- NetworkManager
-
- Add config-server subpackage (bsc#1224868).
- 000release-packages:SL-Micro-release
-
n/a
- aardvark-dns
-
- Update to version 1.12.2:
* Release v1.12.2
* Update release notes for 1.12.2
* coredns: work on tcp requests concurrently
* tcp: add timeout to connection
* cirrus: update branch names
* Release v1.12.1
* Updated release notes for 1.12.1
* Change av cargo categories
* Bump to 1.13.0-dev
* Release 1.12.0
* Release notes for 1.12
* config: ignore enoent errors while reading configs
* run cargo update
* update upsteam resolvers on each refresh
* fix(deps): update rust crate syslog to v7
* fix(deps): update rust crate tokio to 1.39.2
* add tcp support for forwarding (bsc#1234660)
* add tcp listening support
* test: add new test to check for startup error
* return bind error to caller on first start
* add our own error type and use it over anyhow
* server: use anyhow to wrap parse_configs error
* server: split out main loop into new function
* main: remove aardvark-dns error prefix
* coredns: remove unnecessary try_join! call
* coredns: drop pointless name var
* serve: read nameservers once
* replace signal-hook with tokio::signal
* serve: fix broken error logging
* server: improve parent <-> child error handling
* add some basic perf check script
* fix(deps): update rust crate tokio to 1.39.0
* coredns: create reply_ip() function
* coredns: match dns type explicitly
* server: use only one tokio runtime
* coredns: improve indentation for process_message()
* coredns: move upstream resolvers detection later
* coredns: do not clone sender
* read AARDVARK_NO_PROXY once
* coredns: move main code out of select!
* coredns: fix "name" naming
* coredns: remove unused forward_addr/port
* coredns: fix handling of dns search domain
* coredns: rework PTR lookup flow
* fix(deps): update rust crate tokio to 1.38.1
* [skip-ci] TMT: Reorg upstream tests for downstream reusability
* [skip-ci] Packit: use `packages: [aardvark-dns-fedora]` for podman-next builds
* Be sure to have at least Epoch 2 to preserve upgrade path in c10s.
* fix(deps): update rust crate log to 0.4.22
* [CI:BUILD] rpm: Update Rust macro usage
* fix(deps): update rust crate tokio to 1.38.0
* Bump to 1.12.0-dev
- Remove redundant source: cargo_config
- Update to version 1.11.0:
* Release v1.11.0
* v1.11.0 release notes
* run cargo update
* chore(deps): update dependency containers/automation_images to v20240529
* Internal networks cannot make external DNS requests
* fix(deps): update rust crate anyhow to 1.0.86
* fix(deps): update rust crate nix to 0.29.0
* [skip-ci] RPM: use default __cargo macro across all envs
* chore(deps): update dependency containers/automation_images to v20240513
* fix(deps): update rust crate anyhow to 1.0.83
* [skip-ci] Packit: separate `packages` key for rhel jobs
* fix(deps): update rust crate libc to 0.2.154
* [skip-ci] Packit: enable rhel10, c10s tests and c10s downstream sync
* [skip-ci] Packit: Remove EL8 jobs
* fix(deps): update rust crate syslog to ^6.1.1
* fix reverse ipv6 lookup test flake
* fix(deps): update hickory-dns monorepo to 0.24.1
* chore(deps): update rust crate chrono to 0.4.38
* Don't tear down all server threads on SIGHUP (bsc#1224167)
* fix(deps): update rust crate anyhow to 1.0.82
* fix(deps): update rust crate tokio to 1.37.0
* Update to nix-0.28.0
* update chrono package
* chore(deps): update dependency containers/automation_images to v20240320
* fix(deps): update rust crate anyhow to 1.0.81
* tests: check queried domain name in reverse lookup tests
* fix: set name for answers in reverse lookups
* chore: fix typo in runner script
* chore: fix log message when doing reverse lookup
* fix(deps): update rust crate log to 0.4.21
* fix(deps): update rust crate anyhow to 1.0.80
* chore(deps): update rust crate chrono to 0.4.34
* fix(deps): update rust crate async-broadcast to 0.7.0
* fix(deps): update rust crate tokio to 1.36.0
* [CI:DOCS] Packit: disable bodhi tasks
* chore(deps): update rust crate chrono to 0.4.33
* Bump to 1.11.0-dev
- audit-secondary
-
- Fix plugin termination when using systemd service units (bsc#1215377)
* add auditd.service-fix-plugin-termination.patch
- ca-certificates-mozilla
-
- reenable the distrusted certs again. the distrust is only for certs
issued after the distrust date, not for all certs of a CA.
remove: remove-distrusted.patch
- explit remove distruted certs, as the distrust does not get exported
correctly and the SSL certs are still trusted. (bsc#1240343)
- Entrust.net Premium 2048 Secure Server CA
- Entrust Root Certification Authority
- AffirmTrust Commercial
- AffirmTrust Networking
- AffirmTrust Premium
- AffirmTrust Premium ECC
- Entrust Root Certification Authority - G2
- Entrust Root Certification Authority - EC1
- GlobalSign Root E46
- GLOBALTRUST 2020
- remove-distrusted.patch: apply to certdata.txt
- Fix awk to compare (missing a =) and give the following output:
[#] NSS_BUILTINS_LIBRARY_VERSION "2.74"
- pass file argument to awk (bsc#1240009)
- update to 2.74 state of Mozilla SSL root CAs:
Removed:
* SwissSign Silver CA - G2
Added:
* D-TRUST BR Root CA 2 2023
* D-TRUST EV Root CA 2 2023
- remove extensive signature printing in comments of the cert
bundle
- Define two macros to break a build cycle with p11-kit.
- Updated to 2.72 state of Mozilla SSL root CAs (bsc#1234798)
Removed:
- SecureSign RootCA11
- Security Communication RootCA3
Added:
- TWCA CYBER Root CA
- TWCA Global Root CA G2
- SecureSign Root CA12
- SecureSign Root CA14
- SecureSign Root CA15
- cloud-init
-
- Add cloud-init-wait-for-net.patch (bsc#1227237)
+ Wait for udev once if we cannot find the expected MAC
- remove dependency on /usr/bin/python3 via using the macros (bsc#1212476)
- cloud-netconfig:ec2
-
- Update to version 1.15
+ Add support for creating IPv6 default route in GCE (bsc#1240869)
+ Minor fix when looking up IPv6 default route
- Update to version 1.14
+ Use '-s' instead of '--no-progress-meter' for curl (bsc#1221757)
- cloud-regionsrv-client
-
- Update version to 10.4.0
+ Remove repositories when the package is being removed
We do not want to leave repositories behind refering to the plugin that
is being removed when the package gets removed (bsc#1240310, bsc#1240311)
+ Turn docker into an optional setup (jsc#PCT-560)
Change the Requires into a Recommends and adapt the code accordingly
+ Support flexible licenses in GCE (jsc#PCT-531)
+ Drop the azure-addon package it is geting replaced by the
license-watcher package which has a generic implementation of the
same functionality.
+ Handle cache inconsistencies (bsc#1218345)
+ Properly handle the zypper root target argument (bsc#1240997)
- Update to 10.3.11 (bsc#1234050)
+ Send registration code for the extensions, not only base product
- Update to 10.3.8 (bsc#1233333)
+ Fix the package requirements for cloud-regionsrv-client
+ Follow changes to suseconnect error reporting from stdout to stderr
- Update to 10.3.7 (bsc#1232770)
+ Fix the product triplet for LTSS, it is always SLES-LTSS, not
$BASEPRODUCT-LTSS
- Update to 10.3.6 (jsc#PCT-471, bsc#1230615)
+ Fix sudo setup
~ permissions cloudguestregistryauth
~ directory ownership /etc/sudoers.d
+ spec file
~ Remove traces of registry related entries on SLE 12
+ Forward port
~ fix-for-sles12-disable-registry.patch
~ fix-for-sles12-no-trans_update.patch
+ Deregister non free extensions at registercloudguest --clean
+ Fix registry cleanup at registercloudguest --clean, don't remove files
+ Prevent duplicate search entries in registry setup
- Update EC2 plugin to 1.0.5
+ Switch to using the region endpoint from IMDS to determine the region
instead of deriving the data from the availability zone
- Update to 10.3.5
+ Update spec file to build in all code streams,
SLE 12, SLE 15, ALP, and SLFO and have proper dependencies
- Update to 10.3.4
+ Modify the message when network access over a specific IP version does
not work. This is an informational message and should not look like
an error
+ Inform the user that LTSS registration takes a little longer
+ Add fix-for-sles12-no-trans_update.patch
+ SLE 12 family has no products with transactional-update we do not
need to look for this condition
- From 10.3.3 (bsc#1229472)
+ Handle changes in process structure to properly identify the running
zypper parent process and only check for 1 PID
- From 10.3.2
+ Remove rgnsrv-clnt-fix-docker-setup.patch included upstream
- From 10.3.1 (jsc#PCT-400)
+ Add support for LTSS registration
+ Add fix-for-sles12-disable-registry.patch
~ No container support in SLE 12
- Add rgnsrv-clnt-fix-docker-setup.patch (bsc#1229137)
+ The entry for the update infrastructure registry mirror was written
incorrectly causing docker daemon startup to fail.
- Update to version 10.3.0 (bsc#1227308, bsc#1222985)
+ Add support for sidecar registry
Podman and rootless Docker support to set up the necessary
configuration for the container engines to run as defined
+ Add running command as root through sudoers file
- container-selinux
-
- Update to version 2.236.0:
* Allow super privileged containers to use RealtimeKit for scheduling
* Add container_ro_file_t to the podman artifact store
- Update to version 2.235.0:
* Bump to v2.235.0
* OWNERS: add wrabcak and zpytela
* OWNERS: initial commit
* container_log{reader,writer}_t: allow watch file
* RPM: Update gating config
* Enable aarch64 testing
* TMT: simplify podman tests
* feat: support /var/lib/crio
- OBS service file: use the tagged commit for archive versioning and don't
just archive the latest changes from the main branch using the latest tag
- Update to version 2.234.2:
* TMT: enable epel idomatically
* Packit: switch back to fedora-all
* RPM: Bump Epoch to 4
* rpm: ship manpage
* Add proper labeling for RamaLama
* Packit: remove rhel / epel jobs
* packit: remove unused file
- Add BuildRequires selinux-policy-%{selinuxtype} to enable building
for SLFO. Might be removed in the future again when 1231252
is fixed.
- Update to version 2.233.0:
* container_engine_t: small change to allow non root exec in a container
* RPM: explicitly list ghosted paths and skip mode verification
* container-selinux install on non selinux-policy-targeted systems (#332)
* set container_log_t type for /var/log/kube-apiserver
* Allow kubelet_t to create a sock file kubelet_var_lib_t
* dontaudit spc_t to mmap_zero
* Packit: update targets (#330)
* container_engine_t: another round of small improvements (#327)
* Allow container_device_plugin_t to use the network (#325)
* RPM: cleanup changelog (#324)
* TMT: Simplify tests
- Update to version 2.232.1:
* Bump to v2.232.1
* TMT: fix srpm download syntax on rawhide
* Bump to 2.232.0
* Packit: remove `update_release` key from downstream jobs (#313)
* Update container-selinux.8 man page
* Add ownership of /usr/share/udica (#312)
* Packit/TMT: upstream maintenance of downstream gating tests
* extend container_engine_t again
* Allow spc_t to use localectl
* Allow spc_t to use timedatectl
* introduce container_use_xserver_devices boolean to allow GPU access
- Update to version 2.231.0:
* Allow container domains to communicate with spc_t unix_stream_sockets
* Move to %posttrans to ensure selinux-policy got updated before
the commands run (bsc#1221720)
- Manual update to version 2.230.0+git4.a8e389d to include this
commit that is needed for the main selinux-policy update to work:
* Rename all /var/run file context entries to /run
- Update to version 2.230.0:
* Move to tar_scm based packaging: added _service and _servicedata
* Allow containers to unmount file systems
* Add buildah as a container_runtime_exec_t label
* Additional rules for container_user_t
* improve container_engine_t
- Update to version 2.228:
* Allow container domains to watch fifo_files
* container_engine_t: improve for podman in kubernetes case
* Allow spc_t to transition to install_t domain
* Default to allowing containers to use dri devices
* Allow access to BPF Filesystems
* Fix kubernetes transition rule
* Label kubensenter as well as kubenswrapper
* Allow container domains to execute container_runtime_tmpfs_t files
* Allow container domains to ptrace themselves
* Allow container domains to use container_runtime_tmpfs_t as an entrypoint
* Add boolean to allow containers to use dri devices
* Give containers access to pod resources endpoint
* Label kubenswrapper kubelet_exec_t
- Update to version 2.222:
* Allow containers to read/write inherited dri devices
- Update to version 2.221:
* Allow containers to shutdown sockets inherited from container
runtimes
* Allow spc_t to use execmod libraries on container file systems
* Add boolean to allow containers to read all cert files
* More MLS Policy allow rules
* Allow container runtimes using pasta bind icmp_socket to port_t
* Fix spc_t transitions from container_runtime_domain
- Update to version 2.215.0:
* Add some MLS rules to policy
* Allow container runtime to dyntransition to spc_t
* Tighten controls on confined users
* Add labels for /var/lib/shared
* Cleanup entrypoint definitions
* Allow container_device_plugin_t access to debugfs
* Allow containers which use devices to map them
- curl
-
- Security fix: [bsc#1236590, CVE-2025-0725]
* content_encoding: drop support for zlib before 1.2.0.4
* content_encoding: put the decomp buffers into the writer structs
* Add curl-CVE-2025-0725.patch
- Security fix: [bsc#1236588, CVE-2025-0167]
* netrc: 'default' with no credentials is not a match
* Add curl-CVE-2025-0167.patch
- smtp: for starttls, do full upgrade [bsc#1235151]
* Make sure the TLS handshake after a successful STARTTLS command
is fully done before further sending/receiving on the connection.
* Add curl-mstp-starttls.patch
- dmidecode
-
- Update to upstream version 3.6 (jsc#PED-8647):
* Support for SMBIOS 3.6.0. This includes new memory device types, new
processor upgrades, and Loongarch support.
* Support for SMBIOS 3.7.0. This includes new port types, new processor
upgrades, new slot characteristics and new fields for memory modules.
* Add bash completion.
* Decode HPE OEM records 197, 239 and 245.
* Implement options --list-strings and --list-types.
* Update HPE OEM records 203, 212, 216, 221, 233, 236, 238 and 242.
* Update Redfish support.
* Bug fixes:
Fix enabled slot characteristics not being printed
* Minor improvements:
Print slot width on its own line
Use standard strings for slot width
* Obsoletes arm-use-alignment-workaround.patch,
dmioem-hpe-oem-record-237-firmware-change.patch and
use-read_file-to-read-from-dump.patch.
Update for HPE servers from upstream:
- dmioem-update-hpe-oem-type-238.patch: Decode PCI bus segment in
HPE type 238 records.
- Drop legacy Provides: and Obsoletes: tags. The split from the
pmtools package happened 15 years ago so they are no longer
relevant.
- transactional-update
-
- Version 4.8.3
- Check return value of register command [bsc#1230901]
- Version 4.8.2
- Allow specifying only low value with setup-kdump [bsc#1230537]
- dracut
-
- Update to version 059+suse.597.gb05a38d8:
* fix(dmsquash-live): do not check ISO md5 if image filesystem (bsc#1240919)
* fix(nfs): set correct ownership of rpc.statd state directories (bsc#1217885)
* perf(nfs): remove references to old rpcbind state dir
* fix(nfs): libnfsidmap plugins not added in some distributions
- Update to version 059+suse.591.ge2ab3f62:
* fix(iscsi): make sure services are shut down when switching root (bsc#1237695)
* fix(iscsi): don't require network setup for qedi
* fix(network-legacy): do not require pgrep when using wicked (bsc#1236982)
- Update to version 059+suse.585.gc1e69422:
Fixes for booting from iSCSI offload with bnx2i (bsc#1228086):
* fix(iscsi): attempt iSCSI login before all interfaces are up
* fix(iscsi): don't require network setup for bnx2i
Other:
* fix(dracut): rework timeout for devices added via --mount and --add-device (bsc#1231792)
- Update to version 059+suse.578.gd47ce28c:
* fix(dm): remove 59-persistent-storage-dm.rules (bsc#1232063)
- Update to version 059+suse.575.g06a9ae1f:
Fixes for NVMeoF boot (bsc#1230468):
* fix(nvmf): install (only) required nvmf modules
* fix(nvmf): require NVMeoF modules
* fix(nvmf): move /etc/nvme/host{nqn,id} requirement to hostonly
- e2fsprogs
-
- resize2fs-Check-number-of-group-descriptors-only-if-.patch: resize2fs: Check
number of group descriptors only if meta_bg is disabled (bsc#1230145)
- EA Inode handling fixes:
- e2fsck-add-more-checks-for-ea-inode-consistency.patch: e2fsck: add more
checks for ea inode consistency (bsc#1223596)
- e2fsck-fix-golden-output-of-several-tests.patch: e2fsck: fix golden output
of several tests (bsc#1223596)
- findutils
-
- do not crash when file system loop was encountered [bsc#1231472]
- added patches
fix https://git.savannah.gnu.org/cgit/findutils.git/commit/?id=e5d6eb919b9
+ findutils-avoid-crash-system-loop.patch
- modified patches
% findutils-xautofs.patch (p1)
- gettext-runtime
-
- Fix crash while handling po files with malformed header and
process them properly
(0003-Fix-malformed-header-processing.patch, boo#1227316).
- glib2
-
- Add glib2-CVE-2025-3360.patch:
Backport 8d60d7dc from upstream, Fix integer overflow when
parsing very long ISO8601 inputs. This will only happen with
invalid (or maliciously invalid) potential ISO8601 strings,
but `g_date_time_new_from_iso8601()` needs to be robust against
that.
(CVE-2025-3360, bsc#1240897)
- glibc
-
- static-setuid-ld-library-path.patch: elf: Ignore LD_LIBRARY_PATH and
debug env var for setuid for static (CVE-2025-4802, bsc#1243317)
- pthread-wakeup.patch: pthreads NPTL: lost wakeup fix 2 (bsc#1234128, BZ
[#25847])
- Mark functions in libc_nonshared.a as hidden (bsc#1239883)
- assert-message-allocation.patch: Fix underallocation of abort_msg_s
struct (CVE-2025-0395, bsc#1236282, BZ #32582))
- prctl-syscall-wrapper.patch: Linux: Switch back to assembly syscall
wrapper for prctl (bsc#1234665, BZ #29770)
- Correctly determine livepatching support
- Remove nss-systemd from default nsswitch.conf (bsc#1233699)
- gpg2
-
- Security fix: [bsc#1236931, bsc#1239119, CVE-2025-30258]
* gpg: Fix regression for the recent malicious subkey DoS fix.
* gpg: Fix another regression due to the T7547 fix.
* The fix for CVE-2025-30258 was introduced in 2.5.5
* Add patches:
- gnupg-gpg-Fix-regression-for-the-recent-malicious-subkey-D.patch
- gnupg-gpg-Fix-another-regression-due-to-the-T7547-fix.patch
- Security update, fix [bsc#1239119]
* Fix a verification DoS due to a malicious subkey in the keyring.
* Add gnupg-fix-dos-subkey.patch
- iputils
-
- Security fix [bsc#1242300, CVE-2025-47268]
* integer overflow in RTT calculation can lead to undefined behavior
* Add iputils-CVE-2025-47268.patch
- kernel-source:kernel-default
-
- fbdev/efifb: Remove PM for parent device (bsc#1244261).
- Refresh
patches.suse/fbdev-efifb-Register-sysfs-groups-through-driver-cor.patch.
- commit 0c56458
- nfsd: Initialize ssc before laundromat_work to prevent NULL
dereference (git-fixes).
- commit 153c2a2
- nfsd: validate the nfsd_serv pointer before calling svc_wake_up
(git-fixes).
- commit af8b93e
- NFSD: Insulate nfsd4_encode_read_plus() from page boundaries
in the encode buffer (git-fixes).
- commit 91b6192
- jffs2: check jffs2_prealloc_raw_node_refs() result in few
other places (git-fixes).
- commit 254a145
- jffs2: check that raw node were preallocated before writing
summary (git-fixes).
- commit 4a6701a
- x86/microcode/AMD: Have __apply_microcode_amd() return bool (git-fixes).
- commit ae818bc
- x86/microcode/AMD: Make __verify_patch_size() return bool (git-fixes).
- commit dcdd8b6
- x86/microcode/AMD: Return bool from find_blobs_in_containers() (git-fixes).
- commit 65dff7c
- x86/microcode/AMD: Do not return error when microcode update is not necessary (git-fixes).
- commit 662ffcd
- x86/idle: Remove MFENCEs for X86_BUG_CLFLUSH_MONITOR in mwait_idle_with_hints() and prefer_mwait_c1_over_halt() (git-fixes).
- commit 15bb5b3
- blacklist.conf: Disable fineibt part of ITS mitigation
- Refresh
patches.suse/x86-its-Enumerate-Indirect-Target-Selection-ITS-bug.patch.
- commit cedb857
- xsk: fix an integer overflow in xp_create_and_assign_umem()
(bsc#1240823 CVE-2025-21997).
- commit 931fc27
- dlm: use SHUT_RDWR for SCTP shutdown (bsc#1228854).
- dlm: mask sk_shutdown value (bsc#1228854).
- commit 730d8cf
- ASoC: Intel: avs: Verify content returned by parse_int_array()
(git-fixes).
- ASoC: Intel: avs: Fix deadlock when the failing IPC is SET_D0IX
(git-fixes).
- ASoC: codecs: hda: Fix RPM usage count underflow (git-fixes).
- commit 7d227ae
- spi: bcm63xx-hsspi: fix shared reset (git-fixes).
- spi: bcm63xx-spi: fix shared reset (git-fixes).
- regulator: max14577: Add error check for max14577_read_reg()
(git-fixes).
- usb: usbtmc: Fix timeout value in get_stb (git-fixes).
- usb: usbtmc: Fix read_stb function and get_stb ioctl
(git-fixes).
- usb: cdnsp: Fix issue with detecting command completion event
(git-fixes).
- usb: cdnsp: Fix issue with detecting USB 3.2 speed (git-fixes).
- usb: Flush altsetting 0 endpoints before reinitializating them
after reset (git-fixes).
- usb: typec: tcpm/tcpci_maxim: Fix bounds check in process_rx()
(git-fixes).
- thunderbolt: Fix a logic error in wake on connect (git-fixes).
- usb: renesas_usbhs: Reorder clock handling and power management
in probe (git-fixes).
- vt: remove VT_RESIZE and VT_RESIZEX from vt_compat_ioctl()
(git-fixes).
- serial: Fix potential null-ptr-deref in mlb_usio_probe()
(git-fixes).
- staging: iio: ad5933: Correct settling cycles encoding per
datasheet (git-fixes).
- iio: adc: ad7124: Fix 3dB filter frequency reading (git-fixes).
- iio: filter: admv8818: Support frequencies >= 2^32 (git-fixes).
- iio: filter: admv8818: fix range calculation (git-fixes).
- iio: filter: admv8818: fix integer overflow (git-fixes).
- iio: filter: admv8818: fix band 4, state 15 (git-fixes).
- VMCI: fix race between vmci_host_setup_notify and
vmci_ctx_unset_notify (git-fixes).
- iio: accel: fxls8962af: Fix temperature scan element sign
(git-fixes).
- iio: imu: inv_icm42600: Fix temperature calculation (git-fixes).
- iio: adc: ad7606_spi: fix reg write value mask (git-fixes).
- bus: mhi: host: Fix conflict between power_up and SYSERR
(git-fixes).
- drm/amd/display: Add null pointer check for
get_first_active_display() (git-fixes).
- drm/i915/gem: Allow EXEC_CAPTURE on recoverable contexts on DG1
(git-fixes).
- commit def2214
- s390/pci: Serialize device addition and removal (bsc#1244145).
- commit f1ae730
- s390/pci: Allow re-add of a reserved but not yet removed device
(bsc#1244145).
- commit a73fcdb
- s390/pci: Prevent self deletion in disable_slot() (bsc#1244145).
- commit 136fe4f
- s390/pci: Remove redundant bus removal and disable from
zpci_release_device() (bsc#1244145).
- commit 9bbc219
- s390/pci: Fix potential double remove of hotplug slot
(bsc#1244145).
- commit 9714d95
- s390/pci: remove hotplug slot when releasing the device
(bsc#1244145).
- commit 1415bb1
- s390/pci: Fix duplicate pci_dev_put() in disable_slot() when
PF has child VFs (git-fixes bsc#1244145).
- commit 3430d11
- s390/pci: introduce lock to synchronize state of zpci_dev's
(jsc#PED-10253 bsc#1244145).
- Refresh
patches.suse/s390-pci-Fix-leak-of-struct-zpci_dev-when-zpci_add_device-fails.patch.
- Refresh
patches.suse/s390-pci-Sort-PCI-functions-prior-to-creating-virtual-busses.patch.
- commit 2644b79
- s390/pci: rename lock member in struct zpci_dev (jsc#PED-10253
bsc#1244145).
- Refresh
patches.suse/s390-pci-Fix-leak-of-struct-zpci_dev-when-zpci_add_device-fails.patch.
- Refresh
patches.suse/s390-pci-Sort-PCI-functions-prior-to-creating-virtual-busses.patch.
- Refresh
patches.suse/s390-pci-Use-topology-ID-for-multi-function-devices.patch.
- commit 9223df0
- media: mediatek: vcodec: Only free buffer VA that is not NULL
(CVE-2023-52888 bsc#1228557).
- commit 0299171
- net: fix udp gso skb_segment after pull from frag_list
(git-fixes).
- commit 8353437
- page_pool: Fix use-after-free in page_pool_recycle_in_ring
(git-fixes).
- commit 69ccdcd
- net: Implement missing getsockopt(SO_TIMESTAMPING_NEW)
(git-fixes).
- commit d107edf
- net: sched: em_text: fix possible memory leak in
em_text_destroy() (git-fixes).
- commit 71395f7
- neighbour: Don't let neigh_forced_gc() disable preemption for
long (git-fixes).
- commit fea49bb
- net: sched: cls_u32: Fix allocation size in u32_init()
(git-fixes).
- commit eea3eab
- Move upstreamed patches into sorted section
- commit c9465fb
- Drop AMDGPU patch that may cause regressions (bsc#1243782)
Deleted:
patches.suse/drm-amd-display-more-liberal-vmin-vmax-update-for-fr.patch
- commit c23b99f
- wifi: ath12k: Avoid memory leak while enabling statistics
(CVE-2025-37743 bsc#1242163).
- commit f493528
- PM: sleep: Fix power.is_suspended cleanup for direct-complete
devices (git-fixes).
- net: wwan: t7xx: Fix napi rx poll issue (git-fixes).
- Bluetooth: L2CAP: Fix not responding with L2CAP_CR_LE_ENCRYPTION
(git-fixes).
- Bluetooth: hci_qca: move the SoC type check to the right place
(git-fixes).
- rtc: Fix offset calculation for .start_secs < 0 (git-fixes).
- rtc: stm32: drop unused module alias (git-fixes).
- rtc: s3c: drop unused module alias (git-fixes).
- rtc: pm8xxx: drop unused module alias (git-fixes).
- rtc: jz4740: drop unused module alias (git-fixes).
- rtc: da9063: drop unused module alias (git-fixes).
- rtc: cpcap: drop unused module alias (git-fixes).
- rtc: at91rm9200: drop unused module alias (git-fixes).
- rtc: sh: assign correct interrupts with DT (git-fixes).
- dmaengine: ti: Add NULL check in udma_probe() (git-fixes).
- phy: qcom-qmp-usb: Fix an NULL vs IS_ERR() bug (git-fixes).
- commit ec23ee6
- net: usb: aqc111: debug info before sanitation (git-fixes).
- commit fc18979
- openvswitch: Fix unsafe attribute parsing in output_userspace() (CVE-2025-37998 bsc#1243836)
- commit 51afd13
- octeon_ep: Fix host hang issue during device reboot (CVE-2025-37933 bsc#1243628)
- commit 44230dd
- kABI: ipv6: save dontfrag in cork (git-fixes).
Patch-up the kABI change with an #ifdef __GENKSYMS__. This change is
safe (as detailed in the patch commit message) due to the struct
having a 6-byte hole at the end we can use.
- commit cbc81e2
- ipv6: save dontfrag in cork (git-fixes).
- commit d3fe600
- tcp: bring back NUMA dispersion in inet_ehash_locks_alloc()
(git-fixes).
- commit 756fa72
- netpoll: hold rcu read lock in __netpoll_send_skb() (git-fixes).
- commit e02eac4
- ipvs: Always clear ipvs_property flag in skb_scrub_packet()
(git-fixes).
- commit d943643
- tcp/dccp: allow a connection when sk_max_ack_backlog is zero
(git-fixes).
- commit 09561a1
- xsk: always clear DMA mapping information when unmapping the
pool (git-fixes).
- commit 9908bc6
- net: sched: fix erspan_opt settings in cls_flower (git-fixes).
- commit fc52734
- spi: spi-imx: Add check for spi_imx_setupxfer() (CVE-2025-37801 bsc#1242850)
- commit f3955e7
- ipmr: fix tables suspicious RCU usage (git-fixes).
- commit d029f0f
- ip6mr: fix tables suspicious RCU usage (git-fixes).
- commit 79bb134
- netpoll: Use rcu_access_pointer() in __netpoll_setup
(git-fixes).
- commit f180c62
- netdev-genl: Hold rcu_read_lock in napi_get (git-fixes).
- commit 895e121
- net/neighbor: clear error in case strict check is not set
(git-fixes).
- commit 9eb711a
- ipv4: Convert ip_route_input() to dscp_t (git-fixes).
- commit 401defe
- net: sched: consistently use rcu_replace_pointer() in
taprio_change() (git-fixes).
- commit a6910eb
- udp: fix receiving fraglist GSO packets (git-fixes).
- commit 5b87500
- net: linkwatch: use system_unbound_wq (git-fixes).
- commit 34d590e
- net: page_pool: fix warning code (git-fixes).
- commit 0d77245
- net: give more chances to rcu in netdev_wait_allrefs_any()
(git-fixes).
- commit a1b1859
- tcp/dccp: complete lockless accesses to sk->sk_max_ack_backlog
(git-fixes).
- commit b96b4a8
- tcp/dccp: bypass empty buckets in inet_twsk_purge() (git-fixes).
- commit afdb9bb
- udp: preserve the connected status if only UDP cmsg (git-fixes).
- commit 8714e3a
- udp: fix incorrect parameter validation in the
udp_lib_getsockopt() function (git-fixes).
- commit 34a2994
- ipmr: fix incorrect parameter validation in the
ip_mroute_getsockopt() function (git-fixes).
- commit f23f4c9
- ip_tunnel: annotate data-races around t->parms.link (git-fixes).
- commit 765e083
- net: add rcu safety to rtnl_prop_list_size() (git-fixes).
- commit 1e0fceb
- net: ipv4: fix a memleak in ip_setup_cork (git-fixes).
- commit 935ac41
- udp: annotate data-races around up->pending (git-fixes).
- commit 72fda93
- ipv4: Correct/silence an endian warning in __ip_do_redirect
(git-fixes).
- commit 011b9c9
- driver core: fix potential NULL pointer dereference in
dev_uevent() (CVE-2025-37800 bsc#1242849).
- driver core: introduce device_set_driver() helper
(CVE-2025-37800 bsc#1242849).
- commit 3aecdc2
- soc: qcom: smp2p: Fix fallback to qcom,ipc parse (git-fixes).
- commit a145886
- wifi: mt76: mt7996: fix RX buffer size of MCU event (git-fixes).
- wifi: mt76: mt7996: set EHT max ampdu length capability
(git-fixes).
- wifi: mt76: mt7925: ensure all MCU commands wait for response
(git-fixes).
- wifi: mt76: mt7925: refine the sniffer commnad (git-fixes).
- wifi: mt76: mt7925: prevent multiple scan commands (git-fixes).
- wifi: mt76: mt7915: Fix null-ptr-deref in mt7915_mmio_wed_init()
(git-fixes).
- wifi: mt76: mt7925: fix host interrupt register initialization
(git-fixes).
- Revert "wifi: mt76: mt7996: fill txd by host driver"
(stable-fixes).
- wifi: ath9k_htc: Abort software beacon handling if disabled
(git-fixes).
- wifi: ath12k: fix ring-buffer corruption (git-fixes).
- wifi: ath11k: fix rx completion meta data corruption
(git-fixes).
- wifi: ath11k: fix ring-buffer corruption (git-fixes).
- wifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback()
(git-fixes).
- wifi: rtw88: fix the 'para' buffer size to avoid reading out
of bounds (git-fixes).
- wifi: rtw88: usb: Reduce control message timeout to 500 ms
(git-fixes).
- wifi: rtw89: pci: enlarge retry times of RX tag to 1000
(git-fixes).
- wifi: rtlwifi: disable ASPM for RTL8723BE with subsystem ID
11ad:1723 (git-fixes).
- wifi: rtw88: do not ignore hardware read error during DPK
(git-fixes).
- wifi: rtw88: sdio: call rtw_sdio_indicate_tx_status
unconditionally (git-fixes).
- wifi: rtw88: sdio: map mgmt frames to queue TX_DESC_QSEL_MGMT
(git-fixes).
- wifi: iwlfiwi: mvm: Fix the rate reporting (git-fixes).
- wifi: ath12k: fix node corruption in ar->arvifs list
(git-fixes).
- wifi: ath12k: Fix the QoS control field offset to build QoS
header (git-fixes).
- commit 3f5d0e4
- wifi: mt76: only mark tx-status-failed frames as ACKed on
mt76x0/2 (stable-fixes).
- commit 0de0b80
- wifi: ath12k: Add MSDU length validation for TKIP MIC error
(git-fixes).
- wifi: ath12k: fix invalid access to memory (git-fixes).
- wifi: ath12k: Fix WMI tag for EHT rate in peer assoc
(git-fixes).
- wifi: ath12k: fix cleanup path after mhi init (git-fixes).
- wifi: ath12k: Fix invalid memory access while forming 802.11
header (git-fixes).
- wifi: ath12k: Fix memory leak during vdev_id mismatch
(git-fixes).
- wifi: ath11k: fix node corruption in ar->arvifs list
(git-fixes).
- watchdog: exar: Shorten identity name to fit correctly
(git-fixes).
- wifi: iwlwifi: add support for Killer on MTL (stable-fixes).
- wifi: mt76: mt7996: revise TXS size (stable-fixes).
- wifi: rtw88: Fix rtw_init_vht_cap() for RTL8814AU
(stable-fixes).
- wifi: rtw88: Fix rtw_init_ht_cap() for RTL8814AU (stable-fixes).
- wifi: rtw88: Fix rtw_desc_to_mcsrate() to handle MCS16-31
(stable-fixes).
- wifi: rtw89: fw: propagate error code from rtw89_h2c_tx()
(stable-fixes).
- wifi: iwlwifi: fix debug actions order (stable-fixes).
- wifi: ath12k: Report proper tx completion status to mac80211
(stable-fixes).
- wifi: ath12k: Improve BSS discovery with hidden SSID in 6 GHz
band (stable-fixes).
- wifi: ath12k: Avoid napi_sync() before napi_enable()
(stable-fixes).
- wifi: ath12k: fix ath12k_hal_tx_cmd_ext_desc_setup() info1
override (stable-fixes).
- wifi: ath9k: return by of_get_mac_address (stable-fixes).
- wifi: ath12k: Fix end offset bit definition in monitor ring
descriptor (stable-fixes).
- wifi: rtw88: Fix download_firmware_validate() for RTL8814AU
(stable-fixes).
- wifi: rtw88: Fix __rtw_download_firmware() for RTL8814AU
(stable-fixes).
- wifi: rtw88: Don't use static local variable in
rtw8822b_set_tx_power_index_by_rate (stable-fixes).
- wifi: rtw89: add wiphy_lock() to work that isn't held
wiphy_lock() yet (stable-fixes).
- wifi: mac80211: don't unconditionally call drv_mgd_complete_tx()
(stable-fixes).
- wifi: mac80211: remove misplaced drv_mgd_complete_tx() call
(stable-fixes).
- commit 9963350
- vgacon: Add check for vc_origin address range in vgacon_scroll()
(git-fixes).
- soc: aspeed: Add NULL check in aspeed_lpc_enable_snoop()
(git-fixes).
- soc: aspeed: lpc: Fix impossible judgment condition (git-fixes).
- spi: sh-msiof: Fix maximum DMA transfer size (git-fixes).
- spi: tegra210-quad: modify chip select (CS) deactivation
(git-fixes).
- spi: tegra210-quad: remove redundant error handling code
(git-fixes).
- spi: tegra210-quad: Fix X1_X2_X4 encoding and support x4
transfers (git-fixes).
- spi: spi-sun4i: fix early activation (stable-fixes).
- spi-rockchip: Fix register out of bounds access (stable-fixes).
- thunderbolt: Do not add non-active NVM if NVM upgrade is
disabled for retimer (stable-fixes).
- usb: xhci: Don't change the status of stalled TDs on failed
Stop EP (stable-fixes).
- serial: sh-sci: Save and restore more registers (git-fixes).
- serial: sh-sci: Update the suspend/resume support
(stable-fixes).
- thermal/drivers/qoriq: Power down TMU on system suspend
(stable-fixes).
- soundwire: amd: change the soundwire wake enable/disable
sequence (stable-fixes).
- soc: ti: k3-socinfo: Do not use syscon helper to build regmap
(stable-fixes).
- spi: zynqmp-gqspi: Always acknowledge interrupts (stable-fixes).
- commit 38d0a8f
- PM: sleep: Print PM debug messages during hibernation
(git-fixes).
- commit 96179c7
- PCI: dw-rockchip: Fix PHY function call sequence in
rockchip_pcie_phy_deinit() (git-fixes).
- PCI: cadence: Fix runtime atomic count underflow (git-fixes).
- PCI: apple: Use gpiod_set_value_cansleep in probe flow
(git-fixes).
- PCI: cadence-ep: Correct PBA offset in .set_msix() callback
(git-fixes).
- PCI: Fix lock symmetry in pci_slot_unlock() (git-fixes).
- PCI: Explicitly put devices into D0 when initializing
(git-fixes).
- PCI/DPC: Initialize aer_err_info before using it (git-fixes).
- selftests/mm: restore default nr_hugepages value during cleanup
in hugetlb_reparenting_test.sh (git-fixes).
- pinctrl: armada-37xx: set GPIO output value before setting
direction (git-fixes).
- pinctrl: armada-37xx: use correct OUTPUT_VAL register for
GPIOs > 31 (git-fixes).
- pinctrl: at91: Fix possible out-of-boundary access (git-fixes).
- selftests/bpf: Fix bpf_nf selftest failure (git-fixes).
- selftests/seccomp: fix syscall_restart test for arm compat
(git-fixes).
- PM: wakeup: Delete space in the end of string shown by
pm_show_wakelocks() (git-fixes).
- power: reset: at91-reset: Optimize at91_reset() (git-fixes).
- regulator: max20086: Change enable gpio to optional (git-fixes).
- regulator: max20086: Fix MAX200086 chip id (git-fixes).
- platform/x86: thinkpad_acpi: Ignore battery threshold change
event notification (stable-fixes).
- platform/x86: fujitsu-laptop: Support Lifebook S2110 hotkeys
(stable-fixes).
- phy: renesas: rcar-gen3-usb2: Assert PLL reset on PHY power off
(git-fixes).
- phy: renesas: rcar-gen3-usb2: Lock around hardware registers
and driver data (git-fixes).
- phy: renesas: rcar-gen3-usb2: Move IRQ request in probe
(stable-fixes).
- platform/x86: thinkpad_acpi: Support also NEC Lavie X1475JAS
(stable-fixes).
- pinctrl: meson: define the pull up/down resistor value as 60
kOhm (stable-fixes).
- rtc: rv3032: fix EERD location (stable-fixes).
- rtc: ds1307: stop disabling alarms on probe (stable-fixes).
- phy: core: don't require set_mode() callback for phy_get_mode()
to work (stable-fixes).
- pinctrl: tegra: Fix off by one in tegra_pinctrl_get_group()
(git-fixes).
- pinctrl-tegra: Restore SFSEL bit when freeing pins
(stable-fixes).
- pinctrl: bcm281xx: Use "unsigned int" instead of bare "unsigned"
(stable-fixes).
- pinctrl: devicetree: do not goto err when probing hogs in
pinctrl_dt_to_map (stable-fixes).
- PCI: dwc: ep: Ensure proper iteration over outbound map windows
(stable-fixes).
- PCI: brcmstb: Expand inbound window size up to 64GB
(stable-fixes).
- PCI: brcmstb: Add a softdep to MIP MSI-X driver (stable-fixes).
- PCI: Fix old_size lower bound in calculate_iosize() too
(stable-fixes).
- selftests/net: have `gro.sh -t` return a correct exit code
(stable-fixes).
- regulator: ad5398: Add device tree support (stable-fixes).
- PCI: vmd: Disable MSI remapping bypass under Xen (stable-fixes).
- phy: renesas: rcar-gen3-usb2: Add support to initialize the bus
(stable-fixes).
- commit 32a9142
- tcp_metrics: optimize tcp_metrics_flush_all() (git-fixes).
- commit 2a9c7bb
- mtd: rawnand: sunxi: Add randomizer configuration in
sunxi_nfc_hw_ecc_write_chunk (git-fixes).
- mtd: nand: sunxi: Add randomizer configuration before randomizer
enable (git-fixes).
- mtd: nand: ecc-mxic: Fix use of uninitialized variable ret
(git-fixes).
- net: phy: mscc: Stop clearing the the UDPv4 checksum for L2
frames (git-fixes).
- net: phy: mscc: Fix memory leak when using one step timestamping
(git-fixes).
- net: phy: clear phydev->devlink when the link is deleted
(git-fixes).
- net: phy: fix up const issues in to_mdio_device() and
to_phy_device() (git-fixes).
- net: usb: aqc111: fix error handling of usbnet read calls
(git-fixes).
- mmc: host: Wait for Vdd to settle on card power off
(stable-fixes).
- mmc: dw_mmc: add exynos7870 DW MMC support (stable-fixes).
- commit eedda90
- mfd: stmpe-spi: Correct the name used in MODULE_DEVICE_TABLE
(git-fixes).
- mfd: exynos-lpass: Avoid calling exynos_lpass_disable() twice
in exynos_lpass_remove() (git-fixes).
- media: uvcvideo: Fix deferred probing error (git-fixes).
- media: uvcvideo: Return the number of processed controls
(git-fixes).
- media: omap3isp: use sgtable-based scatterlist wrappers
(git-fixes).
- media: videobuf2: use sgtable-based scatterlist wrappers
(git-fixes).
- media: v4l2-dev: fix error handling in __video_register_device()
(git-fixes).
- media: ov8856: suppress probe deferral errors (git-fixes).
- media: ov5675: suppress probe deferral errors (git-fixes).
- media: nxp: imx8-isi: better handle the m2m usage_count
(git-fixes).
- media: gspca: Add error handling for stv06xx_read_sensor()
(git-fixes).
- media: davinci: vpif: Fix memory leak in probe error path
(git-fixes).
- media: vivid: Change the siize of the composing (git-fixes).
- media: cxusb: no longer judge rbuf when the write fails
(git-fixes).
- media: vidtv: Terminating the subsequent process of
initialization failure (git-fixes).
- media: ccs-pll: Correct the upper limit of maximum
op_pre_pll_clk_div (git-fixes).
- media: ccs-pll: Check for too high VT PLL multiplier in dual
PLL case (git-fixes).
- media: ccs-pll: Start VT pre-PLL multiplier search from correct
value (git-fixes).
- media: ccs-pll: Start OP pre-PLL multiplier search from correct
value (git-fixes).
- media: imx-jpeg: Cleanup after an allocation error (git-fixes).
- media: imx-jpeg: Reset slot data pointers when freed
(git-fixes).
- media: imx-jpeg: Move mxc_jpeg_free_slot_data() ahead
(git-fixes).
- media: imx-jpeg: Drop the first error frames (git-fixes).
- media: venus: Fix probe error handling (git-fixes).
- media: rkvdec: Fix frame size enumeration (git-fixes).
- mfd: tps65219: Remove TPS65219_REG_TI_DEV_ID check
(stable-fixes).
- media: c8sectpfe: Call of_node_put(i2c_bus) only once in
c8sectpfe_probe() (stable-fixes).
- media: cx231xx: set device_caps for 417 (stable-fixes).
- media: uvcvideo: Add sanity check to uvc_ioctl_xu_ctrl_map
(stable-fixes).
- media: uvcvideo: Handle uvc menu translation inside
uvc_get_le_value (stable-fixes).
- media: adv7180: Disable test-pattern control on adv7180
(stable-fixes).
- media: tc358746: improve calculation of the D-PHY timing
registers (stable-fixes).
- media: test-drivers: vivid: don't call schedule in loop
(stable-fixes).
- media: i2c: imx219: Correct the minimum vblanking value
(stable-fixes).
- media: v4l: Memset argument to 0 before calling get_mbus_config
pad op (stable-fixes).
- media: qcom: camss: csid: Only add TPG v4l2 ctrl if TPG hardware
is available (stable-fixes).
- mmc: sdhci: Disable SD card clock before changing parameters
(stable-fixes).
- commit de6c9a2
- Input: gpio-keys - fix possible concurrent access in
gpio_keys_irq_timer() (git-fixes).
- commit e29f865
- hwmon: (asus-ec-sensors) check sensor index in read_string()
(git-fixes).
- Input: ims-pcu - check record size in ims_pcu_flash_firmware()
(git-fixes).
- firmware: psci: Fix refcount leak in psci_dt_init (git-fixes).
- gpiolib: Revert "Don't WARN on gpiod_put() for optional GPIO"
(stable-fixes).
- Input: xpad - add more controllers (stable-fixes).
- gpio: pca953x: fix IRQ storm on system wake up (git-fixes).
- HID: quirks: Add ADATA XPG alpha wireless mouse support
(stable-fixes).
- intel_th: avoid using deprecated page->mapping, index fields
(stable-fixes).
- ima: process_measurement() needlessly takes inode_lock()
on MAY_READ (stable-fixes).
- i3c: master: svc: Fix implicit fallthrough in
svc_i3c_master_ibi_work() (git-fixes).
- i3c: master: svc: Fix missing STOP for master request
(stable-fixes).
- i3c: master: svc: Flush FIFO before sending Dynamic Address
Assignment(DAA) (stable-fixes).
- i2c: qup: Vote for interconnect bandwidth to DRAM
(stable-fixes).
- i2c: pxa: fix call balance of i2c->clk handling routines
(stable-fixes).
- fpga: altera-cvp: Increase credit timeout (stable-fixes).
- mailbox: use error ret code of of_parse_phandle_with_args()
(stable-fixes).
- leds: pwm-multicolor: Add check for fwnode_property_read_u32
(stable-fixes).
- firmware: arm_ffa: Set dma_mask for ffa devices (stable-fixes).
- firmware: arm_ffa: Reject higher major version as incompatible
(stable-fixes).
- ieee802154: ca8210: Use proper setters and getters for bitwise
types (stable-fixes).
- HID: usbkbd: Fix the bit shift number for LED_KANA
(stable-fixes).
- hwmon: (dell-smm) Increment the number of fans (stable-fixes).
- hwmon: (gpio-fan) Add missing mutex locks (stable-fixes).
- hwmon: (xgene-hwmon) use appropriate type for the latency value
(stable-fixes).
- gpio: pca953x: Simplify code with cleanup helpers
(stable-fixes).
- gpio: pca953x: Split pca953x_restore_context() and
pca953x_save_context() (stable-fixes).
- commit 50f84af
- fbdev: Fix fb_set_var to prevent null-ptr-deref in
fb_videomode_to_var (git-fixes).
- fbdev: Fix do_register_framebuffer to prevent null-ptr-deref
in fb_videomode_to_var (git-fixes).
- fbdev: core: fbcvt: avoid division by 0 in fb_cvt_hperiod()
(git-fixes).
- drm/msm/gpu: Fix crash when throttling GPU immediately during
boot (git-fixes).
- drm/mediatek: mtk_drm_drv: Unbind secondary mmsys components
on err (git-fixes).
- drm/mediatek: Fix kobject put for component sub-drivers
(git-fixes).
- drm/mediatek: mtk_drm_drv: Fix kobject put for mtk_mutex device
ptr (git-fixes).
- Revert "drm/amdgpu: don't allow userspace to create a doorbell
BO" (stable-fixes).
- drm/amd/pp: Fix potential NULL pointer dereference in
atomctrl_initialize_mc_reg_table (git-fixes).
- drm/tegra: Fix a possible null pointer dereference (git-fixes).
- drm/tegra: rgb: Fix the unbound reference count (git-fixes).
- drm/tegra: Assign plane type before registration (git-fixes).
- drm/vkms: Adjust vkms_state->active_planes allocation type
(git-fixes).
- drm: rcar-du: Fix memory leak in rcar_du_vsps_init()
(git-fixes).
- drm/bridge: lt9611uxc: Fix an error handling path in
lt9611uxc_probe() (git-fixes).
- drm/panel: samsung-sofef00: Drop s6e3fc2x01 support (git-fixes).
- drm/ast: Fix comment on modeset lock (git-fixes).
- drm/vc4: tests: Use return instead of assert (git-fixes).
- drm/bridge: cdns-dsi: Wait for Clk and Data Lanes to be ready
(git-fixes).
- drm/bridge: cdns-dsi: Check return value when getting default
PHY config (git-fixes).
- drm/bridge: cdns-dsi: Fix the clock variable for mode_valid()
(git-fixes).
- drm/bridge: cdns-dsi: Fix phy de-init and flag it so
(git-fixes).
- drm/bridge: cdns-dsi: Fix connecting to next bridge (git-fixes).
- drm/udl: Unregister device before cleaning up on disconnect
(git-fixes).
- drm/vmwgfx: Add seqno waiter for sync_files (git-fixes).
- Documentation/rtla: Fix typo in common_timerlat_description.rst
(git-fixes).
- Documentation/rtla: Fix typo in rtla-timerlat.rst (git-fixes).
- drm/amd/display: fix link_set_dpms_off multi-display MST corner
case (stable-fixes).
- drm/amd/display: Guard against setting dispclk low for dcn31x
(stable-fixes).
- drm/amdgpu: Update SRIOV video codec caps (stable-fixes).
- drm/amd/display: remove minimum Dispclk and apply oem panel
timing (stable-fixes).
- drm/amd/display: Fix incorrect DPCD configs while Replay/PSR
switch (stable-fixes).
- drm/mediatek: mtk_dpi: Add checks for reg_h_fre_con existence
(stable-fixes).
- drm/amdkfd: Set per-process flags only once cik/vi
(stable-fixes).
- drm/amdgpu: Do not program AGP BAR regs under SRIOV in
gfxhub_v1_0.c (stable-fixes).
- drm/amd/display: Skip checking FRL_MODE bit for PCON BW
determination (stable-fixes).
- drm/amdkfd: KFD release_work possible circular locking
(stable-fixes).
- drm/rockchip: vop2: Add uv swap for cluster window
(stable-fixes).
- drm/amdgpu: Set snoop bit for SDMA for MI series (stable-fixes).
- drm/amd/display: Don't try AUX transactions on disconnected link
(stable-fixes).
- drm/amdgpu: reset psp->cmd to NULL after releasing the buffer
(stable-fixes).
- drm/amd/display: Update CR AUX RD interval interpretation
(stable-fixes).
- drm/amd/display: Initial psr_version with correct setting
(stable-fixes).
- drm/amd/display: Increase block_sequence array size
(stable-fixes).
- drm/amdgpu: enlarge the VBIOS binary size limit (stable-fixes).
- drm/amd/display/dm: drop hw_support check in
amdgpu_dm_i2c_xfer() (stable-fixes).
- drm/v3d: Add clock handling (stable-fixes).
- drm/ast: Find VBIOS mode from regular display size
(stable-fixes).
- drm: bridge: adv7511: fill stream capabilities (stable-fixes).
- drm/atomic: clarify the rules around
drm_atomic_state->allow_modeset (stable-fixes).
- drm/panel-edp: Add Starry 116KHD024006 (stable-fixes).
- drm: Add valid clones check (stable-fixes).
- fbdev: fsl-diu-fb: add missing device_remove_file()
(stable-fixes).
- fbcon: Use correct erase colour for clearing in fbcon
(stable-fixes).
- fbdev: core: tileblit: Implement missing margin clearing for
tileblit (stable-fixes).
- firmware: arm_scmi: Relax duplicate name constraint across
protocol ids (stable-fixes).
- commit 0574d41
- Documentation/rtla: Fix duplicate text about timerlat tracer
(git-fixes).
- crypto: marvell/cesa - Do not chain submitted requests
(git-fixes).
- crypto: sun8i-ce - move fallback ahash_request to the end of
the struct (git-fixes).
- crypto: xts - Only add ecb if it is not already there
(git-fixes).
- crypto: lrw - Only add ecb if it is not already there
(git-fixes).
- crypto: marvell/cesa - Avoid empty transfer descriptor
(git-fixes).
- crypto: marvell/cesa - Handle zero-length skcipher requests
(git-fixes).
- crypto: sun8i-ss - do not use sg_dma_len before calling DMA
functions (git-fixes).
- Documentation: fix typo in root= kernel parameter description
(git-fixes).
- dmaengine: idxd: cdev: Fix uninitialized use of sva in
idxd_cdev_open (stable-fixes).
- commit 8e41cce
- backlight: pm8941: Add NULL check in wled_configure()
(git-fixes).
- bus: fsl-mc: fix GET/SET_TAILDROP command ids (git-fixes).
- bus: fsl-mc: do not add a device-link for the UAPI used DPMCP
device (git-fixes).
- bus: fsl-mc: fix double-free on mc_dev (git-fixes).
- Revert "bus: ti-sysc: Probe for l4_wkup and l4_cfg interconnect
devices first" (stable-fixes).
- Bluetooth: MGMT: iterate over mesh commands in
mgmt_mesh_foreach() (git-fixes).
- ASoC: qcom: sdm845: Add error handling in
sdm845_slim_snd_hw_params() (git-fixes).
- ASoC: apple: mca: Constrain channels according to TDM mask
(git-fixes).
- ASoC: SOF: ipc4-pcm: Adjust pipeline_list->pipelines allocation
type (git-fixes).
- crypto: sun8i-ce-cipher - fix error handling in
sun8i_ce_cipher_prepare() (git-fixes).
- crypto: qat - add shutdown handler to qat_420xx (git-fixes).
- crypto: qat - add shutdown handler to qat_4xxx (git-fixes).
- crypto: octeontx2 - suppress auth failure screaming due to
negative tests (stable-fixes).
- crypto: lzo - Fix compression buffer overrun (stable-fixes).
- crypto: skcipher - Zap type in crypto_alloc_sync_skcipher
(stable-fixes).
- can: c_can: Use of_property_present() to test existence of DT
property (stable-fixes).
- commit 595e083
- ASoC: meson: meson-card-utils: use of_property_present()
for DT parsing (git-fixes).
- ASoC: tas2764: Enable main IRQs (git-fixes).
- ASoC: tas2764: Reinit cache on part reset (git-fixes).
- ASoC: Intel: bytcr_rt5640: Add DMI quirk for Acer Aspire SW3-013
(stable-fixes).
- ASoC: imx-card: Adjust over allocation of memory in
imx_card_parse_of() (stable-fixes).
- ASoC: mediatek: mt6359: Add stub for
mt6359_accdet_enable_jack_detect (stable-fixes).
- ASoC: sun4i-codec: support hp-det-gpios property (stable-fixes).
- ASoC: qcom: sm8250: explicitly set format in
sm8250_be_hw_params_fixup() (stable-fixes).
- ASoC: mediatek: mt8188: Treat DMIC_GAINx_CUR as non-volatile
(stable-fixes).
- ASoC: mediatek: mt8188: Add reference for dmic clocks
(stable-fixes).
- commit 255f2cb
- ALSA: hda/realtek: Add quirk for Lenovo Yoga Pro 7 14ASP10
(stable-fixes).
- ALSA: pcm: Fix race of buffer access at PCM OSS layer
(stable-fixes).
- ALSA: hda/realtek: Add quirk for HP Spectre x360 15-df1xxx
(stable-fixes).
- ASoC: soc-dai: check return value at snd_soc_dai_set_tdm_slot()
(stable-fixes).
- ASoC: tas2764: Add reg defaults for TAS2764_INT_CLK_CFG
(stable-fixes).
- ASoC: tas2764: Mark SW_RESET as volatile (stable-fixes).
- ASoC: tas2764: Power up/down amp on mute ops (stable-fixes).
- ASoC: ops: Enforce platform maximum on initial value
(stable-fixes).
- ASoC: codecs: pcm3168a: Allow for 24-bit in provider mode
(stable-fixes).
- ASoC: rt722-sdca: Add some missing readable registers
(stable-fixes).
- commit ab5fcf6
- kABI workaround for hda_codec.beep_just_power_on flag
(git-fixes).
- commit 11aaa35
- acpi-cpufreq: Fix nominal_freq units to KHz in
get_max_boost_ratio() (git-fixes).
- ACPICA: Utilities: Fix spelling mistake "Incremement" ->
"Increment" (git-fixes).
- ACPICA: exserial: don't forget to handle FFixedHW opregions
for reading (git-fixes).
- ACPI: OSI: Stop advertising support for "3.0 _SCP Extensions"
(git-fixes).
- ACPI: PNP: Add Intel OC Watchdog IDs to non-PNP device list
(stable-fixes).
- accel/qaic: Mask out SR-IOV PCI resources (stable-fixes).
- ALSA: seq: Improve data consistency at polling (stable-fixes).
- ALSA: hda/realtek: Enable PC beep passthrough for HP EliteBook
855 G7 (stable-fixes).
- ACPI: HED: Always initialize before evged (stable-fixes).
- commit 6ebe577
- net: ethernet: mtk-star-emac: fix spinlock recursion issues
on rx/tx poll (CVE-2025-37917 bsc#1243475).
- commit 0f659f2
- platform/x86: fujitsu-laptop: Support Lifebook S2110 hotkeys
(git-fixes).
- commit 1564858
- platform/x86: thinkpad_acpi: Support also NEC Lavie X1475JAS
(git-fixes).
- commit 2bfd2a7
- pstore: Change kmsg_bytes storage size to u32 (git-fixes).
- commit c964f36
- orangefs: Do not truncate file size (git-fixes).
- commit 9fbe3ae
- NFSv4: Check for delegation validity in
nfs_start_delegation_return_locked() (git-fixes).
- commit a689f10
- NFS: Don't allow waiting for exiting tasks (git-fixes).
- Refresh
patches.suse/nfs-add-missing-selections-of-CONFIG_CRC32.patch.
- commit 899f47c
- SUNRPC: Don't allow waiting for exiting tasks (git-fixes).
- commit 8b942ca
- NFSv4: Treat ENETUNREACH errors as fatal for state recovery
(git-fixes).
- commit 9139fd5
- SUNRPC: rpc_clnt_set_transport() must not change the autobind
setting (git-fixes).
- commit e2112a4
- SUNRPC: rpcbind should never reset the port to the value '0'
(git-fixes).
- commit f49c9db
- pNFS/flexfiles: Report ENETDOWN as a connection error
(git-fixes).
- commit 39e7a29
- iommu: Protect against overflow in iommu_pgsize() (git-fixes).
- commit 6adbec5
- ext4: define ext4_journal_destroy wrapper (CVE-2025-22113
bsc#1241617).
- commit 8dddf47
- ext4: ignore xattrs past end (bsc#1242846 CVE-2025-37738).
- commit 2a74454
- ext4: avoid journaling sb update on error if journal is
destroying (bsc#1241617 CVE-2025-22113).
- commit 0445179
- net/smc: check v2_ext_offset/eid_cnt/ism_gid_cnt when receiving
proposal msg (CVE-2024-49568 bsc#1235728).
- commit a7c2f15
- i2c: tegra: check msg length in SMBUS block read (bsc#1242086)
- commit 625407a
- iio: light: opt3001: fix deadlock due to concurrent flag access (CVE-2025-37968 bsc#1243571)
- commit 0e5e655
- perf/x86/intel: KVM: Mask PEBS_ENABLE loaded for guest with vCPU's value (CVE-2025-37936 bsc#1243537)
- commit 2e13950
- pds_core: Prevent possible adminq overflow/stuck condition (CVE-2025-37987 bsc#1243542)
- commit ba1ea39
- SUNRPC: Prevent hang on NFS mount with xprtsec=[m]tls
(git-fixes).
- commit dc6e86f
- Refresh
patches.suse/nfs-ignore-SB_RDONLY-when-remounting-nfs.patch.
- commit 359f356
- Refresh
patches.suse/nfs-clear-SB_RDONLY-before-getting-superblock.patch.
- commit 2697e51
- fs/nfs/read: fix double-unlock bug in nfs_return_empty_folio()
(git-fixes).
- commit fcf1703
- powerpc/pseries/msi: Avoid reading PCI device registers in
reduced power states (bsc#1215199).
- KVM: powerpc: Enable commented out BUILD_BUG_ON() assertion
(bsc#1215199).
- commit 2d2709b
- Update patches.suse/nfsd-Fix-race-to-FREE_STATEID-and-cl_revoked.patch
(bsc#1012628 CVE-2024-50106 bsc#1232882).
- commit a87a308
- net: ngbe: fix memory leak in ngbe_probe() error path (CVE-2025-37874 bsc#1242940)
- commit bc2e64d
- smb: client: fix hang in wait_for_response() for negproto
(bsc#1242709).
- commit 709cb2e
- net: dsa: mv88e6xxx: fix -ENOENT when deleting VLANs and MST is unsupported (CVE-2025-37865 bsc#1242954)
- commit 885d04c
- HID: pidff: Fix null pointer dereference in pidff_find_fields (CVE-2025-37862 bsc#1242982)
- commit f9d615e
- mptcp: fix 'scheduling while atomic' in
mptcp_pm_nl_append_new_local_addr (git-fixes CVE-2025-21938
bsc#1240723).
- commit 02ff1ac
- usb: typec: ucsi: displayport: Fix deadlock (bsc#1243572
CVE-2025-37967).
- commit 59ea04d
- kABI workaround for adding an header (CVE-2025-21868
bsc#1240180).
- commit 8687a45
- cifs: avoid NULL pointer dereference in dbg call (CVE-2025-37844 bsc#1242946)
- commit 031bdce
- Update
patches.suse/ALSA-ump-Fix-buffer-overflow-at-UMP-SysEx-message-co.patch
(bsc#1242044 CVE-2025-37891 bsc#1243589).
- Update
patches.suse/ASoC-Intel-avs-Fix-null-ptr-deref-in-avs_component_p.patch
(git-fixes CVE-2025-37793 bsc#1242584).
- Update
patches.suse/ASoC-imx-card-Add-NULL-check-in-imx_card_probe.patch
(git-fixes CVE-2025-22066 bsc#1241340).
- Update
patches.suse/ASoC-ops-Consistently-treat-platform_max-as-control-.patch
(git-fixes CVE-2025-37889 bsc#1242945).
- Update
patches.suse/ASoC-qcom-Fix-sc7280-lpass-potential-buffer-overflow.patch
(git-fixes CVE-2025-37979 bsc#1243545).
- Update
patches.suse/Bluetooth-btrtl-Prevent-potential-NULL-dereference.patch
(git-fixes CVE-2025-37792 bsc#1242591).
- Update
patches.suse/Bluetooth-btusb-avoid-NULL-pointer-dereference-in-sk.patch
(git-fixes CVE-2025-37918 bsc#1243476).
- Update
patches.suse/Input-mtk-pmic-keys-fix-possible-null-pointer-derefe.patch
(git-fixes CVE-2025-37972 bsc#1243573).
- Update
patches.suse/KVM-arm64-Tear-down-vGIC-on-failed-vCPU-creation.patch
(git-fixes CVE-2025-37849 bsc#1243000).
- Update
patches.suse/KVM-x86-Acquire-SRCU-in-KVM_GET_MP_STATE-to-protect-.patch
(git-fixes CVE-2025-23141 bsc#1242782).
- Update
patches.suse/PCI-Fix-reference-leak-in-pci_register_host_bridge.patch
(git-fixes CVE-2025-37836 bsc#1242957).
- Update
patches.suse/PCI-brcmstb-Fix-error-path-after-a-call-to-regulator.patch
(git-fixes CVE-2025-22095 bsc#1241519).
- Update
patches.suse/PCI-vmd-Make-vmd_dev-cfg_lock-a-raw_spinlock_t-type.patch
(stable-fixes CVE-2025-23161 bsc#1242792).
- Update
patches.suse/RDMA-cma-Fix-workqueue-crash-in-cma_netevent_work_ha.patch
(git-fixes CVE-2025-37772 bsc#1242563).
- Update
patches.suse/RDMA-core-Don-t-expose-hw_counters-outside-of-init-n.patch
(git-fixes bsc#1239925 CVE-2025-22089 bsc#1241538).
- Update
patches.suse/RDMA-core-Silence-oversized-kvmalloc-warning.patch
(git-fixes CVE-2025-37867 bsc#1242948).
- Update
patches.suse/USB-wdm-close-race-between-wdm_open-and-wdm_wwan_por.patch
(git-fixes CVE-2025-37985 bsc#1243529).
- Update
patches.suse/arm64-bpf-Add-BHB-mitigation-to-the-epilogue-for-cBPF-prog.patch
(git-fixes CVE-2025-37948 bsc#1243649).
- Update
patches.suse/arm64-bpf-Only-mitigate-cBPF-programs-loaded-by-unprivileg.patch
(git-fixes CVE-2025-37963 bsc#1243660).
- Update
patches.suse/arm64-errata-Add-missing-sentinels-to-Spectre-BHB-MIDR-arr.patch
(git-fixes CVE-2025-37929 bsc#1243624).
- Update
patches.suse/ata-pata_pxa-Fix-potential-NULL-pointer-dereference-.patch
(git-fixes CVE-2025-37758 bsc#1242514).
- Update
patches.suse/backlight-led_bl-Hold-led_access-lock-when-calling-l.patch
(git-fixes CVE-2025-23144 bsc#1242568).
