa847b
- btrfs: do not ASSERT() if the newly created subvolume already
got read (bsc#1219126 CVE-2024-23850).
- commit 087f1fb
- Update
patches.suse/sched-membarrier-reduce-the-ability-to-hammer-on-sys.patch
(git-fixes, bsc1220398, CVE-2024-26602).
- commit 7349e3e
- tcp: fix tcp_mtup_probe_success vs wrong snd_cwnd (bsc#1218450).
- commit edd994d
- i2c: i801: Fix block process call transactions (bsc#1220009
CVE-2024-26593).
- commit 1b64da9
- RDMA/core: Fix uninit-value access in ib_get_eth_speed()
(bsc#1219934).
- commit 3ebf8e4
- mlxsw: spectrum_acl_tcam: Fix stack corruption (bsc#1220243
CVE-2024-26586).
- mlxsw: spectrum_acl_tcam: Fix NULL pointer dereference in
error path (bsc#1220344 CVE-2024-26595).
- commit 6e8b589
- EDAC/thunderx: Fix possible out-of-bounds string access (bsc#1220330, CVE-2023-52464)
- commit 369d1fd
- RDMA/core: Get IB width and speed from netdev (bsc#1219934).
- commit 24279f3
- KVM: s390: vsie: fix race during shadow creation (git-fixes
bsc#1220393).
- commit 72fd28e
- Update config files.
Cleanup with run_oldconfig.sh
- commit ef734e5
- KVM: s390: fix setting of fpc register (git-fixes bsc#1220392).
- commit 8d2ffe7
- supported.conf: remove external flag from IBM supported modules.
(bsc#1209412)
- commit a25e99f
- arm64: Subscribe Microsoft Azure Cobalt 100 to ARM Neoverse N2 errata (git-fixes)
- commit 7e2b55c
- arm64: irq: set the correct node for shadow call stack (git-fixes)
- commit b343796
- arm64: irq: set the correct node for VMAP stack (git-fixes)
- commit f682ae8
- blacklist.conf: ("arm64: lib: Import latest version of Arm Optimized Routines' strncmp")
- commit 88ead84
- Refresh sorted patches.
- commit 9f45380
- powerpc/pseries: Set CPU_FTR_DBELL according to ibm,pi-features
(bsc#1220348).
- powerpc/pseries: Add a clear modifier to ibm,pa/pi-features
parser (bsc#1220348).
- commit 7e988f6
- usb: gadget: ncm: Avoid dropping datagrams of properly parsed
NTBs (git-fixes).
- usb: cdns3: fix memory double free when handle zero packet
(git-fixes).
- usb: cdns3: fixed memory use after free at
cdns3_gadget_ep_disable() (git-fixes).
- usb: roles: don't get/set_role() when usb_role_switch is
unregistered (git-fixes).
- usb: roles: fix NULL pointer issue when put module's reference
(git-fixes).
- usb: cdnsp: fixed issue with incorrect detecting CDNSP family
controllers (git-fixes).
- usb: cdnsp: blocked some cdns3 specific code (git-fixes).
- USB: serial: option: add Fibocom FM101-GL variant (git-fixes).
- USB: serial: qcserial: add new usb-id for Dell Wireless DW5826e
(git-fixes).
- USB: serial: cp210x: add ID for IMST iM871A-USB (git-fixes).
- commit 6aacbee
- s390: use the correct count for __iowrite64_copy() (git-fixes
bsc#1220317).
- commit 3d0908e
- md: bypass block throttle for superblock update (bsc#1220154,
CVE-2023-52437).
- commit 3b94bb4
- cachefiles: fix memory leak in cachefiles_add_cache()
(bsc#1220267).
- commit 9bb720c
- gfs2: Fix kernel NULL pointer dereference in gfs2_rgrp_dump
(bsc#1220253 CVE-2023-52448).
- commit 12cdab5
- platform/x86: thinkpad_acpi: Only update profile if successfully
converted (git-fixes).
- platform/x86: touchscreen_dmi: Allow partial (prefix) matches
for ACPI names (git-fixes).
- commit d153a3a
- rpm templates: Always define usrmerged
usrmerged is now defined in kernel-spec-macros and not the distribution.
Only check if it's defined in kernel-spec-macros, not everywhere where
it's used.
- commit a6ad8af
- USB: gadget: core: adjust uevent timing on gadget unbind
(git-fixes).
- commit e3b30d8
- blacklist.conf: entry for usb/gadget/udc/core that has been reverted
- commit 50292b0
- mm,page_owner: Update Documentation regarding page_owner_stacks
(jsc-PED#7423).
- commit 96f4587
- mm,page_owner: Filter out stacks by a threshold (jsc-PED#7423).
- commit e683246
- mm,page_owner: Display all stacks and their count
(jsc-PED#7423).
- commit cfad590
- rpm templates: Move macro definitions below buildrequires
Many of the rpm macros defined in the kernel packages depend directly or
indirectly on script execution. OBS cannot execute scripts which means
values of these macros cannot be used in tags that are required for OBS
to see such as package name, buildrequires or buildarch.
Accumulate macro definitions that are not directly expanded by mkspec
below buildrequires and buildarch to make this distinction clear.
- commit 89eaf4c
- mm,page_owner: Implement the tracking of the stacks count
(jsc-PED#7423).
- commit 4c2de65
- mm,page_owner: Maintain own list of stack_records structs
(jsc-PED#7423).
- commit 91e49cb
- scsi: ibmvfc: Open-code reset loop for target reset
(bsc#1220106).
- commit 8ab46b6
- scsi: ibmvfc: Limit max hw queues by num_online_cpus()
(bsc#1220106).
- commit 648a1af
- lib/stackdepot: Move stack_record struct definition into the
header (jsc-PED#7423).
- commit 6077ffb
- lib/stackdepot: Fix first entry having a 0-handle
(jsc-PED#7423).
- commit 992fd7d
- lib/stackdepot: add refcount for records (jsc-PED#7423).
- commit 714c529
- sched/membarrier: reduce the ability to hammer on sys_membarrier
(git-fixes).
- commit 050cced
- lib/stackdepot: add depot_fetch_stack helper (jsc-PED#7423).
- commit 2786362
- RDMA/srpt: fix function pointer cast warnings (git-fixes)
- commit dac438c
- RDMA/qedr: Fix qedr_create_user_qp error flow (git-fixes)
- commit b146859
- RDMA/srpt: Support specifying the srpt_service_guid parameter (git-fixes)
- commit 8d48d24
- IB/hfi1: Fix sdma.h tx->num_descs off-by-one error (git-fixes)
- commit da3f72a
- RDMA/irdma: Add AE for too many RNRS (git-fixes)
- commit f63a394
- RDMA/irdma: Set the CQ read threshold for GEN 1 (git-fixes)
- commit 3b512eb
- RDMA/irdma: Validate max_send_wr and max_recv_wr (git-fixes)
- commit 98f2343
- RDMA/irdma: Fix KASAN issue with tasklet (git-fixes)
- commit 83211d5
- RDMA/bnxt_re: Add a missing check in bnxt_qplib_query_srq (git-fixes)
- commit 675dc2d
- RDMA/bnxt_re: Return error for SRQ resize (git-fixes)
- commit c51f388
- IB/hfi1: Fix a memleak in init_credit_return (git-fixes)
- commit 2afc750
- x86/mm: Fix memory encryption features advertisement (bsc#1206453).
- commit 143c33b
- rpm/check-for-config-changes: add GCC_ASM_GOTO_OUTPUT_WORKAROUND to IGNORED_CONFIGS_RE
Introduced by commit 68fb3ca0e408 ("update workarounds for gcc "asm
goto" issue").
- commit be1bdab
- net: openvswitch: limit the number of recursions from action
sets (bsc#1219835 CVE-2024-1151).
- commit ed2fd55
- net: qualcomm: rmnet: fix global oob in rmnet_policy
(git-fixes).
- commit 0b41491
- scsi: core: Move scsi_host_busy() out of host lock if it is
for per-command (git-fixes).
- commit 65a3d05
- mfd: syscon: Fix null pointer dereference in
of_syscon_register() (git-fixes).
- commit ac6a500
- powerpc/64: Set task pt_regs->link to the LR value on scv entry
(bsc#1194869).
- powerpc: add crtsavres.o to always-y instead of extra-y
(bsc#1194869).
- powerpc/watchpoints: Annotate atomic context in more places
(bsc#1194869).
- powerpc/watchpoint: Disable pagefaults when getting user
instruction (bsc#1194869).
- powerpc/watchpoints: Disable preemption in thread_change_pc()
(bsc#1194869).
- powerpc/pseries: Rework lppaca_shared_proc() to avoid
DEBUG_PREEMPT (bsc#1194869).
- powerpc: Don't include lppaca.h in paca.h (bsc#1194869).
- powerpc/powernv: Fix fortify source warnings in opal-prd.c
(bsc#1194869).
- commit 148ec5a
- modpost: trim leading spaces when processing source files list
(git-fixes).
- kbuild: Fix changing ELF file type for output of gen_btf for
big endian (git-fixes).
- irqchip/gic-v3-its: Fix GICv4.1 VPE affinity update (git-fixes).
- irqchip/irq-brcmstb-l2: Add write memory barrier before exit
(git-fixes).
- driver core: Fix device_link_flag_is_sync_state_only()
(git-fixes).
- iio: accel: bma400: Fix a compilation problem (git-fixes).
- staging: iio: ad5933: fix type mismatch regression (git-fixes).
- iio: magnetometer: rm3100: add boundary check for the value
read from RM3100_REG_TMRC (git-fixes).
- iio: core: fix memleak in iio_device_register_sysfs (git-fixes).
- commit 55c0c3a
- compute-PATCHVERSION: Do not produce output when awk fails
compute-PATCHVERSION uses awk to produce a shell script that is
subsequently executed to update shell variables which are then printed
as the patchversion.
Some versions of awk, most notably bysybox-gawk do not understand the
awk program and fail to run. This results in no script generated as
output, and printing the initial values of the shell variables as
the patchversion.
When the awk program fails to run produce 'exit 1' as the shell script
to run instead. That prevents printing the stale values, generates no
output, and generates invalid rpm spec file down the line. Then the
problem is flagged early and should be easier to diagnose.
- commit 8ef8383
- Drop bcm5974 input patch causing a regression (bsc#1220030)
- commit cdfe144
- nvme-fabrics: fix I/O connect error handling (git-fixes).
- commit 1cf32dd
- scsi: fnic: Move fnic_fnic_flush_tx() to a work queue (git-fixes
bsc#1219141).
- scsi: Revert "scsi: fcoe: Fix potential deadlock on
&fip->ctlr_lock" (git-fixes bsc#1219141).
- scsi: core: Move scsi_host_busy() out of host lock for waking
up EH handler (git-fixes).
- scsi: isci: Fix an error code problem in isci_io_request_build()
(git-fixes).
- scsi: mpi3mr: Refresh sdev queue depth after controller reset
(git-fixes).
- commit bb93e52
- scsi: hisi_sas: Prevent parallel FLR and controller reset
(git-fixes).
- Refresh
patches.suse/scsi-hisi_sas-Replace-with-standard-error-code-return-value.patch.
- commit 90473ca
- drm/amdgpu/display: Initialize gamma correction mode variable
in dcn30_get_gamcor_current() (git-fixes).
- drm/amd/display: Fix possible NULL dereference on device
remove/driver unload (git-fixes).
- Revert "drm/amd: flush any delayed gfxoff on suspend entry"
(git-fixes).
- drm/amd/display: Fix possible buffer overflow in
'find_dcfclk_for_voltage()' (git-fixes).
- drm/crtc: fix uninitialized variable use even harder
(git-fixes).
- nouveau/svm: fix kvcalloc() argument order (git-fixes).
- can: j1939: Fix UAF in j1939_sk_match_filter during
setsockopt(SO_J1939_FILTER) (git-fixes).
- wifi: iwlwifi: uninitialized variable in
iwl_acpi_get_ppag_table() (git-fixes).
- wifi: iwlwifi: Fix some error codes (git-fixes).
- spi-mxs: Fix chipselect glitch (git-fixes).
- spi: ppc4xx: Drop write-only variable (git-fixes).
- HID: wacom: generic: Avoid reporting a serial of '0' to
userspace (git-fixes).
- HID: wacom: Do not register input devices until after
hid_hw_start (git-fixes).
- hwmon: (coretemp) Fix bogus core_id to attr name mapping
(git-fixes).
- hwmon: (coretemp) Fix out-of-bounds memory access (git-fixes).
- hwmon: (aspeed-pwm-tacho) mutex for tach reading (git-fixes).
- drm/msm/dpu: check for valid hw_pp in
dpu_encoder_helper_phys_cleanup (git-fixes).
- drm/msm/dp: return correct Colorimetry for
DP_TEST_DYNAMIC_RANGE_CEA case (git-fixes).
- drm/msms/dp: fixed link clock divider bits be over written in
BPC unknown case (git-fixes).
- drm/i915/gvt: Fix uninitialized variable in handle_mmio()
(git-fixes).
- atm: idt77252: fix a memleak in open_card_ubr0 (git-fixes).
- crypto: ccp - Fix null pointer dereference in
__sev_platform_shutdown_locked (git-fixes).
- commit 8c41a3a
- ALSA: usb-audio: More relaxed check of MIDI jack names
(git-fixes).
- ASoC: SOF: IPC3: fix message bounds on ipc ops (git-fixes).
- ASoC: rt5645: Fix deadlock in rt5645_jack_detect_work()
(git-fixes).
- ALSA: hda/realtek: cs35l41: Fix order and duplicates in quirks
table (git-fixes).
- ALSA: hda/realtek: cs35l41: Fix device ID / model name
(git-fixes).
- ALSA: usb-audio: Sort quirk table entries (git-fixes).
- ALSA: usb-audio: add quirk for RODE NT-USB+ (git-fixes).
- ALSA: usb-audio: Add delay quirk for MOTU M Series 2nd revision
(git-fixes).
- ALSA: usb-audio: Add a quirk for Yamaha YIT-W12TX transmitter
(git-fixes).
- commit 4ee9775
- x86/asm: Add _ASM_RIP() macro for x86-64 (%rip) suffix (git-fixes).
- commit 515312a
- KVM: VMX: Move VERW closer to VMentry for MDS mitigation (git-fixes).
- KVM: VMX: Use BT+JNC, i.e. EFLAGS.CF to select VMRESUME vs. VMLAUNCH (git-fixes).
- x86/bugs: Use ALTERNATIVE() instead of mds_user_clear static key (git-fixes).
Also add mds_user_clear to kABI severities since it's strictly
mitigation related so should be low risk.
- x86/entry_32: Add VERW just before userspace transition (git-fixes).
- x86/entry_64: Add VERW just before userspace transition (git-fixes).
- x86/bugs: Add asm helpers for executing VERW (git-fixes).
- commit f298aab
- netfs, fscache: Prevent Oops in fscache_put_cache()
(bsc#1220003).
- commit 70831f5
- mm: memory-failure: fix potential unexpected return value from
unpoison_memory() (git-fixes).
- commit 4c346fc
- netfilter: nf_tables: disallow rule removal from chain binding
(bsc#1218216 CVE-2023-5197).
- commit dcfc62f
- netfilter: nf_tables: skip bound chain in netns release path
(bsc#1218216 CVE-2023-5197).
- commit 29d741f
- netfilter: nf_tables: disallow rule removal from chain binding
(bsc#1218216 CVE-2023-5197).
- commit d7a1a4d
- netfilter: nf_tables: skip bound chain in netns release path
(bsc#1218216 CVE-2023-5197).
- commit af879c8
- mm/hwpoison: fix unpoison_memory() (bsc#1218663).
- commit e5b6bde
- mm/hwpoison: remove MF_MSG_BUDDY_2ND and MF_MSG_POISONED_HUGE
(bsc#1218663).
- commit d6fa958
- mm/hwpoison: mf_mutex for soft offline and unpoison
(bsc#1218663).
- commit 177fcfa
- net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv
(bsc#1219127 CVE-2024-23849).
- commit 43577c1
- Refresh
patches.suse/scsi-lpfc-use-unsigned-type-for-num_sge.patch.
- commit 6b5c8aa
- USB: hub: check for alternate port before enabling
A_ALT_HNP_SUPPORT (bsc#1218527).
- Delete patches.suse/usb-otg-numberpad-exception.patch.
Removal of temporary work around
- commit 51410f7
- kernel-binary: Move build script to the end
All other spec templates have the build script at the end, only
kernel-binary has it in the middle. Align with the other templates.
- commit 98cbdd0
- rpm templates: Aggregate subpackage descriptions
While in some cases the package tags, description, scriptlets and
filelist are located together in other cases they are all across the
spec file. Aggregate the information related to a subpackage in one
place.
- commit 8eeb08c
- rpm templates: sort rpm tags
The rpm tags in kernel spec files are sorted at random.
Make the order of rpm tags somewhat more consistent across rpm spec
templates.
- commit 8875c35
- blacklist.conf: irrelevant in our configs
- commit 011570e
- dm: limit the number of targets and parameter size area
(bsc#1219827, bsc#1219146, CVE-2023-52429, CVE-2024-23851).
- commit 26dc83e
- usb: cdns3: Modify the return value of cdns_set_active ()
to void when CONFIG_PM_SLEEP is disabled (git-fixes).
- Refresh patches.kabi/usb-cdns-readd-old-API.patch.
- commit f63fe1f
- usb: cdns: readd old API (git-fixes).
- commit e63cfaf
- usb: gadget: f_hid: fix report descriptor allocation
(git-fixes).
- commit b1aee6d
- Refresh
patches.suse/USB-dwc2-write-HCINT-with-INTMASK-applied.patch.
moved into sorted section
- commit 19ade31
- usb: gadget: fsl_qe_udc: validate endpoint index for ch9 udc
(git-fixes).
- commit e5f0b82
- usb: cdns3: Put the cdns set active part outside the spin lock
(git-fixes).
- commit 86f2eb0
- USB: Gadget: core: Help prevent panic during UVC unconfigure
(git-fixes).
- commit 00fdbf2
- usb: gadget: core: remove unbalanced mutex_unlock in
usb_gadget_activate (git-fixes).
- commit 4803ff6
- usb: gadget: udc: Handle gadget_connect failure during bind
operation (git-fixes).
- commit 70218de
- USB: gadget: core: Add missing kerneldoc for vbus_work
(git-fixes).
- commit 25e9543
- usb: gadget: udc: core: Prevent soft_connect_store() race
(git-fixes).
- commit eb5f8ac
- usb: gadget: udc: core: Offload usb_udc_vbus_handler processing
(git-fixes).
- commit 7a7bf5a
- blacklist.conf: changed reason
The old reason applied only to SP4. However
this patch by coincidence still needs to be blacklisted in SP5
for a completely different reason
- commit 5f8bebe
- USB: gadget: Fix obscure lockdep violation for udc_mutex
(git-fixes).
- Refresh
patches.suse/USB-gadget-Fix-use-after-free-during-usb-config-swit.patch.
- commit a8658e1
- USB: gadget: Fix use-after-free Read in usb_udc_uevent()
(git-fixes).
- commit 6205e50
- s390/qeth: Fix potential loss of L3-IP@ in case of network
issues (git-fixes bsc#1219840).
- commit 4987d16
- KVM: s390: fix cc for successful PQAP (git-fixes bsc#1219839).
- commit 47fbb44
- Add reference to recently released CVE
- Update
patches.suse/x86-entry-convert-int-0x80-emulation-to-idtentry.patch
(bsc#1217927 CVE-2024-25744).
- Update
patches.suse/x86-entry-do-not-allow-external-0x80-interrupts.patch
(bsc#1217927 CVE-2024-25744).
- commit 1dc32d2
- nvme-host: fix the updating of the firmware version (git-fixes).
- commit 27cca59
- arm64: entry: fix ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD (bsc#1219443)
- commit 8b0cea9
- arm64: entry: Simplify tramp_alias macro and tramp_exit routine (bsc#1219443)
- commit 713244d
- arm64: entry: Preserve/restore X29 even for compat tasks (bsc#1219443)
- commit 2aa2cc1
- Refresh patches.suse/EDAC-amd64-Use-new-AMD-Address-Translation-Library.patch.
Fix following error when building kvmsmall config by removing left over
declaration:
[ 216s] In file included from ../arch/x86/kernel/cpu/mce/core.c:52:0:
[ 216s] ../arch/x86/include/asm/mce.h:366:1: error: duplicate 'static'
[ 216s] static inline void mce_hygon_feature_init(struct cpuinfo_x86 *c) { return mce_amd_feature_init(c); }
[ 216s] ^~~~~~
[ 216s] ../arch/x86/include/asm/mce.h:366:15: error: two or more data types in declaration specifiers
[ 216s] static inline void mce_hygon_feature_init(struct cpuinfo_x86 *c) { return mce_amd_feature_init(c); }
[ 216s] ^~~~
[ 216s] ../arch/x86/include/asm/mce.h: In function 'mce_hygon_feature_init':
[ 216s] ../arch/x86/include/asm/mce.h:366:75: error: void value not ignored as it ought to be
[ 216s] static inline void mce_hygon_feature_init(struct cpuinfo_x86 *c) { return mce_amd_feature_init(c); }
[ 216s] ^~~~~~~~~~~~~~~~~~~~~~~
[ 216s] ../arch/x86/include/asm/mce.h:366:50: error: control reaches end of non-void function [-Werror=return-type]
[ 216s] static inline void mce_hygon_feature_init(struct cpuinfo_x86 *c) { return mce_amd_feature_init(c); }
- commit 7015e17
- arm64: errata: Add Cortex-A510 speculative unprivileged load (bsc#1219443)
Enable workaround.
- commit 72bb690
- arm64: Rename ARM64_WORKAROUND_2966298 (bsc#1219443)
- Update config files.
- Refresh caps file
- commit 12d16a6
- arm64: errata: Add Cortex-A520 speculative unprivileged load (bsc#1219443)
Enable workaround without kABI break.
- Update config files.
- Refresh patches.suse/kabi-arm64-reserve-space-in-cpu_hwcaps-and-cpu_hwcap.patch.
- commit 2067234
- arm64: errata: Mitigate Ampere1 erratum AC03_CPU_38 at stage-2 (git-fixes)
Enable AMPERE_ERRATUM_AC03_CPU_38 workaround without kABI break
- Update config files
- Refresh patches.suse/kabi-arm64-reserve-space-in-cpu_hwcaps-and-cpu_hwcap.patch.
- commit 4d24e79
- Refresh patches.suse/EDAC-amd64-Use-new-AMD-Address-Translation-Library.patch.
Fix build due to incomplete line removal
- commit 720d084
- vhost: use kzalloc() instead of kmalloc() followed by memset()
(CVE-2024-0340, bsc#1218689).
- commit 4c5a740
- README.BRANCH: Update cve/linux-5.14 maintainers
Add myself to match SLE15-SP5 consumer + fix typo in branch name.
- commit da26653
- Refresh patches.suse/nfsd-fix-RELEASE_LOCKOWNER.patch.
Accidentally removed nfs4_get_stateowner
- commit ad106c0
- kernel-binary: certs: Avoid trailing space
- commit bc7dc31
- Bluetooth: Fix atomicity violation in {min,max}_key_size_set
(git-fixes bsc#1219608 CVE-2024-24860).
- commit a1186fd
- Update
patches.suse/Bluetooth-Fix-atomicity-violation-in-min-max-_key_si.patch
(git-fixes bsc#1219608 CVE-2024-24860).
- commit dedfe8a
- README.BRANCH: update branch name to cve/linux-5.14, update maintainers
as requested
- commit 8e34879
- rpm/kernel-binary.spec.in: install scripts/gdb when enabled in config
(bsc#1219653)
They are put into -devel subpackage. And a proper link to
/usr/share/gdb/auto-load/ is created.
- commit 1dccf2a
- EDAC/amd64: Add MI300 row retirement support (jsc#PED-7618).
- commit fb688f3
- RAS/AMD/ATL: Add MI300 DRAM to normalized address translation support (jsc#PED-7618).
- commit a26a502
- RAS/AMD/ATL: Fix array overflow in get_logical_coh_st_fabric_id_mi300() (jsc#PED-7618).
- commit 83df5af
- RAS/AMD/ATL: Add MI300 support (jsc#PED-7618).
- commit 761e3c8
- Documentation: RAS: Add index and address translation section (jsc#PED-7618).
- commit d6e1334
- EDAC/amd64: Use new AMD Address Translation Library (jsc#PED-7618).
- commit f1baba4
- RAS: Introduce AMD Address Translation Library (jsc#PED-7618).
- commit d6ad6ba
- netfilter: nf_tables: check if catch-all set element is active
in next generation (CVE-2024-1085 bsc#1219429).
- commit 7b3f4c4
- netfilter: nf_tables: reject QUEUE/DROP verdict parameters
(CVE-2024-1086 bsc#1219434).
- commit 5f917ff
- fs: indicate request originates from old mount API (git-fixes).
- commit 8ccbbb1
- tracefs: Add missing lockdown check to tracefs_create_dir()
(git-fixes).
- commit 36d0f04
- fs: Fix error checking for d_hash_and_lookup() (git-fixes).
- commit b1a5e63
- attr: block mode changes of symlinks (git-fixes).
- commit c0d7be1
- eventfd: prevent underflow for eventfd semaphores (git-fixes).
- commit 3a099ca
- kernfs: fix missing kernfs_idr_lock to remove an ID from the
IDR (git-fixes).
- commit 5156b80
- shmem: use ramfs_kill_sb() for kill_sb method of ramfs-based
tmpfs (git-fixes).
- commit a75bdfb
- fs: drop peer group ids under namespace lock (git-fixes).
- commit b6028f3
- nsfs: add compat ioctl handler (git-fixes).
- commit 38694b2
- aio: fix mremap after fork null-deref (git-fixes).
- commit 22e33d9
- fs: don't audit the capability check in simple_xattr_list()
(git-fixes).
- commit 5b6e2cc
- mm: fs: initialize fsdata passed to write_begin/write_end
interface (git-fixes).
- commit af45b4c
- fs: sendfile handles O_NONBLOCK of out_fd (git-fixes).
- commit 088d52b
- vfs: make freeze_super abort when sync_filesystem returns error
(git-fixes).
- commit 6a3b59b
- fs/mount_setattr: always cleanup mount_kattr (git-fixes).
- commit 113e698
- Update
patches.suse/drm-amdgpu-Fix-potential-fence-use-after-free-v2.patch
(bsc#1219128 CVE-2023-51042 git-fixes).
- commit 4b937fc
- drm/amdgpu: Fix missing error code in 'gmc_v6/7/8/9_0_hw_init()'
(git-fixes).
- drm/amdkfd: Fix 'node' NULL check in
'svm_range_get_range_boundaries()' (git-fixes).
- drm/amdgpu: Release 'adev->pm.fw' before return in
'amdgpu_device_need_post()' (git-fixes).
- drm/amdgpu: Fix with right return code '-EIO' in
'amdgpu_gmc_vram_checking()' (git-fixes).
- drm/amd/powerplay: Fix kzalloc parameter 'ATOM_Tonga_PPM_Table'
in 'get_platform_power_management_table()' (git-fixes).
- drm/amdkfd: Fix lock dependency warning with srcu (git-fixes).
- drm/amdkfd: Fix lock dependency warning (git-fixes).
- ALSA: hda/conexant: Fix headset auto detect fail in cx8070
and SN6140 (git-fixes).
- ALSA: hda: Refer to correct stream index at loops (git-fixes).
- drm/amdkfd: Fix iterator used outside loop in
'kfd_add_peer_prop()' (git-fixes).