- Update
patches.suse/block-fix-resource-leak-in-blk_register_queue-error-path.patch
(git-fixes CVE-2025-37980 bsc#1243522).
- Update
patches.suse/block-integrity-Do-not-call-set_page_dirty_lock.patch
(git-fixes CVE-2025-37978 bsc#1243516).
- Update
patches.suse/bnxt_en-Fix-out-of-bound-memcpy-during-ethtool-w.patch
(git-fixes CVE-2025-37911 bsc#1243469).
- Update patches.suse/bpf-Scrub-packet-on-bpf_redirect_peer.patch
(git-fixes CVE-2025-37959 bsc#1243517).
- Update
patches.suse/bpf-check-changes_pkt_data-property-for-extension-pr.patch
(bsc#1241590 CVE-2024-58100 bsc#1242564).
- Update
patches.suse/bpf-consider-that-tail-calls-invalidate-packet-point.patch
(bsc#1241590 CVE-2024-58237 bsc#1242574).
- Update
patches.suse/bpf-track-changes_pkt_data-property-for-global-funct.patch
(bsc#1241590 CVE-2024-58098 bsc#1242565).
- Update
patches.suse/btrfs-adjust-subpage-bit-start-based-on-sectorsize.patch
(bsc#1241492 CVE-2025-37931 bsc#1243626).
- Update
patches.suse/bus-mhi-host-Fix-race-between-unprepare-and-queue_bu.patch
(git-fixes CVE-2025-23151 bsc#1242512).
- Update
patches.suse/cxgb4-fix-memory-leak-in-cxgb4_init_ethtool_filters-.patch
(git-fixes CVE-2025-37788 bsc#1242766).
- Update
patches.suse/dm-bufio-don-t-schedule-in-atomic-context.patch
(git-fixes CVE-2025-37928 bsc#1243621).
- Update
patches.suse/drm-amd-display-Fix-slab-use-after-free-in-hdcp.patch
(git-fixes CVE-2025-37903 bsc#1243562).
- Update
patches.suse/drm-amd-pm-Prevent-division-by-zero-4b8c3c0.patch
(git-fixes CVE-2025-37770 bsc#1242764).
- Update
patches.suse/drm-amd-pm-Prevent-division-by-zero-4e3d950.patch
(git-fixes CVE-2025-37766 bsc#1242785).
- Update
patches.suse/drm-amd-pm-Prevent-division-by-zero-7c246a0.patch
(git-fixes CVE-2025-37768 bsc#1242567).
- Update
patches.suse/drm-amd-pm-Prevent-division-by-zero-7d641c2.patch
(git-fixes CVE-2025-37771 bsc#1242781).
- Update patches.suse/drm-amd-pm-Prevent-division-by-zero.patch
(git-fixes CVE-2025-37767 bsc#1242501).
- Update
patches.suse/drm-amd-pm-smu11-Prevent-division-by-zero.patch
(git-fixes CVE-2025-37769 bsc#1242587).
- Update
patches.suse/drm-amdgpu-Replace-Mutex-with-Spinlock-for-RLCG-regi.patch
(git-fixes CVE-2025-38104 bsc#1241635).
- Update
patches.suse/drm-amdgpu-handle-amdgpu_cgs_create_device-errors-in.patch
(stable-fixes CVE-2025-37852 bsc#1243074).
- Update patches.suse/drm-amdkfd-Fix-mode1-reset-crash-issue.patch
(stable-fixes CVE-2025-37854 bsc#1243082).
- Update
patches.suse/drm-amdkfd-debugfs-hang_hws-skip-GPU-with-MES.patch
(stable-fixes CVE-2025-37853 bsc#1243076).
- Update
patches.suse/drm-i915-huc-Fix-fence-not-released-on-early-probe-e.patch
(git-fixes CVE-2025-37754 bsc#1242524).
- Update
patches.suse/drm-mediatek-dp-drm_err-dev_err-in-HPD-path-to-avoid.patch
(git-fixes CVE-2025-38240 bsc#1241457).
- Update
patches.suse/drm-nouveau-Fix-WARN_ON-in-nouveau_fence_context_kil.patch
(git-fixes CVE-2025-37930 bsc#1243625).
- Update
patches.suse/drm-nouveau-prime-fix-ttm_bo_delayed_delete-oops.patch
(git-fixes CVE-2025-37765 bsc#1242761).
- Update
patches.suse/drm-v3d-Add-job-to-pending-list-if-the-reset-was-ski.patch
(stable-fixes CVE-2025-37951 bsc#1243659).
- Update
patches.suse/eth-bnxt-fix-missing-ring-index-trim-on-error-path.patch
(git-fixes CVE-2025-37873 bsc#1242961).
- Update patches.suse/fbdev-omapfb-Add-plane-value-check.patch
(stable-fixes CVE-2025-37851 bsc#1242977).
- Update
patches.suse/firmware-arm_scmi-Balance-device-refcount-when-destr.patch
(git-fixes CVE-2025-37905 bsc#1243456).
- Update
patches.suse/fs-jfs-Prevent-integer-overflow-in-AG-size-calculation.patch
(git-fixes CVE-2025-37858 bsc#1243049).
- Update
patches.suse/hfs-hfsplus-fix-slab-out-of-bounds-in-hfs_bnode_read_key.patch
(git-fixes CVE-2025-37782 bsc#1242770).
- Update
patches.suse/i2c-cros-ec-tunnel-defer-probe-if-parent-EC-is-not-p.patch
(git-fixes CVE-2025-37781 bsc#1242575).
- Update
patches.suse/i3c-Add-NULL-pointer-check-in-i3c_master_queue_ibi.patch
(git-fixes CVE-2025-23147 bsc#1242530).
- Update
patches.suse/ice-Check-VF-VSI-Pointer-Value-in-ice_vc_add_fdir_fl.patch
(git-fixes CVE-2025-37912 bsc#1243470).
- Update patches.suse/igc-fix-PTM-cycle-trigger-logic.patch
(git-fixes CVE-2025-37875 bsc#1242959).
- Update
patches.suse/iio-imu-st_lsm6dsx-fix-possible-lockup-in-st_lsm6dsx-8114ef8.patch
(git-fixes CVE-2025-37969 bsc#1243574).
- Update
patches.suse/iio-imu-st_lsm6dsx-fix-possible-lockup-in-st_lsm6dsx.patch
(git-fixes CVE-2025-37970 bsc#1243575).
- Update
patches.suse/iommu-Fix-two-issues-in-iommu_copy_struct_from_user.patch
(git-fixes CVE-2025-37900 bsc#1243560).
- Update
patches.suse/ipv6-Fix-memleak-of-nhc_pcpu_rth_output-in-fib_check_nh_v6_gw.patch
(git-fixes CVE-2025-22005 bsc#1240866).
- Update
patches.suse/irqchip-gic-v2m-Prevent-use-after-free-of-gicv2m_get.patch
(git-fixes CVE-2025-37819 bsc#1242873).
- Update
patches.suse/irqchip-qcom-mpm-Prevent-crash-when-trying-to-handle.patch
(git-fixes CVE-2025-37901 bsc#1243559).
- Update patches.suse/jbd2-remove-wrong-sb-s_sequence-check.patch
(bsc#1242343 CVE-2025-37839 bsc#1242990).
- Update
patches.suse/jfs-Fix-uninit-value-access-of-imap-allocated-in-the-diMount-function.patch
(git-fixes CVE-2025-37742 bsc#1243011).
- Update
patches.suse/jfs-Prevent-copying-of-nlink-with-value-0-from-disk-inode.patch
(git-fixes CVE-2025-37741 bsc#1243015).
- Update
patches.suse/jfs-add-sanity-check-for-agwidth-in-dbMount.patch
(git-fixes CVE-2025-37740 bsc#1243006).
- Update
patches.suse/jfs-fix-slab-out-of-bounds-read-in-ea_get.patch
(git-fixes CVE-2025-39735 bsc#1241625).
- Update
patches.suse/jfs-reject-on-disk-inodes-of-an-unsupported-type.patch
(git-fixes CVE-2025-37925 bsc#1241654).
- Update
patches.suse/md-md-bitmap-fix-wrong-bitmap_limit-for-clustermd-wh.patch
(bsc#1238212 CVE-2025-22124 bsc#1241595).
- Update
patches.suse/media-dw2102-Fix-null-ptr-deref-in-dw2102_i2c_transf.patch
(git-fixes CVE-2023-53146 bsc#1220112).
- Update
patches.suse/media-venus-hfi-add-a-check-to-handle-OOB-in-sfr-reg.patch
(git-fixes CVE-2025-23159 bsc#1242529).
- Update
patches.suse/media-venus-hfi-add-check-to-handle-incorrect-queue-.patch
(git-fixes CVE-2025-23158 bsc#1242531).
- Update
patches.suse/media-venus-hfi_parser-add-check-to-avoid-out-of-bou.patch
(git-fixes CVE-2025-23157 bsc#1242532).
- Update
patches.suse/media-venus-hfi_parser-refactor-hfi-packet-parsing-l.patch
(git-fixes CVE-2025-23156 bsc#1242569).
- Update
patches.suse/mfd-ene-kb3930-Fix-a-potential-NULL-pointer-derefere.patch
(git-fixes CVE-2025-23146 bsc#1242559).
- Update
patches.suse/misc-microchip-pci1xxxx-Fix-Kernel-panic-during-IRQ-.patch
(git-fixes CVE-2025-37815 bsc#1242871).
- Update
patches.suse/mtd-inftlcore-Add-error-check-for-inftl_read_oob.patch
(git-fixes CVE-2025-37892 bsc#1243536).
- Update
patches.suse/mtd-rawnand-brcmnand-fix-PM-resume-warning.patch
(git-fixes CVE-2025-37840 bsc#1242953).
- Update patches.suse/net-phy-leds-fix-memory-leak.patch
(git-fixes CVE-2025-37989 bsc#1243511).
- Update
patches.suse/net-reenable-NETIF_F_IPV6_CSUM-offload-for-BIG-TCP-p.patch
(git-fixes CVE-2025-21629 bsc#1235968).
- Update
patches.suse/net_sched-drr-Fix-double-list-add-in-class-with-nete.patch
(git-fixes CVE-2025-37915 bsc#1243473).
- Update
patches.suse/net_sched-ets-Fix-double-list-add-in-class-with-nete.patch
(git-fixes CVE-2025-37914 bsc#1243472).
- Update
patches.suse/net_sched-hfsc-Fix-a-UAF-vulnerability-in-class-with.patch
(git-fixes CVE-2025-37890 bsc#1243330).
- Update
patches.suse/net_sched-qfq-Fix-double-list-add-in-class-with-nete.patch
(git-fixes CVE-2025-37913 bsc#1243471).
- Update
patches.suse/nfsd-decrease-sc_count-directly-if-fail-to-queue-dl_recall.patch
(git-fixes CVE-2025-37871 bsc#1242949).
- Update
patches.suse/objtool-media-dib8000-Prevent-divide-by-zero-in-dib8.patch
(git-fixes CVE-2025-37937 bsc#1243540).
- Update
patches.suse/objtool-spi-amd-Fix-out-of-bounds-stack-access-in-am.patch
(git-fixes CVE-2025-40014 bsc#1241644).
- Update
patches.suse/perf-Fix-hang-while-freeing-sigtrap-event.patch
(bsc#1229491 CVE-2024-43869 CVE-2025-37747 bsc#1242520).
- Update
patches.suse/pm-cpupower-bench-Prevent-NULL-dereference-on-malloc.patch
(stable-fixes CVE-2025-37841 bsc#1242974).
- Update
patches.suse/pwm-mediatek-Prevent-divide-by-zero-in-pwm_mediatek_.patch
(git-fixes CVE-2025-37850 bsc#1242955).
- Update patches.suse/qibfs-fix-_another_-leak.patch (git-fixes
CVE-2025-37983 bsc#1243567).
- Update patches.suse/sch_htb-make-htb_deactivate-idempotent.patch
(CVE-2025-37798 bsc#1242414 CVE-2025-37953 bsc#1243543).
- Update
patches.suse/sch_htb-make-htb_qlen_notify-idempotent.patch
(CVE-2025-37798 bsc#1242414 CVE-2025-37932 bsc#1243627).
- Update
patches.suse/sctp-detect-and-prevent-references-to-a-freed-transp.patch
(git-fixes CVE-2025-23142 bsc#1242760).
- Update
patches.suse/soc-samsung-exynos-chipid-Add-NULL-pointer-check-in-.patch
(git-fixes CVE-2025-23148 bsc#1242578).
- Update
patches.suse/sound-virtio-Fix-cancel_sync-warnings-on-uninitializ.patch
(stable-fixes CVE-2025-37805 bsc#1242930).
- Update patches.suse/tpm-do-not-start-chip-while-suspended.patch
(git-fixes CVE-2025-23149 bsc#1242758).
- Update
patches.suse/usb-cdns3-Fix-deadlock-when-using-NCM-gadget.patch
(git-fixes CVE-2025-37812 bsc#1242908).
- Update
patches.suse/usb-dwc3-gadget-check-that-event-count-does-not-exce.patch
(git-fixes CVE-2025-37810 bsc#1242906).
- Update
patches.suse/usb-gadget-aspeed-Add-NULL-pointer-check-in-ast_vhub.patch
(stable-fixes CVE-2025-37881 bsc#1242973).
- Update
patches.suse/usb-typec-class-Invalidate-USB-device-pointers-on-pa.patch
(git-fixes CVE-2025-37986 bsc#1243515).
- Update
patches.suse/vmxnet3-Fix-packet-corruption-in-vmxnet3_xdp_xmit_fr.patch
(bsc#1226498 CVE-2024-58099 bsc#1242035).
- Update
patches.suse/wifi-at76c50x-fix-use-after-free-access-in-at76_disc.patch
(git-fixes CVE-2025-37796 bsc#1242727).
- Update
patches.suse/wifi-ath12k-Fix-invalid-data-access-in-ath12k_dp_rx_.patch
(stable-fixes CVE-2025-37943 bsc#1243509).
- Update
patches.suse/wifi-ath12k-Fix-invalid-entry-fetch-in-ath12k_dp_mon.patch
(stable-fixes CVE-2025-37944 bsc#1243530).
- Update
patches.suse/wifi-brcm80211-fmac-Add-error-handling-for-brcmf_usb.patch
(git-fixes CVE-2025-37990 bsc#1243528).
- Update
patches.suse/wifi-cfg80211-init-wiphy_work-before-allocating-rfki.patch
(git-fixes CVE-2025-22119 bsc#1241576).
- Update
patches.suse/wifi-mac80211-Purge-vif-txq-in-ieee80211_do_stop.patch
(git-fixes CVE-2025-37794 bsc#1242566).
- Update
patches.suse/wifi-plfxlc-Remove-erroneous-assert-in-plfxlc_mac_re.patch
(git-fixes CVE-2025-37897 bsc#1243534).
- Update
patches.suse/wifi-wl1251-fix-memory-leak-in-wl1251_tx_work.patch
(git-fixes CVE-2025-37982 bsc#1243524).
- commit 4bd69e5
- blacklist.conf: add 75ad02318af2 ("Xen/swiotlb: mark xen_swiotlb_fixup() __init")
- Delete patches.suse/Xen-swiotlb-mark-xen_swiotlb_fixup-__init.patch.
- commit c256f05
- smb: client: Avoid race in open_cached_dir with lease breaks
(CVE-2025-37954 bsc#1243664).
- commit 366c4d0
- smb: client: change return value in open_cached_dir_by_dentry()
if !cfids (git-fixes).
- commit ec272a8
- smb: client: remove unnecessary checks in open_cached_dir()
(git-fixes).
- commit 31b534b
- Delete
patches.suse/smb-client-fix-open_cached_dir-retries-with-hard.patch.
- Delete
patches.suse/smb-client-properly-close-cfids-on-umount.patch.
[hcarvalho: these were SUSE-only fixes and now we have more suitable
fixes upstream for the same issues]
- commit fb12426
- smb3: fix Open files on server counter going negative
(git-fixes).
- commit 6a0a87a
- memblock: Accept allocated memory before use in
memblock_double_array() (CVE-2025-37960 bsc#1243519).
- commit 7257498
- mm/huge_memory: fix dereferencing invalid pmd migration entry
(CVE-2025-37958 bsc#1243539).
- commit 49bf8b8
- objtool, panic: Disable SMAP in __stack_chk_fail()
(bsc#1243963).
- commit 3d95273
- net: stmmac: Fix accessing freed irq affinity_hint (CVE-2025-23155 bsc#1242573)
- commit 1bacbdd
- net_sched: sch_sfq: move the limit validation (CVE-2025-37752 bsc#1242504)
- commit 8b36a9a
- net_sched: sch_sfq: use a temporary work area for validating configuration (bsc#1232504)
- commit 49233c3
- Refresh
patches.kabi/icmp-prevent-possible-NULL-dereferences-from-icmp_bu.patch.
It turns out we don't need the kABI workaround for
patches.suse/ipv4-icmp-Unmask-upper-DSCP-bits-in-icmp_route_looku.patch,
just need to simply refresh the patch context. Thus we take
> #include <net/inet_dscp.h>
out of the __GENKSYMS__ ifndef.
- Refresh
patches.kabi/icmp-prevent-possible-NULL-dereferences-from-icmp_bu.patch.
- commit b6ed857
- nvme-pci: acquire cq_poll_lock in nvme_poll_irqdisable
(git-fixes bsc#1223096).
- nvme-pci: make nvme_pci_npages_prp() __always_inline
(git-fixes).
- commit 71f2996
- rpm/check-for-config-changes: add more to IGNORED_CONFIGS_RE
Useful when someone tries (needs) to build the kernel with clang.
- commit 06918e3
- nilfs2: do not propagate ENOENT error from
nilfs_btree_propagate() (git-fixes).
- commit 5591e0d
- nilfs2: add pointer check for nilfs_direct_propagate()
(git-fixes).
- commit eac8f96
- afs: Fix the server_list to unuse a displaced server rather
than putting it (git-fixes).
- commit d3c390a
- afs: Make it possible to find the volumes that are using a
server (git-fixes).
- commit 7d8a054
- Squashfs: check return result of sb_min_blocksize (git-fixes).
- commit 6d6e8d7
- xenbus: Use kref to track req lifetime (bsc#1243541
CVE-2025-37949).
- commit 0928f39
- 9p/net: fix improper handling of bogus negative read/write
replies (bsc#1243077 CVE-2025-37879).
- commit ac0ef56
- RDMA/rxe: Fix "trying to register non-static key in rxe_qp_do_cleanup" bug (git-fixes)
- commit 40421b4
- RDMA/cma: Fix hang when cma_netevent_callback fails to queue_work (git-fixes)
- commit 5748d8f
- RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction (git-fixes)
- commit 0defb73
- RDMA/mlx5: Fix error flow upon firmware failure for RQ destruction (git-fixes)
- commit af712e0
- RDMA/hns: Include hnae3.h in hns_roce_hw_v2.h (git-fixes)
- commit fe91579
- IB/cm: use rwlock for MAD agent lock (git-fixes)
- commit 7a0e4f4
- loop: don't require ->write_iter for writable files in
loop_configure (git-fixes).
- commit 7e4c4c7
- iommu/mediatek: Fix NULL pointer deference in
mtk_iommu_device_group (CVE-2025-37748 bsc#1242523).
- commit 4d05234
- net: allow small head cache usage with large MAX_SKB_FRAGS
values (CVE-2025-21868 bsc#1240180).
- commit b5e965a
- loop: Add sanity check for read/write_iter (git-fixes).
- scsi: Improve CDL control (git-fixes).
- md/raid1: Add check for missing source disk in process_checks()
(git-fixes).
- loop: Add sanity check for read/write_iter (git-fixes).
- scsi: Improve CDL control (git-fixes).
- md/raid1: Add check for missing source disk in process_checks()
(git-fixes).
- commit 494aacb
- cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate()
(bsc#1242875 CVE-2025-37829).
- commit e728de0
- cpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate()
(bsc#1242860 CVE-2025-37830).
- commit 8f43c34
- loop: aio inherit the ioprio of original request (git-fixes).
- Refresh
patches.suse/loop-stop-using-vfs_iter_-read-write-for-buffered-I-O.patch.
- commit ff7ab20
- io_uring: always do atomic put from iowq (CVE-2025-37804
bsc#1242854).
- commit 06f910a
- s390/bpf: Store backchain even for leaf progs (git-fixes
bsc#1243805).
- commit ded8083
- cpufreq: apple-soc: Fix null-ptr-deref in
apple_soc_cpufreq_get_rate() (bsc#1242861 CVE-2025-37831).
- commit ce0d3b2
- kabi: fix kABI for ITS (bsc#1242006 CVE-2024-28956).
- commit 1a3ff17
- mtd: phram: Add the kernel lock down check (bsc#1232649).
- commit 0294b02
- scsi: megaraid_sas: Block zero-length ATA VPD inquiry
(git-fixes).
- scsi: pm80xx: Set phy_attached to zero when device is gone
(git-fixes).
- scsi: hisi_sas: Fix I/O errors caused by hardware port ID
changes (git-fixes).
- scsi: megaraid_sas: Block zero-length ATA VPD inquiry
(git-fixes).
- scsi: pm80xx: Set phy_attached to zero when device is gone
(git-fixes).
- scsi: hisi_sas: Fix I/O errors caused by hardware port ID
changes (git-fixes).
- commit 2f69ac7
- isofs: Prevent the use of too small fid (CVE-2025-37780 bsc#1242786)
- commit 2176e55
- ext4: fix off-by-one error in do_split (CVE-2025-23150 bsc#1242513)
- commit 06dc18f
- net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered (CVE-2025-37787 bsc#1242585)
- commit 91a15e6
- Refresh fixes for cBPF issue (bsc#1242778)
- Update metadata and put them into the sorted part of the series
- Refresh
patches.suse/x86-bhi-do-not-set-BHI_DIS_S-in-32-bit-mode.patch.
- Refresh
patches.suse/x86-bpf-add-IBHF-call-at-end-of-classic-BPF.patch.
- Refresh
patches.suse/x86-bpf-call-branch-history-clearing-sequence-on-exit.patch.
- commit d024c0d
- media: mediatek: vcodec: Fix a resource leak related to the scp device in FW initialization (CVE-2025-23160 bsc#1242507)
- commit ec39280
- net: libwx: handle page_pool_dev_alloc_pages error (CVE-2025-37755 bsc#1242506)
- commit 218edf9
- virtiofs: add filesystem context source name check (CVE-2025-37773 bsc#1242502)
- commit c58895d
- remoteproc: core: Clear table_sz when rproc_shutdown (CVE-2025-38152 bsc#1241627)
- commit a7f4be3
- net_sched: skbprio: Remove overly strict queue assertions (CVE-2025-38637 bsc#1241657)
- commit 6c0dd03
- fs/9p: fix NULL pointer dereference on mkdir (CVE-2025-22070 bsc#1241305)
- commit 7cd6fd1
- KVM: VMX: Bury Intel PT virtualization (guest/host mode)
behind CONFIG_BROKEN (CVE-2024-53135 bsc#1234154).
- commit 09b2398
- KVM: x86: Make x2APIC ID 100% readonly (git-fixes).
- Refresh
patches.suse/KVM-x86-Re-split-x2APIC-ICR-into-ICR-ICR2-for-AMD-x2.patch.
- commit d85d7a2
- net: fix NULL pointer dereference in l3mdev_l3_rcv (CVE-2025-22103 bsc#1241448)
- commit da134b6
- udmabuf: fix a buf size overflow issue during udmabuf creation (CVE-2025-37803 bsc#1242852)
- commit 34e7f3d
- add bug reference for an existing hv_netvsc change (bsc#1243737).
- commit e38784d
- kabi fix for perf/aux: Fix AUX buffer serialization
(bsc#1230581, CVE-2024-46713).
- perf/aux: Fix AUX buffer serialization (bsc#1230581,
CVE-2024-46713).
- commit 1405e0e
- Update
patches.suse/NFSv3-only-use-NFS-timeout-for-MOUNT-when-protocols-.patch
(bsc#1231016).
Remove the reference to CVE-2024-50106 bsc#1232882, this was added
automatically by 8258b9d331fb as it matched the Git-commit 8dd91e8d31fe
which was erroneously added in 4b11aedcc3c0, and later corrected in
a5cceab88022 (which did not also take care of removing the erroneous
references).
- commit 4e82942
- usb: typec: class: Unlocked on error in typec_register_partner()
(bsc#1242856 CVE-2025-37809).
- commit 8ae2608
- struct typec_port: move nre mutex to end (bsc#1242856
CVE-2025-37809).
- commit b5f6426
- usb: typec: class: Fix NULL pointer access (bsc#1242856
CVE-2025-37809).
- Refresh
patches.suse/usb-typec-class-Invalidate-USB-device-pointers-on-pa.patch.
- commit 3add668
- team: better TEAM_OPTION_TYPE_STRING validation (CVE-2025-21787 bsc#1238774)
- commit bda544d
- scsi: ufs: bsg: Set bsg_queue to NULL after removal (CVE-2024-54458 bsc#1238992)
- commit 0e36a45
- xen-netfront: handle NULL returned by
xdp_convert_buff_to_frame() (bsc#1242866 CVE-2025-37820).
- commit 39f3e10
- xen: Change xen-acpi-processor dom0 dependency (git-fixes).
- commit 0babbb9
- xenfs/xensyms: respect hypervisor's "next" indication
(git-fixes).
- commit 911043b
- xen/mcelog: Add __nonstring annotations for unterminated strings
(git-fixes).
- commit 29addb9
- Xen/swiotlb: mark xen_swiotlb_fixup() __init (git-fixes).
- commit 8db2d18
- x86/xen: move xen_reserve_extra_memory() (git-fixes).
- commit 46ca212
- virtio_console: fix missing byte order handling for cols and
rows (git-fixes).
- commit 241fde6
- vhost-scsi: Fix handling of multiple calls to
vhost_scsi_set_endpoint (git-fixes).
- commit b42c56f
- KVM: SVM: Update dump_ghcb() to use the GHCB snapshot fields
(git-fixes).
- commit 38764b5
- KVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception
(bsc#1243513 CVE-2025-37957).
- commit d959965
- KVM: x86: Explicitly treat routing entry type changes as changes
(git-fixes).
- commit 3d9ce0f
- dm-integrity: fix a warning on invalid table line (git-fixes).
- commit d3c6b81
- KVM: SVM: Allocate IR data using atomic allocation (git-fixes).
- commit b2174da
- KVM: x86: Explicitly zero-initialize on-stack CPUID unions
(git-fixes).
- commit 70f24b1
- KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest
memory accesses (git-fixes).
- commit 6edee17
- KVM: x86/xen: Use guest's copy of pvclock when starting timer
(git-fixes).
- commit b26e547
- KVM: x86: Don't take kvm->lock when iterating over vCPUs in
suspend notifier (git-fixes).
- commit c3ff5ce
- pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (CVE-2025-21702 bsc#1237312)
- commit 9693f33
- KVM: VMX: Don't modify guest XFD_ERR if CR0.TS=1 (git-fixes).
- commit 7004205
- KVM: x86: Remove the unreachable case for 0x80000022 leaf in
__do_cpuid_func() (git-fixes).
- commit 61712af
- KVM: nVMX: Allow emulating RDPID on behalf of L2 (git-fixes).
- commit c1930b5
- KVM: nSVM: Pass next RIP, not current RIP, for nested VM-Exit
on emulation (git-fixes).
- commit 8202eda
- ptp: Ensure info->enable callback is always set (CVE-2025-21814 bsc#1238473)
- commit f7aafc6
- KVM: nVMX: Check PAUSE_EXITING, not BUS_LOCK_DETECTION, on
PAUSE emulation (git-fixes).
- commit e0c3862
- KVM: x86: Wake vCPU for PIC interrupt injection iff a valid
IRQ was found (git-fixes).
- commit a4e6b2d
- KVM: x86: Explicitly zero EAX and EBX when PERFMON_V2 isn't
supported by KVM (git-fixes).
- commit 224ac97
- KVM: SVM: Suppress DEBUGCTL.BTF on AMD (git-fixes).
- commit cbffadd
- KVM: SVM: Drop DEBUGCTL[5:2] from guest's effective value
(git-fixes).
- commit 7de7eaf
- KVM: x86: Reject disabling of MWAIT/HLT interception when not
allowed (git-fixes).
- commit 6f261b9
- KVM: arm64: Tear down vGIC on failed vCPU creation (git-fixes).
- commit a8fc9b5
- xhci: Add helper to set an interrupters interrupt moderation
interval (git-fixes).
- commit 552ff9a
- xhci: split free interrupter into separate remove and free parts
(git-fixes).
- commit b6b40d2
- KVM: arm64: vgic-v4: Fall back to software irqbypass if LPI
not found (git-fixes).
- commit 30abdad
- KVM: arm64: vgic-v4: Only attempt vLPI mapping for actual MSIs
(git-fixes).
- commit fa068c2
- rcu/tasks-trace: Handle new PF_IDLE semantics (git-fixes)
- commit 9e674eb
- rcu/tasks: Handle new PF_IDLE semantics (git-fixes)
- commit dc44560
- rcu: Introduce rcu_cpu_online() (git-fixes)
- commit 1b93211
- rcu: Break rcu_node_0 --> &rq->__lock order (git-fixes)
- commit 37d6fe5
- KVM: arm64: Mark some header functions as inline (git-fixes).
- commit 1cf34cd
- KVM: arm64: timer: Always evaluate the need for a soft timer
(git-fixes).
- commit 2c68f44
- KVM: arm64: Fix RAS trapping in pKVM for protected VMs
(git-fixes).
- commit 4af64c7
- KVM: s390: Don't use %pK through debug printing (git-fixes
bsc#1243657).
- KVM: s390: Don't use %pK through tracepoints (git-fixes
bsc#1243658).
- commit 784e519
- s390/pci: Fix missing check for zpci_create_device() error
return (git-fixes CVE-2025-37974 bsc#1243547).
- commit fe0123d
- KVM: arm64: Ignore PMCNTENSET_EL0 while checking for overflow
status (git-fixes).
- commit 861b970
- KVM: arm64: vgic-its: Clear ITE when DISCARD frees an ITE
(git-fixes).
- commit cae4119
- KVM: arm64: vgic-its: Clear DTE when MAPD unmaps a device
(git-fixes).
- commit c87dcd2
- KVM: arm64: vgic-its: Add a data length check in vgic_its_save_*
(git-fixes).
- commit fb99ec6
- drm/amd/display: prevent hang on link training fail (bsc#1243056 CVE-2025-37870)
- commit 368bb8e
- Input: synaptics-rmi - fix crash with unsupported versions of
F34 (git-fixes).
- spi: spi-fsl-dspi: Reset SR flags before sending a new message
(git-fixes).
- spi: spi-fsl-dspi: Halt the module after a new message transfer
(git-fixes).
- spi: spi-fsl-dspi: restrict register range for regmap access
(git-fixes).
- commit b0b7b4d
- Revert "drm/amd: Keep display off while going into S4"
(git-fixes).
- drm/edid: fixed the bug that hdr metadata was not reset
(git-fixes).
- thermal: intel: x86_pkg_temp_thermal: Fix bogus trip temperature
(git-fixes).
- platform/x86: dell-wmi-sysman: Avoid buffer overflow in
current_password_store() (git-fixes).
- commit 2a12a0d
- x86/speculation: Remove the extra #ifdef around CALL_NOSPEC (bsc#1242006 CVE-2024-28956).
- commit 02d5249
- x86/speculation: Add a conditional CS prefix to CALL_NOSPEC (bsc#1242006 CVE-2024-28956).
- commit e6e328e
- x86/speculation: Simplify and make CALL_NOSPEC consistent (bsc#1242006 CVE-2024-28956).
- commit 4f55697
- drm/amd: Add Suspend/Hibernate notification callback support
(stable-fixes).
- Refresh
patches.suse/drm-amd-Keep-display-off-while-going-into-S4.patch.
- commit 8fc5efa
- can: slcan: allow reception of short error messages (git-fixes).
- can: bcm: add missing rcu read protection for procfs content
(git-fixes).
- can: bcm: add locking for bcm_op runtime updates (git-fixes).
- Bluetooth: btusb: use skb_pull to avoid unsafe access in QCA
dump handling (git-fixes).
- Bluetooth: L2CAP: Fix not checking l2cap_chan security level
(git-fixes).
- ASoc: SOF: topology: connect DAI to a single DAI link
(git-fixes).
- ASoC: SOF: ipc4-pcm: Delay reporting is only supported for
playback direction (git-fixes).
- ASoC: SOF: ipc4-control: Use SOF_CTRL_CMD_BINARY as numid for
bytes_ext (git-fixes).
- drm/amd/display: Avoid flooding unnecessary info messages
(git-fixes).
- drm/amd/display: Correct the reply value when AUX write
incomplete (git-fixes).
- ALSA: usb-audio: Add sample rate quirk for Microdia JP001 USB
Camera (stable-fixes).
- HID: uclogic: Add NULL check in uclogic_input_configured()
(git-fixes).
- HID: thrustmaster: fix memory leak in thrustmaster_interrupts()
(git-fixes).
- wifi: mt76: disable napi on driver removal (git-fixes).
- wifi: mac80211: Set n_channels after allocating struct
cfg80211_scan_request (git-fixes).
- Bluetooth: MGMT: Fix MGMT_OP_ADD_DEVICE invalid device flags
(git-fixes).
- drm/amdgpu: fix pm notifier handling (git-fixes).
- Revert "drm/amd: Stop evicting resources on APUs in suspend"
(stable-fixes).
- drm/amdgpu: Queue KFD reset workitem in VF FED (stable-fixes).
- drm/amdgpu: trigger flr_work if reading pf2vf data failed
(stable-fixes).
- commit 26616bd
- net/niu: Niu requires MSIX ENTRY_DATA fields touch before
entry reads (CVE-2025-37833 bsc#1242868).
- commit 6ef582b
- smb: client: fix potential race in cifs_put_tcon() (git-fixes).
- commit 19f09de
- smb: client: don't retry DFS targets on server shutdown
(git-fixes).
- commit 1f292e5
- smb: client: fix return value of parse_dfs_referrals()
(git-fixes).
- commit 4a3af29
- smb: client: parse DNS domain name from domain= option
(git-fixes).
- commit a71bddc
- smb: client: parse av pair type 4 in CHALLENGE_MESSAGE
(git-fixes).
- commit 06ad34c
- smb: client: introduce av_for_each_entry() helper (git-fixes).
- commit b221e20
- smb: client: get rid of kstrdup() in get_ses_refpath()
(git-fixes).
- commit 820766b
- smb: client: don't trust DFSREF_STORAGE_SERVER bit (git-fixes).
- commit e375375
- smb: client: get rid of TCP_Server_Info::refpath_lock
(git-fixes).
- commit a1e1a18
- smb: client: optimize referral walk on failed link targets
(git-fixes).
- commit dc0ea15
- smb: client: provide dns_resolve_{unc,name} helpers (git-fixes).
- commit 823244a
- smb: client: fix DFS mount against old servers with NTLMSSP
(git-fixes).
- commit 9bdc840
- smb: client: don't try following DFS links in
cifs_tree_connect() (git-fixes).
- commit faa5ddf
- btrfs: fix a leaked chunk map issue in read_one_chunk()
(git-fixes).
- btrfs: avoid monopolizing a core when activating a swap file
(git-fixes).
- btrfs: don't loop for nowait writes when checking for cross
references (git-fixes).
- commit 55fbee8
- smb: client: get rid of @nlsc param in cifs_tree_connect()
(git-fixes).
- commit a37d55b
- smb: client: allow more DFS referrals to be cached (git-fixes).
- commit 0672bc5
- smb: client: Use str_yes_no() helper function (git-fixes).
- commit 45cd31b
- smb: client: fix DFS interlink failover (git-fixes).
- commit 0e64ad0
- smb: client: improve purging of cached referrals (git-fixes).
- commit 91096d5
- smb: client: avoid unnecessary reconnects when refreshing
referrals (git-fixes).
- commit f39d027
- smb: client: refresh referral without acquiring refpath_lock
(git-fixes).
- commit a3174a3
- cifs: change tcon status when need_reconnect is set on it
(git-fixes).
- commit 3ba9ec1
- perf: Fix hang while freeing sigtrap event (bsc#1229491 CVE-2024-43869)
- commit ea46d36
- perf: Fix event leak upon exec and file release (bsc#1229491 CVE-2024-43869)
- commit 2306ed7
- task_work: Introduce task_work_cancel() again (bsc#1229491 CVE-2024-43869)
- commit fcc1a13
- task_work: s/task_work_cancel()/task_work_cancel_func()/ (bsc#1229491 CVE-2024-43869)
- commit 737f43d
- sched/numa: Fix the potential null pointer dereference in (bsc#1233192 CVE-2024-50223)
- commit 00ab70f
- arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users (git-fixes)
- commit 7e8bd78
- arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs (git-fixes)
- commit 19938ce
- arm64: proton-pack: Add new CPUs 'k' values for branch mitigation (git-fixes)
- commit 9d5f7df
- arm64: proton-pack: Expose whether the branchy loop k value (git-fixes)
- commit ae499ae
- arm64: proton-pack: Expose whether the platform is mitigated by (git-fixes)
- commit 204dc95
- arm64: insn: Add support for encoding DSB (git-fixes)
- commit 6b6fa36
- crypto: algif_hash - fix double free in hash_accept (git-fixes).
- padata: do not leak refcount in reorder_work (git-fixes).
- commit 891cb3d
- btrfs: fix non-empty delayed iputs list on unmount due to
compressed write workers (git-fixes).
- commit f1d5e24
- btrfs: fix discard worker infinite loop after disabling discard
(bsc#1242012).
- commit 37021c3
- exfat: fix potential wrong error return from get_block
(git-fixes).
- commit 7a3ae68
- hv_netvsc: Remove rmsg_pgcnt (git-fixes).
- hv_netvsc: Preserve contiguous PFN grouping in the page buffer array (git-fixes).
- hv_netvsc: Use vmbus_sendpacket_mpb_desc() to send VMBus messages (git-fixes).
- Drivers: hv: Allow vmbus_sendpacket_mpb_desc() to create multiple ranges (git-fixes).
- commit cc27aab
- Refresh
patches.suse/NFSv3-only-use-NFS-timeout-for-MOUNT-when-protocols-.patch.
- commit a5cceab
- nfsd: add list_head nf_gc to struct nfsd_file (git-fixes).
- commit 619e51a
- NFSv4: Don't trigger uneccessary scans for return-on-close
delegations (git-fixes).
- commit 7a38fa2
- NFSD: Skip sending CB_RECALL_ANY when the backchannel isn't up
(git-fixes).
- commit ab2a57c
- NFS: O_DIRECT writes must check and adjust the file length
(git-fixes).
- commit f49be34
- btrfs: avoid NULL pointer dereference if no valid csum tree
(bsc#1243342).
- commit 4a016a5
- btrfs: avoid NULL pointer dereference if no valid extent tree
(bsc#1236208).
- commit 3a3390f
- btrfs: adjust subpage bit start based on sectorsize
(bsc#1241492).
- commit b1923a6
- nfs: handle failure of nfs_get_lock_context in unlock path
(git-fixes).
- commit fc76265
- NFSv4/pnfs: Reset the layout state after a layoutreturn
(git-fixes).
- commit bfc4dcb
- Input: xpad - fix Share button on Xbox One controllers
(stable-fixes).
- Input: synaptics - enable InterTouch on Dell Precision M3800
(stable-fixes).
- Input: synaptics - enable InterTouch on TUXEDO InfinityBook
Pro 14 v5 (stable-fixes).
- Input: synaptics - enable InterTouch on Dynabook Portege X30L-G
(stable-fixes).
- Input: synaptics - enable InterTouch on Dynabook Portege X30-D
(stable-fixes).
- Input: synaptics - enable SMBus for HP Elitebook 850 G1
(stable-fixes).
- Input: xpad - add support for 8BitDo Ultimate 2 Wireless
Controller (stable-fixes).
- drm/amd/display: Fix the checking condition in dmub aux handling
(stable-fixes).
- drm/amd/display: more liberal vmin/vmax update for freesync
(stable-fixes).
- drm/v3d: Add job to pending list if the reset was skipped
(stable-fixes).
- commit 9301e6f
- update metatdata
- Update
patches.suse/nvme-fixup-scan-failure-for-non-ANA-multipath-contro.patch
(git-fixes bsc#1235149).
- Update
patches.suse/nvme-re-read-ANA-log-page-after-ns-scan-completes.patch
(git-fixes bsc#1235149).
- commit 34602b4
- net/handshake: Fix handshake_req_destroy_test1 (git-fixes).
- commit 2e22868
- net/mlx5e: Disable MACsec offload for uplink representor profile
(git-fixes).
- net: qede: Initialize qede_ll_ops with designated initializer
(git-fixes).
- igc: fix lock order in igc_ptp_reset (git-fixes).
- idpf: protect shutdown from reset (git-fixes).
- idpf: fix potential memory leak on kcalloc() failure
(git-fixes).
- bnxt_en: Fix ethtool -d byte order for 32-bit values
(git-fixes).
- bnxt_en: Fix out-of-bound memcpy() during ethtool -w
(git-fixes).
- bnxt_en: Fix coredump logic to free allocated buffer
(git-fixes).
- bnxt_en: Add missing skb_mark_for_recycle() in bnxt_rx_vlan()
(git-fixes).
- idpf: fix offloads support for encapsulated packets (git-fixes).
- ice: Check VF VSI Pointer Value in ice_vc_add_fdir_fltr()
(git-fixes).
- net/mlx5: E-switch, Fix error handling for enabling roce
(git-fixes).
- net/mlx5: E-Switch, Initialize MAC Address for Default GID
(git-fixes).
- pds_core: make wait_context part of q_info (CVE-2025-37886
bsc#1242944).
- pds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result
(CVE-2025-37887 bsc#1242962).
- octeontx2-pf: qos: fix VF root node parent queue index
(git-fixes).
- devlink: fix port new reply cmd type (git-fixes).
- netlink: annotate data-races around sk->sk_err (git-fixes).
- net/handshake: Fix memory leak in __sock_create() and
sock_alloc_file() (git-fixes).
- commit d6dfca7
- net: ppp: Add bound checking for skb data on ppp_sync_txmung (CVE-2025-37749 bsc#1242859)
- commit be85fb7
- netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets (CVE-2025-22063 bsc#1241351)
- commit 9ad0b9d
- rpm: Stop using is_kotd_qa macro
This macro is set by bs-upload-kernel, and a conditional in each spec
file is used to determine when to build the spec file.
This logic should not really be in the spec file. Previously this was
done with package links and package meta for the individula links.
However, the use of package links is rejected for packages in git based
release projects (nothing to do with git actually, new policy). An
alternative to package links is multibuild. However, for multibuild
packages package meta cannot be used to set which spec file gets built.
Use prjcon buildflags instead, and remove this conditional. Depends on
bs-upload-kernel adding the build flag.
- commit 9eb8a6f
- kernel-obs-qa: Use srchash for dependency as well
- commit 485ae1d
- x86/its: Fix build errors when CONFIG_MODULES=n (git-fixes).
- commit 2ced030
- ocfs2: fix the issue with discontiguous allocation in the
global_bitmap (git-fixes).
- commit 3a6d567
- dmaengine: mediatek: drop unused variable (git-fixes).
- dmaengine: idxd: Fix ->poll() return value (git-fixes).
- phy: tegra: xusb: remove a stray unlock (git-fixes).
- commit 78d9bf4
- dmaengine: mediatek: Fix a possible deadlock error in
mtk_cqdma_tx_status() (git-fixes).
- dmaengine: idxd: Refactor remove call with idxd_cleanup()
helper (git-fixes).
- dmaengine: idxd: Add missing idxd cleanup to fix memory leak
in remove call (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of
idxd_pci_probe (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of
idxd_alloc (git-fixes).
- dmaengine: idxd: Add missing cleanups in cleanup internals
(git-fixes).
- dmaengine: idxd: Add missing cleanup for early error out in
idxd_setup_internals (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of
idxd_setup_groups (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of
idxd_setup_engines (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of
idxd_setup_wqs (git-fixes).
- dmaengine: idxd: Fix allowing write() from different address
spaces (git-fixes).
- dmaengine: ti: k3-udma: Add missing locking (git-fixes).
- dmaengine: ti: k3-udma: Use cap_mask directly from dma_device
structure instead of a local copy (git-fixes).
- dmaengine: Revert "dmaengine: dmatest: Fix dmatest waiting
less when interrupted" (git-fixes).
- phy: Fix error handling in tegra_xusb_port_init (git-fixes).
- phy: renesas: rcar-gen3-usb2: Set timing registers only once
(git-fixes).
- phy: renesas: rcar-gen3-usb2: Fix role detection on unbind/bind
(git-fixes).
- phy: tegra: xusb: Use a bitmask for UTMI pad power state
tracking (git-fixes).
- i2c: designware: Fix an error handling path in
i2c_dw_pci_probe() (git-fixes).
- commit d7f3f88
- spi: tegra114: Use value to check for invalid delays
(git-fixes).
- spi: loopback-test: Do not split 1024-byte hexdumps (git-fixes).
- commit 455317d
- dma-buf: insert memory barrier before updating num_fences
(git-fixes).
- ACPI: PPTT: Fix processor subtable walk (git-fixes).
- regulator: max20086: fix invalid memory access (git-fixes).
- ALSA: es1968: Add error handling for
snd_pcm_hw_constraint_pow2() (git-fixes).
- ALSA: sh: SND_AICA should depend on SH_DMA_API (git-fixes).
- ALSA: usb-audio: Add sample rate quirk for Audioengine D1
(git-fixes).
- ALSA: ump: Fix a typo of snd_ump_stream_msg_device_info
(git-fixes).
- ALSA: seq: Fix delivery of UMP events to group ports
(git-fixes).
- commit 6d9d893
- net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too
(CVE-2025-37823 bsc#1242924).
- commit 1471c72
- spi: fsl-qspi: Fix double cleanup in probe error path
(CVE-2025-37842 bsc#1242951).
- commit 24f6262
- spi: fsl-qspi: use devm function instead of driver remove
(CVE-2025-37842 bsc#1242951).
- commit d11d0a5
- tipc: fix NULL pointer dereference in tipc_mon_reinit_self()
(CVE-2025-37824 bsc#1242867).
- commit b6204ae
- RDMA/core: Fix "KASAN: slab-use-after-free Read in ib_register_device" problem (git-fixes)
- commit cf0fc91
- RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug (git-fixes)
- commit 2431d70
- qibfs: fix _another_ leak (git-fixes)
- commit 8fd1fde
- Update
patches.suse/md-raid10-wait-barrier-before-returning-discard-request-wi.patch
(git-fixes CVE-2025-40325 bsc#1241638).
Updated meta-data, adding CVE# and bsc#
- commit 7913a06
- Update
patches.suse/md-fix-mddev-uaf-while-iterating-all_mddevs-list.patch
(git-fixes CVE-2025-22126 bsc#1241597).
Updated meta-data, adding CVE# and bsc#
- commit f259b1e
- Update patches.suse/md-raid1-raid10-don-t-ignore-IO-flags.patch
(git-fixes CVE-2025-22125 bsc#1241596).
Updated meta-data, adding CVE# and bsc#
- commit e5ab0f8
- Move upstreamed tpm patch into sorted section
- commit 4c354fe
- misc: pci_endpoint_test: Avoid issue of interrupts remaining
after request_irq error (CVE-2025-23140 bsc#1242763).
- commit 7ef87ac
- Refresh patches.suse/tpm-tis-Double-the-timeout-B-to-4s.patch.
- commit a661a1f
- Sort ITS patches
- Refresh
patches.suse/Documentation-x86-bugs-its-Add-ITS-documentation.patch.
- Refresh
patches.suse/x86-ibt-Keep-IBT-disabled-during-alternative-patching.patch.
- Refresh
patches.suse/x86-its-Add-support-for-ITS-safe-indirect-thunk.patch.
- Refresh
patches.suse/x86-its-Add-support-for-ITS-safe-return-thunk.patch.
- Refresh
patches.suse/x86-its-Add-support-for-RSB-stuffing-mitigation.patch.
- Refresh
patches.suse/x86-its-Add-vmexit-option-to-skip-mitigation-on-some-CPUs.patch.
- Refresh
patches.suse/x86-its-Align-RETs-in-BHB-clear-sequence-to-avoid-thunking.patch.
- Refresh
patches.suse/x86-its-Enable-Indirect-Target-Selection-mitigation.patch.
- Refresh
patches.suse/x86-its-Enumerate-Indirect-Target-Selection-ITS-bug.patch.
- Refresh
patches.suse/x86-its-Use-dynamic-thunks-for-indirect-branches.patch.
- commit c6710c7
- arm64: dts: imx8mm-verdin: Link reg_usdhc2_vqmmc to usdhc2 (git-fixes)
- commit 1edd6ab
- arm64: errata: Add missing sentinels to Spectre-BHB MIDR arrays (git-fixes)
- commit 182f118
- arm64: cputype: Add QCOM_CPU_PART_KRYO_3XX_GOLD (git-fixes)
- commit 0b208b9
- netfilter: conntrack: clamp maximum hashtable size to INT_MAX (CVE-2025-21648 bsc#1236142)
- commit 4d49a39
- smb: client: fix UAF in decryption with multichannel
(bsc#1242510, CVE-2025-37750).
- commit dcd21e8
- cifs: reduce warning log level for server not advertising
interfaces (git-fixes).
- commit d059ffc
- sch_htb: make htb_deactivate() idempotent (CVE-2025-37798
bsc#1242414).
- sch_ets: make est_qlen_notify() idempotent (CVE-2025-37798
bsc#1242414).
- sch_qfq: make qfq_qlen_notify() idempotent (CVE-2025-37798
bsc#1242414).
- sch_hfsc: make hfsc_qlen_notify() idempotent (CVE-2025-37798
bsc#1242414).
- sch_drr: make drr_qlen_notify() idempotent (CVE-2025-37798
bsc#1242414).
- sch_htb: make htb_qlen_notify() idempotent (CVE-2025-37798
bsc#1242414).
- commit ca3d2dc
- KVM: arm64: Change kvm_handle_mmio_return() return polarity
(git-fixes).
- Refresh
patches.suse/KVM-arm64-Don-t-retire-aborted-MMIO-instruction.patch.
- commit 265ba62
- net: openvswitch: fix nested key length validation in the set()
action (CVE-2025-37789 bsc#1242762).
- commit aa0d4ee
- netfilter: nft_tunnel: fix geneve_opt type confusion addition
(CVE-2025-22056 bsc#1241525).
- commit bfce6d7
- nvme-pci: add quirk for Samsung PM173x/PM173xa disk
(bsc#1241148).
- nvme: Add warning when a partiually unique NID is detected
(bsc#1241148).
- nvme: Add 'partial_nid' quirk (bsc#1241148).
- commit 242af03
- x86/its: Use dynamic thunks for indirect branches (bsc#1242006 CVE-2024-28956).
- commit 428e9a8
- selftests/mm: fix incorrect buffer->mirror size in hmm2
double_map test (bsc#1242203).
- commit a065dfc
- mm: zswap: fix crypto_free_acomp() deadlock in
zswap_cpu_comp_dead() (CVE-2025-22030 bsc#1241376).
- commit f3d5b08
- nvme: fixup scan failure for non-ANA multipath controllers
(git-fixes).
- commit fbd0910
- platform/x86: asus-wmi: Fix wlan_ctrl_by_user detection
(git-fixes).
- platform/x86/amd/pmc: Declare quirk_spurious_8042 for MECHREVO
Wujie 14XA (GX4HRXL) (git-fixes).
- commit fe36676
- scsi: core: Clear flags for scsi_cmnd that did not complete
(git-fixes).
- commit 3615a18
- nvme: unblock ctrl state transition for firmware update
(git-fixes).
- nvmet-tcp: select CONFIG_TLS from CONFIG_NVME_TARGET_TCP_TLS
(git-fixes).
- nvme-tcp: select CONFIG_TLS from CONFIG_NVME_TCP_TLS
(git-fixes).
- nvme-tcp: fix premature queue removal and I/O failover
(git-fixes).
- nvme-pci: fix queue unquiesce check on slot_reset (git-fixes).
- nvmet-fc: put ref when assoc->del_work is already scheduled
(git-fixes).
- nvmet-fc: take tgtport reference only once (git-fixes).
- nvmet-fc: update tgtport ref per assoc (git-fixes).
- nvmet-fc: inline nvmet_fc_free_hostport (git-fixes).
- nvmet-fc: inline nvmet_fc_delete_assoc (git-fixes).
- nvmet-fcloop: add ref counting to lport (git-fixes).
- nvmet-fcloop: replace kref with refcount (git-fixes).
- nvme: multipath: fix return value of nvme_available_path
(git-fixes).
- nvme: re-read ANA log page after ns scan completes (git-fixes).
- nvme: requeue namespace scan on missed AENs (git-fixes).
- nvmet-fcloop: Remove remote port from list when unlinking
(git-fixes).
- commit c20709a
- md/raid10: fix missing discard IO accounting (git-fixes).
- md/raid10: wait barrier before returning discard request with
REQ_NOWAIT (git-fixes).
- md/raid1,raid10: don't ignore IO flags (git-fixes).
- md: fix mddev uaf while iterating all_mddevs list (git-fixes).
- md/raid1: fix memory leak in raid1_run() if no active rdev
(git-fixes).
- md: ensure resync is prioritized over recovery (git-fixes).
- md/raid5: implement pers->bitmap_sector() (git-fixes).
- commit ffbc738
- scsi: qla2xxx: Remove duplicate struct crb_addr_pair
(bsc#1243090).
- scsi: qla2xxx: Remove unused module parameters (bsc#1243090).
- scsi: qla2xxx: Remove unused qla2x00_gpsc() (bsc#1243090).
- scsi: qla2xxx: Remove unused ql_log_qp (bsc#1243090).
- scsi: qla2xxx: Remove unused qla82xx_wait_for_state_change()
(bsc#1243090).
- scsi: qla2xxx: Remove unused qla82xx_pci_region_offset()
(bsc#1243090).
- scsi: qla2xxx: Remove unused qlt_83xx_iospace_config()
(bsc#1243090).
- scsi: qla2xxx: Remove unused qlt_fc_port_deleted()
(bsc#1243090).
- scsi: qla2xxx: Remove unused qlt_free_qfull_cmds()
(bsc#1243090).
- scsi: qla2xxx: Fix typos in a comment (bsc#1243090).
- scsi: qla2xxx: Mark device strings as nonstring (bsc#1243090).
- commit c83a90b
- md: preserve KABI in struct md_personality v2 (git-fixes).
Added to mitigate md-add-a-new-callback-pers-bitmap_sector.patch,
which was a git-fix.
- commit f999b84
- scsi: lpfc: Copyright updates for 14.4.0.9 patches
(bsc#1242993).
- scsi: lpfc: Update lpfc version to 14.4.0.9 (bsc#1242993).
- scsi: lpfc: Create lpfc_vmid_info sysfs entry (bsc#1242993).
- scsi: lpfc: Avoid potential ndlp use-after-free in
dev_loss_tmo_callbk (bsc#1242993).
- scsi: lpfc: Prevent failure to reregister with NVMe transport
after PRLI retry (bsc#1242993).
- scsi: lpfc: Restart eratt_poll timer if HBA_SETUP flag still
unset (bsc#1242993).
- scsi: lpfc: Notify FC transport of rport disappearance during
PCI fcn reset (bsc#1242993).
- scsi: lpfc: Fix lpfc_check_sli_ndlp() handling for GEN_REQUEST64
commands (bsc#1242993).
- scsi: lpfc: Fix spelling mistake 'Toplogy' -> 'Topology'
(bsc#1242993).
- scsi: lpfc: Convert timeouts to secs_to_jiffies() (bsc#1242993).
- jiffies: Cast to unsigned long in secs_to_jiffies() conversion
(bsc#1242993).
- scsi: lpfc: convert timeouts to secs_to_jiffies() (bsc#1242993).
- jiffies: Define secs_to_jiffies() (bsc#1242993).
- commit 25c902e
- bpf: Scrub packet on bpf_redirect_peer (git-fixes).
- commit b9aeef5
- powercap: intel_rapl: Fix locking in TPMI RAPL (git-fixes).
- Refresh patches.kabi/power-cap-kabi-workaround.patch.
- Refresh
patches.suse/powercap-intel_rapl-Introduce-APIs-for-PMU-support.patch.
- commit 7773e64
- tcp_bpf: Charge receive socket buffer in bpf_tcp_ingress()
(git-fixes).
- commit 813fc9a
- xsk: Don't assume metadata is always requested in TX completion
(git-fixes).
- commit dda0558
- media: videobuf2: Add missing doc comment for waiting_in_dqbuf
(git-fixes).
- commit 75cff49
- scsi: lpfc: Use memcpy() for BIOS version (bsc#1240966).
- commit 55b4352
- check-for-config-changes: Fix flag name typo
- commit 1046b16
- usb: typec: class: Invalidate USB device pointers on partner
unregistration (git-fixes).
- commit 205050a
- Revert "rndis_host: Flag RNDIS modems as WWAN devices"
(git-fixes).
- commit 01b3feb
- netfilter: socket: Lookup orig tuple for IPv6 SNAT
(CVE-2025-22021 bsc#1241282).
- commit 31e1ce9
- sched/fair: Fix potential memory corruption in
child_cfs_rq_on_list (CVE-2025-21919 bsc#1240593).
- commit d264620
- Input: xpad - fix two controller table values (git-fixes).
- Input: mtk-pmic-keys - fix possible null pointer dereference
(git-fixes).
- Input: cyttsp5 - ensure minimum reset pulse width (git-fixes).
- commit bd45eeb
- md: add a new callback pers->bitmap_sector() (git-fixes).
- Refresh patches.kabi/md-md_personality-workaround.patch.
- commit a7e1668
- Move upstreamed sound patch into sorted section
- commit 3442d03
- usb: usbtmc: Fix erroneous generic_read ioctl return
(git-fixes).
- usb: usbtmc: Fix erroneous wait_srq ioctl return (git-fixes).
- usb: usbtmc: Fix erroneous get_stb ioctl error returns
(git-fixes).
- usb: typec: tcpm: delay SNK_TRY_WAIT_DEBOUNCE to SRC_TRYWAIT
transition (git-fixes).
- USB: usbtmc: use interruptible sleep in usbtmc_read (git-fixes).
- usb: cdnsp: fix L1 resume issue for RTL_REVISION_NEW_LPM version
(git-fixes).
- usb: typec: ucsi: displayport: Fix NULL pointer access
(git-fixes).
- usb: uhci-platform: Make the clock really optional (git-fixes).
- usb: gadget: Use get_status callback to set remote wakeup
capability (git-fixes).
- usb: gadget: f_ecm: Add get_status callback (git-fixes).
- usb: host: tegra: Prevent host controller crash when OTG port
is used (git-fixes).
- usb: gadget: tegra-xudc: ACK ST_RC after clearing CTRL_RUN
(git-fixes).
- staging: axis-fifo: Remove hardware resets for user errors
(git-fixes).
- staging: axis-fifo: Correct handling of tx_fifo_depth for size
validation (git-fixes).
- iio: adis16201: Correct inclinometer channel resolution
(git-fixes).
- iio: adc: ad7606: fix serial register access (git-fixes).
- staging: iio: adc: ad7816: Correct conditional logic for store
mode (git-fixes).
- iio: temp: maxim-thermocouple: Fix potential lack of DMA safe
buffer (git-fixes).
- iio: imu: st_lsm6dsx: fix possible lockup in
st_lsm6dsx_read_tagged_fifo (git-fixes).
- iio: imu: st_lsm6dsx: fix possible lockup in
st_lsm6dsx_read_fifo (git-fixes).
- iio: accel: adxl367: fix setting odr for activity time update
(git-fixes).
- drm/amdgpu/hdp5.2: use memcfg register to post the write for
HDP flush (git-fixes).
- drm/amd/display: Fix wrong handling for AUX_DEFER case
(git-fixes).
- drm/amd/display: Copy AUX read reply data whenever length >
0 (git-fixes).
- drm/amd/display: Remove incorrect checking in dmub aux handler
(git-fixes).
- drm/amd/display: Shift DMUB AUX reply command if necessary
(git-fixes).
- drm/panel: simple: Update timings for AUO G101EVN010
(git-fixes).
- wifi: cfg80211: fix out-of-bounds access during multi-link
element defragmentation (git-fixes).
- can: gw: fix RCU/BH usage in cgw_create_job() (git-fixes).
- can: mcan: m_can_class_unregister(): fix order of unregistration
calls (git-fixes).
- can: mcp251xfd: mcp251xfd_remove(): fix order of unregistration
calls (git-fixes).
- can: mcp251xfd: fix TDC setting for low data bit rates
(git-fixes).
- irqchip/qcom-mpm: Prevent crash when trying to handle non-wake
GPIOs (git-fixes).
- ALSA: usb-audio: Add second USB ID for Jabra Evolve 65 headset
(stable-fixes).
- ALSA: usb-audio: Add retry on -EPROTO from usb_set_interface()
(stable-fixes).
- drm/amd/display: Fix slab-use-after-free in hdcp (git-fixes).
- platform/x86/amd: pmc: Require at least 2.5 seconds between
HW sleep cycles (stable-fixes).
- drm/amd/display: Add scoped mutexes for amdgpu_dm_dhcp
(stable-fixes).
- ASoC: soc-core: Stop using of_property_read_bool() for
non-boolean properties (stable-fixes).
- ASoC: Use of_property_read_bool() (stable-fixes).
- xhci: Clean up stale comment on ERST_SIZE macro (stable-fixes).
- commit 9628f1b
- dm: fix copying after src array boundaries (git-fixes).
- commit 10c16a9
- dm: add missing unlock on in dm_keyslot_evict() (git-fixes).
- commit a94a8c2
- net: decrease cached dst counters in dst_release (CVE-2025-22057
bsc#1241533).
- commit 1da248f
- net: mctp: Set SOCK_RCU_FREE (CVE-2025-37790 bsc#1242509).
- commit cedbf4f
- net_sched: hfsc: Fix a UAF vulnerability in class handling
(CVE-2025-37797 bsc#1242417).
- commit 5c832c4
- powerpc/pseries/iommu: create DDW for devices with DMA mask
less than 64-bits (bsc#1239691 bsc#1243044 ltc#212555).
- commit d9959ab
- codel: remove sch->q.qlen check before
qdisc_tree_reduce_backlog() (CVE-2025-37798 bsc#1242414).
- commit 8fb5816
- Update
patches.suse/net-smc-initialize-close_work-early-to-avoid-warning.patch
(CVE-2024-56641 bsc#1235526 bsc#1242985).
- commit d393a0f
- mptcp: fix NULL pointer in can_accept_new_subflow
(CVE-2025-23145 bsc#1242596).
- mptcp: relax check on MPC passive fallback (git-fixes).
- mptcp: refine opt_mp_capable determination (git-fixes).
- mptcp: use OPTION_MPTCP_MPJ_SYN in subflow_check_req()
(git-fixes).
- mptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect()
(git-fixes CVE-2024-35840 bsc#1224597).
- mptcp: strict validation before using mp_opt->hmac (git-fixes).
- commit b0b581d
- mptcp: mptcp_parse_option() fix for MPTCPOPT_MP_JOIN
(git-fixes).
- blacklist.conf:
- remove the entry for commit be1d9d9d38da which was blacklisted as not
needed because of absence of this backport
- commit 07c39d4
- ax25: Remove broken autobind (CVE-2025-22109 bsc#1241573).
- commit 9a9abc7
- udp: Fix memory accounting leak (CVE-2025-22058 bsc#1241332).
- commit 6a0c03a
- perf: arm_cspmu: nvidia: monitor all ports by default (bsc#1242172)
- commit bf5ce56
- perf: arm_cspmu: nvidia: enable NVLINK-C2C port filtering (bsc#1242172)
- commit d976f98
- perf: arm_cspmu: nvidia: fix sysfs path in the kernel doc (bsc#1242172)
- commit bcf5e61
- perf: arm_cspmu: nvidia: remove unsupported SCF events (bsc#1242172)
- commit 4647012
- x86/ibt: Keep IBT disabled during alternative patching (bsc#1242006 CVE-2024-28956).
- commit fac02ba
- x86/its: Align RETs in BHB clear sequence to avoid thunking (bsc#1242006 CVE-2024-28956).
- commit 909407f
- x86/its: Add support for RSB stuffing mitigation (bsc#1242006 CVE-2024-28956).
- commit 42d05af
- x86/its: Add "vmexit" option to skip mitigation on some CPUs (bsc#1242006 CVE-2024-28956).
- commit cefce67
- x86/its: Enable Indirect Target Selection mitigation (bsc#1242006 CVE-2024-28956).
- commit 6720dce
- x86/its: Add support for ITS-safe return thunk (bsc#1242006 CVE-2024-28956).
- commit b904ebb
- watch_queue: fix pipe accounting mismatch (CVE-2025-23138 bsc#1241648).
- commit 53d2fbb
- x86/its: Add support for ITS-safe indirect thunk (bsc#1242006 CVE-2024-28956).
- commit 73d0713
- x86/its: Enumerate Indirect Target Selection (ITS) bug (bsc#1242006 CVE-2024-28956).
- commit 0ceddfb
- Documentation: x86/bugs/its: Add ITS documentation (bsc#1242006 CVE-2024-28956).
- commit 8fd974a
- vmxnet3: Fix malformed packet sizing in vmxnet3_process_xdp
(CVE-2025-37799 bsc#1242283).
- commit f53c65a
- btrfs: always fallback to buffered write if the inode requires
checksum (bsc#1242831 bsc#1242710).
- commit fd92bec
- x86/bhi: Do not set BHI_DIS_S in 32-bit mode (bsc#1242778).
- x86/bpf: Add IBHF call at end of classic BPF (bsc#1242778).
- x86/bpf: Call branch history clearing sequence on exit
(bsc#1242778).
- x86/bhi: Do not set BHI_DIS_S in 32-bit mode (bsc#1242778).
- x86/bpf: Add IBHF call at end of classic BPF (bsc#1242778).
- x86/bpf: Call branch history clearing sequence on exit
(bsc#1242778).
- commit 528b9b5
- jbd2: increase IO priority for writing revoke records
(bsc#1242332).
- commit a27757f
- Bluetooth: btnxpuart: Fix kernel panic during FW release
(bsc#1241456 CVE-2025-22102).
- commit 9e6b312
- Bluetooth: btnxpuart: Remove check for CTS low after FW download
(bsc#1241456 CVE-2025-22102).
- commit 43b7feb
- firmware: arm_ffa: Skip Rx buffer ownership release if not
acquired (git-fixes).
- firmware: arm_scmi: Balance device refcount when destroying
devices (git-fixes).
- commit e6126fe
- ext4: goto right label 'out_mmap_sem' in ext4_setattr()
(bsc#1242556).
- commit f73dc04
- mm: fix filemap_get_folios_contig returning batches of identical
folios (bsc#1242327).
- commit ab60c72
- mm: fix error handling in __filemap_get_folio() with FGP_NOWAIT
(bsc#1242326).
- commit eefd306
- mm/readahead: fix large folio support in async readahead
(bsc#1242321).
- commit ca8ae9b
- mm: fix oops when filemap_map_pmd() without prealloc_pte
(bsc#1242546).
- commit d84ed9f
- udf: Fix inode_getblk() return value (bsc#1242313).
- commit 083cf55
- udf: Verify inode link counts before performing rename
(bsc#1242314).
- commit 8e7cda1
- udf: Skip parent dir link count update if corrupted
(bsc#1242315).
- commit 94318f0
- ext4: fix FS_IOC_GETFSMAP handling (bsc#1240557).
- commit 531b964
- ext4: make block validity check resistent to sb bh corruption
(bsc#1242348).
- commit 12e4947
- ext4: don't treat fhandle lookup of ea_inode as FS corruption
(bsc#1242347).
- commit 3337bde
- jbd2: add a missing data flush during file and fs
synchronization (bsc#1242346).
- commit 0ebdf6c
- ext4: don't over-report free space or inodes in statvfs
(bsc#1242345).
- commit c197ee4
- jbd2: fix off-by-one while erasing journal (bsc#1242344).
- commit 362ca97
- jbd2: remove wrong sb->s_sequence check (bsc#1242343).
- commit b288b9a
- ext4: add missing brelse() for bh2 in ext4_dx_add_entry()
(bsc#1242342).
- commit 8643d9f
- ext4: protect ext4_release_dquot against freezing (bsc#1242335).
- commit 532c985
- jbd2: flush filesystem device before updating tail sequence
(bsc#1242333).
- commit 79495ff
- ext4: partial zero eof block on unaligned inode size extension
(bsc#1242336).
- commit 992adfb
- ext4: correct encrypted dentry name hash when not casefolded
(bsc#1242540).
- commit 71bfc00
- ext4: treat end of range as exclusive in ext4_zero_range()
(bsc#1242539).
- commit 8950964
- ext4: unify the type of flexbg_size to unsigned int
(bsc#1242538).
Refresh: patches.suse/ext4-avoid-online-resizing-failures-due-to-oversized.patch
- commit 9b599f9
- jbd2: increase the journal IO's priority (bsc#1242537).
- commit 65fd6c7
- ext4: replace the traditional ternary conditional operator
with with max()/min() (bsc#1242536).
Refresh patches.suse/ext4-move-setting-of-trimmed-bit-into-ext4_try_to_tr.patch
Refresh patches.suse/ext4-fix-inconsistent-between-segment-fstrim-and-ful.patch
- commit 9de0d03
- splice: remove duplicate noinline from pipe_clear_nowait
(bsc#1242328).
- commit 8a9c110
- fs: consistently deref the files table with
rcu_dereference_raw() (bsc#1242535).
- commit 0f7e4fb
- fs: support relative paths with FSCONFIG_SET_STRING (git-fixes).
- commit 51930da
- vfs: don't mod negative dentry count when on shrinker list
(bsc#1242534).
- commit 25c9c4a
- fs: better handle deep ancestor chains in is_subdir()
(bsc#1242528).
Refresh patches.suse/dcache-keep-dentry_hashtable-or-d_hash_shift-even-when-not.patch
- commit 42bc37f
- fs: don't allow non-init s_user_ns for filesystems without
FS_USERNS_MOUNT (bsc#1242526).
- commit 08659e8
- isofs: fix KMSAN uninit-value bug in do_isofs_readdir()
(bsc#1242307).
- commit 08eabe6
- Update
patches.suse/OPP-add-index-check-to-assert-to-avoid-buffer-overfl.patch
(bsc#1238961 CVE-2024-57998 bsc#1238527).
- Update
patches.suse/PCI-ASPM-Fix-link-state-exit-during-switch-upstream-.patch
(git-fixes CVE-2024-58093 bsc#1241347).
- Update
patches.suse/RDMA-erdma-Prevent-use-after-free-in-erdma_accept_ne.patch
(git-fixes CVE-2025-22088 bsc#1241528).
- Update
patches.suse/RDMA-mlx5-Fix-mlx5_poll_one-cur_qp-update-flow.patch
(git-fixes CVE-2025-22086 bsc#1241458).
- Update
patches.suse/acpi-nfit-fix-narrowing-conversion-in-acpi_nfit_ctl.patch
(git-fixes CVE-2025-22044 bsc#1241424).
- Update
patches.suse/arm64-Don-t-call-NULL-in-do_compat_alignment_fixup.patch
(git-fixes CVE-2025-22033 bsc#1241436).
- Update
patches.suse/bnxt_en-Mask-the-bd_cnt-field-in-the-TX-BD-properly.patch
(git-fixes CVE-2025-22108 bsc#1241574).
- Update
patches.suse/bpf-avoid-holding-freeze_mutex-during-mmap-operation.patch
(git-fixes CVE-2025-21853 bsc#1239476).
- Update
patches.suse/dlm-prevent-NPD-when-writing-a-positive-value-to-event_done.patch
(git-fixes CVE-2025-23131 bsc#1241601).
- Update
patches.suse/drm-amd-display-avoid-NPD-when-ASIC-does-not-support.patch
(git-fixes CVE-2025-22093 bsc#1241545).
- Update
patches.suse/drm-vkms-Fix-use-after-free-and-double-free-on-init-.patch
(git-fixes CVE-2025-22097 bsc#1241541).
- Update patches.suse/fou-fix-initialization-of-grc.patch
(CVE-2024-46763 bsc#1230764 CVE-2024-46865 bsc#1231103).
- Update
patches.suse/idpf-check-error-for-register_netdev-on-init.patch
(git-fixes CVE-2025-22116 bsc#1241459).
- Update
patches.suse/idpf-fix-adapter-NULL-pointer-dereference-on-reboot.patch
(git-fixes CVE-2025-22065 bsc#1241333).
- Update
patches.suse/jfs-add-check-read-only-before-truncation-in-jfs_truncate_nolock.patch
(git-fixes CVE-2024-58094 bsc#1241443).
- Update
patches.suse/jfs-add-check-read-only-before-txBeginAnon-call.patch
(git-fixes CVE-2024-58095 bsc#1241442).
- Update
patches.suse/media-streamzap-fix-race-between-device-disconnectio.patch
(git-fixes CVE-2025-22027 bsc#1241369).
- Update
patches.suse/net-Add-rx_skb-of-kfree_skb-to-raw_tp_null_args.patch
(bsc#1235501 CVE-2024-56702 CVE-2025-21852 bsc#1239487).
- Update
patches.suse/netfilter-br_netfilter-skip-conntrack-input-hook-for.patch
(CVE-2024-27415 bsc#1224757 CVE-2024-27018 bsc#1223809).
- Update
patches.suse/nfsd-put-dl_stid-if-fail-to-queue-dl_recall.patch
(git-fixes CVE-2025-22025 bsc#1241361).
- Update
patches.suse/ntb_hw_switchtec-Fix-shift-out-of-bounds-in-switchte.patch
(git-fixes CVE-2023-53034 bsc#1241341).
- Update
patches.suse/ocfs2-handle-a-symlink-read-error-correctly.patch
(git-fixes CVE-2024-58001 bsc#1239079).
- Update
patches.suse/rtnetlink-Allocate-vfinfo-size-for-VF-GUIDs-when-sup.patch
(bsc#1224013 CVE-2025-22075 bsc#1241402).
- Update
patches.suse/sctp-add-mutual-exclusion-in-proc_sctp_do_udp_port.patch
(git-fixes CVE-2025-22062 bsc#1241412).
- Update
patches.suse/tcp-fix-mptcp-DSS-corruption-due-to-large-pmtu-xmit.patch
(git-fixes CVE-2024-50083 bsc#1232493).
- Update
patches.suse/thermal-int340x-Add-NULL-check-for-adev.patch
(git-fixes CVE-2025-23136 bsc#1241357).
- Update patches.suse/usbnet-fix-NPE-during-rx_complete.patch
(git-fixes CVE-2025-22050 bsc#1241441).
- Update
patches.suse/wifi-ath11k-Clear-affinity-hint-before-calling-ath11.patch
(git-fixes CVE-2025-23129 bsc#1241599).
- Update
patches.suse/wifi-ath11k-add-srng-lock-for-ath11k_hal_srng_-in-mo.patch
(git-fixes CVE-2024-58096 bsc#1241344).
- Update
patches.suse/wifi-ath11k-fix-RCU-stall-while-reaping-monitor-dest.patch
(git-fixes CVE-2024-58097 bsc#1241343).
- Update
patches.suse/wifi-ath12k-Clear-affinity-hint-before-calling-ath12.patch
(git-fixes CVE-2025-22128 bsc#1241598).
- commit a961a1a
- cifs: Fix integer overflow while processing actimeo mount option
(git-fixes).
- commit 747d942
- iommu: Fix two issues in iommu_copy_struct_from_user()
(git-fixes).
- commit 7b79fa9
- cifs: Fix integer overflow while processing acdirmax mount
option (CVE-2025-21963 bsc#1240717).
- commit 5907e46
- cifs: Fix integer overflow while processing acregmax mount
option (CVE-2025-21964 bsc#1240740).
- commit a723b7b
- cifs: Fix integer overflow while processing closetimeo mount
option (CVE-2025-21962 bsc#1240655).
- commit 03a43b4
- ipv6: Align behavior across nexthops during path selection
(git-fixes).
- commit c1801e4
- ipv6: Do not consider link down nexthops in path selection
(git-fixes).
- commit c7408d3
- ipv6: Start path selection from the first nexthop (git-fixes).
- commit 89a7c1d
- ipv6: fix omitted netlink attributes when using
RTEXT_FILTER_SKIP_STATS (git-fixes).
- commit 63ac763
- net: ipv6: ioam6: fix lwtunnel_output() loop (git-fixes).
- commit d329fe5
- net: Handle napi_schedule() calls from non-interrupt
(git-fixes).
- commit 27001ca
- net: Clear old fragment checksum value in napi_reuse_skb
(git-fixes).
- commit 36040d5
- net: set the minimum for net_hotdata.netdev_budget_usecs
(git-fixes).
- commit 03bb287
- net: loopback: Avoid sending IP packets without an Ethernet
header (git-fixes).
- commit dd85a8e
- arp: switch to dev_getbyhwaddr() in arp_req_set_public()
(git-fixes).
- commit c36d7e7
- net: Add non-RCU dev_getbyhwaddr() helper (git-fixes).
- commit 6130cc5
- ipv4: icmp: convert to dev_net_rcu() (git-fixes).
Refresh
patches.suse/neighbour-use-RCU-protection-in-__neigh_notify.patch.
- commit 00da98f
- tcp_cubic: fix incorrect HyStart round start detection
(git-fixes).
- commit 77808b8
- inetpeer: update inetpeer timestamp in inet_getpeer()
(git-fixes).
- commit 7d98688
- inetpeer: remove create argument of inet_getpeer_v()
(git-fixes).
- commit 04075c2
- net: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets
(git-fixes).
- commit 1ffaea2
- netdev-genl: avoid empty messages in queue dump (git-fixes).
- commit ae9dffe
- netdev: fix repeated netlink messages in queue dump (git-fixes).
- commit 6c79c90
- net/ipv6: delete temporary address if mngtmpaddr is removed
or unmanaged (git-fixes).
- commit aae6c2b
- ipv4: Convert icmp_route_lookup() to dscp_t (git-fixes).
- commit b7e7154
- bpf: Fix mismatched RCU unlock flavour in bpf_out_neigh_v6
(git-fixes).
- commit 9c53099
- net: skip offload for NETIF_F_IPV6_CSUM if ipv6 header contains
extension (git-fixes).
- commit 8c8e363
- ipv4: give an IPv4 dev to blackhole_netdev (git-fixes).
- commit 35af4c9
- ipv4: ip_gre: Fix drops of small packets in ipgre_xmit
(git-fixes).
- commit eb58d27
- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_xmit()
(git-fixes).
- commit fb13652
- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_md_tunnel_xmit()
(git-fixes).
- commit a16177c
- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_bind_dev()
(git-fixes).
- commit a416975
- ipv4: icmp: Unmask upper DSCP bits in icmp_route_lookup()
(git-fixes).
Refresh
patches.kabi/icmp-prevent-possible-NULL-dereferences-from-icmp_bu.patch.
- commit 8dafbf4
- netpoll: Ensure clean state on setup failures (git-fixes).
- commit 0ebd5d5
- neighbour: delete redundant judgment statements (git-fixes).
- commit a855a28
- ipv4: icmp: Pass full DS field to ip_route_input() (git-fixes).
- commit c879486
- ipv4: Mask upper DSCP bits and ECN bits in NETLINK_FIB_LOOKUP
family (git-fixes).
- commit bfb1a66
- ipv4: Check !in_dev earlier for ioctl(SIOCSIFADDR) (git-fixes).
- commit 1a4319d
- ipv4: Fix incorrect source address in Record Route option
(git-fixes).
- commit ea09844
- ipv4: fix source address selection with route leak (git-fixes).
- commit 4c63285
- net/ipv6: Fix the RT cache flush via sysctl using a previous
delay (git-fixes).
- commit 78196a9
- net/ipv6: Fix route deleting failure when metric equals 0
(git-fixes).
- commit 33d3163
- ipv4/route: avoid unused-but-set-variable warning (git-fixes).
- commit a1c159a
- ipv4: raw: Fix sending packets from raw sockets via IPsec
tunnels (git-fixes).
- commit a22baf9
- xsk: Add truesize to skb_add_rx_frag() (git-fixes).
- commit e531eb3
- Fix write to cloned skb in ipv6_hop_ioam() (git-fixes).
- commit cc7dcb3
- ipv4: properly combine dev_base_seq and ipv4.dev_addr_genid
(git-fixes).
- commit b93126f
- net: gro: parse ipv6 ext headers without frag0 invalidation
(git-fixes).
- commit d47a0d9
- net: don't dump stack on queue timeout (git-fixes).
- commit ef7367c
- net: Implement missing SO_TIMESTAMPING_NEW cmsg support
(git-fixes).
- commit a28cbd8
- net: Remove acked SYN flag from packet in the transmit queue
correctly (git-fixes).
- commit 3f2806c
- ipv4: ip_gre: Avoid skb_pull() failure in ipgre_xmit()
(git-fixes).
- commit 2190f85
- mptcp: consolidate suboption status (CVE-2025-21707
bsc#1238862).
- commit 18d9efe
- powerpc: Don't use --- in kernel logs (git-fixes).
- commit df3b280
- tools/hv: update route parsing in kvp daemon (git-fixes).
- commit 2e81126
- bpf: Fix bpf_sk_select_reuseport() memory leak (bsc#1236704
CVE-2025-21683).
- commit e163503
- i2c: imx-lpi2c: Fix clock count when probe defers (git-fixes).
- ASoC: soc-pcm: Fix hw_params() and DAPM widget sequence
(git-fixes).
- ALSA: hda/realtek: Fix built-mic regression on other ASUS models
(git-fixes).
- ALSA: hda/realtek - Enable speaker for HP platform (git-fixes).
- commit 5b6152a
- spi: tegra114: Don't fail set_cs_timing when delays are zero
(git-fixes).
- drm/i915/pxp: fix undefined reference to
`intel_pxp_gsccs_is_ready_for_sessions' (git-fixes).
- drm: Select DRM_KMS_HELPER from DRM_DEBUG_DP_MST_TOPOLOGY_REFS
(git-fixes).
- drm/fdinfo: Protect against driver unbind (git-fixes).
- drm/nouveau: Fix WARN_ON in nouveau_fence_context_kill()
(git-fixes).
- drm/amd/display: Force full update in gpu reset (stable-fixes).
- ata: libata-scsi: Improve CDL control (git-fixes).
- ata: libata-scsi: Fix ata_msense_control_ata_feature()
(git-fixes).
- ata: libata-scsi: Fix ata_mselect_control_ata_feature() return
type (git-fixes).
- USB: serial: simple: add OWON HDS200 series oscilloscope support
(stable-fixes).
- USB: serial: ftdi_sio: add support for Abacus Electrics Optical
Probe (stable-fixes).
- USB: serial: option: add Sierra Wireless EM9291 (stable-fixes).
- usb: quirks: Add delay init quirk for SanDisk 3.2Gen1 Flash
Drive (stable-fixes).
- USB: VLI disk crashes if LPM is used (stable-fixes).
- USB: storage: quirk for ADATA Portable HDD CH94 (stable-fixes).
- usb: quirks: add DELAY_INIT quirk for Silicon Motion Flash Drive
(stable-fixes).
- USB: OHCI: Add quirk for LS7A OHCI controller (rev 0x02)
(stable-fixes).
- mei: me: add panther lake H DID (stable-fixes).
- spi: tegra210-quad: add rate limiting and simplify timeout
error message (stable-fixes).
- spi: tegra210-quad: use WARN_ON_ONCE instead of WARN_ON for
timeouts (stable-fixes).
- ACPI: EC: Set ec_no_wakeup for Lenovo Go S (stable-fixes).
- ACPI PPTT: Fix coding mistakes in a couple of sizeof() calls
(stable-fixes).
- ntb_hw_amd: Add NTB PCI ID for new gen CPU (stable-fixes).
- ntb: reduce stack usage in idt_scan_mws (stable-fixes).
- rtc: pcf85063: do a SW reset if POR failed (stable-fixes).
- thunderbolt: Scan retimers after device router has been
enumerated (stable-fixes).
- usb: host: xhci-plat: mvebu: use ->quirks instead of
- >init_quirk() func (stable-fixes).
- usb: gadget: aspeed: Add NULL pointer check in
ast_vhub_init_dev() (stable-fixes).
- usb: dwc3: gadget: Avoid using reserved endpoints on Intel
Merrifield (stable-fixes).
- usb: dwc3: gadget: Refactor loop to avoid NULL endpoints
(stable-fixes).
- usb: host: max3421-hcd: Add missing spi_device_id table
(stable-fixes).
- sound/virtio: Fix cancel_sync warnings on uninitialized
work_structs (stable-fixes).
- dmaengine: dmatest: Fix dmatest waiting less when interrupted
(stable-fixes).
- iio: adc: ad7768-1: Fix conversion result sign (git-fixes).
- iio: adc: ad7768-1: Move setting of val a bit later to avoid
unnecessary return value check (stable-fixes).
- pinctrl: renesas: rza2: Fix potential NULL pointer dereference
(stable-fixes).
- crypto: ccp - Add support for PCI device 0x1134 (stable-fixes).
- auxdisplay: hd44780: Fix an API misuse in hd44780.c (git-fixes).
- auxdisplay: hd44780: Convert to platform remove callback
returning void (stable-fixes).
- commit fe3cf03
- net: dsa: sja1105: fix kasan out-of-bounds warning in sja1105_table_delete_entry() (CVE-2025-22107 bsc#1241575)
- commit 673084b
- ibmvnic: Use kernel helpers for hex dumps (CVE-2025-22104 bsc#1241550)
- commit 44ef4eb
- dm: always update the array size in realloc_argv on success
(git-fixes).
- commit 80e573b
- dm-bufio: don't schedule in atomic context (git-fixes).
- commit 59b9988
- dm-ebs: fix prefetch-vs-suspend race (git-fixes).
- commit 89effad
- dm-verity: fix prefetch-vs-suspend race (git-fixes).
- commit 6899d31
- dm-integrity: set ti->error on memory allocation failure
(git-fixes).
- commit 3c1b2c7
- netfilter: nf_tables: don't unregister hook when table is
dormant (CVE-2025-22064 bsc#1241413).
- commit 3c82332
- net: ipv6: fix UDPv6 GSO segmentation with NAT (git-fixes).
- commit a110462
- net_sched: qfq: Fix double list add in class with netem as
child qdisc (git-fixes).
- commit 8e1bbd0
- net_sched: ets: Fix double list add in class with netem as
child qdisc (git-fixes).
- commit 2e9fa99
- net_sched: hfsc: Fix a UAF vulnerability in class with netem
as child qdisc (git-fixes).
- commit 3f5a489
- net_sched: drr: Fix double list add in class with netem as
child qdisc (git-fixes).
- commit 4947830
- ax25: Fix refcount leak caused by setting SO_BINDTODEVICE
sockopt (CVE-2025-21792 bsc#1238745).
- commit 2ffce83
- ipv6: mcast: add RCU protection to mld_newpack() (CVE-2025-21758
bsc#1238737).
- commit 4b8b3e5
- Bluetooth: btusb: avoid NULL pointer dereference in
skb_dequeue() (git-fixes).
- wifi: brcm80211: fmac: Add error handling for
brcmf_usb_dl_writeimage() (git-fixes).
- wifi: plfxlc: Remove erroneous assert in plfxlc_mac_release
(git-fixes).
- commit 470cfc0
- net: ipv6: fix dst ref loops in rpl, seg6 and ioam6 lwtunnels
(CVE-2025-21768 bsc#1238714).
- commit ed713b9
- kABI workaround struct rcu_head and ax25_ptr (CVE-2025-21812
bsc#1238471).
- commit 714a2d7
- btrfs: fix block group refcount race in
btrfs_create_pending_block_groups() (bsc#1241578
CVE-2025-22115).
- commit 1f7a10d
- Refresh
patches.kabi/kabi-fix-for-bpf-Prevent-tailcall-infinite-loop-caus.patch.
Piggyback kABI workaround for "struct bpf_subprog_info" for upstream
commit 51081a3f25c7 "bpf: track changes_pkt_data property for global
functions".
- commit bf7c4bc
- Add missing bugzilla references (CVE-2025-22105 bsc#1241548 CVE-2025-37860 bsc#1241452)
- commit 00ec2e2
- atm: Fix NULL pointer dereference (CVE-2025-22018 bsc#1241266)
- commit 8ef48c7
- bpf: bpf_local_storage: Always use bpf_mem_alloc in PREEMPT_RT (CVE-2024-58070 bsc#1238983)
- commit 335e132
- iommu/vt-d: Avoid use of NULL after WARN_ON_ONCE (CVE-2025-21833, bsc#1239108).
- commit 069abee
- sfc: fix NULL dereferences in ef100_process_design_param()
(CVE-2025-37860).
- net: mvpp2: Prevent parser TCAM memory corruption
(CVE-2025-22060 bsc#1241526).
- bonding: check xdp prog when set bond mode (CVE-2025-22105).
- bonding: return detailed error when loading native XDP fails
(CVE-2025-22105).
- commit 1110c2d
- ALSA: ump: Fix buffer overflow at UMP SysEx message conversion
(bsc#1242044).
- commit 43160c9
- Correct the upsteram version numbers in the previous patches
- commit 6f72baf
- mmc: renesas_sdhi: Fix error handling in renesas_sdhi_probe
(git-fixes).
- platform/x86/intel-uncore-freq: Fix missing uncore sysfs during
CPU hotplug (git-fixes).
- commit f912ebf
- Require zstd in kernel-default-devel when module compression is zstd
To use ksym-provides tool modules need to be uncompressed.
Without zstd at least kernel-default-base does not have provides.
Link: https://github.com/openSUSE/rpm-config-SUSE/pull/82
- commit a3262dd
- net: ibmveth: make veth_pool_store stop hanging (CVE-2025-22053
bsc#1241373).
- commit 509c07e
- powerpc/boot: Fix dash warning (bsc#1215199).
- commit aeb4455
- exec: fix the racy usage of fs_struct->in_exec (CVE-2025-22029
bsc#1241378).
- commit f780e88
- x86/mm: Fix flush_tlb_range() when used for zapping normal PMDs
(CVE-2025-22045 bsc#1241433).
- commit 1e24dab
- powerpc/boot: Check for ld-option support (bsc#1215199).
- commit 333e1e5
- selftests/bpf: extend changes_pkt_data with cases w/o
subprograms (bsc#1241590).
- bpf: fix null dereference when computing changes_pkt_data of
prog w/o subprogs (bsc#1241590).
- selftests/bpf: validate that tail call invalidates packet
pointers (bsc#1241590).
- bpf: consider that tail calls invalidate packet pointers
(bsc#1241590).
- selftests/bpf: freplace tests for tracking of
changes_packet_data (bsc#1241590).
- bpf: check changes_pkt_data property for extension programs
(bsc#1241590).
- Refresh patches.kabi/kabi-fix-for-bpf-Prevent-tailcall-infinite-loop-caus.patch
- selftests/bpf: test for changing packet data from global
functions (bsc#1241590).
- bpf: track changes_pkt_data property for global functions
(bsc#1241590).
- bpf: refactor bpf_helper_changes_pkt_data to use helper number
(bsc#1241590).
- bpf: add find_containing_subprog() utility function
(bsc#1241590).
- commit e531d2b
- Update
patches.suse/memstick-rtsx_usb_ms-Fix-slab-use-after-free-in-rtsx.patch
(bsc#1241280 CVE-2025-22020).
Added CVE reference
- commit 80d99d3
- Fixup breakage in ext2 introduced by backporting in:
patches.suse/ext2-Avoid-reading-renamed-directory-if-parent-does-.patch.
- commit b7c808a
- cxgb4: fix memory leak in cxgb4_init_ethtool_filters() error
path (git-fixes).
- eth: bnxt: fix missing ring index trim on error path
(git-fixes).
- igc: add lock preventing multiple simultaneous PTM transactions
(git-fixes).
- igc: cleanup PTP module if probe fails (git-fixes).
- igc: handle the IGC_PTP_ENABLED flag correctly (git-fixes).
- igc: move ktime snapshot into PTM retry loop (git-fixes).
- igc: increase wait time before retrying PTM (git-fixes).
- igc: fix PTM cycle trigger logic (git-fixes).
- idpf: fix adapter NULL pointer dereference on reboot
(git-fixes).
- e1000e: change k1 configuration on MTP and later platforms
(git-fixes).
- gve: handle overflow when reporting TX consumed descriptors
(git-fixes).
- net/mlx5e: SHAMPO, Make reserved size independent of page size
(git-fixes).
- vdpa/mlx5: Fix oversized null mkey longer than 32bit
(git-fixes).
- idpf: check error for register_netdev() on init (git-fixes).
- ice: stop truncating queue ids when checking (git-fixes).
- virtchnl: make proto and filter action count unsigned
(git-fixes).
- ice: fix reservation of resources for RDMA when disabled
(git-fixes).
- net/mlx5: Start health poll after enable hca (git-fixes).
- bnxt_en: Linearize TX SKB if the fragments exceed the max
(git-fixes).
- bnxt_en: Mask the bd_cnt field in the TX BD properly
(git-fixes).
- net/mlx5e: Fix ethtool -N flow-type ip4 to RSS context
(git-fixes).
- igb: reject invalid external timestamp requests for 82580-based
HW (git-fixes).
- net/mlx5e: Prevent bridge link show failure for
non-eswitch-allowed devices (git-fixes).
- net/mlx5: Lag, Check shared fdb before creating MultiPort
E-Switch (git-fixes).
- net/mlx5: Fill out devlink dev info only for PFs (git-fixes).
- net/mlx5: IRQ, Fix null string in debug print (git-fixes).
- gve: set xdp redirect target only when it is available
(git-fixes).
- ice: Add check for devm_kzalloc() (git-fixes).
- commit 8b3f5c6
- ext4: fix OOB read when checking dotdot dir (bsc#1241640
CVE-2025-37785).
- ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all()
(bsc#1241593 CVE-2025-22121).
- proc: fix UAF in proc_get_inode() (bsc#1240802 CVE-2025-21999).
- fs: relax assertions on failure to encode file handles
(bsc#1236086 CVE-2024-57924).
- commit 0e972d0
- net: gso: fix ownership in __udp_gso_segment (CVE-2025-21926
bsc#1240712).
- commit a0db76b
- jfs: add sanity check for agwidth in dbMount (git-fixes).
- commit 8faa28a
- jfs: Prevent copying of nlink with value 0 from disk inode
(git-fixes).
- commit eea1d40
- fs/jfs: Prevent integer overflow in AG size calculation
(git-fixes).
- commit fce66a4
- fs/jfs: cast inactags to s64 to prevent potential overflow
(git-fixes).
- commit 8b1cc16
- jfs: Fix uninit-value access of imap allocated in the diMount()
function (git-fixes).
- commit 5b527ae
- irqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode()
(git-fixes).
- drm/amd/display: Fix gpu reset in multidisplay config
(git-fixes).
- Revert "drm/meson: vclk: fix calculation of 59.94 fractional
rates" (git-fixes).
- commit 9f8b470
- block: integrity: Do not call set_page_dirty_lock() (git-fixes).
- loop: stop using vfs_iter_{read,write} for buffered I/O
(git-fixes).
- loop: LOOP_SET_FD: send uevents for partitions (git-fixes).
- loop: properly send KOBJ_CHANGED uevent for disk device
(git-fixes).
- block: fix resource leak in blk_register_queue() error path
(git-fixes).
- block: make sure ->nr_integrity_segments is cloned in
blk_rq_prep_clone (git-fixes).
- badblocks: fix missing bad blocks on retry in _badblocks_check()
(git-fixes).
- badblocks: fix merge issue when new badblocks align with pre+1
(git-fixes).
- badblocks: fix the using of MAX_BADBLOCKS (git-fixes).
- badblocks: return error if any badblock set fails (git-fixes).
- badblocks: return error directly when setting badblocks exceeds
512 (git-fixes).
- badblocks: Fix error shitf ops (git-fixes).
- blk-throttle: fix lower bps rate by throtl_trim_slice()
(git-fixes).
- block: change blk_mq_add_to_batch() third argument type to bool
(git-fixes).
- block: fix conversion of GPT partition name to 7-bit
(git-fixes).
- ublk: set_params: properly check if parameters can be applied
(git-fixes).
- block: fix 'kmem_cache of name 'bio-108' already exists'
(git-fixes).
- commit 607aa83
- drm/tests: Build KMS helpers when DRM_KUNIT_TEST_HELPERS is
enabled (git-fixes).
- commit 03063eb
- USB: wdm: add annotation (git-fixes).
- USB: wdm: wdm_wwan_port_tx_complete mutex in atomic context
(git-fixes).
- USB: wdm: close race between wdm_open and wdm_wwan_port_stop
(git-fixes).
- USB: wdm: handle IO errors in wdm_wwan_port_start (git-fixes).
- usb: dwc3: gadget: check that event count does not exceed
event buffer length (git-fixes).
- usb: dwc3: xilinx: Prevent spike in reset signal (git-fixes).
- usb: cdns3: Fix deadlock when using NCM gadget (git-fixes).
- usb: chipidea: ci_hdrc_imx: implement usb_phy_init() error
handling (git-fixes).
- usb: chipidea: ci_hdrc_imx: fix call balance of regulator
routines (git-fixes).
- serial: sifive: lock port in startup()/shutdown() callbacks
(git-fixes).
- serial: msm: Configure correct working mode before starting
earlycon (git-fixes).
- misc: microchip: pci1xxxx: Fix incorrect IRQ status handling
during ack (git-fixes).
- misc: microchip: pci1xxxx: Fix Kernel panic during IRQ handler
registration (git-fixes).
- string: Add load_unaligned_zeropad() code path to
sized_strscpy() (git-fixes).
- kunit: qemu_configs: SH: Respect kunit cmdline (git-fixes).
- Revert "wifi: mac80211: Update skb's control block key in
ieee80211_tx_dequeue()" (git-fixes).
- wifi: mac80211: Update skb's control block key in
ieee80211_tx_dequeue() (git-fixes).
- selftests/mm: generate a temporary mountpoint for cgroup
filesystem (git-fixes).
- selftests/futex: futex_waitv wouldblock test should fail
(git-fixes).
- phy: freescale: imx8m-pcie: assert phy reset and perst in
power off (git-fixes).
- PCI: vmd: Make vmd_dev::cfg_lock a raw_spinlock_t type
(stable-fixes).
- ktest: Fix Test Failures Due to Missing LOG_FILE Directories
(stable-fixes).
- wifi: mt76: mt76x2u: add TP-Link TL-WDN6200 ID to device table
(stable-fixes).
- wifi: ath12k: Fix invalid data access in
ath12k_dp_rx_h_undecap_nwifi (stable-fixes).
- wifi: ath12k: Fix invalid entry fetch in
ath12k_dp_mon_srng_process (stable-fixes).
- net: usb: asix_devices: add FiberGecko DeviceID (stable-fixes).
- media: uvcvideo: Add quirk for Actions UVC05 (stable-fixes).
- mmc: dw_mmc: add a quirk for accessing 64-bit FIFOs in two
halves (stable-fixes).
- pm: cpupower: bench: Prevent NULL dereference on malloc failure
(stable-fixes).
- commit b154b2c
- drm/tests: probe-helper: Fix drm_display_mode memory leak
(git-fixes).
- drm/tests: modes: Fix drm_display_mode memory leak (git-fixes).
- drm/tests: cmdline: Fix drm_display_mode memory leak
(git-fixes).
- drm/tests: helpers: Create kunit helper to destroy a
drm_display_mode (stable-fixes).
- drm/i915/gvt: fix unterminated-string-initialization warning
(stable-fixes).
- drm/i915: Disable RPG during live selftest (git-fixes).
- gpio: zynq: Fix wakeup source leaks on device unbind
(stable-fixes).
- drm/amd: Handle being compiled without SI or CIK support better
(stable-fixes).
- drm/mediatek: mtk_dpi: Explicitly manage TVD clock in power
on/off (stable-fixes).
- drm/mediatek: mtk_dpi: Move the input_2p_en bit to platform data
(stable-fixes).
- drm/amdgpu: handle amdgpu_cgs_create_device() errors in
amd_powerplay_create() (stable-fixes).
- drm/amdkfd: debugfs hang_hws skip GPU with MES (stable-fixes).
- drm/amdkfd: Fix pqm_destroy_queue race with GPU reset
(stable-fixes).
- drm/amdkfd: Fix mode1 reset crash issue (stable-fixes).
- drm/amdkfd: clamp queue size to minimum (stable-fixes).
- drm/amd/display: add workaround flag to link to force FFE preset
(stable-fixes).
- drm/bridge: panel: forbid initializing a panel with unknown
connector type (stable-fixes).
- drm: panel-orientation-quirks: Add quirk for OneXPlayer Mini
(Intel) (stable-fixes).
- drm: panel-orientation-quirks: Add new quirk for GPD Win 2
(stable-fixes).
- drm: panel-orientation-quirks: Add quirk for AYA NEO Slide
(stable-fixes).
- drm: panel-orientation-quirks: Add quirks for AYA NEO Flip DS
and KB (stable-fixes).
- drm: panel-orientation-quirks: Add support for AYANEO 2S
(stable-fixes).
- drm: allow encoder mode_set even when connectors change for crtc
(stable-fixes).
- fbdev: omapfb: Add 'plane' value check (stable-fixes).
- drm/tests: helpers: Fix compiler warning (git-fixes).
- drm/tests: helpers: Add helper for
drm_display_mode_from_cea_vic() (stable-fixes).
- drm/i915/dg2: wait for HuC load completion before running
selftests (stable-fixes).
- drm/tests: Add helper to create mock crtc (stable-fixes).
- commit a0a41da
- char: misc: register chrdev region with all possible minors
(git-fixes).
- Revert "drivers: core: synchronize really_probe() and
dev_uevent()" (stable-fixes).
- Bluetooth: l2cap: Process valid commands in too long frame
(stable-fixes).
- drivers: base: devres: Allow to release group on device release
(stable-fixes).
- Bluetooth: hci_uart: Fix another race during initialization
(git-fixes).
- Bluetooth: hci_uart: fix race during initialization
(stable-fixes).
- cdc_ether|r8152: ThinkPad Hybrid USB-C/A Dock quirk
(stable-fixes).
- ahci: add PCI ID for Marvell 88SE9215 SATA Controller
(stable-fixes).
- ASoC: amd: yc: update quirk data for new Lenovo model
(stable-fixes).
- ASoC: fsl_audmix: register card device depends on 'dais'
property (stable-fixes).
- ASoC: SOF: topology: Use krealloc_array() to replace krealloc()
(stable-fixes).
- ASoC: amd: Add DMI quirk for ACP6X mic support (stable-fixes).
- ALSA: usb-audio: Fix CME quirk for UF series keyboards
(stable-fixes).
- ALSA: hda: intel: Add Lenovo IdeaPad Z570 to probe denylist
(stable-fixes).
- ALSA: hda: intel: Fix Optimus when GPU has no sound
(stable-fixes).
- drm/tests: Add helper to create mock plane (stable-fixes).
- drm/tests: helpers: Add atomic helpers (stable-fixes).
- drm/i915/xelpg: Extend driver code of Xe_LPG to Xe_LPG+
(stable-fixes).
- commit 58c19a1
- Update
patches.suse/vmxnet3-unregister-xdp-rxq-info-in-the-reset-path.patch
(bsc#1241394 CVE-2025-22106 bsc#1241547).
- commit a998629
- mm: (un)track_pfn_copy() fix + doc improvements (CVE-2025-22090
bsc#1241537).
- commit 1ccdfdd
- x86/mm/pat: Fix VM_PAT handling when fork() fails in
copy_page_range() (CVE-2025-22090 bsc#1241537).
- commit f0ac623
- exfat: fix random stack corruption after get_block (bsc#1241426
CVE-2025-22036).
- commit 1f685c3
- exfat: do not fallback to buffered write (git-fixes).
- commit f7d2bc8
- exfat: drop ->i_size_ondisk (git-fixes).
- commit 9420be9
- fs/ntfs3: Prevent integer overflow in hdr_first_de()
(bsc#1241416 CVE-2025-22080).
- commit 401237e
- clk: samsung: Fix UBSAN panic in samsung_clk_init()
(CVE-2025-39728 bsc#1241626).
- commit 146debe
- net: phy: leds: fix memory leak (git-fixes).
- net: phy: microchip: force IRQ polling mode for lan88xx
(git-fixes).
- crypto: atmel-sha204a - Set hwrng quality to lowest possible
(git-fixes).
- commit 007e98d
- net: ethtool: Don't call .cleanup_data when prepare_data fails
(git-fixes).
- ethtool: Fix set RXNFC command with symmetric RSS hash
(git-fixes).
- ethtool: Fix wrong mod state in case of verbose and no_mask
bitset (git-fixes).
- ethtool: Fix context creation with no parameters (git-fixes).
- ethtool: fix setting key and resetting indir at once
(git-fixes).
- ethtool: rss: echo the context number back (git-fixes).
- net: ethtool: Fix RSS setting (git-fixes).
- ethtool: netlink: do not return SQI value if link is down
(git-fixes).
- ethtool: netlink: Add missing ethnl_ops_begin/complete
(git-fixes).
- ethtool: don't propagate EOPNOTSUPP from dumps (git-fixes).
- ethtool: plca: fix plca enable data type while parsing the value
(git-fixes).
- commit 6a09a48
- OPP: add index check to assert to avoid buffer overflow in _read_freq() (bsc#1238961)
- commit 2e43a01
- Test the correct macro to detect RT kernel build
Fixes: 470cd1a41502 ("kernel-binary: Support livepatch_rt with merged RT branch")
- commit 50e863e
- mm: clear uffd-wp PTE/PMD state on mremap() (bsc#1237111
CVE-2025-21696).
Refreshed:
patches.suse/mm-hugetlb-Add-huge-page-size-param-to-huge_ptep_get_and_clear.patch
- commit e18d57e
- bpf: Make sure internal and UAPI bpf_redirect flags don't
overlap (bsc#1233098 CVE-2024-50163).
- commit f73adfb
- bpf: selftests: send packet to devmap redirect XDP (bsc#1233075
CVE-2024-50162).
- bpf: devmap: provide rxq after redirect (bsc#1233075
CVE-2024-50162).
- commit efb272f
- mm: clear uffd-wp PTE/PMD state on mremap() (bsc#1237111
CVE-2025-21696).
Refreshed:
patches.suse/mm-hugetlb-Add-huge-page-size-param-to-huge_ptep_get_and_clear.patch
- commit 559ab65
- mm/migrate: fix shmem xarray update during migration
(CVE-2025-22015 bsc#1240944).
- commit 18f748b
- fou: fix initialization of grc (CVE-2024-46763 bsc#1230764).
- commit c144530
- kernel-source: Also update the search to match bin/env
Fixes: dc2037cd8f94 ("kernel-source: Also replace bin/env"
- commit bae6b69
- rpm/check-for-config-changes: Add GCC_ASM_FLAG_OUTPUT_BROKEN
Both spellings are actually used
- rpm/check-for-config-changes: Add GCC_ASM_FLAG_OUTPUT_BROKEN
- commit d9e0b30
- fou: Fix null-ptr-deref in GRO (CVE-2024-46763 bsc#1230764).
- commit 759f2a9
- hwpoison, memory_hotplug: lock folio before unmap hwpoisoned
folio (CVE-2025-21931 bsc#1240709).
- commit 1ece281
- net: fix geneve_opt length integer overflow (CVE-2025-22055
bsc#1241371).
- commit 45017c8
- PCI/MSI: Add an option to write MSIX ENTRY_DATA before any reads
(git-fixes).
- irqchip/davinci: Remove leftover header (git-fixes).
- tty: n_tty: use uint for space returned by tty_write_room()
(git-fixes).
- commit 2e047cb
- kABI fix for sctp: detect and prevent references to a freed
transport in sendmsg (git-fixes).
- commit ce43999
- wifi: ath11k: update channel list in reg notifier instead reg
worker (CVE-2025-23133 bsc#1241451).
- commit dfc599a
- exfat: short-circuit zero-byte writes in exfat_file_write_iter
(git-fixes).
- commit c31ee51
- exfat: fix soft lockup in exfat_clear_bitmap (git-fixes).
- commit 527ed08
- nfsd: decrease sc_count directly if fail to queue dl_recall
(git-fixes).
- commit 91b68ee
- nfs: add missing selections of CONFIG_CRC32 (git-fixes).
- commit f409d6e
- nvmet-fcloop: swap list_add_tail arguments (git-fixes).
- nvme-pci: skip nvme_write_sq_db on empty rqlist (git-fixes).
- nvme/ioctl: don't warn on vectorized uring_cmd with fixed buffer
(git-fixes).
- nvme-pci: fix stuck reset on concurrent DPC and HP (git-fixes).
- nvme-pci: skip CMB blocks incompatible with PCI P2P DMA
(git-fixes).
- nvme-pci: clean up CMBMSC when registering CMB fails
(git-fixes).
- nvme-tcp: fix possible UAF in nvme_tcp_poll (git-fixes).
- commit bf9d0e5
- Move upstreamed smb patch into sorted section
Also move other out-of-tree patches into the proper section
- commit ba77adc
- rpm/kernel-binary.spec.in: revert the revert change with OrderWithRequires
The recent change using OrderWithRequires addresses the known issues,
but also caused regressions for the existing image or package builds.
For SLE15-SPx, better to be conservative and stick with the older way.
- commit bbe05e4
- Refresh
patches.suse/kernel-add-product-identifying-information-to-kernel-build.patch.
scripts/gen-suse_version_h.sh requires bash, yet in Makefile
CONFIG_SHELL is defined to 'sh'. In openSUSE and SUSE products 'sh' is a
symbolic link to 'bash', hence this isn't a problem. However
distributions like Debian and Ubuntu 'sh' is symbolically linked to
'dash' instead, and gen-suse_version_h.sh will fail to run with
./scripts/gen-suse_version_h.sh: 3: Syntax error: "(" unexpected
make[1]: *** [/home/runner/work/libbpf/libbpf/.kernel/Makefile:1135: include/generated/uapi/linux/suse_version.h] Error 2
make: *** [Makefile:224: __sub-make] Error 2
Explicitly use bash to run scripts/gen-suse_version_h.sh to make sure
it will always work.
- commit 2be3c0f
- scsi: iscsi: Fix missing scsi_host_put() in error path
(git-fixes).
- scsi: hisi_sas: Enable force phy when SATA disk directly
connected (git-fixes).
- scsi: lpfc: Restore clearing of NLP_UNREG_INP in ndlp->nlp_flag
(git-fixes).
- scsi: scsi_debug: Remove a reference to in_use_bm (git-fixes).
- scsi: mpt3sas: Fix a locking bug in an error path (git-fixes).
- scsi: mpi3mr: Fix locking in an error path (git-fixes).
- scsi: mpt3sas: Reduce log level of ignore_delay_remove message
to KERN_INFO (git-fixes).
- scsi: core: Use GFP_NOIO to avoid circular locking dependency
(git-fixes).
- commit c9f2a96
- net: annotate data-races around sk->sk_tx_queue_mapping
(git-fixes).
- commit 39ebbf2
- sctp: detect and prevent references to a freed transport in
sendmsg (git-fixes).
- commit 1334236
- sctp: add mutual exclusion in proc_sctp_do_udp_port()
(git-fixes).
- commit 711cff2
- sctp: Fix undefined behavior in left shift operation
(git-fixes).
- commit a1edf61
- netpoll: Use rcu_access_pointer() in netpoll_poll_lock
(git-fixes).
- commit 4965a27
- tcp: fix mptcp DSS corruption due to large pmtu xmit
(git-fixes).
- commit ba5be47
- sctp: ensure sk_state is set to CLOSED if hashing fails in
sctp_listen_start (git-fixes).
- commit a7b311d
- sctp: fix association labeling in the duplicate COOKIE-ECHO case
(git-fixes).
- commit f2ab0aa
- sctp: prefer struct_size over open coded arithmetic (git-fixes).
- commit e26aab9
- net: blackhole_dev: fix build warning for ethh set but not used
(git-fixes).
- commit 9f9bf2f
- net: sctp: fix skb leak in sctp_inq_free() (git-fixes).
- commit ef140e3
- sctp: fix busy polling (git-fixes).
- commit 533e122
- sctp: support MSG_ERRQUEUE flag in recvmsg() (git-fixes).
- commit 1e9a8f7
- i2c: cros-ec-tunnel: defer probe if parent EC is not present
(git-fixes).
- commit 68f8146
- vmxnet3: unregister xdp rxq info in the reset path
(bsc#1241394).
- vmxnet3: Fix tx queue race condition with XDP (bsc#1241394).
- commit d09ed0e
- ALSA: hda/realtek - Fixed ASUS platform headset Mic issue
(git-fixes).
- commit 53f07fb
- Refresh patches.suse/ALSA-hda-realtek-Workaround-for-resume-on-Dell-Venue.patch
The patch was applied incorrectly to a wrong device
- commit cf41ba6
- Bluetooth: vhci: Avoid needless snprintf() calls (git-fixes).
- wifi: wl1251: fix memory leak in wl1251_tx_work (git-fixes).
- wifi: mac80211: Purge vif txq in ieee80211_do_stop()
(git-fixes).
- wifi: at76c50x: fix use after free access in at76_disconnect
(git-fixes).
- Bluetooth: l2cap: Check encryption key size on incoming
connection (git-fixes).
- Bluetooth: btrtl: Prevent potential NULL dereference
(git-fixes).
- Bluetooth: hci_event: Fix sending MGMT_EV_DEVICE_FOUND for
invalid address (git-fixes).
- ASoC: codecs:lpass-wsa-macro: Fix logic of enabling vi channels
(git-fixes).
- ASoC: codecs:lpass-wsa-macro: Fix vi feedback rate (git-fixes).
- ASoC: Intel: avs: Fix null-ptr-deref in avs_component_probe()
(git-fixes).
- ASoC: qcom: Fix sc7280 lpass potential buffer overflow
(git-fixes).
- asus-laptop: Fix an uninitialized variable (git-fixes).
- ata: libata-sata: Save all fields from sense data descriptor
(git-fixes).
- commit b064ee6
- smb: client: fix folio leaks and perf improvements (bsc#1239997,
bsc1241265).
- commit 3640faf
- net: mark racy access on sk->sk_rcvbuf (git-fixes).
- commit c7df85a
- net: set SOCK_RCU_FREE before inserting socket into hashtable
(git-fixes).
- commit 469342f
- net: annotate data-races around sk->sk_dst_pending_confirm
(git-fixes).
- commit ddac370
- Refresh patches.suse/x86-paravirt-Move-halt-paravirt-calls-under-CONFIG_PARAVIR.patch.
This fixes a build error
- commit 885e121
- ipv4: fib: annotate races around nh->nh_saddr_genid and
nh->nh_saddr (git-fixes).
- commit 42e44b7
- rpm/kernel-binary.spec.in: Also order against update-bootloader
(boo#1228659, boo#1240785, boo#1241038).
- commit fe0a8c9
- crypto: caam/qi - Fix drv_ctx refcount bug (git-fixes).
- commit 004010d
- selftests/bpf: Add a few tests to cover (git-fixes).
- bpf: Add missed var_off setting in coerce_subreg_to_size_sx()
(git-fixes).
- bpf: Add missed var_off setting in set_sext32_default_val()
(git-fixes).
- commit 07fae33
- Drop PCI patch that caused a regression (bsc#1241123)
The patch patches.suse/PCI-Avoid-reset-when-disabled-via-sysfs.patch
seems causing a regression about missing device passthrough on VM.
Drop it to address the regression.
- commit 5845d87
- bpf, test_run: Fix use-after-free issue in eth_skb_pkt_type()
(bsc#1240181 CVE-2025-21867).
- commit 82a6d4f
- Revert commit (bsc#1241051)
Delete
patches.suse/mm-various-give-up-if-pte_offset_map-_lock-fails.patch.
- commit c63b737
- rpm/package-descriptions: Add rt and rt_debug descriptions
- commit 09573c0
- fs/ntfs3: add prefix to bitmap_size() and use BITS_TO_U64()
(bsc#1241250).
- commit a11e79b
- x86/microcode/AMD: Split load_microcode_amd() (git-fixes).
- Refresh
patches.suse/x86-microcode-AMD-Fix-out-of-bounds-on-systems-with-.patch.
- commit e4a11da
- x86/microcode/AMD: Pay attention to the stepping dynamically (git-fixes).
- commit 581b74c
- x86/microcode/intel: Set new revision only after a successful update (git-fixes).
- commit 7ef0614
- x86/microcode/AMD: Fix a -Wsometimes-uninitialized clang false positive (git-fixes).
- commit 0584d8b
- btrfs: fix hole expansion when writing at an offset beyond EOF
(bsc#1241151).
- btrfs: fix swap file activation failure due to extents that
used to be shared (bsc#1241204).
- btrfs: fix race with memory mapped writes when activating swap
file (bsc#1241204).
- btrfs: fix missing snapshot drew unlock when root is dead
during swap activation (bsc#1241204).
- btrfs: add and use helper to verify the calling task has locked
the inode (bsc#1241204).
- commit d9b6443
- sched: address a potential NULL pointer dereference in the
GRED scheduler (CVE-2025-21980 bsc#1240809).
- commit ce44194
- net: atm: fix use after free in lec_send() (CVE-2025-22004
bsc#1240835).
- commit 0623761
- llc: do not use skb_get() before dev_queue_xmit()
(CVE-2025-21925 bsc#1240713).
- commit 79eced9
- tools/power turbostat: report CoreThr per measurement interval
(git-fixes).
- commit d3776d1
- x86/microcode/AMD: Use the family,model,stepping encoded in the patch ID (git-fixes).
- Refresh
patches.suse/x86-microcode-AMD-Flush-patch-buffer-mapping-after-applica.patch.
- commit 88521da
- x86/microcode: Rework early revisions reporting (git-fixes).
- Refresh
patches.suse/x86-microcode-AMD-Flush-patch-buffer-mapping-after-applica.patch.
- commit 4d17d9e
- ax25: rcu protect dev->ax25_ptr (CVE-2025-21812 bsc#1238471).
- commit 5fd1fff
- x86/microcode: Remove the driver announcement and version (git-fixes).
- commit 46995b1
- x86/tdx: Emit warning if IRQs are enabled during HLT #VE handling (git-fixes).
- commit d56cfaf
- x86/tdx: Fix arch_safe_halt() execution for TDX VMs (git-fixes).
- commit d95d976
- Refresh
patches.suse/ipv6-remove-hard-coded-limitation-on-ipv6_pinfo.patch.
- commit 0200f55
- hfs/hfsplus: fix slab-out-of-bounds in hfs_bnode_read_key
(git-fixes).
- commit 6eab8d6
- x86/paravirt: Move halt paravirt calls under CONFIG_PARAVIRT (git-fixes).
- commit df4a06f
- x86/microcode/AMD: Flush patch buffer mapping after application (git-fixes).
- commit 3abf82a
- x86/dumpstack: Fix inaccurate unwinding from exception stacks due to misplaced assignment (git-fixes).
- commit 9a5f9b4
- x86/entry: Fix ORC unwinder for PUSH_REGS with save_ret=1 (git-fixes).
- commit a987e8f
- x86/uaccess: Improve performance by aligning writes to 8 bytes in copy_user_generic(), on non-FSRM/ERMS CPUs (git-fixes).
- commit b668be3
- x86/bugs: Add RSB mitigation document (git-fixes).
- commit b8dad0f
- x86/bugs: Don't fill RSB on context switch with eIBRS (git-fixes).
- commit 187dbce
- x86/bugs: Don't fill RSB on VMEXIT with eIBRS+retpoline (git-fixes).
- commit 4f16d88
- x86/bugs: Fix RSB clearing in indirect_branch_prediction_barrier() (git-fixes).
- commit fb3ed54
- x86/bugs: Use SBPB in write_ibpb() if applicable (git-fixes).
- commit 4702713
- x86/bugs: Rename entry_ibpb() to write_ibpb() (git-fixes).
- commit 05f7f50
- selftest/bpf: Add vsock test for sockmap rejecting unconnected
(bsc#1239470 CVE-2025-21854).
- selftest/bpf: Adapt vsock_delete_on_close to sockmap rejecting
unconnected (bsc#1239470 CVE-2025-21854).
- vsock/bpf: Warn on socket without transport (bsc#1239470
CVE-2025-21854).
- commit 9aa107b
- tools/power turbostat: Increase CPU_SUBSET_MAXCPUS to 8192
(bsc#1241175).
- commit b06e876
- sockmap, vsock: For connectible sockets allow only connected
(bsc#1239470 CVE-2025-21854).
- bpf: sockmap, test for unconnected af_unix sock (bsc#1239470
CVE-2025-21854).
- Refresh patches.suse/selftest-bpf-Add-test-for-af_vsock-poll.patch
- bpf: syzkaller found null ptr deref in unix_bpf proto add
(bsc#1239470 CVE-2025-21854).
- Refresh patches.suse/udp-fix-busy-polling.patch
- Refresh
patches.suse/bpf-sockmap-SK_DROP-on-attempted-redirects-of-unsupported-.patch
- commit 62e8475
- bpf, vsock: Invoke proto::close on close() (bsc#1239470 CVE-2025-21854).
- Refresh
patches.suse/vsock-Keep-the-binding-until-socket-destruction.patch.
- Refresh patches.suse/vsock-Orphan-socket-after-transport-release.patch
- commit a88600e
- selftest/bpf: Add test for vsock removal from sockmap on close()
(bsc#1239470 CVE-2025-21854).
- selftest/bpf: Add test for af_vsock poll() (bsc#1239470
CVE-2025-21854).
- bpf, vsock: Fix poll() missing a queue (bsc#1239470
CVE-2025-21854).
- commit 43f792d
- RDMA/core: Silence oversized kvmalloc() warning (git-fixes)
- commit 0801938
- RDMA/cma: Fix workqueue crash in cma_netevent_work_handler (git-fixes)
- commit 8be4a6f
- RDMA/hns: Fix wrong maximum DMA segment size (git-fixes)
- commit 9a0c549
- RDMA/usnic: Fix passing zero to PTR_ERR in usnic_ib_pci_probe() (git-fixes)
- commit 7bf895d
- net: xdp: Disallow attaching device-bound programs in generic
mode (bsc#1238742 CVE-2025-21808).
- commit c2feb9e
- md/md-bitmap: fix wrong bitmap_limit for clustermd when write sb (bsc#1238212)
Also reenable patches.suse/md-md-bitmap-fix-writing-non-bitmap-pages-ab99.patch
- commit 22ce219
- bpf: Fix deadlock when freeing cgroup storage (CVE-2024-58088 bsc#1239510)
- commit a5b985f
- dpll: fix xa_alloc_cyclic() error handling (CVE-2025-22016 bsc#1240934)
- commit 2521b46
- devlink: fix xa_alloc_cyclic() error handling (CVE-2025-22017 bsc#1240936)
- commit 6e391e8
- zap_pid_ns_processes: clear TIF_NOTIFY_SIGNAL along with
TIF_SIGPENDING (bsc#1241167).
- commit 2fe69fb
- caif_virtio: fix wrong pointer check in cfv_probe()
(CVE-2025-21904 bsc#1240576).
- commit 9a83e3e
- Refresh
patches.kabi/kABI-fix-for-ipv6-remove-hard-coded-limitation-on-ip.patch.
- commit 81847b0
- xfs: flush inodegc before swapon (git-fixes).
- commit c599968
- net: mana: Switch to page pool for jumbo frames (git-fixes).
- RDMA/mana_ib: Ensure variable err is initialized (git-fixes).
- x86/hyperv: Fix check of return value from snp_set_vmsa()
(git-fixes).
- commit 2b709c0
- pwm: fsl-ftm: Handle clk_get_rate() returning 0 (git-fixes).
- pwm: rcar: Improve register calculation (git-fixes).
- pwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config()
(git-fixes).
- commit 9d83cd0
- ata: sata_sx4: Add error handling in pdc20621_i2c_read()
(git-fixes).
- ata: pata_pxa: Fix potential NULL pointer dereference in
pxa_ata_probe() (git-fixes).
- commit dcc1d06
- kABI workaround for powercap update (bsc#1241010).
- commit 6da4ad4
- drm/amd/display: Fix out-of-bound accesses (bsc#1240811 CVE-2025-21985)
- commit f9ae89c
- Revert "tcp: Fix bind() regression for v6-only wildcard and"
This reverts commit 10a8fd3005bd56ac305a4a4e9bf53cfc50aad28f.
This patch is part of a bigger series [0] and AFAIU can't be applied
individually. Applying the entire series would result in kABI breakage.
[0]
https://lore.kernel.org/all/20231213082029.35149-1-kuniyu@amazon.com/
- commit 9692530
- Update
patches.suse/Bluetooth-Add-check-for-mgmt_alloc_skb-in-mgmt_devic.patch
(git-fixes CVE-2025-21936 bsc#1240716).
- Update
patches.suse/Bluetooth-Add-check-for-mgmt_alloc_skb-in-mgmt_remot.patch
(git-fixes CVE-2025-21937 bsc#1240643).
- Update
patches.suse/Bluetooth-Fix-error-code-in-chan_alloc_skb_cb.patch
(git-fixes CVE-2025-22007 bsc#1240829).
- Update
patches.suse/HID-appleir-Fix-potential-NULL-dereference-at-raw-ev.patch
(git-fixes CVE-2025-21948 bsc#1240703).
- Update
patches.suse/HID-hid-steam-Fix-use-after-free-when-detaching-devi.patch
(git-fixes CVE-2025-21923 bsc#1240691).
- Update
patches.suse/HID-ignore-non-functional-sensor-in-HP-5MP-Camera.patch
(stable-fixes CVE-2025-21992 bsc#1240796).
- Update
patches.suse/HID-intel-ish-hid-Fix-use-after-free-issue-in-ishtp_.patch
(git-fixes CVE-2025-21928 bsc#1240722).
- Update
patches.suse/KVM-arm64-Unconditionally-save-flush-host-FPSIMD-SVE-SME-state.patch
(git-fixes CVE-2025-22013 bsc#1240938).
- Update
patches.suse/RDMA-hns-Fix-soft-lockup-during-bt-pages-loop.patch
(git-fixes CVE-2025-22010 bsc#1240943).
- Update
patches.suse/accel-qaic-Fix-integer-overflow-in-qaic_validate_req.patch
(git-fixes CVE-2025-22001 bsc#1240873).
- Update
patches.suse/bus-mhi-host-pci_generic-Use-pci_try_reset_function-.patch
(git-fixes CVE-2025-21951 bsc#1240718).
- Update
patches.suse/can-ucan-fix-out-of-bound-read-in-strscpy-source.patch
(git-fixes CVE-2025-22003 bsc#1240825).
- Update
patches.suse/cdx-Fix-possible-UAF-error-in-driver_override_show.patch
(git-fixes CVE-2025-21915 bsc#1240594).
- Update
patches.suse/dm-flakey-Fix-memory-corruption-in-optional-corrupt_.patch
(git-fixes CVE-2025-21966 bsc#1240779).
- Update
patches.suse/drivers-virt-acrn-hsm-Use-kzalloc-to-avoid-info-leak.patch
(git-fixes CVE-2025-21950 bsc#1240719).
- Update
patches.suse/drm-amd-display-Assign-normalized_pix_clk-when-color.patch
(stable-fixes CVE-2025-21956 bsc#1240739).
- Update
patches.suse/drm-amd-display-Fix-null-check-for-pipe_ctx-plane_st-374c9fa.patch
(git-fixes CVE-2025-21941 bsc#1240701).
- Update
patches.suse/drm-amd-display-Fix-slab-use-after-free-on-hdcp_work.patch
(git-fixes CVE-2025-21968 bsc#1240783).
- Update
patches.suse/drm-hyperv-Fix-address-space-leak-when-Hyper-V-DRM-d.patch
(git-fixes CVE-2025-21978 bsc#1240806).
- Update
patches.suse/drm-radeon-fix-uninitialized-size-issue-in-radeon_vc.patch
(git-fixes CVE-2025-21996 bsc#1240801).
- Update
patches.suse/drm-sched-Fix-fence-reference-count-leak.patch
(git-fixes CVE-2025-21995 bsc#1240821).
- Update
patches.suse/gpio-aggregator-protect-driver-attr-handlers-against.patch
(git-fixes CVE-2025-21943 bsc#1240647).
- Update
patches.suse/gpio-rcar-Use-raw_spinlock-to-protect-register-acces.patch
(stable-fixes CVE-2025-21912 bsc#1240584).
- Update
patches.suse/msft-hv-3170-net-mana-cleanup-mana-struct-after-debugfs_remove.patch
(git-fixes CVE-2025-21953 bsc#1240727).
- Update
patches.suse/net_sched-Prevent-creation-of-classes-with-TC_H_ROOT.patch
(git-fixes CVE-2025-21971 bsc#1240799).
- Update
patches.suse/nvme-tcp-fix-potential-memory-corruption-in-nvme_tcp.patch
(git-fixes CVE-2025-21927 bsc#1240714).
- Update
patches.suse/rapidio-add-check-for-rio_add_net-in-rio_scan_alloc_.patch
(git-fixes CVE-2025-21935 bsc#1240700).
- Update
patches.suse/rapidio-fix-an-API-misues-when-rio_add_net-fails.patch
(git-fixes CVE-2025-21934 bsc#1240708).
- Update
patches.suse/regulator-check-that-dummy-regulator-has-been-probed.patch
(stable-fixes CVE-2025-22008 bsc#1240942).
- Update
patches.suse/regulator-dummy-force-synchronous-probing.patch
(git-fixes CVE-2025-22009 bsc#1240940).
- Update
patches.suse/slimbus-messaging-Free-transaction-ID-in-delayed-int.patch
(git-fixes CVE-2025-21914 bsc#1240595).
- Update
patches.suse/soc-qcom-pdr-Fix-the-potential-deadlock.patch
(git-fixes CVE-2025-22014 bsc#1240937).
- Update
patches.suse/usb-atm-cxacru-fix-a-flaw-in-existing-endpoint-check.patch
(git-fixes CVE-2025-21916 bsc#1240582).
- Update
patches.suse/usb-renesas_usbhs-Flush-the-notify_hotplug_work.patch
(git-fixes CVE-2025-21917 bsc#1240596).
- Update patches.suse/usb-typec-ucsi-Fix-NULL-pointer-access.patch
(git-fixes CVE-2025-21918 bsc#1240592).
- Update
patches.suse/wifi-cfg80211-cancel-wiphy_work-before-freeing-wiphy.patch
(git-fixes CVE-2025-21979 bsc#1240808).
- Update
patches.suse/wifi-cfg80211-regulatory-improve-invalid-hints-check.patch
(git-fixes CVE-2025-21910 bsc#1240583).
- Update
patches.suse/wifi-iwlwifi-limit-printed-string-from-FW-file.patch
(git-fixes CVE-2025-21905 bsc#1240575).
- Update
patches.suse/wifi-iwlwifi-mvm-don-t-try-to-talk-to-a-dead-firmwar.patch
(git-fixes CVE-2025-21930 bsc#1240715).
- Update
patches.suse/wifi-nl80211-reject-cooked-mode-if-it-is-set-along-w.patch
(git-fixes CVE-2025-21909 bsc#1240590).
- commit a467018
- affs: don't write overlarge OFS data block size fields
(git-fixes).
- commit 334bc15
- affs: generate OFS sequence numbers starting at 1 (git-fixes).
- commit f93c833
- nfsd: put dl_stid if fail to queue dl_recall (git-fixes).
- commit 4b6b673
- security, lsm: Introduce security_mptcp_add_subflow()
(bsc#1240375).
- Refresh
patches.suse/net-better-track-kernel-sockets-lifetime.patch.
- commit bd8699b
- selinux: Implement mptcp_add_subflow hook (bsc#1240375).
- commit c784a67
- powercap: intel_rapl_tpmi: Enable PMU support (bsc#1241010).
- commit 2a705e9
- powercap: intel_rapl: Introduce APIs for PMU support
(bsc#1241010).