- drm/amdgpu: Drop 'fence' check in 'to_amdgpu_amdkfd_fence()'
(git-fixes).
- drm/amdgpu: Fix '*fw' from request_firmware() not released in
'amdgpu_ucode_request()' (git-fixes).
- drm/amdgpu: Let KFD sync with VM fences (git-fixes).
- drm/amdgpu: Fix ecc irq enable/disable unpaired (git-fixes).
- drm/amd/display: make flip_timestamp_in_us a 64-bit variable
(git-fixes).
- drm: using mul_u32_u32() requires linux/math64.h (git-fixes).
- drm/msm/dpu: fix writeback programming for YUV cases
(git-fixes).
- drm/msm/dpu: Ratelimit framedone timeout msgs (git-fixes).
- drm/msm/dsi: Enable runtime PM (git-fixes).
- drm/amdgpu: fix ftrace event amdgpu_bo_move always move on
same heap (git-fixes).
- drm/exynos: Call drm_atomic_helper_shutdown() at shutdown/unbind
time (git-fixes).
- drm/framebuffer: Fix use of uninitialized variable (git-fixes).
- drm/panel-edp: Add override_edid_mode quirk for generic edp
(git-fixes).
- drm/amd/display: Fix tiled display misalignment (git-fixes).
- commit 3c1f8a7
- rpm/mkspec: sort entries in _multibuild
Otherwise it creates unnecessary diffs when tar-up-ing. It's of course
due to readdir() using "random" order as served by the underlying
filesystem.
See for example:
https://build.opensuse.org/request/show/1144457/changes
- commit d1155de
- Revert "tracing: Increase trace array ref count on enable and
filter files" (bsc#1219490).
Deleted:
patches.suse/tracing-Increase-trace-array-ref-count-on-enable-and-filter-files.patch
patches.suse/tracing-Fix-uaf-issue-when-open-the-hist-or-hist_debug-file.patch
patches.suse/tracing-Have-event-inject-files-inc-the-trace-array-ref-count.patch
Backported commit f5ca233e2e66 ("tracing: Increase trace array ref count
on enable and filter files") causes a kernel panic and its upstream
fix-up bb32500fb9b7 ("tracing: Have trace_event_file have ref counters")
cannot be easily backported because it affects kABI. Revert the commit
and its two related + dependent patches, at least for now.
- commit b75b68d
- fs: Move notify_change permission checks into may_setattr
(git-fixes).
- commit 9c54f53
- blacklist.conf: add 'nvme: fix error-handling for io_uring
nvme-passthrough'
- commit 580a5ab
- nvme-rdma: Fix transfer length when write_generate/read_verify
are 0 (git-fixes).
- commit b0bd240
- nvme: trace: avoid memcpy overflow warning (git-fixes).
- nvmet: re-fix tracing strncpy() warning (git-fixes).
- nvme: fix max_discard_sectors calculation (git-fixes).
- nvme-pci: fix sleeping function called from interrupt context
(git-fixes).
- nvme: introduce helper function to get ctrl state (git-fixes).
- nvme-pci: add BOGUS_NID for Intel 0a54 device (git-fixes).
- commit 45d7afe
- scsi: lpfc: Update lpfc version to 14.2.0.17 (bsc#1219582).
- scsi: lpfc: Move determination of vmid_flag after VMID
reinitialization completes (bsc#1219582).
- scsi: lpfc: Reinitialize an NPIV's VMID data structures after
FDISC (bsc#1219582).
- scsi: lpfc: Change VMID driver load time parameters to read only
(bsc#1219582).
- commit bb7c841
- ceph: select FS_ENCRYPTION_ALGS if FS_ENCRYPTION (bsc#1219568).
- commit 5e28675
- misc: fastrpc: Mark all sessions as invalid in cb_remove
(git-fixes).
- serial: max310x: fail probe if clock crystal is unstable
(git-fixes).
- serial: max310x: improve crystal stable clock detection
(git-fixes).
- serial: max310x: set default value when reading clock ready bit
(git-fixes).
- serial: core: Fix atomicity violation in uart_tiocmget
(git-fixes).
- usb: ucsi_acpi: Fix command completion handling (git-fixes).
- usb: ucsi: Add missing ppm_lock (git-fixes).
- usb: host: xhci-plat: Add support for
XHCI_SG_TRB_CACHE_SIZE_QUIRK (git-fixes).
- dmaengine: fix is_slave_direction() return false when
DMA_DEV_TO_DEV (git-fixes).
- dmaengine: ti: k3-udma: Report short packet errors (git-fixes).
- dmaengine: fsl-dpaa2-qdma: Fix the size of dma pools
(git-fixes).
- phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP
(git-fixes).
- phy: renesas: rcar-gen3-usb2: Fix returning wrong error code
(git-fixes).
- dmaengine: idxd: Protect int_handle field in hw descriptor
(git-fixes).
- commit 4d4442b
- Input: atkbd - do not skip atkbd_deactivate() when skipping
ATKBD_CMD_GETID (git-fixes).
- Input: atkbd - skip ATKBD_CMD_SETLEDS when skipping
ATKBD_CMD_GETID (git-fixes).
- Input: bcm5974 - check endpoint type before starting traffic
(git-fixes).
- ASoC: sun4i-spdif: Fix requirements for H6 (git-fixes).
- ASoC: codecs: lpass-wsa-macro: fix compander volume hack
(git-fixes).
- ASoC: codecs: wcd938x: handle deferred probe (git-fixes).
- ASoC: codecs: wcd938x: fix headphones volume controls
(git-fixes).
- ALSA: hda/cs8409: Suppress vmaster control for Dolphin models
(git-fixes).
- nfc: nci: free rx_data_reassembly skb on NCI device cleanup
(git-fixes).
- HID: i2c-hid-of: fix NULL-deref on failed power up (git-fixes).
- firewire: core: correct documentation of fw_csr_string()
kernel API (git-fixes).
- commit 2100750
- md: fix bi_status reporting in md_end_clone_io (bsc#1210443).
- commit a1a4e04
- perf/x86/uncore: Use u64 to replace unsigned for the uncore
offsets array (bsc#1219512).
- commit 1425233
- atm: Fix Use-After-Free in do_vcc_ioctl (CVE-2023-51780
bsc#1218730).
- commit 658d424
- fbdev: Only disable sysfb on the primary device (bsc#1216441)
Update an existing patch to fix bsc#1216441.
- commit 1c5c5fe
- xen-netback: don't produce zero-size SKB frags (CVE-2023-46838,
XSA-448, bsc#1218836).
- commit 9a897ff
- drm/amdgpu/pm: Fix the power source flag error (git-fixes).
- commit fe7e152
- nouveau/vmm: don't set addr on the fail path to avoid warning
(git-fixes).
- drm/amd/display: Port DENTIST hang and TDR fixes to OTG disable
W/A (git-fixes).
- drm: Don't unref the same fb many times by mistake due to
deadlock handling (git-fixes).
- drm/amd/display: pbn_div need be updated for hotplug event
(git-fixes).
- commit 962c8b3
- Update
patches.suse/ext4-fix-kernel-BUG-in-ext4_write_inline_data_end.patch
(CVE-2021-33631 bsc#1219412 bsc#1206894).
- commit 2260246
- kabi, vmstat: skip periodic vmstat update for isolated CPUs
(bsc#1217895).
- commit 8cb5798
- sched/isolation: add cpu_is_isolated() API (bsc#1217895).
- trace,smp: Add tracepoints around remotelly called functions
(bsc#1217895).
- vmstat: skip periodic vmstat update for isolated CPUs
(bsc#1217895).
- Refresh
patches.suse/0002-kernel-smp-make-csdlock-timeout-depend-on-boot-param.patch.
- commit 668c0e0
- kernel-source: Fix description typo
- commit 8abff35
- nvmet-tcp: Fix the H2C expected PDU len calculation
(bsc#1217987 bsc#1217988 bsc#1217989 CVE-2023-6535 CVE-2023-6536
CVE-2023-6356).
- nvmet-tcp: remove boilerplate code (bsc#1217987 bsc#1217988
bsc#1217989 CVE-2023-6535 CVE-2023-6536 CVE-2023-6356).
- nvmet-tcp: fix a crash in nvmet_req_complete() (bsc#1217987
bsc#1217988 bsc#1217989 CVE-2023-6535 CVE-2023-6536
CVE-2023-6356).
- nvmet-tcp: Fix a kernel panic when host sends an invalid H2C
PDU length (bsc#1217987 bsc#1217988 bsc#1217989 CVE-2023-6535
CVE-2023-6536 CVE-2023-6356).
- commit d968940
- clocksource: disable watchdog checks on TSC when TSC is watchdog
(bsc#1215885).
- commit b33ffd8
- nfsd4: add refcount for nfsd4_blocked_lock (bsc#1218968
bsc#1219349).
- commit e7c782d
- wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach
(CVE-2023-47233 bsc#1216702).
- commit 433859d
- rpm/constraints.in: set jobs for riscv to 8
The same workers are used for x86 and riscv and the riscv builds take
ages. So align the riscv jobs count to x86.
- commit b2c82b9
- blacklist.conf: add a not-relevant module commit
- commit d1799c4
- tracing/trigger: Fix to return error if failed to alloc snapshot
(git-fixes).
- commit 6a3a4f2
- blacklist.conf: Add bunch of uclamp fixups
244226035a1f sched/uclamp: Fix fits_capacity() check in feec()
b759caa1d9f6 sched/uclamp: Make select_idle_capacity() use util_fits_cpu()
c56ab1b3506b sched/uclamp: Make cpu_overutilized() use util_fits_cpu()
d81304bc6193 sched/uclamp: Cater for uclamp in find_energy_efficient_cpu()'s early exit condition
6b00a4014765 sched/uclamp: Set max_spare_cap_cpu even if max_spare_cap is 0
- commit 6be119f
- platform/x86: ISST: Reduce noise for missing numa information
in logs (bsc#1219285).
- commit 017b316
- tracing: Ensure visibility when inserting an element into
tracing_map (git-fixes).
- commit 95dfb0f
- bpf: Limit the number of kprobes when attaching program to
multiple kprobes (git-fixes).
- commit ecd4878
- ring-buffer: Do not record in NMI if the arch does not support
cmpxchg in NMI (git-fixes).
- commit 2ced0ce
- tracing: Fix uaf issue when open the hist or hist_debug file
(git-fixes).
- commit 8c95da9
- tracing: Add size check when printing trace_marker output
(git-fixes).
- commit ea9dc7e
- tracing: Have large events show up as '[LINE TOO BIG]' instead of
nothing (git-fixes).
- commit 57bb6f3
- asix: Add check for usbnet_get_endpoints (git-fixes).
- commit ce1c3e3
- r8152: add vendor/device ID pair for ASUS USB-C2500 (git-fixes).
- r8152: add vendor/device ID pair for D-Link DUB-E250
(git-fixes).
- commit a726891
- drm/bridge: parade-ps8640: Make sure we drop the AUX mutex in
the error case (git-fixes).
- commit b1d3207
- clocksource: Skip watchdog check for large watchdog intervals
(git-fixes).
- drm/bridge: anx7625: Ensure bridge is suspended in disable()
(git-fixes).
- drm/bridge: parade-ps8640: Ensure bridge is suspended in
.post_disable() (git-fixes).
- drm: panel-simple: add missing bus flags for Tianma
tm070jvhg[30/33] (git-fixes).
- drm/bridge: parade-ps8640: Wait for HPD when doing an AUX
transfer (git-fixes).
- drm/exynos: gsc: minor fix for loop iteration in
gsc_runtime_resume (git-fixes).
- drm/exynos: fix accidental on-stack copy of exynos_drm_plane
(git-fixes).
- gpio: eic-sprd: Clear interrupt after set the interrupt type
(git-fixes).
- commit 0576231
- net: sched: sch_qfq: Use non-work-conserving warning handler
(CVE-2023-4921 bsc#1215275).
- commit b50ba0e
- mkspec: Use variant in constraints template
Constraints are not applied consistently with kernel package variants.
Add variant to the constraints template as appropriate, and expand it
in mkspec.
- commit cc68ab9
- kabi/severities: ignore _rtl92c_phy_calculate_bit_shift symbol
It's an internal function that shouldn't have been exported
- commit eb24ddf
- net: phy: micrel: populate .soft_reset for KSZ9131 (git-fixes).
- uio: Fix use-after-free in uio_open (git-fixes).
- parport: parport_serial: Add Brainboxes device IDs and geometry
(git-fixes).
- parport: parport_serial: Add Brainboxes BAR details (git-fixes).
- pwm: stm32: Fix enable count for clk in .probe() (git-fixes).
- pwm: stm32: Use hweight32 in stm32_pwm_detect_channels
(git-fixes).
- media: rkisp1: Fix media device memory leak (git-fixes).
- wifi: rtlwifi: rtl8192se: using calculate_bit_shift()
(git-fixes).
- wifi: rtlwifi: rtl8192ee: using calculate_bit_shift()
(git-fixes).
- wifi: rtlwifi: rtl8192de: using calculate_bit_shift()
(git-fixes).
- wifi: rtlwifi: rtl8192ce: using calculate_bit_shift()
(git-fixes).
- wifi: rtlwifi: rtl8192cu: using calculate_bit_shift()
(git-fixes).
- wifi: rtlwifi: rtl8192c: using calculate_bit_shift()
(git-fixes).
- wifi: rtlwifi: rtl8188ee: phy: using calculate_bit_shift()
(git-fixes).
- wifi: rtlwifi: add calculate_bit_shift() (git-fixes).
- pstore: ram_core: fix possible overflow in
persistent_ram_init_ecc() (git-fixes).
- wifi: iwlwifi: pcie: avoid a NULL pointer dereference
(git-fixes).
- reset: hisilicon: hi6220: fix Wvoid-pointer-to-enum-cast warning
(git-fixes).
- wifi: cfg80211: lock wiphy mutex for rfkill poll (git-fixes).
- pwm: stm32: Use regmap_clear_bits and regmap_set_bits where
applicable (git-fixes).
- media: rkisp1: Read the ID register at probe time instead of
streamon (git-fixes).
- commit d4f3c53
- fjes: fix memleaks in fjes_hw_setup (git-fixes).
- ALSA: hda/realtek: Enable headset mic on Lenovo M70 Gen5
(git-fixes).
- ALSA: hda/realtek: Enable mute/micmute LEDs and limit mic
boost on HP ZBook (git-fixes).
- ALSA: hda/relatek: Enable Mute LED on HP Laptop 15s-fq2xxx
(git-fixes).
- drm/amdkfd: fixes for HMM mem allocation (git-fixes).
- Input: atkbd - use ab83 as id when skipping the getid command
(git-fixes).
- drivers: clk: zynqmp: update divider round rate logic
(git-fixes).
- drm/tidss: Fix dss reset (git-fixes).
- drm/tidss: Check for K2G in in dispc_softreset() (git-fixes).
- drm/tidss: Return error value from from softreset (git-fixes).
- drm/tidss: Move reset to the end of dispc_init() (git-fixes).
- ACPI: resource: Add another DMI match for the TongFang GMxXGxx
(git-fixes).
- Input: xpad - add Razer Wolverine V2 support (git-fixes).
- Input: i8042 - add nomux quirk for Acer P459-G2-M (git-fixes).
- Input: atkbd - skip ATKBD_CMD_GETID in translated mode
(git-fixes).
- ASoC: Intel: bytcr_rt5640: Add quirk for the Medion Lifetab
S10346 (git-fixes).
- i2c: rk3x: fix potential spinlock recursion on poll (git-fixes).
- clk: rockchip: rk3128: Fix HCLK_OTG gate register (git-fixes).
- hwmon: (corsair-psu) Fix probe when built-in (git-fixes).
- ASoC: ops: add correct range check for limiting volume
(git-fixes).
- ASoC: da7219: Support low DC impedance headset (git-fixes).
- ASoC: rt5650: add mutex to avoid the jack detection failure
(git-fixes).
- ASoC: cs43130: Fix incorrect frame delay configuration
(git-fixes).
- ASoC: cs43130: Fix the position of const qualifier (git-fixes).
- ASoC: Intel: Skylake: mem leak in skl register function
(git-fixes).
- ASoC: nau8822: Fix incorrect type in assignment and cast to
restricted __be16 (git-fixes).
- ASoC: Intel: Skylake: Fix mem leak in few functions (git-fixes).
- ASoC: wm8974: Correct boost mixer inputs (git-fixes).
- drm/amdkfd: Use resource_size() helper function (git-fixes).
- clk: zynqmp: Add a check for NULL pointer (git-fixes).
- clk: zynqmp: make bestdiv unsigned (git-fixes).
- media: rkisp1: Disable runtime PM in probe error path
(git-fixes).
- commit f91e3c6
- Drop clk imx patch that was reverted in the stable tree
- commit ab74263
- Drop ASoC atmel patch that was reverted on stable tree
- commit 7e99407
- rpm/constraints.in: add static multibuild packages
Commit 841012b049a5 (rpm/mkspec: use kernel-source: prefix for
constraints on multibuild) added "kernel-source:" prefix to the
dynamically generated kernels. But there are also static ones like
kernel-docs. Those fail to build as the constraints are still not
applied.
So add the prefix also to the static ones.
Note kernel-docs-rt is given kernel-source-rt prefix. I am not sure it
will ever be multibuilt...
- commit c2e0681
- Update
patches.suse/drm-atomic-Fix-potential-use-after-free-in-nonblocki.patch
(bsc#1219120 CVE-2023-51043 git-fixes).
- commit d004027
- Revert "Limit kernel-source build to architectures for which the kernel binary"
This reverts commit 08a9e44c00758b5f3f3b641830ab6affff041132.
The fix for bsc#1108281 directly causes bsc#1218768, revert.
- commit 2943b8a
- mkspec: Include constraints for both multibuild and plain package always
There is no need to check for multibuild flag, the constraints can be
always generated for both cases.
- commit 308ea09
- rpm/mkspec: use kernel-source: prefix for constraints on multibuild
Otherwise the constraints are not applied with multibuild enabled.
- commit 841012b
- scsi: hisi_sas: Correct the number of global debugfs registers
(git-fixes).
- scsi: hisi_sas: Rollback some operations if FLR failed
(git-fixes).
- commit 2336743
- scsi: hisi_sas: Rename HISI_SAS_{RESET -> RESETTING}_BIT
(git-fixes).
- Refresh
patches.suse/scsi-hisi_sas-Add-more-logs-for-runtime-suspend-resume.patch.
- Refresh
patches.suse/scsi-hisi_sas-Fix-rescan-after-deleting-a-disk.
- Refresh
patches.suse/scsi-hisi_sas-Replace-with-standard-error-code-return-value.patch.
- Refresh
patches.suse/scsi-hisi_sas-Use-libsas-internal-abort-support.patch.
- Refresh
patches.suse/scsi-libsas-Don-t-always-drain-event-workqueue-for-HA-resume.patch.
- commit 6d49430
- kabi/severities: ignore ASoC AMD acp driver symbols (bsc#1219136)
- commit afe2033
- rpm/kernel-source.rpmlintrc: add action-ebpf
Upstream commit a79d8ba734bd (selftests: tc-testing: remove buildebpf
plugin) added this precompiled binary blob. Adapt rpmlintrc for
kernel-source.
- commit b5ccb33
- Update config files: enable ASoC AMD PS drivers (bsc#1219136)
- commit ef8225f
- ASoC: amd: yc: Fix non-functional mic on ASUS E1504FA
(bsc#1219136).
- ASoC: amd: yc: Add DMI entry to support System76 Pangolin 13
(bsc#1219136).
- ASoC: amd: yc: Add HP 255 G10 into quirk table (bsc#1219136).
- ASoC: amd: acp: Add kcontrols and widgets per-codec in common
code (bsc#1219136).
- commit 4161e83
- Add DMI ID for MSI Bravo 15 B7ED (bsc#1219136).
- ASoC: amd: yc: Fix a non-functional mic on Lenovo 82TL
(bsc#1219136).
- ASoC: amd: yc: Add DMI entries to support Victus by HP Gaming
Laptop 15-fb0xxx (8A3E) (bsc#1219136).
- ASoC: amd: acp3x-rt5682-max9836: Configure jack as not detecting
Line Out (bsc#1219136).
- ASoC: amd: acp3x-rt5682-max9836: Map missing jack kcontrols
(bsc#1219136).
- ASoC: amd: acp: Map missing jack kcontrols (bsc#1219136).
- ASoC: amd: acp-rt5645: Map missing jack kcontrols (bsc#1219136).
- ASoC: amd: acp-da7219-max98357a: Map missing jack kcontrols
(bsc#1219136).
- ASoC: amd: acp: fix SND_SOC_AMD_ACP_PCI depdenencies
(bsc#1219136).
- ASoC: amd: acp: delete unnecessary NULL check (bsc#1219136).
- ASoC: amd: acp: clean up some inconsistent indentings
(bsc#1219136).
- ASoC: amd: acp: add pm ops support for rembrandt platform
(bsc#1219136).
- ASoC: amd: acp: move pdm macros to common header file
(bsc#1219136).
- ASoC: amd: acp: store the pdm stream channel mask (bsc#1219136).
- ASoC: amd: acp: export config_acp_dma() and
config_pte_for_stream() symbols (bsc#1219136).
- ASoC: amd: acp: store xfer_resolution of the stream
(bsc#1219136).
- ASoC: amd: acp: add pm ops support for acp pci driver
(bsc#1219136).
- ASoC: amd: acp: store platform device reference created in
pci probe call (bsc#1219136).
- ASoC: amd: acp: remove the redundant acp enable/disable
interrupts functions (bsc#1219136).
- ASoC: amd: acp: add acp i2s master clock generation for
rembrandt platform (bsc#1219136).
- ASoC: amd: acp: refactor the acp init and de-init sequence
(bsc#1219136).
- ASoC: amd: Add new dmi entries to config entry (bsc#1219136).
- commit 120d62d
- ASoC: amd: yc: Add MECHREVO Jiaolong Series MRID6 into DMI table
(bsc#1219136).
- commit 150a883
- ASoC: amd: yc: Add DMI entry to support System76 Pangolin 12
(bsc#1219136).
- commit c977ecd
- ASoC: amd: vangogh: Make use of DRV_NAME (bsc#1219136).
- ASoC: amd: yc: Add VivoBook Pro 15 to quirks list for acp6x
(bsc#1219136).
- ASoC: amd: update pm_runtime enable sequence (bsc#1219136).
- ASoC: amd: acp: remove acp poweroff function (bsc#1219136).
- ASoC: amd: acp: clear pdm dma interrupt mask (bsc#1219136).
- ASoC: amd: vangogh: select CONFIG_SND_AMD_ACP_CONFIG
(bsc#1219136).
- ASoC: amd: vangogh: Add check for acp config flags in vangogh
platform (bsc#1219136).
- ASoC: amd: ps: refactor acp power on and reset functions
(bsc#1219136).
- ASoC: amd: ps: remove the register read and write wrappers
(bsc#1219136).
- ASoC: amd: ps: Update copyright notice (bsc#1219136).
- ASoC: amd: yc: Add Thinkpad Neo14 to quirks list for acp6x
(bsc#1219136).
- ASoC: amd: ps: fix for acp_lock access in pdm driver
(bsc#1219136).
- ASoC: amd: yc: Add Asus VivoBook Pro 14 OLED M6400RC to the
quirks list for acp6x (bsc#1219136).
- ASoC: amd: yc: Add ASUS M3402RA into DMI table (bsc#1219136).
- ASoC: amd: Add check for acp config flags (bsc#1219136).
- ASoC: amd: yc: Add ThinkBook 14 G5+ ARP to quirks list for acp6x
(bsc#1219136).
- ASoC: amd: Add Dell G15 5525 to quirks list (bsc#1219136).
- ASoC: amd: yc: Add DMI entries to support HP OMEN 16-n0xxx
(8A42) (bsc#1219136).
- ASoC: amd: ps: update the acp clock source (bsc#1219136).
- ASoC: amd: acp: rembrandt: Drop if blocks with always false
condition (bsc#1219136).
- ASoC: amd: vangogh: Remove unnecessary init function
(bsc#1219136).
- ASoC: amd: yc: Add DMI entries to support Victus by HP Laptop
16-e1xxx (8A22) (bsc#1219136).
- ASoC: amd: yc: Add DMI entries to support HP OMEN 16-n0xxx
(8A43) (bsc#1219136).
- ASoC: amd: yp: Add OMEN by HP Gaming Laptop 16z-n000 to quirks
(bsc#1219136).
- ASoC: amd: ps: Add a module parameter to influence pdm_gain
(bsc#1219136).
- ASoC: amd: ps: Adjust the gain for PDM DMIC (bsc#1219136).
- ASoC: amd: renoir: Add a module parameter to influence pdm_gain
(bsc#1219136).
- ASoC: amd: renoir: Adjust the gain for PDM DMIC (bsc#1219136).
- ASoC: amd: yc: Add a module parameter to influence pdm_gain
(bsc#1219136).
- ASoC: amd: yc: Adjust the gain for PDM DMIC (bsc#1219136).
- ASoC: amd: acp: Refactor bit width calculation (bsc#1219136).
- ASoC: amd: acp: Enable i2s tdm support for skyrim platforms
(bsc#1219136).
- ASoC: amd: acp: Add i2s tdm support in machine driver
(bsc#1219136).
- ASoC: amd: acp: Refactor i2s clocks programming sequence
(bsc#1219136).
- ASoC: amd: acp: Refactor dai format implementation
(bsc#1219136).
- ASoC: amd: acp: Add new cpu dai's in machine driver
(bsc#1219136).
- ASoC: amd: ps: Fix uninitialized ret in
create_acp64_platform_devs() (bsc#1219136).
- ASoC: amd: ps: use static function (bsc#1219136).
- ASoC: amd: ps: remove unused variable (bsc#1219136).
- ASoC: amd: ps: use acp_lock to protect common registers in
pdm driver (bsc#1219136).
- ASoC: amd: ps: add mutex lock for accessing common registers
(bsc#1219136).
- ASoC: amd: Drop empty platform remove function (bsc#1219136).
- ASoC: amd: ps: move irq handler registration (bsc#1219136).
- ASoC: amd: ps: update dev index value in irq handler
(bsc#1219136).
- ASoC: amd: ps: refactor platform device creation logic
(bsc#1219136).
- ASoC: amd: ps: implement api to retrieve acp device config
(bsc#1219136).
- ASoC: amd: yc: Add Xiaomi Redmi Book Pro 15 2022 into DMI table
(bsc#1219136).
- ASoC: amd: yc: Add DMI support for new acer/emdoor platforms
(bsc#1219136).
- ASoC: amd: yc: Add ASUS M5402RA into DMI table (bsc#1219136).
- ASoC: amd: yc: Add Razer Blade 14 2022 into DMI table
(bsc#1219136).
- ASoC: amd: yc: Add Xiaomi Redmi Book Pro 14 2022 into DMI table
(bsc#1219136).
- ASoC: amd: acp: Fix possible UAF in acp_dma_open (bsc#1219136).
- ASoC: amd: ps: Move acp63_dev_data strcture from PCI driver
(bsc#1219136).
- ASoC: amd: ps: update macros with ps platform naming convention
(bsc#1219136).
- ASoC: amd: Drop da7219_aad_jack_det() usage (bsc#1219136).
- ASoC: amd: fix ACP version typo mistake (bsc#1219136).
- ASoC: amd: acp: Add setbias level for rt5682s codec in machine
driver (bsc#1219136).
- ASoC: amd: acp: Add TDM slots setting support for ACP I2S
controller (bsc#1219136).
- ASoC: amd: Update Pink Sardine platform ACP register header
(bsc#1219136).