- commit b0e2847
- drm/amd: Keep display off while going into S4 (stable-fixes).
- Refresh
patches.suse/drm-amd-display-Restore-correct-backlight-brightness.patch.
- commit e9996bf
- drm/sti: remove duplicate object names (git-fixes).
- drm/nouveau: prime: fix ttm_bo_delayed_delete oops (git-fixes).
- drm/amd/pm/smu11: Prevent division by zero (git-fixes).
- drm/amdgpu/dma_buf: fix page_link check (git-fixes).
- drm/i915/huc: Fix fence not released on early probe errors
(git-fixes).
- gpio: tegra186: fix resource handling in ACPI probe path
(git-fixes).
- mtd: rawnand: Add status chack in r852_ready() (git-fixes).
- mtd: inftlcore: Add error check for inftl_read_oob()
(git-fixes).
- ntb: use 64-bit arithmetic for the MSI doorbell mask
(git-fixes).
- ntb_hw_switchtec: Fix shift-out-of-bounds in
switchtec_ntb_mw_set_trans (git-fixes).
- ACPI: resource: Skip IRQ override on ASUS Vivobook 14 X1404VAP
(stable-fixes).
- mmc: sdhci-pxav3: set NEED_RSP_BUSY capability (stable-fixes).
- hwmon: (nct6775-core) Fix out of bounds access for NCT679{8,9}
(stable-fixes).
- wifi: mac80211: flush the station before moving it to
UN-AUTHORIZED state (stable-fixes).
- platform/x86/intel/vsec: Add Diamond Rapids support
(stable-fixes).
- platform/x86: intel-hid: fix volume buttons on Microsoft
Surface Go 4 tablet (stable-fixes).
- wifi: brcmfmac: keep power during suspend if board requires it
(stable-fixes).
- wifi: iwlwifi: mvm: use the right version of the rate API
(stable-fixes).
- wifi: iwlwifi: fw: allocate chained SG tables for dump
(stable-fixes).
- HID: i2c-hid: improve i2c_hid_get_report error message
(stable-fixes).
- ntb: Force physically contiguous allocation of rx ring buffers
(git-fixes).
- ntb_perf: Fix printk format (git-fixes).
- commit a733ec5
- netfilter: br_netfilter: skip conntrack input hook for promisc
packets (CVE-2024-27415 bsc#1224757).
- commit 01cefc0
- kabi: restore layout of struct nf_ct_hook after backport of
commit 62e7151ae3eb (CVE-2024-27415 bsc#1224757).
- netfilter: bridge: confirm multicast packets before passing
them up the stack (CVE-2024-27415 bsc#1224757).
- commit 69425e5
- netfilter: xtables: fix typo causing some targets not to load
on IPv6 (CVE-2024-50038 bsc#1231910).
- netfilter: xtables: avoid NFPROTO_UNSPEC where needed
(CVE-2024-50038 bsc#1231910).
- commit 9ec5161
- net: mctp: unshare packets when reassembling (CVE-2025-21972
bsc#1240813).
- commit 5878b19
- Reapply "Merge remote-tracking branch 'origin/users/sjaeckel/SLE15-SP6/for-next' into SLE15-SP6"
This reverts commit 9b78ca60e10c64a737b9db2b85fdd944daac6ae6.
- commit 157dbaf
- net/tcp: refactor tcp_inet6_sk() (git-fixes).
- commit 459f538
- ntb_perf: Delete duplicate dmaengine_unmap_put() call in
perf_copy_chunk() (git-fixes).
- commit eeb7f74
- ntb: intel: Fix using link status DB's (git-fixes).
- commit a988a90
- s390/cio: Fix CHPID "configure" attribute caching (git-fixes
bsc#1240979).
- commit a947a32
- s390/pci: Fix zpci_bus_is_isolated_vf() for non-VFs (git-fixes
bsc#1240978).
- commit 610fa90
- wifi: ath11k: fix memory leak in ath11k_xxx_remove()
(git-fixes).
- Refresh
patches.suse/wifi-ath11k-choose-default-PM-policy-for-hibernation.patch.
- Refresh
patches.suse/wifi-ath11k-support-non-WoWLAN-mode-suspend-as-well.patch.
- commit 5ef71a9
- Update upstream status for ath11k patches
- commit 42fd2e8
- rpm/check-for-config-changes: add LD_CAN_ to IGNORED_CONFIGS_RE
We now have LD_CAN_USE_KEEP_IN_OVERLAY since commit:
e7607f7d6d81 ARM: 9443/1: Require linker to support KEEP within OVERLAY for DCE
- commit 7b55ff2
- perf tools: annotate asm_pure_loop.S (bsc#1239906).
- commit a3afe13
- perf/core: Order the PMU list to fix warning about unordered
pmu_ctx_list (bsc#1240585 CVE-2025-21895).
- commit c393384
- io_uring/kbuf: reallocate buf lists on upgrade (CVE-2025-21836
bsc#1239066).
- commit 1c3b3b4
- rpm/kernel-binary.spec.in: Use OrderWithRequires (boo#1228659 boo#1241038).
OrderWithRequires was introduced in rpm 4.9 (ie. SLE12+) to allow
a package to inform the order of installation of other package without
hard requiring that package. This means our kernel-binary packages no
longer need to hard require perl-Bootloader or dracut, resolving the
long-commented issue there. This is also needed for udev & systemd-boot
to ensure those packages are installed before being called by dracut
(boo#1228659)
- commit 634be2c
- usb: dwc3: Set SUSPENDENABLE soon after phy init (git-fixes).
- commit 88d79df
- bpf: avoid holding freeze_mutex during mmap operation
(git-fixes).
- bpf: unify VM_WRITE vs VM_MAYWRITE use in BPF map mmaping logic
(git-fixes).
- selftests/bpf: Add test for narrow ctx load for pointer args
(git-fixes).
- bpf: Check size for BTF-based ctx access of pointer members
(git-fixes).
- bpf: Fix theoretical prog_array UAF in __uprobe_perf_func()
(git-fixes).
- bpf: fix potential error return (git-fixes).
- commit 59fa8cd
- tty: serial: 8250: Add Brainboxes XC devices (stable-fixes).
- tty: serial: 8250: Add some more device IDs (stable-fixes).
- net: usb: qmi_wwan: add Telit Cinterion FE990B composition
(stable-fixes).
- net: usb: qmi_wwan: add Telit Cinterion FN990B composition
(stable-fixes).
- HID: hid-plantronics: Add mic mute mapping and generalize quirks
(stable-fixes).
- drm/dp_mst: Add a helper to queue a topology probe
(stable-fixes).
- drm/dp_mst: Factor out function to queue a topology probe work
(stable-fixes).
- commit dcc0903
- scsi: qla1280: Fix kernel oops when debug level > 2 (CVE-2025-21957 bsc#1240742)
- commit bd3922a
- io_uring: prevent opcode speculation (CVE-2025-21863
bsc#1239475).
- commit cf2b4a4
- wifi: rtw89: fix race between cancel_hw_scan and hw_scan completion (CVE-2025-21729 bsc#1237874)
- commit dfb7d10
- OPP: fix dev_pm_opp_find_bw_*() when bandwidth table not initialized (CVE-2024-58068 bsc#1238961)
- commit b424f57
- net: let net.core.dev_weight always be non-zero (CVE-2025-21806 bsc#1238746)
- commit c6ce075
- Refresh patches.suse/Bluetooth-L2CAP-Fix-corrupted-list-in-hci_chan_del.patch
Drop redundant mutex lock that was forgotten
- commit 8253168
- net/mlx5: Bridge, fix the crash caused by LAG state check
(CVE-2025-21970 bsc#1240819).
- eth: bnxt: do not update checksum in bnxt_xdp_build_skb()
(CVE-2025-21960 bsc#1240815).
- eth: bnxt: fix truesize for mb-xdp-pass case (CVE-2025-21961
bsc#1240816).
- net/mlx5: handle errors in mlx5_chains_create_table()
(CVE-2025-21975 bsc#1240812).
- commit 5bfb0f9
- x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less
NUMA nodes (CVE-2025-21991 bsc#1240795).
- x86/amd_nb: Use rdmsr_safe() in amd_get_mmconfig_range()
(CVE-2025-21913 bsc#1240591).
- commit 718ae0d
- NFS: fix nfs_release_folio() to not deadlock via kcompactd
writeback (CVE-2025-21908 bsc#1240600).
- commit a2db92f
- kABI workaround for l2cap_conn changes (CVE-2025-21969
bsc#1240784).
- commit 0c8af58
- Bluetooth: L2CAP: Fix corrupted list in hci_chan_del
(CVE-2025-21969 bsc#1240784).
- commit 730e49a
- Bluetooth: L2CAP: Fix slab-use-after-free Read in l2cap_send_cmd
(CVE-2025-21969 bsc#1240784).
- iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in
ibft_attr_show_nic() (CVE-2025-21993 bsc#1240797).
- commit 80da9db
- drm/amdgpu/gfx11: fix num_mec (git-fixes).
- drm/amd/pm: Prevent division by zero (git-fixes).
- Input: pm8941-pwrkey - fix dev_dbg() output in
pm8941_pwrkey_irq() (git-fixes).
- Input: synaptics - hide unused smbus_pnp_ids[] array
(git-fixes).
- commit d5f05d8
- powercap: intel_rapl_tpmi: Fix bogus register reading
(git-fixes).
- commit 4482ca3
- powercap: intel_rapl_tpmi: Ignore minor version change
(git-fixes).
- commit 8f97ff8
- powercap: dtpm_devfreq: Fix error check against
dev_pm_qos_add_request() (git-fixes).
- commit 5af8777
- powercap: intel_rapl_tpmi: Fix System Domain probing
(git-fixes).
- commit cb855f9
- usbnet:fix NPE during rx_complete (git-fixes).
- platform/x86: ISST: Correct command storage data length
(git-fixes).
- ASoC: imx-card: Add NULL check in imx_card_probe() (git-fixes).
- ASoC: qdsp6: q6apm-dai: fix capture pipeline overruns
(git-fixes).
- ASoC: qdsp6: q6apm-dai: set 10 ms period and buffer alignment
(git-fixes).
- ASoC: qdsp6: q6asm-dai: fix q6asm_dai_compr_set_params error
path (git-fixes).
- firmware: cs_dsp: Ensure cs_dsp_load[_coeff]() returns 0 on
success (git-fixes).
- ALSA: hda/realtek: Fix built-in mic on another ASUS VivoBook
model (git-fixes).
- ALSA: hda/realtek: Fix built-in mic breakage on ASUS VivoBook
X515JA (git-fixes).
- commit e1c84cd
- vsock: Orphan socket after transport release (CVE-2025-21755 bsc#1237882)
- commit 6317d55
- tpm_tis: Use responseRetry to recover from data transfer errors
(bsc#1235870).
- commit 6e4dc96
- tpm_tis: Move CRC check to generic send routine (bsc#1235870).
- Refresh patches.suse/tpm_tis-Resend-command-to-recover-from-data-transfer.patch
- commit 66fe063
- Delete patches.suse/tpm-send_data-Wait-longer-for-the-TPM-to-become-read.patch.
To be replaced with upstream fix.
- commit d0fcf25
- rtnetlink: Allocate vfinfo size for VF GUIDs when supported
(bsc#1224013).
- commit 34e3f46
- kernel-binary: Support livepatch_rt with merged RT branch
- commit 470cd1a
- arm64: Don't call NULL in do_compat_alignment_fixup() (git-fixes)
- commit 249080a
- arm64: mm: Correct the update of max_pfn (git-fixes)
- commit b6d4b51
- tpm: tis: Double the timeout B to 4s (bsc#1235870).
- commit 2ecc734
- tpm, tpm_tis: Workaround failed command reception on Infineon
devices (bsc#1235870).
- commit cc21438
- ice: fix memory leak in aRFS after reset (CVE-2025-21981
bsc#1240612).
- ppp: Fix KMSAN uninit-value warning with bpf (CVE-2025-21922
bsc#1240639).
- net: hns3: make sure ptp clock is unregister and freed
if hclge_ptp_get_cycle returns an error (CVE-2025-21924
bsc#1240720).
- net: enetc: VFs do not support HWTSTAMP_TX_ONESTEP_SYNC
(CVE-2025-21894 bsc#1240581).
- net: enetc: Replace ifdef with IS_ENABLED (CVE-2025-21894
bsc#1240581).
- commit e9dce38
- wifi: iwlwifi: mvm: clean up ROC on failure (CVE-2025-21906
bsc#1240587).
- commit 887f91d
- lib: scatterlist: fix sg_split_phys to preserve original
scatterlist offsets (git-fixes).
- acpi: nfit: fix narrowing conversion in acpi_nfit_ctl
(git-fixes).
- commit ea68f49
- smb: client: fix open_cached_dir retries with 'hard' mount
option (bsc#1240616).
- commit 504723c
- exfat: fix the infinite loop in exfat_find_last_cluster()
(git-fixes).
- commit 8b30c73
- rpm/check-for-config-changes: ignore DRM_MSM_VALIDATE_XML
This option is dynamically enabled to build-test different configurations.
This makes run_oldconfig.sh complain sporadically for arm64.
- commit 8fbe8b1
- net: fix data-races around sk->sk_forward_alloc (CVE-2024-53124
bsc#1234074).
- commit ea48905
- sctp: fix possible UAF in sctp_v6_available() (CVE-2024-53139
bsc#1234157).
- commit 779dfcf
- usb: xhci: correct debug message page size calculation
(git-fixes).
- ucsi_ccg: Don't show failed to get FW build information error
(git-fixes).
- serial: 8250_dma: terminate correct DMA in tx_dma_flush()
(git-fixes).
- tty: serial: fsl_lpuart: disable transmitter before changing
RS485 related registers (git-fixes).
- staging: rtl8723bs: select CONFIG_CRYPTO_LIB_AES (git-fixes).
- counter: microchip-tcb-capture: Fix undefined counter channel
state on probe (git-fixes).
- counter: stm32-lptimer-cnt: fix error handling when enabling
(git-fixes).
- ACPI: x86: Extend Lenovo Yoga Tab 3 quirk with skip GPIO
event-handlers (git-fixes).
- objtool: Fix segfault in ignore_unreachable_insn() (git-fixes).
- objtool, media: dib8000: Prevent divide-by-zero in
dib8000_set_dds() (git-fixes).
- objtool, spi: amd: Fix out-of-bounds stack access in
amd_set_spi_freq() (git-fixes).
- counter: fix privdata alignment (git-fixes).
- commit 8ea2563
- Move upstreamed ACPI patch into sorted section
- commit 871d0d6
- tty: serial: lpuart: only disable CTS instead of overwriting
the whole UARTMODIR register (git-fixes).
- PCI: histb: Fix an error handling path in histb_pcie_probe()
(git-fixes).
- PCI: Fix BAR resizing when VF BARs are assigned (git-fixes).
- PCI: Fix reference leak in pci_register_host_bridge()
(git-fixes).
- commit 808a9df
- net: better track kernel sockets lifetime (CVE-2025-21884
bsc#1240171).
- net: Add net_passive_inc() and net_passive_dec() (CVE-2025-21884
bsc#1240171).
- commit 741fa11
- Update
patches.suse/RDMA-core-Don-t-expose-hw_counters-outside-of-init-n.patch
(git-fixes bsc#1239925).
- Update
patches.suse/kABI-fix-for-RDMA-core-Don-t-expose-hw_counters-outs.patch
(git-fixes bsc#1239925).
Add bug reference.
- commit 8eef29b
- Revert "Merge remote-tracking branch 'origin/users/sjaeckel/SLE15-SP6/for-next' into SLE15-SP6"
This reverts commit bb7a7b2a95aa93ef5db11cca2317b7fe59e19e38, reversing
changes made to ac2aed10902386a981d430e6af9b7946722682ea.
- commit 9b78ca6
- arm64: Utilize for_each_cpu_wrap for reference lookup (bsc#1238052)
- commit ff26688
- Refresh
patches.suse/net-usb-usbnet-restore-usb-d-name-exception-for-loca.patch.
Moved into place as merged upstream
- commit 098c735
- arch_topology: init capacity_freq_ref to 0 (bsc#1238052)
- commit c70af66
- cpufreq: Introduce an optional cpuinfo_avg_freq sysfs entry (bsc#1238052)
Keep the feature disabled by default on x86_64
- commit 0ffcad3
- cpufreq: Allow arch_freq_get_on_cpu to return an error (bsc#1238052)
- commit 7e63d78
- arm64: Update AMU-based freq scale factor on entering idle (bsc#1238052)
- commit eb90de6
- arm64: Provide an AMU-based version of arch_freq_get_on_cpu (bsc#1238052)
- commit 1d57e2b
- arm64: amu: Delay allocating cpumask for AMU FIE support (bsc#1238052)
- commit 3eb3994
- topology: Set capacity_freq_ref in all cases (bsc#1238052)
- commit d357c02
- arch_topology: Make register_cpu_capacity_sysctl() tolerant to late (bsc#1238052)
- commit c2cc745
- arm64/amu: Use capacity_ref_freq() to set AMU ratio (bsc#1238052)
- commit 679001e
- cpufreq/cppc: Set the frequency used for computing the capacity (bsc#1238052)
- commit bad5fb8
- sched/topology: Add a new arch_scale_freq_ref() method (bsc#1238052)
- commit be4a850
- selftests: mptcp: close fd_in before returning in main_loop
(git-fixes).
- selftests: mptcp: fix incorrect fd checks in main_loop
(git-fixes).
- rndis_host: Flag RNDIS modems as WWAN devices (git-fixes).
- thermal/drivers/rockchip: Add missing rk3328 mapping entry
(git-fixes).
- i3c: Add NULL pointer check in i3c_master_queue_ibi()
(git-fixes).
- i3c: master: svc: Use readsb helper for reading MDB (git-fixes).
- i3c: master: svc: Fix missing the IBI rules (git-fixes).
- soundwire: slave: fix an OF node reference leak in soundwire
slave device (git-fixes).
- bus: mhi: host: Fix race between unprepare and queue_buf
(git-fixes).
- iio: adc: ad7124: Fix comparison of channel configs (git-fixes).
- iio: adc: ad4130: Fix comparison of channel setups (git-fixes).
- iio: accel: msa311: Fix failure to release runtime pm if direct
mode claim fails (git-fixes).
- iio: accel: mma8452: Ensure error return on failure to matching
oversampling ratio (git-fixes).
- driver core: Remove needless return in void API
device_remove_group() (git-fixes).
- selftests/mm/cow: fix the incorrect error handling (git-fixes).
- commit 0fbd190
- uprobes: Reject the shared zeropage in uprobe_write_opcode() (CVE-2025-21881 bsc#1240185)
- commit 8483377
- scsi: ufs: core: bsg: Fix crash when arpmb command fails (CVE-2025-21873 bsc#1240184)
- commit 8b26b99
- xhci: Fix null pointer dereference during S4 resume when
resetting ep0 (bsc#1235550).
- commit 647e59a
- RAS: Avoid build errors when CONFIG_DEBUG_FS=n (jsc#PED-7619).
Replace our patch with the upstream version.
- Delete
patches.suse/RAS-AMD-FMPM-Fix-build-when-debugfs-is-not-enabled.patch.
- commit 9580b87
- kABI fix for RDMA/core: Don't expose hw_counters outside (git-fixes)
- commit 6079f81
- RDMA/core: Don't expose hw_counters outside of init net namespace (git-fixes)
- commit f134527
- xhci: fix possible null pointer deref during xhci urb enqueue
(bsc#1235550).
- commit e4d47e4
- xhci: Reconfigure endpoint 0 max packet size only during
endpoint reset (bsc#1235550).
- commit fe44e60
- rpm/release-projects: Update the ALP projects again (bsc#1231293).
- commit a2f9145
- nvme: move passthrough logging attribute to head (git-fixes).
- nvme: introduce nvme_disk_is_ns_head helper (git-fixes).
- commit e2a4340
- bpf: Add tracepoints with null-able arguments (bsc#1235501
CVE-2024-56702).
- commit 60ddcfa
- net: Add rx_skb of kfree_skb to raw_tp_null_args (bsc#1235501
CVE-2024-56702).
- commit 2f246d2
- bpf: Augment raw_tp arguments with PTR_MAYBE_NULL (bsc#1235501
CVE-2024-56702).
- commit bd84127
- CIFS: New mount option for cifs.upcall namespace resolution
(CVE-2025-2312 bsc#1239684).
- commit b749482
- ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up (CVE-2025-21887 bsc#1240176)
- commit d9e7d31
- mptcp: always handle address removal under msk socket lock (CVE-2025-21875 bsc#1240168)
- commit ae417d1
- perf/core: Add RCU read lock protection to perf_iterate_ctx() (CVE-2025-21889 bsc#1240167)
- commit 6d49490
- nvkm: correctly calculate the available space of the GSP cmdq buffer (CVE-2024-58018 bsc#1238990)
- commit 3fbbd2b
- team: prevent adding a device which is already a team device lower (CVE-2024-58071 bsc#1238970)
- commit 0e6515d
- mm/page_alloc: fix memory accept before watermarks gets
initialized (bsc#1239600).
- commit 10a4fc6
- netfilter: allow exp not to be removed in nf_ct_find_expectation
(CVE-2023-52927 bsc#1239644).
- commit 67af0a4
- nvme-tcp: Fix a C2HTermReq error message (git-fixes).
- commit c4c365f
- nvme: move error logging from nvme_end_req() to __nvme_end_req()
(git-fixes).
- commit c939fa2
- nvme-fc: rely on state transitions to handle connectivity loss
(git-fixes bsc#1222649).
- commit 0e1fcfd
- nvme: allow passthru cmd error logging (git-fixes).
Refresh:
- patches.suse/nvme-fix-multipath-batched-completion-accounting.patch
- patches.suse/nvme-use-srcu-for-iterating-namespace-list.patch
- patches.suse/nvme-split-off-tls-sysfs-attributes-into-a-separate-group.patch
- commit ca344c0
- arm64: cputype: Add MIDR_CORTEX_A76AE (git-fixes)
- commit aad868b
- nvmet-fc: Remove unused functions (git-fixes).
- nvme-pci: remove stale comment (git-fixes).
- nvme-tcp: fix signedness bug in nvme_tcp_init_connection()
(git-fixes).
- nvmet-tcp: Fix a possible sporadic response drops in weakly
ordered arch (git-fixes).
- nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu()
(git-fixes).
- nvmet: remove old function prototype (git-fixes).
- nvme-ioctl: fix leaked requests on mapping error (git-fixes).
- nvme: only allow entering LIVE from CONNECTING state
(git-fixes bsc#1222649).
- nvmet-rdma: recheck queue state is LIVE in state lock in recv
done (git-fixes).
- nvme-tcp: add basic support for the C2HTermReq PDU (git-fixes).
- nvme-pci: quirk Acer FA100 for non-uniqueue identifiers
(git-fixes).
- nvme-fc: do not ignore connectivity loss during connecting
(git-fixes bsc#1222649).
Refresh:
- patches.suse/nvme-fc-use-ctrl-state-getter.patch
- nvme-fc: go straight to connecting state when initializing
(git-fixes bsc#1222649).
- commit 22d62a2
- arm64: dts: rockchip: Fix PWM pinctrl names (git-fixes)
- commit bea89fa
- arm64: dts: rockchip: Remove bluetooth node from rock-3a (git-fixes)
- commit 3224bb8
- arm64: tegra: Remove the Orin NX/Nano suspend key (git-fixes)
- commit bcfde59
- arm64: errata: Add newer ARM cores to the spectre_bhb_loop_affected() (git-fixes)
- commit 4d30cdc
- arm64: errata: Add KRYO 2XX/3XX/4XX silver cores to Spectre BHB safe (git-fixes)
- commit 49aa8a8
- arm64: errata: Assume that unknown CPUs _are_ vulnerable to Spectre (git-fixes)
- commit eb80776
- arm64: errata: Add QCOM_KRYO_4XX_GOLD to the spectre_bhb_k24_list (git-fixes)
- commit b4f3b31
- idpf: fix checksums set in idpf_rx_rsc() (CVE-2025-21890
bsc#1240173).
- ice: Fix deinitializing VF in error path (CVE-2025-21883
bsc#1240189).
- ipvlan: ensure network headers are in skb linear part
(CVE-2025-21891 bsc#1240186).
- commit ac7a561
- Update
patches.suse/RDMA-bnxt_re-Fix-the-page-details-for-the-srq-create.patch
(git-fixes CVE-2025-21885 bsc#1240169).
- Update
patches.suse/RDMA-mlx5-Fix-a-WARN-during-dereg_mr-for-DM-type.patch
(git-fixes CVE-2025-21888 bsc#1240177).
- Update
patches.suse/RDMA-mlx5-Fix-implicit-ODP-hang-on-parent-deregistra.patch
(git-fixes CVE-2025-21886 bsc#1240188).
- Update
patches.suse/RDMA-mlx5-Fix-the-recovery-flow-of-the-UMR-QP.patch
(git-fixes CVE-2025-21892 bsc#1240175).
- Update
patches.suse/i2c-npcm-disable-interrupt-enable-bit-before-devm_re.patch
(git-fixes CVE-2025-21878 bsc#1240192).
- Update
patches.suse/ibmvnic-Don-t-reference-skb-after-sending-to-VIOS.patch
(CVE-2025-21858 bsc#1239468 CVE-2025-21855 bsc#1239484).
- Update patches.suse/iommu-vt-d-Fix-suspicious-RCU-usage.patch
(git-fixes CVE-2025-21876 bsc#1240179).
- Update
patches.suse/ndisc-use-RCU-protection-in-ndisc_alloc_skb.patch
(bsc#1239994 CVE-2025-21764 bsc#1237885).
- Update
patches.suse/powerpc-code-patching-Disable-KASAN-report-during-pa.patch
(bsc#1215199 CVE-2025-21869 bsc#1240182).
- Update
patches.suse/usbnet-gl620a-fix-endpoint-checking-in-genelink_bind.patch
(git-fixes CVE-2025-21877 bsc#1240172).
- commit 9c6e710
- Update
patches.suse/block-fix-integer-overflow-in-BLKSECDISCARD.patch
(git-fixes CVE-2024-49994 bsc#1225770 bsc#1237757).
- Update
patches.suse/crypto-qat-qat_420xx-fix-off-by-one-in-uof_get_name.patch
(jsc#PED-12416 CVE-2024-53163 bsc#1234828).
- Update
patches.suse/crypto-qat-validate-slices-count-returned-by-FW.patch
(jsc#PED-12416 CVE-2024-38606 bsc#1226871).
- Update
patches.suse/dm-raid-Fix-WARN_ON_ONCE-check-for-sync_thread-in-ra.patch
(git-fixes CVE-2024-43820 bsc#1229311).
- Update
patches.suse/fbdev-pxafb-Fix-possible-use-after-free-in-pxafb_tas.patch
(stable-fixes CVE-2024-49924 bsc#1232364).
- Update
patches.suse/media-cx24116-prevent-overflows-on-SNR-calculus.patch
(git-fixes CVE-2024-50290 bsc#1233479 bsc#1225742).
- Update
patches.suse/media-dvbdev-prevent-the-risk-of-out-of-memory-acces.patch
(git-fixes CVE-2024-53063 bsc#1233557 bsc#1225742).
- commit e0b966a
- IB/mad: Check available slots before posting receive WRs (git-fixes)
- commit 34587d0
- RDMA/mlx5: Fix calculation of total invalidated pages (git-fixes)
- commit 2fa0f31
- RDMA/mlx5: Fix mlx5_poll_one() cur_qp update flow (git-fixes)
- commit b249c41
- RDMA/mlx5: Fix cache entry update on dereg error (git-fixes)
- commit 0fe5ca5
- RDMA/mlx5: Fix MR cache initialization error flow (git-fixes)
- commit e5c2137
- RDMA/erdma: Prevent use-after-free in erdma_accept_newconn() (git-fixes)
- commit 3634652
- power: supply: max77693: Fix wrong conversion of charge input
threshold value (git-fixes).
- pinctrl: qcom: Clear latched interrupt status when changing
IRQ type (git-fixes).
- pinctrl: tegra: Set SFIO mode to Mux Register (git-fixes).
- pinctrl: intel: Fix wrong bypass assignment in
intel_pinctrl_probe_pwm() (git-fixes).
- pinctrl: renesas: rza2: Fix missing of_node_put() call
(git-fixes).
- pinctrl: renesas: rzv2m: Fix missing of_node_put() call
(git-fixes).
- backlight: led_bl: Hold led_access lock when calling
led_sysfs_disable() (git-fixes).
- leds: rgb: leds-qcom-lpg: Fix calculation of best period Hi-Res
PWMs (git-fixes).
- leds: rgb: leds-qcom-lpg: Fix pwm resolution max for Hi-Res PWMs
(git-fixes).
- Revert "leds-pca955x: Remove the unused function
pca95xx_num_led_regs()" (stable-fixes).
- crypto: nx - Fix uninitialised hv_nxc on error (git-fixes).
- crypto: qat - remove access to parity register for QAT GEN4
(git-fixes).
- crypto: qat - set parity error mask for qat_420xx (git-fixes).
- crypto: ccp - Fix uAPI definitions of PSP errors (git-fixes).
- crypto: iaa - Test the correct request flag (git-fixes).
- crypto: hisilicon/sec2 - fix for sec spec check (git-fixes).
- crypto: hisilicon/sec2 - fix for aead authsize alignment
(git-fixes).
- crypto: hisilicon/sec2 - fix for aead auth key length
(git-fixes).
- crypto: ccp - Fix check for the primary ASP device (git-fixes).
- lib: 842: Improve error handling in sw842_compress()
(git-fixes).
- commit 8ad02d4
- mfd: ene-kb3930: Fix a potential NULL pointer dereference
(git-fixes).
- mfd: sm501: Switch to BIT() to mitigate integer overflows
(git-fixes).
- mfd: syscon: Fix race in device_node_get_regmap() (git-fixes).
- mfd: syscon: Use scoped variables with memory allocators to
simplify error paths (stable-fixes).
- mfd: syscon: Add of_syscon_register_regmap() API (stable-fixes).
- mfd: syscon: Remove extern from function prototypes
(stable-fixes).
- commit 87db269
- ocfs2: mark dquot as inactive if failed to start trans while
releasing dquot (git-fixes).
- commit 54dc104
- ocfs2: fix deadlock in ocfs2_get_system_file_inode (git-fixes).
- commit 73be6ce
- ocfs2: update seq_file index in ocfs2_dlm_seq_next (git-fixes).
- commit ef7689a
- ocfs2: check dir i_size in ocfs2_find_entry (git-fixes).
- commit cc4c3a7
- ocfs2: handle a symlink read error correctly (git-fixes).
- commit 79c2998
- dlm: prevent NPD when writing a positive value to event_done
(git-fixes).
- commit 8f717c8
- jfs: add index corruption check to DT_GETPAGE() (git-fixes).
- commit bb32126
- jfs: fix slab-out-of-bounds read in ea_get() (git-fixes).
- commit 45fdfe2
- jfs: add check read-only before truncation in
jfs_truncate_nolock() (git-fixes).
- commit 88c1bf9
- jfs: add check read-only before txBeginAnon() call (git-fixes).
- commit 7ae1e64
- jfs: reject on-disk inodes of an unsupported type (git-fixes).
- commit fd3fbef
- Move upstreamed nfsd and sunrpc patches into sorted section
- commit 8ca9bbb
- Move upstreamed PCI and initramfs patches into sorted section
- commit 66970bb
- Move upstreamed powerpc and SCSI patches into sorted section
- commit 21807c4
- PCI: xilinx-cpm: Fix IRQ domain leak in error path of probe
(git-fixes).
- PCI: dwc: ep: Return -ENOMEM for allocation failures
(git-fixes).
- PCI: cadence-ep: Fix the driver to send MSG TLP for INTx
without data payload (git-fixes).
- PCI: brcmstb: Fix potential premature regulator disabling
(git-fixes).
- PCI: brcmstb: Fix error path after a call to
regulator_bulk_get() (git-fixes).
- PCI: brcmstb: Use internal register to change link capability
(git-fixes).
- PCI: brcmstb: Set generation limit before PCIe link up
(git-fixes).
- PCI: brcmstb: Fix missing of_node_put() in brcm_pcie_probe()
(git-fixes).
- PCI: Avoid reset when disabled via sysfs (git-fixes).
- PCI: pciehp: Don't enable HPIE when resuming in poll mode
(git-fixes).
- PCI/portdrv: Only disable pciehp interrupts early when needed
(git-fixes).
- PCI: Remove stray put_device() in pci_register_host_bridge()
(git-fixes).
- PCI: Fix reference leak in pci_alloc_child_bus() (git-fixes).
- PCI/ASPM: Fix link state exit during switch upstream function
removal (git-fixes).
- PCI/ACS: Fix 'pci=config_acs=' parameter (git-fixes).
- drm/amd/display: avoid NPD when ASIC does not support DMUB
(git-fixes).
- drm/mediatek: dsi: fix error codes in mtk_dsi_host_transfer()
(git-fixes).
- drm/mediatek: dp: drm_err => dev_err in HPD path to avoid NULL
ptr (git-fixes).
- drm/mediatek: mtk_hdmi: Fix typo for aud_sampe_size member
(git-fixes).
- drm/mediatek: mtk_hdmi: Unregister audio platform device on
failure (git-fixes).
- drm/msm/a6xx: Fix a6xx indexed-regs in devcoreduump (git-fixes).
- drm/msm/a6xx: Fix stale rpmh votes from GPU (git-fixes).
- drm/msm/dsi: Set PHY usescase (and mode) before registering
DSI host (git-fixes).
- drm/msm/dsi: Use existing per-interface slice count in DSC
timing (git-fixes).
- drm/msm/dpu: don't use active in atomic_check() (git-fixes).
- drm/amd/display: fix type mismatch in
CalculateDynamicMetadataParameters() (git-fixes).
- drm/amdkfd: Fix Circular Locking Dependency in
'svm_range_cpu_invalidate_pagetables' (git-fixes).
- drm/bridge: Fix spelling mistake "gettin" -> "getting"
(git-fixes).
- drm/repaper: fix integer overflows in repeat functions
(git-fixes).
- drm/panel: ilitek-ili9882t: fix GPIO name in error message
(git-fixes).
- drm/i915/dsi: Use TRANS_DDI_FUNC_CTL's own port width macro
(git-fixes).
- drm/amdgpu: Replace Mutex with Spinlock for RLCG register
access to avoid Priority Inversion in SRIOV (git-fixes).
- drm/amdgpu/umsch: declare umsch firmware (git-fixes).
- drm/radeon/ci_dpm: Remove needless NULL checks of dpm tables
(git-fixes).
- drm/vkms: Fix use after free and double free on init error
(git-fixes).
- drm: xlnx: zynqmp: Fix max dma segment size (git-fixes).
- drm/bridge: it6505: fix HDCP V match check is not performed
correctly (git-fixes).
- drm/dp_mst: Fix drm RAD print (git-fixes).
- drm/ssd130x: ensure ssd132x pitch is correct (git-fixes).
- drm/ssd130x: fix ssd132x encoding (git-fixes).
- drm/ssd130x: Set SPI .id_table to prevent an SPI core warning
(git-fixes).
- drm/bridge: ti-sn65dsi86: Fix multiple instances (git-fixes).
- fbdev: sm501fb: Add some geometry checks (git-fixes).
- mdacon: rework dependency list (git-fixes).
- dummycon: fix default rows/cols (git-fixes).
- fbdev: au1100fb: Move a variable assignment behind a null
pointer check (git-fixes).
- tpm, tpm_tis: Fix timeout handling when waiting for TPM status
(git-fixes).
- tpm: do not start chip while suspended (git-fixes).
- regulator: check that dummy regulator has been probed before
using it (stable-fixes).
- drm/amd/display: Use HW lock mgr for PSR1 when only one eDP
(git-fixes).
- drm/amdgpu: Fix JPEG video caps max size for navi1x and raven
(stable-fixes).
- drm/amdgpu: Fix MPEG2, MPEG4 and VC1 video caps max size
(stable-fixes).
- soc: imx8m: Unregister cpufreq and soc dev in cleanup path
(git-fixes).
- soc: imx8m: Use devm_* to simplify probe failure handling
(stable-fixes).
- soc: imx8m: Remove global soc_uid (stable-fixes).
- fbdev: pxafb: Fix possible use after free in pxafb_task()
(stable-fixes).
- commit 0b221d1
- mptcp: pm: only set fullmesh for subflow endp (CVE-2025-21706 bsc#1238528)
- commit 1499b76
- net: ipv6: fix dst refleaks in rpl, seg6 and ioam6 lwtunnels
(git-fixes).
- net: ipv6: ioam6_iptunnel: mitigate 2-realloc issue (git-fixes).
- ioam6: improve checks on user data (git-fixes).
- net: ipv6: ioam6: new feature tunsrc (git-fixes).
- net: ipv6: ioam6: code alignment (git-fixes).
- ipv6: ioam: block BH from ioam6_output() (git-fixes).
- commit 2678976
- af_unix: Remove put_pid()/put_cred() in copy_peercred()
(bsc#1240334).
- commit 3c2ac6a
- splice: do not checksum AF_UNIX sockets (bsc#1240333).
- commit 73d1c92
- Reapply "wifi: ath11k: restore country code during resume"
(bsc#1207948).
- wifi: ath11k: choose default PM policy for hibernation
(bsc#1207948).
- wifi: ath11k: support non-WoWLAN mode suspend as well
(bsc#1207948).
- wifi: ath11k: refactor ath11k_core_suspend/_resume()
(bsc#1207948).
- wifi: ath11k: introduce ath11k_core_continue_suspend_resume()
(bsc#1207948).
- wifi: ath11k: determine PM policy based on machine model
(bsc#1207948).
- commit 776bdcc
- tee: optee: Fix supplicant wait loop (CVE-2025-21871
bsc#1240183).
- ASoC: SOF: ipc4-topology: Harden loops for looking up ALH
copiers (CVE-2025-21870 bsc#1240191).
- commit d4df66d
- kunit: qemu_configs: sparc: use Zilog console (git-fixes).
- bus: qcom-ssc-block-bus: Fix the error handling path of
qcom_ssc_block_bus_probe() (git-fixes).
- bus: qcom-ssc-block-bus: Remove some duplicated iounmap()
calls (git-fixes).
- memory: mtk-smi: Add ostd setting for mt8192 (git-fixes).
- soc: samsung: exynos-chipid: Add NULL pointer check in
exynos_chipid_probe() (git-fixes).
- soc: mediatek: mt8365-mmsys: Fix routing table masks and values
(git-fixes).
- soc: mediatek: mt8167-mmsys: Fix missing regval in all entries
(git-fixes).
- firmware: arm_scmi: use ioread64() instead of ioread64_hi_lo()
(git-fixes).
- firmware: arm_ffa: Explicitly cast return value from FFA_VERSION
before comparison (git-fixes).
- Bluetooth: HCI: Add definition of hci_rp_remote_name_req_cancel
(git-fixes).
- wifi: mt76: mt7925: remove unused acpi function for clc
(git-fixes).
- wifi: mt76: Add check for devm_kstrdup() (git-fixes).
- wifi: mt76: mt7925: fix country count limitation for CLC
(git-fixes).
- wifi: mt76: mt7925: ensure wow pattern command align fw format
(git-fixes).
- wifi: mt76: mt7915: fix possible integer overflows in
mt7915_muru_stats_show() (git-fixes).
- wifi: rtw89: pci: correct ISR RDU bit for 8922AE (git-fixes).
- wifi: rtw89: fw: correct debug message format in
rtw89_build_txpwr_trk_tbl_from_elm() (git-fixes).
- wifi: mwifiex: Fix premature release of RF calibration data
(git-fixes).
- wifi: cfg80211: init wiphy_work before allocating rfkill fails
(git-fixes).
- wifi: ath12k: Clear affinity hint before calling
ath12k_pci_free_irq() in error path (git-fixes).
- wifi: ath11k: Clear affinity hint before calling
ath11k_pcic_free_irq() in error path (git-fixes).
- wifi: ath11k: add srng->lock for ath11k_hal_srng_* in monitor
mode (git-fixes).
- wifi: ath11k: fix RCU stall while reaping monitor destination
ring (git-fixes).
- wifi: ath11k: fix wrong overriding for VHT Beamformee STS
Capability (git-fixes).
- wifi: ath9k: do not submit zero bytes to the entropy pool
(git-fixes).
- wifi: ath12k: encode max Tx power in scan channel list command
(git-fixes).
- broadcom: fix supported flag check in periodic output function
(git-fixes).
- wifi: mac80211: fix integer overflow in hwmp_route_info_get()
(git-fixes).
- commit 62d1ca7
- drop_monitor: fix incorrect initialization order (CVE-2025-21862
bsc#1239474).
- rds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current->nsproxy
(CVE-2025-21635 bsc#1236111).
- net/smc: protect link down work from execute after lgr freed
(CVE-2024-56718 bsc#1235589).
- netfilter: IDLETIMER: Fix for possible ABBA deadlock
(CVE-2024-54683 bsc#1235729).
- net/smc: fix LGR and link use-after-free issue (CVE-2024-56640
bsc#1235436).
- ipv6: Fix soft lockups in fib6_select_path under high next
hop churn (CVE-2024-56703 bsc#1235455).
- commit 32a040d
- kABI fix for net: ipv6: support reporting otherwise unknown
prefix flags in RTM_NEWPREFIX (git-fixes).
- commit 3656735
- net: avoid race between device unregistration and ethnl ops
(CVE-2025-21701 bsc#1237164).
- commit adae27d
- net: usb: usbnet: restore usb%d name exception for local mac
addresses (bsc#1234480).
- commit 0605bcc
- x86/entry: Add __init to ia32_emulation_override_cmdline()
(git-fixes).
- commit 98c0019
- ALSA: hda: Fix speakers on ASUS EXPERTBOOK P5405CSA 1.0
(stable-fixes).
- Refresh
patches.suse/ALSA-hda-realtek-Add-support-for-various-ASUS-Laptop.patch.
- commit a9e9dbb
- ALSA: hda/realtek: Add support for various HP Laptops using
CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS B5405 and B5605 Laptops
using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS B3405 and B3605 Laptops
using CS35L41 HDA (stable-fixes).
- commit 249008f
- ALSA: usb-audio: Add quirk for Plantronics headsets to fix
control names (stable-fixes).
- ALSA: hda/realtek: Support mute LED on HP Laptop 15s-du3xxx
(stable-fixes).
- commit 401355a
- coredump: Fixes core_pipe_limit sysctl proc_handler (git-fixes).
- ata: libata: Fix NCQ Non-Data log not supported print
(git-fixes).
- mtd: nand: Fix a kdoc comment (git-fixes).
- mtd: rawnand: brcmnand: fix PM resume warning (git-fixes).
- mtd: Add check for devm_kcalloc() (git-fixes).
- mtd: Replace kcalloc() with devm_kcalloc() (git-fixes).
- HID: Enable playstation driver independently of sony driver
(git-fixes).
- HID: remove superfluous (and wrong) Makefile entry for
CONFIG_INTEL_ISH_FIRMWARE_DOWNLOADER (git-fixes).
- platform/x86: dell-ddv: Fix temperature calculation (git-fixes).
- ALSA: hda/realtek: Fix built-in mic assignment on ASUS VivoBook
X515UA (git-fixes).
- ASoC: cs35l41: check the return value from spi_setup()
(git-fixes).
- ASoC: ti: j721e-evm: Fix clock configuration for
ti,j7200-cpb-audio compatible (git-fixes).
- ALSA: usb-audio: separate DJM-A9 cap lvl options (git-fixes).
- ALSA: hda/realtek: Always honor no_shutup_pins (git-fixes).
- ALSA: pcm: Drop superfluous NULL check in
snd_pcm_format_set_silence() (git-fixes).
- commit 52d0d3b
- netfilter: nf_set_pipapo: fix initial map fill (CVE-2024-57947
bsc#1236333).
- commit 970aeca
- include: net: add static inline dst_dev_overhead() to dst.h
(git-fixes).
- commit 38a62b9
- Refresh patches.suse/tpm-send_data-Wait-longer-for-the-TPM-to-become-read.patch.
Also extend the remaining tpm_tis_send_data timeout (bsc#1235870).
- commit 4b3d91d
- x86/microcode/intel: Add a minimum required revision for late loading (git-fixes).
- commit 5da2185
- x86/microcode: Prepare for minimal revision check (git-fixes).
- commit c420631
- x86/microcode: Handle "offline" CPUs correctly (git-fixes).
- commit 392e00e
- x86/apic: Provide apic_force_nmi_on_cpu() (git-fixes).
- commit b3900fd
- cpufreq/amd-pstate: Fix max_perf updation with schedutil
(bsc#1239707).
- commit fefd3ab
- kABI fix for ipv6: remove hard coded limitation on ipv6_pinfo
(git-fixes).
- commit 2b5c9da
- x86/microcode: Protect against instrumentation (git-fixes).
- commit c6912a2
- x86/microcode: Rendezvous and load in NMI (git-fixes).
- commit 62c98c3
- x86/microcode: Replace the all-in-one rendevous handler (git-fixes).
- commit 918f8ee
- x86/microcode: Provide new control functions (git-fixes).
- commit 8430c04
- x86/microcode: Add per CPU control field (git-fixes).
- commit 866b0a5
- x86/microcode: Add per CPU result state (git-fixes).
- commit 579033e
- net/smc: check smcd_v2_ext_offset when receiving proposal msg
(CVE-2024-47408 bsc#1235711).
- commit 2f01046
- x86/microcode: Clarify the late load logic (git-fixes).
- commit 6230ee4
- x86/microcode: Handle "nosmt" correctly (git-fixes).
- Refresh
patches.suse/x86-microcode-Sanitize-__wait_for_cpus.patch.
- commit dc94359
- x86/microcode: Clean up mc_cpu_down_prep() (git-fixes).
- commit bdacddf
- x86/microcode: Get rid of the schedule work indirection (git-fixes).
- commit 6a00f9e
- x86/microcode: Mop up early loading leftovers (git-fixes).
- commit 9018df4
- kABI fix for "netfilter: nft_inner: incorrect percpu area
handling under softirq" (CVE-2024-56638 bsc#1235524).
- commit 3acf757
- ipv6: introduce dst_rt6_info() helper (git-fixes).
- Refresh patches.suse/ipv6-prevent-UAF-in-ip6_send_skb.patch.
- Refresh patches.suse/net-fix-__dst_negative_advice-race.patch.
- commit a265247
- ipv6: sr: add missing seg6_local_exit (git-fixes).
- Refresh
patches.suse/ipv6-sr-fix-incorrect-unregister-order.patch.
- commit ef06a22
- ipv6: annotate data-races around cnf.disable_ipv6 (git-fixes).
- Refresh
patches.suse/ipv6-prevent-NULL-dereference-in-ip6_output.patch.
- commit 97af13b
- x86/microcode/amd: Use cached microcode for AP load (git-fixes).
- commit 916bc1a
- x86/microcode/amd: Cache builtin/initrd microcode early (git-fixes).
- commit 6cd5382
- x86/microcode/amd: Cache builtin microcode too (git-fixes).
- commit d0a37ed
- x86/microcode/amd: Use correct per CPU ucode_cpu_info (git-fixes).
- commit 834a488
- x86/microcode: Remove pointless apply() invocation (git-fixes).
- commit a5ea134
- ipv6: Set errno after ip_fib_metrics_init() in
ip6_route_info_create() (git-fixes).
- ipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw()
(git-fixes).
- net: ipv6: fix missing dst ref drop in ila lwtunnel (git-fixes).
- net: ipv6: fix dst ref loop in ila lwtunnel (git-fixes).
- net: ipv6: fix dst ref loop on input in rpl lwt (git-fixes).
- net: ipv6: fix dst ref loop on input in seg6 lwt (git-fixes).
- net: ipv6: rpl_iptunnel: mitigate 2-realloc issue (git-fixes).
- net: ipv6: seg6_iptunnel: mitigate 2-realloc issue (git-fixes).
- ipv6: release nexthop on device removal (CVE-2024-56751
bsc#1234936).
- net: ipv6: select DST_CACHE from IPV6_RPL_LWTUNNEL (git-fixes).
- net: ipv6: rpl_iptunnel: Fix memory leak in rpl_input
(git-fixes).
- ipv6: fix ndisc_is_useropt() handling for PIO (git-fixes).
- ipv6: take care of scope when choosing the src addr (git-fixes).
- net: use unrcu_pointer() helper (git-fixes).
- ipv6: sr: block BH in seg6_output_core() and seg6_input_core()
(git-fixes).
- net: ipv6: rpl_iptunnel: block BH in rpl_output() and
rpl_input() (git-fixes).
- net: ipv6: fix wrong start position when receive hop-by-hop
fragment (git-fixes).
- ipv6: fib: hide unused 'pn' variable (git-fixes).
- ipv6: fib6_rules: flush route cache when rule is changed
(git-fixes).
- commit ae4c044
- ipv6: properly combine dev_base_seq and ipv6.dev_addr_genid
(git-fixes).
- ipv6: Ensure natural alignment of const ipv6 loopback and
router addresses (git-fixes).
- commit 3e6f7bb
- net: ipv6: support reporting otherwise unknown prefix flags
in RTM_NEWPREFIX (git-fixes).
- ipv6: fix potential NULL deref in fib6_add() (git-fixes).
- ipv6: avoid atomic fragment on GSO packets (git-fixes).
- ipv6: remove hard coded limitation on ipv6_pinfo (git-fixes).
- commit aab80f1
- x86/microcode/intel: Rework intel_find_matching_signature() (git-fixes).
- commit a8e1ba8
- x86/microcode/intel: Reuse intel_cpu_collect_info() git-fixes).
- commit 12d10b3
- x86/microcode/intel: Rework intel_cpu_collect_info() (git-fixes).
- commit 44d31ee
- x86/microcode/intel: Unify microcode apply() functions (git-fixes).
- Refresh
patches.suse/x86-microcode-intel-Remove-unnecessary-cache-writeback-and.patch.
- commit fd684d8
- x86/microcode/intel: Switch to kvmalloc() (git-fixes).
- commit deae801
- x86/microcode/intel: Save the microcode only after a successful late-load (git-fixes).
- commit c89162d
- x86/microcode/intel: Simplify early loading (git-fixes).
- commit 571e4fe
- x86/microcode/intel: Cleanup code further (git-fixes).
- commit 53a643e
- x86/microcode/32: Move early loading after paging enable (git-fixes).
- commit f3beb78
- x86/boot/32: Temporarily map initrd for microcode loading (git-fixes).
- commit f25c748
- x86/microcode: Provide CONFIG_MICROCODE_INITRD32 (git-fixes).
- commit 040895c
- x86/boot/32: Restructure mk_early_pgtbl_32() (git-fixes).
- commit bf7e36d
- x86/boot/32: De-uglify the 2/3 level paging difference in mk_early_pgtbl_32() (git-fixes).
- commit cb4b02a
- x86/boot: Use __pa_nodebug() in mk_early_pgtbl_32() (git-fixes).
- commit 1ec4661
- x86/boot/32: Disable stackprotector and tracing for mk_early_pgtbl_32() (git-fixes).
- commit 1bef486
- x86/microcode/intel: Simplify and rename generic_load_microcode() (git-fixes).
- commit 7d2da5d
- x86/microcode/intel: Simplify scan_microcode() (git-fixes).
- commit 4164fad
- x86/microcode/intel: Rip out mixed stepping support for Intel CPUs (git-fixes).
- commit 842e778
- x86/microcode/intel: Remove pointless mutex (git-fixes).
- commit d92edaf
- x86/microcode/intel: Remove debug code (git-fixes).
- commit f06da57
- x86/microcode: Move core specific defines to local header (git-fixes).
- Delete
patches.suse/x86-cpu-Fix-amd_check_microcode-declaration.patch.
- commit 68e5a18
- x86/hyperv: Fix output argument to hypercall that changes page
visibility (git-fixes).
- x86/hyperv/vtl: Stop kernel from probing VTL0 low memory
(git-fixes).
- commit d929456
- x86/microcode/intel: Rename get_datasize() since its used externally (git-fixes).
- commit cd4315f
- x86/microcode: Make reload_early_microcode() static (git-fixes).
- commit adc4f73
- x86/microcode: Include vendor headers into microcode.h (git-fixes).
- Refresh
patches.suse/platform-x86-intel-ifs-Gen2-scan-image-loading.patch.
- commit 9b8d381
- x86/microcode/intel: Move microcode functions out of cpu/intel.c (git-fixes).
- Refresh
patches.suse/x86-cpu-intel-Detect-TME-keyid-bits-before-setting-MTRR-ma.patch.
- commit 4e2f346
- x86/microcode: Hide the config knob (git-fixes).
- commit d6f3245
- x86/mm: Remove unused microcode.h include (git-fixes).
- commit 88b351c
- x86/microcode: Remove microcode_mutex (git-fixes).
- commit 9723346
- Revert "wifi: ath11k: support hibernation" (bsc#1207948).
- commit 36caa36
- Revert "wifi: ath11k: restore country code during resume"
(bsc#1207948).
- commit 18bdb23
- x86/microcode: Sanitize __wait_for_cpus() (git-fixes).
- commit 4a52b36
- x86/platform/olpc: Remove unused variable 'len' in olpc_dt_compatible_match() (git-fixes).
- commit a5f84ff
- x86/entry: Add __init to ia32_emulation_override_cmdline() (git-fixes).
- commit e6ba4df
- x86/coco: Replace 'static const cc_mask' with the newly introduced cc_get_mask() function (git-fixes).
- commit c13c7b0
- x86/usercopy: Fix kernel-doc func param name in clean_cache_range()'s description (git-fixes).
- commit 8e4bd72
- x86/fpu: Fix guest FPU state buffer allocation size (git-fixes).
- commit 0180053
- media: vim2m: print device name after registering device
(git-fixes).
- media: platform: stm32: Add check for clk_enable() (git-fixes).
- media: siano: Fix error handling in smsdvb_module_init()
(git-fixes).
- media: v4l2-dv-timings: prevent possible overflow in
v4l2_detect_gtf() (git-fixes).
- media: venus: hfi: add a check to handle OOB in sfr region
(git-fixes).
- media: venus: hfi: add check to handle incorrect queue size
(git-fixes).
- media: venus: hfi_parser: refactor hfi packet parsing logic
(git-fixes).
- media: venus: hfi_parser: add check to avoid out of bound access
(git-fixes).
- media: visl: Fix ERANGE error when setting enum controls
(git-fixes).
- media: platform: allgro-dvt: unregister v4l2_device on the
error path (git-fixes).
- media: verisilicon: HEVC: Initialize start_bit field
(git-fixes).
- media: i2c: adv748x: Fix test pattern selection mask
(git-fixes).
- media: i2c: ov7251: Introduce 1 ms delay between regulators
and en GPIO (git-fixes).
- media: i2c: ov7251: Set enable GPIO low in probe (git-fixes).
- media: i2c: ccs: Set the device's runtime PM status correctly
in remove (git-fixes).
- media: streamzap: prevent processing IR data on URB failure
(git-fixes).
- media: streamzap: fix race between device disconnection and
urb callback (git-fixes).
- auxdisplay: panel: Fix an API misuse in panel.c (git-fixes).
- mmc: omap: Fix memory leak in mmc_omap_new_slot (git-fixes).
- memstick: rtsx_usb_ms: Fix slab-use-after-free in
rtsx_usb_ms_drv_remove (git-fixes).
- mmc: sdhci-omap: Disable MMC_CAP_AGGRESSIVE_PM for eMMC/SD
(git-fixes).
- spi: cadence-qspi: Fix probe on AM62A LP SK (git-fixes).
- thermal: int340x: Add NULL check for adev (git-fixes).
- PM: sleep: Fix handling devices with direct_complete set on
errors (git-fixes).
- PM: sleep: Adjust check before setting power.must_resume
(git-fixes).
- selftests/x86/syscall: Fix coccinelle WARNING recommending
the use of ARRAY_SIZE() (git-fixes).
- commit d741ce2
- smb: client: Add check for next_buffer in receive_encrypted_standard() (CVE-2025-21844 bsc#1239512)
- commit 5413aee
- smb: client: destroy cfid_put_wq on module exit (git-fixes).
- commit c180144
- ipv6: mcast: extend RCU protection in igmp6_send()
(CVE-2025-21759 bsc#1238738).
- commit 400a352
- ndisc: extend RCU protection in ndisc_send_skb() (CVE-2025-21760
bsc#1238763).
- commit 156bf64
- vrf: use RCU protection in l3mdev_l3_out() (CVE-2025-21791
bsc#1238512).
- commit f01aefb
- openvswitch: use RCU protection in ovs_vport_cmd_fill_info()
(CVE-2025-21761 bsc#1238775).
- commit 742de46
- arp: use RCU protection in arp_xmit() (CVE-2025-21762
bsc#1238780).
- commit 816de2a
- neighbour: use RCU protection in __neigh_notify()
(CVE-2025-21763 bsc#1237897).
- commit f8fc7e4
- ndisc: use RCU protection in ndisc_alloc_skb() (bsc#1239994).
- commit d3f8de7
- ndisc: ndisc_send_redirect() must use dev_get_by_index_rcu()
(bsc#1239994).
- commit 60e0c13
- x86/cpu/intel: Detect TME keyid bits before setting MTRR mask registers (git-fixes).
- commit 8abe0aa
- x86/cpu: Allow reducing x86_phys_bits during early_identify_cpu() (git-fixes).
- commit 095440f
- intel_idle: Add ibrs_off module parameter to force-disable IBRS (git-fixes).
- commit c35924e
- intel_idle: Use __update_spec_ctrl() in intel_idle_ibrs() (git-fixes).
- Refresh
patches.suse/x86-Fix-CPUIDLE_FLAG_IRQ_ENABLE-leaking-timer-reprogram.patch.
- commit d3998f0
- x86/idle: Disable IBRS when CPU is offline to improve single-threaded performance (git-fixes).
- commit 317b615
- x86/speculation: Add __update_spec_ctrl() helper (git-fixes).
- commit 3276cd3
- lockdep: Don't disable interrupts on RT in
disable_irq_nosync_lockdep.*() (git-fixes).
- kbuild: hdrcheck: fix cross build with clang (git-fixes).
- commit 77968cd
- ipv6: Use RCU in ip6_input() (bsc#1239994).
- commit 29ec493
- ipv6: icmp: convert to dev_net_rcu() (bsc#1239994).
- commit 4c35517
- flow_dissector: use RCU protection to fetch dev_net()
(bsc#1239994).
- commit a0e50a6
- ipv6: use RCU protection in ip6_default_advmss() (CVE-2025-21765
bsc#1237906).
- commit c531d1f
- ipv4: use RCU protection in rt_is_expired() (bsc#1239994).
- commit 48756fc
- ipv4: use RCU protection in ipv4_default_advmss() (bsc#1239994).
- commit 81b29a5
- ipv4: use RCU protection in inet_select_addr() (bsc#1239994).
- commit 5eecff1
- ipv4: use RCU protection in ip_dst_mtu_maybe_forward()
(bsc#1239994).
- commit 6188164
- ipv4: use RCU protection in __ip_rt_update_pmtu()
(CVE-2025-21766 bsc#1238754).
- commit 03eaa8b
- ipv4: add RCU protection to ip4_dst_hoplimit() (bsc#1239994).
- commit 95bdee3
- net: add dev_net_rcu() helper (bsc#1239994).
- commit 63dac1b
- net: mana: Support holes in device list reply msg (git-fixes).
- net: mana: cleanup mana struct after debugfs_remove()
(git-fixes).
- Drivers: hv: vmbus: Don't release fb_mmio resource in
vmbus_free_mmio() (git-fixes).
- clockevents/drivers/i8253: Fix stop sequence for timer 0
(git-fixes).
- commit a640830
- rpm/kernel-binary.spec.in: Fix missing 20-kernel-default-extra.conf (bsc#1239986)
sle_version was obsoleted for SLE16. It has to be combined with
suse_version check.
- commit cbd5de3
- kABI workaround for intel-ish-hid (git-fixes).
- commit c1e0e59
- HID: intel-ish-hid: Send clock sync message immediately after
reset (stable-fixes).
- commit bb56845
- kABI workaround for soc_mixer_control changes (git-fixes).
- commit 41b23df
- i2c: amd-mp2: drop free_irq() of devm_request_irq() allocated
irq (git-fixes).
- USB: serial: ftdi_sio: add support for Altera USB Blaster 3
(stable-fixes).
- USB: serial: option: fix Telit Cinterion FE990A name
(stable-fixes).
- USB: serial: option: add Telit Cinterion FE990B compositions
(stable-fixes).
- USB: serial: option: match on interface class for Telit FN990B
(stable-fixes).
- Input: i8042 - swap old quirk combination with new quirk for
more devices (stable-fixes).
- Input: i8042 - swap old quirk combination with new quirk for
several devices (stable-fixes).
- Input: i8042 - add required quirks for missing old boardnames
(stable-fixes).
- Input: i8042 - swap old quirk combination with new quirk for
NHxxRZQ (stable-fixes).
- Input: xpad - rename QH controller to Legion Go S
(stable-fixes).
- Input: xpad - add support for TECNO Pocket Go (stable-fixes).
- Input: xpad - add support for ZOTAC Gaming Zone (stable-fixes).
- Input: xpad - add multiple supported devices (stable-fixes).
- Input: xpad - add 8BitDo SN30 Pro, Hyperkin X91 and Gamesir
G7 SE controllers (stable-fixes).
- ASoC: ops: Consistently treat platform_max as control value
(git-fixes).
- drm/i915/cdclk: Do cdclk post plane programming later
(stable-fixes).
- drm/atomic: Filter out redundant DPMS calls (stable-fixes).
- drm/amd/display: Assign normalized_pix_clk when color depth =
14 (stable-fixes).
- drm/amd/display: Restore correct backlight brightness after
a GPU reset (stable-fixes).
- drm/amd/display: Disable unneeded hpd interrupts during dm_init
(stable-fixes).
- drm/hyperv: Fix address space leak when Hyper-V DRM device is
removed (git-fixes).
- HID: apple: disable Fn key handling on the Omoton KB066
(git-fixes).
- drm/nouveau: Do not override forced connector status
(stable-fixes).
- drm/vkms: Round fixp2int conversion in lerp_u16 (stable-fixes).
- ASoC: tas2764: Set the SDOUT polarity correctly (stable-fixes).
- ASoC: tas2764: Fix power control mask (stable-fixes).
- ASoC: tas2770: Fix volume scale (stable-fixes).
- net: wwan: mhi_wwan_mbim: Silence sequence number glitch errors
(stable-fixes).
- ASoC: SOF: amd: Handle IPC replies before FW_BOOT_COMPLETE
(stable-fixes).
- ASoC: SOF: Intel: hda: add softdep pre to snd-hda-codec-hdmi
module (stable-fixes).
- ASoC: arizona/madera: use fsleep() in up/down DAPM event delays
(stable-fixes).
- usb: phy: generic: Use proper helper for property detection
(stable-fixes).
- platform/x86: thinkpad_acpi: Support for V9 DYTC platform
profiles (stable-fixes).
- platform/x86: thinkpad_acpi: Fix invalid fan speed on ThinkPad
X120e (stable-fixes).
- HID: apple: fix up the F6 key on the Omoton KB066 keyboard
(stable-fixes).
- HID: hid-apple: Apple Magic Keyboard a3203 USB-C support
(stable-fixes).
- HID: topre: Fix n-key rollover on Realforce R3S TKL boards
(stable-fixes).
- HID: ignore non-functional sensor in HP 5MP Camera
(stable-fixes).
- HID: intel-ish-hid: fix the length of MNG_SYNC_FW_CLOCK in
doorbell (stable-fixes).
- ACPI: resource: IRQ override for Eluktronics MECH-17
(stable-fixes).
- vboxsf: fix building with GCC 15 (stable-fixes).
- platform/x86/intel: pmc: fix ltr decode in pmc_core_ltr_show()
(stable-fixes).
- commit 3767537
- regulator: dummy: force synchronous probing (git-fixes).
- regulator: core: Fix deadlock in create_regulator() (git-fixes).
- commit 74ce27f
- libperf cpumap: Grow array of read CPUs in smaller increments
(bsc#1234698 jsc#PED-12309).
- libperf cpumap: Remove use of perf_cpu_map__read() (bsc#1234698
jsc#PED-12309).
- perf pmu: Remove use of perf_cpu_map__read() (bsc#1234698
jsc#PED-12309).
- libperf cpumap: Be tolerant of newline at the end of a cpumask
(bsc#1234698 jsc#PED-12309).
- libperf cpumap: Hide/reduce scope of MAX_NR_CPUS (bsc#1234698
jsc#PED-12309).
- perf cpumap: Reduce transitive dependencies on libperf
MAX_NR_CPUS (bsc#1234698 jsc#PED-12309).
- perf: Increase MAX_NR_CPUS to 4096 (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Ensure empty cpumap is NULL from alloc
(bsc#1234698 jsc#PED-12309).
- libperf cpumap: Rename perf_cpu_map__empty() to
perf_cpu_map__has_any_cpu_or_is_empty() (bsc#1234698
jsc#PED-12309).
- libperf cpumap: Rename perf_cpu_map__default_new() to
perf_cpu_map__new_online_cpus() and prefer sysfs (bsc#1234698
jsc#PED-12309).
- libperf cpumap: Rename perf_cpu_map__dummy_new() to
perf_cpu_map__new_any_cpu() (bsc#1234698 jsc#PED-12309).
- commit b89838c
- Refresh
patches.suse/udp-Deal-with-race-between-UDP-socket-address-change-and-r.patch.
- commit 4648743
- tools: move alignment-related macros to new <linux/align.h> (git-fixes).
Fix tools/ build breakage introduced by suse commit 3d6cb93162fd
"bitmap: introduce generic optimized bitmap_size() (git-fixes)"
- commit a17c3c2
- memblock tests: fix warning: "__ALIGN_KERNEL" redefined (git-fixes).
Fix tools/ build breakage introduced by suse commit 3d6cb93162fd
"bitmap: introduce generic optimized bitmap_size() (git-fixes)"
- commit 2860902
- kABI: ufshcd: add ufshcd_dealloc_host back (CVE-2025-21739
bsc#1238506).
- commit 722da19
- KVM: Explicitly verify target vCPU is online in kvm_get_vcpu()
(CVE-2024-58083 bsc#1239036).
- commit bbd863b
- nfp: bpf: Add check for nfp_app_ctrl_msg_alloc() (CVE-2025-21848
bsc#1239479).
- commit bd498df
- ACPI: processor: idle: Return an error if both P_LVL{2,3}
idle states are invalid (bsc#1237530).
- commit f46ae1f
- udp: Deal with race between UDP socket address change and rehash
(CVE-2024-57974 bsc#1238532).
- commit d248d8d
- drm/radeon: fix uninitialized size issue in
radeon_vce_cs_parse() (git-fixes).
- gpu: host1x: Do not assume that a NULL domain means no DMA IOMMU
(git-fixes).
- accel/qaic: Fix integer overflow in qaic_validate_req()
(git-fixes).
- accel/qaic: Fix possible data corruption in BOs > 2G
(git-fixes).
- drm/v3d: Don't run jobs that have errors flagged in its fence
(git-fixes).
- drm/sched: Fix fence reference count leak (git-fixes).
- batman-adv: Ignore own maximum aggregation size during RX
(git-fixes).
- Bluetooth: hci_event: Fix connection regression between LE
and non-LE adapters (git-fixes).
- Bluetooth: Fix error code in chan_alloc_skb_cb() (git-fixes).
- can: flexcan: disable transceiver during system PM (git-fixes).
- can: flexcan: only change CAN state when link up in system PM
(git-fixes).
- can: rcar_canfd: Fix page entries in the AFL list (git-fixes).
- can: ucan: fix out of bound read in strscpy() source
(git-fixes).
- mmc: sdhci-brcmstb: add cqhci suspend/resume to PM ops
(git-fixes).
- mmc: atmel-mci: Add missing clk_disable_unprepare() (git-fixes).
- commit fa047d8
- RDMA/hns: Fix wrong value of max_sge_rd (git-fixes)
- commit be0fccb
- RDMA/hns: Fix missing xa_destroy() (git-fixes)
- commit 7560f3b
- RDMA/hns: Fix a missing rollback in error path of hns_roce_create_qp_common() (git-fixes)
- commit fae22e5
- RDMA/hns: Fix unmatched condition in error path of alloc_user_qp_db() (git-fixes)
- commit 4a61cfc
- RDMA/hns: Fix soft lockup during bt pages loop (git-fixes)
- commit d7a5712
- RDMA/bnxt_re: Avoid clearing VLAN_ID mask in modify qp path (git-fixes)
- commit 1c0ffc5
- RDMA/mlx5: Handle errors returned from mlx5r_ib_rate() (git-fixes)
- commit fb56cee
- RDMA/bnxt_re: Add missing paranthesis in map_qp_id_to_tbl_indx (git-fixes)
- commit d9ad94d
- RDMA/rxe: Fix the failure of ibv_query_device() and ibv_query_device_ex() tests (git-fixes)
- commit 3a68d14
- scsi: ufs: core: Fix use-after free in init error and remove
paths (CVE-2025-21739 bsc#1238506).
- commit f971898
- btrfs: use a separate end_io handler for extent_buffer writing
(bsc#1239045).
- btrfs: don't use btrfs_bio_ctrl for extent buffer writing
(bsc#1239045).
- btrfs: remove the mirror_num argument to
btrfs_submit_compressed_read (bsc#1239045).
- btrfs: subpage: fix error handling in
end_bio_subpage_eb_writepage (bsc#1239045).
- commit 5ca42b7
- ata: sata_highbank: fix OF node reference leak in
highbank_initialize_phys() (git-fixes).
- commit a7b4ac3
- ata: sata_sil: Rename sil_blacklist to sil_quirks (git-fixes).
- commit c17a6ef
- ata: pata_serverworks: Do not use the term blacklist
(git-fixes).
- commit cdc9008
- ata: libata-scsi: Check ATA_QCFLAG_RTF_FILLED before using
result_tf (git-fixes).
- commit cf84546
- ata: libata-scsi: Remove redundant sense_buffer memsets
(git-fixes).
- commit 3ff83f7
- ata: ahci: Add mask_port_map module parameter (git-fixes).
- commit f3d1fc7
- ata: pata_parport: fit3: implement IDE command set registers
(git-fixes).
- commit b753758
- arm64: dts: rockchip: fix pinmux of UART5 for PX30 Ringneck on Haikou (git-fixes)
- commit e6786aa
- ata: pata_parport: add custom version of wait_after_reset
(git-fixes).
- commit 92ba445
- arm64: dts: rockchip: Add missing PCIe supplies to RockPro64 board (git-fixes)
- commit d1b0425
- arm64: dts: rockchip: Add avdd HDMI supplies to RockPro64 board dtsi (git-fixes)
- commit b541e7c
- arm64: dts: rockchip: Remove undocumented sdmmc property from (git-fixes)
- commit 4d05cf3
- arm64: dts: rockchip: fix pinmux of UART0 for PX30 Ringneck on Haikou (git-fixes)
- commit cfcc878
- arm64: dts: freescale: imx8mm-verdin-dahlia: add Microphone Jack to (git-fixes)
- commit e1ac37c
- arm64: dts: freescale: tqma8mpql: Fix vqmmc-supply (git-fixes)
- commit 86fe977
- arm64: mm: Populate vmemmap at the page level if not section aligned (git-fixes)
- commit 9a15b23
- arm64: dts: rockchip: add rs485 support on uart5 of (git-fixes)
- commit 674715a
- mm: zswap: move allocations during CPU init outside the lock
(git-fixes).
- commit 4a03990
- netem: Update sch->q.qlen before qdisc_tree_reduce_backlog()
(git-fixes CVE-2025-21703 bsc#1237313).
- commit ca9c9ec
- iommu/vt-d: Fix suspicious RCU usage (git-fixes).
- commit 57c0aea
- net_sched: sch_sfq: handle bigger packets (git-fixes).
- Refresh
patches.suse/net_sched-sch_sfq-don-t-allow-1-packet-limit.patch.
- commit e8a43b7
- net/sched: act_api: rely on rcu in tcf_idr_check_alloc
(git-fixes).
- Refresh
patches.suse/net-sched-act_api-fix-possible-infinite-loop-in-tcf_.patch.
- commit b0f7ecb
- net_sched: Prevent creation of classes with TC_H_ROOT
(git-fixes).
- net/sched: cls_api: fix error handling causing NULL dereference
(git-fixes CVE-2025-21857 bsc#1239478).
- net/sched: netem: account for backlog updates from child qdisc
(git-fixes CVE-2024-56770 bsc#1235637).
- net/sched: tbf: correct backlog statistic for GSO packets
(git-fixes).
- net/sched: cbs: Fix integer overflow in cbs_set_port_rate()
(git-fixes).
- net/sched: act_api: deny mismatched skip_sw/skip_hw flags for
actions created by classifiers (git-fixes).
- net/sched: taprio: make q->picos_per_byte available to
fill_sched_entry() (git-fixes).
- net/sched: adjust device watchdog timer to detect stopped
queue at right time (git-fixes).
- net_sched: sch_sfq: annotate data-races around q->perturb_period
(git-fixes).
- net/sched: flower: Add lock protection when remove filter handle
(git-fixes).
- net/sched: cls_u32: replace int refcounts with proper refcounts
(git-fixes).
- commit a5cca5e
- powerpc/pseries/eeh: move pseries_eeh_err_inject() outside
CONFIG_DEBUG_FS block (bsc#1239573).
- powerpc/pseries/eeh: Fix pseries_eeh_err_inject (bsc#1239573).
- powerpc: Stop using no_llseek (bsc#1239573).
- commit 5b9a0f5
- wifi: rtl8xxxu: Perform update_beacon_work when beaconing is
enabled (git-fixes).
- commit 39d5ea8
- kABI fix for netlink: terminate outstanding dump on socket close
(git-fixes).
- commit b2fd571
- usb: gadget: uvc: Fix ERR_PTR dereference in uvc_v4l2.c
(bsc#1232389 CVE-2024-50056).
- commit e07e4ef
- netlink: terminate outstanding dump on socket close
(CVE-2024-53140 bsc#1234222).
- net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT
(CVE-2024-53057 bsc#1233551).
- commit b824575
- usb: gadget: uvc: fix try format returns on uncompressed formats
(bsc#1232389 CVE-2024-50056).
- commit d2b161f
- mm: zswap: properly synchronize freeing resources during CPU
hotunplug (bsc#1237029 CVE-2025-21693).
- commit 215e0dc
- series.conf: temporarily disable patches.suse/md-md-bitmap-fix-writing-non-bitmap-pages-ab99.patch (bsc#1238212)
- commit bc1d649
- initramfs: fix hardlink hash leak without TRAILER (bsc#1232848).
- initramfs: allocate heap buffers together (bsc#1232848).
- init: add initramfs_internal.h (bsc#1232848).
- commit f42c132
- net: stmmac: fix TSO DMA API usage causing oops (CVE-2024-56719 bsc#1235591)
- commit 66963e5
- Documentation: qat: fix auto_reset attribute details (git-fixes).
- Documentation: qat: fix auto_reset section (git-fixes).
- commit f832e33
- supported.conf: add now-included qat_420xx (external, intel)
- commit 85940df
- net: constify sk_dst_get() and __sk_dst_get() argument
(git-fixes).
- commit a24981b
- crypto: qat - Fix missing destroy_workqueue in adf_init_aer() (jsc#PED-12416).
- crypto: qat - Fix typo "accelaration" (jsc#PED-12416).
- crypto: qat - Constify struct pm_status_row (jsc#PED-12416).
- crypto: qat - remove unused adf_devmgr_get_first (jsc#PED-12416).
- crypto: qat/qat_420xx - fix off by one in uof_get_name() (jsc#PED-12416).
- crypto: iaa - Remove potential infinite loop in check_completion() (jsc#PED-12416).
- crypto: qat - Remove trailing space after \n newline (jsc#PED-12416).
- crypto: qat - fix "Full Going True" macro definition (jsc#PED-12416).
- crypto: qat - Use static_assert() to check struct sizes (jsc#PED-12416).
- crypto: qat - allow disabling SR-IOV VFs (jsc#PED-12416).
- crypto: qat - ensure correct order in VF restarting handler (jsc#PED-12416).
- crypto: qat - fix recovery flow for VFs (jsc#PED-12416).
- crypto: qat - preserve ADF_GENERAL_SEC (jsc#PED-12416).
- crypto: qat - initialize user_input.lock for rate_limiting (jsc#PED-12416).
- crypto: qat - make adf_ctl_class constant (jsc#PED-12416).
- crypto: qat - Fix typo (jsc#PED-12416).
- crypto: qat - fix linking errors when PCI_IOV is disabled (jsc#PED-12416).
- crypto: iaa - Use kmemdup() instead of kzalloc() and memcpy() (jsc#PED-12416).
- crypto: qat - validate slices count returned by FW (jsc#PED-12416).
- crypto: qat - improve error message in adf_get_arbiter_mapping() (jsc#PED-12416).
- crypto: qat - implement dh fallback for primes > 4K (jsc#PED-12416).
- crypto: iaa - Use cpumask_weight() when rebalancing (jsc#PED-12416).
- crypto: qat - Fix spelling mistake "Invalide" -> "Invalid" (jsc#PED-12416).
- crypto: qat - Avoid -Wflex-array-member-not-at-end warnings (jsc#PED-12416).
- crypto: iaa - Change iaa statistics to atomic64_t (jsc#PED-12416).
- crypto: iaa - Add global_stats file and remove individual stat files (jsc#PED-12416).
- crypto: iaa - Remove comp/decomp delay statistics (jsc#PED-12416).
- crypto: iaa - fix decomp_bytes_in stats (jsc#PED-12416).
- crypto: qat - implement interface for live migration (jsc#PED-12416).
- crypto: qat - add interface for live migration (jsc#PED-12416).
- crypto: qat - add bank save and restore flows (jsc#PED-12416).
- crypto: qat - expand CSR operations for QAT GEN4 devices (jsc#PED-12416).
- crypto: qat - rename get_sla_arr_of_type() (jsc#PED-12416).
- crypto: qat - relocate CSR access code (jsc#PED-12416).
- crypto: qat - move PFVF compat checker to a function (jsc#PED-12416).
- crypto: qat - relocate and rename 4xxx PF2VM definitions (jsc#PED-12416).
- crypto: qat - adf_get_etr_base() helper (jsc#PED-12416).
- crypto: iaa - fix the missing CRYPTO_ALG_ASYNC in cra_flags (jsc#PED-12416).
- crypto: iaa - Fix comp/decomp delay statistics (jsc#PED-12416).
- crypto: qat - make ring to service map common for QAT GEN4 (jsc#PED-12416).
- crypto: qat - fix ring to service map for dcc in 420xx (jsc#PED-12416).
- crypto: qat - fix comment structure (jsc#PED-12416).
- crypto: qat - remove unnecessary description from comment (jsc#PED-12416).
- crypto: qat - uninitialized variable in adf_hb_error_inject_write() (jsc#PED-12416).
- crypto: qat - improve aer error reset handling (jsc#PED-12416).
- crypto: qat - limit heartbeat notifications (jsc#PED-12416).
- crypto: qat - add auto reset on error (jsc#PED-12416).
- crypto: qat - add fatal error notification (jsc#PED-12416).
- crypto: qat - re-enable sriov after pf reset (jsc#PED-12416).
- crypto: qat - update PFVF protocol for recovery (jsc#PED-12416).
- crypto: qat - disable arbitration before reset (jsc#PED-12416).
- crypto: qat - add fatal error notify method (jsc#PED-12416).
- crypto: qat - add heartbeat error simulator (jsc#PED-12416).
- crypto: qat - use kcalloc_node() instead of kzalloc_node() (jsc#PED-12416).
- crypto: iaa - Remove unnecessary debugfs_create_dir() error check in iaa_crypto_debugfs_init() (jsc#PED-12416).
- crypto: iaa - Remove header table code (jsc#PED-12416).
- crypto: qat - avoid memcpy() overflow warning (jsc#PED-12416).
- crypto: qat - fix arbiter mapping generation algorithm for QAT 402xx (jsc#PED-12416).
- crypto: qat - generate dynamically arbiter mappings (jsc#PED-12416).
- crypto: qat - add support for ring pair level telemetry (jsc#PED-12416).
- commit 5d1d9ed
- crypto: qat - add support for device telemetry (jsc#PED-12416). - Refresh patches.suse/crypto-qat-disable-IOV-in-adf_dev_stop.patch. - Refresh patches.suse/crypto-qat-remove-check-after-debugfs_create_dir.patch.
- commit 3d131da
- crypto: qat - add admin msgs for telemetry (jsc#PED-12416).
- crypto: qat - include pci.h for GET_DEV() (jsc#PED-12416).
- crypto: iaa - remove unneeded semicolon (jsc#PED-12416).
- crypto: iaa - Remove unneeded newline in update_max_adecomp_delay_ns() (jsc#PED-12416).
- crypto: iaa - Change desc->priv to 0 (jsc#PED-12416).
- crypto: qat - add support for 420xx devices (jsc#PED-12416).
- crypto: qat - move fw config related structures (jsc#PED-12416).
- crypto: qat - relocate portions of qat_4xxx code (jsc#PED-12416).
- crypto: qat - change signature of uof_get_num_objs() (jsc#PED-12416).
- seq_file: add helper macro to define attribute for rw file (jsc#PED-12416).
- commit 8fbb076
- Update config files for PED-12416: QAT_420XX=m on x86, disable error injection.
- commit bbce3cc
- mm/zswap: change per-cpu mutex and buffer to per-acomp_ctx
(bsc#1237029 CVE-2025-21693).
- commit 0b762e3
- usb: gadget: uvc: Fix use-after-free for inflight usb_requests
(bsc#1232389 CVE-2024-50056).
- commit 2525765
- usb: gadget: uvc: move video disable logic to its own function
(bsc#1232389 CVE-2024-50056).
- commit 2ceecdc
- usb: gadget: uvc: Allocate uvc_requests one at a time
(bsc#1232389 CVE-2024-50056).
- commit 4e4b74d
- usb: gadget: uvc: prevent use of disabled endpoint (bsc#1232389
CVE-2024-50056).
- commit fe7e829
- usb: gadget: uvc: clean up comments and styling in video_pump
(bsc#1232389 CVE-2024-50056).
- commit c00889e
- Bluetooth: Improve setsockopt() handling of malformed user input
(git-fixes).
- commit b7abeef
- btrfs: drop the backref cache during relocation if we commit
(bsc#1239605).
- btrfs: check delayed refs when we're checking if a ref exists
(bsc#1239605).
- commit cfc9247
- xhci: dbc: Fix STALL transfer event handling (git-fixes).
- commit cae0f76
- Update
patches.suse/net-sched-use-RCU-read-side-critical-section-in-taprio_dump.patch
(CVE-2024-50126 bsc#1232895).
- commit 4fbfb83
- xhci: dbc: Replace custom return value with proper Linux error
code (git-fixes).
- commit 8f2f3fe
- xhci: dbc: Check for errors first in xhci_dbc_stop()
(git-fixes).
- commit 393eaad
- xhci: dbc: Use ATTRIBUTE_GROUPS() (git-fixes).
- commit c847619
- xhci: dbc: Use sysfs_emit() to instead of scnprintf()
(git-fixes).
- commit fdc638e
- xhci: dbc: Convert to use sysfs_streq() (git-fixes).
- commit de56eef
- xhci: dbc: Drop duplicate checks for dma_free_coherent()
(git-fixes).
- commit b4ff421
- Update
patches.suse/xhci-Combine-two-if-statements-for-Etron-xHCI-host.patch
(git-fixes).
- Update
patches.suse/xhci-Don-t-issue-Reset-Device-command-to-Etron-xHCI-.patch
(git-fixes).
Fix false references introduced by reusing patches for SP7 needed
for a feature
- commit f1a52b1
- ila: serialize calls to nf_register_net_hooks() (CVE-2024-57900
bsc#1235973).
- commit a940895
- efi/libstub: Bump up EFI_MMAP_NR_SLACK_SLOTS to 32
(bsc#1239349).
- commit 4c2eac0
- kABI fix for tcp: replace tcp_time_stamp_raw() (git-fixes).
- kABI fix for tcp: fix cookie_init_timestamp() overflows
(git-fixes).
- commit e3c259b
- ubi: Add a check for ubi_num (git-fixes).
- ubi: fastmap: wl: Schedule fm_work if wear-leveling pool is
empty (git-fixes).
- ubi: wl: Put source PEB into correct list if trying locking
LEB failed (git-fixes).
- ubi: block: fix null-pointer-dereference in ubiblock_create()
(git-fixes).
- ubi: eba: properly rollback inside self_check_eba (git-fixes).
- ubi: correct the calculation of fastmap size (stable-fixes).
- ubi: block: Fix use-after-free in ubiblock_cleanup (git-fixes).
- ubi: fastmap: may_reserve_for_fm: Don't reserve PEB if fm_anchor
exists (git-fixes).
- ubi: fastmap: Fix missed ec updating after erasing old fastmap
data block (git-fixes).
- commit 123f0f1
- soc: qcom: pdr: Fix the potential deadlock (git-fixes).
- firmware: imx-scu: fix OF node leak in .probe() (git-fixes).
- commit cbadc13
- tcp: introduce tcp_clock_ms() (git-fixes).
- commit ef89ad4
- include/linux/mmzone.h: clean up watermark accessors
(bsc#1239600).
- commit 9cc8558
- mm: create promo_wmark_pages and clean up open-coded sites
(bsc#1239600).
- commit 9684a94
- tcp: process the 3rd ACK with sk_socket for TFO/MPTCP
(git-fixes).
- tcp: reduce accepted window in NEW_SYN_RECV state (git-fixes).
- tcp: replace tcp_time_stamp_raw() (git-fixes).
- commit 3bc54d8
- mm: accept to promo watermark (bsc#1239600).
- commit 1ee3b42
- mm: fix endless reclaim on machines with unaccepted memory
(bsc#1239600).
- commit 2f9ff68
- dm-flakey: Fix memory corruption in optional corrupt_bio_byte
feature (git-fixes).
- commit a688092
- kABI fix for tcp: drop secpath at the same time as we currently
drop (CVE-2025-21864 bsc#1239482).
- commit 79a237f
- usb: xhci: Enable the TRB overfetch quirk on VIA VL805
(git-fixes).
- commit f5ad85e
- xhci: pci: Use standard pattern for device IDs (git-fixes).
- Refresh
patches.suse/xhci-pci-Fix-indentation-in-the-PCI-device-ID-defini.patch.
- commit 6e83d36
- xhci: Don't perform Soft Retry for Etron xHCI host (git-fixes).
- commit 9beb310
- xhci: Don't issue Reset Device command to Etron xHCI host
(jsc#PED-10701).
- commit 5ad7a28
- xhci: Combine two if statements for Etron xHCI host
(jsc#PED-10701).
- commit 68c16e1
- xhci: Cleanup Candence controller PCI device and vendor ID usage
(git-fixes).
- commit df43775
- usb: xHCI: add XHCI_RESET_ON_RESUME quirk for Phytium xHCI host
(git-fixes).
- commit 1479d30
- usb: xhci: remove 'retval' from xhci_pci_resume() (git-fixes).
- commit 6f73c8c
- xhci: Apply XHCI_RESET_TO_DEFAULT quirk to TGL (git-fixes).
- commit 32a2ce7
- xhci: pci: Use PCI_VENDOR_ID_RENESAS (git-fixes).
- commit 02e0809
- xhci: pci: Group out Thunderbolt xHCI IDs (git-fixes).
- commit 3ebb63d
- xhci: pci: Use full names in PCI IDs for Intel platforms
(git-fixes).
- commit 38d020d
- ila: call nf_unregister_net_hooks() sooner (CVE-2024-46782
bsc#1230769).
- commit e9d9715
- Input: iqs7222 - preserve system status register (git-fixes).
- commit 1f2a9a2
- Input: iqs7222 - add support for IQS7222D v1.1 and v1.2
(git-fixes).
- commit 9ee6aed
- Input: iqs7222 - add support for Azoteq IQS7222D (git-fixes).
- commit 6fedbfd
- Update
patches.suse/ASoC-SOF-stream-ipc-Check-for-cstream-nullity-in-sof.patch
(git-fixes CVE-2025-21847 bsc#1239471).
- Update
patches.suse/HID-multitouch-Add-NULL-check-in-mt_input_configured.patch
(git-fixes CVE-2024-58020 bsc#1239346).
- Update
patches.suse/USB-gadget-f_midi-f_midi_complete-to-call-queue_work.patch
(git-fixes CVE-2025-21859 bsc#1239467).
- Update patches.suse/acct-perform-last-write-from-workqueue.patch
(git-fixes CVE-2025-21846 bsc#1239508).
- Update
patches.suse/block-don-t-revert-iter-for-EIOCBQUEUED.patch
(git-fixes CVE-2025-21832 bsc#1239105).
- Update
patches.suse/fbdev-omap-use-threaded-IRQ-for-LCD-DMA.patch
(stable-fixes CVE-2025-21821 bsc#1239174).
- Update
patches.suse/nfsd-clear-acl_access-acl_default-after-releasing-them.patch
(git-fixes CVE-2025-21796 bsc#1238716).
- Update
patches.suse/nvmet-Fix-crash-when-a-namespace-is-disabled.patch
(git-fixes CVE-2025-21850 bsc#1239477).
- Update
patches.suse/orangefs-fix-a-oob-in-orangefs_debug_write.patch
(git-fixes CVE-2025-21782 bsc#1239117).
- Update
patches.suse/partitions-mac-fix-handling-of-bogus-partition-table.patch
(git-fixes CVE-2025-21772 bsc#1238911).
- Update
patches.suse/powerpc-code-patching-Fix-KASAN-hit-by-not-flagging-.patch
(bsc#1215199 CVE-2025-21866 bsc#1239473).
- commit d74c347
- nvkm/gsp: correctly advance the read pointer of GSP message queue (bsc#1238997 CVE-2024-58019)
- commit 73aa11f
- i2c: sis630: Fix an error handling path in sis630_probe()
(git-fixes).
- i2c: ali15x3: Fix an error handling path in ali15x3_probe()
(git-fixes).
- i2c: ali1535: Fix an error handling path in ali1535_probe()
(git-fixes).
- i2c: omap: fix IRQ storms (git-fixes).
- commit a2963cf
- Input: ads7846 - fix gpiod allocation (git-fixes).
- commit 829ae40
- ASoC: amd: yc: Support mic on another Lenovo ThinkPad E16 Gen
2 model (stable-fixes).
- ALSA: hda/realtek: Add mute LED quirk for HP Pavilion x360
14-dy1xxx (stable-fixes).
- commit 10b7907
- ASoC: codecs: wm0010: Fix error handling path in
wm0010_spi_probe() (git-fixes).
- ASoC: rt722-sdca: add missing readable registers (git-fixes).
- drm/dp_mst: Fix locking when skipping CSN before topology
probing (git-fixes).
- drm/gma500: Add NULL check for pci_gfx_root in
mid_get_vbt_data() (git-fixes).
- drm/amd/display: Fix slab-use-after-free on hdcp_work
(git-fixes).
- commit 866bbeb
- Refresh patches.suse/mptcp-fix-rcv-buffer-auto-tuning.patch.
- Refresh
patches.suse/mptcp-move-__mptcp_error_report-in-protocol.c.patch.
- Refresh
patches.suse/tcp-define-initial-scaling-factor-value-as-a-macro.patch.
- Refresh
patches.suse/tcp-increase-the-default-TCP-scaling-ratio.patch.
After discussing with @jwiesner: re-introduce b8dc6d6ce ("mptcp: fix rcv
buffer auto-tuning")
- commit 2c38df3
- mm/migrate_device: don't add folio to be freed to LRU in
migrate_device_finalize() (CVE-2025-21861 bsc#1239483).
- commit 2aaf230
- mm: migrate_device: use more folio in migrate_device_finalize()
(CVE-2025-21861 bsc#1239483 dependency).
- commit 6c15dfd
- geneve: Suppress list corruption splat in
geneve_destroy_tunnels() (CVE-2025-21858 bsc#1239468).
- gtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl()
(CVE-2025-21865 bsc#1239481).
- ibmvnic: Don't reference skb after sending to VIOS
(CVE-2025-21858 bsc#1239468).
- geneve: Fix use-after-free in geneve_find_dev() (CVE-2025-21858
bsc#1239468).
- commit 37714b5
- drm/amdgpu: Check extended configuration space register when
system uses large bar (stable-fixes).
- Refresh
patches.suse/drm-amdgpu-disable-BAR-resize-on-Dell-G5-SE.patch.
- commit 3119f0d
- wifi: cfg80211: cancel wiphy_work before freeing wiphy
(git-fixes).
- wifi: iwlwifi: mvm: fix PNVM timeout for non-MSI-X platforms
(git-fixes).
- Bluetooth: hci_event: Fix enabling passive scanning (git-fixes).
- usb: quirks: Add DELAY_INIT and NO_LPM for Prolific Mass
Storage Card Reader (stable-fixes).
- intel_th: pci: Add Panther Lake-P/U support (stable-fixes).
- intel_th: pci: Add Panther Lake-H support (stable-fixes).
- intel_th: pci: Add Arrow Lake support (stable-fixes).
- mei: me: add panther lake P DID (stable-fixes).
- gpio: rcar: Use raw_spinlock to protect register access
(stable-fixes).
- platform/x86: thinkpad_acpi: Add battery quirk for ThinkPad
X131e (stable-fixes).
- drm/radeon: Fix rs400_gpu_init for ATI mobility radeon Xpress
200M (stable-fixes).
- drm/i915/ddi: Fix HDMI port width programming in DDI_BUF_CTL
(git-fixes).
- xhci: pci: Fix indentation in the PCI device ID definitions
(stable-fixes).
- drm/i915/xe2lpd: Move D2D enable/disable (stable-fixes).
- commit afdffc3
- Delete patches.suse/APEI-GHES-Have-GHES-honor-the-panic-setting.patch (bsc#1239615)
The panic-on-reboot behavior change is too surprsing as an update,
better to be reverted during SP
- commit 38b0ca3
- nfs: ignore SB_RDONLY when remounting nfs (bsc#1238565).
- commit dbe8ca2
- nfs: clear SB_RDONLY before getting superblock (bsc#1238565).
- commit 41b72ba
- dm-crypt: track tag_offset in convert_context (git-fixes).
- commit e418c3f
- dm-crypt: don't update io->sector after
kcryptd_crypt_write_io_submit() (git-fixes).
- commit 4e42a0d
- dm-ebs: don't set the flag DM_TARGET_PASSES_INTEGRITY
(git-fixes).
- commit d656a3c
- dm-verity FEC: Fix RS FEC repair for roots unaligned to block
size (take 2) (git-fixes).
mwilck: some hand editing because d95e2c34a3ca ("dm verity: Fix IO
priority lost when reading FEC and hash") is missing
- commit 952c7af
- dm array: fix cursor index when skipping across block boundaries
(git-fixes).
- commit 9559a70
- dm array: fix unreleased btree blocks on closing a faulty
array cursor (git-fixes).
- commit 3401ff8
- dm thin: Add missing destroy_work_on_stack() (git-fixes).
- commit b8c64af
- dm: Fix typo in error message (git-fixes).
- commit 085bad2
- dm-unstriped: cast an operand to sector_t to prevent potential
uint32_t overflow (git-fixes).
- commit 9289690
- Revert "dm: requeue IO if mapping table not yet available"
(git-fixes).
- commit 5102f1f
- dm-integrity: fix a race condition when accessing recalc_sector
(git-fixes).
- commit f9223d3
- dm persistent data: fix memory allocation failure (git-fixes).
- commit 6ad0a55
- dm resume: don't return EINVAL when signalled (git-fixes).
- commit b83910f
- dm suspend: return -ERESTARTSYS instead of -EINTR (git-fixes).
- commit d18f8de
- dm-raid: Fix WARN_ON_ONCE check for sync_thread in raid_resume
(git-fixes).
- commit 6d3fcd8
- dm init: Handle minors larger than 255 (git-fixes).
- commit 73dcd27
- bitmap: introduce generic optimized bitmap_size() (git-fixes).
- commit 3d6cb93
- dm-delay: fix max_delay calculations (git-fixes).
- commit 9bd5588
- dm-delay: fix hung task introduced by kthread mode (git-fixes).
- commit c232aae
- dm-delay: fix workqueue delay_timer race (git-fixes).
- commit d3bc4cb
- dm integrity: fix out-of-range warning (git-fixes).
- commit 94146a8
- dm-integrity: align the outgoing bio in integrity_recheck
(git-fixes).
- commit 8ef7f34
- tcp: Defer ts_recent changes until req is owned (git-fixes).
- tcp: adjust rcvq_space after updating scaling ratio (git-fixes).
- tcp: Annotate data-race around sk->sk_mark in tcp_v4_send_reset
(git-fixes).
- tcp: check space before adding MPTCP SYN options (git-fixes).
- commit 3e8333c
- tcp: fix TFO SYN_RECV to not zero retrans_stamp with retransmits
out (git-fixes).
- tcp: fix tcp_enter_recovery() to zero retrans_stamp when it's
safe (git-fixes).
- tcp: fix to allow timestamp undo if no retransmits were sent
(git-fixes).
- commit 057626d
- tcp: avoid reusing FIN_WAIT2 when trying to find port in
connect() process (git-fixes).
- commit b709352
- tcp: fix forever orphan socket caused by tcp_abort (git-fixes).
- commit ee5bb6a
- tcp: Update window clamping condition (git-fixes).
- commit 21c2df7
- tcp: Adjust clamping window for applications specifying
SO_RCVBUF (git-fixes).
- commit 45a6b13
- tcp: Don't drop SYN+ACK for simultaneous connect() (git-fixes).
- commit d347622
- tcp: fix races in tcp_v_err() (git-fixes).
- commit 7d8961a
- tcp: fix races in tcp_abort() (git-fixes).
- commit 57c21f2
- tcp: fix race in tcp_write_err() (git-fixes).
- commit f7c5a0b
- tcp: add tcp_done_with_error() helper (git-fixes).
- commit 67b079b
- tcp: fix incorrect undo caused by DSACK of TLP retransmit
(git-fixes).
- commit 7fc3dc6
- UPSTREAM: tcp: fix DSACK undo in fast recovery to call
tcp_try_to_open() (git-fixes).
- commit 481ef49
- tcp: fix tcp_rcv_fastopen_synack() to enter TCP_CA_Loss for
failed TFO (git-fixes).
- commit e0d6e17
- tcp: clear tp->retrans_stamp in tcp_rcv_fastopen_synack()
(git-fixes).
- commit 2f9ac53
- tcp: fix race in tcp_v6_syn_recv_sock() (git-fixes).
- commit debc800
- tcp: count CLOSE-WAIT sockets for TCP_MIB_CURRESTAB (git-fixes).
- commit e578c32
- tcp: remove 64 KByte limit for initial tp->rcv_wnd value
(git-fixes).
- commit a0f87a0
- tcp: avoid premature drops in tcp_add_backlog() (git-fixes).
- commit 9d8f16e
- tcp: increase the default TCP scaling ratio (git-fixes).
- commit 37d2a56
- tcp: annotate data-races around tp->window_clamp (git-fixes).
- Refresh
patches.suse/mptcp-cope-racing-subflow-creation-in-mptcp_rcv_spac.patch.
- commit baccd3e
- tcp: Fix bind() regression for v6-only wildcard and
v4(-mapped-v6) non-wildcard addresses (git-fixes).
- commit 10a8fd3
- tcp: Fix NEW_SYN_RECV handling in inet_twsk_purge() (git-fixes).
- commit 2c65748
- tcp: fix incorrect parameter validation in the
do_tcp_getsockopt() function (git-fixes).
- commit 1b71f1e
- tcp: Add memory barrier to tcp_push() (git-fixes).
- commit 9e18439
- tcp: fix mid stream window clamp (git-fixes).
- commit 1da9c62
- tcp: define initial scaling factor value as a macro (git-fixes).
- Refresh
patches.suse/tcp-get-rid-of-sysctl_tcp_adv_win_scale.patch.
- Refresh
patches.suse/tcp-reorganize-tcp_sock-fast-path-variables.patch.
- commit 5d65891
- tcp: fix cookie_init_timestamp() overflows (git-fixes).
- commit 35f4bde
- tcp: derive delack_max from rto_min (git-fixes).
- commit 681cef6
- tcp: check mptcp-level constraints for backlog coalescing
(git-fixes).
- commit f47afe8
- s390/traps: Fix test_monitor_call() inline assembly (git-fixes
bsc#1239595).
- commit e1c229c
- s390/stackleak: Use exrl instead of ex in __stackleak_poison()
(git-fixes bsc#1239594).
- commit bf5ac4c
- s390/ism: add release function for struct device (git-fixes
CVE-2025-21856 bsc#1239486).
- commit ae9aecd
- tcp: drop secpath at the same time as we currently drop dst
(CVE-2025-21864 bsc#1239482).
- commit 068f76d
- tcp: properly terminate timers for kernel sockets
(CVE-2024-35910 bsc#1224489).
- commit cd84ccc
- net: sched: use RCU read-side critical section in taprio_dump()
(CVE-2024-50140 bsc#1233060).
- commit 481b06f
- spi: microchip-core: Use helper function devm_clk_get_enabled()
(git-fixes).
- commit ba5bb35
- spi: microchip-core: Clean up redundant dev_err_probe()
(git-fixes).
- Refresh
patches.suse/spi-microchip-core-switch-to-use-modern-name.patch.
- commit e92f46c
- net/smc: check iparea_offset and ipv6_prefixes_cnt when
receiving proposal msg (CVE-2024-49571 bsc#1235733).
- commit d49e720
- kABI: bpf: Prevent tailcall infinite loop caused by freplace
kABI workaround (bsc#1235712 CVE-2024-47794).
- commit b659789
- bpf: Prevent tailcall infinite loop caused by freplace
(bsc#1235712 CVE-2024-47794).
- commit 594a2b0
- netdev: prevent accessing NAPI instances from another namespace
(CVE-2025-21659 bsc#1236206).
- commit 4814e4a
- ice: Remove and readd netdev during devlink reload (bsc#1230497
bsc#1239518).
- Refresh
patches.suse/ice-add-ice_adapter-for-shared-data-across-PFs-on-th.patch.
- commit fac3f79
- HID: hid-steam: Fix use-after-free when detaching device
(git-fixes).
- HID: appleir: Fix potential NULL dereference at raw event handle
(git-fixes).
- HID: intel-ish-hid: Fix use-after-free issue in
ishtp_hid_remove() (git-fixes).
- HID: google: fix unused variable warning under !CONFIG_ACPI
(git-fixes).
- HID: i2c-hid: Skip SET_POWER SLEEP for Cirque touchpad on
system suspend (stable-fixes).
- commit 66671e7
- pinctrl: bcm281xx: Fix incorrect regmap max_registers value
(git-fixes).
- commit e9a08e4
- net: mana: Allow variable size indirection table (bsc#1239016).
- Refresh
patches.suse/net-mana-Enable-debugfs-files-for-MANA-device.patch.
- commit 987aac3
- net: mana: Fix irq_contexts memory leak in mana_gd_setup_irqs
(bsc#1239015).
- net: mana: Fix memory leak in mana_gd_setup_irqs (bsc#1239015).
- net: mana: Avoid open coded arithmetic (bsc#1239016).
- RDMA/mana_ib: Prefer struct_size over open coded arithmetic
(bsc#1239016).
- net: mana: Add flex array to struct mana_cfg_rx_steer_req_v2
(bsc#1239016).
- net: mana: Assigning IRQ affinity on HT cores (bsc#1239015).
- net: mana: add a function to spread IRQs per CPUs (bsc#1239015).
- cpumask: define cleanup function for cpumasks (bsc#1239015).
- cpumask: add cpumask_weight_andnot() (bsc#1239015).
- commit 99e576d
- af_unix: Disable MSG_OOB handling for sockets in
sockmap/sockhash (bsc#1239435).
- af_unix: Annotate data-race of sk->sk_state in
unix_stream_read_skb() (bsc#1239435).
- commit 53fc06a
- padata: fix sysfs store callback check (git-fixes).
- commit 9e53996
- netpoll: Fix race condition in netpoll_owner_active
(CVE-2024-41005 bsc#1227858).
- commit edbf839
- sched/membarrier: Fix redundant load of membarrier_state
(bsc#1232743).
- commit 4b4693f
- tools/testing/selftests/bpf/test_tc_tunnel.sh: Fix wait for
server bind (git-fixes).
- commit acac4ee
- selftests/bpf: Add test case for the freeing of bpf_timer
(bsc#1238971 CVE-2025-21825).
- bpf: Cancel the running bpf_timer through kworker for PREEMPT_RT
(bsc#1238971 CVE-2025-21825).
- commit d0cb4f3
- kABI fix for l2tp: prevent possible tunnel refcount underflow
(CVE-2024-49940 bsc#1232812).
- commit d6225ab
- powerpc/pseries/iommu: memory notifier incorrectly adds TCEs
for pmemory (bsc#1239167 ltc#211055).
- commit 1543fff
- l2tp: fix lockdep splat (git-fixes).
- commit 1b614a9
- l2tp: fix ICMP error handling for UDP-encap sockets (git-fixes).
- commit 9f93194
- net l2tp: drop flow hash on forward (git-fixes).
- commit c98f745
- l2tp: fix incorrect parameter validation in the
pppol2tp_getsockopt() function (git-fixes).
- commit 33af351
- net_sched: sch_sfq: don't allow 1 packet limit (CVE-2024-57996
bsc#1239076).
- commit 8f719fe
- ASoC: SOF: Intel: hda-dai: Ensure DAI widget is valid during
params (CVE-2024-58012 bsc#1239104).
- commit 3d2e163
- usb: gadget: Check bmAttributes only if configuration is valid
(git-fixes).
- usb: gadget: Fix setting self-powered state on suspend
(git-fixes).
- commit 1151d65
- usb: typec: ucsi: Fix NULL pointer access (git-fixes).
- usb: hub: lack of clearing xHC resources (git-fixes).
- usb: renesas_usbhs: Flush the notify_hotplug_work (git-fixes).
- usb: renesas_usbhs: Use devm_usb_get_phy() (git-fixes).
- usb: renesas_usbhs: Call clk_put() (git-fixes).
- usb: dwc3: gadget: Prevent irq storm when TH re-executes
(git-fixes).
- usb: typec: ucsi: increase timeout for PPM reset operations
(git-fixes).
- usb: typec: tcpci_rt1711h: Unmask alert interrupts to fix
functionality (git-fixes).
- usb: gadget: Set self-powered based on MaxPower and bmAttributes
(git-fixes).
- usb: gadget: u_ether: Set is_suspend flag if remote wakeup fails
(git-fixes).
- usb: atm: cxacru: fix a flaw in existing endpoint checks
(git-fixes).
- drivers: core: fix device leak in __fw_devlink_relax_cycles()
(git-fixes).
- Revert "drivers/card_reader/rtsx_usb: Restore interrupt based
detection" (git-fixes).
- bus: simple-pm-bus: fix forced runtime PM use (git-fixes).
- char: misc: deallocate static minor in error path (git-fixes).
- eeprom: digsy_mtc: Make GPIO lookup table match the device
(git-fixes).
- drivers: virt: acrn: hsm: Use kzalloc to avoid info leak in
pmcmd_ioctl (git-fixes).
- slimbus: messaging: Free transaction ID in delayed interrupt
scenario (git-fixes).
- cdx: Fix possible UAF error in driver_override_show()
(git-fixes).
- bus: mhi: host: pci_generic: Use pci_try_reset_function()
to avoid deadlock (git-fixes).
- iio: filter: admv8818: Force initialization of SDO (git-fixes).
- iio: dac: ad3552r: clear reset status flag (git-fixes).
- iio: adc: at91-sama5d2_adc: fix sama7g5 realbits value
(git-fixes).
- commit 481095d
- Update
patches.suse/HID-hid-thrustmaster-fix-stack-out-of-bounds-read-in.patch
(git-fixes CVE-2025-21794 bsc#1238502).
- Update
patches.suse/NFC-nci-Add-bounds-checking-in-nci_hci_create_pipe.patch
(git-fixes CVE-2025-21735 bsc#1238497).
- Update
patches.suse/PCI-Avoid-putting-some-root-ports-into-D3-on-TUXEDO-.patch
(git-fixes CVE-2025-21831 bsc#1239039).
- Update
patches.suse/PCI-rcar-ep-Fix-incorrect-variable-used-when-calling.patch
(git-fixes CVE-2025-21804 bsc#1238736).
- Update
patches.suse/RDMA-mlx5-Fix-a-race-for-an-ODP-MR-which-leads-to-CQ.patch
(git-fixes CVE-2025-21732 bsc#1237877).
- Update
patches.suse/RDMA-mlx5-Fix-implicit-ODP-use-after-free.patch
(git-fixes CVE-2025-21714 bsc#1237890).
- Update
patches.suse/RDMA-rxe-Fix-the-warning-__rxe_cleanup-0x12c-0x170-r.patch
(git-fixes CVE-2025-21829 bsc#1239030).
- Update
patches.suse/Revert-drm-amd-display-Use-HW-lock-mgr-for-PSR1.patch
(stable-fixes CVE-2025-21819 bsc#1238994).
- Update
patches.suse/USB-hub-Ignore-non-compliant-devices-with-too-many-c.patch
(stable-fixes CVE-2025-21776 bsc#1238909).
- Update
patches.suse/arm64-cacheinfo-Avoid-out-of-bounds-write-to-cacheinfo-array.patch
(git-fixes CVE-2025-21785 bsc#1238747).
- Update
patches.suse/ata-libata-sff-Ensure-that-we-cannot-write-outside-t.patch
(stable-fixes CVE-2025-21738 bsc#1238917).
- Update
patches.suse/batman-adv-Drop-unmanaged-ELP-metric-worker.patch
(git-fixes CVE-2025-21823 bsc#1238475).
- Update
patches.suse/batman-adv-fix-panic-during-interface-removal.patch
(git-fixes CVE-2025-21781 bsc#1238735).
- Update
patches.suse/blk-cgroup-Fix-class-block_class-s-subsystem-refcount-leakage.patch
(bsc#1237558 CVE-2025-21745 bsc#1238785).
- Update
patches.suse/block-bfq-fix-waker_bfqq-UAF-after-bfq_split_bfqq.patch
(git-fixes CVE-2025-21631 bsc#1236099).
- Update
patches.suse/can-ctucanfd-handle-skb-allocation-failure.patch
(git-fixes CVE-2025-21775 bsc#1238501).
- Update
patches.suse/can-etas_es58x-fix-potential-NULL-pointer-dereferenc.patch
(git-fixes CVE-2025-21773 bsc#1238762).
- Update
patches.suse/driver-core-class-Fix-wild-pointer-dereferences-in-A.patch
(git-fixes CVE-2025-21810 bsc#1238757).
- Update
patches.suse/drm-amdgpu-avoid-buffer-overflow-attach-in-smu_sys_s.patch
(stable-fixes CVE-2025-21780 bsc#1239115).
- Update
patches.suse/drm-amdgpu-bail-out-when-failed-to-load-fw-in-psp_in.patch
(git-fixes CVE-2025-21784 bsc#1238510).
- Update patches.suse/landlock-Handle-weird-files.patch (git-fixes
CVE-2025-21830 bsc#1239033).
- Update patches.suse/misc-fastrpc-Fix-copy-buffer-page-size.patch
(git-fixes CVE-2025-21734 bsc#1238734).
- Update
patches.suse/mm-compaction-fix-UBSAN-shift-out-of-bounds-warning.patch
(git fixes (mm/compaction) CVE-2025-21815 bsc#1238474).
- Update
patches.suse/msft-hv-3160-KVM-x86-Reject-Hyper-V-s-SEND_IPI-hypercalls-if-loca.patch
(git-fixes CVE-2025-21779 bsc#1238768).
- Update
patches.suse/nbd-don-t-allow-reconnect-after-disconnect.patch
(git-fixes CVE-2025-21731 bsc#1237881).
- Update
patches.suse/net-rose-fix-timer-races-against-user-threads.patch
(git-fixes CVE-2025-21718 bsc#1239073).
- Update patches.suse/net-rose-lock-the-socket-in-rose_bind.patch
(git-fixes CVE-2025-21749 bsc#1238904).
- Update
patches.suse/net-rose-prevent-integer-overflows-in-rose_setsockop.patch
(git-fixes CVE-2025-21711 bsc#1239114).
- Update
patches.suse/net-usb-rtl8150-enable-basic-endpoint-checking.patch
(git-fixes CVE-2025-21708 bsc#1239087).
- Update
patches.suse/nilfs2-fix-possible-int-overflows-in-nilfs_fiemap.patch
(git-fixes CVE-2025-21736 bsc#1238715).
- Update patches.suse/padata-avoid-UAF-for-reorder_work.patch
(git-fixes CVE-2025-21726 bsc#1238865).
- Update patches.suse/padata-fix-UAF-in-padata_reorder.patch
(git-fixes CVE-2025-21727 bsc#1237876).
- Update
patches.suse/scsi-mpi3mr-Fix-possible-crash-when-setting-up-bsg-f.patch
(git-fixes CVE-2025-21723 bsc#1238864).
- Update patches.suse/spi-sn-f-ospi-Fix-division-by-zero.patch
(git-fixes CVE-2025-21793 bsc#1238500).
- Update patches.suse/tty-xilinx_uartps-split-sysrq-handling.patch
(git-fixes CVE-2025-21820 bsc#1238479).
- Update
patches.suse/usb-cdc-acm-Check-control-transfer-buffer-size-befor.patch
(git-fixes CVE-2025-21704 bsc#1237571).
- Update
patches.suse/usb-gadget-core-flush-gadget-workqueue-after-device-.patch
(git-fixes CVE-2025-21838 bsc#1239065).
- Update
patches.suse/usb-gadget-f_midi-fix-MIDI-Streaming-descriptor-leng.patch
(git-fixes CVE-2025-21835 bsc#1239068).
- Update patches.suse/usbnet-ipheth-fix-DPE-OoB-read.patch
(git-fixes CVE-2025-21741 bsc#1238767).
- Update
patches.suse/usbnet-ipheth-fix-possible-overflow-in-DPE-length-ch.patch
(git-fixes CVE-2025-21743 bsc#1238781).
- Update
patches.suse/usbnet-ipheth-use-static-NDP16-location-in-URB.patch
(git-fixes CVE-2025-21742 bsc#1238771).
- Update
patches.suse/vsock-Keep-the-binding-until-socket-destruction.patch
(git-fixes CVE-2025-21756 bsc#1238876).
- Update
patches.suse/wifi-brcmfmac-Check-the-return-value-of-of_property_.patch
(stable-fixes CVE-2025-21750 bsc#1238905).
- Update
patches.suse/wifi-brcmfmac-fix-NULL-pointer-dereference-in-brcmf_.patch
(stable-fixes CVE-2025-21744 bsc#1238903).
- Update
patches.suse/wifi-mac80211-don-t-flush-non-uploaded-STAs.patch
(git-fixes CVE-2025-21828 bsc#1238958).
- Update patches.suse/zram-fix-potential-UAF-of-zram-table.patch
(git-fixes CVE-2025-21671 bsc#1236692).
- commit 0d7f015
- Update
patches.suse/Bluetooth-L2CAP-handle-NULL-sock-pointer-in-l2cap_so.patch
(git-fixes CVE-2024-58009 bsc#1238760).
- Update
patches.suse/Bluetooth-MGMT-Fix-slab-use-after-free-Read-in-mgmt_.patch
(stable-fixes CVE-2024-58013 bsc#1239095).
- Update
patches.suse/HID-core-Fix-assumption-that-Resolution-Multipliers-.patch
(git-fixes CVE-2024-57986 bsc#1237907).
- Update
patches.suse/HID-hid-thrustmaster-Fix-warning-in-thrustmaster_pro.patch
(git-fixes CVE-2024-57993 bsc#1237894).
- Update
patches.suse/PCI-dwc-ep-Prevent-changing-BAR-size-flags-in-pci_ep.patch
(git-fixes CVE-2024-58006 bsc#1238772).
- Update
patches.suse/block-Fix-page-refcounts-for-unaligned-buffers-in-__bio_release_pages.patch
(git-fixes CVE-2024-35826 bsc#1224610).
- Update
patches.suse/block-avoid-to-reuse-hctx-not-removed-from-cpuhp-callback-list.patch
(git-fixes CVE-2024-41149 bsc#1235698).
- Update
patches.suse/block-fix-integer-overflow-in-BLKSECDISCARD.patch
(git-fixes CVE-2024-49994 bsc#1225770).
- Update
patches.suse/cifs-fix-potential-null-pointer-use-in-destroy_workqueue-in-init_ci.patch
(bsc#1231432 CVE-2024-42307 bsc#1229361).
- Update
patches.suse/clk-qcom-dispcc-sm6350-Add-missing-parent_map-for-a-.patch
(git-fixes CVE-2024-58080 bsc#1239027).
- Update
patches.suse/clk-qcom-gcc-sm6350-Add-missing-parent_map-for-two-c.patch
(git-fixes CVE-2024-58076 bsc#1239037).
- Update
patches.suse/drm-amdgpu-Fix-potential-NULL-pointer-dereference-in.patch
(git-fixes CVE-2024-58052 bsc#1238986).
- Update
patches.suse/drm-msm-gem-prevent-integer-overflow-in-msm_ioctl_ge.patch
(git-fixes CVE-2024-52559 bsc#1238507).
- Update
patches.suse/drm-v3d-Stop-active-perfmon-if-it-is-being-destroyed.patch
(git-fixes CVE-2024-58086 bsc#1239038).
- Update patches.suse/idpf-convert-workqueues-to-unbound.patch
(git-fixes CVE-2024-58057 bsc#1238969).
- Update
patches.suse/ipmi-ipmb-Add-check-devm_kasprintf-returned-value.patch
(git-fixes CVE-2024-58051 bsc#1238963).
- Update
patches.suse/media-imx-jpeg-Fix-potential-error-pointer-dereferen.patch
(git-fixes CVE-2024-57978 bsc#1238523).
- Update
patches.suse/media-uvcvideo-Fix-crash-during-unbind-if-gpio-unit-.patch
(git-fixes CVE-2024-58079 bsc#1239029).
- Update
patches.suse/media-uvcvideo-Fix-double-free-in-error-path.patch
(git-fixes CVE-2024-57980 bsc#1237911).
- Update
patches.suse/media-uvcvideo-Remove-dangling-pointers.patch
(git-fixes CVE-2024-58002 bsc#1238503).
- Update
patches.suse/media-vidtv-Fix-a-null-ptr-deref-in-vidtv_mux_stop_t.patch
(stable-fixes CVE-2024-57834 bsc#1238993).
- Update
patches.suse/memory-tegra20-emc-fix-an-OF-node-reference-bug-in-t.patch
(git-fixes CVE-2024-58034 bsc#1238773).
- Update
patches.suse/misc-misc_minor_alloc-to-use-ida-for-all-dynamic-mis.patch
(git-fixes CVE-2024-58078 bsc#1239034).
- Update
patches.suse/net-fix-removing-a-namespace-with-conflicting-altnam.patch
(bsc#1233749 CVE-2024-26634 bsc#1221651).
- Update patches.suse/null_blk-fix-validation-of-block-size.patch
(git-fixes CVE-2024-41077 bsc#1228653).
- Update
patches.suse/platform-x86-int3472-Check-for-adev-NULL.patch
(stable-fixes CVE-2024-58011 bsc#1239080).
- Update
patches.suse/powerpc-pseries-iommu-IOMMU-incorrectly-marks-MMIO-r.patch
(bsc#1218470 ltc#204531 CVE-2024-57999 bsc#1238526).
- Update
patches.suse/printk-Fix-signed-integer-overflow-when-defining-LOG_BUF_LEN_MAX.patch
(bsc#1237950 CVE-2024-58017 bsc#1239112).
- Update
patches.suse/rdma-cxgb4-Prevent-potential-integer-overflow-on-32b.patch
(git-fixes CVE-2024-57973 bsc#1238531).
- Update
patches.suse/remoteproc-core-Fix-ida_free-call-while-not-allocate.patch
(git-fixes CVE-2024-58056 bsc#1238981).
- Update
patches.suse/rtc-pcf85063-fix-potential-OOB-write-in-PCF85063-NVM.patch
(git-fixes CVE-2024-58069 bsc#1238978).
- Update
patches.suse/scsi-hisi_sas-Fix-a-deadlock-issue-related-to-automa-3c4f53b2.patch
(git-fixes CVE-2024-26873 bsc#1223047).
- Update
patches.suse/scsi-megaraid_sas-Fix-for-a-potential-deadlock.patch
(git-fixes CVE-2024-57807 bsc#1235761).
- Update
patches.suse/smb-client-fix-double-put-of-cfile-in-smb2_rename_path-.patch
(git-fixes CVE-2024-46736 bsc#1230728).
- Update
patches.suse/smb-client-fix-double-put-of-cfile-in-smb2_set_path_size-.patch
(git-fixes CVE-2024-46796 bsc#1230832).
- Update
patches.suse/smb-client-fix-possible-double-free-in-smb2_set_ea-.patch
(git-fixes CVE-2024-50152 bsc#1233033).
- Update
patches.suse/soc-qcom-socinfo-Avoid-out-of-bounds-read-of-serial-.patch
(git-fixes CVE-2024-58007 bsc#1238511).
- Update
patches.suse/staging-media-max96712-fix-kernel-oops-when-removing.patch
(git-fixes CVE-2024-58054 bsc#1238975).
- Update
patches.suse/tomoyo-don-t-emit-warning-in-tomoyo_write_control.patch
(stable-fixes CVE-2024-58085 bsc#1239085).
- Update
patches.suse/tpm-Change-to-kvalloc-in-eventlog-acpi.c.patch
(bsc#1233260 bsc#1233259 bsc#1232421 CVE-2024-58005
bsc#1237873).
- Update
patches.suse/ubifs-skip-dumping-tnc-tree-when-zroot-is-null.patch
(git-fixes CVE-2024-58058 bsc#1238979).
- Update
patches.suse/usb-gadget-f_tcm-Don-t-free-command-immediately.patch
(git-fixes CVE-2024-58055 bsc#1238959).
- Update
patches.suse/usb-xhci-Fix-NULL-pointer-dereference-on-certain-com.patch
(git-fixes CVE-2024-57981 bsc#1237912).
- Update
patches.suse/wifi-brcmsmac-add-gain-range-check-to-wlc_phy_iqcal_.patch
(stable-fixes CVE-2024-58014 bsc#1239109).
- Update
patches.suse/wifi-mac80211-prohibit-deactivating-all-links.patch
(git-fixes CVE-2024-58061 bsc#1238973).
- Update
patches.suse/wifi-mt76-mt7925-fix-off-by-one-in-mt7925_load_clc.patch
(git-fixes CVE-2024-57990 bsc#1237900).
- Update
patches.suse/wifi-rtlwifi-fix-memory-leaks-and-invalid-access-at-.patch
(git-fixes CVE-2024-58063 bsc#1238984).
- Update
patches.suse/wifi-rtlwifi-remove-unused-check_buddy_priv.patch
(git-fixes CVE-2024-58072 bsc#1238964).
- Update
patches.suse/wifi-wcn36xx-fix-channel-survey-memory-allocation-si.patch
(git-fixes CVE-2024-57997 bsc#1238529).
- commit fb231d1
- Update
patches.suse/cpu-hotplug-Don-t-offline-the-last-non-isolated-CPU.patch
(bsc#1237562 CVE-2023-52831 bsc#1225533).
- Update
patches.suse/io_uring-rw-split-io_read-into-a-helper.patch
(bsc#1215211 CVE-2023-52926 bsc#1237565).
- commit a1ecaa9
- partitions: mac: fix handling of bogus partition table
(git-fixes).
- block: cleanup and fix batch completion adding conditions
(git-fixes).
- block: don't revert iter for -EIOCBQUEUED (git-fixes).
- commit 9b6ced4
- rapidio: add check for rio_add_net() in rio_scan_alloc_net()
(git-fixes).
- rapidio: fix an API misues when rio_add_net() fails (git-fixes).
- dma: kmsan: export kmsan_handle_dma() for modules (git-fixes).
- commit 6203500
- orangefs: fix a oob in orangefs_debug_write (git-fixes).
- commit d83f55b
- sunrpc: suppress warnings for unused procfs functions
(git-fixes).
- commit cd678ab
- SUNRPC: Handle -ETIMEDOUT return from tlshd (git-fixes).
- commit 55bec3b
- SUNRPC: Prevent looping due to rpc_signal_task() races
(git-fixes).
- commit 033fbe6
- SUNRPC: convert RPC_TASK_* constants to enum (git-fixes).
- commit 444dbb7
- nfsd: clear acl_access/acl_default after releasing them
(git-fixes).
- commit 44261ed
- pnfs/flexfiles: retry getting layout segment for reads
(git-fixes).
- commit 76f556a
- ALSA: hda/realtek: Fix Asus Z13 2025 audio (stable-fixes).
- Refresh
patches.suse/ALSA-hda-realtek-Add-support-for-various-ASUS-Laptop.patch.
- commit 9363cb2
- ALSA: hda/realtek: Add support for ASUS ROG Strix GA603 Laptops
using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS ROG Strix G814 Laptop
using CS35L41 HDA (stable-fixes).
- commit aea7c4e
- Refresh patches.suse/ALSA-hda-realtek-Workaround-for-resume-on-Dell-Venue.patch
A patch chunk was dropped mistakenly
- commit 0e9ac09
- ALSA: hda/realtek: Add support for ASUS Zenbook UM3406KA
Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS ROG Strix G614 Laptops
using CS35L41 HDA (stable-fixes).
- commit 4ef6d55
- ALSA: hda: realtek: fix incorrect IS_REACHABLE() usage
(git-fixes).
- commit 844da8a
- ALSA: hda/realtek: Add support for various ASUS Laptops using
CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Limit mic boost on Positivo ARN50
(stable-fixes).
- commit 2ee2163
- ALSA: hda: intel: Add Dell ALC3271 to power_save denylist
(stable-fixes).
- ALSA: hda/realtek: update ALC222 depop optimize (stable-fixes).
- ALSA: hda/realtek - add supported Mic Mute LED for Lenovo
platform (stable-fixes).
- ALSA: seq: Avoid module auto-load handling at event delivery
(stable-fixes).
- commit 10a77af
- hwmon: fix a NULL vs IS_ERR_OR_NULL() check in
xgene_hwmon_probe() (git-fixes).
- hwmon: (ad7314) Validate leading zero bits and return error
(git-fixes).
- hwmon: (ntc_thermistor) Fix the ncpXXxh103 sensor table
(git-fixes).
- hwmon: (pmbus) Initialise page count in pmbus_identify()
(git-fixes).
- gpio: rcar: Fix missing of_node_put() call (git-fixes).
- gpio: aggregator: protect driver attr handlers against module
unload (git-fixes).
- ALSA: usx2y: validate nrpacks module parameter on probe
(git-fixes).
- ALSA: hda/realtek: Remove (revert) duplicate Ally X config
(git-fixes).
- drm/amd/display: Fix HPD after gpu reset (stable-fixes).
- drm/amd/display: Disable PSR-SU on eDP panels (stable-fixes).
- firmware: cs_dsp: Remove async regmap writes (git-fixes).
- commit c757c56
- packaging: Patch Makefile to pre-select gcc version (jsc#PED-12251).
When compiler different from the one which was used to configure the
kernel is used to build modules a warning is issued and the build
continues. This could be turned into an error but that would be too
restrictive.
The generated kernel-devel makefile could set the compiler but then the
main Makefile as to be patched to assign CC with ?=
This causes run_oldconfig failure on SUSE-2024 and kbuild config check
failure on SUSE-2025.
This cannot be hardcoded to one version in a regular patch because the
value is expected to be configurable at mkspec time. Patch the Makefile
after aplyin patches in rpm prep step instead. A check is added to
verify that the sed command did indeed apply the change.
- commit 6031391
- tracing/osnoise: Fix resetting of tracepoints (CVE-2025-21733
bsc#1238494).
- commit 27d6e3b
- btrfs: fix assertion failure when splitting ordered extent
after transaction abort (CVE-2025-21754 bsc#1238496).
- commit 2050c25
- kABI workaround for pps changes (CVE-2024-57979 bsc#1238521).
- commit b151154
- pps: Fix a use-after-free (CVE-2024-57979 bsc#1238521).
- commit c19b588
- initcall_blacklist: Does not allow kernel_lockdown be
blacklisted (bsc#1237521).
- commit c830a3e
- drm/amd/display: Fix null check for pipe_ctx->plane_state in
resource_build_scaling_params (git-fixes).
- drm/sched: Fix preprocessor guard (git-fixes).
- wifi: cfg80211: regulatory: improve invalid hints checking
(git-fixes).
- wifi: iwlwifi: limit printed string from FW file (git-fixes).
- wifi: iwlwifi: mvm: don't try to talk to a dead firmware
(git-fixes).
- wifi: nl80211: reject cooked mode if it is set along with
other flags (git-fixes).
- Bluetooth: Add check for mgmt_alloc_skb() in
mgmt_device_connected() (git-fixes).
- Bluetooth: Add check for mgmt_alloc_skb() in mgmt_remote_name()
(git-fixes).
- bluetooth: btusb: Initialize .owner field of
force_poll_sync_fops (git-fixes).
- commit ba6baa3
- net: hns3: fix oops when unload drivers paralleling
(CVE-2025-21802 bsc#1238751).
- commit 1e9156e
- NFSD: fix hang in nfsd4_shutdown_callback (CVE-2025-21795
bsc#1238759).
- commit b38b339
- vxlan: check vxlan_vnigroup_init() return value (CVE-2025-21790
bsc#1238753).
- commit f088d3b
- clocksource: Use migrate_disable() to avoid calling
get_random_u32() in atomic context (CVE-2025-21767 bsc#1238509).
- commit 63a12d3
- vxlan: Fix uninit-value in vxlan_vnifilter_dump()
(CVE-2025-21716 bsc#1237891).
- commit dd55756
- mptcp: handle fastopen disconnect correctly (CVE-2025-21705
bsc#1238525).
- commit fd8b648
- exfat: fix timing of synchronizing bitmap and inode
(bsc#1237356).
- exfat: fix appending discontinuous clusters to empty file
(bsc#1237356).
- commit 7d766d0
- smb: client: fix oops due to unset link speed (CVE-2025-21725
bsc#1238877).
- commit b5023ae
- exfat: do not zero the extended part (bsc#1237356).
- commit 156857e
- ipmr: do not call mr_mfc_uses_dev() for unres entries
(CVE-2025-21719 bsc#1238860).
- commit d4d6c1b
- net: davicom: fix UAF in dm9000_drv_remove (CVE-2025-21715
bsc#1237889).
- commit 0308747
- iommufd/iova_bitmap: Fix shift-out-of-bounds in
iova_bitmap_offset_to_index() (CVE-2025-21724 bsc#1238863).
- commit fa2cf3e
- net: ethernet: ti: am65-cpsw: fix freeing IRQ in
am65_cpsw_nuss_remove_tx_chns() (CVE-2025-21799 bsc#1238739).
- commit b9602c4
- l2tp: prevent possible tunnel refcount underflow (CVE-2024-49940
bsc#1232812).
- commit d920b08
- PCI/DOE: Poll DOE Busy bit for up to 1 second in pci_doe_send_req() (bsc#1237853)
- commit b9248a0
- cppc_cpufreq: Use desired perf if feedback ctrs are 0 or unchanged (bsc#1237856)
- commit 9a3d13e
- cpufreq/cppc: Don't compare desired_perf in target() (bsc#1237856)
- commit 03856df
- cpufreq/cppc: Move and rename (bsc#1237856)
- commit e1d3232
- cpufreq: cppc: Set fie_disabled to FIE_DISABLED if fails to create (bsc#1237856)
- commit 34e3660
- cpufreq: cppc: cppc_cpufreq_get_rate() returns zero in all error (bsc#1237856)
- commit b0fd1f1
- rpm/split-modules: Fix optional splitting with usrmerge (bsc#1238570)
- commit 8be63c4
- PCI/DOE: Support discovery version 2 (bsc#1237853)
- commit dfb1a17
- ipvs: fix UB due to uninitialized stack access in
ip_vs_protocol_init() (CVE-2024-53680 bsc#1235715).