- ASoC: amd: yc: Add Alienware m17 R5 AMD into DMI table
(bsc#1219136).
- ASoC: amd: yc: Add Lenovo Thinkbook 14+ 2022 21D0 to quirks
table (bsc#1219136).
- ASoC: amd: yc: Adding Lenovo ThinkBook 14 Gen 4+ ARA and Lenovo
ThinkBook 16 Gen 4+ ARA to the Quirks List (bsc#1219136).
- ASoC: amd: acp: use function devm_kcalloc() instead of
devm_kzalloc() (bsc#1219136).
- ASoC: amd: acp: use devm_kcalloc() instead of devm_kzalloc()
(bsc#1219136).
- ASoC: amd: fix spelling mistake: "i.e" -> "i.e." (bsc#1219136).
- ASoC: amd: enable Pink sardine platform machine driver build
(bsc#1219136).
- ASoC: amd: add Pink Sardine machine driver using dmic
(bsc#1219136).
- ASoC: amd: create platform device for acp6.2 machine driver
(bsc#1219136).
- ASoC: amd: enable Pink Sardine acp6.2 drivers build
(bsc#1219136).
- ASoC: amd: add acp6.2 pdm driver pm ops (bsc#1219136).
- ASoC: amd: add acp6.2 pci driver pm ops (bsc#1219136).
- ASoC: amd: add acp6.2 pdm driver dma ops (bsc#1219136).
- ASoC: amd: add acp6.2 irq handler (bsc#1219136).
- ASoC: amd: add acp6.2 pdm platform driver (bsc#1219136).
- ASoC: amd: add platform devices for acp6.2 pdm driver and dmic
driver (bsc#1219136).
- ASoC: amd: add acp6.2 init/de-init functions (bsc#1219136).
- ASoC: amd: add Pink Sardine ACP PCI driver (bsc#1219136).
- ASoC: amd: add Pink Sardine platform ACP IP register header
(bsc#1219136).
- ASoC: amd: acp: Modify dai_id macros to be more generic
(bsc#1219136).
- ASoC: amd: acp: remove unnecessary NULL checks (bsc#1219136).
- ASoC: amd: acp: add a label to make error path more clean
(bsc#1219136).
- ASoC: amd: acp: switch to use dev_err_probe() (bsc#1219136).
- ASoC: amd: acp: Add TDM support for acp i2s stream
(bsc#1219136).
- ASoC: amd: acp: Initialize list to store acp_stream during
pcm_open (bsc#1219136).
- commit 14632ae
- arm64: dts: imx8mp: imx8mq: Add parkmode-disable-ss-quirk on DWC3 (git-fixes)
- commit 3eba4f6
- arm64: dts: imx8mq: drop usb3-resume-missing-cas from usb (git-fixes)
- commit ee809a9
- xhci: track port suspend state correctly in unsuccessful resume
cases (git-fixes).
- commit 5f8b948
- arm64: dts: armada-3720-turris-mox: set irq type for RTC (git-fixes)
- commit a7b727f
- arm64: mm: Always make sw-dirty PTEs hw-dirty in pte_modify (git-fixes)
- commit f3c4bfe
- arm64: dts: rockchip: Expand reg size of vdec node for RK3399 (git-fixes)
- commit 7e17ca6
- arm64: dts: ls208xa: use a pseudo-bus to constrain usb dma size (git-fixes)
- commit ed0fb4a
- blacklist.conf: ("arm64: Restrict CPU_BIG_ENDIAN to GNU as or LLVM IAS 15.x or newer")
- commit 76fd77c
- scsi: mpt3sas: Fix loop logic (bsc#1219067).
- commit 872bee1
- scsi: hisi_sas: Replace with standard error code return value
(git-fixes).
- scsi: fnic: Return error if vmalloc() failed (git-fixes).
- scsi: mpt3sas: Fix an outdated comment (git-fixes).
- scsi: core: Always send batch on reset or error handling command
(git-fixes).
- scsi: bnx2fc: Fix skb double free in bnx2fc_rcv() (git-fixes).
- scsi: be2iscsi: Fix a memleak in beiscsi_init_wrb_handle()
(git-fixes).
- commit 3a87f07
- blacklist.conf: add commit that breaks kabi
- commit 4ab1644
- scsi: qla2xxx: Fix system crash due to bad pointer access
(git-fixes).
- scsi: mpt3sas: Fix loop logic (git-fixes).
- scsi: megaraid_sas: Increase register read retry rount from
3 to 30 for selected registers (git-fixes).
- scsi: libfc: Fix potential NULL pointer dereference in
fc_lport_ptp_setup() (git-fixes).
- scsi: ibmvfc: Fix erroneous use of rtas_busy_delay with hcall
return code (git-fixes).
- scsi: hisi_sas: Set debugfs_dir pointer to NULL after removing
debugfs (git-fixes).
- scsi: mpt3sas: Fix in error path (git-fixes).
- scsi: pm80xx: Avoid leaking tags when processing
OPC_INB_SET_CONTROLLER_CONFIG command (git-fixes).
- scsi: pm80xx: Use phy-specific SAS address when sending
PHY_START command (git-fixes).
- scsi: megaraid_sas: Fix deadlock on firmware crashdump
(git-fixes).
- scsi: hisi_sas: Fix normally completed I/O analysed as failed
(git-fixes).
- scsi: hisi_sas: Fix warnings detected by sparse (git-fixes).
- scsi: iscsi: Rename iscsi_set_param() to iscsi_if_set_param()
(git-fixes).
- scsi: hisi_sas: Modify v3 HW SATA completion error processing
(git-fixes).
- commit d038b1c
- xhci: pass port pointer as parameter to xhci_set_port_power()
(git-fixes).
- xhci: cleanup xhci_hub_control port references (git-fixes).
- commit b297848
- USB: xhci: workaround for grace period (git-fixes).
- commit 66e1fb8
- xhci: Add grace period after xHC start to prevent premature
runtime suspend (git-fixes).
- blacklist.conf: I wanted to avoid the kABI workaround for this, but it
is needed; reinstate it.
- Refresh
patches.suse/xhci-remove-unused-command-member-from-struct-xhci_h.patch.
- commit e6ea339
- scripts/tar-up.sh: don't add spurious entry from kernel-sources.changes.old
The previous change added the manual entry from kernel-sources.change.old
to old_changelog.txt unnecessarily. Let's fix it.
- commit fb033e8
- Update
patches.suse/ext4-improve-error-recovery-code-paths-in-__ext4_rem.patch
(bsc#1213017 bsc#1219053 CVE-2024-0775).
- commit 97ea702
- RDMA/irdma: Avoid free the non-cqp_request scratch (git-fixes)
- commit e0e972e
- blacklist.conf: add 4fbc3a52cd4d ("RDMA/core: Fix umem iterator when PAGE_SIZE is greater then HCA pgsz")
- commit 294e9b8
- RDMA/irdma: Fix UAF in irdma_sc_ccq_get_cqe_info() (git-fixes)
- commit 345f1ff
- RDMA/irdma: Refactor error handling in create CQP (git-fixes)
- commit 4a6aa38
- RDMA/rtrs-clt: Remove the warnings for req in_use check (git-fixes)
- commit 281db3f
- RDMA/rtrs-clt: Fix the max_send_wr setting (git-fixes)
- commit 63679fd
- RDMA/rtrs-srv: Destroy path files after making sure no IOs in-flight (git-fixes)
- commit 3c73c12
- RDMA/rtrs-srv: Free srv_mr iu only when always_invalidate is true (git-fixes)
- commit 8cc2bd1
- RDMA/rtrs-srv: Check return values while processing info request (git-fixes)
- commit 8d9fb90
- RDMA/rtrs-clt: Start hb after path_up (git-fixes)
- commit e242a3d
- RDMA/rtrs-srv: Do not unconditionally enable irq (git-fixes)
- commit 29a41f7
- RDMA/irdma: Add wait for suspend on SQD (git-fixes)
- commit 538f2e3
- RDMA/irdma: Do not modify to SQD on error (git-fixes)
- commit 263fc9c
- RDMA/hns: Fix unnecessary err return when using invalid congest control algorithm (git-fixes)
- commit 59ab729
- rpm/kernel-docs.spec.in: fix build with 6.8
Since upstream commit f061c9f7d058 (Documentation: Document each netlink
family), the build needs python yaml.
- commit 6a7ece3
- scsi: hisi_sas: Modify v3 HW SSP underflow error processing
(git-fixes).
- Refresh
patches.suse/scsi-hisi_sas-Handle-NCQ-error-when-IPTT-is-valid.patch.
- commit 44aa3a5
- blacklist.conf: kABI
- commit d83f18a
- blacklist.conf: kABI
- commit 59ff7e1
- Update patch reference for ax88179 fix (bsc#1218948)
- commit 5a21b74
- hv_netvsc: rndis_filter needs to select NLS (git-fixes).
- x86/hyperv: Use atomic_try_cmpxchg() to micro-optimize
hv_nmi_unknown() (git-fixes).
- x86/hyperv: Fix the detection of E820_TYPE_PRAM in a Gen2 VM
(git-fixes).
- commit 7633c65
- drm/amdgpu: Fix cat debugfs amdgpu_regs_didt causes kernel
null pointer (git-fixes).
- commit 3bf351b
- dmaengine: fix NULL pointer in channel unregistration function
(git-fixes).
- libapi: Add missing linux/types.h header to get the __u64 type
on io.h (git-fixes).
- ALSA: oxygen: Fix right channel of capture volume mixer
(git-fixes).
- power: supply: cw2015: correct time_to_empty units in sysfs
(git-fixes).
- power: supply: bq256xx: fix some problem in bq256xx_hw_init
(git-fixes).
- apparmor: avoid crash when parsed profile name is empty
(git-fixes).
- ALSA: hda/realtek: Fix mute and mic-mute LEDs for HP Envy X360
13-ay0xxx (git-fixes).
- ALSA: hda/realtek: Add quirks for ASUS Zenbook 2022 Models
(git-fixes).
- drm/amd/display: get dprefclk ss info from integration info
table (git-fixes).
- drm/crtc: fix uninitialized variable use (git-fixes).
- drm/crtc: Fix uninit-value bug in drm_mode_setcrtc (git-fixes).
- drm/exynos: fix a wrong error checking (git-fixes).
- drm/exynos: fix a potential error pointer dereference
(git-fixes).
- drm/amdgpu: Add NULL checks for function pointers (git-fixes).
- nouveau/tu102: flush all pdbs on vmm flush (git-fixes).
- ALSA: hda: intel-nhlt: Ignore vbps when looking for DMIC 32
bps format (git-fixes).
- drm/amd/display: update dcn315 lpddr pstate latency (git-fixes).
- commit 091325f
- net: usb: ax88179_178a: avoid two consecutive device resets
(bsc#1218948).
- net: usb: ax88179_178a: Bind only to vendor-specific interface
(bsc#1218948).
- net: usb: ax88179_178a: restore state on resume (bsc#1218948).
- commit d91b154
- nfsd: fix RELEASE_LOCKOWNER (bsc#1218968).
- commit ad625bb
- badblocks: avoid checking invalid range in badblocks_check()
(bsc#1174649).
- badblocks: switch to the improved badblock handling code
(bsc#1174649).
- badblocks: improve badblocks_check() for multiple ranges
handling (bsc#1174649).
- badblocks: improve badblocks_clear() for multiple ranges
handling (bsc#1174649).
- badblocks: improve badblocks_set() for multiple ranges handling
(bsc#1174649).
- badblocks: add helper routines for badblock ranges handling
(bsc#1174649).
- badblocks: add more helper structure and routines in badblocks.h
(bsc#1174649).
- commit 6a46786
- dt-bindings: gpio: Remove FSI domain ports on Tegra234 (jsc#PED-6694)
- commit 4ac18f0
- perf/x86/intel/uncore: Factor out topology_gidnid_map()
(bsc#1218958).
- perf/x86/intel/uncore: Fix NULL pointer dereference issue in
upi_fill_topology() (bsc#1218958).
- commit fe3658c
- net: usb: ax88179_178a: move priv to driver_priv (git-fixes).
- Refresh
patches.suse/net-usb-ax88179_178a-wol-optimizations.patch.
- commit 8b1488e
- s390/vfio-ap: let on_scan_complete() callback filter matrix
and update guest's APCB (git-fixes bsc#1219014).
- commit b83db20
- s390/vfio-ap: loop over the shadow APCB when filtering guest's
AP configuration (git-fixes bsc#1219013).
- commit 0f291d1
- s390/vfio-ap: always filter entire AP matrix (git-fixes
bsc#1219012).
- commit a461bd5
- s390/pci: fix max size calculation in zpci_memcpy_toio()
(git-fixes bsc#1219006).
- commit 18b0ac3
- modpost: move __attribute__((format(printf, 2, 3))) to modpost.h
(git-fixes).
- kdb: Fix a potential buffer overflow in kdb_local() (git-fixes).
- i2c: s3c24xx: fix transferring more than one message in polling
mode (git-fixes).
- i2c: s3c24xx: fix read transfers in polling mode (git-fixes).
- pwm: jz4740: Don't use dev_err_probe() in .request()
(git-fixes).
- pwm: Fix out-of-bounds access in of_pwm_single_xlate()
(git-fixes).
- dma-debug: fix kernel-doc warnings (git-fixes).
- usb: mon: Fix atomicity violation in mon_bin_vma_fault
(git-fixes).
- usb: typec: class: fix typec_altmode_put_partner to put plugs
(git-fixes).
- usb: xhci-mtk: fix a short packet issue of gen1 isoc-in transfer
(git-fixes).
- usb: phy: mxs: remove CONFIG_USB_OTG condition for
mxs_phy_is_otg_host() (git-fixes).
- usb: chipidea: wait controller resume finished for wakeup irq
(git-fixes).
- usb: cdns3: Fix uvc fail when DMA cross 4k boundery since sg
enabled (git-fixes).
- usb: cdns3: fix uvc failure work since sg support enabled
(git-fixes).
- usb: dwc: ep0: Update request status in dwc3_ep0_stall_restart
(git-fixes).
- Revert "usb: dwc3: don't reset device side if dwc3 was
configured as host-only" (git-fixes).
- Revert "usb: dwc3: Soft reset phy on probe for host"
(git-fixes).
- Revert "usb: typec: class: fix typec_altmode_put_partner to
put plugs" (git-fixes).
- serial: sc16is7xx: set safe default SPI clock frequency
(git-fixes).
- serial: sc16is7xx: add check for unsupported SPI modes during
probe (git-fixes).
- serial: imx: Correct clock error message in function probe()
(git-fixes).
- serial: imx: fix tx statemachine deadlock (git-fixes).
- serial: sccnxp: Improve error message if regulator_disable()
fails (git-fixes).
- serial: 8250: omap: Don't skip resource freeing if
pm_runtime_resume_and_get() failed (git-fixes).
- software node: Let args be NULL in
software_node_get_reference_args (git-fixes).
- acpi: property: Let args be NULL in
__acpi_node_get_property_reference (git-fixes).
- iio: adc: ad7091r: Pass iio_dev to event handler (git-fixes).
- iio: adc: ad9467: add mutex to struct ad9467_state (git-fixes).
- iio: adc: ad9467: don't ignore error codes (git-fixes).
- iio: adc: ad9467: fix reset gpio handling (git-fixes).
- bus: mhi: host: Drop chan lock before queuing buffers
(git-fixes).
- bus: mhi: host: Add spinlock to protect WP access when queueing
TREs (git-fixes).
- bus: mhi: host: Add alignment check for event ring read pointer
(git-fixes).
- PCI: keystone: Fix race condition when initializing PHYs
(git-fixes).
- PCI: Add ACS quirk for more Zhaoxin Root Ports (git-fixes).
- PCI/P2PDMA: Remove reference to pci_p2pdma_map_sg() (git-fixes).
- pinctrl: intel: Revert "Unexport intel_pinctrl_probe()"
(git-fixes).
- leds: ledtrig-tty: Free allocated ttyname buffer on deactivate
(git-fixes).
- leds: aw2013: Select missing dependency REGMAP_I2C (git-fixes).
- mfd: intel-lpss: Fix the fractional clock divider flags
(git-fixes).
- firewire: ohci: suppress unexpected system reboot in AMD Ryzen
machines and ASM108x/VT630x PCIe cards (git-fixes).
- mmc: core: Cancel delayed work before releasing host
(git-fixes).
- net: usb: ax88179_178a: remove redundant init code (git-fixes).
- commit 050b9b3
- blacklist.conf: documentation fix
- commit 056879c
- KVM: s390: vsie: Fix STFLE interpretive execution identification
(git-fixes bsc#1218997).
- commit a78caf7
- nvme: move nvme_stop_keep_alive() back to original position
(bsc#1211515).
- commit d640b69
- netfilter: nf_tables: Reject tables of unsupported family
(bsc#1218752 CVE-2023-6040).
- commit e03f1d3
- nvme: start keep-alive after admin queue setup (bsc#1211515).
- nvme-loop: always quiesce and cancel commands before destroying
admin q (bsc#1211515).
- nvme-tcp: avoid open-coding nvme_tcp_teardown_admin_queue()
(bsc#1211515).
- commit f407c87
- fbdev: Only disable sysfb on the primary device (bsc#1216441)
- commit 79783f0
- ubifs: ubifs_symlink: Fix memleak of inode->i_link in error path
(git-fixes).
- commit cc469c7
- ubifs: Check @c->dirty_[n|p]n_cnt and @c->nroot state under
@c->lp_mutex (git-fixes).
- commit d5d1991
- tipc: fix a potential deadlock on &tx->lock (bsc#1218916
CVE-2024-0641).
- commit d898738
- Drop PCI vmd patches that caused a regression (bsc#1218005)
Deleted:
patches.suse/PCI-vmd-Fix-secondary-bus-reset-for-Intel-bridges.patch
patches.suse/PCI-vmd-Fix-uninitialized-variable-usage-in-vmd_enab.patch
- commit 1697177
- tipc: fix a potential deadlock on &tx->lock (bsc#1218916
CVE-2024-0641).
- commit 7953be2
- Update metadata
- commit c015ae2
- smb: client: fix OOB in receive_encrypted_standard()
(bsc#1218832 CVE-2024-0565).
- commit 3cac9c2
- smb: client: fix OOB in receive_encrypted_standard()
(bsc#1218832 CVE-2024-0565).
- commit e9083ae
- x86/mce: Cleanup mce_usable_address() (jsc#PED-7623).
- commit b54373d
- x86/mce: Define amd_mce_usable_address() (jsc#PED-7623).
- commit 69805de
- x86/MCE/AMD: Split amd_mce_is_memory_error() (jsc#PED-7623).
- commit 17233cd
- IB/iser: Prevent invalidating wrong MR (git-fixes)
- commit 3e4d18d
- RDMA/hns: Remove unnecessary checks for NULL in mtr_alloc_bufs() (git-fixes)
- commit c22413e
- RDMA/hns: Fix inappropriate err code for unsupported operations (git-fixes)
- commit 366f439
- RDMA/usnic: Silence uninitialized symbol smatch warnings (git-fixes)
- commit bb70cd4
- Documentation: Begin a RAS section (jsc#PED-7622).
- commit b55cb06
- x86/MCE/AMD: Add new MA_LLC, USR_DP, and USR_CP bank types (jsc#PED-7622).
- commit 2a68e97
- EDAC/mce_amd: Remove SMCA Extended Error code descriptions (jsc#PED-7622).
- commit 44e51c1
- EDAC/amd64: Add support for family 0x19, models 0x90-9f devices (jsc#PED-7622).
- commit 05504bb
- EDAC/mc: Add support for HBM3 memory type (jsc#PED-7622).
- commit ea69eb6
- x86/amd_nb: Add AMD Family MI300 PCI IDs (jsc#PED-7622).
- Refresh
patches.suse/PCI-Prevent-xHCI-driver-from-claiming-AMD-VanGogh-US.patch.
- commit 7126e83
- ida: Fix crash in ida_free when the bitmap is empty (bsc#1218804
CVE-2023-6915).
- commit 7caa324
- platform/x86/amd/hsmp: Fix iomem handling (jsc#PED-7620).
- commit 12e7799
- platform/x86/amd/hsmp: improve the error log (jsc#PED-7620).
- commit 1360d63
- platform/x86/amd/hsmp: add support for metrics tbl (jsc#PED-7620).
- commit 289eab7
- platform/x86/amd/hsmp: create plat specific struct (jsc#PED-7620).
- commit ac44ea2
- platform/x86: use PLATFORM_DEVID_NONE instead of -1 (jsc#PED-7620).
- Refresh
patches.suse/platform-x86-amd-pmc-remove-CONFIG_DEBUG_FS-checks.patch.
- commit 9b51c97
- EDAC/amd64: Cache and use GPU node map (jsc#PED-7616).
- commit 58aa5aa
- EDAC/amd64: Add support for AMD heterogeneous Family 19h Model 30h-3Fh (jsc#PED-7616).
- commit f30c55c
- EDAC/amd64: Document heterogeneous system enumeration (jsc#PED-7616).
- commit ffa78e3
- x86/MCE/AMD, EDAC/mce_amd: Decode UMC_V2 ECC errors (jsc#PED-7616).
- commit cfe246e
- x86/amd_nb: Add MI200 PCI IDs (jsc#PED-7616).
- Refresh
patches.suse/PCI-Prevent-xHCI-driver-from-claiming-AMD-VanGogh-US.patch.
- commit cb392fd
- EDAC/mc: Add new HBM2 memory type (jsc#PED-7616).
- Refresh
patches.suse/edac-add-rddr5-and-lrddr5-memory-types.patch.
- commit eca21a4
- usb: otg numberpad exception (bsc#1218527).
- commit 3d70e84
- EDAC/amd64: Add support for ECC on family 19h model 60h-7Fh (jsc#PED-7615).
- commit 16c2c66
- EDAC/amd64: Remove module version string (jsc#PED-7615).
- commit b84231c
- EDAC/amd64: Fix indentation in umc_determine_edac_cap() (jsc#PED-7615).
- commit b7d2f10
- EDAC/amd64: Add get_err_info() to pvt->ops (jsc#PED-7615).
- commit ea43a00
- EDAC/amd64: Split dump_misc_regs() into dct/umc functions (jsc#PED-7615).
- commit 2c6263f
- EDAC/amd64: Split init_csrows() into dct/umc functions (jsc#PED-7615).
- commit 375eb6a
- EDAC/amd64: Split determine_edac_cap() into dct/umc functions (jsc#PED-7615).
- commit 2903760
- EDAC/amd64: Rename f17h_determine_edac_ctl_cap() (jsc#PED-7615).
- commit 9071635
- EDAC/amd64: Split setup_mci_misc_attrs() into dct/umc functions (jsc#PED-7615).
- commit 21842b7
- EDAC/amd64: Split ecc_enabled() into dct/umc functions (jsc#PED-7615).
- commit 93157a0
- EDAC/amd64: Split read_mc_regs() into dct/umc functions (jsc#PED-7615).
- commit 01c4123
- EDAC/amd64: Split determine_memory_type() into dct/umc functions (jsc#PED-7615).
- commit 59d41b9
- EDAC/amd64: Split read_base_mask() into dct/umc functions (jsc#PED-7615).
- commit ddb7d7a
- EDAC/amd64: Split prep_chip_selects() into dct/umc functions (jsc#PED-7615).
- commit cb412ef
- EDAC/amd64: Rework hw_info_{get,put} (jsc#PED-7615).
- commit f32e3e6
- EDAC/amd64: Merge struct amd64_family_type into struct amd64_pvt (jsc#PED-7615).
- commit e87aae6
- EDAC/amd64: Do not discover ECC symbol size for Family 17h and later (jsc#PED-7615).
- commit 555ada3
- EDAC/amd64: Drop dbam_to_cs() for Family 17h and later (jsc#PED-7615).
- commit 8839a23
- EDAC/amd64: Split get_csrow_nr_pages() into dct/umc functions (jsc#PED-7615).
- commit 9f0bb93
- EDAC/amd64: Rename debug_display_dimm_sizes() (jsc#PED-7615).
- commit 13890aa
- EDAC/amd64: Shut up an -Werror,-Wsometimes-uninitialized clang false positive (jsc#PED-7615).
- commit 78d7b48
- EDAC/amd64: Remove early_channel_count() (jsc#PED-7615).
- commit a00b2ae
- EDAC/amd64: Remove PCI Function 0 (jsc#PED-7615).
- commit 49bc10d
- EDAC/amd64: Remove PCI Function 6 (jsc#PED-7615).
- commit c2e9755
- EDAC/amd64: Remove scrub rate control for Family 17h and later (jsc#PED-7615).
- commit 320ccbc
- EDAC/amd64: Don't set up EDAC PCI control on Family 17h+ (jsc#PED-7615).
- commit 85a16a7
- EDAC/amd64: Add context struct (jsc#PED-7615).
- commit 98c3472
- EDAC/amd64: Allow for DF Indirect Broadcast reads (jsc#PED-7615).
- commit d8a1ed8
- x86/cpu: Read/save PPIN MSR during initialization (jsc#PED-7615).
- commit deabf4e
- x86/cpu: Merge Intel and AMD ppin_init() functions (jsc#PED-7615).
- commit c071d82
- s390: vfio-ap: tighten the NIB validity check (git-fixes)
blacklist.conf: the reason for valid for SLE15-SP4, not so much for SP5
- commit fbc62d2
- coresight: etm4x: Ensure valid drvdata and clock before clk_put() (bsc#1218779)
- commit 854c05d
- blacklist.conf: not a fix
- commit e48ddb7
- Delete
patches.suse/s390-sles15sp2-kdump-fix-out-of-memory-with-PCI.patch.
Patch obsoleted by 73045a08cf55 ("s390: unify identity mapping limits
handling")
- commit efb62ac
- s390/dasd: fix double module refcount decrement (bsc#1141539).
- commit 3b938a7
- coresight: etm4x: Add ACPI support in platform driver (bsc#1218779)
- commit a6bc99c
- coresight: platform: acpi: Ignore the absence of graph (bsc#1218779)
- commit 36e1498
- coresight: etm4x: Change etm4_platform_driver driver for MMIO devices (bsc#1218779)
- commit aa5d7f2
- coresight: etm4x: Drop pid argument from etm4_probe() (bsc#1218779)
- commit cf6ac73
- coresight: etm4x: Drop iomem 'base' argument from etm4_probe() (bsc#1218779)
- commit 1e7e6ff
- coresight: etm4x: Allocate and device assign 'struct etmv4_drvdata' (bsc#1218779)
- commit 86846ee
- PCI/AER: Configure ECRC only if AER is native (bsc#1218778)
- commit 6ecb7b5
- Update: drm/vmwgfx: Keep a gem reference to user bos in surfaces
- Fix crash in vmw_context_cotables_unref when 3d support is enabled
(bsc#1218738)
- commit 99a9f67
- of: unittest: Fix of_count_phandle_with_args() expected value
message (git-fixes).
- drm/bridge: nxp-ptn3460: simplify some error checking
(git-fixes).
- drm/panfrost: Ignore core_mask for poweroff and disable PWRTRANS
irq (git-fixes).
- commit e43eec3
- drm/msm/dpu: Set input_sel bit for INTF (git-fixes).
- commit 29695c1
- of: Fix double free in of_parse_phandle_with_args_map
(git-fixes).
- HID: wacom: Correct behavior when processing some confidence ==
false touches (git-fixes).
- fbdev: flush deferred IO before closing (git-fixes).
- fbdev: flush deferred work in fb_deferred_io_fsync()
(git-fixes).
- fbdev: mmp: Fix typo and wording in code comment (git-fixes).
- fbdev: imxfb: fix left margin setting (git-fixes).
- media: dt-bindings: ov8856: decouple lanes and link frequency
from driver (git-fixes).
- media: dvb-frontends: m88ds3103: Fix a memory leak in an error
handling path of m88ds3103_probe() (git-fixes).
- media: cx231xx: fix a memleak in cx231xx_init_isoc (git-fixes).
- media: videobuf2-dma-sg: fix vmap callback (git-fixes).
- media: ov9734: Enable runtime PM before registering async
sub-device (git-fixes).
- media: imx355: Enable runtime PM before registering async
sub-device (git-fixes).
- media: pvrusb2: fix use after free on context disconnection
(git-fixes).
- watchdog: rti_wdt: Drop runtime pm reference count when watchdog
is unused (git-fixes).
- watchdog: bcm2835_wdt: Fix WDIOC_SETTIMEOUT handling
(git-fixes).
- watchdog/hpwdt: Only claim UNKNOWN NMI if from iLO (git-fixes).
- watchdog: set cdev owner before adding (git-fixes).
- drm/amd/pm/smu7: fix a memleak in smu7_hwmgr_backend_init
(git-fixes).
- drm/amdkfd: Confirm list is non-empty before utilizing
list_first_entry in kfd_topology.c (git-fixes).
- drm/mediatek: Return error if MDP RDMA failed to enable the
clock (git-fixes).
- drm/msm/dpu: Drop enable and frame_count parameters from
dpu_hw_setup_misr() (git-fixes).
- drm/msm/dpu: rename dpu_encoder_phys_wb_setup_cdp to match
its functionality (git-fixes).
- drm/msm/dsi: Use pm_runtime_resume_and_get to prevent refcnt
leaks (git-fixes).
- drm/msm/mdp4: flush vblank event on disable (git-fixes).
- drm/amd/pm: fix a double-free in
amdgpu_parse_extended_power_table (git-fixes).
- gpu/drm/radeon: fix two memleaks in radeon_vm_init (git-fixes).
- drm/amd/pm: fix a double-free in si_dpm_init (git-fixes).
- drm/amdgpu/debugfs: fix error code when smc register accessors
are NULL (git-fixes).
- drm/radeon/trinity_dpm: fix a memleak in
trinity_parse_power_table (git-fixes).
- drm/radeon/dpm: fix a memleak in sumo_parse_power_table
(git-fixes).
- drm/radeon: check the alloc_workqueue return value in
radeon_crtc_init() (git-fixes).
- drm/bridge: tc358767: Fix return value on error case
(git-fixes).
- drm/bridge: cdns-mhdp8546: Fix use of uninitialized variable
(git-fixes).
- drm/bridge: nxp-ptn3460: fix i2c_master_send() error checking
(git-fixes).
- drm/drv: propagate errors from drm_modeset_register_all()
(git-fixes).
- drm/tidss: Fix atomic_flush check (git-fixes).
- drm/bridge: Fix typo in post_disable() description (git-fixes).
- drm/radeon: check return value of radeon_ring_lock()
(git-fixes).
- drm/radeon/r100: Fix integer overflow issues in
r100_cs_track_check() (git-fixes).
- drm/radeon/r600_cs: Fix possible int overflows in
r600_cs_check_reg() (git-fixes).
- drm/tilcdc: Fix irq free on unload (git-fixes).
- commit 10ca9c4
- drivers: clk: zynqmp: calculate closest mux rate (git-fixes).
- clk: qcom: videocc-sm8150: Add missing PLL config property
(git-fixes).
- clk: qcom: gpucc-sm8150: Update the gpu_cc_pll1 config
(git-fixes).
- clk: samsung: Fix kernel-doc comments (git-fixes).
- clk: si5341: fix an error code problem in
si5341_output_clk_set_rate (git-fixes).
- ASoC: rt5645: Drop double EF20 entry from dmi_platform_data[]
(git-fixes).
- ASoC: amd: acp: Add missing MODULE_DESCRIPTION in mach-common
(git-fixes).
- ASoC: amd: acp-config: Add missing MODULE_DESCRIPTION
(git-fixes).
- ASoC: Intel: glk_rt5682_max98357a: fix board id mismatch
(git-fixes).
- ASoC: cs35l33: Fix GPIO name and drop legacy include
(git-fixes).
- drivers/amd/pm: fix a use-after-free in kv_parse_power_table
(git-fixes).
- drm/bridge: tpd12s015: Drop buggy __exit annotation for remove
function (git-fixes).
- drm/nouveau/fence:: fix warning directly dereferencing a rcu
pointer (git-fixes).
- drm/panel-elida-kd35t133: hold panel in reset for unprepare
(git-fixes).
- drm/panfrost: Really power off GPU cores in
panfrost_gpu_power_off() (git-fixes).
- drm/panel: nt35510: fix typo (git-fixes).
- Revert "drm/omapdrm: Annotate dma-fence critical section in
commit path" (git-fixes).
- Revert "drm/tidss: Annotate dma-fence critical section in
commit path" (git-fixes).
- commit 335f137
- ubifs: ubifs_link: Fix wrong name len calculating when UBIFS
is encrypted (git-fixes).
- commit 8930a6f
- exfat: support handle zero-size directory (git-fixes).
- commit aa8d54f
- exfat: use kvmalloc_array/kvfree instead of kmalloc_array/kfree
(git-fixes).
- commit eabf8a7
- exfat: fix reporting fs error when reading dir beyond EOF
(git-fixes).
- commit 006310e
- gfs2: Fix kernel NULL pointer dereference in gfs2_rgrp_dump
(git-fixes).
- commit bd29027
- gfs2: low-memory forced flush fixes (git-fixes).
- commit 7520dfb
- gfs2: Switch to wait_event in gfs2_logd (git-fixes).
- commit de4f7d3
- gfs2: Always check inode size of inline inodes (git-fixes).
- commit 6a40877
- gfs2: Cosmetic gfs2_dinode_{in,out} cleanup (git-fixes).
- Refresh
patches.suse/gfs2-Fix-inode-height-consistency-check.patch.
- commit 2086607
- gfs2: Disable page faults during lockless buffered reads
(git-fixes).
- commit 083a438
- gfs2: assign rgrp glock before compute_bitstructs (git-fixes).
- commit 4875ffd
- gfs2: release iopen glock early in evict (git-fixes).
- Refresh patches.suse/gfs2-fix-an-oops-in-gfs2_permission.patch.
- commit c3246bf
- gfs2: Eliminate ip->i_gh (git-fixes).
- commit c0a896f
- gfs2: Move the inode glock locking to gfs2_file_buffered_write
(git-fixes).
- commit 25a5c4c
- gfs2: Introduce flag for glock holder auto-demotion (git-fixes).
- commit fb547d4
- gfs2: Remove redundant check from gfs2_glock_dq (git-fixes).
- commit 4f703a1
- gfs2: Eliminate vestigial HIF_FIRST (git-fixes).
- commit e22854c
- Update patch reference for rose fix (CVE-2023-51782 bsc#1218757)
- commit da9f8e9
- ring-buffer/Documentation: Add documentation on buffer_percent
file (git-fixes).
- kernel-doc: handle a void function without producing a warning
(git-fixes).
- scripts/kernel-doc: restore warning for Excess struct/union
(git-fixes).
- firmware: ti_sci: Fix an off-by-one in ti_sci_debugfs_create()
(git-fixes).
- Bluetooth: Fix atomicity violation in {min,max}_key_size_set
(git-fixes).
- Bluetooth: btmtkuart: fix recv_buf() return value (git-fixes).
- wifi: iwlwifi: mvm: send TX path flush in rfkill (git-fixes).
- wifi: iwlwifi: mvm: set siso/mimo chains to 1 in FW SMPS request
(git-fixes).
- wifi: ath11k: Defer on rproc_get failure (git-fixes).
- wifi: mwifiex: configure BSSID consistently when starting AP
(git-fixes).
- wifi: mt76: mt7921s: fix workqueue problem causes STA
association fail (git-fixes).
- wifi: mt76: fix broken precal loading from MTD for mt7915
(git-fixes).
- wifi: rtlwifi: Convert LNKCTL change to PCIe cap RMW accessors
(git-fixes).
- wifi: rtlwifi: Remove bogus and dangerous ASPM disable/enable
code (git-fixes).
- wifi: rtlwifi: rtl8821ae: phy: fix an undefined bitwise shift
behavior (git-fixes).
- selftests/net: fix grep checking for fib_nexthop_multiprefix
(git-fixes).
- wifi: libertas: stop selecting wext (git-fixes).
- wifi: rtw88: fix RX filter in FIF_ALLMULTI flag (git-fixes).
- crypto: scomp - fix req->dst buffer overflow (git-fixes).
- crypto: sahara - do not resize req->src when doing hash
operations (git-fixes).
- crypto: sahara - fix processing hash requests with req->nbytes <
sg->length (git-fixes).
- crypto: sahara - improve error handling in sahara_sha_process()
(git-fixes).
- crypto: sahara - fix wait_for_completion_timeout() error
handling (git-fixes).
- crypto: sahara - fix ahash reqsize (git-fixes).
- crypto: sahara - handle zero-length aes requests (git-fixes).
- crypto: s390/aes - Fix buffer overread in CTR mode (git-fixes).
- hwrng: core - Fix page fault dead lock on mmap-ed hwrng
(git-fixes).
- crypto: sahara - fix processing requests with cryptlen <
sg->length (git-fixes).
- crypto: sahara - fix ahash selftest failure (git-fixes).
- crypto: sahara - fix cbc selftest failure (git-fixes).
- crypto: sahara - remove FLAGS_NEW_KEY logic (git-fixes).
- crypto: ccp - fix memleak in ccp_init_dm_workarea (git-fixes).
- crypto: sa2ul - Return crypto_aead_setkey to transfer the error
(git-fixes).
- drm/amdgpu: skip gpu_info fw loading on navi12 (git-fixes).
- drm/amd/display: add nv12 bounding box (git-fixes).
- commit bb694d9
- powerpc/powernv: Add a null pointer check to
scom_debug_init_one() (bsc#1194869).
- powerpc/pseries: fix potential memory leak in
init_cpu_associativity() (bsc#1194869).
- powerpc/xive: Fix endian conversion size (bsc#1194869).
- powerpc/fadump: reset dump area size if fadump memory reserve
fails (bsc#1194869).
- powerpc/pseries: fix possible memory leak in ibmebus_bus_init()
(bsc#1194869).
- commit 5dce54b
- powerpc/pseries/iommu: enable_ddw incorrectly returns direct
mapping for SR-IOV device (bsc#1212091 ltc#199106 git-fixes).
- commit f1ad417
- powerpc/powernv: Add a null pointer check in opal_event_init()
(bsc#1065729).
- powerpc/powernv: Add a null pointer check in
opal_powercap_init() (bsc#1181674 ltc#189159 git-fixes).
- powerpc/powernv: Add a null pointer check in opal_event_init()
(bsc#1065729).
- powerpc/pseries/memhp: Fix access beyond end of drmem array
(bsc#1065729).
- commit 9ecfceb
- s390/vfio-ap: unpin pages on gisc registration failure
(git-fixes bsc#1218723).
- commit e07d25b
- series.conf: the patch is not in git and breaks series_insert.py
- commit fae10c6
- ACPI: arm64: export acpi_arch_thermal_cpufreq_pctg() (bsc#1214377)
- commit c8d4ebe
- ACPI: processor: reduce CPUFREQ thermal reduction pctg for Tegra241 (bsc#1214377)
- commit b7954e5
- ACPI: thermal: Add Thermal fast Sampling Period (_TFP) support (bsc#1214377)
- commit 78d747c
- Store the old kernel changelog entries in kernel-docs package (bsc#1218713)
The old entries are found in kernel-docs/old_changelog.txt in docdir.
rpm/old_changelog.txt can be an optional file that stores the similar
info like rpm/kernel-sources.changes.old. It can specify the commit
range that have been truncated. scripts/tar-up.sh expands from the
git log accordingly.
- commit c9a2566
- x86/entry/ia32: Ensure s32 is sign extended to s64 (bsc#1193285).
- commit 8afebed
- ipmi: Use regspacings passed as a module parameter (git-fixes).
- PM: hibernate: Enforce ordering during image
compression/decompression (git-fixes).
- ACPI: LPSS: Fix the fractional clock divider flags (git-fixes).
- ACPI: extlog: Clear Extended Error Log status when RAS_CEC
handled the error (git-fixes).
- ACPI: video: check for error while searching for backlight
device parent (git-fixes).
- ACPI: LPIT: Avoid u32 multiplication overflow (git-fixes).
- mtd: rawnand: rockchip: Add missing title to a kernel doc
comment (git-fixes).
- mtd: rawnand: rockchip: Rename a structure (git-fixes).
- mtd: rawnand: pl353: Fix kernel doc (git-fixes).
- mtd: rawnand: Increment IFC_TIMEOUT_MSECS for nand controller
response (git-fixes).
- mtd: Fix gluebi NULL pointer dereference caused by ftl notifier
(git-fixes).
- spi: spi-zynqmp-gqspi: fix driver kconfig dependencies
(git-fixes).
- usr/Kconfig: fix typos of "its" (git-fixes).
- usb: fsl-mph-dr-of: mark fsl_usb2_mpc5121_init() static
(git-fixes).
- EDAC/thunderx: Fix possible out-of-bounds string access
(git-fixes).
- ACPI: property: Allow _DSD buffer data only for byte accessors
(git-fixes).
- efi/libstub: Disable PCI DMA before grabbing the EFI memory map
(git-fixes).
- commit 7e9a91a
- io_uring/af_unix: disable sending io_uring over sockets
(bsc#1218447 CVE-2023-6531).
Requires a kABI fix due to the following:
net/core/scm.c:135: warning: __scm_destroy: modversion changed because of changes in struct io_uring_cmd (became defined)
net/core/scm.c:217: warning: __scm_send: modversion changed because of changes in struct io_uring_cmd (became defined)
net/core/scm.c:266: warning: put_cmsg: modversion changed because of changes in struct io_uring_cmd (became defined)
net/core/scm.c:280: warning: put_cmsg_scm_timestamping64: modversion changed because of changes in struct io_uring_cmd (became defined)
net/core/scm.c:294: warning: put_cmsg_scm_timestamping: modversion changed because of changes in struct io_uring_cmd (became defined)
net/core/scm.c:353: warning: scm_detach_fds: modversion changed because of changes in struct io_uring_cmd (became defined)
net/core/scm.c:373: warning: scm_fp_dup: modversion changed because of changes in struct io_uring_cmd (became defined)
- commit aa4f175
- fuse: dax: set fc->dax to NULL in fuse_dax_conn_free()
(bsc#1218659).
- commit 4ee6819
- swiotlb-xen: provide the "max_mapping_size" method (git-fixes).
- commit a036bcf
- xen/events: fix delayed eoi list handling (git-fixes).
- commit eb0149c
- xen-pciback: Consider INTx disabled when MSI/MSI-X is enabled
(git-fixes).
- commit f6ed3e4
- swiotlb: fix a braino in the alignment check fix (bsc#1216559).
- swiotlb: fix slot alignment checks (bsc#1216559).
- commit a41e3fe
- Update patches.kabi/kabi-fix-zone-unaccepted-memory.patch
(jsc#PED-7167 bsc#1218643).
- commit f781e3d
- vsock/virtio: Fix unsigned integer wrap around in
virtio_transport_has_space() (git-fixes).
- commit db5c328
- vhost: Allow null msg.size on VHOST_IOTLB_INVALIDATE
(git-fixes).
- commit ad9e29a
- virtio_balloon: Fix endless deflation and inflation on arm64
(git-fixes).
- commit 6583f74
- virtio-mmio: fix memory leak of vm_dev (git-fixes).
- commit d624528
- swiotlb: use the calculated number of areas (git-fixes).
- swiotlb: mark swiotlb_memblock_alloc() as __init (git-fixes).
- commit b9aedb4
- KVM: SVM: Update EFER software model on CR0 trap for SEV-ES
(git-fixes).
- commit 8696527
- KVM: x86: Mask LVTPC when handling a PMI (jsc#PED-7322).
- commit 146bca2
- io_uring/af_unix: disable sending io_uring over sockets
(bsc#1218447, CVE-2023-6531).
- commit fdc256b
- swiotlb: reduce the number of areas to match actual memory
pool size (git-fixes).
- swiotlb: always set the number of areas before allocating the
pool (git-fixes).
- swiotlb: fix debugfs reporting of reserved memory pools
(git-fixes).
- swiotlb: fix a braino in the alignment check fix (bsc#1216559).
- swiotlb: fix slot alignment checks (bsc#1216559).
- swiotlb: fix the deadlock in swiotlb_do_find_slots (git-fixes).
- swiotlb: reduce the swiotlb buffer size on allocation failure
(git-fixes).
- swiotlb: don't panic! (git-fixes).
- Revert "swiotlb: panic if nslabs is too small" (git-fixes).
- commit 1b89825
- smb: client: fix potential OOB in smb2_dump_detail()
(bsc#1217946 CVE-2023-6610).
- commit cfca7f7
- x86/purgatory: Remove LTO flags (git-fixes).
- commit bbd4f84
- x86/fpu/xstate: Prevent false-positive warning in __copy_xstate_uabi_buf() (git-fixes).
- commit 46d60b3
- x86/fpu: Invalidate FPU state correctly on exec() (git-fixes).
- commit 7686df9
- x86/cpu: Fix amd_check_microcode() declaration (git-fixes).
- Refresh patches.suse/x86-srso-set-cpuid-feature-bits-independently-of-bug-or-mitigation-status.patch.
- commit c22f4b4
- x86/cpu/amd: Enable Zenbleed fix for AMD Custom APU 0405 (git-fixes).
- commit d74349c
- vsprintf/kallsyms: Prevent invalid data when printing symbol
(bsc#1217602).
- commit 8dab9cc
- Limit kernel-source build to architectures for which the kernel binary
is built (bsc#1108281).
- commit 08a9e44
- x86/boot: Fix incorrect startup_gdt_descr.size (git-fixes).
- commit fdc98a7
- x86/boot/compressed: Reserve more memory for page tables (git-fixes).
- commit 6bf16e1
- gfs2: Silence "suspicious RCU usage in gfs2_permission" warning
(git-fixes).
- commit 3929c70
- x86/alternatives: Sync core before enabling interrupts (git-fixes).
- commit 4a0b72a
- x86/alternatives: Disable KASAN in apply_alternatives() (git-fixes).
- commit 7029135
- x86/smp: Use dedicated cache-line for mwait_play_dead() (git-fixes).
- commit 8087b92
- x86/srso: Add SRSO mitigation for Hygon processors (git-fixes).
- commit 7b8dfd1
- x86/srso: Fix SBPB enablement for (possible) future fixed HW (git-fixes).
- Refresh
patches.suse/x86-srso-fix-vulnerability-reporting-for-missing-microcode.patch.
- commit b121d1d
- x86/CPU/AMD: Check vendor in the AMD microcode callback (git-fixes).
- commit 43e31d9
- x86/srso: Fix vulnerability reporting for missing microcode (git-fixes).
- commit 98085ae
- x86/unwind/orc: Unwind ftrace trampolines with correct ORC entry (git-fixes).
- commit 270b9c8
- x86/alternatives: Disable interrupts and sync when optimizing NOPs in place (git-fixes).
- commit 1bd102b
- gfs2: fix an oops in gfs2_permission (git-fixes).
- commit 60a8e84
- iov_iter, x86: Be consistent about the __user tag on copy_mc_to_user() (git-fixes).
- commit a2dd84b
- gfs2: ignore negated quota changes (git-fixes).
- commit c2a4d43
- x86/resctrl: Fix kernel-doc warnings (git-fixes).
- commit 50de71c
- gfs2: Fix possible data races in gfs2_show_options()
(git-fixes).
- commit 7592b99
- gfs2: Fix inode height consistency check (git-fixes).
- commit 935054a
- gfs2: jdata writepage fix (git-fixes).
- commit e5f9516
- gfs2: Improve gfs2_make_fs_rw error handling (git-fixes).
- commit 86c44aa
- gfs2: Check sb_bsize_shift after reading superblock (git-fixes).
- commit 130df3d
- gfs2: Switch from strlcpy to strscpy (git-fixes).
- commit 3054547
- gfs2: use i_lock spin_lock for inode qadata (git-fixes).
- commit 4e4b75a
- gfs2: Fix filesystem block deallocation for short writes
(git-fixes).
- commit 87cd867
- gfs2: Make sure FITRIM minlen is rounded up to fs block size
(git-fixes).
- commit 62669a7
- gfs2: gfs2_setattr_size error path fix (git-fixes).
- commit d0e789c
- gfs2: Fix gfs2_release for non-writers regression (git-fixes).
- commit 1a34aa3
- gfs2: Fix length of holes reported at end-of-file (git-fixes).
- commit 09da26e
- gfs2: Clean up function may_grant (git-fixes).
- commit ce33b14
- gfs2: Add wrapper for iomap_file_buffered_write (git-fixes).
- commit e045f1b
- locks: fix KASAN: use-after-free in
trace_event_raw_event_filelock_lock (git-fixes).
- commit 4758492
- fs: avoid empty option when generating legacy mount string
(git-fixes).
- commit 00945db
- statfs: enforce statfs[64] structure initialization (git-fixes).
- commit d4a18c5
- orangefs: Fix kmemleak in orangefs_{kernel,client}_debug_init()
(git-fixes).
- commit b9e9b76
- orangefs: Fix kmemleak in orangefs_prepare_debugfs_help_string()
(git-fixes).
- commit 1d47e4a
- orangefs: Fix sysfs not cleanup when dev init failed
(git-fixes).
- commit f7a82d1
- fs/remap: constrain dedupe of EOF blocks (git-fixes).
- commit e861bd6
- fs: fix an infinite loop in iomap_fiemap (git-fixes).
- commit 41989d9
- orangefs: Fix the size of a memory allocation in
orangefs_bufmap_alloc() (git-fixes).
- commit 6623b23
- iomap: Fix iomap_dio_rw return value for user copies
(git-fixes).
- commit 2b65ea1
- ubifs: Fix memory leak of bud->log_hash (git-fixes).
- commit dfe9a1f
- ubifs: fix possible dereference after free (git-fixes).
- commit 971dae9
- fs: ocfs2: namei: check return value of ocfs2_add_entry()
(git-fixes).
- commit 63eae38
- jfs: fix array-index-out-of-bounds in diAlloc (git-fixes).
- commit 8906b9a
- jfs: fix array-index-out-of-bounds in dbFindLeaf (git-fixes).
- commit 28815ad
- fs/jfs: Add validity check for db_maxag and db_agpref
(git-fixes).
- commit 39d5b5e
- fs/jfs: Add check for negative db_l2nbperpage (git-fixes).
- commit f831778
- jfs: validate max amount of blocks before allocation
(git-fixes).
- commit 4be1419
- jfs: fix invalid free of JFS_IP(ipimap)->i_imap in diUnmount
(git-fixes).
- commit 5b4b023
- fs/jfs: prevent double-free in dbUnmount() after failed
jfs_remount() (git-fixes).
- commit 51a993a
- reiserfs: Replace 1-element array with C99 style flex-array
(git-fixes).
- commit 6ad83f4
- reiserfs: Check the return value from __getblk() (git-fixes).
- commit 0e912c9
- afs: Fix use-after-free due to get/remove race in volume tree
(git-fixes).
- commit f4a57bf
- afs: Fix overwriting of result of DNS query (git-fixes).
- commit fe0f4c6
- afs: Fix dynamic root lookup DNS check (git-fixes).
- commit 1e86064
- afs: Fix the dynamic root's d_delete to always delete unused
dentries (git-fixes).
- commit 3d5b3d7
- afs: Fix refcount underflow from error handling race
(git-fixes).
- commit 0a9c8bb
- afs: Fix file locking on R/O volumes to operate in local mode
(git-fixes).
- commit 5431cb3
- afs: Return ENOENT if no cell DNS record can be found
(git-fixes).
- commit 863355b
- afs: Make error on cell lookup failure consistent with OpenAFS
(git-fixes).
- commit 5fcd2cf
- afs: Fix afs_server_list to be cleaned up with RCU (git-fixes).
- commit 8fc4f69
- remove unnecessary WARN_ON_ONCE() (bsc#1214823 bsc#1218569).
- commit 6bd8135
- i2c: core: Fix atomic xfer check for non-preempt config
(git-fixes).
- commit 1b8a296
- Bluetooth: MGMT/SMP: Fix address type when using SMP over
BREDR/LE (git-fixes).
- commit ea51a70
- net: usb: ax88179_178a: clean up pm calls (git-fixes).
- Refresh
patches.suse/net-usb-ax88179_178a-fix-failed-operations-during-ax.patch.
- commit 10095df
- mmc: sdhci-sprd: Fix eMMC init failure after hw reset
(git-fixes).
- mmc: rpmb: fixes pause retune on all RPMB partitions
(git-fixes).
- mmc: meson-mx-sdhc: Fix initialization frozen issue (git-fixes).
- USB: serial: option: add Quectel EG912Y module support
(git-fixes).
- USB: serial: ftdi_sio: update Actisense PIDs constant names
(git-fixes).
- USB: serial: option: add Quectel RM500Q R13 firmware support
(git-fixes).
- USB: serial: option: add Foxconn T99W265 with new baseline
(git-fixes).
- net: usb: ax88179_178a: avoid failed operations when device
is disconnected (git-fixes).
- Input: soc_button_array - add mapping for airplane mode button
(git-fixes).
- net: 9p: avoid freeing uninit memory in p9pdu_vreadf
(git-fixes).
- Bluetooth: L2CAP: Send reject on command corrupted request
(git-fixes).
- Bluetooth: hci_event: Fix not checking if HCI_OP_INQUIRY has
been sent (git-fixes).
- wifi: cfg80211: fix certs build to not depend on file order
(git-fixes).
- wifi: cfg80211: Add my certificate (git-fixes).
- net: usb: ax88179_178a: wol optimizations (git-fixes).
- commit 8fe75c7
- Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg
(CVE-2023-51779 bsc#1218559).
- commit b8b3309
- ALSA: hda/realtek: fix speakers on XPS 9530 (2023) (git-fixes).
- ALSA: hda - Fix speaker and headset mic pin config for CHUWI
CoreBook XPro (git-fixes).
- commit a14754c
- ALSA: hda/realtek: Fix mute and mic-mute LEDs for HP ProBook
440 G6 (git-fixes).
- ASoC: fsl_rpmsg: Fix error handler with pm_runtime_enable
(git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for a HP ZBook
(git-fixes).
- ALSA: hda/realtek: enable SND_PCI_QUIRK for hp pavilion
14-ec1xxx series (git-fixes).
- commit 379d8d1
- r8169: Fix PCI error on system resume (git-fixes).
- wifi: iwlwifi: pcie: don't synchronize IRQs from IRQ
(git-fixes).
- nfc: llcp_core: Hold a ref to llcp_local->dev when holding a
ref to llcp_local (git-fixes).
- ASoC: meson: g12a-tohdmitx: Fix event generation for S/PDIF mux
(git-fixes).
- ASoC: meson: g12a-toacodec: Fix event generation (git-fixes).
- ASoC: meson: g12a-tohdmitx: Validate written enum values
(git-fixes).
- ASoC: meson: g12a-toacodec: Validate written enum values
(git-fixes).
- drm/mgag200: Fix gamma lut not initialized for G200ER, G200EV,
G200SE (git-fixes).
- drm/bridge: ps8640: Fix size mismatch warning w/ len
(git-fixes).
- drm/bridge: ti-sn65dsi86: Never store more than msg->size
bytes in AUX xfer (git-fixes).