- commit 0f1b770
- scsi: hisi_sas: Remove redundant checks for automatic debugfs
dump (git-fixes).
- scsi: hisi_sas: Fix a deadlock issue related to automatic dump
(git-fixes).
- commit 2531f6e
- scsi: core: Do not retry I/Os during depopulation (git-fixes).
- commit 4c3f2b6
- scsi: mpi3mr: Fix possible crash when setting up bsg fails
(git-fixes).
- commit f1f6d56
- scsi: myrb: Remove dead code (git-fixes).
- commit 11c2ac0
- scsi: iscsi: Fix redundant response for
ISCSI_UEVENT_GET_HOST_STATS request (git-fixes).
- commit 3d258a5
- scsi: scsi_debug: Fix hrtimer support for ndelay (git-fixes).
- commit 6998b85
- scsi: mpi3mr: Start controller indexing from 0 (git-fixes).
- commit 13d0e59
- scsi: megaraid_sas: Fix for a potential deadlock (git-fixes).
- commit 330c415
- scsi: qla1280: Fix hw revision numbering for ISP1020/1040
(git-fixes).
- commit f2ba519
- scsi: st: Add MTIOCGET and MTLOAD to ioctls allowed after
device reset (git-fixes).
- commit 1ead6e0
- scsi: st: Don't modify unknown block number in MTIOCGET
(git-fixes).
- commit fb5d2a0
- scsi: sg: Enable runtime power management (git-fixes).
- Refresh
patches.suse/scsi-sg-Fix-slab-use-after-free-read-in-sg_release.patch.
- commit 89afcac
- scsi: hisi_sas: Enable all PHYs that are not disabled by user
during controller reset (git-fixes).
- commit 27a4afa
- scsi: mpi3mr: Use ida to manage mrioc ID (git-fixes).
- commit 782dd6e
- scsi: hisi_sas: Allocate DFX memory during dump trigger
(git-fixes).
- Refresh patches.suse/scsi-hisi_sas-Create-all-dump-files-during-debugfs-initialization.patch
- commit 9b4cb76
- scsi: hisi_sas: Directly call register snapshot instead of
using workqueue (git-fixes).
- commit 1286dd4
- scsi: qedi: Fix potential deadlock on &qedi_percpu->p_work_lock
(git-fixes).
- commit 7c8c098
- ice: pass VSI pointer into ice_vc_isvalid_q_id (bsc#1237848
bsc#1230497).
- commit df06d93
- config: Set gcc version (jsc#PED-12251).
- packaging: Turn gcc version into config.sh variable
Fixes: 51dacec21eb1 ("Use gcc-13 for build on SLE16 (jsc#PED-10028).")
- commit b1526c1
- arm64: hugetlb: Fix flush_hugetlb_tlb_range() invalidation level (git-fixes)
- commit 1ccb01b
- arm64: hugetlb: enable __HAVE_ARCH_FLUSH_HUGETLB_TLB_RANGE (git-fixes)
- commit a9f56ff
- arm64: hugetlb: Fix huge_ptep_get_and_clear() for non-present ptes (git-fixes)
- commit 85cc91e
- mm: hugetlb: Add huge page size param to huge_ptep_get_and_clear() (git-fixes)
- commit 67ea9f3
- mm: hugetlb: add huge page size param to set_huge_pte_at() (git-fixes).
Refresh patches.suse/s390-mm-Fix-clearing-storage-keys-for-huge-pages.patch.
- commit f491ee9
- btrfs: check folio mapping after unlock in relocate_one_folio() (CVE-2024-56758 bsc#1235621)
- commit 1866d3d
- RDMA/mana_ib: Allocate PAGE aligned doorbell index (git-fixes).
- KVM: x86: Reject Hyper-V's SEND_IPI hypercalls if local APIC
isn't in-kernel (git-fixes).
- commit 82bdecd
- rpm/kernel-docs.spec.in: Workaround for reproducible builds (bsc#1238303)
- commit 1f1e842
- Update
patches.suse/s390-pci-Fix-SR-IOV-for-PFs-initially-in-standby.patch
(git-fixes bsc#1236752 bsc#1238368).
- commit bf69596
- s390/pci: Fix handling of isolated VFs (git-fixes bsc#1238368).
- s390/pci: Pull search for parent PF out of
zpci_iov_setup_virtfn() (git-fixes bsc#1238368).
- commit 0745d9f
- bpf: Send signals asynchronously if !preemptible (git-fixes
bsc#1237879 CVE-2025-21728).
- commit 180a0da
- rxrpc: Fix missing locking causing hanging calls (git-fixes
bsc#1233483 CVE-2024-50294).
- commit d2475e0
- scsi: lpfc: Copyright updates for 14.4.0.8 patches
(bsc#1238347).
- scsi: lpfc: Update lpfc version to 14.4.0.8 (bsc#1238347).
- scsi: lpfc: Handle duplicate D_IDs in ndlp search-by D_ID
routine (bsc#1238347).
- scsi: lpfc: Ignore ndlp rport mismatch in dev_loss_tmo callbk
(bsc#1238347).
- scsi: lpfc: Free phba irq in lpfc_sli4_enable_msi() when
pci_irq_vector() fails (bsc#1238347).
- scsi: lpfc: Reduce log message generation during ELS ring
clean up (bsc#1238347).
- commit 0a7ad68
- nvme/ioctl: add missing space in err message (git-fixes).
- nvme-tcp: fix connect failure on receiving partial ICResp PDU
(git-fixes).
- nvme: tcp: Fix compilation warning with W=1 (git-fixes).
- nvmet: Fix crash when a namespace is disabled (git-fixes).
- nvme-fc: use ctrl state getter (git-fixes).
- nvme: make nvme_tls_attrs_group static (git-fixes).
- nvme: handle connectivity loss in nvme_set_queue_count
(git-fixes).
- nvme-pci: Add TUXEDO IBP Gen9 to Samsung sleep quirk
(git-fixes).
- nvme-pci: Add TUXEDO InfinityFlex to Samsung sleep quirk
(git-fixes).
- commit 7d2a8bd
- Bluetooth: hci_conn: Fix UAF in hci_enhanced_setup_sync
(CVE-2024-50029 bsc#1231949).
- commit 64f3840
- gup: make the stack expansion warning a bit more targeted
(bsc#1238214).
- commit feae374
- btrfs: fix use-after-free when attempting to join an aborted transaction (CVE-2025-21753 bsc#1237875)
- commit 338e787
- phy: tegra: xusb: reset VBUS & ID OVERRIDE (git-fixes).
- phy: exynos5-usbdrd: fix MPLL_MULTIPLIER and SSC_REFCLKSEL
masks in refclk (git-fixes).
- phy: rockchip: naneng-combphy: compatible reset with old DT
(git-fixes).
- commit 92e733c
- i2c: ls2x: Fix frequency division register access (git-fixes).
- i2c: npcm: disable interrupt enable bit before devm_request_irq
(git-fixes).
- commit 6c35b3b
- drm/amdgpu: disable BAR resize on Dell G5 SE (git-fixes).
- amdgpu/pm/legacy: fix suspend/resume issues (git-fixes).
- commit d778b71
- soc/mediatek: mtk-devapc: Convert to platform remove callback
returning void (stable-fixes).
- Refresh
patches.suse/soc-mediatek-mtk-devapc-Fix-leaking-IO-map-on-error-.patch.
- commit b320307
- smb: client: Fix netns refcount imbalance causing leaks and
use-after-free (git-fixes).
- commit 7fb2f0e
- scsi: core: Clear driver private data when retrying request
(git-fixes).
- md/md-bitmap: add 'sync_size' into struct md_bitmap_stats
(git-fixes).
- md/md-cluster: fix spares warnings for __le64 (git-fixes).
- md/md-bitmap: replace md_bitmap_status() with a new helper
md_bitmap_get_stats() (git-fixes).
- scsi: core: Handle depopulation and restoration in progress
(git-fixes).
- commit 72dfeb6
- cifs: Fix parsing reparse point with native symlink in SMB1
non-UNICODE session (git-fixes).
- commit 37da1d3
- ALSA: usb-audio: Re-add sample rate quirk for Pioneer
DJM-900NXS2 (stable-fixes).
- commit 1b4de08
- usbnet: gl620a: fix endpoint checking in genelink_bind()
(git-fixes).
- Bluetooth: L2CAP: Fix L2CAP_ECRED_CONN_RSP response (git-fixes).
- ASoC: es8328: fix route from DAC to output (git-fixes).
- ALSA: hda/realtek: Fix microphone regression on ASUS N705UD
(git-fixes).
- ALSA: hda/realtek: Fix wrong mic setup for ASUS VivoBook 15
(git-fixes).
- ALSA: usb-audio: Avoid dropping MIDI events at closing multiple
ports (git-fixes).
- soc: loongson: loongson2_guts: Add check for devm_kstrdup()
(git-fixes).
- drm/i915/dp: Fix error handling during 128b/132b link training
(stable-fixes).
- drm/i915: Make sure all planes in use by the joiner have their
crtc included (stable-fixes).
- soc: mediatek: mtk-devapc: Fix leaking IO map on driver remove
(git-fixes).
- drm/msm/gem: prevent integer overflow in msm_ioctl_gem_submit()
(git-fixes).
- drm/msm/gem: Demote userspace errors to DRM_UT_DRIVER
(stable-fixes).
- commit 73ebe5d
- md/raid5: Wait sync io to finish before changing group cnt
(git-fixes).
- md/md-bitmap: Add missing destroy_work_on_stack() (git-fixes).
- md: Don't flush sync_work in md_write_start() (git-fixes).
- md: convert comma to semicolon (git-fixes).
- md/raid1: don't free conf on raid0_run failure (git-fixes).
- md/raid0: don't free conf on raid0_run failure (git-fixes).
- commit b66645f
- kabi: hide adding RCU head into struct netdev_name_node
(bsc#1233749).
- net: free altname using an RCU callback (bsc#1233749).
- net: fix removing a namespace with conflicting altnames
(bsc#1233749).
- net: do not send a MOVE event when netdev changes netns
(bsc#1233749).
- net: Fix undefined behavior in netdev name allocation
(bsc#1233749).
- net: remove else after return in dev_prep_valid_name()
(bsc#1233749).
- net: remove dev_valid_name() check from __dev_alloc_name()
(bsc#1233749).
- net: trust the bitmap in __dev_alloc_name() (bsc#1233749).
- net: reduce indentation of __dev_alloc_name() (bsc#1233749).
- net: make dev_alloc_name() call dev_prep_valid_name()
(bsc#1233749).
- net: don't use input buffer of __dev_alloc_name() as a scratch
space (bsc#1233749).
- net: move altnames together with the netdevice (bsc#1233749).
- net: avoid UAF on deleted altname (bsc#1233749).
- net: check for altname conflicts when changing netdev's netns
(bsc#1233749).
- net: fix ifname in netlink ntf during netns move (bsc#1233749).
- net: core: Use the bitmap API to allocate bitmaps (bsc#1233749).
- commit ff5990f
- smb: client: handle STATUS_IO_REPARSE_TAG_NOT_HANDLED
(git-fixes).
- commit 23d3ebd
- smb: client: handle path separator of created SMB symlinks
(git-fixes).
- Refresh
patches.suse/smb-client-move-most-of-reparse-point-handling-code-to-common-file.patch.
- commit c241ea6
- smb: client: ignore unhandled reparse tags (git-fixes).
- commit f2d26a5
- smb: client: fix double put of @cfile in smb2_rename_path()
(git-fixes).
- commit 4ac349c
- smb: client: fix double put of @cfile in smb2_set_path_size()
(git-fixes).
- commit 647e9ab
- cifs: Remove intermediate object of failed create reparse call
(git-fixes).
- commit fa14b80
- netfilter: nft_inner: incorrect percpu area handling under
softirq (CVE-2024-56638 bsc#1235524).
- commit 4c882b9
- ptr_ring: do not block hard interrupts in
ptr_ring_resize_multiple() (CVE-2024-57994 bsc#1237901).
- commit e5a0226
- printk: Fix signed integer overflow when defining
LOG_BUF_LEN_MAX (bsc#1237950).
- commit 1ff6bc3
- add nf_tables for iptables non-legacy network handling
This is needed for example by docker on the Alpine Linux distribution,
but can also be used on openSUSE.
- commit f9b0903
- af_packet: do not call packet_read_pending() from
tpacket_destruct_skb() (bsc#1237849).
- commit 4ff6762
- zram: fix potential UAF of zram table (git-fixes).
- commit b9770a4
- Fix memory-hotplug regression (bsc#1237504)
Refreshed
patches.suse/mm-memory_hotplug-add-missing-mem_hotplug_lock.patch
- commit 248260f
- kernel-source: Also replace bin/env
- commit dc2037c
- net: do not delay dst_entries_add() in dst_release()
(CVE-2024-50036 bsc#1231912).
- commit 1203cd1
- RDMA/bnxt_re: Fix the page details for the srq created by kernel consumers (git-fixes)
- commit 72d0292
- RDMA/mlx5: Fix bind QP error cleanup flow (git-fixes)
- commit a50daa9
- RDMA/mlx5: Fix AH static rate parsing (git-fixes)
- commit d0d2370
- RDMA/mlx5: Fix implicit ODP hang on parent deregistration (git-fixes)
- commit c4c267b
- RDMA/bnxt_re: Fix the statistics for Gen P7 VF (git-fixes)
- commit 2106458
- RDMA/hns: Fix mbox timing out by adding retry mechanism (git-fixes)
- commit a795049
- RDMA/mlx5: Fix a WARN during dereg_mr for DM type (git-fixes)
- commit 8f2604e
- RDMA/mlx5: Fix a race for DMABUF MR which can lead to CQE with error (git-fixes)
- commit d076f6b
- IB/mlx5: Set and get correct qp_num for a DCT QP (git-fixes)
- commit 92c60dc
- RDMA/mlx5: Fix the recovery flow of the UMR QP (git-fixes)
- commit 06e0da5
- zram: fix uninitialized ZRAM not releasing backing device
(git-fixes).
- zram: refuse to use zero sized block device as backing device
(git-fixes).
- zram: clear IDLE flag in mark_idle() (git-fixes).
- zram: clear IDLE flag after recompression (git-fixes).
- zram: do not mark idle slots that cannot be idle (git-fixes).
- commit ef8009a
- cgroup/cpuset: remove kernfs active break (bsc#1237691 bsc#1236110
CVE-2025-21634)
blacklist.conf: Re-analyzed the reasons, see bsc#1236110
- commit e7a341f
- blk-cgroup: Properly propagate the iostat update up the
hierarchy (bsc#1225606).
- commit fb4fada
- Refresh
patches.suse/btrfs-fix-extent-map-merging-not-happening-for-adjacent-ex.patch.
Fix the `-Wparentheses` build warning.
../fs/btrfs/extent_map.c: In function 'mergable_maps':
../fs/btrfs/extent_map.c:219:48: warning: suggest parentheses around comparison in operand of '&' [-Wparentheses]
- commit a88d495
- smb: client: fix corruption in cifs_extend_writeback
(bsc#1235609).
- commit 7111675
- Move upstreamed ACPI patch into sorted section
- commit 34b98f4
- btrfs: fix defrag not merging contiguous extents due to merged
extent maps (bsc#1237232).
- btrfs: fix extent map merging not happening for adjacent extents
(bsc#1237232).
- commit a57c147
- zram: split memory-tracking and ac-time tracking (git-fixes).
- Update config files.
- commit d2eb9a9
- KVM: arm64: Fix alignment of kvm_hyp_memcache allocations
(git-fixes).
- commit 0b597f1
- KVM: arm64: Flush hyp bss section after initialization of
variables in bss (git-fixes).
- commit 7a0da9b
- KVM: arm64: vgic-v3: Sanitise guest writes to GICR_INVLPIR
(git-fixes).
- commit 361bd1c
- KVM: arm64: Ensure vgic_ready() is ordered against MMIO
registration (git-fixes).
- commit eb69c06
- KVM: arm64: Don't eagerly teardown the vgic on init error
(git-fixes).
- commit 09d2069
- KVM: nSVM: Enter guest mode before initializing nested NPT MMU
(git-fixes).
- commit b54256b
- KVM: x86: Avoid double RDPKRU when loading host/guest PKRU
(git-fixes).
- commit 497fc9a
- KVM: x86: Zero out PV features cache when the CPUID leaf is
not present (git-fixes).
- commit b3e323a
- KVM: x86: Account for KVM-reserved CR4 bits when passing
through CR4 on VMX (git-fixes).
- commit fe0be3a
- padata: Clean up in padata_do_multithreaded() (bsc#1237563).
- padata: Honor the caller's alignment in case of chunk_size 0
(bsc#1237563).
- cpu/hotplug: Don't offline the last non-isolated CPU
(bsc#1237562).
- cpu/hotplug: Prevent self deadlock on CPU hot-unplug
(bsc#1237562).
- commit 285ec7d
- KVM: VMX: Fix comment of handle_vmx_instruction() (git-fixes).
- commit 986c213
- KVM: VMX: Allow toggling bits in MSR_IA32_RTIT_CTL when enable
bit is cleared (git-fixes).
- commit 19b003b
- KVM: x86: Cache CPUID.0xD XSTATE offsets+sizes during module
init (git-fixes).
- commit c214d6b
- KVM: x86: AMD's IBPB is not equivalent to Intel's IBPB
(git-fixes).
- commit 08a45f2
- KVM: x86: Fix a comment inside
__kvm_set_or_clear_apicv_inhibit() (git-fixes).
- commit dc6e2e8
- blk-cgroup: Fix class @block_class's subsystem refcount leakage
(bsc#1237558).
- commit 908404a
- KVM: x86/mmu: Skip the "try unsync" path iff the old SPTE was
a leaf SPTE (git-fixes).
- commit d7ef6bb
- KVM: x86: Unconditionally set irr_pending when updating APICv
state (jsc#PED-348).
- commit 7089ba6
- KVM: nVMX: Treat vpid01 as current if L2 is active, but with
VPID disabled (jsc#PED-348 git-fixes).
- commit ce778dd
- KVM: VMX: reset the segment cache after segment init in
vmx_vcpu_reset() (jsc#PED-348 git-fixes).
- commit 57ae6ea
- vhost/net: Set num_buffers for virtio 1.0 (git-fixes).
- commit 3cc9281
- virtio_blk: reverse request order in virtio_queue_rqs
(git-fixes).
- commit 08ef4d5
- x86/xen: allow larger contiguous memory regions in PV guests
(git-fixes).
- commit cbf742d
- xen/swiotlb: relax alignment requirements (git-fixes).
- commit 85ac962
- x86/xen: add FRAME_END to xen_hypercall_hvm() (git-fixes).
- commit 23eecda
- x86/xen: fix xen_hypercall_hvm() to not clobber %rbx
(git-fixes).
- commit e343881
- Grab mm lock before grabbing pt lock (git-fixes).
- commit ae619e6
- platform/x86/intel-uncore-freq: Increase minor number support
(bsc#1237452).
- commit 43ac95b
- platform/x86/intel-uncore-freq: Ignore minor version change
(bsc#1237452).
- commit 6b5df6d
- x86/cpu/kvm: SRSO: Fix possible missing IBPB on VM-Exit (git-fixes).
- commit 904b0d7
- platform/x86: ISST: Ignore minor version change (bsc#1237452).
- commit 17cda63
- platform/x86/intel/tpmi: Add defines to get version information
(bsc#1237452).
- commit 1c56c6e
- KVM: x86: Advertise SRSO_USER_KERNEL_NO to userspace (git-fixes).
- commit 129191d
- x86/bugs: Add SRSO_USER_KERNEL_NO support (git-fixes).
- commit 1052c36
- RDMA/efa: Reset device on probe failure (git-fixes)
- commit c120211
- selftest: hugetlb_dio: fix test naming (git-fixes).
- commit 303d120
- selftests: hugetlb_dio: fixup check for initial conditions to
skip in the start (git-fixes).
- commit 35f33c3
- selftests: hugetlb_dio: check for initial conditions to skip
in the start (git-fixes).
- commit 89353b1
- selftest: mm: Test if hugepage does not get leaked during
__bio_release_pages() (git-fixes).
- commit 56d43b6
- mtd: rawnand: cadence: fix unchecked dereference (git-fixes).
- commit f3e10b9
- drm/msm/dpu: Don't leak bits_per_component into random DSC_ENC
fields (git-fixes).
- drm/msm/dpu: Disable dither in phys encoder cleanup (git-fixes).
- drm/msm: Avoid rounding up to one jiffy (git-fixes).
- drm/nouveau/pmu: Fix gp10b firmware guard (git-fixes).
- nouveau/svm: fix missing folio unlock + put after
make_device_exclusive_range() (git-fixes).
- mtd: rawnand: cadence: fix incorrect device in dma_unmap_single
(git-fixes).
- mtd: rawnand: cadence: use dma_map_resource for sdma address
(git-fixes).
- mtd: rawnand: cadence: fix error code in cadence_nand_init()
(git-fixes).
- USB: quirks: add USB_QUIRK_NO_LPM quirk for Teclast dist
(stable-fixes).
- USB: Add USB_QUIRK_NO_LPM quirk for sony xperia xz1 smartphone
(stable-fixes).
- USB: pci-quirks: Fix HCCPARAMS register error for LS7A EHCI
(stable-fixes).
- USB: serial: option: drop MeiG Smart defines (stable-fixes).
- USB: serial: option: fix Telit Cinterion FN990A name
(stable-fixes).
- USB: serial: option: add Telit Cinterion FN990B compositions
(stable-fixes).
- USB: serial: option: add MeiG Smart SLM828 (stable-fixes).
- USB: hub: Ignore non-compliant devices with too many configs
or interfaces (stable-fixes).
- usb: gadget: f_midi: Fixing wMaxPacketSize exceeded issue
during MIDI bind retries (git-fixes).
- gpiolib: acpi: Add a quirk for Acer Nitro ANV14 (stable-fixes).
- efi: Avoid cold plugged memory for placing the kernel
(stable-fixes).
- drm/amdgpu: avoid buffer overflow attach in
smu_sys_set_pp_table() (stable-fixes).
- batman-adv: Drop unmanaged ELP metric worker (git-fixes).
- batman-adv: Ignore neighbor throughput metrics in error case
(stable-fixes).
- HID: hid-steam: Don't use cancel_delayed_work_sync in IRQ
context (git-fixes).
- HID: hid-steam: Move hidraw input (un)registering to work
(git-fixes).
- ASoC: Intel: bytcr_rt5640: Add DMI quirk for Vexia Edu Atla
10 tablet 5V (stable-fixes).
- ACPI: x86: Add skip i2c clients quirk for Vexia EDU ATLA 10
tablet 5V (stable-fixes).
- selftests: gpio: gpio-sim: Fix missing chip disablements
(stable-fixes).
- PCI: switchtec: Add Microchip PCI100X device IDs (stable-fixes).
- PCI/DPC: Quirk PIO log size for Intel Raptor Lake-P
(stable-fixes).
- media: vidtv: Fix a null-ptr-deref in vidtv_mux_stop_thread
(stable-fixes).
- media: uvcvideo: Add Kurokesu C1 PRO camera (stable-fixes).
- media: uvcvideo: Add new quirk definition for the Sonix
Technology Co. 292a camera (stable-fixes).
- media: uvcvideo: Implement dual stream quirk to fix loss of
usb packets (stable-fixes).
- media: cxd2841er: fix 64-bit division on gcc-9 (stable-fixes).
- soc/tegra: fuse: Update Tegra234 nvmem keepout list
(stable-fixes).
- fbdev: omap: use threaded IRQ for LCD DMA (stable-fixes).
- HID: hid-steam: Make sure rumble work is canceled on removal
(stable-fixes).
- selftests: rtnetlink: update netdevsim ipsec output format
(stable-fixes).
- HID: hid-steam: Add Deck IMU support (stable-fixes).
- HID: hid-steam: Fix cleanup in probe() (git-fixes).
- HID: hid-steam: remove pointless error message (stable-fixes).
- HID: hid-steam: Add gamepad-only mode switched to by holding
options (stable-fixes).
- HID: hid-steam: Update list of identifiers from SDL
(stable-fixes).
- HID: hid-steam: Clean up locking (stable-fixes).
- HID: hid-steam: Disable watchdog instead of using a heartbeat
(stable-fixes).
- HID: hid-steam: Avoid overwriting smoothing parameter
(stable-fixes).
- commit df6a4bb
- block: avoid to reuse `hctx` not removed from cpuhp callback
list (git-fixes).
- block: use the right type for stub rq_integrity_vec()
(git-fixes).
- block: Fix page refcounts for unaligned buffers in
__bio_release_pages() (git-fixes).
- commit 27674be
- devlink: avoid potential loop in
devlink_rel_nested_in_notify_work() (bsc#1237234).
- commit 3a39566
- power: supply: da9150-fg: fix potential overflow (git-fixes).
- commit 859fe45
- ocfs2: fix incorrect CPU endianness conversion causing mount
failure (bsc#1236138).
re-enable patch ocfs2-fix-UBSAN-warning-in-ocfs2_verify_volume.patch
(bsc#1236138).
- commit 1f4d40a
- iommu/arm-smmu-v3: Clean up more on probe failure
(stable-fixes).
- commit f5873b7
- ice: fold ice_ptp_read_time into ice_ptp_gettimex64
(bsc#1237415).
- ice: avoid the PTP hardware semaphore in gettimex64 path
(bsc#1237415).
- ice: add ice_adapter for shared data across PFs on the same NIC
(bsc#1237415).
- commit 9bb3389
- Fix conditional for selecting gcc-13
Fixes: 51dacec21eb1 ("Use gcc-13 for build on SLE16 (jsc#PED-10028).")
- commit 07542ae
- kasan: don't call find_vm_area() in a PREEMPT_RT kernel
(git-fixes).
- lib/iov_iter: fix import_iovec_ubuf iovec management
(git-fixes).
- lib: stackinit: hide never-taken branch from compiler
(stable-fixes).
- commit 08ac036
- KVM: arm64: Unconditionally save+flush host FPSIMD/SVE/SME state (git-fixes)
- commit 484a6fb
- arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array (git-fixes)
- commit d8f1799
- arm64: Handle .ARM.attributes section in linker scripts (git-fixes)
- commit 44f383d
- arm64/mm: Ensure adequate HUGE_MAX_HSTATE (git-fixes)
- commit 13bd685
- block: copy back bounce buffer to user-space correctly in case
of split (git-fixes).
- partitions: ldm: remove the initial kernel-doc notation
(git-fixes).
- nbd: don't allow reconnect after disconnect (git-fixes).
- block: retry call probe after request_module in
blk_request_module (git-fixes).
- block, bfq: fix waker_bfqq UAF after bfq_split_bfqq()
(git-fixes).
- blk-iocost: Avoid using clamp() on inuse in
__propagate_weights() (git-fixes).
- blk-mq: move cpuhp callback registering out of q->sysfs_lock
(git-fixes).
- blk-mq: register cpuhp callback after hctx is added to xarray
table (git-fixes).
- ublk: fix error code for unsupported command (git-fixes).
- block: return unsigned int from bdev_io_min (git-fixes).
- block: fix bio_split_rw_at to take zone_write_granularity into
account (git-fixes).
- ublk: fix ublk_ch_mmap() for 64K page size (git-fixes).
- blk-mq: Make blk_mq_quiesce_tagset() hold the tag list mutex
less long (git-fixes).
- block: fix ordering between checking BLK_MQ_S_STOPPED request
adding (git-fixes).
- block: fix ordering between checking QUEUE_FLAG_QUIESCED
request adding (git-fixes).
- block: fix missing dispatching request when queue is started
or unquiesced (git-fixes).
- Revert "blk-throttle: Fix IO hang for a corner case"
(git-fixes).
- block: fix sanity checks in blk_rq_map_user_bvec (git-fixes).
- block: Fix elevator_get_default() checking for NULL q->tag_set
(git-fixes).
- blk_iocost: remove some duplicate irq disable/enables
(git-fixes).
- block: fix integer overflow in BLKSECDISCARD (git-fixes).
- ublk: move zone report data out of request pdu (git-fixes).
- bio-integrity: don't restrict the size of integrity metadata
(git-fixes).
- block: Fix lockdep warning in blk_mq_mark_tag_wait (git-fixes).
- rbd: don't assume rbd_is_lock_owner() for exclusive mappings
(git-fixes).
- rbd: don't assume RBD_LOCK_STATE_LOCKED for exclusive mappings
(git-fixes).
- rbd: rename RBD_LOCK_STATE_RELEASING and releasing_wait
(git-fixes).
- loop: don't set QUEUE_FLAG_NOMERGES (git-fixes).
- block: change rq_integrity_vec to respect the iterator
(git-fixes).
- block: remove the blk_flush_integrity call in
blk_integrity_unregister (git-fixes).
- block: sed-opal: avoid possible wrong address reference in
read_sed_opal_key() (git-fixes).
- null_blk: fix validation of block size (git-fixes).
- null_blk: Do not allow runt zone with zone capacity smaller
then zone size (git-fixes).
- null_blk: Print correct max open zones limit in
null_init_zoned_dev() (git-fixes).
- nbd: Fix signal handling (git-fixes).
- nbd: Improve the documentation of the locking assumptions
(git-fixes).
- block: support to account io_ticks precisely (git-fixes).
- null_blk: Fix the WARNING: modpost: missing MODULE_DESCRIPTION()
(git-fixes).
- block: fix and simplify blkdevparts= cmdline parsing
(git-fixes).
- block: add a partscan sysfs attribute for disks (git-fixes).
- block: add a disk_has_partscan helper (git-fixes).
- null_blk: Fix missing mutex_destroy() at module removal
(git-fixes).
- block: propagate partition scanning errors to the BLKRRPART
ioctl (git-fixes).
- block: Clear zone limits for a non-zoned stacked queue
(git-fixes).
- rbd: don't move requests to the running list on errors
(git-fixes).
- commit 267ddd1
- null_blk: Remove usage of the deprecated ida_simple_xx() API
(git-fixes).
- Refresh
patches.suse/null_blk-fix-null-ptr-dereference-while-configuring-.patch.
- commit cea38e9
- kabi: fix group_cpus_evenly (bsc#1236897).
- kabi: fix bus type (bsc#1236896).
- commit 175404f
- PCI: imx6: Simplify clock handling by using clk_bulk*() function
(git-fixes).
- Refresh
patches.suse/PCI-imx6-Fix-suspend-resume-support-on-i.MX6QDL.patch.
- Refresh
patches.suse/PCI-imx6-Skip-controller_id-generation-logic-for-i.M.patch.
- commit f03d03e
- PCI: Use downstream bridges for distributing resources
(bsc#1237325).
- commit 7c0294f
- usb: quirks: Add NO_LPM quirk for TOSHIBA TransMemory-Mx device
(git-fixes).
- commit bbb24b0
- ALSA: hda/conexant: Add quirk for HP ProBook 450 G4 mute LED
(stable-fixes).
- commit 5d15622
- ALSA: seq: Drop UMP events when no UMP-conversion is set
(git-fixes).
- ALSA: hda/cirrus: Correct the full scale volume set logic
(git-fixes).
- ALSA: hda: Add error check for snd_ctl_rename_id() in
snd_hda_create_dig_out_ctls() (git-fixes).
- ASoC: SOF: pcm: Clear the susbstream pointer to NULL on close
(git-fixes).
- ASoC: SOF: stream-ipc: Check for cstream nullity in
sof_ipc_msg_data() (git-fixes).
- ASoC: rockchip: i2s-tdm: fix shift config for
SND_SOC_DAIFMT_DSP_[AB] (git-fixes).
- ASoC: fsl_micfil: Enable default case in micfil_set_quality()
(git-fixes).
- ALSA: hda/realtek: Fixup ALC225 depop procedure (git-fixes).
- commit 6fb0aa0
- block: ensure we hold a queue reference when using queue limits
(git-fixes).
- Refresh
patches.suse/block-Fix-where-bio-IO-priority-gets-set.patch.
- commit 36d897c
- null_blk: don't cap max_hw_sectors to BLK_DEF_MAX_SECTORS
(git-fixes).
- block: add check of 'minors' and 'first_minor' in
device_add_disk() (git-fixes).
- block: Set memalloc_noio to false on device_add_disk() error
path (git-fixes).
- block: Remove special-casing of compound pages (git-fixes).
- blk-mq: don't count completed flush data request as inflight
in case of quiesce (git-fixes).
- ublk: move ublk_cancel_dev() out of ub->mutex (git-fixes).
- block: Provide bdev_open_* functions (git-fixes).
- commit 3e547cf
- doc: update managed_irq documentation (bsc#1236897).
- blk-mq: issue warning when offlining hctx with online isolcpus
(bsc#1236897).
- blk-mq: use hk cpus only when isolcpus=managed_irq is enabled
(bsc#1236897).
- lib/group_cpus: honor housekeeping config when grouping CPUs
(bsc#1236897).
- virtio: blk/scsi: use block layer helpers to calculate num of
queues (bsc#1236897).
- scsi: use block layer helpers to calculate num of queues
(bsc#1236897).
- nvme-pci: use block layer helpers to calculate num of queues
(bsc#1236897).
- blk-mq: add number of queue calc helper (bsc#1236897).
- lib/group_cpus: let group_cpu_evenly return number initialized
masks (bsc#1236897).
- commit 3a935fa
- blk-mq: create correct map for fallback case (bsc#1236896).
- virtio: blk/scsi: replace blk_mq_virtio_map_queues with
blk_mq_map_hw_queues (bsc#1236896).
- nvme: replace blk_mq_pci_map_queues with blk_mq_map_hw_queues
(bsc#1236896).
- scsi: replace blk_mq_pci_map_queues with blk_mq_map_hw_queues
(bsc#1236896).
- blk-mq: introduce blk_mq_map_hw_queues (bsc#1236896).
- virtio: hookup irq_get_affinity callback (bsc#1236896).
- PCI: hookup irq_get_affinity callback (bsc#1236896).
- driver core: bus: add irq_get_affinity callback to bus_type
(bsc#1236896).
- commit 1f8d7a5
- Update
patches.suse/USB-serial-quatech2-fix-null-ptr-deref-in-qt2_proces.patch (CVE-2025-21689 bsc#1237017).
- Update
patches.suse/drm-v3d-Assign-job-pointer-to-NULL-before-signaling-.patch (CVE-2025-21688 bsc#1237007
- Update
patches.suse/drm-v3d-Ensure-job-pointer-is-set-to-NULL-after-job-.patch (CVE-2025-21697 bsc#1237132)
- Update
patches.suse/gfs2-Truncate-address-space-when-flipping-GFS2_DIF_JDATA-flag.patch (CVE-2025-21699 bsc#1237139)
- Update
patches.suse/gpio-xilinx-Convert-gpio_lock-to-raw-spinlock.patch (CVE-2025-21684 bsc#1236952)
- Update
patches.suse/msft-hv-3155-scsi-storvsc-Ratelimit-warning-logs-to-prevent-VM-de.patch (CVE-2025-21690 bsc#1237025)
- commit a20ee68
- kABI fix for mptcp: fix inconsistent state on fastopen race
(CVE-2024-26708 bsc#1222672).
Upstream commit 4fd19a307016 ("mptcp: fix inconsistent state
on fastopen race") introduced three breaking changes, which are handled in
this patch.
* a new variable `pending_state` was added to `struct mptcp_sock`, which
is now moved into a hole.
* a new define replaces an old one, so renumber the new one and re-add
the old one.
* an API function was removed, so re-add it again.
```
u8 in_accept_queue:1; /* 1562: 4 1 */
/* XXX 3 bits hole, try to pack */
/* XXX 5 bytes hole, try to pack */
struct work_struct work; /* 1568 32 */
```
- commit a4771c0
- bpf, sockmap: Several fixes to bpf_msg_pop_data (CVE-2024-56720
bsc#1235592).
- commit a218d9d
- net: Fix icmp host relookup triggering ip_rt_bug (CVE-2024-56647
bsc#1235435).
- commit 713c9c9
- USB: Fix the issue of task recovery failure caused by USB
status when S4 wakes up (git-fixes).
- commit 686e836
- powerpc/64s/mm: Move __real_pte stubs into hash-4k.h
(bsc#1215199).
- commit 73fb25c
- powerpc/code-patching: Fix KASAN hit by not flagging text
patching area as VM_ALLOC (bsc#1215199).
- powerpc/64s: Rewrite __real_pte() and __rpte_to_hidx() as
static inline (bsc#1215199).
- powerpc/code-patching: Disable KASAN report during patching
via temporary mm (bsc#1215199).
- commit cb15126
- usbnet: ipheth: document scope of NCM implementation
(stable-fixes).
- wifi: brcmfmac: fix NULL pointer dereference in
brcmf_txfinalize() (stable-fixes).
- wifi: mt76: mt7921u: Add VID/PID for TP-Link TXE50UH
(stable-fixes).
- wifi: rtw88: sdio: Fix disconnection after beacon loss
(stable-fixes).
- wifi: iwlwifi: avoid memory leak (stable-fixes).
- wifi: brcmfmac: Check the return value of
of_property_read_string_index() (stable-fixes).
- wifi: rtw89: add crystal_cap check to avoid setting as overflow
value (stable-fixes).
- wifi: brcmsmac: add gain range check to
wlc_phy_iqcal_gainparams_nphy() (stable-fixes).
- commit b67568f
- acct: block access to kernel internal filesystems (git-fixes).
- acct: perform last write from workqueue (git-fixes).
- drm/i915: Drop 64bpp YUV formats from ICL+ SDR planes
(stable-fixes).
- drm/i915: Fix page cleanup on DMA remap failure (git-fixes).
- Revert "drm/amd/display: Use HW lock mgr for PSR1"
(stable-fixes).
- selftests: mptcp: connect: -f: no reconnect (git-fixes).
- net: rose: lock the socket in rose_bind() (git-fixes).
- scripts/gdb: fix aarch64 userspace detection in get_current_task
(stable-fixes).
- drm/amdkfd: only flush the validate MES contex (stable-fixes).
- drm/amd/pm: Mark MM activity as unsupported (stable-fixes).
- ata: libata-sff: Ensure that we cannot write outside the
allocated buffer (stable-fixes).
- cpufreq: s3c64xx: Fix compilation warning (stable-fixes).
- drm/modeset: Handle tiled displays in pan_display_atomic
(stable-fixes).
- efi: libstub: Use '-std=gnu11' to fix build with GCC 15
(stable-fixes).
- ASoC: amd: Add ACPI dependency to fix build error
(stable-fixes).
- platform/x86: acer-wmi: Ignore AC events (stable-fixes).
- Input: allocate keycode for phone linking (stable-fixes).
- platform/x86: int3472: Check for adev == NULL (stable-fixes).
- tomoyo: don't emit warning in tomoyo_write_control()
(stable-fixes).
- HID: Wacom: Add PCI Wacom device support (stable-fixes).
- APEI: GHES: Have GHES honor the panic= setting (stable-fixes).
- clk: sunxi-ng: a100: enable MMC clock reparenting (git-fixes).
- clk: qcom: gcc-mdm9607: Fix cmd_rcgr offset for blsp1_uart6 rcg
(git-fixes).
- clk: qcom: clk-alpha-pll: fix alpha mode configuration
(git-fixes).
- clk: qcom: dispcc-sm6350: Add missing parent_map for a clock
(git-fixes).
- clk: qcom: gcc-sm6350: Add missing parent_map for two clocks
(git-fixes).
- clk: qcom: clk-rpmh: prevent integer overflow in recalc_rate
(git-fixes).
- clk: qcom: gcc-sm8550: Do not turn off PCIe GDSCs during
gdsc_disable() (git-fixes).
- clk: mediatek: mt2701-img: add missing dummy clk (git-fixes).
- clk: mediatek: mt2701-mm: add missing dummy clk (git-fixes).
- clk: mediatek: mt2701-bdp: add missing dummy clk (git-fixes).
- clk: mediatek: mt2701-aud: fix conversion to
mtk_clk_simple_probe (git-fixes).
- clk: mediatek: mt2701-vdec: fix conversion to
mtk_clk_simple_probe (git-fixes).
- i2c: Force ELAN06FA touchpad I2C bus freq to 100KHz
(stable-fixes).
- mmc: sdhci-msm: Correctly set the load for the regulator
(stable-fixes).
- mmc: core: Respect quirk_max_rate for non-UHS SDIO card
(stable-fixes).
- mfd: lpc_ich: Add another Gemini Lake ISA bridge PCI device-id
(stable-fixes).
- spi: atmel-qspi: Memory barriers after memory-mapped I/O
(git-fixes).
- spi: atmel-quadspi: Create `atmel_qspi_ops` to support newer
SoC families (stable-fixes).
- selftests/net/ipsec: Fix Null pointer dereference in
rtattr_pack() (stable-fixes).
- Bluetooth: MGMT: Fix slab-use-after-free Read in
mgmt_remove_adv_monitor_sync (stable-fixes).
- net: wwan: iosm: Fix hibernation by re-binding the driver
around it (stable-fixes).
- drm/amd/display: Fix Mode Cutoff in DSC Passthrough to DP2.1
Monitor (stable-fixes).
- drm/bridge: it6505: fix HDCP CTS KSV list wait timer
(stable-fixes).
- drm/bridge: it6505: fix HDCP CTS compare V matching
(stable-fixes).
- drm/bridge: it6505: fix HDCP encryption when R0 ready
(stable-fixes).
- drm/bridge: it6505: fix HDCP Bstatus check (stable-fixes).
- drm/bridge: it6505: Change definition MAX_HDCP_DOWN_STREAM_COUNT
(stable-fixes).
- drm/virtio: New fence for every plane update (stable-fixes).
- lockdep: Fix upper limit for LOCKDEP_*_BITS configs
(stable-fixes).
- commit 32eeef9
- net: sched: Disallow replacing of child qdisc from one parent
to another (CVE-2025-21700 bsc#1237159).
- commit fd65855
- sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy (CVE-2025-21640 bsc#1236123)
- commit 7a3b711
- sctp: sysctl: rto_min/max: avoid using current->nsproxy (CVE-2025-21639 bsc#1236122)
- commit e818833
- pktgen: Avoid out-of-bounds access in get_imix_entries
(CVE-2025-21680 bsc#1236700).
- commit 8cb9ad2
- sctp: sysctl: auth_enable: avoid using current->nsproxy (CVE-2025-21638 bsc#1236115)
- commit e4e9666
- sctp: sysctl: udp_port: avoid using current->nsproxy (CVE-2025-21637 bsc#1236114)
- commit b35279d
- sctp: sysctl: plpmtud_probe_interval: avoid using current->nsproxy (CVE-2025-21636 bsc#1236113)
- commit 3f71e7d
- add bug reference to hv_storvsc change (bsc#1237025 CVE-2025-21690).
- commit 45e9861
- kABI fix for mptcp: handle consistently DSS corruption (CVE-2024-50185 bsc#1233109)
- commit d478aac
- idpf: fix VF dynamic interrupt ctl register initialization
(git-fixes).
- Refresh
patches.suse/idpf-add-support-for-SW-triggered-interrupts.patch.
- commit da462e1
- igc: Set buffer type for empty frames in igc_init_empty_frame
(git-fixes).
- igc: Fix HW RX timestamp when passed by ZC XDP (git-fixes).
- idpf: call set_real_num_queues in idpf_open (bsc#1236661).
- idpf: fix handling rsc packet with a single segment (git-fixes).
- ice: stop storing XDP verdict within ice_rx_buf (git-fixes).
- ice: gather page_count()'s of each frag right before XDP prog
call (git-fixes).
- ice: put Rx buffers after being done with current frame
(git-fixes).
- iavf: allow changing VLAN state without calling PF (git-fixes).
- idpf: convert workqueues to unbound (git-fixes).
- idpf: add read memory barrier when checking descriptor done bit
(git-fixes).
- net/mlx5e: Always start IPsec sequence number from 1
(git-fixes).
- net/mlx5e: Rely on reqid in IPsec tunnel mode (git-fixes).
- net/mlx5: SF, Fix add port error handling (git-fixes).
- net/mlx5: Fix RDMA TX steering prio (git-fixes).
- igc: return early when failing to read EECD register
(git-fixes).
- ice: fix incorrect PHY settings for 100 GB/s (git-fixes).
- ice: fix max values for dpll pin phase adjust (git-fixes).
- eth: gve: use appropriate helper to set xdp_features
(git-fixes).
- cxgb4: Avoid removal of uninserted tid (git-fixes).
- bnxt_en: Fix possible memory leak when hwrm_req_replace fails
(git-fixes).
- net: sfc: Correct key_len for efx_tc_ct_zone_ht_params
(git-fixes).
- net/mlx5e: macsec: Maintain TX SA from encoding_sa (git-fixes).
- chelsio/chtls: prevent potential integer overflow on 32bit
(git-fixes).
- cxgb4: use port number to set mac addr (git-fixes).
- bnxt_en: Unregister PTP during PCI shutdown and suspend
(git-fixes).
- bnxt_en: Refactor bnxt_ptp_init() (git-fixes).
- net/mlx5: Verify support for scheduling element and TSAR type
(git-fixes).
- ice: check ICE_VSI_DOWN under rtnl_lock when preparing for reset
(git-fixes).
- ice: use internal pf id instead of function number (git-fixes).
- ice: Skip PTP HW writes during PTP reset procedure (git-fixes).
- net/mlx5: Correct TASR typo into TSAR (git-fixes).
- commit a2c0ed6
- Use gcc-13 for build on SLE16 (jsc#PED-10028).
- commit 51dacec
- kbuild: userprogs: fix bitsize and target detection on clang
(git-fixes).
- tools: fix annoying "mkdir -p ..." logs when building tools
in parallel (git-fixes).
- serial: 8250: Fix fifo underflow on flush (git-fixes).
- usb: roles: set switch registered flag early on (git-fixes).
- usb: gadget: core: flush gadget workqueue after device removal
(git-fixes).
- USB: gadget: f_midi: f_midi_complete to call queue_work
(git-fixes).
- usb: core: fix pipe creation for get_bMaxPacketSize0
(git-fixes).
- usb: dwc3: Fix timeout issue during controller enter/exit from
halt state (git-fixes).
- USB: cdc-acm: Fill in Renesas R-Car D3 USB Download mode quirk
(git-fixes).
- usb: cdc-acm: Fix handling of oversized fragments (git-fixes).
- usb: cdc-acm: Check control transfer buffer size before access
(git-fixes).
- usb: gadget: f_midi: fix MIDI Streaming descriptor lengths
(git-fixes).
- usb: dwc2: gadget: remove of_node reference upon udc_stop
(git-fixes).
- usb: gadget: udc: renesas_usb3: Fix compiler warning
(git-fixes).
- commit f681ca5
- gpio: stmpe: Check return value of stmpe_reg_read in
stmpe_gpio_irq_sync_unlock (git-fixes).
- gpio: bcm-kona: Add missing newline to dev_err format string
(git-fixes).
- gpio: bcm-kona: Make sure GPIO bits are unlocked when requesting
IRQ (git-fixes).
- gpio: bcm-kona: Fix GPIO lock/unlock for banks above bank 0
(git-fixes).
- commit 72e2a5f
- exfat: fix file being changed by unaligned direct write
(git-fixes).
- commit c5a2490
- exfat: fix zero the unwritten part for dio read (git-fixes).
- commit ab0ec4f
- hfs: Sanity check the root record (git-fixes).
- commit 6977b91
- dlm: fix srcu_read_lock() return type to int (git-fixes).
- commit 3303370
- exfat: fix out-of-bounds access of directory entries
(bsc#1234857 CVE-2024-53147).
- commit 8127e11
- exfat: change to get file size from DataLength (bsc#1234857
CVE-2024-53147).
- commit 34f63a5
- exfat: convert to ctime accessor functions (git-fixes).
- commit 430eb66
- mmc: mtk-sd: Fix register settings for hs400(es) mode
(git-fixes).
- commit 0e84651
- smb: client: instantiate when creating SFU files (git-fixes).
- commit 1658f01
- smb: client: handle lack of FSCTL_GET_REPARSE_POINT support
(git-fixes).
- commit eacadae
- smb: client: return reparse type in /proc/mounts (git-fixes).
- commit 5c949e8
- smb: client: set correct d_type for reparse DFS/DFSR and mount
point (git-fixes).
- commit 99477ce
- smb: client: Fix a NULL vs IS_ERR() check in wsl_set_xattrs()
(git-fixes).
- commit dcd4483
- smb: client: parse uid, gid, mode and dev from WSL reparse
points (git-fixes).
- commit 86b1707
- smb: client: introduce SMB2_OP_QUERY_WSL_EA (git-fixes).
- Refresh
patches.suse/smb-client-fix-potential-UAF-in-cifs_debug_files_proc_show-.patch.
- commit 6f30059
- smb: client: get rid of smb311_posix_query_path_info()
(git-fixes).
- commit 08f4b23
- smb: client: add support for WSL reparse points (git-fixes).
- commit 4773bbe
- smb: client: reduce number of parameters in smb2_compound_op()
(git-fixes).
- commit 5bf06b7
- smb: client: retry compound request without reusing lease
(git-fixes).
- commit 44ecf42
- smb: client: reuse file lease key in compound operations
(git-fixes).
- commit e1d39cc
- smb: client: parse owner/group when creating reparse points
(git-fixes).
- commit 2b1f34d
- cifs: open_cached_dir(): add FILE_READ_EA to desired access
(git-fixes).
- commit f59c050
- cifs: update the same create_guid on replay (git-fixes).
- commit 651496d
- smb: client: reduce stack usage in smb2_query_reparse_point()
(git-fixes).
- commit a2f52a1
- cifs: update desired access while requesting for directory lease
(git-fixes).
- commit 3577933
- smb: client: move most of reparse point handling code to common
file (git-fixes).
- commit 90c5825
- smb: client: handle special files and symlinks in SMB3 POSIX
(git-fixes).
- commit 7ddb775
- smb: client: cleanup smb2_query_reparse_point() (git-fixes).
- commit 56a04ed
- smb: client: fix OOB in smb2_query_reparse_point() (git-fixes).
- commit a9edfbd
- smb: client: allow creating symlinks via reparse points
(git-fixes).
- commit 93e7dee
- smb: client: fix hardlinking of reparse points (git-fixes).
- commit 6805b33
- drm/i915/selftests: avoid using uninitialized context
(git-fixes).
- drm/amdgpu: bail out when failed to load fw in
psp_init_cap_microcode() (git-fixes).
- spi: sn-f-ospi: Fix division by zero (git-fixes).
- regmap-irq: Add missing kfree() (git-fixes).
- batman-adv: fix panic during interface removal (git-fixes).
- can: etas_es58x: fix potential NULL pointer dereference on
udev->serial (git-fixes).
- can: c_can: fix unbalanced runtime PM disable in error path
(git-fixes).
- can: ctucanfd: handle skb allocation failure (git-fixes).
- can: j1939: j1939_sk_send_loop(): fix unable to send messages
with data length zero (git-fixes).
- wifi: ath12k: fix handling of 6 GHz rules (git-fixes).
- commit 30daf36
- smb: client: fix missing mode bits for SMB symlinks (git-fixes).
- commit 8fa207f
- smb: client: stop revalidating reparse points unnecessarily
(git-fixes).
- commit ce08be7
- smb: client: fix potential broken compound request (git-fixes).
- commit a4415de
- smb: client: fix renaming of reparse points (git-fixes).
- commit 32e853e
- smb: client: optimise reparse point querying (git-fixes).
- commit a53eec6
- smb: client: allow creating special files via reparse points
(git-fixes).
- commit 74e26d4
- smb: client: introduce cifs_sfu_make_node() (git-fixes).
- commit 39b0787
- smb: client: set correct file type from NFS reparse points
(git-fixes).
- Delete
patches.suse/cifs-Fix-buffer-overflow-when-parsing-NFS-reparse-points.patch.
(deleted patch will be added later)
- commit 7b28133
- smb: client: introduce ->parse_reparse_point() (git-fixes).
- commit 5e66e50
- smb3: fix creating FIFOs when mounting with "sfu" mount option
(git-fixes).
- commit 82c7e6d
- mptcp: pm: fix UaF read in mptcp_pm_nl_rm_addr_or_subflow (CVE-2024-50085 bsc#1232508)
- commit 25971ed
- smb: client: Fix minor whitespace errors and warnings
(git-fixes).
- commit 1eedc39
- smb: use kernel_connect() and kernel_bind() (git-fixes).
- commit 6936009
- smb: client: introduce reparse mount option (git-fixes).
- commit e5a8c1e
- smb: client: implement ->query_reparse_point() for SMB1
(git-fixes).
- commit 2615bfd
- smb: cilent: set reparse mount points as automounts (git-fixes).
- commit da6e3c8
- smb: client: do not query reparse points twice on symlinks
(git-fixes).
- commit b7e62c9
- s390/futex: Fix FUTEX_OP_ANDN implementation (git-fixes
bsc#1237158).
- commit 3e00897
- KVM: s390: vsie: fix some corner-cases when grabbing vsie pages
(git-fixes bsc#1237155).
- commit 6d87f47
- net/smc: support ipv4 mapped ipv6 addr client for smc-r v2
(bsc#1236994).
- net: smc: fix spurious error message from __sock_release()
(bsc#1237126).
- commit 2c0a5e1
- mptcp: fix data races on local_id (git-fixes)
- Refresh patches.suse/mptcp-fix-data-races-on-remote_id.patch
- commit 661ea6e
- mptcp: pm: fullmesh: select the right ID later (git-fixes)
- commit 1d30f2b
- mptcp: pm: only in-kernel cannot have entries with ID 0 (git-fixes)
- commit 8638b2c
- mptcp: unify pm set_flags interfaces (git-fixes)
- commit 493b268
- mptcp: unify pm get_flags_and_ifindex_by_id (git-fixes)
- commit 57ae267
- mptcp: unify pm get_local_id interfaces (git-fixes)
- commit f1f0e12
- mptcp: export local_address (git-fixes)
- commit 2e22243
- mptcp: pm: check add_addr_accept_max before accepting new ADD_ADDR (git-fixes)
- commit 9c72df8
- mptcp: pm: only decrement add_addr_accepted for MPJ req (CVE-2024-45009 bsc#1230438)
- commit 9337031
- mptcp: pm: only mark 'subflow' endp as available (CVE-2024-45010 bsc#1230439)
- commit 9e1f869
- mptcp: pm: remove mptcp_pm_remove_subflow (git-fixes)
- commit 0d1e602
- Update config files.
Use the upstream default for TSX_MODE.
- commit 55bbd12
- mptcp: pm: re-using ID of unused flushed subflows (git-fixes)
- commit 2798558
- mptcp: pm: re-using ID of unused removed subflows (git-fixes)
- commit 405e62f
- mptcp: pm: re-using ID of unused removed ADD_ADDR (git-fixes)
- commit 42e63a4
- mptcp: fix NL PM announced address accounting (git-fixes)
- commit 28d5efa
- mptcp: pm: inc RmAddr MIB counter once per RM_ADDR ID (git-fixes)
- commit adfc1dd
- mptcp: pm: avoid possible UaF when selecting endp (CVE-2024-44974 bsc#1230235)
- commit e827535
- mptcp: pm: do not ignore 'subflow' if 'signal' flag is also set (git-fixes)
- commit 262fe7b
- mptcp: pm: deny endp with signal + subflow + port (git-fixes)
- commit 20e7fdf
- mptcp: fully established after ADD_ADDR echo on MPJ (git-fixes)
- commit 54ad8c1
- mptcp: pm: don't try to create sf if alloc failed (git-fixes)
- commit 9185902
- mptcp: pm: reduce indentation blocks (git-fixes)
- commit a393115
- mptcp: pass addr to mptcp_pm_alloc_anno_list (git-fixes)
- commit 71a0164
- mptcp: handle consistently DSS corruption (CVE-2024-50185 bsc#1233109)
- commit 01e9763
- powerpc/pseries/iommu: Split Dynamic DMA Window to be used in Hybrid
mode (ltc#210895 bsc#1235933 ltc#210896 bsc#1235932).
- Refresh patches.suse/powerpc-pseries-iommu-IOMMU-incorrectly-marks-MMIO-r.patch
- commit d8f69df
- usb: dwc3: core: Defer the probe until USB power supply ready
(git-fixes).
- commit f3ecf26
- vfio/platform: check the bounds of read/write syscalls
(bsc#1237045 CVE-2025-21687).
- commit e52d676
- xhci: dbgtty: remove kfifo_out() wrapper (git-fixes).
- commit 806156f
- net: sched: fix ets qdisc OOB Indexing (bsc#1237028
CVE-2025-21692).
- commit 1b093fe
- RDMA/rxe: Improve newline in printing messages (git-fixes)
- Refresh patches.suse/RDMA-rxe-Fix-mismatched-max_msg_sz.patch
- Pickup RXE code change introduced by upstream merge: af96134dc856 ("Merge tag 'rcu.2023.06.22a' of git://git.kernel.org/pub/scm/linux/kernel/git/paulmck/linux-rcu")
- commit 1492681
- smb: client: fix possible double free in smb2_set_ea()
(git-fixes).
- commit b6cd961
- powerpc/trace: Add support for HAVE_FUNCTION_ARG_ACCESS_API
(bsc#1236967 ltc#210988).
- Update config files.
- commit 83bff51
- Update "drm/mgag200: Added support for the new device G200eH5" (jsc#PED-12094)
Update to match upstream commit 6636c58b946c ("drm/mgag200: Added
support for the new device G200eH5").
- commit 7ba9f89
- usb: xhci: Fix NULL pointer dereference on certain command
aborts (git-fixes).
- commit 8628513
- util_macros.h: fix/rework find_closest() macros (git-fixes).
- commit 01b2939
- s390/topology: Improve topology detection (bsc#1236591).
- commit 101e515
- HID: hid-thrustmaster: fix stack-out-of-bounds read in
usb_check_int_endpoints() (git-fixes).
- HID: multitouch: Add NULL check in mt_input_configured
(git-fixes).
- pinctrl: cy8c95x0: Respect IRQ trigger settings from firmware
(git-fixes).
- commit 1dbe333
- scsi: storvsc: Set correct data length for sending SCSI command
without payload (git-fixes).
- commit 93c01ea
- net/mlx5: Fix msix vectors to respect platform limit
(bsc#1225981).
- commit b7a2367
- s390/pci: Fix SR-IOV for PFs initially in standby
(git-fixes bsc#1236752).
- commit dcf85a0
- s390/pci: Fix leak of struct zpci_dev when zpci_add_device()
fails (bsc#1236752).
- s390/pci: Ignore RID for isolated VFs (bsc#1236752).
- s390/pci: Use topology ID for multi-function devices
(bsc#1236752).
- s390/pci: Sort PCI functions prior to creating virtual busses
(bsc#1236752).
- commit 004cfd2
- iommu/arm-smmu: Make instance lookup robust (bsc#1235032, CVE-2024-56568).
- commit 8f1b23e
- selftests/bpf: add fp-leaking precise subprog result tests
(git-fixes).
- bpf: prevent r10 register from being marked as precise
(git-fixes).
- bpf: Avoid kfree_rcu() under lock in bpf_lpm_trie (git-fixes).
- selftests/bpf: Fix flaky test btf_map_in_map/lookup_update
(git-fixes).
- selftests/bpf: Prevent client connect before server bind in
test_tc_tunnel.sh (git-fixes).
- bpf: Fix a verifier verbose message (git-fixes).
- commit dfce816
- bpf: Replace bpf_lpm_trie_key 0-length array with flexible array
(git-fixes).
- selftests/bpf: Fix flaky selftest lwt_redirect/lwt_reroute
(git-fixes).
- bpf: Use -Wno-error in certain tests when building with GCC
(git-fixes).
- commit 3243439
- Update
patches.suse/ALSA-6fire-Release-resources-at-card-release.patch
(git-fixes CVE-2024-53239 bsc#1235054 bsc#1234853).
- Update
patches.suse/Bluetooth-L2CAP-Fix-uaf-in-l2cap_connect.patch
(CVE-2024-49950 bsc#1232159 bsc#1225742).
- Update
patches.suse/Bluetooth-L2CAP-do-not-leave-dangling-sk-pointer-on-.patch
(stable-fixes CVE-2024-56605 bsc#1235061 bsc#1234853).
- Update
patches.suse/KVM-nSVM-Ignore-nCR3-4-0-when-loading-PDPTEs-from-me.patch
(CVE-2024-50115 bsc#1232919 bsc#1225742).
- Update
patches.suse/NFSv4.0-Fix-a-use-after-free-problem-in-the-asynchronous-open.patch
(git-fixes CVE-2024-53173 bsc#1234891 bsc#1234853).
- Update
patches.suse/RDMA-hns-Fix-NULL-pointer-derefernce-in-hns_roce_map.patch
(git-fixes CVE-2024-53226 bsc#1236576).
- Update
patches.suse/ext4-avoid-OOB-when-system.data-xattr-changes-undern.patch
(bsc#1231920 CVE-2024-47701 bsc#1225742).
- Update
patches.suse/ext4-fix-slab-use-after-free-in-ext4_split_extent_at.patch
(bsc#1232201 CVE-2024-49884 bsc#1232198 bsc#1225742).
- Update
patches.suse/hfsplus-don-t-query-the-device-logical-block-size-multiple-times.patch
(git-fixes CVE-2024-56548 bsc#1235073 bsc#1234853).
- Update
patches.suse/mac802154-check-local-interfaces-before-deleting-sda.patch
(stable-fixes CVE-2024-57948 bsc#1236677).
- Update
patches.suse/media-amphion-Set-video-drvdata-before-register-vide.patch
(git-fixes CVE-2024-56579 bsc#1236575).
- Update
patches.suse/mm-prevent-derefencing-NULL-ptr-in-pfn_section_valid.patch
(git-fixes CVE-2024-41055 bsc#1228521).
- Update
patches.suse/pinctrl-mcp23s08-Fix-sleeping-in-atomic-context-due-.patch
(git-fixes CVE-2024-57889 bsc#1236573).
- Update
patches.suse/tty-n_gsm-Fix-use-after-free-in-gsm_cleanup_mux.patch
(stable-fixes CVE-2024-50073 bsc#1232520 bsc#1225742).
- Update
patches.suse/vfio-pci-Lock-external-INTx-masking-ops.patch
(bsc#1222803 CVE-2024-26810).
- Update
patches.suse/wifi-mwifiex-Fix-memcpy-field-spanning-write-warning-d241a13.patch
(git-fixes CVE-2024-56539 bsc#1234963 bsc#1234853).
- commit 2e394be
- Update
patches.suse/netfilter-nf_tables-don-t-fail-inserts-if-dupl.patch
(bsc#1012628 CVE-2023-52925 bsc#1236822).
- Update
patches.suse/netfilter-nf_tables-don-t-skip-expired-element.patch
(bsc#1012628 CVE-2023-52924 bsc#1236821).
- commit 6257a48
- tg3: Disable tg3 PCIe AER on system reboot (bsc#1219367).
- commit 43ff004
- wifi: mt76: mt7915: improve hardware restart reliability
(stable-fixes).
- commit 8478fb6
- ASoC: Intel: avs: Prefix SKL/APL-specific members
(stable-fixes).
- Refresh
patches.suse/ASoC-Intel-avs-Fix-theoretical-infinite-loop.patch.
- commit 01a2134
- serial: sc16is7xx: use device_property APIs when configuring
irda mode (stable-fixes).
- Refresh
patches.suse/serial-sc16is7xx-remove-global-regmap-from-struct-sc.patch.
- commit 5b3248c
- ASoC: Intel: avs: Do not readq() u32 registers (git-fixes).
- ALSA: seq: Make dependency on UMP clearer (git-fixes).
- crypto: hisilicon/sec2 - fix for aead invalid authsize
(git-fixes).
- crypto: hisilicon/sec2 - fix for aead icv error (git-fixes).
- wifi: mt76: mt7915: fix omac index assignment after hardware
reset (git-fixes).
- drm/rockchip: vop2: include rockchip_drm_drv.h (git-fixes).
- drm/rockchip: vop2: Fix the windows switch between different
layers (git-fixes).
- wifi: mt76: connac: move mt7615_mcu_del_wtbl_all to connac
(stable-fixes).
- ASoC: Intel: avs: Abstract IPC handling (stable-fixes).
- ALSA: seq: remove redundant 'tristate' for SND_SEQ_UMP_CLIENT
(stable-fixes).
- drm/rockchip: vop2: set bg dly and prescan dly at
vop2_post_config (stable-fixes).
- drm/rockchip: vop2: Set YUV/RGB overlay mode (stable-fixes).
- drm/rockchip: move output interface related definition to
rockchip_drm_drv.h (stable-fixes).
- crypto: hisilicon/sec2 - optimize the error return process
(stable-fixes).
- commit 21fab4a
- drm/i915/dp: Iterate DSC BPP from high to low on all platforms
(git-fixes).
- drm/i915/guc: Debug print LRC state entries only if the context
is pinned (git-fixes).
- drm/i915/pmu: Fix zero delta busyness issue (git-fixes).
- gpu: drm_dp_cec: fix broken CEC adapter properties check
(git-fixes).
- drm/komeda: Add check for komeda_get_layer_fourcc_list()
(git-fixes).
- firmware: iscsi_ibft: fix ISCSI_IBFT Kconfig entry (git-fixes).
- ACPI: property: Fix return value for nval == 0 in
acpi_data_prop_read() (git-fixes).
- ACPI: PRM: Remove unnecessary strict handler address checks
(git-fixes).
- gpio: pca953x: Improve interrupt support (git-fixes).
- commit e018ad6
- mptcp: fix recvbuffer adjust on sleeping rcvmsg (git-fixes)
- commit 4ce1907
- filemap: avoid truncating 64-bit offset to 32 bits
(CVE-2025-21665 bsc#1236684).
- commit 597c6a3
- smb: client: fix double free of TCP_Server_Info::hostname
(CVE-2025-21673 bsc#1236689).
- commit 3139e94
- openvswitch: fix lockup on tx to unregistering netdev with
carrier (CVE-2025-21681 bsc#1236702).
- commit b85304e
- pmdomain: imx8mp-blk-ctrl: add missing loop break condition
(CVE-2025-21668 bsc#1236682).