- drm/bridge: parade-ps8640: Never store more than msg->size
bytes in AUX xfer (git-fixes).
- drm/i915/dp: Fix passing the correct DPCD_REV for
drm_dp_set_phy_test_pattern (git-fixes).
- commit eecc30f
- Delete doc/config-options.changes (jsc#PED-5021)
Following on adedbd2a5c6 ("kernel-source: Remove config-options.changes
(jsc#PED-5021)"), remove the now unused file from the tree.
- commit d1b9e97
- tracing: Fix blocked reader of snapshot buffer (git-fixes).
- commit f6f3907
- ring-buffer: Fix wake ups when buffer_percent is set to 100
(git-fixes).
- commit 21c1070
- tracing / synthetic: Disable events after testing in
synth_event_gen_test_init() (git-fixes).
- commit e21c29f
- tracing/synthetic: fix kernel-doc warnings (git-fixes).
- commit 62cdcf8
- powerpc/pseries/vas: Migration suspend waits for no in-progress
open windows (bsc#1218397 ltc#204523).
- commit 26a4d82
- net: mana: select PAGE_POOL (git-fixes).
- net: ena: Fix XDP redirection error (git-fixes).
- net: ena: Fix xdp drops handling due to multibuf packets
(git-fixes).
- net: ena: Destroy correct number of xdp queues upon failure
(git-fixes).
- qed: Fix a potential use-after-free in qed_cxt_tables_alloc
(jsc#PED-1526).
- bnxt_en: Fix HWTSTAMP_FILTER_ALL packet timestamp logic
(jsc#PED-1495).
- bnxt_en: Fix wrong return value check in bnxt_close_nic()
(jsc#PED-1495).
- bnxt_en: Clear resource reservation during resume
(jsc#PED-1495).
- RDMA/bnxt_re: Correct module description string (jsc#PED-1495).
- i40e: Fix unexpected MFS warning message (jsc#PED-372).
- net: bnxt: fix a potential use-after-free in bnxt_init_tc
(jsc#PED-1495).
- gve: Fixes for napi_poll when budget is 0 (git-fixes).
- gve: Use size_add() in call to struct_size() (git-fixes).
- i40e: fix potential memory leaks in i40e_remove() (jsc#PED-372).
- i40e: Fix wrong check for I40E_TXR_FLAGS_WB_ON_ITR
(jsc#PED-372).
- igc: Fix ambiguity in the ethtool advertising (jsc#PED-375).
- igb: Fix potential memory leak in igb_add_ethtool_nfc_entry
(jsc#PED-370).
- i40e: Fix I40E_FLAG_VF_VLAN_PRUNING value (jsc#PED-372).
- qed: fix LL2 RX buffer allocation (jsc#PED-1526).
- i40e: prevent crash on probe if hw registers have invalid values
(jsc#PED-372).
- qed/red_ll2: Fix undefined behavior bug in struct qed_ll2_info
(jsc#PED-1526).
- igc: Expose tx-usecs coalesce setting to user (jsc#PED-375).
- bnxt_en: Flush XDP for bnxt_poll_nitroa0()'s NAPI
(jsc#PED-1495).
- net: ena: Flush XDP packets on error (git-fixes).
- i40e: Fix VF VLAN offloading when port VLAN is configured
(jsc#PED-372).
- igc: Fix infinite initialization loop with early XDP redirect
(jsc#PED-375).
- igb: clean up in all error paths when enabling SR-IOV
(jsc#PED-370).
- igb: Change IGB_MIN to allow set rx/tx value between 64 and 80
(jsc#PED-370).
- igbvf: Change IGBVF_MIN to allow set rx/tx value between 64
and 80 (jsc#PED-370).
- igc: Change IGC_MIN to allow set rx/tx value between 64 and 80
(jsc#PED-375).
- igb: disable virtualization features on 82580 (jsc#PED-370).
- i40e: fix potential NULL pointer dereferencing of pf->vf
i40e_sync_vsi_filters() (jsc#PED-372).
- igc: Fix the typo in the PTM Control macro (jsc#PED-375).
- igb: Avoid starting unnecessary workqueues (jsc#PED-370).
- i40e: fix misleading debug logs (jsc#PED-372).
- qede: fix firmware halt over suspend and resume (jsc#PED-1526).
- bnxt_en: Fix max_mtu setting for multi-buf XDP (jsc#PED-1495).
- bnxt_en: Fix page pool logic for page size >= 64K
(jsc#PED-1495).
- bnxt: don't handle XDP in netpoll (jsc#PED-1495).
- commit 64a4c85
- Revert "PCI/ASPM: Remove pcie_aspm_pm_state_change()"
(git-fixes).
- commit 9be35d2
- mkspec: Add multibuild support (JSC-SLE#5501, boo#1211226, bsc#1218184)
When MULTIBUILD option in config.sh is enabled generate a _multibuild
file listing all spec files.
- commit f734347
- Build in the correct KOTD repository with multibuild
(JSC-SLE#5501, boo#1211226, bsc#1218184)
With multibuild setting repository flags is no longer supported for
individual spec files - see
https://github.com/openSUSE/open-build-service/issues/3574
Add ExclusiveArch conditional that depends on a macro set up by
bs-upload-kernel instead. With that each package should build only in
one repository - either standard or QA.
Note: bs-upload-kernel does not interpret rpm conditionals, and only
uses the first ExclusiveArch line to determine the architectures to
enable.
- commit aa5424d
- blacklist.conf: Add c98c18270be1 sched, cgroup: Restore meaning to hierarchical_quota
- commit 6115840
- mm: kmem: drop __GFP_NOFAIL when allocating objcg vectors
(bsc#1218515).
- commit 00f113e
- blacklist.conf: e63a57303599 blk-cgroup: bypass blkcg_deactivate_policy after destroying
- commit 895355e
- ring-buffer: Fix slowpath of interrupted event (git-fixes).
- commit dbe7edd
- ring-buffer: Remove useless update to write_stamp in
rb_try_to_discard() (git-fixes).
- commit 64ff947
- RDMA/hfi1: Workaround truncation compilation error (git-fixes)
- commit 2302fb3
- RDMA/hns: The UD mode can only be configured with DCQCN (git-fixes)
- commit ca9d38d
- RDMA/hns: Add check for SL (git-fixes)
- commit cf9e8e3
- RDMA/hns: Fix signed-unsigned mixed comparisons (git-fixes)
- commit 34178f4
- RDMA/hns: Fix uninitialized ucmd in hns_roce_create_qp_common() (git-fixes)
- commit 47c4074
- RDMA/hns: Fix printing level of asynchronous events (git-fixes)
- commit 892f8ec
- IB/mlx5: Fix rdma counter binding for RAW QP (git-fixes)
- commit ffaf04e
- RDMA/hfi1: Use FIELD_GET() to extract Link Width (git-fixes)
- commit 4b8aeed
- RDMA/core: Use size_{add,sub,mul}() in calls to struct_size() (git-fixes)
- commit 605983a
- usb-storage: Add quirk for incorrect WP on Kingston DT Ultimate
3.0 G3 (git-fixes).
- ALSA: usb-audio: Increase delay in MOTU M quirk (git-fixes).
- ALSA: hda/realtek: Add quirk for ASUS ROG GV302XA (git-fixes).
- drm/i915: Reject async flips with bigjoiner (git-fixes).
- Bluetooth: hci_event: shut up a false-positive warning
(git-fixes).
- Bluetooth: Fix deadlock in vhci_send_frame (git-fixes).
- wifi: mac80211: mesh: check element parsing succeeded
(git-fixes).
- drm/amdgpu: fix tear down order in amdgpu_vm_pt_free
(git-fixes).
- drm/i915: Fix intel_atomic_setup_scalers() plane_state handling
(git-fixes).
- drm/i915: Fix remapped stride with CCS on ADL+ (git-fixes).
- drm/mediatek: Add spinlock for setting vblank event in
atomic_begin (git-fixes).
- drm/i915: Relocate intel_atomic_setup_scalers() (git-fixes).
- drm/i915/dpt: Only do the POT stride remap when using DPT
(git-fixes).
- drm/i915/mtl: limit second scaler vertical scaling in ver >=
14 (git-fixes).
- commit 6c0ae87
- drm/amdgpu/sdma5.2: add begin/end_use ring callbacks
(bsc#1212139).
- commit a070291
- Bluetooth: btusb: Add new PID/VID 0489:e0f2 for MT7921
(bsc#1218461).
- commit 456e758
- uapi: propagate __struct_group() attributes to the container
union (jsc#SLE-18978).
- commit 3b553e2
- dm verity: initialize fec io before freeing it (git-fixes).
- dm-verity: don't use blocking calls from tasklets (git-fixes).
- dm: don't attempt to queue IO under RCU protection (git-fixes).
- null_blk: fix poll request timeout handling (git-fixes).
- dm: verity-loadpin: Add NULL pointer check for 'bdev' parameter
(git-fixes).
- dm: fix __send_duplicate_bios() to always allow for splitting IO
(bsc#1215952).
- dm: fix improper splitting for abnormal bios (bsc#1215952).
- md: select BLOCK_LEGACY_AUTOLOAD (git-fixes).
- dm: add cond_resched() to dm_wq_requeue_work() (git-fixes).
- commit 09d4263
- Update References
patches.suse/Bluetooth-Reject-connection-with-the-device-which-ha.patch
(git-fixes bsc#1215237 CVE-2020-26555).
- commit 0b8be40
- Update References
patches.suse/Bluetooth-hci_event-Ignore-NULL-link-key.patch
(git-fixes bsc#1215237 CVE-2020-26555).
- commit 3386934
- iio: adc: ti_am335x_adc: Fix return value check of
tiadc_request_dma() (git-fixes).
- iio: triggered-buffer: prevent possible freeing of wrong buffer
(git-fixes).
- iio: imu: inv_mpu6050: fix an error code problem in
inv_mpu6050_read_raw (git-fixes).
- iio: common: ms_sensors: ms_sensors_i2c: fix humidity conversion
time table (git-fixes).
- interconnect: Treat xlate() returning NULL node as an error
(git-fixes).
- Input: ipaq-micro-keys - add error handling for devm_kmemdup
(git-fixes).
- lib/vsprintf: Fix %pfwf when current node refcount == 0
(git-fixes).
- ASoC: hdmi-codec: fix missing report for jack initial status
(git-fixes).
- i2c: aspeed: Handle the coalesced stop conditions with the
start conditions (git-fixes).
- pinctrl: at91-pio4: use dedicated lock class for IRQ
(git-fixes).
- wifi: mac80211: mesh_plink: fix matches_local logic (git-fixes).
- net: rfkill: gpio: set GPIO direction (git-fixes).
- wifi: iwlwifi: pcie: add another missing bh-disable for
rxq->lock (git-fixes).
- ARM: OMAP2+: Fix null pointer dereference and memory leak in
omap_soc_device_init (git-fixes).
- spi: atmel: Fix clock issue when using devices with different
polarities (git-fixes).
- soundwire: stream: fix NULL pointer dereference for multi_link
(git-fixes).
- Revert "PCI: acpiphp: Reassign resources on bridge if necessary"
(git-fixes).
- PCI: loongson: Limit MRRS to 256 (git-fixes).
- ALSA: hda/realtek: Apply mute LED quirk for HP15-db (git-fixes).
- ALSA: hda/hdmi: add force-connect quirks for ASUSTeK Z170
variants (git-fixes).
- ALSA: hda/hdmi: add force-connect quirk for NUC5CPYB
(git-fixes).
- net/rose: Fix Use-After-Free in rose_ioctl (git-fixes).
- net: usb: qmi_wwan: claim interface 4 for ZTE MF290 (git-fixes).
- usb: aqc111: check packet for fixup for true limit (git-fixes).
- commit ed00079
- Drop PCI AER patch that has been reverted on stable trees
Deleted:
patches.suse/PCI-portdrv-Don-t-disable-AER-reporting-in-get_port_.patch
- commit 43c7676
- Drop drm/bridge lt9611uxc patches that have been reverted on stable trees
- commit b9351c7
- Rename before merging SLE15-SP4
- commit 0506236
- smb: client: fix OOB in smbCalcSize() (bsc#1217947
CVE-2023-6606).
- commit 97b24d1
- Update References
patches.suse/tty-n_gsm-fix-the-UAF-caused-by-race-condition-in-gs.patch
(git-fixes bsc#1218335 CVE-2023-6546).
- commit ad12641
- perf: Fix perf_event_validate_size() lockdep splat
(CVE-2023-6931 bsc#1218258).
- perf: Fix perf_event_validate_size() (CVE-2023-6931
bsc#1218258).
- commit f91848d
- perf: Fix perf_event_validate_size() lockdep splat
(CVE-2023-6931 bsc#1218258).
- perf: Fix perf_event_validate_size() (CVE-2023-6931
bsc#1218258).
- commit 00427a6
- nvme-pci: always return an ERR_PTR from nvme_pci_alloc_dev
(git-fixes).
- commit 6c500e1
- s390/vx: fix save/restore of fpu kernel context (git-fixes
bsc#1218357).
- commit 4f47f85
- blacklist.conf: add nvme entries
- commit 9216151
- nvme-pci: Add sleep quirk for Kingston drives (git-fixes).
- nvmet-auth: complete a request only after freeing the dhchap
pointers (git-fixes).
- nvme: sanitize metadata bounce buffer for reads (git-fixes).
- nvme-rdma: do not try to stop unallocated queues (git-fixes).
- nvme-pci: do not set the NUMA node of device if it has none
(git-fixes).
- nvme-pci: factor out a nvme_pci_alloc_dev helper (git-fixes).
- nvme-pci: factor the iod mempool creation into a helper
(git-fixes).
Refresh:
- patches.suse/nvme-pci-fix-page-size-checks.patch
- commit 19bc755
- Rename to
patches.suse/nvme-auth-use-chap-s2-to-indicate-bidirectional-auth.patch.
and move the patch into the sorted section
- commit 633cfe2
- net/smc: Fix pos miscalculation in statistics (bsc#1218139).
- commit 513a67c
- net/smc: Fix pos miscalculation in statistics (bsc#1218139).
- commit a8b1f21
- bus: ti-sysc: Flush posted write only after srst_udelay
(git-fixes).
- commit c942b7c
- reset: Fix crash when freeing non-existent optional resets
(git-fixes).
- commit 6de5ad5
- HID: multitouch: Add quirk for HONOR GLO-GXXX touchpad
(git-fixes).
- commit 60dd723
- HID: hid-asus: reset the backlight brightness level on resume
(git-fixes).
- commit 79eff80
- HID: hid-asus: add const to read-only outgoing usb buffer
(git-fixes).
- commit 1c939ed
- HID: add ALWAYS_POLL quirk for Apple kb (git-fixes).
- commit d088123
- restore renamed device IDs for USB HID devices (git-fixes).
- commit 5519e39
- HID: glorious: fix Glorious Model I HID report (git-fixes).
- commit ad69d7e
- bpf: Adjust insufficient default bpf_jit_limit (bsc#1218234 git-fixes).
- commit 95f41ac
- scsi: lpfc: use unsigned type for num_sge (bsc#1214747).
- commit 513fc35
- r8152: Add RTL8152_INACCESSIBLE to r8153_aldps_en() (git-fixes).
- commit 3ae518f
- r8152: Add RTL8152_INACCESSIBLE to r8153_pre_firmware_1()
(git-fixes).
- commit d714a95
- r8152: Add RTL8152_INACCESSIBLE to r8156b_wait_loading_flash()
(git-fixes).
- commit ad9ad0d
- bpf: Adjust insufficient default bpf_jit_limit (bsc#1218234 git-fixes).
- commit 697b74c
- ipv4: igmp: fix refcnt uaf issue when receiving igmp query
packet (bsc#1218253 CVE-2023-6932).
- commit 87dfb84
- Refresh patches.suse/gve-Tx-path-for-DQO-QPL.patch.
Fix backport.
- commit f5531ee
- Input: xpad - add HyperX Clutch Gladiate Support (git-fixes).
- commit 6d0690b
- Input: i8042 - add quirk for TUXEDO Gemini 17 Gen1/Clevo PD70PN
(git-fixes).
- commit 8fa7ef8
- ring-buffer: Fix a race in rb_time_cmpxchg() for 32 bit archs
(git-fixes).
- commit a4fe241
- ring-buffer: Do not try to put back write_stamp (git-fixes).
- commit df9fac1
- ring-buffer: Have saved event hold the entire event (git-fixes).
- commit 5347597
- ring-buffer: Do not update before stamp when switching
sub-buffers (git-fixes).
- commit 9c594ba
- tracing: Update snapshot buffer on resize if it is allocated
(git-fixes).
- commit d5996f1
- ring-buffer: Fix memory leak of free page (git-fixes).
- commit ee5f869
- ring-buffer: Fix writing to the buffer with max_data_size
(git-fixes).
- commit bb90d48
- Update: drm/vmwgfx: Keep a gem reference to user bos in surfaces
- Fix drm gem object underflow (bsc#1218092)
- Fix crash on screen resize (bsc#1218229)
- commit b7258e7
- blacklist.conf: cleanup
- commit 16dcb62
- usb: hub: Guard against accesses to uninitialized BOS
descriptors (git-fixes).
- commit 573da1a
- kABI: restore void return to typec_altmode_attention
(git-fixes).
- commit 9821aa3
- usb: typec: bus: verify partner exists in
typec_altmode_attention (git-fixes).
- commit 5fea3d2
- blacklist.conf: it changes only logging
- commit 3cbbd08
- r8152: Add RTL8152_INACCESSIBLE checks to more loops
(git-fixes).
- commit f62163f
- r8152: Rename RTL8152_UNPLUG to RTL8152_INACCESSIBLE
(git-fixes).
- commit 064cc95
- Refresh
patches.suse/dm_blk_ioctl-implement-path-failover-for-SG_IO.patch. (bsc#1216776, bsc#1220277)
- commit c790172
- Documentation: drop more IDE boot options and ide-cd.rst
(git-fixes).
- commit 7993dcc
- Update patches.suse/spi-tegra210-quad-Fix-duplicate-resource-error.patch (git-fixes, jsc#PED-3459
Add reference to PED-3459
- commit c4a5ea6
- Update patches.suse/spi-tegra210-quad-Multi-cs-support.patch (bsc#1212584, jsc#PED-3459
Add reference to PED-3459.
- commit fc374a4
- Update patches.suse/spi-tegra210-quad-Fix-combined-sequence.patch (bsc#1212584, jsc#PED-3459)
Add reference to PED-3459.
- commit bff7fca
- Drop Documentation/ide/ (git-fixes).
- commit d3eb72d
- padata: Fix refcnt handling in padata_free_shell() (git-fixes).
- commit 5219779
- arm64: vdso: remove two .altinstructions related symbols (jsc#PED-4729)
- commit bc081b4
- tracing: Set actual size after ring buffer resize (git-fixes).
- commit b915dbf
- tracing/perf: Add interrupt_context_level() helper (git-fixes).
- commit 9da609b
- tracing: Reuse logic from perf's get_recursion_context()
(git-fixes).
- commit adc2c65
- tracing: relax trace_event_eval_update() execution with
cond_resched() (git-fixes).
- commit 017c09c
- rethook: Use __rcu pointer for rethook::handler (git-fixes).
- kABI: Preserve the type of rethook::handler (git-fixes).
- commit 8b953cc
- rethook: Fix to use WRITE_ONCE() for rethook:: Handler
(git-fixes).
- commit 7981c03
- fprobe: Fix to ensure the number of active retprobes is not zero
(git-fixes).
- commit fe2f6d2
- ALSA: hda/realtek: Add Framework laptop 16 to quirks
(git-fixes).
- ALSA: hda/realtek: add new Framework laptop to quirks
(git-fixes).
- drm/bridge: tc358768: select CONFIG_VIDEOMODE_HELPERS
(git-fixes).
- drm/amdgpu: Update EEPROM I2C address for smu v13_0_0
(git-fixes).
- drm/amdgpu: Add I2C EEPROM support on smu v13_0_6 (git-fixes).
- drm/i915/sdvo: stop caching has_hdmi_monitor in struct
intel_sdvo (git-fixes).
- drm/amdgpu: simplify amdgpu_ras_eeprom.c (git-fixes).
- drm/amdgpu: Return from switch early for EEPROM I2C address
(git-fixes).
- drm/amdgpu: Remove second moot switch to set EEPROM I2C address
(git-fixes).
- drm/i915/lvds: Use REG_BIT() & co (git-fixes).
- drm/i915/display: Drop check for doublescan mode in modevalid
(git-fixes).
- drm/amdgpu: Add support for RAS table at 0x40000 (git-fixes).
- drm/amdgpu: Decouple RAS EEPROM addresses from chips
(git-fixes).
- drm/amdgpu: Remove redundant I2C EEPROM address (git-fixes).
- drm/amdgpu: Add EEPROM I2C address support for ip discovery
(git-fixes).
- drm/amdgpu: Update ras eeprom support for smu v13_0_0 and
v13_0_10 (git-fixes).
- commit 27aa9c9
- ring-buffer: Force absolute timestamp on discard of event
(git-fixes).
- commit 703d47b
- tracing: Disable snapshot buffer when stopping instance tracers
(git-fixes).
- commit ea1804c
- tracing: Stop current tracer when resizing buffer (git-fixes).
- commit 416045c
- tracing: Always update snapshot buffer size (git-fixes).
- commit ab3ac02
- kprobes: consistent rcu api usage for kretprobe holder
(git-fixes).
- commit bd133f6
- tracing/kprobes: Fix the order of argument descriptions
(git-fixes).
- commit 4822ad0
- tracing: Have the user copy of synthetic event address use
correct context (git-fixes).
- commit ee4a2b2
- nvme-core: check for too small lba shift (bsc#1214117).
- commit 5f6e755
- KVM: s390/mm: Properly reset no-dat (git-fixes bsc#1218056).
- commit 5b3fa66
- kabi/severities: ignore kABI for asus-wmi drivers
Tolerate the kABI changes, as used only locally for asus-wmi stuff
- commit 42dad1e
- platform/x86: asus-wmi: Add support for ROG X13 tablet mode
(git-fixes).
- commit 1640ab2
- serial: sc16is7xx: address RX timeout interrupt errata
(git-fixes).
- parport: Add support for Brainboxes IX/UC/PX parallel cards
(git-fixes).
- hwmon: (nzxt-kraken2) Fix error handling path in kraken2_probe()
(git-fixes).
- hwmon: (acpi_power_meter) Fix 4.29 MW bug (git-fixes).
- ALSA: pcm: fix out-of-bounds in snd_pcm_state_names (git-fixes).
- ALSA: hda/realtek: Enable headset on Lenovo M90 Gen5
(git-fixes).
- ALSA: usb-audio: Add Pioneer DJM-450 mixer controls (git-fixes).
- nilfs2: prevent WARNING in nilfs_sufile_set_segment_usage()
(git-fixes).
- nilfs2: fix missing error check for sb_set_blocksize call
(git-fixes).
- platform/x86: wmi: Skip blocks with zero instances (git-fixes).
- platform/x86: asus-wmi: Move i8042 filter install to shared
asus-wmi code (git-fixes).
- drm/amdgpu: correct the amdgpu runtime dereference usage count
(git-fixes).
- kconfig: fix memory leak from range properties (git-fixes).
- i2c: designware: Fix corrupted memory seen in the ISR
(git-fixes).
- drm/amdgpu: correct chunk_ptr to a pointer to chunk (git-fixes).
- drm/amd/amdgpu: Fix warnings in amdgpu/amdgpu_display.c
(git-fixes).
- platform/x86: asus-wmi: Fix kbd_dock_devid tablet-switch
reporting (git-fixes).
- platform/x86: wmi: Allow duplicate GUIDs for drivers that use
struct wmi_driver (git-fixes).
- platform/x86: asus-wmi: Simplify tablet-mode-switch handling
(git-fixes).
- platform/x86: asus-wmi: Simplify tablet-mode-switch probing
(git-fixes).
- platform/x86: asus-wmi: Adjust tablet/lidflip handling to use
enum (git-fixes).
- commit e47d99c
- tracing/kprobes: Fix the description of variable length
arguments (git-fixes).
- commit ee78d8b
- x86/cpu: Don't write CSTAR MSR on Intel CPUs (jsc#PED-7167).
- commit a99a85b
- neighbor: tracing: Move pin6 inside CONFIG_IPV6=y section
(git-fixes).
- commit 946e077
- netfilter: nf_tables: bail out on mismatching dynset and set
expressions (bsc#1217938 CVE-2023-6622).
- commit de1dd10
- HID: lenovo: Restrict detection of patched firmware only to
USB cptkbd (git-fixes).
- commit 1bd99d4
- mm/pgtable: Fix multiple -Wstringop-overflow warnings
(jsc#PED-7167).
- commit f790208
- ASoC: wm_adsp: fix memleak in wm_adsp_buffer_populate
(git-fixes).
- Bluetooth: hci_qca: Fix the teardown problem for real
(git-fixes).
- Documentation: qat: Use code block for qat sysfs example
(git-fixes).
- commit c75f6d8
- ALSA: hda/realtek: Add supported ALC257 for ChromeOS
(git-fixes).
- ALSA: hda/realtek: Headset Mic VREF to 100% (git-fixes).
- ALSA: hda: intel-dsp-cfg: add LunarLake support (git-fixes).
- ACPI: x86: s2idle: Catch multiple ACPI_TYPE_PACKAGE objects
(git-fixes).
- ACPI: video: Add backlight=native DMI quirk for Lenovo Ideapad
Z470 (git-fixes).
- ACPICA: Add AML_NO_OPERAND_RESOLVE flag to Timer (git-fixes).
- ALSA: seq: oss: Fix racy open/close of MIDI devices (git-fixes).
- commit 200c0a2
- blacklist.conf: add two ceph commits
- commit d8d4641
- ceph: fix type promotion bug on 32bit systems (bsc#1217982).
- libceph: use kernel_connect() (bsc#1217981).
- ceph: fix incorrect revoked caps assert in ceph_fill_file_size()
(bsc#1217980).
- commit e3e482f
- arm64: mm: Fix "rodata=on" when CONFIG_RODATA_FULL_DEFAULT_ENABLED=y (git-fixes)
- commit 794f0e7
- arm64: dts: imx8mn: Add sound-dai-cells to micfil node (git-fixes)
- commit 4dcfded
- arm64: dts: imx8mm: Add sound-dai-cells to micfil node (git-fixes)
- commit 0fd1b8d
- arm64: dts: arm: add missing cache properties (git-fixes)
- commit 710ea40
- blacklist.conf: ("arm64: dts: broadcom: bcmbca: bcm4908: fix LED nodenames")
- commit 37fe1b1
- netfilter: nf_tables: bail out on mismatching dynset and set
expressions (bsc#1217938 CVE-2023-6622).
- commit a69497c
- arm64: dts: imx8mq-librem5: Remove dis_u3_susphy_quirk from (git-fixes)
- commit 8cd5213
- Update metadata
- commit 17c3e48
- net/tg3: fix race condition in tg3_reset_task() (bsc#1217801).
- commit 68db0d6
- IB/mlx5: Fix init stage error handling to avoid double free of same QP and UAF (git-fixes)
- commit afc5184
- tracing: Fix a possible race when disabling buffered events
(bsc#1217036).
- commit 26540da
- tracing: Fix a warning when allocating buffered events fails
(bsc#1217036).
- commit ec57b73
- tracing: Fix incomplete locking when disabling buffered events
(bsc#1217036).
- commit 2d81a3a
- tracing: Disable preemption when using the filter buffer
(bsc#1217036).
- commit 0ade134
- tracing: Use __this_cpu_read() in
trace_event_buffer_lock_reserver() (bsc#1217036).