- commit 99dbd95
- iomap: avoid avoid truncating 64-bit offset to 32 bits
(CVE-2025-21667 bsc#1236681).
- commit e233a3c
- cpufreq: qcom-nvmem: add support for IPQ8064 (git-fixes).
- Refresh
patches.suse/cpufreq-qcom-nvmem-Enable-virtual-power-domain-devices.patch.
- commit f530449
- drm/amdgpu: fix UVD contiguous CS mapping problem (bsc#1236759).
- commit 785700c
- cpufreq: mediatek-hw: Don't error out if supply is not found
(git-fixes).
- commit 8cc17c1
- mptcp: error out earlier on disconnect (CVE-2024-53123 bsc#1234070)
- commit b7c16f4
- drop_monitor: replace spin_lock by raw_spin_lock (CVE-2024-40980 bsc#1227937)
- commit 72b4850
- xfrm: validate new SA's prefixlen using SA family when sel.family is unset (CVE-2024-50142 bsc#1233028)
- commit 821a08b
- selftests/bpf: Add apply_bytes test to
test_txmsg_redir_wait_sndmem in test_sockmap (bsc#1235485
CVE-2024-56633).
- tcp_bpf: Fix the sk_mem_uncharge logic in tcp_bpf_sendmsg
(bsc#1235485 CVE-2024-56633).
- commit 92f3cb7
- smb: During unmount, ensure all cached dir instances drop
their dentry (bsc#1231432, bsc#1234894, CVE-2024-53176).
- commit c66b2d4
- smb: client: reduce stack usage in smb2_set_ea() (bsc#1231432).
- Refresh
patches.suse/smb-client-fix-potential-UAF-in-cifs_debug_files_proc_show-.patch.
- commit b56ad4e
- smb: client: properly close cfids on umount (bsc#1231432,
bsc#1232299, bsc#1235599, bsc#1234896).
- commit 189365b
- drm/mgag200: Added support for the new device G200eH5 (jsc#PED-12094)
- commit 5e11827
- cpufreq: qcom-nvmem: drop pvs_ver for format a fuses
(git-fixes).
- commit 60005f6
- cpufreq: qcom: Implement clk_ops::determine_rate() for
qcom_cpufreq* clocks (git-fixes).
- cpufreq: qcom: Fix qcom_cpufreq_hw_recalc_rate() to query LUT
if LMh IRQ is not available (git-fixes).
- commit 3e10296
- cpufreq: mediatek-hw: Wait for CPU supplies before probing
(git-fixes).
- commit b08f9e8
- sched: sch_cake: add bounds checks to host bulk flow fairness
counts (CVE-2025-21647 bsc#1236133).
- commit 1f1bc5f
- locking/lockdep: Avoid creating new name string literals in
lockdep_set_subclass() (git-fixes).
- commit c137ed9
- lockdep: fix deadlock issue between lockdep and rcu (git-fixes).
- commit d6daab7
- locking/rwsem: Add __always_inline annotation to
__down_write_common() and inlined callers (git-fixes).
- commit 1366984
- selftests/futex: pass _GNU_SOURCE without a value to the
compiler (git-fixes).
- commit 6c47425
- futex: Don't include process MM in futex key on no-MMU
(git-fixes).
- commit 925398b
- cpufreq: qcom-nvmem: use helper to get SMEM SoC ID (git-fixes).
- cpufreq: qcom-nvmem: use SoC ID-s from bindings (git-fixes).
- soc: qcom: smem: introduce qcom_smem_get_soc_id() (git-fixes).
- soc: qcom: socinfo: move SMEM item struct and defines to a
header (git-fixes).
- commit 870636f
- selftests/bpf: Test the update operations for htab of maps
(bsc#1235244 CVE-2024-56592).
- selftests/bpf: Move ENOTSUPP from bpf_util.h (bsc#1235244
CVE-2024-56592).
- bpf: Call free_htab_elem() after htab_unlock_bucket()
(bsc#1235244 CVE-2024-56592).
- selftests/bpf: Clean up open-coded gettid syscall invocations
(bsc#1235244 CVE-2024-56592).
- commit 1ed8f4f
- usb: chipidea: ci_hdrc_imx: decrement device's refcount in
.remove() and in the error path of .probe() (git-fixes).
- commit 243c2cb
- vsock: Keep the binding until socket destruction (git-fixes)
- commit 545191e
- vsock: prevent null-ptr-deref in vsock_*[has_data|has_space] (CVE-2025-21666 bsc#1236680)
- commit 5667481
- vsock: reset socket state when de-assigning the transport (git-fixes)
- commit 70de10a
- vsock/virtio: cancel close work in the destructor (git-fixes)
- commit b47a8e2
- vsock/bpf: return early if transport is not assigned (CVE-2025-21670 bsc#1236685)
- commit 938e02d
- vsock/virtio: discard packets if the transport changes (CVE-2025-21669 bsc#1236683)
- commit 01b1ae3
- net/mlx5: Clear port select structure when fail to create (bsc#1236694 CVE-2025-21675)
- commit 97050c4
- mptcp: fix TCP options overflow. (bsc#1235914 CVE-2024-57882)
- commit bfacfe0
- mptcp: pm: Fix uaf in __timer_delete_sync (bsc#1231088 CVE-2024-46858)
- commit 2b80245
- kABI fix for net: defer final 'struct net' free in netns
dismantle (CVE-2024-56658 bsc#1235441)
- commit fd18f29
- net: defer final 'struct net' free in netns dismantle
(CVE-2024-56658 bsc#1235441).
- commit 5df7b43
- net: mana: Add get_link and get_link_ksettings in ethtool
(bsc#1236761).
- commit 037abed
- virtio-mem: check if the config changed before fake offlining memory
(git-fixes).
- commit 7c5b67f
- virtio-mem: keep retrying on offline_and_remove_memory() errors in Sub Block Mode (SBM)
(git-fixes).
- commit 50036f1
- virtio-mem: convert most offline_and_remove_memory() errors to -EBUSY
(git-fixes).
- commit cf4a9ad
- virtio-mem: remove unsafe unplug in Big Block Mode (BBM)
(git-fixes).
- commit 7506a2e
- media: ov08x40: Fix hblank out of range issue (git-fixes).
- commit 6e44a14
- media: firewire: firedtv-avc.c: replace BUG with proper,
error return (git-fixes).
- commit 658942c
- media: dvb: mb86a16: check the return value of mb86a16_read()
(git-fixes).
- commit fc29200
- tty: xilinx_uartps: split sysrq handling (git-fixes).
- commit 1d9d1fd
- cifs: fix potential null pointer use in destroy_workqueue in
init_cifs error path (bsc#1231432).
- commit 21eeced
- smb: cached directories can be more than root file handle
(bsc#1231432).
- commit 2629c95
- smb3: retrying on failed server close (bsc#1231432).
- commit f1f31c8
- smb: prevent use-after-free due to open_cached_dir error paths
(bsc#1231432, bsc#1234896, CVE-2024-53177).
- commit 741a327
- smb: Don't leak cfid when reconnect races with open_cached_dir
(bsc#1231432, bsc#1234895, CVE-2024-53178).
- commit e22906f
- smb3: request handle caching when caching directories
(bsc#1231432).
- commit 186ab6d
- cifs: new mount option called retrans (bsc#1231432).
- commit 000ea56
- cifs: open_cached_dir should not rely on primary channel
(bsc#1231432).
- commit 056e43b
- cifs: commands that are retried should have replay flag set
(bsc#1231432).
- commit d12c685
- cifs: helper function to check replayable error codes
(bsc#1231432).
- commit 4a4d52e
- smb: client: extend smb2_compound_op() to accept more commands
(bsc#1231432).
- commit e198fe7
- smb: client: reduce stack usage in smb2_query_info_compound()
(bsc#1231432).
- commit 267f6c8
- smb: client: parse reparse point flag in create response
(bsc#1231432).
- commit 1f48f01
- smb: client: make smb2_compound_op() return resp buffer on
success (bsc#1231432).
- commit 14ca1d2
- smb: client: move some params to cifs_open_info_data
(bsc#1231432).
- commit e3cf607
- smb: client: fix OOB in SMB2_query_info_init() (bsc#1231432).
- commit 1ebc808
- mm/compaction: fix UBSAN shift-out-of-bounds warning (git fixes
(mm/compaction)).
- commit 6473a2a
- vfio/pci: Lock external INTx masking ops (bsc#1222803).
- commit 8c537c0
- gtp: Destroy device along with udp socket's netns dismantle
(CVE-2025-21678 bsc#1236698).
- gtp: Use for_each_netdev_rcu() in gtp_genl_dump_pdp()
(git-fixes).
- net: mana: Cleanup "mana" debugfs dir after cleanup of all
children (bsc#1236760).
- r8169: enable SG/TSO on selected chip versions per default
(bsc#1235874).
- net: mana: Enable debugfs files for MANA device (bsc#1236758).
- net: netvsc: Update default VMBus channels (bsc#1236757).
- commit 2caa23f
- cpufreq: imx6q: Don't disable 792 Mhz OPP unnecessarily
(git-fixes).
- cpufreq: imx6q: don't warn for disabling a non-existing
frequency (git-fixes).
- commit 42b12da
- Update
patches.suse/nvme-tcp-Fix-I-O-queue-cpu-spreading-for-multiple-co.patch
(git-fixes bsc#1224049).
- commit 6783feb
- cpufreq: qcom-nvmem: fix memory leaks in probe error paths
(git-fixes).
- commit 3d6407c
- cpufreq: qcom-nvmem: Enable virtual power domain devices
(git-fixes).
- commit b63737d
- xfs: Add error handling for xfs_reflink_cancel_cow_range
(git-fixes).
- commit 1aaaa62
- xfs: Propagate errors from xfs_reflink_cancel_cow_range in
xfs_dax_write_iomap_end (git-fixes).
- commit f8ad9a2
- net/mlx5e: Fix inversion dependency warning while enabling
IPsec tunnel (CVE-2025-21674 bsc#1236688).
- net: fec: handle page_pool_dev_alloc_pages error (CVE-2025-21676
bsc#1236696).
- eth: bnxt: always recalculate features after XDP clearing,
fix null-deref (CVE-2025-21682 bsc#1236703).
- commit a806d7c
- cpufreq: qcom-nvmem: Simplify driver data allocation
(stable-fixes).
- commit dc928a8
- NFSv4.2: mark OFFLOAD_CANCEL MOVEABLE (git-fixes).
- commit 151b149
- NFSv4.2: fix COPY_NOTIFY xdr buf size calculation (git-fixes).
- commit b286575
- ubifs: skip dumping tnc tree when zroot is null (git-fixes).
- commit f58c1e4
- afs: Fix the fallback handling for the YFS.RemoveFile2 RPC call
(git-fixes).
- commit a1514a4
- afs: Fix cleanup of immediately failed async calls (git-fixes).
- commit addff98
- afs: Fix directory format encoding struct (git-fixes).
- commit 595632c
- afs: Fix EEXIST error returned from afs_rmdir() to be ENOTEMPTY
(git-fixes).
- commit 39c4f67
- gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag
(git-fixes).
- commit e9c67fd
- nilfs2: fix possible int overflows in nilfs_fiemap()
(git-fixes).
- commit 2d81bbb
- ipv4: ip_tunnel: Fix suspicious RCU usage warning in
ip_tunnel_find() (CVE-2024-50304 bsc#1233522).
- commit 0aac3e1
- arm64: dts: rockchip: increase gmac rx_delay on rk3399-puma (git-fixes)
- commit 6bedda5
- arm64: tegra: Fix Tegra234 PCIe interrupt-map (git-fixes)
- commit 5678238
- arm64: tegra: Disable Tegra234 sce-fabric node (git-fixes)
- commit 3ba529a
- arm64: tegra: Fix typo in Tegra234 dce-fabric compatible (git-fixes)
- commit fe1f6b4
- arm64: Filter out SVE hwcaps when FEAT_SVE isn't implemented (git-fixes)
- commit 79b2b46
- netfilter: nft_payload: sanitize offset and length before
calling skb_checksum() (CVE-2024-50251 bsc#1233248).
- commit d7e2f51
- net: fix crash when config small gso_max_size/gso_ipv4_max_size
(CVE-2024-50258 bsc#1233221 CVE-2024-50258 bsc#1233221).
- commit a93195b
- arm64/sme: Move storage of reg_smidr to __cpuinfo_store_cpu() (git-fixes)
- commit 43c09a7
- arm64: Kconfig: Make SME depend on BROKEN for now (git-fixes bsc#1236245)
Update arm64 default configuration file
- commit 1003b05
- arm64: dts: rockchip: Add sdmmc/sdio/emmc reset controls for RK3328 (git-fixes)
- commit cbbcd61
- net: inet6: do not leave a dangling sk pointer in inet6_create()
(CVE-2024-56600 bsc#1235217).
- commit d23e8d7
- printk: Defer legacy printing when holding printk_cpu_sync
(bsc#1236733).
- commit 8ea5df4
- printk: Add is_printk_legacy_deferred() (bsc#1236733).
- commit 15926fc
- nvme: fix bogus kzalloc() return check in
nvme_init_effects_log() (git-fixes).
- commit ab15bce
- scsi: storvsc: Ratelimit warning logs to prevent VM denial of
service (git-fixes).
- hyperv: Do not overlap the hvcall IO areas in get_vtl()
(git-fixes).
- commit 20e731b
- nvme: Add error path for xa_store in nvme_init_effects
(git-fixes).
- nvme: Add error check for xa_store in nvme_get_effects_log
(git-fixes).
- nvme-tcp: Fix I/O queue cpu spreading for multiple controllers
(git-fixes).
- nvmet: propagate npwg topology (git-fixes).
- commit f7cc3e5
- usbnet: ipheth: fix DPE OoB read (git-fixes).
- commit 9d2e9a7
- usbnet: ipheth: break up NCM header size computation
(git-fixes).
- commit 2cdc4a6
- usbnet: ipheth: refactor NCM datagram loop (git-fixes).
- commit aade1ad
- workqueue: Add rcu lock check at the end of work item execution
(bsc#1236732).
- commit 4c72d5a
- Move upstreamed sound patch into sorted section
- commit ca47985
- Input: atkbd - map F23 key to support default copilot shortcut
(stable-fixes).
- Input: xpad - add unofficial Xbox 360 wireless receiver clone
(stable-fixes).
- Input: xpad - add support for wooting two he (arm)
(stable-fixes).
- Input: xpad - improve name of 8BitDo controller 2dc8:3106
(stable-fixes).
- Input: xpad - add QH Electronics VID/PID (stable-fixes).
- Input: xpad - add support for Nacon Evol-X Xbox One Controller
(stable-fixes).
- Input: xpad - add support for Nacon Pro Compact (stable-fixes).
- hwmon: (drivetemp) Set scsi command timeout to 10s
(stable-fixes).
- drm/amd/display: Use HW lock mgr for PSR1 (stable-fixes).
- seccomp: Stub for !CONFIG_SECCOMP (stable-fixes).
- ASoC: samsung: Add missing depends on I2C (git-fixes).
- ASoC: samsung: Add missing selects for MFD_WM8994
(stable-fixes).
- ASoC: wm8994: Add depends on MFD core (stable-fixes).
- ata: libata-core: Set ATA_QCFLAG_RTF_FILLED in fill_result_tf()
(stable-fixes).
- commit c243755
- ASoC: acp: Support microphone from Lenovo Go S (stable-fixes).
- ALSA: usb-audio: Add delay quirk for iBasso DC07 Pro
(stable-fixes).
- commit 7bec8fa
- kconfig: fix file name in warnings when loading
KCONFIG_DEFCONFIG_LIST (git-fixes).
- genksyms: fix memory leak when the same symbol is read from
* .symref file (git-fixes).
- genksyms: fix memory leak when the same symbol is added from
source (git-fixes).
- ASoC: rockchip: i2s_tdm: Re-add the set_sysclk callback
(git-fixes).
- commit 472aca3
- kABI workaround for struct auto_pin_cfg_item change (git-fixes).
- commit 43b97fb
- ALSA: hda: Fix headset detection failure due to unstable sort
(git-fixes).
- commit 6dcca9b
- blacklist.conf: Not affected by CVE-2024-44932 and CVE-2024-44964
- Delete
patches.suse/idpf-fix-UAFs-when-destroying-the-queues.patch.
- Delete
patches.suse/idpf-fix-memory-leaks-and-crashes-while-performing-a.patch.
This fixes bsc#1236628
- commit 3ac3069
- kcsan: Turn report_filterlist_lock into a raw_spinlock
(CVE-2024-56610 bsc#1235390).
- commit d41073a
- io_uring/eventfd: ensure io_eventfd_signal() defers another
RCU period (CVE-2025-21655 bsc#1236163).
- commit 4487b43
- Refresh
patches.suse/io_uring-check-for-overflows-in-io_pin_pages.patch.
There was an error on my backport of this patch that caused an Oops as
soon as a pbuf is registered.
- commit 83010fb
- cpuidle: Avoid potential overflow in integer multiplication
(git-fixes).
- commit 0568366
- cpufreq: intel_pstate: Make hwp_notify_lock a raw spinlock
(git-fixes).
- commit ade7f79
- cpufreq: amd-pstate: remove global header file (git-fixes).
- commit be74a4f
- mm/rodata_test: use READ_ONCE() to read const variable
(git-fixes).
- commit 915b6ed
- cpufreq: intel_pstate: Use HWP to initialize ITMT if CPPC is
missing (git-fixes).
- commit 1e10ad3
- cpufreq: intel_pstate: fix pstate limits enforcement for
adjust_perf call back (git-fixes).
- commit dd83446
- cpufreq: ACPI: Fix max-frequency computation (git-fixes).
- commit 54e5cf5
- cpufreq: Don't unregister cpufreq cooling on CPU hotplug
(git-fixes).
- commit d893e3e
- rtc: zynqmp: Fix optional clock name property (git-fixes).
- rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read
(git-fixes).
- PM: hibernate: Add error handling for syscore_suspend()
(git-fixes).
- Bluetooth: L2CAP: accept zero as a special value for MTU
auto-selection (git-fixes).
- Bluetooth: btnxpuart: Fix glitches seen in dual A2DP streaming
(git-fixes).
- usbnet: ipheth: use static NDP16 location in URB (git-fixes).
- usbnet: ipheth: check that DPE points past NCM header
(git-fixes).
- usbnet: ipheth: fix possible overflow in DPE length check
(git-fixes).
- net: usb: rtl8150: enable basic endpoint checking (git-fixes).
- net: phy: c45-tjaxx: add delay between MDIO write and read in
soft_reset (git-fixes).
- net: rose: fix timer races against user threads (git-fixes).
- NFC: nci: Add bounds checking in nci_hci_create_pipe()
(git-fixes).
- docs: power: Fix footnote reference for Toshiba Satellite
P10-554 (git-fixes).
- gpio: mxc: remove dead code after switch to DT-only (git-fixes).
- pm:cpupower: Add missing powercap_set_enabled() stub function
(git-fixes).
- commit d7c0bf6
- io_uring: check for overflows in io_pin_pages (CVE-2024-53187
bsc#1234947).
- commit 5155778
- brd: defer automatic disk creation until module initialization
succeeds (CVE-2024-56693 bsc#1235418).
- commit b6cdeb6
- powerpc/pseries/eeh: Fix get PE state translation (bsc#1215199).
- commit b41af30
- ALSA: hda/realtek: Workaround for resume on Dell Venue 11 Pro
7130 (bsc#1235686).
- commit 63a2d06
- Correct typos in patch-mainline versions in previous patches
- commit 9e305bb
- dmaengine: ti: edma: fix OF node reference leaks in edma_driver
(git-fixes).
- regulator: core: Add missing newline character (git-fixes).
- commit a55a5c7
- Delete patches.suse/iommu-arm-smmu-Defer-probe-of-clients-after-smmu-dev.patch
Reverted upstream by 97cb1fa02726 iommu/arm-smmu: Retire probe deferral
workaround.
- commit 2dda00e
- virtio-blk: don't keep queue frozen during system suspend
(CVE-2024-57946 bsc#1236247).
- commit bc49326
- netfilter: x_tables: fix LED ID check in led_tg_check()
(CVE-2024-56650 bsc#1235430).
- commit e2ba4f9
- netfilter: nf_tables: validate family when identifying table
via handle (bsc#1233778 ZDI-24-1454).
- commit 8a5e7e8
- tpm: send_data: Wait longer for the TPM to become ready
(bsc#1235870).
- commit 564c005
- driver core: class: Fix wild pointer dereferences in API
class_dev_iter_next() (git-fixes).
- devcoredump: cleanup some comments (git-fixes).
- serial: sh-sci: Do not probe the serial port if its slot in
sci_ports[] is in use (git-fixes).
- serial: sh-sci: Drop __initdata macro for port_cfg (git-fixes).
- serial: 8250: Adjust the timeout for FIFO mode (git-fixes).
- commit 3ee6c35
- VFS: use system_unbound_wq for delayed_mntput (bsc#1234683).
- commit 8e0a712
- RDMA/mlx5: Fix implicit ODP use after free (git-fixes)
- commit 45ca433
- RDMA/mlx5: Fix a race for an ODP MR which leads to CQE with error (git-fixes)
- commit 2c0d67d
- RDMA/rxe: Fix the warning "__rxe_cleanup+0x12c/0x170 [rdma_rxe]" (git-fixes)
- commit d370cc3
- RDMA/mlx5: Fix indirect mkey ODP page count (git-fixes)
- commit fffca3b
- RDMA/bnxt_re: Fix to drop reference to the mmap entry in case of error (git-fixes)
- commit 95b5d71
- RDMA/srp: Fix error handling in srp_add_port (git-fixes)
- commit d17536e
- RDMA/rxe: Fix mismatched max_msg_sz (git-fixes)
- commit 0c1e11b
- rdma/cxgb4: Prevent potential integer overflow on 32bit (git-fixes)
- commit c001bb0
- RDMA/mlx4: Avoid false error about access to uninitialized gids array (git-fixes)
- commit 61636fb
- RDMA/bnxt_re: Fix to export port num to ib_query_qp (git-fixes)
- commit 14d9179
- rcu/tree: Defer setting of jiffies during stall reset (git-fixes)
- commit 97d4114
- rcu-tasks: Pull sampling of ->percpu_dequeue_lim out of loop (git-fixes)
- commit 46965f9
- srcu: Only accelerate on enqueue time (git-fixes)
- commit 61de5d1
- srcu: Fix srcu_struct node grpmask overflow on 64-bit systems (git-fixes)
- commit 2ff5969
- rcu: Eliminate rcu_gp_slow_unregister() false positive (git-fixes)
- commit 0aacfbc
- rcu: Dump memory object info if callback function is invalid (git-fixes)
- commit a054e16
- rcuscale: Move rcu_scale_writer() (git-fixes)
- commit f5a8f5c
- README.BRANCH: Update maintainers
- commit 41fd1b2
- PCI: microchip: Set inbound address translation for coherent
or non-coherent mode (git-fixes).
- PCI: imx6: Deassert apps_reset in imx_pcie_deassert_core_reset()
(git-fixes).
- PCI: imx6: Skip controller_id generation logic for i.MX7D
(git-fixes).
- PCI: endpoint: pci-epf-test: Fix check for DMA MEMCPY test
(git-fixes).
- PCI: dwc: ep: Prevent changing BAR size/flags in
pci_epc_set_bar() (git-fixes).
- PCI: dwc: ep: Write BAR_MASK before iATU registers in
pci_epc_set_bar() (git-fixes).
- genirq: Make handle_enforce_irqctx() unconditionally available
(git-fixes).
- commit 9d69135
- x86/mm: Carve out INVLPG inline asm for use by others (git-fixes).
- commit af61fc0
- x86/amd_nb: Fix compile-testing without CONFIG_AMD_NB (git-fixes).
- commit 1b67735
- x86/cpu: Add Lunar Lake to list of CPUs with a broken MONITOR implementation (git-fixes).
- commit a22f80f
- x86/asm: Make serialize() always_inline (git-fixes).
- commit 7e805b9
- ibmvnic: Free any outstanding tx skbs during scrq reset
(bsc#1226980).
- commit 82833f0
- drm/v3d: Assign job pointer to NULL before signaling the fence
(git-fixes).
- iio: light: as73211: fix channel handling in only-color
triggered buffer (git-fixes).
- intel_th: core: fix kernel-doc warnings (git-fixes).
- bus: mhi: host: Free mhi_buf vector inside
mhi_alloc_bhie_table() (git-fixes).
- iio: iio-mux: kzalloc instead of devm_kzalloc to ensure page
alignment (git-fixes).
- iio: adc: ad_sigma_delta: Handle CS assertion as intended in
ad_sd_read_reg_raw() (git-fixes).
- misc: fastrpc: Fix copy buffer page size (git-fixes).
- misc: fastrpc: Fix registered buffer page address (git-fixes).
- misc: fastrpc: Deregister device nodes properly in error
scenarios (git-fixes).
- VMCI: fix reference to ioctl-number.rst (git-fixes).
- drivers/card_reader/rtsx_usb: Restore interrupt based detection
(git-fixes).
- uio: uio_dmem_genirq: check the return value of devm_kasprintf()
(git-fixes).
- uio: Fix return value of poll (git-fixes).
- misc: misc_minor_alloc to use ida for all dynamic/misc dynamic
minors (git-fixes).
- Revert "usb: gadget: u_serial: Disable ep before setting port to
null to fix the crash caused by port being null" (stable-fixes).
- USB: serial: quatech2: fix null-ptr-deref in
qt2_process_read_urb() (git-fixes).
- usb: typec: tcpm: set SRC_SEND_CAPABILITIES timeout to
PD_T_SENDER_RESPONSE (git-fixes).
- usb: host: xhci-plat: Assign shared_hcd->rsrc_start (git-fixes).
- usb: dwc3-am62: Fix an OF node leak in phy_syscon_pll_refclk()
(git-fixes).
- usb: gadget: f_tcm: Don't prepare BOT write request twice
(git-fixes).
- usb: gadget: f_tcm: ep_autoconfig with fullspeed endpoint
(git-fixes).
- usb: gadget: f_tcm: Fix Get/SetInterface return value
(git-fixes).
- usb: gadget: f_tcm: Decrement command ref count on cleanup
(git-fixes).
- usb: gadget: f_tcm: Translate error to sense (git-fixes).
- usb: gadget: f_tcm: Don't free command immediately (git-fixes).
- power: ip5xxx_power: Fix return value on ADC read errors
(git-fixes).
- pps: add an error check in parport_attach (git-fixes).
- pps: remove usage of the deprecated ida_simple_xx() API
(stable-fixes).
- commit 15d6406
- Move upstreamed lpfc patches into sorted section
- commit c33f2a8
- Revert 0dd78566990 ("Disable ceph (jsc#PED-7242)")
Apparently, jsc#PED-7242 is only deprecate ceph for 15-SP6 and
disable for 15-SP7.
Revert the disabling.
- commit 4573861
- padata: add pd get/put refcnt helper (git-fixes).
- commit c209bf7
- padata: avoid UAF for reorder_work (git-fixes).
- padata: fix UAF in padata_reorder (git-fixes).
- commit 9cec1e0
- net: stmmac: dwmac-tegra: Read iommu stream id from device tree
(CVE-2025-21663 bsc#1236260).
- commit fc91755
- selftests/mm/cow: modify the incorrect checking parameters
(git-fixes).
- maple_tree: simplify split calculation (git-fixes).
- latencytop: use correct kernel-doc format for func params
(git-fixes).
- lib/inflate.c: remove dead code (git-fixes).
- commit 2970302
- remoteproc: core: Fix ida_free call while not allocated
(git-fixes).
- mtd: spinand: Remove write_enable_op() in markbad() (git-fixes).
- mtd: onenand: Fix uninitialized retlen in do_otp_read()
(git-fixes).
- PCI: rcar-ep: Fix incorrect variable used when calling
devm_request_mem_region() (git-fixes).
- PCI: dwc: Always stop link in the dw_pcie_suspend_noirq
(git-fixes).
- PCI: endpoint: pci-epf-test: Set dma_chan_rx pointer to NULL
on error (git-fixes).
- PCI: endpoint: Finish virtual EP removal in
pci_epf_remove_vepf() (git-fixes).
- PCI: endpoint: Destroy the EPC device in devm_pci_epc_destroy()
(git-fixes).
- PCI: Avoid putting some root ports into D3 on TUXEDO Sirius Gen1
(git-fixes).
- media: dvb-usb-v2: af9035: fix ISO C90 compilation error on
af9035_i2c_master_xfer (git-fixes).
- staging: media: imx: fix OF node leak in
imx_media_add_of_subdevs() (git-fixes).
- media: nxp: imx8-isi: fix v4l2-compliance test errors
(git-fixes).
- media: uvcvideo: Propagate buf->error to userspace (git-fixes).
- media: uvcvideo: Remove dangling pointers (git-fixes).
- media: uvcvideo: Remove redundant NULL assignment (git-fixes).
- media: uvcvideo: Only save async fh if success (git-fixes).
- media: uvcvideo: Support partial control reads (git-fixes).
- media: uvcvideo: Fix event flags in uvc_ctrl_send_events
(git-fixes).
- media: uvcvideo: Fix double free in error path (git-fixes).
- media: uvcvideo: Fix crash during unbind if gpio unit is in use
(git-fixes).
- staging: media: max96712: fix kernel oops when removing module
(git-fixes).
- media: camif-core: Add check for clk_enable() (git-fixes).
- media: mipi-csis: Add check for clk_enable() (git-fixes).
- media: ov5640: fix get_light_freq on auto (git-fixes).
- media: mc: fix endpoint iteration (git-fixes).
- media: i2c: ov9282: Correct the exposure offset (git-fixes).
- media: ccs: Fix cleanup order in ccs_probe() (git-fixes).
- media: imx296: Add standby delay during probe (git-fixes).
- media: i2c: imx412: Add missing newline to prints (git-fixes).
- media: ccs: Clean up parsed CCS static data on parse failure
(git-fixes).
- media: ccs: Fix CCS static data parsing for large block sizes
(git-fixes).
- media: marvell: Add check for clk_enable() (git-fixes).
- media: lmedm04: Handle errors for lme2510_int_read (git-fixes).
- media: rc: iguanair: handle timeouts (git-fixes).
- media: rkisp1: Fix unused value issue (git-fixes).
- media: imx-jpeg: Fix potential error pointer dereference in
detach_pm() (git-fixes).
- commit 059dbb0
- ALSA: hda/realtek: Enable Mute LED on HP Laptop 14s-fq1xxx
(stable-fixes).
- ALSA: usb-audio: Add delay quirk for USB Audio Device
(stable-fixes).
- ALSA: hda/realtek: Enable headset mic on Positivo C6400
(stable-fixes).
- commit 744cb45
- mailbox: tegra-hsp: Clear mailbox before using message
(git-fixes).
- soc: qcom: socinfo: Avoid out of bounds read of serial number
(git-fixes).
- soc: qcom: smem_state: fix missing of_node_put in error path
(git-fixes).
- soc: mediatek: mtk-devapc: Fix leaking IO map on error paths
(git-fixes).
- memory: tegra20-emc: fix an OF node reference bug in
tegra_emc_find_node_by_ram_code() (git-fixes).
- soc: atmel: fix device_node release in atmel_soc_device_init()
(git-fixes).
- fbdev: omapfb: Fix an OF node leak in
dss_of_port_get_parent_device() (git-fixes).
- ASoC: Intel: avs: Fix theoretical infinite loop (git-fixes).
- ASoC: sun4i-spdif: Add clock multiplier settings (git-fixes).
- ALSA: hda/realtek - Fixed headphone distorted sound on Acer
Aspire A115-31 laptop (git-fixes).
- crypto: iaa - Fix IAA disabling that occurs when sync_mode is
set to 'async' (git-fixes).
- crypto: ixp4xx - fix OF node reference leaks in
init_ixp_crypto() (git-fixes).
- crypto: qce - fix priority to be less than ARMv8 CE (git-fixes).
- crypto: qce - unregister previously registered algos in error
path (git-fixes).
- crypto: qce - fix goto jump in error path (git-fixes).
- crypto: caam - use JobR's space to access page 0 regs
(git-fixes).
- pinctrl: amd: Take suspend type into consideration which pins
are non-wake (git-fixes).
- pinctrl: samsung: fix fwnode refcount cleanup if
platform_get_irq_optional() fails (git-fixes).
- commit b034543
- Move upstreamed ppc patch into sorted section
- commit d058975
- Move upstreamed TPM patch into sorted section
- commit ccb7b48
- octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_ethtool.c (CVE-2024-56728 bsc#1235656)
- commit acc444a
- octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_flows.c (CVE-2024-56727 bsc#1235583)
- commit b6e61cf
- octeontx2-pf: handle otx2_mbox_get_rsp errors in cn10k.c (CVE-2024-56726 bsc#1235582)
- commit ac2994c
- octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dcbnl.c (CVE-2024-56725 bsc#1235578)
- commit 4f995f2
- octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dmac_flt.c (CVE-2024-56707 bsc#1235545)
- commit 67e8754
- octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_common.c (CVE-2024-56679 bsc#1235498)
- commit becbeeb
- drm/amd/display: Fix out-of-bounds access in 'dcn21_link_encoder_create' (CVE-2024-56608 bsc#1235487)
- commit df4e9dd
- dm thin: make get_first_thin use rcu-safe list first function (CVE-2025-21664 bsc#1236262)
- commit 83d356e
- selinux: ignore unknown extended permissions (CVE-2024-57931 bsc#1236192)
- commit 4334198
- net_sched: cls_flow: validate TCA_FLOW_RSHIFT attribute (CVE-2025-21653 bsc#1236161)
- commit 9089d3b
- ipvlan: Fix use-after-free in ipvlan_get_iflink() (CVE-2025-21652 bsc#1236160)
- commit 8201e7e
- net/sctp: Prevent autoclose integer overflow in sctp_association_init() (CVE-2024-57938 bsc#1236182)
- commit 338cf1f
- topology: Keep the cpumask unchanged when printing cpumap (CVE-2024-57917 bsc#1236127)
- commit 1d17273
- mm: vmscan: account for free pages to prevent infinite Loop in throttle_direct_reclaim() (CVE-2024-57884 bsc#1235948)
- commit abc82c3
- netrom: check buffer length before accessing it (CVE-2024-57802 bsc#1235941)
- commit 606eed5
- ionic: Fix netdev notifier unregister on failure (CVE-2024-56715 bsc#1235612)
- commit 28b55e0
- sched/fair: Fix value reported by hot tasks pulled in
/proc/schedstat -kabi (bsc#1235865).
- commit a0069bc
- wifi: ath12k: fix tx power, max reg power update to firmware
(git-fixes).
- wifi: mt76: mt7996: fix ldpc setting (git-fixes).
- wifi: mt76: mt7996: fix definition of tx descriptor (git-fixes).
- wifi: mt76: mt7996: fix incorrect indexing of MIB FW event
(git-fixes).
- wifi: mt76: mt7996: fix HE Phy capability (git-fixes).
- wifi: mt76: mt7996: fix the capability of reception of EHT MU
PPDU (git-fixes).
- wifi: mt76: mt7996: add max mpdu len capability (git-fixes).
- wifi: mt76: mt7996: fix register mapping (git-fixes).
- wifi: mt76: mt7915: fix register mapping (git-fixes).
- wifi: mt76: mt7915: firmware restart on devices with a second
pcie link (git-fixes).
- wifi: mt76: mt7996: fix rx filter setting for bfee functionality
(git-fixes).
- wifi: mt76: mt7915: fix overflows seen when writing limit
attributes (git-fixes).
- wifi: mt76: mt7996: fix overflows seen when writing limit
attributes (git-fixes).
- wifi: mt76: mt7915: add module param to select 5 GHz or 6 GHz
on MT7916 (git-fixes).
- wifi: mt76: mt7921: fix using incorrect group cipher after
disconnection (git-fixes).
- wifi: mt76: mt76u_vendor_request: Do not print error messages
when -EPROTO (git-fixes).
- commit f15e8b4
- tools: Sync if_xdp.h uapi tooling header (git-fixes).
- selftests/landlock: Fix error message (git-fixes).
- selftests: harness: fix printing of mismatch values in
__EXPECT() (git-fixes).
- spi: zynq-qspi: Add check for clk_enable() (git-fixes).
- wifi: mt76: mt7915: Fix mesh scan on MT7916 DBDC (git-fixes).
- wifi: mt76: mt7925: fix off by one in mt7925_load_clc()
(git-fixes).
- wifi: rtw89: mcc: consider time limits not divisible by 1024
(git-fixes).
- wifi: rtlwifi: rtl8821ae: Fix media status report (git-fixes).
- wifi: cfg80211: adjust allocation of colocated AP data
(git-fixes).
- wifi: mac80211: don't flush non-uploaded STAs (git-fixes).
- wifi: mac80211: Fix common size calculation for ML element
(git-fixes).
- wifi: mac80211: fix tid removal during mesh forwarding
(git-fixes).
- wifi: mac80211: prohibit deactivating all links (git-fixes).
- wifi: iwlwifi: fw: read STEP table from correct UEFI var
(git-fixes).
- wifi: wlcore: fix unbalanced pm_runtime calls (git-fixes).
- wifi: rtlwifi: pci: wait for firmware loading before releasing
memory (git-fixes).
- wifi: rtlwifi: fix memory leaks and invalid access at probe
error path (git-fixes).
- wifi: rtlwifi: destroy workqueue at rtl_deinit_core (git-fixes).
- wifi: rtlwifi: remove unused check_buddy_priv (git-fixes).
- wifi: rtlwifi: usb: fix workqueue leak when probe fails
(git-fixes).
- wifi: rtlwifi: fix init_sw_vars leak when probe fails
(git-fixes).
- wifi: rtlwifi: wait for firmware loading before releasing memory
(git-fixes).
- wifi: rtlwifi: rtl8192se: rise completion of firmware loading
as last step (git-fixes).
- wifi: rtlwifi: do not complete firmware loading needlessly
(git-fixes).
- wifi: rtlwifi: rtl8821ae: phy: restore removed code to fix
infinite loop (git-fixes).
- wifi: brcmfmac: add missing header include for brcmf_dbg
(git-fixes).
- wifi: ath11k: cleanup struct ath11k_mon_data (git-fixes).
- wifi: wcn36xx: fix channel survey memory allocation size
(git-fixes).
- wifi: ath11k: Fix unexpected return buffer manager error for
WCN6750/WCN6855 (git-fixes).
- selinux: Fix SCTP error inconsistency in selinux_socket_bind()
(git-fixes).
- commit 40f350b
- ktest.pl: Fix typo "accesing" (git-fixes).
- ktest.pl: Fix typo in comment (git-fixes).
- ktest.pl: Remove unused declarations in run_bisect_test function
(git-fixes).
- ktest.pl: Check kernelrelease return in get_version (git-fixes).
- landlock: Handle weird files (git-fixes).
- samples/landlock: Fix possible NULL dereference in parse_path()
(git-fixes).
- selftests: timers: clocksource-switch: Adapt progress to
kselftest framework (git-fixes).
- selftest: media_tests: fix trivial UAF typo (git-fixes).
- Input: davinci-keyscan - remove leftover header (git-fixes).
- HID: core: Fix assumption that Resolution Multipliers must be
in Logical Collections (git-fixes).
- HID: fix generic desktop D-Pad controls (git-fixes).
- HID: hid-thrustmaster: Fix warning in thrustmaster_probe by
adding endpoint check (git-fixes).
- HID: multitouch: fix support for Goodix PID 0x01e9 (git-fixes).
- Revert "HID: multitouch: Add support for lenovo Y9000P Touchpad"
(stable-fixes).
- ipmi: ssif_bmc: Fix new request loss when bmc ready for a
response (git-fixes).
- ipmi: ipmb: Add check devm_kasprintf() returned value
(git-fixes).
- pwm: stm32: Add check for clk_enable() (git-fixes).
- pwm: stm32-lp: Add check for clk_enable() (git-fixes).
- leds: netxbig: Fix an OF node reference leak in
netxbig_leds_get_of_pdata() (git-fixes).
- leds: lp8860: Write full EEPROM, not only half of it
(git-fixes).
- HID: hid-sensor-hub: don't use stale platform-data on remove
(git-fixes).
- regulator: of: Implement the unwind path of of_regulator_match()
(git-fixes).
- net/rose: prevent integer overflows in rose_setsockopt()
(git-fixes).
- drm/msm: don't clean up priv->kms prematurely (git-fixes).
- selftests/powerpc: Fix argument order to timer_sub()
(git-fixes).
- selftests/alsa: Fix circular dependency involving global-timer
(stable-fixes).
- ktest.pl: Avoid false positives with grub2 skip regex
(stable-fixes).
- ktest: force $buildonly = 1 for 'make_warnings_file' test type
(stable-fixes).
- commit 3e5bf1b
- drm/msm: Check return value of of_dma_configure() (git-fixes).
- drm/msm/dpu: link DSPP_2/_3 blocks on SM8550 (git-fixes).
- drm/msm/dpu: link DSPP_2/_3 blocks on SM8350 (git-fixes).
- drm/msm/dpu: link DSPP_2/_3 blocks on SM8250 (git-fixes).
- drm/msm/dpu: link DSPP_2/_3 blocks on SC8180X (git-fixes).
- drm/msm/dpu: link DSPP_2/_3 blocks on SM8150 (git-fixes).
- drm/msm/dp: set safe_to_exit_level before printing it
(git-fixes).
- drm/amdgpu: tear down ttm range manager for doorbell in
amdgpu_ttm_fini() (git-fixes).
- drm/etnaviv: Fix page property being used for non writecombine
buffers (git-fixes).
- Revert "drm/i915/dpt: Make DPT object unshrinkable"
(stable-fixes).
- drm/amdgpu: simplify return statement in amdgpu_ras_eeprom_init
(git-fixes).
- drm/amdgpu/vcn: reset fw_shared under SRIOV (git-fixes).
- drm/amdgpu: Fix potential NULL pointer dereference in
atomctrl_get_smc_sclk_range_table (git-fixes).
- drm/amd/pm: Fix an error handling path in
vega10_enable_se_edc_force_stall_config() (git-fixes).
- drm/bridge: it6505: Change definition of AUX_FIFO_MAX_SIZE
(git-fixes).
- drm/rockchip: vop2: Check linear format for Cluster windows
on rk3566/8 (git-fixes).
- drm/rcar-du: dsi: Fix PHY lock bit check (git-fixes).
- drm/rockchip: vop2: Fix the mixer alpha setup for layer 0
(git-fixes).
- drm/rockchip: vop2: Fix cluster windows alpha ctrl regsiters
offset (git-fixes).
- commit 2f1e321
- ACPI: fan: cleanup resources in the error path of .probe()
(git-fixes).
- cpupower: fix TSC MHz calculation (git-fixes).
- Bluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc
(git-fixes).
- Align git commit ID abbreviation guidelines and checks
(git-fixes).
- drm/tidss: Clear the interrupt status for interrupts being
disabled (git-fixes).
- drm/tidss: Fix issue in irq handling causing irq-flood issue
(git-fixes).
- drm/v3d: Stop active perfmon if it is being destroyed
(git-fixes).
- drm/rockchip: cdn-dp: Use drm_connector_helper_hpd_irq_event()
(git-fixes).
- commit 737a47e
- Input: bbnsm_pwrkey - add remove hook (git-fixes).
- drm/i915/fb: Relax clear color alignment to 64 bytes
(stable-fixes).
- drm/amdgpu: always sync the GFX pipe on ctx switch
(stable-fixes).
- ACPI: resource: acpi_dev_irq_override(): Check DMI match last
(stable-fixes).
- mac802154: check local interfaces before deleting sdata list
(stable-fixes).
- selftests: tc-testing: reduce rshift value (stable-fixes).
- kheaders: Ignore silly-rename files (stable-fixes).
- commit cbbd806
- Drop PCI patch that caused a regression
Deleted:
patches.suse/PCI-Use-preserve_config-in-place-of-pci_flags.patch
- commit 30fb9e7
- sched/fair: Fix value reported by hot tasks pulled in
/proc/schedstat (bsc#1235865).
- commit 9837653
- Update
patches.suse/ALSA-seq-oss-Fix-races-at-processing-SysEx-messages.patch
(stable-fixes CVE-2024-57893 bsc#1235920).
- Update
patches.suse/RDMA-bnxt_re-Fix-max-SGEs-for-the-Work-Request.patch
(git-fixes CVE-2024-57936 bsc#1236181).
- Update
patches.suse/RDMA-hns-Fix-accessing-invalid-dip_ctx-during-destro.patch
(git-fixes CVE-2024-57935 bsc#1236180).
- Update
patches.suse/RDMA-rtrs-Ensure-ib_sge-list-is-accessible.patch
(git-fixes CVE-2024-36476 bsc#1235902).
- Update
patches.suse/RDMA-uverbs-Prevent-integer-overflow-issue.patch
(git-fixes CVE-2024-57890 bsc#1235919).
- Update patches.suse/afs-Fix-the-maximum-cell-name-length.patch
(git-fixes CVE-2025-21646 bsc#1236168).
- Update
patches.suse/arm64-ptrace-fix-partial-SETREGSET-for-NT_ARM_TAGGED_ADDR_CTRL.patch
(git-fixes CVE-2024-57874 bsc#1235808).
- Update
patches.suse/cpufreq-CPPC-Fix-possible-null-ptr-deref-for-cppc_ge.patch
(git-fixes CVE-2024-53230 bsc#1235976).
- Update
patches.suse/cpufreq-CPPC-Fix-possible-null-ptr-deref-for-cpufreq.patch
(git-fixes CVE-2024-53231 bsc#1235977).
- Update
patches.suse/drm-adv7511-Fix-use-after-free-in-adv7533_attach_dsi.patch
(git-fixes CVE-2024-57887 bsc#1235952).
- Update
patches.suse/drm-amd-display-Add-check-for-granularity-in-dml-cei.patch
(stable-fixes CVE-2024-57922 bsc#1236080).
- Update
patches.suse/drm-amdkfd-Correct-the-migration-DMA-map-direction.patch
(stable-fixes CVE-2024-57897 bsc#1235969).
- Update
patches.suse/drm-dp_mst-Ensure-mst_primary-pointer-is-valid-in-dr.patch
(stable-fixes CVE-2024-57798 bsc#1235818).
- Update
patches.suse/drm-dp_mst-Fix-resetting-msg-rx-state-after-topology.patch
(git-fixes CVE-2024-57876 bsc#1235806).
- Update
patches.suse/drm-mediatek-Set-private-all_drm_private-i-drm-to-NU.patch
(git-fixes CVE-2024-57926 bsc#1236082).
- Update
patches.suse/exfat-fix-the-infinite-loop-in-exfat_readdir.patch
(git-fixes CVE-2024-57940 bsc#1236227).
- Update
patches.suse/hwmon-drivetemp-Fix-driver-producing-garbage-data-wh.patch
(git-fixes CVE-2025-21656 bsc#1236248).
- Update
patches.suse/iio-adc-at91-call-input_free_device-on-allocated-iio.patch
(git-fixes CVE-2024-57904 bsc#1236078).
- Update
patches.suse/iio-adc-rockchip_saradc-fix-information-leak-in-trig.patch
(git-fixes CVE-2024-57907 bsc#1236090).
- Update
patches.suse/iio-adc-ti-ads8688-fix-information-leak-in-triggered.patch
(git-fixes CVE-2024-57906 bsc#1236088).
- Update
patches.suse/iio-dummy-iio_simply_dummy_buffer-fix-information-le.patch
(git-fixes CVE-2024-57911 bsc#1236098).
- Update
patches.suse/iio-imu-kmx61-fix-information-leak-in-triggered-buff.patch
(git-fixes CVE-2024-57908 bsc#1236091).
- Update
patches.suse/iio-light-vcnl4035-fix-information-leak-in-triggered.patch
(git-fixes CVE-2024-57910 bsc#1236097).
- Update
patches.suse/iio-pressure-zpa2326-fix-information-leak-in-trigger.patch
(git-fixes CVE-2024-57912 bsc#1236101).
- Update
patches.suse/jffs2-Prevent-rtime-decompress-memory-corruption.patch
(git-fixes CVE-2024-57850 bsc#1235812).
- Update
patches.suse/misc-microchip-pci1xxxx-Resolve-kernel-panic-during-.patch
(git-fixes CVE-2024-57916 bsc#1236125).
- Update
patches.suse/net-wwan-t7xx-Fix-FSM-command-timeout-issue.patch
(git-fixes CVE-2024-39282 bsc#1235903).
- Update
patches.suse/netfilter-nf_tables-adapt-set-backend-to-use-G.patch
(bsc#1012628 CVE-2023-52923 bsc#1236104).
- Update patches.suse/nilfs2-prevent-use-of-deleted-inode.patch
(git-fixes CVE-2024-53690 bsc#1235842).
- Update
patches.suse/platform-x86-amd-pmc-Only-disable-IRQ1-wakeup-where-.patch
(git-fixes CVE-2025-21645 bsc#1236131).
- Update
patches.suse/powerpc-pseries-vas-Add-close-callback-in-vas_vm_ops.patch
(bsc#1234825 CVE-2024-56765 bsc#1235643).
- Update
patches.suse/s390-cpum_sf-Handle-CPU-hotplug-remove-during-sampling.patch
(git-fixes CVE-2024-57849 bsc#1235814).
- Update
patches.suse/usb-gadget-f_fs-Remove-WARN_ON-in-functionfs_bind.patch
(git-fixes CVE-2024-57913 bsc#1236102).
- Update
patches.suse/usb-gadget-u_serial-Disable-ep-before-setting-port-t.patch
(git-fixes CVE-2024-57915 bsc#1236120).
- Update
patches.suse/wifi-mac80211-fix-mbss-changed-flags-corruption-on-3.patch
(stable-fixes CVE-2024-57899 bsc#1235924).
- Update
patches.suse/workqueue-Do-not-warn-when-cancelling-WQ_MEM_RECLAIM-work-from-WQ_MEM_RECLAIM-worker.patch
(bsc#1235416 CVE-2024-57888 bsc#1235918).
- commit 56e243f
- net: inet: do not leave a dangling sk pointer in inet_create()
(CVE-2024-56601 bsc#1235230).
- commit 959586f
- usb: typec: fix pm usage counter imbalance in ucsi_ccg_sync_control() (bsc#1235001)
- commit 8b4d1ad
- usb: typec: fix potential array underflow in ucsi_ccg_sync_control() (CVE-2024-53203 bsc#1235001)
- commit 601cb11
- net: add more sanity checks to qdisc_pkt_len_init()
(CVE-2024-49948 bsc#1232161).
- commit 940829f
- bpf,perf: Fix invalid prog_array access in perf_event_detach_bpf_prog (CVE-2024-56665 bsc#1235489)
- commit b2f97f8
- gso: fix udp gso fraglist segmentation after pull from frag_list
(CVE-2024-49978 bsc#1232101).
- commit 8453570
- powerpc/powernv/pci: Remove last IODA1 defines (bsc#1220711
ltc#205755).
- powerpc/powernv/pci: Remove MVE code (bsc#1220711 ltc#205755).
- powerpc/powernv/pci: Remove ioda1 support (bsc#1220711
ltc#205755).
- commit 5733e6d
- powerpc/iommu: Move pSeries specific functions to
pseries/iommu.c (bsc#1220711 ltc#205755).
- powerpc/iommu: Only build sPAPR access functions on pSeries
(bsc#1220711 ltc#205755).
- commit 1165a9d
- ceph: improve error handling and short/overflow-read logic in
__ceph_sync_read() (bsc#1228592).
- commit b40380c
- doc/README.SUSE: Point to the updated version of LKMPG
- commit 624b259
- Input: bbnsm_pwrkey - fix missed key press after suspend
(git-fixes).
- commit 51a70b3
- x86/fpu: Ensure shadow stack is active before "getting"
registers (CVE-2025-21632 bsc#1236106).
- commit 6ea3a8f
- net: restrict SO_REUSEPORT to inet sockets (bsc#1235967 CVE-2024-57903)
- commit 0b70e79
- net: hns3: fix kernel crash when 1588 is sent on HIP08 devices (bsc#1236143 CVE-2025-21649)
- commit ab51b8f
- net/mlx5: Fix variable not being completed when function returns (bsc#1236198 CVE-2025-21662)
- commit 766ce3e
- net: hns3: fixed hclge_fetch_pf_reg accesses bar space out of
bounds issue (CVE-2025-21650 bsc#1236144).
- net: hns3: Support tlv in regs data for HNS3 VF driver
(CVE-2025-21650 bsc#1236144).
- commit d07cfee
- tracing: Prevent bad count for tracing_cpumask_write (CVE-2024-56763 bsc#1235638)
- commit b7a1a0d
- dccp: Fix memory leak in dccp_feat_change_recv (CVE-2024-56643 bsc#1235132)
- commit 13d2c8a
- iommu/arm-smmu: Defer probe of clients after smmu device bound (CVE-2024-56568 bsc#1235032)
- commit cd5e85b
- EDAC/igen6: Avoid segmentation fault on module unload (CVE-2024-56708 bsc#1235564)
- commit cbccd47
- net/smc: initialize close_work early to avoid warning (CVE-2024-56641 bsc#1235526)
- commit 075f0f7
- EDAC/{i10nm,skx,skx_common}: Support UV systems (bsc#1234693).
- commit 6767706
- net: hns3: don't auto enable misc vector (CVE-2025-21651
bsc#1236145).
- gve: guard XSK operations on the existence of queues
(CVE-2024-57933 bsc#1236178).
- gve: guard XDP xmit NDO on existence of xdp queues
(CVE-2024-57932 bsc#1236190).
- commit 4cf5801
- mm: memory-failure: remove unneeded PageHuge() check
(git-fixes).
- commit 7ff9700
- powerpc/pseries/iommu: IOMMU incorrectly marks MMIO range in DDW
(bsc#1218470 ltc#204531).
- commit 7a7f1e1
- mm/memory-failure: use raw_spinlock_t in struct
memory_failure_cpu (git-fixes).
- commit 25daa9d
- mm/memory-failure: fix crash in split_huge_page_to_list from
soft_offline_page (git-fixes).
- commit 044809f
- memory-failure: use a folio in me_huge_page() (git-fixes).
- commit a51c830
- mm/memory-failure: cast index to loff_t before shifting it
(git-fixes).
- commit 4552d04
- mm/memory-failure: check the mapcount of the precise page
(git-fixes).
- commit 08d463b
- mm/memory-failure: pass the folio and the page to
collect_procs() (git-fixes).
- commit e29780e
- mm: convert DAX lock/unlock page to lock/unlock folio
(git-fixes).
- commit 4b2c66d
- mm: memory-failure: fix potential page refcnt leak in
memory_failure() (git-fixes).
- commit 2df790d
- mm: memory-failure: fix race window when trying to get hugetlb
folio (git-fixes).
- commit fdf1377
- mm: memory-failure: fetch compound head after extra page refcnt
is held (git-fixes).
- commit dea0e54
- mm: memory-failure: ensure moving HWPoison flag to the raw
error pages (git-fixes).
- commit 8250e5e
- mm/migrate: make migrate_pages_batch() stats consistent
(git-fixes).
Refreshed:
patches.suse/mm-migrate-fix-deadlock-in-migrate_pages_batch-on-la.patch
- commit 69ecdc4
- s390/cio: rename bitmap_size() -> idset_bitmap_size()
(git-fixes bsc#1236205).
- commit 07eeeda
- s390/vfio-ap: Remove gmap_convert_to_secure() from vfio_ap_ops
(git-fixes bsc#1236203).
- commit 950d01b
- s390/iucv: fix receive buffer virtual vs physical address
confusion (git-fixes bsc#1236200).
- commit 976f377
- s390/smp,mcck: fix early IPI handling (git-fixes bsc#1236199).
- commit 686f749
- KVM: x86: Play nice with protected guests in
complete_hypercall_exit() (CVE-2024-55881 bsc#1235745).
- commit 4bd067f
- netfilter: ipset: Hold module reference while requesting a module (CVE-2024-56637 bsc#1235523)
- commit 53ff17c
- btrfs: fix use-after-free when COWing tree bock and tracing
is enabled (bsc#1235645 CVE-2024-56759).
- btrfs: flush delalloc workers queue before stopping cleaner
kthread during unmount (bsc#1235965 CVE-2024-57896).
- btrfs: rename and export __btrfs_cow_block() (bsc#1235645
CVE-2024-56759).
- btrfs: use round_down() to align block offset at
btrfs_cow_block() (bsc#1235645 CVE-2024-56759).
- btrfs: remove noinline attribute from btrfs_cow_block()
(bsc#1235645 CVE-2024-56759).
- commit 503809f
- geneve: do not assume mac header is set in geneve_xmit_skb() (CVE-2024-56636 bsc#1235520)
- commit 3073d9c
- net: avoid potential UAF in default_operstate() (CVE-2024-56635 bsc#1235519)
- commit 37cf286
- dm array: fix releasing a faulty array block twice in
dm_array_cursor_end (bsc#1236096, CVE-2024-57929).
- commit 38c0041
- net: lapb: increase LAPB_HEADER_LEN (CVE-2024-56659 bsc#1235439)
- commit e4681a0
- net: enetc: Do not configure preemptible TCs if SIs do not support (CVE-2024-56649 bsc#1235449)
- commit 4181889
- smb: Initialize cfid->tcon before performing network ops (CVE-2024-56729 bsc#1235503)
- commit fd558fd
- mm/migrate: fix kernel BUG at mm/compaction.c:2761! (git-fixes).
Refreshed: patches.suse/mm-migrate-fix-deadlock-in-migrate_pages_batch-on-la.patch
- commit 7d17ae8
- series.conf: temporarily disable upstream patch
patches.suse/ocfs2-fix-UBSAN-warning-in-ocfs2_verify_volume.patch
(bsc#1236138)
- commit 9179570
- mm/migrate: putback split folios when numa hint migration fails
(git-fixes).
- commit 0acef71
- vmscan,migrate: fix page count imbalance on node stats when
demoting pages (git-fixes).
- commit 4d259d3
- memory tiering: count PGPROMOTE_SUCCESS when mem tiering is
enabled (git-fixes).
- commit 86638ef
- mm/migrate: fix deadlock in migrate_pages_batch() on large
folios (git-fixes).
- commit a0d118b
- mm/migrate: split source folio if it is on deferred split list
(git-fixes).
- commit 0fa5f5f
- mm/migrate: correct nr_failed in migrate_pages_sync()
(git-fixes).
- commit 3743659
- mm,page_owner: don't remove __GFP_NOLOCKDEP in
add_stack_record_to_list (git-fixes).
- commit 26a8c23
- mm/page_owner: remove free_ts from page_owner output
(git-fixes).
- commit dfa6a27
- stackdepot: respect __GFP_NOLOCKDEP allocation flag (git-fixes).
- commit a04bd5d
- stackdepot: rename pool_index to pool_index_plus_1 (git-fixes).
- commit ff2e445
- lib/stackdepot: print disabled message only if truly disabled
(git-fixes).
- commit cfe7741
- RDMA/bnxt_re: Fix max SGEs for the Work Request (git-fixes)
- commit 7879380
- RDMA/bnxt_re: Fix MSN table size for variable wqe mode (git-fixes)
- commit fe21e4e
- RDMA/bnxt_re: Add send queue size check for variable wqe (git-fixes)
- commit 3178b0e
- RDMA/bnxt_re: Fix the max WQEs used in Static WQE mode (git-fixes)
- commit eeedd44
- RDMA/bnxt_re: Fix the max WQE size for static WQE support (git-fixes)
- commit a1e1198
- mm/memory_hotplug: use pfn math in place of direct struct page
manipulation (git-fixes).
- commit 120d675
- mm/memory_hotplug: add missing mem_hotplug_lock (git-fixes).
- commit 86cb612
- mm/memory_hotplug: fix error handling in add_memory_resource()
(git-fixes).
- commit 3ebdf6a
- mm/memory_hotplug: prevent accessing by index=-1 (git-fixes).
- commit c68beb1
- RDMA/bnxt_re: Add support for Variable WQE in Genp7 adapters (git-fixes)
Refresh patches:
- patches.suse/RDMA-bnxt_re-Disable-use-of-reserved-wqes.patch
- patches.suse/RDMA-bnxt_re-Fix-the-max-CQ-WQEs-for-older-adapters.patch
- commit c3e9f58
- RDMA/bnxt_re: Allow MSN table capability check (git-fixes)
Refresh patches:
- patches.suse/RDMA-bnxt_re-Fix-the-GID-table-length.patch
- patches.suse/RDMA-bnxt_re-Remove-always-true-dattr-validity-check.patch
- commit 1ac774c
- RDMA/hns: Remove unused parameters and variables (git-fixes)
Refresh patches.suse/RDMA-hns-Fix-mapping-error-of-zero-hop-WQE-buffer.patch
- commit ad435f0
- RDMA/hns: Refactor mtr find (git-fixes)
Refresh patches.suse/RDMA-hns-Use-macro-instead-of-magic-number.patch
- commit de53bbe
- bpf: Add sk_is_inet and IS_ICSK check in tls_sw_has_ctx_tx/rx
(CVE-2024-53091 bsc#1233638).
- commit 313e9b6
- ocfs2: fix slab-use-after-free due to dangling pointer dqi_priv
(bsc#1235964 CVE-2024-57892).
- ocfs2: correct return value of ocfs2_local_free_info()
(bsc#1235964 CVE-2024-57892).
- commit d27bf4b
- Revert "mtd: spi-nor: core: replace dummy buswidth from addr
to data" (git-fixes).
- hwmon: (tmp513) Fix division of negative numbers (git-fixes).
- gpio: xilinx: Convert gpio_lock to raw spinlock (git-fixes).
- i2c: rcar: fix NACK handling when being a target (git-fixes).
- i2c: mux: demux-pinctrl: check initial mux selection, too
(git-fixes).
- i2c: core: fix reference leak in i2c_register_adapter()
(git-fixes).
- USB: serial: option: add Neoway N723-EA support (stable-fixes).
- USB: serial: option: add MeiG Smart SRM815 (stable-fixes).
- USB: serial: cp210x: add Phoenix Contact UPS Device
(stable-fixes).
- usb-storage: Add max sectors quirk for Nokia 208 (stable-fixes).
- ACPI: resource: Add TongFang GM5HG0A to
irq1_edge_low_force_override[] (stable-fixes).
- ACPI: resource: Add Asus Vivobook X1504VAP to
irq1_level_low_skip_override[] (stable-fixes).
- drm/amd/display: Add check for granularity in dml ceil/floor
helpers (stable-fixes).
- drm/amd/display: increase MAX_SURFACES to the value supported
by hw (stable-fixes).
- ASoC: mediatek: disable buffer pre-allocation (stable-fixes).
- ASoC: rt722: add delay time to wait for the calibration
procedure (stable-fixes).
- commit 356d535
- KVM: arm64: Get rid of userspace_irqchip_in_use (CVE-2024-53195
bsc#1234957).
- commit 9fc6672
- cacheinfo: Allocate memory during CPU hotplug if not done from the primary CPU (bsc#1235429 CVE-2024-56617).
- commit 9e688fc
- s390/entry: Mark IRQ entries to fix stack depot warnings
(CVE-2024-57838 bsc#1235798).
- commit 17604ac
- KVM: arm64: Don't retire aborted MMIO instruction
(CVE-2024-53196 bsc#1234906).
- commit 8dbc3ed
- xen: Fix the issue of resource not being properly released in
xenbus_dev_probe() (CVE-2024-53198 bsc#1234923).
- commit aeb4569
- Refresh
patches.suse/x86-xen-don-t-do-PV-iret-hypercall-through-hypercall.patch.
- commit 745fddd
- x86/static-call: Remove early_boot_irqs_disabled check to fix
Xen PVH dom0 (git-fixes).
- commit cbe946f
- drm/v3d: Ensure job pointer is set to NULL after job completion
(git-fixes).
- drm/vmwgfx: Add new keep_resv BO param (git-fixes).
- selftests: mptcp: avoid spurious errors on disconnect
(git-fixes).
- commit 5e7e8a8
- ftrace: Fix regression with module command in stack_trace_filter
(CVE-2024-56569 bsc#1235031).
- commit fe237c2
- Move upstreamed DRM patch into sorted section
- commit 9ec91cd
- scsi: mpi3mr: Fix corrupt config pages PHY state is switched
in sysfs (CVE-2024-57804 bsc#1235779).
- block: fix uaf for flush rq while iterating tags (CVE-2024-53170
bsc#1234888).
- scsi: qedi: Fix a possible memory leak in
qedi_alloc_and_init_sb() (CVE-2024-56747 bsc#1234934).
- scsi: bfa: Fix use-after-free in bfad_im_module_exit()
(CVE-2024-53227 bsc#1235011).
- scsi: hisi_sas: Create all dump files during debugfs
initialization (CVE-2024-56588 bsc#1235123).
- commit 2865882
- RDMA/siw: Remove direct link to net_device (bsc#1235946 CVE-2024-57857)
- commit c33e2ed
- RDMA/rxe: Remove the direct link to net_device (bsc#1235906 CVE-2024-57795)
- commit 03de29b
- net/mlx5e: Skip restore TC rules for vport rep without loaded
flag (CVE-2024-57801 bsc#1235940).
- commit 2c1c8f0
- tpm: Map the ACPI provided event log (bsc#1233260 bsc#1233259
bsc#1232421).
- commit dfc801e
- Drop downstream TPM fix patch (bsc#1233260 bsc#1233259 bsc#1232421)
Deleted (to be replaced with the newer upstream fix):
patches.suse/tpm-eventlog-Limit-memory-allocations-for-event-logs.patch
- commit 39b3b52
- ALSA: hda/realtek: Add support for Galaxy Book2 Pro (NP950XEE)
(stable-fixes).
- Refresh
patches.suse/ALSA-hda-realtek-Add-support-for-Samsung-Galaxy-Book.patch.
- commit 231fb10
- ALSA: hda/realtek: Add support for Ayaneo System using CS35L41
HDA (stable-fixes).
- ALSA: hda/realtek - Add support for ASUS Zen AIO 27
Z272SD_A272SD audio (stable-fixes).