- commit 8aa5d9a
- tracing: Fix warning in trace_buffered_event_disable()
(git-fixes, bsc#1217036).
- commit b71b6ff
- qla2xxx: add debug log for deprecated hw detected (bsc#1216032).
- commit e923023
- usb: typec: ucsi: acpi: add quirk for ASUS Zenbook UM325
(git-fixes).
- commit 19f2446
- nvmet: nul-terminate the NQNs passed in the connect command
(bsc#1217250 CVE-2023-6121).
- commit e359ed1
- KVM: s390: vsie: fix wrong VIR 37 when MSO is used (git-fixes
bsc#1217933).
- commit e39e7a6
- x86/entry: Do not allow external 0x80 interrupts (bsc#1217927).
- commit d94a391
- x86/entry: Convert INT 0x80 emulation to IDTENTRY (bsc#1217927).
- commit 66b3050
- gpiolib: sysfs: Fix error handling on failed export (git-fixes).
- Revert "xhci: Loosen RPM as default policy to cover for AMD
xHC 1.1" (git-fixes).
- usb: typec: class: fix typec_altmode_put_partner to put plugs
(git-fixes).
- ARM: PL011: Fix DMA support (git-fixes).
- serial: 8250: 8250_omap: Clear UART_HAS_RHR_IT_DIS bit
(git-fixes).
- serial: 8250: 8250_omap: Do not start RX DMA on THRI interrupt
(git-fixes).
- misc: mei: client.c: fix problem of return '-EOVERFLOW' in
mei_cl_write (git-fixes).
- misc: mei: client.c: return negative error code in mei_cl_write
(git-fixes).
- commit 09a57bf
- md/raid5-cache: fix null-ptr-deref for
r5l_flush_stripe_to_raid() (git-fixes).
- md/raid5-cache: fix a deadlock in r5l_exit_log() (git-fixes).
- md/md-bitmap: remove unnecessary local variable in
backlog_store() (git-fixes).
- md: don't update recovery_cp when curr_resync is ACTIVE
(git-fixes).
- commit 0812db6
- md/raid1: fix error: ISO C90 forbids mixed declarations
(git-fixes).
- md: raid0: account for split bio in iostat accounting
(git-fixes).
- md/raid1: hold the barrier until handle_read_error() finishes
(git-fixes).
- md/raid1: free the r1bio before waiting for blocked rdev
(git-fixes).
- md: raid1: fix potential OOB in raid1_remove_disk() (git-fixes).
- md/md-bitmap: hold 'reconfig_mutex' in backlog_store()
(git-fixes).
- md/md-bitmap: remove unnecessary local variable in
backlog_store() (git-fixes).
- md/raid10: use dereference_rdev_and_rrdev() to get devices
(git-fixes).
- md/raid10: factor out dereference_rdev_and_rrdev() (git-fixes).
- md: restore 'noio_flag' for the last mddev_resume() (git-fixes).
- Revert "md: unlock mddev before reap sync_thread in
action_store" (git-fixes).
- md/raid0: add discard support for the 'original' layout
(git-fixes).
- md/raid10: fix the condition to call bio_end_io_acct()
(git-fixes).
- md/raid10: prevent soft lockup while flush writes (git-fixes).
- md/raid10: fix io loss while replacement replace rdev
(git-fixes).
- md/raid10: fix null-ptr-deref of mreplace in raid10_sync_request
(git-fixes).
- md/raid10: fix wrong setting of max_corr_read_errors
(git-fixes).
- md/raid10: fix overflow of md/safe_mode_delay (git-fixes).
- md/raid5: fix miscalculation of 'end_sector' in
raid5_read_one_chunk() (git-fixes).
- md/raid10: don't call bio_start_io_acct twice for bio which
experienced read error (git-fixes).
- md/raid10: fix memleak of md thread (git-fixes).
- md/raid10: fix memleak for 'conf->bio_split' (git-fixes).
- md/raid10: fix leak of 'r10bio->remaining' for recovery
(git-fixes).
- md/raid10: fix null-ptr-deref in raid10_sync_request
(git-fixes).
- commit 75c9e76
- md/raid10: fix task hung in raid10d (git-fixes).
- Refresh patches.suse/md-display-timeout-error.patch for the above change.
- commit 90d12ef
- md: avoid signed overflow in slot_store() (git-fixes).
- md/raid10: factor out code from wait_barrier() to
stop_waiting_barrier() (git-fixes).
- commit c35659b
- md: Set MD_BROKEN for RAID1 and RAID10 (git-fixes).
- Update patches.suse/md-display-timeout-error.patch for the above change.
- commit 77abf5c
- md: raid10 add nowait support (git-fixes).
- md: drop queue limitation for RAID1 and RAID10 (git-fixes).
- md/bitmap: don't set max_write_behind if there is no write
mostly device (git-fixes).
- commit 44a1c08
- blacklist.conf: add non-backport commits
- commit 731fcaa
- kernel-source: Remove config-options.changes (jsc#PED-5021)
The file doc/config-options.changes was used in the past to document
kernel config changes. It was introduced in 2010 but haven't received
any updates on any branch since 2015. The file is renamed by tar-up.sh
to config-options.changes.txt and shipped in the kernel-source RPM
package under /usr/share/doc. As its content now only contains outdated
information, retaining it can lead to confusion for users encountering
this file.
Config changes are nowadays described in associated Git commit messages,
which get automatically collected and are incorporated into changelogs
of kernel RPM packages.
Drop then this obsolete file, starting with its packaging logic.
For branch maintainers: Upon merging this commit on your branch, please
correspondingly delete the file doc/config-options.changes.
- commit adedbd2
- doc/README.SUSE: Simplify the list of references (jsc#PED-5021)
Reduce indentation in the list of references, make the style consistent
with README.md.
- commit 70e3c33
- regmap: fix bogus error on regcache_sync success (git-fixes).
- platform/surface: aggregator: fix recv_buf() return value
(git-fixes).
- commit e5d6930
- doc/README.SUSE: Add how to update the config for module signing
(jsc#PED-5021)
Configuration files for SUSE kernels include settings to integrate with
signing support provided by the Open Build Service. This creates
problems if someone tries to use such a configuration file to build
a "standalone" kernel as described in doc/README.SUSE:
* Default configuration files available in the kernel-source repository
unset CONFIG_MODULE_SIG_ALL to leave module signing to
pesign-obs-integration. In case of a "standalone" build, this
integration is not available and the modules don't get signed.
* The kernel spec file overrides CONFIG_MODULE_SIG_KEY to
".kernel_signing_key.pem" which is a file populated by certificates
provided by OBS but otherwise not available. The value ends up in
/boot/config-$VERSION-$RELEASE-$FLAVOR and /proc/config.gz. If someone
decides to use one of these files as their base configuration then the
build fails with an error because the specified module signing key is
missing.
Add information on how to enable module signing and where to find the
relevant upstream documentation.
- commit a699dc3
- efi/unaccepted: Fix off-by-one when checking for overlapping
ranges (jsc#PED-7167).
- commit cbbb7d9
- blacklist.conf: Cleanup entries that are backported
- commit d22e603
- doc/README.SUSE: Remove how to build modules using kernel-source
(jsc#PED-5021)
Remove the first method how to build kernel modules from the readme. It
describes a process consisting of the kernel-source installation,
configuring this kernel and then performing an ad-hoc module build.
This method is not ideal as no modversion data is involved in the
process. It results in a module with no symbol CRCs which can be wrongly
loaded on an incompatible kernel.
Removing the method also simplifies the readme because only two main
methods how to build the modules are then described, either doing an
ad-hoc build using kernel-devel, or creating a proper Kernel Module
Package.
- commit 9285bb8
- blacklist.conf: just in case fix for a corner case
- commit a3fc582
- xhci: Clear EHB bit only at end of interrupt handler
(git-fixes).
- commit d5adf2a
- usb: config: fix iteration issue in 'usb_get_bos_descriptor()'
(git-fixes).
- commit 5cdcb2d
- usb: host: xhci-plat: fix possible kernel oops while resuming
(git-fixes).
- commit b0504f4
- NFS: More fixes for nfs_direct_write_reschedule_io()
(bsc#1211162).
- NFS: Use the correct commit info in nfs_join_page_group()
(bsc#1211162).
- NFS: More O_DIRECT accounting fixes for error paths
(bsc#1211162).
- NFS: Fix O_DIRECT locking issues (bsc#1211162).
- NFS: Fix error handling for O_DIRECT write scheduling
(bsc#1211162).
- NFS: Fix a potential data corruption (bsc#1211162).
- NFS: Fix a use after free in nfs_direct_join_group()
(bsc#1211162).
- nfs: only issue commit in DIO codepath if we have uncommitted
data (bsc#1211162).
- NFS: Fix a few more clear_bit() instances that need release
semantics (bsc#1211162).
- commit e61bcf9
- md: Put the right device in md_seq_next (bsc#1217822).
- commit 99a688a
- xfs: make sure maxlen is still congruent with prod when rounding
down (git-fixes).
- commit 2b9fc44
- xfs: fix units conversion error in xfs_bmap_del_extent_delay
(git-fixes).
- commit 95e2620
- xfs: fix agf_fllast when repairing an empty AGFL (git-fixes).
- commit bfb62b0
- xfs: return EINTR when a fatal signal terminates scrub
(git-fixes).
- commit e6f4fe7
- xfs: fix a bug in the online fsck directory leaf1 bestcount
check (git-fixes).
- commit e328537
- xfs: fix incorrect unit conversion in scrub tracepoint
(git-fixes).
- Refresh
patches.suse/xfs-standardize-AG-block-number-formatting-in-ftrace-output.patch.
- Refresh
patches.suse/xfs-standardize-AG-number-formatting-in-ftrace-output.patch.
- commit e256630
- xfs: decode scrub flags in ftrace output (git-fixes).
- commit d1fe7f7
- xfs: remove the xfs_dsb_t typedef (git-fixes).
- commit 4e9f379
- xfs: fix uninit warning in xfs_growfs_data (git-fixes).
- commit e9c4821
- xfs: convert flex-array declarations in struct xfs_attrlist*
(git-fixes).
- commit e33e297
- xfs: remove the xfs_dinode_t typedef (git-fixes).
- commit c807e19
- xfs: convert flex-array declarations in xfs attr shortform
objects (git-fixes).
- commit 757cbc7
- xfs: convert flex-array declarations in xfs attr leaf blocks
(git-fixes).
- commit 1823624
- xfs: use swap() to make dabtree code cleaner (git-fixes).
- commit d160cc2
- xfs: fix silly whitespace problems with kernel libxfs
(git-fixes).
- commit d822e52
- xfs: rename xfs_has_attr() (git-fixes).
- commit fe8702c
- xfs: Rename __xfs_attr_rmtval_remove (git-fixes).
- commit 6ea2cef
- xfs: sysfs: use default_groups in kobj_type (git-fixes).
- commit 74d9b5c
- xfs: replace snprintf in show functions with sysfs_emit
(git-fixes).
- commit 84db35d
- xfs: simplify two-level sysctl registration for xfs_table
(git-fixes).
- commit 0321d28
- xfs: add selinux labels to whiteout inodes (git-fixes).
- commit 8dc479c
- xfs: Use kvcalloc() instead of kvzalloc() (git-fixes).
- Refresh
patches.suse/xfs-reject-crazy-array-sizes-being-fed-to-XFS_IOC_GE.patch.
- commit 89900e3
- xfs: clean up "%Ld/%Lu" which doesn't meet C standard
(git-fixes).
- commit dbcc289
- xfs: aborting inodes on shutdown may need buffer lock
(git-fixes).
- commit 8b202be
- xfs: remove the xfs_dqblk_t typedef (git-fixes).
- commit 4747a77
- xfs: dump log intent items that cannot be recovered due to
corruption (git-fixes).
- commit 6f8c678
- xfs: sb verifier doesn't handle uncached sb buffer (git-fixes).
- commit c0c7079
- xfs: remove kmem_alloc_io() (git-fixes).
- commit 831b642
- x86/platform/uv: Use alternate source for socket to node data
(bsc#1215696 bsc#1217790).
- commit ec7f699
- krb5
-
- Fix vulnerabilities in GSS message token handling, add patch
0011-Fix-vulnerabilities-in-GSS-message-token-handling.patch
* CVE-2024-37370, bsc#1227186
* CVE-2024-37371, bsc#1227187
- Fix memory leaks, add patch 0010-Fix-three-memory-leaks.patch
* CVE-2024-26458, bsc#1220770
* CVE-2024-26461, bsc#1220771
* CVE-2024-26462, bsc#1220772
- less
-
- Fix CVE-2024-32487, mishandling of \n character in paths when
LESSOPEN is set leads to OS command execution
(CVE-2024-32487, bsc#1222849)
* CVE-2024-32487.patch
- Fix CVE-2022-48624, LESSCLOSE handling in less does not quote shell
metacharacters, bsc#1219901
* CVE-2022-48624.patch
- util-linux
-
- lscpu: Add more ARM cores (bsc#1223605,
util-linux-lscpu-add-more-ARM-cores-1.patch,
util-linux-lscpu-add-more-ARM-cores-2.patch,
util-linux-lscpu-add-more-ARM-cores-3.patch,
util-linux-lscpu-add-more-ARM-cores-4.patch,
util-linux-lscpu-add-more-ARM-cores-5.patch,
util-linux-lscpu-add-more-ARM-cores-6.patch).
- Document that chcpu -g is not supported on IBM z/VM (bsc#1218609,
util-linux-chcpu-document-zVM-limitations.patch).
- bsc#1220117: Processes not cleaned up after failed SSH session are using up 100% CPU
+ util-linux-more-exit-if-POLLERR-and-POLLHUP-on-stdin-is-received.patch
- Properly neutralize escape sequences in wall
(util-linux-CVE-2024-28085.patch, bsc#1221831, CVE-2024-28085,
and its prerequisites: util-linux-fputs_careful1.patch,
util-linux-wall-migrate-to-memstream.patch
util-linux-fputs_careful2.patch).
- Add upstream patch
util-linux-libuuid-avoid-truncate-clocks.txt-to-improve-perform.patch
bsc#1207987 gh#util-linux/util-linux@1d98827edde4
- duktape
-
- Ship libduktape206-32bit: needed by libproxy since version 0.5.
- expat
-
- Security fix (boo#1221289, CVE-2024-28757): XML Entity Expansion
attack when there is isolated use of external parsers.
* Added expat-CVE-2024-28757.patch
- Security fix:
* (CVE-2023-52425, bsc#1219559) denial of service (resource
consumption) caused by processing large tokens.
- Added patch expat-CVE-2023-52425-1.patch
- Added patch expat-CVE-2023-52425-2.patch
- Added patch expat-CVE-2023-52425-backport-parser-changes.patch
- Added patch expat-CVE-2023-52425-fix-tests.patch
- mozilla-nss
-
- update to NSS 3.90.2
* bmo#1780432 - (CVE-2023-5388) Timing attack against RSA
decryption in TLS. (bsc#1216198)
* bmo#1867408 - add a defensive check for large ssl_DefSend
return values.
- gcc13
-
- Update to GCC 13.3 release
- Update to gcc-13 branch head, b7a2697733d19a093cbdd0e200, git8761
- Removed gcc13-pr111731.patch now included upstream
- Add gcc13-amdgcn-remove-fiji.patch removing Fiji support from
the GCN offload compiler as that is requiring Code Object version 3
which is no longer supported by llvm18.
- Add gcc13-pr101523.patch to avoid combine spending too much
compile-time and memory doing nothing on s390x. [boo#1188441]
- Make requirement to lld version specific to avoid requiring the
meta-package.
- Add gcc13-pr111731.patch to fix unwinding for JIT code.
[bsc#1221239]
- Revert libgccjit dependency change. [boo#1220724]
- Fix libgccjit-devel dependency, a newer shared library is OK.
- Fix libgccjit dependency, the corresponding compiler isn't required.
- Use %patch -P N instead of %patchN.
- Add gcc13-sanitizer-remove-crypt-interception.patch to remove
crypt and crypt_r interceptors. The crypt API change in SLE15 SP3
breaks them. [bsc#1219520]
- Update to gcc-13 branch head, 67ac78caf31f7cb3202177e642, git8285
- Add gcc13-pr88345-min-func-alignment.diff to add support for
- fmin-function-alignment. [bsc#1214934]
- Use %{_target_cpu} to determine host and build.
- Update to gcc-13 branch head, fc7d87e0ffadca49bec29b2107, git8250
* Includes fix for building TVM. [boo#1218492]
- Add cross-X-newlib-devel requires to newlib cross compilers.
[boo#1219031]
- Package m2rte.so plugin in the gcc13-m2 sub-package rather than
in gcc13-devel. [boo#1210959]
- Require libstdc++6-devel-gcc13 from gcc13-m2 as m2 programs
are linked against libstdc++6.
- Update to gcc-13 branch head, 36ddb5230f56a30317630a928, git8205
- Update to gcc-13 branch head, 741743c028dc00f27b9c8b1d5, git8109
* Includes fix for building mariadb on i686. [bsc#1217667]
* Remove pr111411.patch contained in the update.
- Avoid update-alternatives dependency for accelerator crosses.
- Package tool links to llvm in cross-amdgcn-gcc13 rather than in
cross-amdgcn-newlib13-devel since that also has the dependence.
- Depend on llvmVER instead of llvm with VER equal to
%product_libs_llvm_ver where available and adjust tool discovery
accordingly. This should also properly trigger re-builds when
the patchlevel version of llvmVER changes, possibly changing
the binary names we link to. [bsc#1217450]
- gnutls
-
- Security fix: [bsc#1221747, CVE-2024-28835]
* gnutls: certtool crash when verifying a certificate chain
* Add gnutls-CVE-2024-28835.patch
- Security fix: [bsc#1221746, CVE-2024-28834]
* gnutls: side-channel in the deterministic ECDSA
* Add gnutls-CVE-2024-28834.patch
- jitterentropy: Release the memory of the entropy collector when
using jitterentropy with phtreads as there is also a
pre-intitization done in the main thread. [bsc#1221242]
* Add gnutls-FIPS-jitterentropy-deinit-threads.patch
- Security fix: [bsc#1218862, CVE-2024-0567]
* gnutls: rejects certificate chain with distributed trust
* Cockpit (which uses gnuTLS) rejects certificate chain with
distributed trust.
* Add gnutls-CVE-2024-0567.patch
- Security fix: [bsc#1218865, CVE-2024-0553]
* Incomplete fix for CVE-2023-5981.
* The response times to malformed ciphertexts in RSA-PSK
ClientKeyExchange differ from response times of ciphertexts
with correct PKCS#1 v1.5 padding.
* Add gnutls-CVE-2024-0553.patch
- jitterentropy
-
- Fix a stack corruption on s390x: [bsc#1209627]
* Output size of the STCKE command on s390x is 16 bytes, compared
to 8 bytes of the STCK command. Fix a stack corruption in the
s390x version of jent_get_nstime(). Add some more detailed
information on the STCKE command.
* github.com/smuellerDD/jitterentropy-library/commit/7bf9f85
* Add jitterentropy-fix-a-stack-corruption-on-s390x.patch
- ncurses
-
- Add patch ncurses-6.1-bsc1220061.patch (bsc#1220061, CVE-2023-45918)
* Backport from ncurses-6.4-20230615.patch
improve checks in convert_string() for corrupt terminfo entry
- libndp
-
- Add libndp-CVE-2024-5564.patch: add a check on the route
information option length field (bsc#1225771 CVE-2024-5564).
- nghttp2
-
- security update
- added patches
fix CVE-2024-28182 [bsc#1221399], HTTP/2 CONTINUATION frames can be utilized for DoS attacks
+ nghttp2-CVE-2024-28182-1.patch
fix CVE-2024-28182-2 [bsc#1221399], HTTP/2 CONTINUATION frames can be utilized for DoS attacks
+ nghttp2-CVE-2024-28182-2.patch
- openssl-1_1
-
- Apply "openssl-CVE-2024-4741.patch" to fix a use-after-free
security vulnerability. Calling the function SSL_free_buffers()
potentially caused memory to be accessed that was previously
freed in some situations and a malicious attacker could attempt
to engineer a stituation where this occurs to facilitate a
denial-of-service attack. [CVE-2024-4741, bsc#1225551]
- Security fix: [bsc#1222548, CVE-2024-2511]
* Fix unconstrained session cache growth in TLSv1.3
* Add openssl-CVE-2024-2511.patch
- Security fix: [bsc#1219243, CVE-2024-0727]
* Add NULL checks where ContentInfo data can be NULL
* Add openssl-CVE-2024-0727.patch
- polkit
-
- Change permissions for rules folders (bsc#1209282)
- protobuf
-
- update to 25.1:
* Raise warnings for deprecated python syntax usages
* Add support for extensions in CRuby, JRuby, and FFI Ruby
* Add support for options in CRuby, JRuby and FFI (#14594)
- update to 25.0:
* Implement proto2/proto3 with editions
* Defines Protobuf compiler version strings as macros and
separates out suffix string definition.
* Add utf8_validation feature back to the global feature set.
* Setting up version updater to prepare for poison pills and
embedding version info into C++, Python and Java gencode.
* Merge the protobuf and upb Bazel repos
* Editions: Introduce functionality to protoc for generating
edition feature set defaults.
* Editions: Migrate edition strings to enum in C++ code.
* Create a reflection helper for ExtensionIdentifier.
* Editions: Provide an API for C++ generators to specify their
features.
* Editions: Refactor feature resolution to use an intermediate
message.
* Publish extension declarations with declaration
verifications.
* Editions: Stop propagating partially resolved feature sets to
plugins.
* Editions: Migrate string_field_validation to a C++ feature
* Editions: Include defaults for any features in the generated
pool.
* Protoc: parser rejects explicit use of map_entry option
* Protoc: validate that reserved range start is before end
* Protoc: support identifiers as reserved names in addition to
string literals (only in editions)
* Drop support for Bazel 5.
* Allow code generators to specify whether or not they support
editions.
[#] C++
* Set `PROTOBUF_EXPORT` on
`InternalOutOfLineDeleteMessageLite()`
* Update stale checked-in files
* Apply PROTOBUF_NOINLINE to declarations of some functions
that want it.
* Implement proto2/proto3 with editions
* Make JSON UTF-8 boundary check inclusive of the largest
possible UTF-8 character.
* Reduce `Map::size_type` to 32-bits. Protobuf containers can't
have more than that
* Defines Protobuf compiler version strings as macros and
separates out suffix string definition.
* Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated
oneof accessors.
* Fix bug in reflection based Swap of map fields.
* Add utf8_validation feature back to the global feature set.
* Setting up version updater to prepare for poison pills and
embedding version info into C++, Python and Java gencode.
* Add prefetching to arena allocations.
* Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated
repeated and map field accessors.
* Editions: Migrate edition strings to enum in C++ code.
* Create a reflection helper for ExtensionIdentifier.
* Editions: Provide an API for C++ generators to specify their
features.
* Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated
string field accessors.
* Editions: Refactor feature resolution to use an intermediate
message.
* Fixes for 32-bit MSVC.
* Publish extension declarations with declaration
verifications.
* Export the constants in protobuf's any.h to support DLL
builds.
* Implement AbslStringify for the Descriptor family of types.
* Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated
message field accessors.
* Editions: Stop propagating partially resolved feature sets to
plugins.
* Editions: Migrate string_field_validation to a C++ feature
* Editions: Include defaults for any features in the generated
pool.
* Introduce C++ feature for UTF8 validation.
* Protoc: validate that reserved range start is before end
* Remove option to disable the table-driven parser in protoc.
* Lock down ctype=CORD in proto file.
* Support split repeated fields.
* In OSS mode omit some extern template specializations.
* Allow code generators to specify whether or not they support
editions.
[#] Java
* Implement proto2/proto3 with editions
* Remove synthetic oneofs from Java gencode field accessor
tables.
* Timestamps.parse: Add error handling for invalid
hours/minutes in the timezone offset.
* Defines Protobuf compiler version strings as macros and
separates out suffix string definition.
* Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated
oneof accessors.
* Add missing debugging version info to Protobuf Java gencode
when multiple files are generated.
* Fix a bad cast in putBuilderIfAbsent when already present due
to using the result of put() directly (which is null if it
currently has no value)
* Setting up version updater to prepare for poison pills and
embedding version info into C++, Python and Java gencode.
* Fix a NPE in putBuilderIfAbsent due to using the result of
put() directly (which is null if it currently has no value)
* Update Kotlin compiler to escape package names
* Add MapFieldBuilder and change codegen to generate it and the
put{field}BuilderIfAbsent method.
* Introduce recursion limit in Java text format parsing
* Consider the protobuf.Any invalid if typeUrl.split("/")
returns an empty array.
* Mark `FieldDescriptor.hasOptionalKeyword()` as deprecated.
* Fixed Python memory leak in map lookup.
* Loosen upb for json name conflict check in proto2 between
json name and field
* Defines Protobuf compiler version strings as macros and
separates out suffix string definition.
* Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated
oneof accessors.
* Ensure Timestamp.ToDatetime(tz) has correct offset
* Do not check required field for upb python MergeFrom
* Setting up version updater to prepare for poison pills and
embedding version info into C++, Python and Java gencode.
* Merge the protobuf and upb Bazel repos
* Comparing a proto message with an object of unknown returns
NotImplemented
* Emit __slots__ in pyi output as a tuple rather than a list
for --pyi_out.
* Fix a bug that strips options from descriptor.proto in
Python.
* Raise warings for message.UnknownFields() usages and navigate
to the new add
* Add protobuf python keyword support in path for stub
generator.
* Add tuple support to set Struct
* ### Python C-Extension (Default)
* Comparing a proto message with an object of unknown returns
NotImplemented
* Check that ffi-compiler loads before using it to define
tasks.
[#] UPB (Python/PHP/Ruby C-Extension)
* Include .inc files directly instead of through a filegroup
* Loosen upb for json name conflict check in proto2 between
json name and field
* Add utf8_validation feature back to the global feature set.
* Do not check required field for upb python MergeFrom
* Merge the protobuf and upb Bazel repos
* Added malloc_trim() calls to Python allocator so RSS will
decrease when memory is freed
* Upb: fix a Python memory leak in ByteSize()
* Support ASAN detection on clang
* Upb: bugfix for importing a proto3 enum from within a proto2
file
* Expose methods needed by Ruby FFI using UPB_API
* Fix `PyUpb_Message_MergeInternal` segfault
- build against modern python on sle15
- Build with source and target levels 8
* fixes build with JDK21
- Install the pom file with the new %%mvn_install_pom macro
- Do not install the pom-only artifacts, since the %%mvn_install_pom
macro resolves the variables at the install time
- update to 23.4:
* Add dllexport_decl for generated default instance.
* Deps: Update Guava to 32.0.1
- update to 23.3:
C++
* Regenerate stale files
* Use the same ABI for static and shared libraries on non-
Windows platforms
* Add a workaround for GCC constexpr bug
Objective-C
* Regenerate stale files
UPB (Python/PHP/Ruby C-Extension)
* Fixed a bug in `upb_Map_Delete()` that caused crashes in
map.delete(k) for Ruby when string-keyed maps were in use.
Compiler
* Add missing header to Objective-c generator
* Add a workaround for GCC constexpr bug
Java
* Rollback of: Simplify protobuf Java message builder by
removing methods that calls the super class only.
Csharp
* [C#] Replace regex that validates descriptor names
- drop 0001-Use-the-same-ABI-for-static-and-shared-libraries-on-.patch (upstream)
- Add patch to fix linking ThreadSafeArena:
* 0001-Use-the-same-ABI-for-static-and-shared-libraries-on-.patch
- Drop the protobuf-source package, no longer used
- update to 22.5:
C++
* Add missing cstdint header
* Fix: missing -DPROTOBUF_USE_DLLS in pkg-config (#12700)
* Avoid using string(JOIN..., which requires cmake 3.12
* Explicitly include GTest package in examples
* Bump Abseil submodule to 20230125.3 (#12660)
- update to 22.4:
C++
* Fix libprotoc: export useful symbols from .so
* Fix btree issue in map tests.
Python
* Fix bug in _internal_copy_files where the rule would fail in
downstream repositories.
Other
* Bump utf8_range to version with working pkg-config (#12584)
* Fix declared dependencies for pkg-config
* Update abseil dependency and reorder dependencies to ensure
we use the version specified in protobuf_deps.
* Turn off clang::musttail on i386
- drop python2 handling
- fix version handling and package the private libs again
- Fix confusion in versions
- Mention the rpmlintrc file in the spec.
- Make possible to build on older systems, like SLE12 that miss
some of the used macros.
- update to v22.3
UPB (Python/PHP/Ruby C-Extension)
* Remove src prefix from proto import
* Fix .gitmodules to use the correct absl branch
* Remove erroneous dependency on googletest
- update to 22.2:
Java
* Add version to intra proto dependencies and add kotlin stdlib
dependency
* Add $ back for osgi header
* Remove $ in pom files
- update to 22.1:
* Add visibility of plugin.proto to python directory
* Strip "src" from file name of plugin.proto
* Add OSGi headers to pom files.
* Remove errorprone dependency from kotlin protos.
* Version protoc according to the compiler version number.
- update to 22.0:
* This version includes breaking changes to: Cpp.
Please refer to the migration guide for information:
https://protobuf.dev/support/migration/#compiler-22
* [Cpp] Migrate to Abseil's logging library.
* [Cpp] `proto2::Map::value_type` changes to `std::pair`.
* [Cpp] Mark final ZeroCopyInputStream, ZeroCopyOutputStream,
and DefaultFieldComparator classes.
* [Cpp] Add a dependency on Abseil (#10416)
* [Cpp] Remove all autotools usage (#10132)
* [Cpp] Add C++20 reserved keywords
* [Cpp] Dropped C++11 Support
* [Cpp] Delete Arena::Init
* [Cpp] Replace JSON parser with new implementation
* [Cpp] Make RepeatedField::GetArena non-const in order to
support split RepeatedFields.
* long list of bindings specific fixes see
https://github.com/protocolbuffers/protobuf/releases/tag/v22.0
- python sub packages version is set 4.22.3 as defined in
python/google/protobuf/__init__.py to stay compatible
- skip python2 builds by default
- drop patches:
* 10355.patch,
* gcc12-disable-__constinit-with-c++-11.patch (merged upstream)
- added patches:
* add-missing-stdint-header.patch added for compile fixes
- Enable LTO (boo#1133277).
- update to v21.12:
* Python
* Fix broken enum ranges (#11171)
* Stop requiring extension fields to have a sythetic oneof (#11091)
* Python runtime 4.21.10 not works generated code can not load valid
proto.
- update to 21.11:
* Python
* Add license file to pypi wheels (#10936)
* Fix round-trip bug (#10158)
- update to 21.10:
* Java
* Use bit-field int values in buildPartial to skip work on unset groups of
fields. (#10960)
* Mark nested builder as clean after clear is called (#10984)
- update to 21.9:
* Ruby
* Replace libc strdup usage with internal impl to restore musl compat (#10818)
* Auto capitalize enums name in Ruby (#10454) (#10763)
* Other
* Fix for grpc.tools #17995 & protobuf #7474 (handle UTF-8 paths in argumentfile) (#10721)
* C++
* 21.x No longer define no_threadlocal on OpenBSD (#10743)
* Java
* Mark default instance as immutable first to avoid race during static initialization of default instances (#10771)
* Refactoring java full runtime to reuse sub-message builders and prepare to
migrate parsing logic from parse constructor to builder.
* Move proto wireformat parsing functionality from the private "parsing
constructor" to the Builder class.
* Change the Lite runtime to prefer merging from the wireformat into mutable
messages rather than building up a new immutable object before merging. This
way results in fewer allocations and copy operations.
* Make message-type extensions merge from wire-format instead of building up
instances and merging afterwards. This has much better performance.
* Fix TextFormat parser to build up recurring (but supposedly not repeated)
sub-messages directly from text rather than building a new sub-message and
merging the fully formed message into the existing field.
- update to 21.6:
C++:
* Reduce memory consumption of MessageSet parsing
- update to 21.5:
PHP
* Added getContainingOneof and getRealContainingOneof to descriptor.
* fix PHP readonly legacy files for nested messages
Python
* Fixed comparison of maps in Python.
- add 10355.patch to fix soversioning
- update to 21.4:
* Reduce the required alignment of ArenaString from 8 to 4
- update to 21.3:
* C++
* Add header search paths to Protobuf-C++.podspec (#10024)
* Fixed Visual Studio constinit errors (#10232)
* Fix #9947: make the ABI compatible between debug and non-debug builds (#10271)
* UPB
* Allow empty package names (fixes behavior regression in 4.21.0)
* Fix a SEGV bug when comparing a non-materialized sub-message (#10208)
* Fix several bugs in descriptor mapping containers (eg. descriptor.services_by_name)
* for x in mapping now yields keys rather than values, to match Python
conventions and the behavior of the old library.
* Lookup operations now correctly reject unhashable types as map keys.
* We implement repr() to use the same format as dict.
* Fix maps to use the ScalarMapContainer class when appropriate
* Fix bug when parsing an unknown value in a proto2 enum extension (protocolbuffers/upb#717)
* PHP
* Add "readonly" as a keyword for PHP and add previous classnames to descriptor pool (#10041)
* Python
* Make //:protobuf_python and //:well_known_types_py_pb2 public (#10118)
* Bazel
* Add back a filegroup for :well_known_protos (#10061)
- Update to 21.2:
- C++
- cmake: Call get_filename_component() with DIRECTORY mode instead of PATH mode (#9614)
- Escape GetObject macro inside protoc-generated code (#9739)
- Update CMake configuration to add a dependency on Abseil (#9793)
- Fix cmake install targets (#9822)
- Use __constinit only in GCC 12.2 and up (#9936)
- Java
- Update protobuf_version.bzl to separate protoc and per-language java … (#9900)
- Python
- Increment python major version to 4 in version.json for python upb (#9926)
- The C extension module for Python has been rewritten to use the upb library.
- This is expected to deliver significant performance benefits, especially when
parsing large payloads. There are some minor breaking changes, but these
should not impact most users. For more information see:
https://developers.google.com/protocol-buffers/docs/news/2022-05-06#python-updates
- PHP
- [PHP] fix PHP build system (#9571)
- Fix building packaged PHP extension (#9727)
- fix: reserve "ReadOnly" keyword for PHP 8.1 and add compatibility (#9633)
- fix: phpdoc syntax for repeatedfield parameters (#9784)
- fix: phpdoc for repeatedfield (#9783)
- Change enum string name for reserved words (#9780)
- chore: [PHP] fix phpdoc for MapField keys (#9536)
- Fixed PHP SEGV by not writing to shared memory for zend_class_entry. (#9996)
- Ruby
- Allow pre-compiled binaries for ruby 3.1.0 (#9566)
- Implement respond_to? in RubyMessage (#9677)
- [Ruby] Fix RepeatedField#last, #first inconsistencies (#9722)
- Do not use range based UTF-8 validation in truffleruby (#9769)
- Improve range handling logic of RepeatedField (#9799)
- Other
- Fix invalid dependency manifest when using descriptor_set_out (#9647)
- Remove duplicate java generated code (#9909)
- Do not use %%autosetup, but %%setup and %%patch on other line
* Allows building on SLE-12-SP5
- Add temporary patch gcc12-disable-__constinit-with-c++-11.patch
that addresses gh#protocolbuffers/protobuf#9916.
- python3
-
- Add CVE-2024-4032-private-IP-addrs.patch to fix bsc#1226448
(CVE-2024-4032) rearranging definition of private v global IP
addresses.
- Add CVE-2024-0397-memrace_ssl.SSLContext_cert_store.patch
fixing bsc#1226447 (CVE-2024-0397) by removing memory race
condition in ssl.SSLContext certificate store methods.
- Add bpo38361-syslog-no-slash-ident.patch (bsc#1222109,
gh#python/cpython!16557) fixes syslog making default "ident"
from sys.argv[0].
- Update CVE-2023-52425-libexpat-2.6.0-backport.patch so that
it uses features sniffing, not just comparing version number
(bsc#1220664, bsc#1219559, bsc#1221563, bsc#1222075).
- Remove support-expat-CVE-2022-25236-patched.patch, which was
the previous name of this patch.
- Add CVE-2023-52425-remove-reparse_deferral-tests.patch skipping
failing tests.
- Refresh patches:
- CVE-2023-27043-email-parsing-errors.patch
- fix_configure_rst.patch
- skip_if_buildbot-extend.patch
- bsc#1221854 (CVE-2024-0450) Add
CVE-2024-0450-zipfile-avoid-quoted-overlap-zipbomb.patch
detecting the vulnerability of the "quoted-overlap" zipbomb
(from gh#python/cpython!110016).
- Add bh42369-thread-safety-zipfile-SharedFile.patch (from
gh#python/cpython!26974) required by the previous patch.
- Add expat-260-test_xml_etree-reparse-deferral.patch to make the
interpreter work with patched libexpat in our distros.
- Move all patches from locally sourced to the branch
opensuse-3.6 branch at GitHub repo, and move all metadata to
commits themselves (readable in the headers of each patch).
- Add bpo-41675-modernize-siginterrupt.patch to make Python build
cleanly even on more recent SPs of SLE-15
(gh#python/cpython#85841).
- Remove patches:
- bpo36263-Fix_hashlib_scrypt.patch - fix against bug in
OpenSSL fixed in 1.1.1c (gh#openssl/openssl!8483), so this
patch is redundant on all SUSE-supported distros
- python-3.3.0b1-test-posix_fadvise.patch - protection
against the kernel issues which has been fixed in
gh#torvalds/linux@3d3727cdb07f, which has been included in
all our kernels more recent than SLE-11.
- python-3.3.3-skip-distutils-test_sysconfig_module.patch -
skips a test, which should be relevant only for testing on
Mac OS X systems with universal builds. I have no valid
record, that this test would be ever problematic on Linux.
- bpo-36576-skip_tests_for_OpenSSL-111.patch, which was
included already in Python 3.5.
- (bsc#1219666, CVE-2023-6597) Add
CVE-2023-6597-TempDir-cleaning-symlink.patch (patch from
gh#python/cpython!99930) fixing symlink bug in cleanup of
tempfile.TemporaryDirectory.
- Merge together bpo-36576-skip_tests_for_OpenSSL-111.patch into
skip_SSL_tests.patch, and make them include all conditionals.
- Refresh CVE-2023-27043-email-parsing-errors.patch to
gh#python/cpython!111116, fixing bsc#1210638 (CVE-2023-27043).
- libsolv
-
- add a conflict to older libsolv-tools to libsolv-tools-base
- improve updating of installed multiversion packages
- fix decision introspection going into an endless loop in some
cases
- added experimental lua bindings
- bump version to 0.7.29
- split libsolv-tools into libsolv-tools-base [jsc#PED-8153]
- build for multiple python versions [jsc#PED-6218]
- bump version to 0.7.28
- libssh
-
- Fix regression parsing IPv6 addresses provided as hostname (bsc#1220385)
* Added libssh-fix-ipv6-hostname-regression.patch
- Update to version 0.9.8
* Fix CVE-2023-6004: Command injection using proxycommand (bsc#1218209)
* Fix CVE-2023-48795: Potential downgrade attack using strict kex (bsc#1218126)
* Fix CVE-2023-6918: Missing checks for return values of MD functions (bsc#1218186)
* Allow @ in usernames when parsing from URI composes
- Update to version 0.9.7
* Fix CVE-2023-1667: a NULL dereference during rekeying with algorithm
guessing (bsc#1211188)
* Fix CVE-2023-2283: a possible authorization bypass in
pki_verify_data_signature under low-memory conditions (bsc#1211190)
* Fix several memory leaks in GSSAPI handling code
- systemd
-
- Import commit 2cb4d40f1c6a388706af8a83d5344fc0de3c6f4d (merge of v249.17)
c8578cef7f resolved: actually check authenticated flag of SOA transaction
- Import commit 86f0670d3a01c1a2d4df17f1c68d03f1586195e3
ba7f1df7a5 vconsole-setup: simplify error handling
94f4eaea77 Introduce RET_GATHER and use it in src/shared/
e02406fcc1 mount: replace UNIT_DEPENDENCY_MOUNTINFO_OR_FILE with UNIT_DEPENDENCY_MOUNTINFO/UNIT_DEPENDENCY_MOUNT_FILE
0b8db54511 mount: drop UNIT_DEPENDENCY_MOUNTINFO_IMPLICIT and UNIT_DEPENDENCY_MOUNTINFO_DEFAULT
98ba536bd1 mount: always use UNIT_DEPENDENCY_FILE in mount_add_quota_dependencies()
73c7b2bb48 core/mount: make device deps from /proc/self/mountinfo and .mount unit file exclusive
ba585a28d7 core: Add trace logging to mount_add_device_dependencies()
36e0a4f80f core/mount: also remove default deps from /proc/self/mountinfo when it is updated (bsc#1217460)
bc107c86c3 core/mount: set Mount.from_proc_self_mountinfo flag before adding default dependencies
ce4907c7c3 core: wrap some long comment
- Import commit e677079182c975ecdad88a76f657fecb4de523d9
7692c5bda8 utmp-wtmp: handle EINTR gracefully when waiting to write to tty
29c3eb4681 utmp-wtmp: fix error in case isatty() fails
98970eb90b homed: handle EINTR gracefully when waiting for device node
0305809edd resolved: handle -EINTR returned from fd_wait_for_event() better
40db4d6abe sd-netlink: handle EINTR from poll() gracefully, as success
5e681711c6 varlink: also handle EINTR gracefully when waiting for EIO via ppoll()
6bbd70f092 stdio-bridge: don't be bothered with EINTR
f978feb591 sd-bus: handle -EINTR return from bus_poll() (bsc#1215241)
746962ff40 core: replace slice dependencies as they get added (bsc#1214668)
- systemd.spec: add missing `%tmpfiles_create systemd-resolve.conf`
- Rename 0001-restore-var-run-and-var-lock-bind-mount-if-they-aren.patch into
1013-strip-the-domain-part-from-etc-hostname-when-setting.patch
- Rename 0003-strip-the-domain-part-from-etc-hostname-when-setting.patch into
1014-udev-create-default-symlinks-for-primary-cd_dvd-driv.patch
- Rename 0005-udev-create-default-symlinks-for-primary-cd_dvd-driv.patch into
1015-networkd-make-network.service-an-alias-of-systemd-ne.patch
- Rename 0007-networkd-make-network.service-an-alias-of-systemd-ne.patch into
1016-core-disable-session-keyring-per-system-sevice-entir.patch
- Rename 0011-core-disable-session-keyring-per-system-sevice-entir.patch into
1017-restore-var-run-and-var-lock-bind-mount-if-they-aren.patch
Hence these patch files can be easily identified as SLE specific ones.
- tpm2-0-tss
-
- add 0001-FAPI-Fix-check-of-magic-number-in-verify-quote.patch: fixes
CVE-2024-29040 (bsc#1223690): Missing verification of the magic number in
Fapi_VerifyQuote(), which might allow an attacker to generate arbitrary
quote data, which would not be detected by Fapi_VerifyQuote().
- libxml2
-
- Security fix (CVE-2024-34459, bsc#1224282) buffer over-read in
xmlHTMLPrintFileContext in xmllint.c
* Added libxml2-CVE-2024-34459.patch
- Security fix (CVE-2024-25062, bsc#1219576) use-after-free in XMLReader
* Added libxml2-CVE-2024-25062.patch
- libzypp
-
- zypp-tui: Make sure translated texts use the correct textdomain
(fixes #551)
- Skip libproxy1 requires for tumbleweed.
- version 17.34.1 (34)
- don't require libproxy1 on tumbleweed, it is optional now
- version 17.34.0 (34)
- Fix versioning scheme
- version 17.33.4 (35)
- add one more missing export for libyui-qt-pkg
- Revert eintrSafeCall behavior to setting errno to 0.
- version 17.33.3 (34)
- fix up requires_eq usage for libsolv-tools-base
- add one more missing export for PackageKit
- version 17.33.2
- version 17.33.1 (33)
- switch to reduced size libsolv-tools-base (jsc#PED-8153)
- Fixed check for outdated repo metadata as non-root user
(bsc#1222086)
- Add ZYPP_API for exported functions and switch to
visibility=hidden (jsc#PED-8153)
- Dynamically resolve libproxy (jsc#PED-8153)
- version 17.33.0 (33)
- Fix download from gpgkey URL (bsc#1223430, fixes openSUSE/zypper#546)
- version 17.32.6 (32)
- Don't try to refresh volatile media as long as raw metadata are
present (bsc#1223094)
- version 17.32.5 (32)
- Fix creation of sibling cache dirs with too restrictive mode
(bsc#1222398)
Some install workflows in YAST may lead to too restrictive (0700)
raw cache directories in case of newly created repos. Later
commands running with user privileges may not be able to access
these repos.
- version 17.32.4 (32)
- Update RepoStatus fromCookieFile according to the files mtime
(bsc#1222086)
- TmpFile: Don't call chmod if makeSibling failed.
- version 17.32.3 (32)
- Fixup New VendorSupportOption flag VendorSupportSuperseded
(jsc#OBS-301, jsc#PED-8014)
Fixed the name of the keyword to "support_superseded" as it was
agreed on in jsc#OBS-301.
- version 17.32.2 (32)
- Add resolver option 'removeUnneeded' to file weak remove jobs
for unneeded packages (bsc#1175678)
- version 17.32.1 (32)
- Add resolver option 'removeOrphaned' for distupgrade
(bsc#1221525)
- New VendorSupportOption flag VendorSupportSuperseded
(jsc#OBS-301, jsc#PED-8014)
- Tests: fix vsftpd.conf where SUSE and Fedora use different
defaults (fixes #522)
- Add default stripe minimum (#529)
- Don't expose std::optional where YAST/PK explicitly use c++11.
- Digest: Avoid using the deprecated OPENSSL_config.
- version 17.32.0 (32)
- ProblemSolution::skipsPatchesOnly overload to handout the
patches.
- Remove https->http redirection exceptions for
download.opensuse.org.
- version 17.31.32 (22)
- tui: allow to access the underlying ostream of out::Info.
- Add MLSep: Helper to produce not-NL-terminated multi line
output.
- version 17.31.31 (22)
- applydeltaprm: Create target directory if it does not exist
(bsc#1219442)
- Add ProblemSolution::skipsPatchesOnly (for openSUSE/zypper#514)
- Fix problems with EINTR in ExternalDataSource::getline (fixes
bsc#1215698)
- version 17.31.30 (22)
- CheckAccessDeleted: fix running_in_container detection
(bsc#1218782)
- Detect CURLOPT_REDIR_PROTOCOLS_STR availability at runtime
(bsc#1218831)
- Make Wakeup class EINTR safe.
- Add a way to cancel media operations on shutdown
(openSUSE/zypper#522)
This patch adds a mechanism to signal libzypp that a shutdown was
requested, usually when CTRL+C was pressed by the user. Currently
only the media backend will utilize this, but can be extended to
all code paths that use g_poll() to wait for events.
- Manually poll fds for curl in MediaCurl.
Using curl_easy_perform does not give us the required control on
when we want to cancel a download. Switching to the MultiCurl
implementation with a external poll() event loop will give us
much more freedom and helps us to improve our Ctrl+C handling.
- Move reusable curl poll code to curlhelper.h.
- version 17.31.29 (22)
- Fix to build with libxml 2.12.x (fixes #505)
- version 17.31.28 (22)
- shadow
-
- bsc#1176006: Fix chage date miscalculation
Add shadow-bsc1176006-chage-date.patch
- bsc#1188307: Fix passwd segfault
Add shadow-bsc1188307-passwd-segfault.patch
- bsc#1203823: Remove pam_keyinit from PAM config files
Remove pam_keyinit from PAM configuration.
This was introduced for bsc#1144060.
- bsc#1214806 (CVE-2023-4641):
Fix potential password leak
- Add shadow-CVE-2023-4641.patch
- bsc#1213189: Change lock mechanism to file locking to prevent
lock files after power interruptions
- Add shadow-4.8.1-lock-mechanism.patch
- bsc#1206627: Add --prefix support to passwd, chpasswd and chage
Needed for YaST
- Add shadow-4.8.1-add-prefix-passwd-chpasswd-chage.patch
- bsc#1210507 (CVE-2023-29383):
Check for control characters
- Add shadow-CVE-2023-29383.patch
- Added patch:
* shadow-4.8.1-AUDIT_NO_ID.patch
+ fix bsc#1205502: useradd audit event user id field cannot
be interpreted
- netcfg
-
- Add krb-prop entry, fix for bsc#1211886.
- openssh
-
- Add patches from upstream to change the default value of
UpdateHostKeys to Yes (unless VerifyHostKeyDNS is enabled).
This makes ssh update the known_hosts stored keys with all
published versions by the server (after it's authenticated
with an existing key), which will allow to identify the
server with a different key if the existing key is considered
insecure at some point in the future (bsc#1222831).
* 0001-upstream-enable-UpdateHostkeys-by-default-when-the.patch
* 0002-upstream-disable-UpdateHostkeys-by-default-if.patch
- Add patches openssh-7.7p1-seccomp_getuid.patch and
openssh-bsc1216474-s390-leave-fds-open.patch
(bsc#1216474, bsc#1218871)
- Fix hostbased ssh login failing occasionally with "signature
unverified: incorrect signature" by fixing a typo in patch
(bsc#1221123):
* openssh-7.8p1-role-mls.patch
- Added openssh-cve-2023-51385.patch (bsc#1218215, CVE-2023-51385).
This limits the use of shell metacharacters in host- and
user names.
- pam-config
-
- Fix pam_gnome_keyring module for AUTH.
[pam-config-fix-pam_gnome_keyring.patch, bsc#1219767]
- pam
-
- Add missing O_DIRECTORY flag in `protect_dir()` for pam_namespace module.
[bsc#1218475, pam-bsc1218475-pam_namespace-O_DIRECTORY-flag.patch]
- pam_lastlog: check localtime_r() return value (bsc#1217000)
* Added: pam-bsc1217000-pam_lastlog-check-localtime_r-return-value.patch
- perl-Bootloader
-
- merge gh#openSUSE/perl-bootloader#166
- log grub2-install errors correctly (bsc#1221470)
- 0.947
- merge gh#openSUSE/perl-bootloader#161
- support old grub versions (<= 2.02) that used /usr/lib
(bsc#1218842)
- create EFI boot fallback directory if necessary
- 0.946
- perl
-
- fix space calculation issues in pp_pack.c [bnc#1082216]
[CVE-2018-6913]
* new patch: perl-pack-overflow.diff
- fix heap buffer overflow in regexec.c [bnc#1082233]
[CVE-2018-6798]
new patch: perl-regexec-heap-overflow.diff
- make Net::FTP work with TLS 1.3 [bnc#1213638]
new patch: perl-net-ftp-tls13.diff
- python-instance-billing-flavor-check
-
- Version 0.0.6 (bsc#1218561)
Support proxy setup on the client to access the update infrastructure
API
- Version 0.0.5
Add IPv6 support (bsc#1218739)
- python-Jinja2
-
- Add CVE-2024-34064.patch upstream patch
(CVE-2024-34064, bsc#1223980, gh#pallets/jinja@0668239dc6b4)
Also fixes (CVE-2024-22195, bsc#1218722)
- python3-M2Crypto
-
- Disable broken tests with openssl 3.2, bsc#1217782
- add timeout_300hz.patch to accept a small deviation from time
in the testsuite (bsc#1212757)
- Adapt tests for OpenSSL v3.1.0
* Add openssl-adapt-tests-for-3.1.0.patch
- add openssl-stop-parsing-header.patch (bsc#1205042)
- add m2crypto-0.38-ossl3-tests.patch
- python-chardet
-
- Fix update-alternative in %postun, bsc#1218765
- python-idna
-
- Add CVE-2024-3651.patch, backported from upstream commit
gh#kjd/idna#172/commits/5beb28b9dd77912c0dd656d8b0fdba3eb80222e7
(bsc#1222842, CVE-2024-3651)
- python-requests
-
- Update CVE-2024-35195.patch to allow the usage of "verify" parameter
as a directory, bsc#1225912
- Add CVE-2024-35195.patch (CVE-2024-35195, bsc#1224788)
- Add httpbin.patch to fix a test failure caused by the previous patch.
- salt
-
- Speed up salt.matcher.confirm_top by using __context__
- Do not call the async wrapper calls with the separate thread
- Prevent OOM with high amount of batch async calls (bsc#1216063)
- Add missing contextvars dependency in salt.version
- Skip tests for unsupported algorithm on old OpenSSL version
- Remove redundant `_file_find` call to the master
- Prevent possible exception in tornado.concurrent.Future._set_done
- Make reactor engine less blocking the EventPublisher
- Make salt-master self recoverable on killing EventPublisher
- Improve broken events catching and reporting
- Make logging calls lighter
- Remove unused import causing delays on starting salt-master
- Mark python3-CherryPy as recommended package for the testsuite
- Added:
* skip-tests-for-unsupported-algorithm-on-old-openssl-.patch
* make-reactor-engine-less-blocking-the-eventpublisher.patch
* remove-unused-import-causing-delays-on-starting-salt.patch
* make-logging-calls-lighter.patch
* remove-redundant-_file_find-call-to-the-master.patch
* prevent-possible-exception-in-tornado.concurrent.fut.patch
* do-not-call-the-async-wrapper-calls-with-the-separat.patch
* add-missing-contextvars-dependency-in-salt.version.patch
* prevent-oom-with-high-amount-of-batch-async-calls-bs.patch
* speed-up-salt.matcher.confirm_top-by-using-__context.patch
* improve-broken-events-catching-and-reporting.patch
* make-salt-master-self-recoverable-on-killing-eventpu.patch
- Make "man" a recommended package instead of required
- Convert oscap output to UTF-8
- Make Salt compatible with Python 3.11
- Ignore non-ascii chars in oscap output (bsc#1219001)
- Fix detected issues in Salt tests when running on VMs
- Make importing seco.range thread safe (bsc#1211649)
- Fix problematic tests and allow smooth tests executions
on containers
- Discover Ansible playbook files as "*.yml" or "*.yaml"
files (bsc#1211888)
- Provide user(salt)/group(salt) capabilities for RPM 4.19
- Extend dependencies for python3-salt-testsuite
and python3-salt packages
- Improve Salt and testsuite packages multibuild
- Enable multibuilld and create test flavor
- Prevent exceptions with fileserver.update when called
via state (bsc#1218482)
- Improve pip target override condition with VENV_PIP_TARGET
environment variable (bsc#1216850)
- Fixed KeyError in logs when running a state that fails
- Added:
* make-importing-seco.range-thread-safe-bsc-1211649.patch
* fixed-keyerror-in-logs-when-running-a-state-that-fai.patch
* allow-kwargs-for-fileserver-roots-update-bsc-1218482.patch
* decode-oscap-byte-stream-to-string-bsc-1219001.patch
* fix-problematic-tests-and-allow-smooth-tests-executi.patch
* discover-both-.yml-and-.yaml-playbooks-bsc-1211888.patch
* fix-salt-warnings-and-testuite-for-python-3.11-635.patch
* switch-oscap-encoding-to-utf-8-639.patch
* fix-tests-failures-and-errors-when-detected-on-vm-ex.patch
* improve-pip-target-override-condition-with-venv_pip_.patch
- Prevent directory traversal when creating syndic cache directory
on the master (CVE-2024-22231, bsc#1219430)
- Prevent directory traversal attacks in the master's serve_file
method (CVE-2024-22232, bsc#1219431)
- Added:
* fix-cve-2024-22231-and-cve-2024-22232-bsc-1219430-bs.patch
- Ensure that pillar refresh loads beacons from pillar without restart
- Fix the aptpkg.py unit test failure
- Prefer unittest.mock to python-mock in test suite
- Enable "KeepAlive" probes for Salt SSH executions (bsc#1211649)
- Revert changes to set Salt configured user early in the stack (bsc#1216284)
- Align behavior of some modules when using salt-call via symlink (bsc#1215963)
- Fix gitfs "__env__" and improve cache cleaning (bsc#1193948)
- Remove python-boto dependency for the python3-salt-testsuite package for Tumbleweed
- Added:
* enable-keepalive-probes-for-salt-ssh-executions-bsc-.patch
* update-__pillar__-during-pillar_refresh.patch
* fix-gitfs-__env__-and-improve-cache-cleaning-bsc-119.patch
* dereference-symlinks-to-set-proper-__cli-opt-bsc-121.patch
* prefer-unittest.mock-for-python-versions-that-are-su.patch
* fix-the-aptpkg.py-unit-test-failure.patch
* revert-make-sure-configured-user-is-properly-set-by-.patch
- rpm-ndb
-
- remove imaevmsign plugin from rpm-ndb [bsc#1222259]
- runc
-
- Add upstream patch <https://github.com/opencontainers/runc/pull/4219> to
properly fix -ENOSYS stub on ppc64le. bsc#1192051 bsc#1221050
+ 0001-bsc1221050-libct-seccomp-patchbpf-rm-duplicated-code.patch
+ 0002-bsc1221050-seccomp-patchbpf-rename-nativeArch-linuxA.patch
+ 0003-bsc1221050-seccomp-patchbpf-always-include-native-ar.patch
- Update to runc v1.1.12. Upstream changelog is available from
<https://github.com/opencontainers/runc/releases/tag/v1.1.12>. bsc#1218894
* This release fixes a container breakout vulnerability (CVE-2024-21626). For
more details, see the upstream security advisory:
<https://github.com/opencontainers/runc/security/advisories/GHSA-xr7r-f8xq-vfvv>
* Remove upstreamed patches:
- CVE-2024-21626.patch
* Update runc.keyring to match upstream changes.
[ This was only ever released for SLES. ]
- Add upstream patch to fix embargoed issue CVE-2024-21626. bsc#1218894
<https://github.com/opencontainers/runc/security/advisories/GHSA-xr7r-f8xq-vfvv>
+ CVE-2024-21626.patch
- Update to runc v1.1.11. Upstream changelog is available from
<https://github.com/opencontainers/runc/releases/tag/v1.1.11>.
- sed
-
- 0001-sed-set-correct-umask-on-temporary-files.patch
Fix for bsc#1221218
- selinux-policy
-
- Update to version 20230511+git15.bdc96df2:
* Dontaudit getty and plymouth the checkpoint_restore capability (bsc#1220361)
- Update to version 20230511+git13.edb03d70:
* allow rebootmgr to read the system state (bsc#1205931)
* Allow keepalived_t read+write kernel_t pipes (bsc#1216060)
- sudo
-
- Fix NOPASSWD issue introduced by patches for CVE-2023-42465
[bsc#1221151, bsc#1221134]
* Update sudo-CVE-2023-42465-1of2.patch sudo-CVE-2023-42465-2of2.patch
* Enable running regression selftests during build time.
- Security fix: [bsc#1219026, bsc#1220389, CVE-2023-42465]
* Try to make sudo less vulnerable to ROWHAMMER attacks.
* Add sudo-CVE-2023-42465-1of2.patch sudo-CVE-2023-42465-2of2.patch
- supportutils-plugin-suse-public-cloud
-
- Update to version 1.0.9 (bsc#1218762, bsc#1218763)
+ Remove duplicate data collection for the plugin itself
+ Collect archive metering data when available
+ Query billing flavor status
- supportutils
-
- Changes in version 3.1.30
+ Added -V key:value pair option (bsc#1222021, PED-8211)
+ Avoid getting duplicate kernel verifications in boot.text (pr#193)
+ Suppress file descriptor leak warnings from lvm commands (pr#192, bsc#1220082)
+ Includes container log timestamps (pr#197)
- Changes to version 3.1.29
+ Extended scaling for performance (bsc#1214713)
+ Fixed kdumptool output error (bsc#1218632)
+ Corrected podman ID errors (bsc#1218812)
+ Duplicate non root podman entries removed (bsc#1218814)
+ Corrected get_sles_ver for SLE Micro (bsc#1219241)
+ Check nvidida-persistenced state (bsc#1219639)
- Additional changes in version 3.1.28
+ ipset - List entries for all sets
+ ipvsadm - Inspect the virtual server table (pr#185)
+ Correctly detects Xen Dom0 (bsc#1218201)
+ Fixed smart disk error (bsc#1218282)
- Changes in version 3.1.28
+ Inhibit the conversion of port numbers to port names for network files (cherry picked from commit 55f5f716638fb15e3eb1315443949ed98723d250)
+ powerpc: collect rtas_errd.log and lp_diag.log files (pr#175)
+ Get list of pam.d file (cherry picked from commit eaf35c77fd4bc039fd7e3d779ec1c2c6521283e2)
+ Remove supportutils requires for util-linux-systemd and kmod (bsc#1193173)
+ Added missing klp information to kernel-livepatch.txt (bsc#1216390)
+ Fixed plugins creating empty files when using supportconfig.rc (bsc#1216388)
+ Provides long listing for /etc/sssd/sssd.conf (bsc#1211547)
+ Optimize lsof usage (bsc#1183663)
+ Added mokutil commands for secureboot (pr#179)
+ Collects chrony or ntp as needed (bsc#1196293)
- Changes in version 3.1.27
+ Fixed podman display issue (bsc#1217287)
+ Added nvme-stas configuration to nvme.txt (bsc#1216049)
+ Added timed command to fs-files.txt (bsc#1216827)
+ Collects zypp history file issue#166 (bsc#1216522)
+ Changed -x OPTION to really be exclude only (issue#146)
+ Collect HA related rpm package versions in ha.txt (pr#169)
- suse-build-key
-
- Added new keys of the SLE Micro 6.0 / SLES 16 series, and auto import
them. (bsc#1227429)
gpg-pubkey-09d9ea69-645b99ce.asc: Main SLE Micro 6/SLES 16 key
gpg-pubkey-73f03759-626bd414.asc: Backup SLE Micro 6/SLES 16 key.
- Switch container key to be default RSA 4096bit. (jsc#PED-2777)
- run rpm commands in import script only when libzypp is not
active. bsc#1219189 bsc#1219123
- run import script also in %posttrans section, but only when
libzypp is not active. bsc#1219189 bsc#1219123
- suse-module-tools
-
- Update to version 15.5.5:
* Include unblacklist in initramfs (bsc#1224320)
* regenerate-initrd-posttrans: run update-bootloader --refresh for XEN
(bsc#1223278)
* 60-io-scheduler.rules: test for "scheduler" sysfs attribute (boo#1216717)
- Update to version 15.5.4:
* rpm-script: add symlink /boot/.vmlinuz.hmac (bsc#1217775)
- suseconnect-ng
-
- Update to version 1.9.0
* Fix certificate import for Yast when using a registration proxy with
self-signed SSL certificate (bsc#1223107)
- Update to version 1.8.0
* Allow "--rollback" flag to run on readonly filesystem (bsc#1220679)
- Update to version 1.7.0
* Allow SUSEConnect on read write transactional systems (bsc#1219425)
- Update to version 1.6.0
* Disable EULA display for addons (bsc#1218649 and bsc#1217961)
- Update to version 1.5.0
* Configure docker credentials for registry authentication
* Feature: Support usage from Agama + Cockpit for ALP Micro system registration (bsc#1218364)
* Add --json output option
- sysconfig
-
- Update to last SLE-15-SP2…5:Update sysconfig version preserving
SLE-Micro specific spec file adjustments (jsc#MSC-784).
- version 0.85.9
- spec: revert to recommend wicked-service on <= 15.4
- netconfig: remove sed dependency
- netconfig/dns-resolver: remove search limit of 6 domains (bsc#1199093)
- netconfig: cleanup /var/run leftovers (bsc#1194557)
- netconfig: update ntp man page documentation, fix typos
- spec: drop legacy migration (from sle11) and rpm-utils
- version 0.85.8
- netconfig: revert NM default policy change change (boo#1185882)
With the change to the default policy, netconfig with NetworkManager
as network.service accepted settings from all services/programs
directly instead only from NetworkManager, where plugins/services
have to deliver their settings to apply them.
- systemd-default-settings
-
- Import 0.10
5088997 SLE: Disable pids controller limit under user instances (jsc#SLE-10123)
- Import 0.9
bb859bf user@.service: Disable controllers by default (jsc#PED-2276)
- The usage of drop-ins is now the official way for configuring systemd and its
various daemons on Factory/ALP. Hence the early drop-ins SUSE specific
"feature" has been abandoned.
- Import 0.8
f34372f User priority '26' for SLE-Micro
c8b6f0a Revert "Convert more drop-ins into early ones"
- Import commit 6b8dde1d4f867aff713af6d6830510a84fad58d2
6b8dde1 Convert more drop-ins into early ones
- systemd-presets-common-SUSE
-
- Split hcn-init.service to hcn-init-NetworkManager and hcn-init-wicked
(bsc#1200731 ltc#198485 https://github.com/ibm-power-utilities/powerpc-utils/pull/84)
Support both the old and new service to avoid complex version interdependency.
- systemd-rpm-macros
-
- Bump version to 15
- Order packages that requires systemd after systemd-sysvcompat when this part
of the transaction (bsc#1217964)
systemd-sysvcompat has been introduced recently and contains the compatibility
scripts used to support SysV init scripts. Make sure that the packages ordered
after systemd are also ordered after systemd-sysvcompat so theirs rpm
scriptlets can still rely on the compat scripts.
On distributions where systemd-sysvcompat doesn't exist, the new ordering
constraint should be a nop.
- timezone
-
- update to 2024a:
* Kazakhstan unifies on UTC+5. This affects Asia/Almaty and
Asia/Qostanay which together represent the eastern portion of the
country that will transition from UTC+6 on 2024-03-01 at 00:00 to
join the western portion. (Thanks to Zhanbolat Raimbekov.)
* Palestine springs forward a week later than previously predicted
in 2024 and 2025. (Thanks to Heba Hamad.) Change spring-forward
predictions to the second Saturday after Ramadan, not the first;
this also affects other predictions starting in 2039.
* Asia/Ho_Chi_Minh's 1955-07-01 transition occurred at 01:00
not 00:00. (Thanks to Đoàn Trần Công Danh.)
* From 1947 through 1949, Toronto's transitions occurred at 02:00
not 00:00. (Thanks to Chris Walton.)
* In 1911 Miquelon adopted standard time on June 15, not May 15.
* The FROM and TO columns of Rule lines can no longer be "minimum"
or an abbreviation of "minimum", because TZif files do not support
DST rules that extend into the indefinite past - although these
rules were supported when TZif files had only 32-bit data, this
stopped working when 64-bit TZif files were introduced in 1995.
This should not be a problem for realistic data, since DST was
first used in the 20th century. As a transition aid, FROM columns
like "minimum" are now diagnosed and then treated as if they were
the year 1900; this should suffice for TZif files on old systems
with only 32-bit time_t, and it is more compatible with bugs in
2023c-and-earlier localtime.c. (Problem reported by Yoshito
Umaoka.)
* localtime and related functions no longer mishandle some
timestamps that occur about 400 years after a switch to a time
zone with a DST schedule. In 2023d data this problem was visible
for some timestamps in November 2422, November 2822, etc. in
America/Ciudad_Juarez. (Problem reported by Gilmore Davidson.)
* strftime %s now uses tm_gmtoff if available. (Problem and draft
patch reported by Dag-Erling Smørgrav.)
* The strftime man page documents which struct tm members affect
which conversion specs, and that tzset is called. (Problems
reported by Robert Elz and Steve Summit.)
- update to 2023d:
* Ittoqqortoormiit, Greenland changes time zones on
2024-03-31.
* Vostok, Antarctica changed time zones on 2023-12-18.
* Casey, Antarctica changed time zones five times since
2020.
* Code and data fixes for Palestine timestamps starting in
2072.
* A new data file zonenow.tab for timestamps starting now.
* Fix predictions for DST transitions in Palestine in
2072-2075, correcting a typo introduced in 2023a.
* Vostok, Antarctica changed to +05 on 2023-12-18. It had
been at +07 (not +06) for years.
* Change data for Casey, Antarctica to agree with
timeanddate.com, by adding five time zone changes since 2020.
Casey is now at +08 instead of +11.
* Much of Greenland, represented by America/Nuuk, changed
its standard time from -03 to -02 on 2023-03-25, not on
2023-10-28.
* localtime.c no longer mishandles TZif files that contain
a single transition into a DST regime. Previously,
it incorrectly assumed DST was in effect before the transition
too.
* tzselect no longer creates temporary files.
* tzselect no longer mishandles the following:
* Spaces and most other special characters in BUGEMAIL,
PACKAGE, TZDIR, and VERSION.
* TZ strings when using mawk 1.4.3, which mishandles
regular expressions of the form /X{2,}/.
* ISO 6709 coordinates when using an awk that lacks the
GNU extension of newlines in -v option-arguments.
* Non UTF-8 locales when using an iconv command that
lacks the GNU //TRANSLIT extension.
* zic no longer mishandles data for Palestine after the
year 2075.
- Refresh tzdata-china.diff
- tpm2.0-tools
-
- Add 0001-tpm2_checkquote-Fix-check-of-magic-number.patch: tpm2_checkquote
did not check whether the magic number in the attest is equal to
TPM2_GENERATED_VALUE, which might allow a malicious actor to generate
arbitrary quote data, undetected by tpm2_checkquote (bsc#1223687, CVE-2024-29038).
- Add 0001-tpm2_checkquote-Add-comparison-of-pcr-selection.patch:
tpm2_checkquote did not compare the --pcr parameter passed to the tool with
the attest. A malicious actor might thus be able to fake a valid
attestation (bsc#1223689, CVE-2024-29039).
- util-linux-systemd
-
- lscpu: Add more ARM cores (bsc#1223605,
util-linux-lscpu-add-more-ARM-cores-1.patch,
util-linux-lscpu-add-more-ARM-cores-2.patch,
util-linux-lscpu-add-more-ARM-cores-3.patch,
util-linux-lscpu-add-more-ARM-cores-4.patch,
util-linux-lscpu-add-more-ARM-cores-5.patch,
util-linux-lscpu-add-more-ARM-cores-6.patch).
- Document that chcpu -g is not supported on IBM z/VM (bsc#1218609,
util-linux-chcpu-document-zVM-limitations.patch).
- bsc#1220117: Processes not cleaned up after failed SSH session are using up 100% CPU
+ util-linux-more-exit-if-POLLERR-and-POLLHUP-on-stdin-is-received.patch
- Properly neutralize escape sequences in wall
(util-linux-CVE-2024-28085.patch, bsc#1221831, CVE-2024-28085,
and its prerequisites: util-linux-fputs_careful1.patch,
util-linux-wall-migrate-to-memstream.patch
util-linux-fputs_careful2.patch).
- Add upstream patch
util-linux-libuuid-avoid-truncate-clocks.txt-to-improve-perform.patch
bsc#1207987 gh#util-linux/util-linux@1d98827edde4
- vim
-
- Updated to version 9.1 with patch level 0330, fixes the following problems
* Fixing bsc#1220763 - vim gets Segmentation fault after updating to version 9.1.0111-150500.20.9.1
- refreshed vim-7.3-filetype_spec.patch
- refreshed vim-7.3-filetype_ftl.patch
- Update spec.skeleton to use autosetup in place of setup macro.
- for the complete list of changes see
https://github.com/vim/vim/compare/v9.1.0111...v9.1.0330
- Updated to version 9.1 with patch level 0111, fixes the following security problems
* Fixing bsc#1217316 (CVE-2023-48231) - VUL-0: CVE-2023-48231: vim: Use-After-Free in win_close()
* Fixing bsc#1217320 (CVE-2023-48232) - VUL-0: CVE-2023-48232: vim: Floating point Exception in adjust_plines_for_skipcol()
* Fixing bsc#1217321 (CVE-2023-48233) - VUL-0: CVE-2023-48233: vim: overflow with count for :s command
* Fixing bsc#1217324 (CVE-2023-48234) - VUL-0: CVE-2023-48234: vim: overflow in nv_z_get_count
* Fixing bsc#1217326 (CVE-2023-48235) - VUL-0: CVE-2023-48235: vim: overflow in ex address parsing
* Fixing bsc#1217329 (CVE-2023-48236) - VUL-0: CVE-2023-48236: vim: overflow in get_number
* Fixing bsc#1217330 (CVE-2023-48237) - VUL-0: CVE-2023-48237: vim: overflow in shift_line
* Fixing bsc#1217432 (CVE-2023-48706) - VUL-0: CVE-2023-48706: vim: heap-use-after-free in ex_substitute
* Fixing bsc#1219581 (CVE-2024-22667) - VUL-0: CVE-2024-22667: vim: stack-based buffer overflow in did_set_langmap function in map.c
* Fixing bsc#1215005 (CVE-2023-4750) - VUL-0: CVE-2023-4750: vim: Heap use-after-free in function bt_quickfix
- for the complete list of changes see
https://github.com/vim/vim/compare/v9.0.2103...v9.1.0111
- wpa_supplicant
-
- Add CVE-2023-52160.patch - Bypassing WiFi Authentication (bsc#1219975)
- Change ctrl_interface from /var/run to %_rundir (/run)
- xen
-
- Update to Xen 4.17.4 security bug fix release (bsc#1027519)
xen-4.17.4-testing-src.tar.bz2
* No upstream changelog found in sources or webpage
- bsc#1221984 - VUL-0: CVE-2023-46842: xen: x86 HVM hypercalls may
trigger Xen bug check (XSA-454)
- bsc#1222302 - VUL-0: CVE-2024-31142: xen: x86: Incorrect logic
for BTC/SRSO mitigations (XSA-455)
- bsc#1222453 - VUL-0: CVE-2024-2201: xen: x86: Native Branch
History Injection (XSA-456)
- Dropped patches contained in new tarball
650dac01-x86-paging-drop-update_cr3-do_locking.patch
65842d5c-x86-AMD-extend-CPU-erratum-1474-fix.patch
659d44da-x86-HVM-hide-SVM-VMX-when.patch
65a7a0a4-x86-Intel-GPCC-setup.patch
65a9911a-VMX-IRQ-handling-for-EXIT_REASON_INIT.patch
65b27990-x86-p2m-pt-off-by-1-in-entry-check.patch
65b8f961-PCI-fail-dev-assign-if-phantom-functions.patch
65b8f9ab-VT-d-else-vs-endif-misplacement.patch
65c2104d-AMD-IVMD-memtype-check.patch
65cb29fe-x86-HVM-tidy-state-on-hvmemul_map_linear_addr.patch
65d7277f-build-fail-when-kconfig-fails.patch
65d727cf-x86emul-EVEX-R-checks.patch
65dca902-x86-spec-set-BRANCH_HARDEN-option-only-when.patch
65dcd66b-x86-entry-EFRAME_-constants.patch
65ddda52-x86-CET-stub-exn-recovery.patch
65ddea60-x86-spec-log-builtin-HARDEN-options.patch
65ddea7c-x86-spec-set-INDIRECT_THUNK-only-when-enabled.patch
65ddea90-x86-spec-dont-log-thunk-option-if-not.patch
65df3430-x86-Resync-intel-family-h.patch
65e02fce-libxl-SEGV-in-device_model_spawn_outcome.patch
65e2371b-x86-CP-allow-levelling-of-VERW-side-effects.patch
65eee676-x86-mm-last-L1e-detection-in-mxml.patch
65f079a1-VMX-perform-VERW-flushing-later.patch
65f079a2-x86-spec-ctrl-perform-VERW-flushing-later.patch
65f079a3-x86-spec-ctrl-rename-VERW-related-options.patch
65f079a4-x86-spec-ctrl-VERW-handling-adjustments.patch
65f079a5-x86-spec-ctrl-mitigate-RFDS.patch
65f079a6-swap-order-of-actions-in-FREE-macros.patch
65f079a7-x86-spinlock-block-speculation-into.patch
65f079a8-rwlock-block-speculation-into.patch
65f079a9-percpu-rwlock-block-speculation-into.patch
65f079aa-locking-wrappers-always-inline.patch
65f079ab-x86-mm-speculation-barriers-in-open-coded.patch
65f079ac-x86-protect-conditional-locking-from-speculative.patch
- bsc#1221332 - VUL-0: CVE-2023-28746: xen: x86: Register File Data
Sampling (XSA-452)
65dcd66b-x86-entry-EFRAME_-constants.patch
65df3430-x86-Resync-intel-family-h.patch
65f079a1-VMX-perform-VERW-flushing-later.patch
65f079a2-x86-spec-ctrl-perform-VERW-flushing-later.patch
65f079a3-x86-spec-ctrl-rename-VERW-related-options.patch
65f079a4-x86-spec-ctrl-VERW-handling-adjustments.patch
65f079a5-x86-spec-ctrl-mitigate-RFDS.patch
- bsc#1221334 - VUL-0: CVE-2024-2193: xen: GhostRace: Speculative
Race Conditions (XSA-453)
650dac01-x86-paging-drop-update_cr3-do_locking.patch
65f079a6-swap-order-of-actions-in-FREE-macros.patch
65f079a7-x86-spinlock-block-speculation-into.patch
65f079a8-rwlock-block-speculation-into.patch
65f079a9-percpu-rwlock-block-speculation-into.patch
65f079aa-locking-wrappers-always-inline.patch
65f079ab-x86-mm-speculation-barriers-in-open-coded.patch
65f079ac-x86-protect-conditional-locking-from-speculative.patch
- Upstream bug fixes (bsc#1027519)
65eee676-x86-mm-last-L1e-detection-in-mxml.patch
- bsc#1219885 - VUL-0: CVE-2023-46841: xen: x86: shadow stack vs
exceptions from emulation stubs (XSA-451)
65ddda52-x86-CET-stub-exn-recovery.patch
- Upstream bug fixes (bsc#1027519)
659d44da-x86-HVM-hide-SVM-VMX-when.patch
65c2104d-AMD-IVMD-memtype-check.patch
65cb29fe-x86-HVM-tidy-state-on-hvmemul_map_linear_addr.patch
65d7277f-build-fail-when-kconfig-fails.patch
65d727cf-x86emul-EVEX-R-checks.patch
65dca902-x86-spec-set-BRANCH_HARDEN-option-only-when.patch
65ddea60-x86-spec-log-builtin-HARDEN-options.patch
65ddea7c-x86-spec-set-INDIRECT_THUNK-only-when-enabled.patch
65ddea90-x86-spec-dont-log-thunk-option-if-not.patch
65e02fce-libxl-SEGV-in-device_model_spawn_outcome.patch
65e2371b-x86-CP-allow-levelling-of-VERW-side-effects.patch
- Patches replaced by newer upstream versions
xsa451.patch
- bsc#1219885 - VUL-0: CVE-2023-46841: xen: x86: shadow stack vs
exceptions from emulation stubs (XSA-451)
xsa451.patch
- Upstream bug fixes (bsc#1027519)
65842d5c-x86-AMD-extend-CPU-erratum-1474-fix.patch
65a7a0a4-x86-Intel-GPCC-setup.patch
65a9911a-VMX-IRQ-handling-for-EXIT_REASON_INIT.patch
65b27990-x86-p2m-pt-off-by-1-in-entry-check.patch
- bsc#1218851 - VUL-0: CVE-2023-46839: xen: phantom functions
assigned to incorrect contexts (XSA-449)
65b8f961-PCI-fail-dev-assign-if-phantom-functions.patch
- bsc#1219080 - VUL-0: CVE-2023-46840: xen: VT-d: Failure to
quarantine devices in !HVM builds (XSA-450)
65b8f9ab-VT-d-else-vs-endif-misplacement.patch
- Patches replaced by newer upstream versions
xsa449.patch
xsa450.patch
- bsc#1219080 - VUL-0: CVE-2023-46840: xen: VT-d: Failure to
quarantine devices in !HVM builds (XSA-450)
xsa450.patch
- bsc#1218851 - VUL-0: CVE-2023-46839: xen: phantom functions
assigned to incorrect contexts (XSA-449)
xsa449.patch
- xfsprogs
-
- xfs_copy: don't use cached buffer reads until after libxfs_mount
(bsc#1227150)
- Add xfsprogs-xfs_copy-don-t-use-cached-buffer-reads-until-after-l.patch
- yast2
-
- Properly close nested progress callbacks (bsc#1223281)
- 4.5.27
- Allow host/domain names starting with an underscore (bsc#1219920)
- 4.5.26
- zypper
-
- Fixed check for outdated repo metadata as non-root user
(bsc#1222086)
- BuildRequires: libzypp-devel >= 17.33.0.
- Delay zypp lock until command options are parsed (bsc#1223766)
- version 1.14.73
- Unify message format(fixes #485)
- version 1.14.72
- switch cmake build type to RelWithDebInfo
- modernize spec file (remove Authors section, use proper macros,
remove redundant clean section, don't mark man pages as doc)
- switch to -O2 -fvisibility=hidden -fpie:
* PIC is not needed as no shared lib is built
* fstack-protector-strong is default on modern dists and would
be downgraded by fstack-protector
* default visibility hidden allows better optimisation
* O2 is reducing inlining bloat
- > 18% reduced binary size
- remove procps requires (was only for ZMD which is dropped)
(jsc#PED-8153)
- Do not try to refresh repo metadata as non-root user
(bsc#1222086)
Instead show refresh stats and hint how to update them.
- man: Explain how to protect orphaned packages by collecting
them in a plaindir repo.
- packages: Add --autoinstalled and --userinstalled options to
list them.
- Don't print 'reboot required' message if download-only or
dry-run (fixes #529)
Instead point out that a reboot would be required if the option
was not used.
- Resepect zypper.conf option `showAlias` search commands
(bsc#1221963)
Repository::asUserString (or Repository::label) respects the
zypper.conf option, while name/alias return the property.
- version 1.14.71
- dup: New option --remove-orphaned to remove all orphaned
packages in dup (bsc#1221525)
- version 1.14.70
- info,summary: Support VendorSupportOption flag
VendorSupportSuperseded (jsc#OBS-301, jsc#PED-8014)
- BuildRequires: libzypp-devel >= 17.32.0.
API cleanup and changes for VendorSupportSuperseded.
- Show active dry-run/download-only at the commit propmpt.
- patch: Add --skip-not-applicable-patches option (closes #514)
- Fix printing detailed solver problem description.
The problem description() is one rule out possibly many in
completeProblemInfo() the solver has chosen to represent the
problem. So either description or completeProblemInfo should be
printed, but not both.
- Fix bash-completion to work with right adjusted numbers in the
1st column too (closes #505)
- Set libzypp shutdown request signal on Ctrl+C (fixes #522)
- lr REPO: In the detailed view show all baseurls not just the
first one (bsc#1218171)
- version 1.14.69