- commit 4039f17
- bpf: fix recursive lock when verdict program return SK_PASS (CVE-2024-56694 bsc#1235412)
- commit 19cb085
- bpf: fix OOB devmap writes when deleting elements (CVE-2024-56615 bsc#1235426)
- commit 2f8d474
- xsk: fix OOB map writes when deleting elements (CVE-2024-56614 bsc#1235424)
- commit 5188b69
- mm/mempolicy: fix migrate_to_node() assuming there is at least one VMA in a MM (CVE-2024-56611 bsc#1235391)
- commit 2731a92
- netdevsim: prevent bad user input in
nsim_dev_health_break_write() (bsc#1235587 CVE-2024-56716).
- commit 28d54d6
- bpf: Fix UAF via mismatching bpf_prog/attachment RCU flavors
(bsc#1235555 CVE-2024-56675).
- commit 403c5dd
- xsk: Free skb when TX metadata options are invalid (bsc#1235000
CVE-2024-53236).
- commit 7d68164
- ipc: fix memleak if msg_init_ns failed in create_ipc_ns
(bsc#1234893 CVE-2024-53175).
- commit 5f77971
- i3c: mipi-i3c-hci: Mask ring interrupts before ring stop request (CVE-2024-45828 bsc#1235705)
- commit 6a03a5a
- ceph: give up on paths longer than PATH_MAX (CVE-2024-53685 bsc#1235720)
- commit cd5b8ed
- btrfs: add a sanity check for btrfs root in btrfs_search_slot()
(CVE-2024-56774 bsc#1235653).
- commit cd76b1a
- bcache: revert replacing IS_ERR_OR_NULL with IS_ERR again (CVE-2024-48881 bsc#1235727)
- commit 5c5ddcb
- net/smc: check return value of sock_recvmsg when draining clc
data (CVE-2024-57791 bsc#1235759).
- commit a343ecd
- scsi: qedf: Fix a possible memory leak in qedf_alloc_and_init_sb() (CVE-2024-56748 bsc#1235627)
- commit 75f84ca
- scsi: ufs: core: sysfs: Prevent div by zero (CVE-2024-56622 bsc#1235251)
- commit 8bc4baa
- cpufreq: intel_pstate: Check turbo_is_disabled() in
store_no_turbo() (bsc#1234619).
- commit f5b59a5
- cpufreq: intel_pstate: Fix unchecked HWP MSR access
(bsc#1234619).
- commit df6b669
- cpufreq: intel_pstate: Update the maximum CPU frequency
consistently (bsc#1234619).
- commit 110e6ef
- cpufreq: intel_pstate: Replace three global.turbo_disabled
checks (bsc#1234619).
- commit 0ad4ebe
- cpufreq: intel_pstate: Read global.no_turbo under READ_ONCE()
(bsc#1234619).
- Refresh
patches.suse/cpufreq-intel_pstate-Ramp-up-frequency-faster-when-u.patch.
- Refresh
patches.suse/cpufreq-intel_pstate-Temporarily-boost-P-state-when-.patch.
- commit 1c8960e
- cpufreq: intel_pstate: Rearrange show_no_turbo() and
store_no_turbo() (bsc#1234619).
- commit 9383d66
- scsi: ufs: qcom: Only free platform MSIs when ESI is enabled (CVE-2024-56620 bsc#1235227)
- commit 00c6f8f
- cpufreq: intel_pstate: Do not update global.turbo_disabled
after initialization (bsc#1234619).
- Refresh
patches.suse/cpufreq-intel_pstate-Ramp-up-frequency-faster-when-u.patch.
- commit 536c9fc
- cpufreq: intel_pstate: Refine computation of P-state for given
frequency (bsc#1234619).
- commit 8135bb3
- cpufreq: intel_pstate: Revise global turbo disable check
(bsc#1234619).
- commit 4089ec6
- Drop uvcvideo fix due to regression (bsc#1235894)
- Delete
patches.suse/media-uvcvideo-Require-entities-to-have-a-non-zero-u.patch.
- blacklist.conf update
- commit 90c0ac7
- virt: tdx-guest: Just leak decrypted memory on unrecoverable
errors (CVE-2024-57793 bsc#1235768).
- commit 0fbd2e1
- cpufreq: intel_pstate: Fold intel_pstate_max_within_limits()
into caller (bsc#1234619).
- commit 430dfdb
- cpufreq: intel_pstate: Use __ro_after_init for three variables
(bsc#1234619).
- commit e421ce1
- cpufreq: intel_pstate: Get rid of unnecessary READ_ONCE()
annotations (bsc#1234619).
- commit 682d75a
- cpufreq: intel_pstate: Wait for canceled delayed work to
complete (bsc#1234619).
- commit a725954
- cpufreq: intel_pstate: Simplify spinlock locking (bsc#1234619).
- commit 6583c13
- cpufreq: intel_pstate: Drop redundant locking from
intel_pstate_driver_cleanup() (bsc#1234619).
- commit e58d8d7
- Revert 'arm64: Kconfig: Make SME depend on BROKEN for now'
This reverts commit 2ccfee6be929dd4ea49ef59a7ae686473aae40b6
CONFIG_ARM64_SME is enabled by default so some customers may
rely on SME. We need further analysis to evaluate to what
extent we are impacted and in case we'll disable SME support
later.
- commit f83551c
- PCI: imx6: Fix suspend/resume support on i.MX6QDL
(CVE-2024-57809 bsc#1235793).
- commit 11fd956
- net: tun: fix tun_napi_alloc_frags() (CVE-2024-56372
bsc#1235753).
- net: renesas: rswitch: avoid use-after-put for a device tree
node (CVE-2024-55639 bsc#1235737).
- commit 0d5db72
- mm: prevent derefencing NULL ptr in pfn_section_valid()
(git-fixes).
- commit 6f62e94
- mm, kmsan: fix infinite recursion due to RCU critical section
(git-fixes).
- commit 509127e
- mm/sparsemem: fix race in accessing memory_section->usage
(bsc#1221326 CVE-2023-52489).
- commit 13000fd
- scsi: hisi_sas: Add cond_resched() for no forced preemption model (CVE-2024-56589 bsc#1235241)
- commit a1ef870
- arm64: Kconfig: Make SME depend on BROKEN for now (git-fixes).
- commit 2ccfee6
- arm64: ptrace: fix partial SETREGSET for NT_ARM_TAGGED_ADDR_CTRL
(git-fixes).
- commit 834d2d0
- arm64: dts: rockchip: add hevc power domain clock to rk3328
(git-fixes).
- commit 7aa2931
- Update
patches.suse/ALSA-6fire-Release-resources-at-card-release.patch
(git-fixes CVE-2024-53239 bsc#1235054).
- Update
patches.suse/ALSA-caiaq-Use-snd_card_free_when_closed-at-disconne.patch
(git-fixes CVE-2024-56531 bsc#1235057).
- Update
patches.suse/ALSA-us122l-Use-snd_card_free_when_closed-at-disconn.patch
(git-fixes CVE-2024-56532 bsc#1235059).
- Update
patches.suse/ALSA-usb-audio-Fix-potential-out-of-bound-accesses-f.patch
(git-fixes CVE-2024-53197 bsc#1235464).
- Update
patches.suse/ALSA-usx2y-Use-snd_card_free_when_closed-at-disconne.patch
(git-fixes CVE-2024-56533 bsc#1235053).
- Update
patches.suse/Bluetooth-hci_core-Fix-not-checking-skb-length-on-hc.patch
(stable-fixes CVE-2024-56590 bsc#1235038).
- Update
patches.suse/Bluetooth-hci_event-Fix-using-rcu_read_-un-lock-whil.patch
(git-fixes CVE-2024-56654 bsc#1235532).
- Update
patches.suse/HID-wacom-fix-when-get-product-name-maybe-null-point.patch
(git-fixes CVE-2024-56629 bsc#1235473).
- Update
patches.suse/NFSv3-only-use-NFS-timeout-for-MOUNT-when-protocols-.patch
(bsc#1231016 CVE-2024-50106 bsc#1232882).
- Update patches.suse/PCI-Fix-reset_method_store-memory-leak.patch
(git-fixes CVE-2024-56745 bsc#1235563).
- Update
patches.suse/PCI-Fix-use-after-free-of-slot-bus-on-hot-remove.patch
(stable-fixes CVE-2024-53194 bsc#1235459).
- Update
patches.suse/PCI-MSI-Handle-lack-of-irqdomain-gracefully.patch
(git-fixes CVE-2024-56760 bsc#1235616).
- Update
patches.suse/RDMA-hns-Fix-cpu-stuck-caused-by-printings-during-re.patch
(git-fixes CVE-2024-56722 bsc#1235570).
- Update
patches.suse/acpi-nfit-vmalloc-out-of-bounds-Read-in-acpi_nfit_ct.patch
(git-fixes CVE-2024-56662 bsc#1235533).
- Update
patches.suse/af_packet-avoid-erroring-out-after-sock_init_data-in.patch
(CVE-2024-56606 bsc#123541 bsc#1235417).
- Update
patches.suse/apparmor-test-Fix-memory-leak-for-aa_unpack_strdup.patch
(git-fixes CVE-2024-56741 bsc#1235502).
- Update
patches.suse/blk-cgroup-Fix-UAF-in-blkcg_unpin_online.patch
(bsc#1234726 CVE-2024-56672 bsc#1235534).
- Update
patches.suse/can-dev-can_set_termination-allow-sleeping-GPIOs.patch
(git-fixes CVE-2024-56625 bsc#1235223).
- Update
patches.suse/can-hi311x-hi3110_can_ist-fix-potential-use-after-fr.patch
(git-fixes CVE-2024-56651 bsc#1235528).
- Update
patches.suse/crypto-bcm-add-error-check-in-the-ahash_hmac_init-fu.patch
(git-fixes CVE-2024-56681 bsc#1235557).
- Update
patches.suse/crypto-pcrypt-Call-crypto-layer-directly-when-padata.patch
(git-fixes CVE-2024-56690 bsc#1235428).
- Update
patches.suse/dlm-fix-possible-lkb_resource-null-dereference.patch
(git-fixes CVE-2024-47809 bsc#1235714).
- Update
patches.suse/dma-debug-fix-a-possible-deadlock-on-radix_lock.patch
(stable-fixes CVE-2024-47143 bsc#1235710).
- Update
patches.suse/dmaengine-at_xdmac-avoid-null_prt_deref-in-at_xdmac_.patch
(git-fixes CVE-2024-56767 bsc#1235160).
- Update
patches.suse/drivers-soc-xilinx-add-the-missing-kfree-in-xlnx_add.patch
(git-fixes CVE-2024-56546 bsc#1235070).
- Update patches.suse/drm-amdgpu-don-t-access-invalid-sched.patch
(git-fixes CVE-2024-46896 bsc#1235707).
- Update
patches.suse/drm-amdgpu-set-the-right-AMDGPU-sg-segment-limitatio.patch
(stable-fixes CVE-2024-56594 bsc#1235413).
- Update
patches.suse/drm-dp_mst-Fix-MST-sideband-message-body-length-chec.patch
(stable-fixes CVE-2024-56616 bsc#1235427).
- Update
patches.suse/drm-modes-Avoid-divide-by-zero-harder-in-drm_mode_vr.patch
(stable-fixes CVE-2024-56369 bsc#1235750).
- Update
patches.suse/drm-sti-avoid-potential-dereference-of-error-pointer-831214f.patch
(git-fixes CVE-2024-56776 bsc#1235647).
- Update
patches.suse/drm-sti-avoid-potential-dereference-of-error-pointer-e965e77.patch
(git-fixes CVE-2024-56777 bsc#1235641).
- Update
patches.suse/drm-sti-avoid-potential-dereference-of-error-pointer.patch
(git-fixes CVE-2024-56778 bsc#1235635).
- Update
patches.suse/drm-vc4-hdmi-Avoid-hang-with-debug-registers-when-su.patch
(git-fixes CVE-2024-56683 bsc#1235497).
- Update
patches.suse/drm-zynqmp_kms-Unplug-DRM-device-before-removal.patch
(git-fixes CVE-2024-56538 bsc#1235051).
- Update
patches.suse/efi-libstub-Free-correct-pointer-on-failure.patch
(git-fixes CVE-2024-56573 bsc#1235042).
- Update
patches.suse/fbdev-sh7760fb-Fix-a-possible-memory-leak-in-sh7760f.patch
(git-fixes CVE-2024-56746 bsc#1235622).
- Update
patches.suse/gpio-grgpio-Add-NULL-check-in-grgpio_probe.patch
(git-fixes CVE-2024-56634 bsc#1235486).
- Update
patches.suse/hfsplus-don-t-query-the-device-logical-block-size-multiple-times.patch
(git-fixes CVE-2024-56548 bsc#1235073).
- Update
patches.suse/igb-Fix-potential-invalid-memory-access-in-igb_init_.patch
(git-fixes CVE-2024-52332 bsc#1235700).
- Update
patches.suse/iio-adc-ad7923-Fix-buffer-overflow-for-tx_buf-and-ri.patch
(git-fixes CVE-2024-56557 bsc#1235122).
- Update
patches.suse/io_uring-check-if-iowq-is-killed-before-queuing.patch
(git-fixes CVE-2024-56709 bsc#1235552).
- Update
patches.suse/io_uring-tctx-work-around-xa_store-allocation-error-.patch
(git-fixes CVE-2024-56584 bsc#1235117).
- Update
patches.suse/jfs-add-a-check-to-prevent-array-index-out-of-bounds-in-dbAdjTree.patch
(git-fixes CVE-2024-56595 bsc#1235410).
- Update
patches.suse/jfs-array-index-out-of-bounds-fix-in-dtReadFirst.patch
(git-fixes CVE-2024-56598 bsc#1235220).
- Update
patches.suse/jfs-fix-array-index-out-of-bounds-in-jfs_readdir.patch
(git-fixes CVE-2024-56596 bsc#1235458).
- Update patches.suse/jfs-fix-shift-out-of-bounds-in-dbSplit.patch
(git-fixes CVE-2024-56597 bsc#1235222).
- Update
patches.suse/leds-class-Protect-brightness_show-with-led_cdev-led.patch
(stable-fixes CVE-2024-56587 bsc#1235125).
- Update
patches.suse/media-atomisp-Add-check-for-rgby_data-memory-allocat.patch
(git-fixes CVE-2024-56705 bsc#1235568).
- Update
patches.suse/media-dvb-frontends-dib3000mb-fix-uninit-value-in-di.patch
(git-fixes CVE-2024-56769 bsc#1235155).
- Update
patches.suse/media-imx-jpeg-Ensure-power-suppliers-be-suspended-b.patch
(git-fixes CVE-2024-56575 bsc#1235039).
- Update
patches.suse/media-imx-jpeg-Set-video-drvdata-before-register-vid.patch
(git-fixes CVE-2024-56578 bsc#1235115).
- Update
patches.suse/media-mtk-jpeg-Fix-null-ptr-deref-during-unload-modu.patch
(git-fixes CVE-2024-56577 bsc#1235112).
- Update
patches.suse/media-platform-allegro-dvt-Fix-possible-memory-leak-.patch
(git-fixes CVE-2024-56572 bsc#1235043).
- Update
patches.suse/media-ts2020-fix-null-ptr-deref-in-ts2020_probe.patch
(git-fixes CVE-2024-56574 bsc#1235040).
- Update
patches.suse/media-uvcvideo-Require-entities-to-have-a-non-zero-u.patch
(git-fixes CVE-2024-56571 bsc#1235037).
- Update
patches.suse/media-wl128x-Fix-atomicity-violation-in-fmc_send_cmd.patch
(git-fixes CVE-2024-56700 bsc#1235500).
- Update
patches.suse/mfd-intel_soc_pmic_bxtwc-Use-IRQ-domain-for-PMIC-dev.patch
(git-fixes CVE-2024-56723 bsc#1235571).
- Update
patches.suse/mfd-intel_soc_pmic_bxtwc-Use-IRQ-domain-for-TMU-devi.patch
(git-fixes CVE-2024-56724 bsc#1235577).
- Update
patches.suse/mfd-intel_soc_pmic_bxtwc-Use-IRQ-domain-for-USB-Type.patch
(git-fixes CVE-2024-56691 bsc#1235425).
- Update
patches.suse/msft-hv-3095-Drivers-hv-util-Avoid-accessing-a-ringbuffer-not-ini.patch
(git-fixes CVE-2024-55916 bsc#1235747).
- Update
patches.suse/mtd-rawnand-fix-double-free-in-atmel_pmecc_create_us.patch
(git-fixes CVE-2024-56766 bsc#1235219).
- Update
patches.suse/net-ipv6-release-expired-exception-dst-cached-in-soc.patch
(bsc#1216813 CVE-2024-56644 bsc#1235133).
- Update
patches.suse/nfsd-fix-nfs4_openowner-leak-when-concurrent-nfsd4_open-occur.patch
(git-fixes CVE-2024-56779 bsc#1235632).
- Update
patches.suse/nfsd-make-sure-exp-active-before-svc_export_show.patch
(git-fixes CVE-2024-56558 bsc#1235100).
- Update
patches.suse/nilfs2-fix-potential-out-of-bounds-memory-access-in-nilfs_find_entry.patch
(git-fixes CVE-2024-56619 bsc#1235224).
- Update
patches.suse/nvme-apple-fix-device-reference-counting.patch
(git-fixes CVE-2024-43913 bsc#1229833).
- Update
patches.suse/nvme-rdma-unquiesce-admin_q-before-destroy-it.patch
(git-fixes CVE-2024-49569 bsc#1235730).
- Update
patches.suse/nvme-tcp-fix-the-memleak-while-create-new-ctrl-faile.patch
(git-fixes CVE-2024-56632 bsc#1235483).
- Update
patches.suse/ocfs2-free-inode-when-ocfs2_get_init_inode-fails.patch
(git-fixes CVE-2024-56630 bsc#1235479).
- Update
patches.suse/pinmux-Use-sequential-access-to-access-desc-pinmux-d.patch
(stable-fixes CVE-2024-47141 bsc#1235708).
- Update
patches.suse/power-supply-gpio-charger-Fix-set-charge-current-lim.patch
(git-fixes CVE-2024-57792 bsc#1235764).
- Update
patches.suse/powerpc-fadump-Move-fadump_cma_init-to-setup_arch-af.patch
(bsc#1215199 CVE-2024-56677 bsc#1235494).
- Update
patches.suse/powerpc-mm-fault-Fix-kfence-page-fault-reporting.patch
(bsc#1194869 CVE-2024-56678 bsc#1235495).
- Update
patches.suse/powerpc-pseries-Fix-dtl_access_lock-to-be-a-rw_semap.patch
(bsc#1194869 CVE-2024-56701 bsc#1235496).
- Update
patches.suse/quota-flush-quota_release_work-upon-quota-writeback.patch
(bsc#1234195 CVE-2024-56780 bsc#1235650).
- Update
patches.suse/rtc-check-if-__rtc_read_time-was-successful-in-rtc_t.patch
(git-fixes CVE-2024-56739 bsc#1235611).
- Update
patches.suse/scsi-qla2xxx-Fix-use-after-free-on-unload.patch
(bsc#1235406 CVE-2024-56623 bsc#1235466).
- Update
patches.suse/smb-client-fix-TCP-timers-deadlock-after-rmmod.patch
(CVE-2024-53095 bsc#1233642 CVE-2024-54680 bsc#1235723).
- Update
patches.suse/soc-imx8m-Probe-the-SoC-driver-as-platform-driver.patch
(stable-fixes CVE-2024-56787 bsc#1235663).
- Update
patches.suse/spi-mpc52xx-Add-cancel_work_sync-before-module-remov.patch
(git-fixes CVE-2024-50051 bsc#1235739).
- Update
patches.suse/sunrpc-clear-XPRT_SOCK_UPD_TIMEOUT-when-reset-transport.patch
(git-fixes CVE-2024-56688 bsc#1235538).
- Update
patches.suse/sunrpc-fix-one-UAF-issue-caused-by-sunrpc-kernel-tcp.patch
(git-fixes CVE-2024-53168 bsc#1234887).
- Update patches.suse/tipc-fix-NULL-deref-in-cleanup_bearer.patch
(CVE-2024-56642 bsc#1235433 CVE-2024-56661 bsc#1234931).
- Update patches.suse/unicode-Fix-utf8_load-error-path.patch
(git-fixes CVE-2024-53233 bsc#1235046).
- Update
patches.suse/usb-dwc3-gadget-Fix-looping-of-queued-SG-entries.patch
(git-fixes CVE-2024-56698 bsc#1235491).
- Update
patches.suse/usb-gadget-u_serial-Fix-the-issue-that-gs_start_io-c.patch
(git-fixes CVE-2024-56670 bsc#1235488).
- Update
patches.suse/usb-musb-Fix-hardware-lockup-on-first-Rx-endpoint-re.patch
(git-fixes CVE-2024-56687 bsc#1235537).
- Update
patches.suse/wifi-ath12k-Skip-Rx-TID-cleanup-for-self-peer.patch
(git-fixes CVE-2024-56543 bsc#1235065).
- Update
patches.suse/wifi-ath12k-fix-atomic-calls-in-ath12k_mac_op_set_bi.patch
(stable-fixes CVE-2024-56607 bsc#1235423).
- Update
patches.suse/wifi-brcmfmac-Fix-oops-due-to-NULL-pointer-dereferen.patch
(stable-fixes CVE-2024-56593 bsc#1235252).
- Update
patches.suse/wifi-nl80211-fix-NL80211_ATTR_MLO_LINK_ID-off-by-one.patch
(git-fixes CVE-2024-56663 bsc#1235454).
- Update
patches.suse/wifi-rtw88-use-ieee80211_purge_tx_queue-to-purge-TX-.patch
(stable-fixes CVE-2024-56609 bsc#1235389).
- Update
patches.suse/wifi-rtw89-check-return-value-of-ieee80211_probereq_.patch
(stable-fixes CVE-2024-48873 bsc#1235716).
- commit 8258b9d
- Move upstreamed NFS patch into sorted section
- commit b16f043
- net: dsa: improve shutdown sequence (CVE-2024-49998 bsc#1232087).
- commit 4c71ee1
- smb: client: fix OOBs when building SMB2_IOCTL request
(bsc#1233055, CVE-2024-50151).
- commit 6434503
- KVM: SVM: Allow guest writes to set MSR_AMD64_DE_CFG bits
(bsc#1234635).
- commit e5c720c
- KVM: s390: Reject KVM_SET_GSI_ROUTING on ucontrol VMs (git-fixes
bsc#1235776).
- KVM: s390: Reject setting flic pfault attributes on ucontrol
VMs (git-fixes bsc#1235777).
- KVM: s390: vsie: fix virtual/physical address in unpin_scb()
(git-fixes bsc#1235778).
- iommu/s390: Implement blocking domain (CVE-2024-53232
bsc#1235050).
- commit aa0d65c
- mm/swapfile: skip HugeTLB pages for unuse_vma (CVE-2024-50199
bsc#1233112).
- commit 57bc3bb
- exfat: fix the infinite loop in __exfat_free_cluster()
(git-fixes).
- commit f091e41
- exfat: fix the infinite loop in exfat_readdir() (git-fixes).
- commit 3298782
- dlm: fix possible lkb_resource null dereference (git-fixes).
- commit f2b8780
- Bluetooth: MGMT: Fix possible crash on mgmt_index_removed
(CVE-2024-49951 bsc#1232158).
- commit 8b8b4db
- afs: Fix the maximum cell name length (git-fixes).
- commit 77a0ae0
- drm/amd/display: Fix handling of plane refcount (bsc#1235657 CVE-2024-56775)
- commit b028260
- misc: microchip: pci1xxxx: Resolve return code mismatch during
GPIO set config (git-fixes).
- misc: microchip: pci1xxxx: Resolve kernel panic during GPIO
IRQ handling (git-fixes).
- commit 5eb3001
- iio: inkern: call iio_device_put() only on mapped devices
(git-fixes).
- iio: adc: at91: call input_free_device() on allocated iio_dev
(git-fixes).
- iio: adc: ti-ads124s08: Use gpiod_set_value_cansleep()
(git-fixes).
- iio: pressure: zpa2326: fix information leak in triggered buffer
(git-fixes).
- iio: adc: rockchip_saradc: fix information leak in triggered
buffer (git-fixes).
- iio: imu: kmx61: fix information leak in triggered buffer
(git-fixes).
- iio: light: vcnl4035: fix information leak in triggered buffer
(git-fixes).
- iio: adc: ti-ads8688: fix information leak in triggered buffer
(git-fixes).
- iio: dummy: iio_simply_dummy_buffer: fix information leak in
triggered buffer (git-fixes).
- iio: gyro: fxas21002c: Fix missing data update in trigger
handler (git-fixes).
- iio: test : check null return of kunit_kmalloc in
iio_rescale_test_scale (git-fixes).
- iio: adc: ad7124: Disable all channels at probe time
(git-fixes).
- staging: iio: ad9832: Correct phase range check (git-fixes).
- staging: iio: ad9834: Correct phase range check (git-fixes).
- usb: gadget: f_fs: Remove WARN_ON in functionfs_bind
(git-fixes).
- USB: core: Disable LPM only for non-suspended ports (git-fixes).
- usb: fix reference leak in usb_new_device() (git-fixes).
- usb: gadget: u_serial: Disable ep before setting port to null
to fix the crash caused by port being null (git-fixes).
- usb: gadget: configfs: Ignore trailing LF for user strings to
cdev (git-fixes).
- USB: usblp: return error when setting unsupported protocol
(git-fixes).
- usb: gadget: f_uac2: Fix incorrect setting of bNumEndpoints
(git-fixes).
- usb: typec: tcpm/tcpci_maxim: fix error code in
max_contaminant_read_resistance_kohm() (git-fixes).
- usb: dwc3-am62: Disable autosuspend during remove (git-fixes).
- usb: dwc3: gadget: fix writing NYET threshold (git-fixes).
- commit 04c952e
- tty: serial: 8250: Fix another runtime PM usage counter
underflow (git-fixes).
- commit 1e248c9
- hwmon: (drivetemp) Fix driver producing garbage data when SCSI
errors occur (git-fixes).
- commit b04cc0b
- thermal: of: fix OF node leak in of_thermal_zone_find()
(git-fixes).
- drm/mediatek: Add return value check when reading DPCD
(git-fixes).
- drm/mediatek: mtk_dsi: Add registers to pdata to fix
MT8186/MT8188 (git-fixes).
- drm/mediatek: Fix mode valid issue for dp (git-fixes).
- drm/mediatek: Fix YCbCr422 color format issue for DP
(git-fixes).
- drm/mediatek: stop selecting foreign drivers (git-fixes).
- drm/mediatek: Add support for 180-degree rotation in the
display driver (git-fixes).
- drm/mediatek: Set private->all_drm_private[i]->drm to NULL if
mtk_drm_bind returns err (git-fixes).
- drm/amdkfd: fixed page fault when enable MES shader debugger
(git-fixes).
- platform/x86/amd/pmc: Only disable IRQ1 wakeup where i8042
actually enabled it (git-fixes).
- commit 4e3d452
- Update patches.suse/tipc-fix-NULL-deref-in-cleanup_bearer.patch
(CVE-2024-56642 bsc#1235433).
- commit 6f4f559
- Disable ceph (jsc#PED-7242)
- commit 0dd7856
- bpf, sockmap: Fix race between element replace and close()
(CVE-2024-56664 bsc#1235249).
- commit 81511fb
- platform/x86/intel/tpmi: Add defines to get version information
(bsc#1225897).
- commit 00f1af2
- s390x config: IOMMU_DEFAULT_DMA_LAZY=y (bsc#1235646)
- commit 4e210b3
- tipc: fix NULL deref in cleanup_bearer() (bsc#1235433).
- commit e9be640
- platform/x86/intel-uncore-freq: Ignore minor version change
(bsc#1225897).
- commit 33349ec
- udmabuf: fix memory leak on last export_udmabuf() error path
(CVE-2024-56712 bsc#1235565).
- commit bbc81b4
- modpost: fix the missed iteration for the max bit in do_input()
(git-fixes).
- net: wwan: iosm: Properly check for valid exec stage in
ipc_mmio_init() (git-fixes).
- net: wwan: t7xx: Fix FSM command timeout issue (git-fixes).
- thunderbolt: Add support for Intel Panther Lake-M/P
(stable-fixes).
- sound: usb: format: don't warn that raw DSD is unsupported
(stable-fixes).
- sound: usb: enable DSD output for ddHiFi TC44C (stable-fixes).
- net: usb: qmi_wwan: add Telit FE910C04 compositions
(stable-fixes).
- wifi: mac80211: wake the queues in case of failure in resume
(stable-fixes).
- wifi: mac80211: fix mbss changed flags corruption on 32 bit
systems (stable-fixes).
- watchdog: rzg2l_wdt: Power on the watchdog domain in the
restart handler (stable-fixes).
- wifi: ath12k: fix atomic calls in
ath12k_mac_op_set_bitrate_mask() (stable-fixes).
- wifi: rtw88: use ieee80211_purge_tx_queue() to purge TX skb
(stable-fixes).
- wifi: mac80211: export ieee80211_purge_tx_queue() for drivers
(stable-fixes).
- wifi: mac80211: Add non-atomic station iterator (stable-fixes).
- watchdog: rzg2l_wdt: Rely on the reset driver for doing proper
reset (stable-fixes).
- watchdog: rzg2l_wdt: Remove reset de-assert from probe
(stable-fixes).
- media: uvcvideo: Force UVC version to 1.0a for 0408:4035
(stable-fixes).
- thunderbolt: Add support for Intel Lunar Lake (stable-fixes).
- usb: chipidea: add CI_HDRC_FORCE_VBUS_ACTIVE_ALWAYS flag
(stable-fixes).
- commit c96ed05
- Bluetooth: btnxpuart: Fix driver sending truncated data
(git-fixes).
- Bluetooth: MGMT: Fix Add Device to responding before completing
(git-fixes).
- Bluetooth: hci_sync: Fix not setting Random Address when
required (git-fixes).
- ieee802154: ca8210: Add missing check for kfifo_alloc() in
ca8210_probe() (git-fixes).
- irqchip/gic: Correct declaration of *percpu_base pointer in
union gic_base (stable-fixes).
- drm/amdkfd: Correct the migration DMA map direction
(stable-fixes).
- ALSA: hda/realtek: Add new alc2xx-fixup-headset-mic model
(stable-fixes).
- ACPI/IORT: Add PMCG platform information for HiSilicon HIP09A
(stable-fixes).
- drm/amd/display: Fix incorrect DSC recompute trigger
(stable-fixes).
- i2c: i801: Add support for Intel Panther Lake (stable-fixes).
- Bluetooth: btusb: Add new VID/PID 0489/e111 for MT7925
(stable-fixes).
- Bluetooth: btusb: mediatek: add callback function in
btusb_disconnect (stable-fixes).
- docs: media: update location of the media patches
(stable-fixes).
- cleanup: Adjust scoped_guard() macros to avoid potential warning
(stable-fixes).
- cleanup: Remove address space of returned pointer (git-fixes).
- crypto: ecdsa - Avoid signed integer overflow on signature
decoding (stable-fixes).
- irqchip/gic-v3: Force propagation of the active state with a
read-back (stable-fixes).
- ACPI/IORT: Add PMCG platform information for HiSilicon HIP10/11
(stable-fixes).
- i2c: i801: Add support for Intel Arrow Lake-H (stable-fixes).
- crypto: ecdsa - Use ecc_digits_from_bytes to convert signature
(stable-fixes).
- drm/amd/display: Fix DSC-re-computing (stable-fixes).
- Bluetooth: btusb: add callback function in btusb suspend/resume
(stable-fixes).
- crypto: ecc - Prevent ecc_digits_from_bytes from reading too
many bytes (git-fixes).
- Bluetooth: btusb: Add USB HW IDs for MT7921/MT7922/MT7925
(stable-fixes).
- crypto: ecdsa - Rename keylen to bufsize where necessary
(stable-fixes).
- crypto: ecdsa - Convert byte arrays with key coordinates to
digits (stable-fixes).
- ALSA: ump: Use guard() for locking (stable-fixes).
- Bluetooth: btusb: Add new VID/PID 13d3/3602 for MT7925
(stable-fixes).
- cleanup: Add conditional guard support (stable-fixes).
- i2c: xgene-slimpro: Migrate to use generic PCC shmem related
macros (stable-fixes).
- ACPI: PCC: Add PCC shared memory region command and status
bitfields (stable-fixes).
- mailbox: pcc: Support shared interrupt for multiple subspaces
(stable-fixes).
- mailbox: pcc: Add support for platform notification handling
(stable-fixes).
- Bluetooth: Add support ITTIM PE50-M75C (stable-fixes).
- commit 964672e
- scsi: sg: Fix slab-use-after-free read in sg_release()
(CVE-2024-56631 bsc#1235480).
- commit cb70e79
- Fix CVE reference for patches.suse/af_packet-avoid-erroring-out-after-sock_init_data-in.patch (CVE-2024-56606)
- commit f8ce5de
- 9p/xen: fix release of IRQ (CVE-2024-56704 bsc#1235584).
- commit f0916d2
- net: ieee802154: do not leave a dangling sk pointer in
ieee802154_create() (CVE-2024-56602 bsc#1235521).
- commit 2d367ac
- net: hsr: avoid potential out-of-bound access in
fill_frame_info() (CVE-2024-56648 bsc#1235451).
- commit 79ce319
- net/mlx5: DR, prevent potential error pointer dereference (CVE-2024-56660 bsc#1235437)
- commit 0e2235c
- bnxt_en: Fix GSO type for HW GRO packets on 5750X chips (git-fixes)
- commit 8448fe4
- bnxt_en: Fix aggregation ID mask to prevent oops on 5760X chips (CVE-2024-56656 bsc#1235444)
- commit a44ef4d
- af_packet: avoid erroring out after sock_init_data() in packet_create() (CVE-2024-5660 bsc#123541)
- commit c21a9e5
- smb: client: fix NULL ptr deref in crypto_aead_setkey() (CVE-2024-53185 bsc#1234901)
- commit 77b5b00
- net: af_can: do not leave a dangling sk pointer in can_create() (CVE-2024-56603 bsc#1235415)
- commit 53bb420
- btrfs: fix use-after-free waiting for encoded read endios
(bsc#1235445).
- btrfs: fix use-after-free in btrfs_encoded_read_endio()
(bsc#1235445).
- commit ae44992
- ovl: Filter invalid inodes with missing lookup function
(bsc#1235035 CVE-2024-56570).
- commit 0cddc7c
- ubi: fastmap: Fix duplicate slab cache names while attaching (CVE-2024-53172 bsc#1234898)
- commit f996297
- net: sched: fix ordering of qlen adjustment (CVE-2024-53164 bsc#1234863)
- commit ac3c374
- tipc: Fix use-after-free of kernel socket in cleanup_bearer()
(CVE-2024-56642 bsc#1235433).
- commit 644f840
- sctp: properly validate chunk size in sctp_sf_ootb() (CVE-2024-50299 bsc#1233488)
- commit 9038d7f
- Revert "btrfs: fix use-after-free waiting for encoded read endios (bsc#1235128)"
- commit 4296cd8
- Delete XHCI patch for regression (bsc#1235550)
Deleted:
patches.suse/xhci-fix-possible-null-pointer-deref-during-xhci-urb.patch
- commit 9b365a6
- Update
patches.suse/Bluetooth-L2CAP-do-not-leave-dangling-sk-pointer-on-.patch
(stable-fixes CVE-2024-56605 bsc#1235061).
- Update
patches.suse/can-j1939-j1939_session_new-fix-skb-reference-counti.patch
(git-fixes CVE-2024-56645 bsc#1235134).
- Update patches.suse/drm-amdgpu-fix-usage-slab-after-free.patch
(stable-fixes CVE-2024-56551 bsc#1235075).
- commit 3b5652e
- idpf: trigger SW interrupt when exiting wb_on_itr mode
(bsc#1235507).
- idpf: add support for SW triggered interrupts (bsc#1235507).
- net: mana: Increase the DEF_RX_BUFFERS_PER_QUEUE to 1024
(bsc#1235246).
- idpf: enable WB_ON_ITR (bsc#1235507).
- commit 561bd1f
- smb: client: fix TCP timers deadlock after rmmod (git-fixes)
[hcarvalho: fix issue described in bsc#1233642]
- commit 6448f16
- smb: client: Fix use-after-free of network namespace
(CVE-2024-53095 bsc#1233642).
- commit a29a1bc
- smb: client: fix use-after-free of signing key (CVE-2024-53179
bsc#1234921).
- commit fb9831c
- powerpc/book3s64/hugetlb: Fix disabling hugetlb when fadump
is active (bsc#1235108).
- commit c2d7be7
- nvmet-loop: avoid using mutex in IO hotpath (git-fixes).
- commit c6bd393
- nvme-pci: 512 byte aligned dma pool segment quirk (git-fixes).
- commit c9efbed
- nvme-rdma: unquiesce admin_q before destroy it (git-fixes).
- nvme-tcp: fix the memleak while create new ctrl failed
(git-fixes).
- nvme/multipath: Fix RCU list traversal to use SRCU primitive
(git-fixes).
- nvme: fix metadata handling in nvme-passthrough (git-fixes).
- nvme: apple: fix device reference counting (git-fixes).
- commit d75a9f8
- workqueue: Do not warn when cancelling WQ_MEM_RECLAIM work
from !WQ_MEM_RECLAIM worker (bsc#1235416).
- commit 1f8402d
- btrfs: fix use-after-free waiting for encoded read endios (bsc#1235128)
- commit 1c811b2
- scsi: lpfc: Copyright updates for 14.4.0.7 patches
(bsc#1235409).
- scsi: lpfc: Update lpfc version to 14.4.0.7 (bsc#1235409).
- scsi: lpfc: Add support for large fw object application layer
reads (bsc#1235409).
- scsi: lpfc: Update definition of firmware configuration mbox
cmds (bsc#1235409).
- scsi: lpfc: Change lpfc_nodelist save_flags member into a
bitmask (bsc#1235409).
- scsi: lpfc: Add handling for LS_RJT reason explanation
authentication required (bsc#1235409).
- scsi: lpfc: Modify handling of ADISC based on ndlp state and
RPI registration (bsc#1235409).
- scsi: lpfc: Delete NLP_TARGET_REMOVE flag due to obsolete usage
(bsc#1235409).
- scsi: lpfc: Restrict the REG_FCFI MAM field to FCoE adapters
only (bsc#1235409).
- scsi: lpfc: Redefine incorrect type in lpfc_create_device_data()
(bsc#1235409).
- commit 9acd44f
- btrfs: fix use-after-free in btrfs_encoded_read_endio() (CVE-2024-56582 bsc#1235128)
- commit 03199ca
- scsi: qla2xxx: Update version to 10.02.09.400-k (bsc#1235406).
- scsi: qla2xxx: Supported speed displayed incorrectly for VPorts
(bsc#1235406).
- scsi: qla2xxx: Fix NVMe and NPIV connect issue (bsc#1235406).
- scsi: qla2xxx: Remove check req_sg_cnt should be equal to
rsp_sg_cnt (bsc#1235406).
- scsi: qla2xxx: Fix use after free on unload (bsc#1235406).
- scsi: qla2xxx: Fix abort in bsg timeout (bsc#1235406).
- scsi: qla2xxx: Remove the unused 'del_list_entry' field in
struct fc_port (bsc#1235406).
- commit 7f98a5d
- vfio/pci: Properly hide first-in-list PCIe extended capability
(bsc#1235004 CVE-2024-53214).
- commit 84c948c
- powerpc/pseries/vas: Add close() callback in vas_vm_ops struct
(bsc#1234825).
- commit 0422117
- wifi: ath10k: avoid NULL pointer error during sdio remove
(CVE-2024-56599 bsc#1235138).
- commit ee28d42
- xhci: fix possible null pointer deref during xhci urb enqueue
(git-fixes).
- commit 743e834
- erofs: handle NONHEAD !delta[1] lclusters gracefully
(bsc#1235045 CVE-2024-53234).
- commit ac75a6e
- mm/slub: Avoid list corruption when removing a slab from the
full list (CVE-2024-56566 bsc#1235033).
- commit fa88fa6
- Drivers: hv: util: Avoid accessing a ringbuffer not initialized
yet (git-fixes).
- tools: hv: change permissions of NetworkManager configuration
file (git-fixes).
- x86/hyperv: Fix hv tsc page based sched_clock for hibernation
(git-fixes).
- commit b596020
- soc: qcom: geni-se: Add M_TX_FIFO_NOT_EMPTY bit definition
(git-fixes).
- commit 01eee89
- zram: fix NULL pointer in comp_algorithm_show() (bsc#1234974
CVE-2024-53222).
- commit ddd5fff
- xhci: Add usb cold attach (CAS) as a reason to resume root hub
(git-fixes).
- commit 585f519
- slub: Replace cmpxchg_double() - KABI fix (bsc#1220773).
- commit 3c58884
- Bluetooth: RFCOMM: avoid leaving dangling sk pointer in
rfcomm_sock_alloc() (bsc#1235056 CVE-2024-56604).
- Bluetooth: Consolidate code around sk_alloc into a helper
function (bsc#1235056 CVE-2024-56604).
Refresh
patches.suse/Bluetooth-SCO-Fix-UAF-on-sco_sock_timeout.patch.
- commit 9ad4dd1
- RAS/AMD/ATL: Translate normalized to system physical addresses using PRM (jsc#PED-10467).
- commit eb8da28
- ACPI: PRM: Add PRM handler direct call support (jsc#PED-10467).
- commit bbc75ff
- serial: qcom-geni: introduce qcom_geni_serial_poll_bitfield()
(git-fixes).
- serial: qcom-geni: fix arg types for qcom_geni_serial_poll_bit()
(git-fixes).
- soc: qcom: geni-se: add GP_LENGTH/IRQ_EN_SET/IRQ_EN_CLEAR
registers (git-fixes).
- commit 89e9015
- serial: imx: only set receiver level if it is zero (git-fixes).
- serial: stm32: do not always set SER_RS485_RX_DURING_TX if
RS485 is enabled (git-fixes).
- commit f2c678b
- serial: qcom-geni: fix receiver enable (git-fixes).
- serial: qcom-geni: fix dma rx cancellation (git-fixes).
- serial: qcom-geni: fix shutdown race (git-fixes).
- serial: qcom-geni: revert broken hibernation support
(git-fixes).
- serial: qcom-geni: fix polled console initialisation
(git-fixes).
- serial: qcom-geni: fix polled console corruption (git-fixes).
- serial: qcom-geni: disable interrupts during console writes
(git-fixes).
- serial: qcom-geni: fix console corruption (git-fixes).
- serial: qcom-geni: fix false console tx restart (git-fixes).
- serial: qcom-geni: fix fifo polling timeout (git-fixes).
- serial: don't use uninitialized value in uart_poll_init()
(git-fixes).
- serial: qcom-geni: fix hard lockup on buffer flush (git-fixes).
- serial: qcom-geni: fix soft lockup on sw flow control and
suspend (git-fixes).
- serial: imx: set receiver level before starting uart
(git-fixes).
- serial: 8250_dw: Don't use struct dw8250_data outside of 8250_dw
(git-fixes).
- Refresh
patches.suse/serial-8250_dw-Add-Sophgo-SG2044-quirk.patch.
- serial: stm32: Return IRQ_NONE in the ISR if no handling happend
(git-fixes).
- serial: 8250_dw: Replace ACPI device check by a quirk
(git-fixes).
- serial: qcom-geni: Don't cancel/abort if we can't get the port
lock (git-fixes).
- serial: Do not hold the port lock when setting rx-during-tx GPIO
(git-fixes).
- tty: serial: kgdboc: Fix 8250_* kgdb over serial (git-fixes).
- hvc/xen: fix console unplug (git-fixes).
- hvc/xen: fix error path in xen_hvc_init() to always register
frontend driver (git-fixes).
- hvc/xen: fix event channel handling for secondary consoles
(git-fixes).
- commit 2277c72
- RDMA/rtrs: Ensure 'ib_sge list' is accessible (git-fixes)
- commit c3bd473
- RDMA/hns: Fix missing flush CQE for DWQE (git-fixes)
- commit a1a14cc
- RDMA/hns: Fix warning storm caused by invalid input in IO path (git-fixes)
- commit 953ada2
- RDMA/hns: Fix accessing invalid dip_ctx during destroying QP (git-fixes)
- commit e65781e
- RDMA/hns: Fix mapping error of zero-hop WQE buffer (git-fixes)
- commit 3c13231
- RDMA/bnxt_re: Fix the locking while accessing the QP table (git-fixes)
- commit ed2aacf
- RDMA/bnxt_re: Disable use of reserved wqes (git-fixes)
- commit 353c5fc
- RDMA/bnxt_re: Fix max_qp_wrs reported (git-fixes)
- commit aa6d51f
- RDMA/bnxt_re: Fix reporting hw_ver in query_device (git-fixes)
- commit fa157d3
- RDMA/bnxt_re: Add check for path mtu in modify_qp (git-fixes)
- commit c25c45b
- RDMA/bnxt_re: Fix the check for 9060 condition (git-fixes)
- commit 6ff31c0
- RDMA/core: Fix ENODEV error for iWARP test over vlan (git-fixes)
- commit 7974be7
- RDMA/bnxt_re: Avoid sending the modify QP workaround for latest adapters (git-fixes)
- commit 02a3ccc
- RDMA/bnxt_re: Avoid initializing the software queue for user queues (git-fixes)
- commit 3b41756
- RDMA/mlx5: Enforce same type port association for multiport RoCE (git-fixes)
- commit 1eb4b60
- RDMA/uverbs: Prevent integer overflow issue (git-fixes)
- commit d8e26f5
- RDMA/bnxt_re: Remove always true dattr validity check (git-fixes)
- commit 39ec21b
- sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket
(git-fixes).
- nfs: ignore SB_RDONLY when mounting nfs (git-fixes).
- NFSD: initialize copy->cp_clp early in nfsd4_copy for use by
trace point (git-fixes).
- commit f025866
- Refresh patches.suse/NFSv3-only-use-NFS-timeout-for-MOUNT-when-protocols-.patch.
Add upstream commit id.
- commit 4b11aed
- nfsd: fix UAF when access ex_uuid or ex_stats (CVE-2024-53216
bsc#1235003).
- SUNRPC: no need get cache ref when protected by rcu
(CVE-2024-53216 bsc#1235003).
- nfsd: no need get cache ref when protected by rcu
(CVE-2024-53216 bsc#1235003).
- SUNRPC: introduce cache_check_rcu to help check in rcu context
(CVE-2024-53216 bsc#1235003).
- commit 4d2bea1
- blacklist.conf:
- Delete
patches.suse/nfsd-release-svc_expkey-svc_export-with-rcu_work.patch.
This was reverted upstream. There is a better fix.
- commit 49617fd
- Delete patches.suse/drdb-Convert-to-use-bdev_open_by_path.patch.
See bsc#1234668. This backport did not copile correctly, and
needed too many other patches to work correctly, since it was
part of a larger series. So remove it.
- commit 7f1c582
- ALSA hda/realtek: Add quirk for Framework F111:000C
(stable-fixes).
- ALSA: seq: oss: Fix races at processing SysEx messages
(stable-fixes).
- ALSA: hda/realtek: Fix headset mic on Acer Nitro 5
(stable-fixes).
- commit d982feb
- wifi: cw1200: Fix potential NULL dereference (git-fixes).
- pinctrl: mcp23s08: Fix sleeping in atomic context due to regmap
locking (git-fixes).
- ALSA: seq: Check UMP support for midi_version change
(git-fixes).
- ALSA: usb-audio: US16x08: Initialize array before use
(git-fixes).
- drm: adv7511: Drop dsi single lane support (git-fixes).
- drm: adv7511: Fix use-after-free in adv7533_attach_dsi()
(git-fixes).
- drm/bridge: adv7511_audio: Update Audio InfoFrame properly
(git-fixes).
- drm/i915/dg1: Fix power gate sequence (git-fixes).
- commit f7b7a9b
- netfs/fscache: Add a memory barrier for FSCACHE_VOLUME_CREATING
(CVE-2024-56755 bsc#1234920).
- cachefiles: Fix NULL pointer dereference in object->file
(CVE-2024-56549 bsc#1234912).
- commit 785eb5b
- netfilter: ipset: add missing range check in bitmap_ip_uadt (CVE-2024-53141 bsc#1234381)
- commit 51ec3c0
- Update
patches.suse/ALSA-pcm-Add-sanity-NULL-check-for-the-default-mmap-.patch
(stable-fixes CVE-2024-53180 bsc#1234929).
- Update
patches.suse/ALSA-usb-audio-Fix-out-of-bounds-reads-when-finding-.patch
(stable-fixes CVE-2024-53150 bsc#1234834).
- Update patches.suse/Bluetooth-MGMT-Fix-possible-deadlocks.patch
(git-fixes CVE-2024-53207 bsc#1234907).
- Update
patches.suse/Bluetooth-MGMT-Fix-slab-use-after-free-Read-in-set_p.patch
(git-fixes CVE-2024-53208 bsc#1234909).
- Update
patches.suse/Bluetooth-fix-use-after-free-in-device_for_each_chil.patch
(git-fixes CVE-2024-53237 bsc#1235007).
- Update
patches.suse/Bluetooth-hci_event-Align-BR-EDR-JUST_WORKS-paring-w.patch
(git-fixes bsc#1230697 CVE-2024-8805 CVE-2024-53144
bsc#1234690).
- Update
patches.suse/NFSD-Prevent-NULL-dereference-in-nfsd4_process_cb_update.patch
(git-fixes CVE-2024-53217 bsc#1234999).
- Update
patches.suse/NFSD-Prevent-a-potential-integer-overflow.patch
(git-fixes CVE-2024-53146 bsc#1234853).
- Update
patches.suse/NFSv4.0-Fix-a-use-after-free-problem-in-the-asynchronous-open.patch
(git-fixes CVE-2024-53173 bsc#1234891).
- Update
patches.suse/RDMA-mlx5-Move-events-notifier-registration-to-be-af.patch
(git-fixes CVE-2024-53224 bsc#1235009).
- Update
patches.suse/RDMA-rxe-Fix-the-qp-flush-warnings-in-req.patch
(git-fixes CVE-2024-53229 bsc#1234905).
- Update
patches.suse/Revert-mmc-dw_mmc-Fix-IDMAC-operation-with-pages-big.patch
(git-fixes CVE-2024-53127 bsc#1234153).
- Update
patches.suse/SUNRPC-make-sure-cache-entry-active-before-cache_show.patch
(git-fixes CVE-2024-53174 bsc#1234899).
- Update
patches.suse/ad7780-fix-division-by-zero-in-ad7780_write_raw.patch
(git-fixes CVE-2024-56567 bsc#1234916).
- Update
patches.suse/blk-iocost-do-not-WARN-if-iocg-was-already-offlined.patch
(bsc#1234147 CVE-2024-36908 bsc#1225743).
- Update
patches.suse/block-bfq-fix-bfqq-uaf-in-bfq_limit_depth.patch
(bsc#1234160 CVE-2024-53166 bsc#1234884).
- Update
patches.suse/block-bfq-fix-uaf-for-accessing-waker_bfqq-after-spl.patch
(bsc#1234279 CVE-2024-49854 bsc#1232193).
- Update
patches.suse/bnxt_en-Fix-receive-ring-space-parameters-when-XDP-i.patch
(git-fixes CVE-2024-53209 bsc#1235002).
- Update
patches.suse/clk-clk-apple-nco-Add-NULL-check-in-applnco_probe.patch
(git-fixes CVE-2024-53154 bsc#1234826).
- Update
patches.suse/comedi-Flush-partial-mappings-in-error-case.patch
(git-fixes CVE-2024-53148 bsc#1234832).
- Update
patches.suse/crypto-caam-Fix-the-pointer-passed-to-caam_qi_shutdo.patch
(git-fixes CVE-2024-56754 bsc#1234918).
- Update
patches.suse/crypto-qat-qat_4xxx-fix-off-by-one-in-uof_get_name.patch
(git-fixes CVE-2024-53162 bsc#1234843).
- Update
patches.suse/drm-amd-display-Add-NULL-check-for-clk_mgr-in-dcn32_.patch
(stable-fixes CVE-2024-49915 bsc#1231963).
- Update
patches.suse/drm-amd-display-Avoid-overflow-assignment-in-link_dp.patch
(stable-fixes CVE-2024-50016 bsc#1232420).
- Update
patches.suse/drm-amd-display-Fix-null-check-for-pipe_ctx-plane_st-2bc96c9.patch
(git-fixes CVE-2024-53200 bsc#1234968).
- Update
patches.suse/drm-amd-display-Fix-null-check-for-pipe_ctx-plane_st.patch
(git-fixes CVE-2024-53201 bsc#1234969).
- Update
patches.suse/drm-i915-Fix-NULL-pointer-dereference-in-capture_eng.patch
(git-fixes CVE-2024-56667 bsc#1235016).
- Update
patches.suse/drm-nouveau-gr-gf100-Fix-missing-unlock-in-gf100_gr_.patch
(git-fixes CVE-2024-56752 bsc#1234937).
- Update
patches.suse/drm-rockchip-vop-Fix-a-dereferenced-before-check-war.patch
(git-fixes CVE-2024-53129 bsc#1234155).
- Update
patches.suse/filemap-Fix-bounds-checking-in-filemap_read.patch
(bsc#1234209 CVE-2024-50272 bsc#1233461).
- Update
patches.suse/firmware-arm_scpi-Check-the-DVFS-OPP-count-returned-.patch
(git-fixes CVE-2024-53157 bsc#1234827).
- Update
patches.suse/firmware_loader-Fix-possible-resource-leak-in-fw_log.patch
(git-fixes CVE-2024-53202 bsc#1234970).
- Update
patches.suse/hwmon-nct6775-core-Fix-overflows-seen-when-writing-l.patch
(git-fixes CVE-2024-53159 bsc#1234848).
- Update
patches.suse/i3c-master-Fix-miss-free-init_dyn_addr-at-i3c_master.patch
(git-fixes CVE-2024-56562 bsc#1234930).
- Update
patches.suse/kdb-Fix-buffer-overflow-during-tab-complete.patch
(bsc#1234652 CVE-2024-39480 bsc#1227445).
- Update
patches.suse/media-i2c-tc358743-Fix-crash-in-the-probe-error-path.patch
(git-fixes CVE-2024-56576 bsc#1235019).
- Update
patches.suse/mm-revert-mm-shmem-fix-data-race-in-shmem_getattr.patch
(CVE-2024-50228 bsc#1233204 git fixes (mm/shmem) CVE-2024-53136
bsc#1234161).
- Update
patches.suse/msft-hv-3081-hv_sock-Initializing-vsk-trans-to-NULL-to-prevent-a-.patch
(git-fixes CVE-2024-53103 bsc#1234024).
- Update
patches.suse/net-usb-lan78xx-Fix-double-free-issue-with-interrupt.patch
(git-fixes CVE-2024-53213 bsc#1234973).
- Update
patches.suse/nfsd-release-svc_expkey-svc_export-with-rcu_work.patch
(git-fixes CVE-2024-53216 bsc#1235003).
- Update
patches.suse/nvme-fabrics-fix-kernel-crash-while-shutting-down-co.patch
(git-fixes CVE-2024-53169 bsc#1234900).
- Update
patches.suse/nvme-pci-fix-freeing-of-the-HMB-descriptor-table.patch
(git-fixes CVE-2024-56756 bsc#1234922).
- Update
patches.suse/ocfs2-fix-uninitialized-value-in-ocfs2_file_read_iter.patch
(git-fixes CVE-2024-53155 bsc#1234855).
- Update
patches.suse/s390-iucv-MSG_PEEK-causes-memory-leak-in-iucv_sock_destruct.patch
(git-fixes CVE-2024-53210 bsc#1234971).
- Update patches.suse/smb-client-fix-UAF-in-async-decryption.patch
(bsc#1232418 (CVE-2024-50047) CVE-2024-50047).
- Update
patches.suse/soc-qcom-geni-se-fix-array-underflow-in-geni_se_clk_.patch
(git-fixes CVE-2024-53158 bsc#1234811).
- Update patches.suse/svcrdma-Address-an-integer-overflow.patch
(git-fixes CVE-2024-53151 bsc#1234829).
- Update
patches.suse/svcrdma-fix-miss-destroy-percpu_counter-in-svc_rdma_proc_init.patch
(git-fixes CVE-2024-53215 bsc#1234962).
- Update
patches.suse/tcp-Fix-use-after-free-of-nreq-in-reqsk_timer_handler.patch
(CVE-2024-50154 bsc#1233070 CVE-2024-53206 bsc#1234960).
- Update
patches.suse/ubifs-authentication-Fix-use-after-free-in-ubifs_tnc_end_commit.patch
(git-fixes CVE-2024-53171 bsc#1234889).
- Update patches.suse/vdpa-solidrun-Fix-UB-bug-with-devres.patch
(git-fixes CVE-2024-53126 bsc#1234158).
- Update patches.suse/wifi-ath12k-fix-crash-when-unbinding.patch
(git-fixes CVE-2024-53188 bsc#1234948).
- Update patches.suse/wifi-ath12k-fix-warning-when-unbinding.patch
(git-fixes CVE-2024-53191 bsc#1234952).
- Update
patches.suse/wifi-ath9k-add-range-check-for-conn_rsp_epid-in-htc_.patch
(git-fixes CVE-2024-53156 bsc#1234846).
- Update
patches.suse/wifi-cw1200-Fix-potential-NULL-dereference.patch
(git-fixes CVE-2024-56536 bsc#1234911).
- Update
patches.suse/wifi-mwifiex-Fix-memcpy-field-spanning-write-warning-d241a13.patch
(git-fixes CVE-2024-56539 bsc#1234963).
- Update
patches.suse/wifi-rtlwifi-Drastically-reduce-the-attempts-to-read.patch
(stable-fixes CVE-2024-53190 bsc#1234950).
- commit 525626c
- drm/amdkfd: pause autosuspend when creating pdd (stable-fixes).
- commit 22dc4b9
- ALSA: seq: ump: Fix seq port updates per FB info notify
(git-fixes).
- commit d51bef7
- drm/amdkfd: Use device based logging for errors (stable-fixes).
- commit bcbc5e4
- ALSA: seq: ump: Use automatic cleanup of kfree() (stable-fixes).
- Refresh
patches.suse/ALSA-seq-ump-Skip-useless-ports-for-static-blocks.patch.
- commit 013a8a9
- drm/dp_mst: Ensure mst_primary pointer is valid in
drm_dp_mst_handle_up_req() (stable-fixes).
- regmap: Use correct format specifier for logging range errors
(stable-fixes).
- platform/x86: asus-nb-wmi: Ignore unknown event 0xCF
(stable-fixes).
- ALSA: seq: ump: Use guard() for locking (stable-fixes).
- commit 19dff9a
- EDAC/bluefield: Fix potential integer overflow (CVE-2024-53161
bsc#1234856).
- commit 7e4b5c0
- ice: Unbind the workqueue (bsc#1234989)
- commit 0570b37
- swiotlb: Reinstate page-alignment for mappings >= PAGE_SIZE
(git-fixes).
- swiotlb: Enforce page alignment in swiotlb_alloc() (git-fixes).
- commit c0aa9ec
- rcu/kvfree: Fix data-race in __mod_timer / kvfree_call_rcu
(bsc#1234810 CVE-2024-53160).
- commit 94f148d
- io_uring: check if iowq is killed before queuing (git-fixes).
- io_uring: Fix registered ring file refcount leak (git-fixes).
- commit 3d9d45c
- io_uring: always lock __io_cqring_overflow_flush (git-fixes).
- io_uring/rw: avoid punting to io-wq directly (git-fixes).
- commit b99f1b6
- io_uring/tctx: work around xa_store() allocation error issue
(git-fixes).
- commit 38adcdb
- Drop recent ACPI fixes for kABI breakage
Deleted:
patches.suse/ACPI-x86-Make-UART-skip-quirks-work-on-PCI-UARTs-wit.patch
patches.suse/ACPI-x86-Move-acpi_quirk_skip_serdev_enumeration-out.patch
- commit c49880b
- wifi: mac80211: clean up 'ret' in sta_link_apply_parameters()
(stable-fixes).
- Refresh
patches.suse/wifi-mac80211-fix-station-NSS-capability-initializat.patch.
- commit 484b5d2
- serial: amba-pl011: Use port lock wrappers (stable-fixes).
- Refresh patches.suse/ARM-PL011-Fix-DMA-support.patch.
- commit acf4ef9
- power: supply: gpio-charger: Fix set charge current limits
(git-fixes).
- USB: serial: option: add Telit FE910C04 rmnet compositions
(stable-fixes).
- USB: serial: option: add MediaTek T7XX compositions
(stable-fixes).
- USB: serial: option: add Netprisma LCUK54 modules for WWAN Ready
(stable-fixes).
- USB: serial: option: add MeiG Smart SLM770A (stable-fixes).
- USB: serial: option: add TCL IK512 MBIM & ECM (stable-fixes).
- usb: dwc2: Fix HCD port connection race (git-fixes).
- usb: dwc2: hcd: Fix GetPortStatus & SetPortFeature (git-fixes).
- usb: dwc2: Fix HCD resume (git-fixes).
- usb: gadget: u_serial: Fix the issue that gs_start_io crashed
due to accessing null pointer (git-fixes).
- usb: dwc3: xilinx: make sure pipe clock is deselected in usb2
only mode (git-fixes).
- usb: typec: anx7411: fix OF node reference leaks in
anx7411_typec_switch_probe() (git-fixes).
- usb: typec: anx7411: fix fwnode_handle reference leak
(git-fixes).
- usb: host: max3421-hcd: Correctly abort a USB request
(git-fixes).
- usb: ehci-hcd: fix call balance of clocks handling routines
(git-fixes).
- spi: aspeed: Fix an error handling path in
aspeed_spi_[read|write]_user() (git-fixes).
- wifi: cfg80211: sme: init n_channels before channels[] access
(git-fixes).
- wifi: mac80211: init cnt before accessing elem in
ieee80211_copy_mbssid_beacon (git-fixes).
- rtc: cmos: avoid taking rtc_lock for extended period of time
(stable-fixes).
- serial: amba-pl011: fix build regression (git-fixes).
- serial: amba-pl011: Fix RX stall when DMA is used (git-fixes).
- serial: 8250_dw: Add Sophgo SG2044 quirk (stable-fixes).
- usb: dwc3: ep0: Don't clear ep0 DWC3_EP_TRANSFER_STARTED
(git-fixes).
- usb: chipidea: udc: handle USB Error Interrupt if IOC not set
(stable-fixes).
- pinmux: Use sequential access to access desc->pinmux data
(stable-fixes).
- thermal/drivers/qcom/tsens-v1: Add support for MSM8937 tsens
(stable-fixes).
- wifi: brcmfmac: Fix oops due to NULL pointer dereference in
brcmf_sdiod_sglist_rw() (stable-fixes).
- wifi: ipw2x00: libipw_rx_any(): fix bad alignment
(stable-fixes).
- wifi: rtw89: check return value of ieee80211_probereq_get()
for RNR (stable-fixes).
- soc: fsl: cpm1: qmc: Set the ret error code on
platform_get_irq() failure (git-fixes).
- soc: imx8m: Probe the SoC driver as platform driver
(stable-fixes).
- soc: fsl: cpm1: qmc: Introduce qmc_{init,exit}_xcc() and their
CPM1 version (stable-fixes).
- soc: fsl: cpm1: qmc: Introduce qmc_init_resource() and its
CPM1 version (stable-fixes).
- soc: fsl: cpm1: qmc: Re-order probe() operations (stable-fixes).
- soc: fsl: cpm1: qmc: Fix blank line and spaces (stable-fixes).
- usb: dwc3: ep0: Don't reset resource alloc flag (including ep0)
(git-fixes).
- usb: dwc2: gadget: Don't write invalid mapped sg entries into
dma_desc with iommu enabled (stable-fixes).
- usb: cdns3-ti: Add workaround for Errata i2409 (stable-fixes).
- usb: cdns3: Add quirk flag to enable suspend residency
(stable-fixes).
- usb: dwc3: ep0: Don't reset resource alloc flag (git-fixes).
- xhci: Allow RPM on the USB controller (1022:43f7) by default
(stable-fixes).
- usb: dwc3: gadget: Rewrite endpoint allocation flow
(stable-fixes).
- soc/fsl: cpm: qmc: Convert to platform remove callback returning
void (stable-fixes).
- commit 07f38d1
- PCI/MSI: Handle lack of irqdomain gracefully (git-fixes).
- i2c: microchip-core: fix "ghost" detections (git-fixes).
- i2c: microchip-core: actually use repeated sends (git-fixes).
- i2c: imx: add imx7d compatible string for applying erratum
ERR007805 (git-fixes).
- linux/dmaengine.h: fix a few kernel-doc warnings (git-fixes).
- phy: core: Fix an OF node refcount leakage in
of_phy_provider_lookup() (git-fixes).
- phy: core: Fix an OF node refcount leakage in _of_phy_get()
(git-fixes).
- phy: core: Fix that API devm_phy_destroy() fails to destroy
the phy (git-fixes).
- phy: core: Fix that API devm_of_phy_provider_unregister()
fails to unregister the phy provider (git-fixes).
- phy: core: Fix that API devm_phy_put() fails to release the phy
(git-fixes).
- phy: qcom-qmp: Fix register name in RX Lane config of SC8280XP
(git-fixes).
- phy: rockchip: naneng-combphy: fix phy reset (git-fixes).
- phy: usb: Toggle the PHY power during init (git-fixes).
- mtd: rawnand: arasan: Fix missing de-registration of NAND
(git-fixes).
- mtd: rawnand: arasan: Fix double assertion of chip-select
(git-fixes).
- mtd: diskonchip: Cast an operand to prevent potential overflow
(git-fixes).
- mtd: rawnand: fix double free in atmel_pmecc_create_user()
(git-fixes).
- of/irq: Fix using uninitialized variable @addr_len in API
of_irq_parse_one() (git-fixes).
- of: Fix refcount leakage for OF node returned by
__of_get_dma_parent() (git-fixes).
- of: Fix error path in of_parse_phandle_with_args_map()
(git-fixes).
- media: dvb-frontends: dib3000mb: fix uninit-value in
dib3000_write_reg (git-fixes).
- hwmon: (tmp513) Fix interpretation of values of Temperature
Result and Limit Registers (git-fixes).
- hwmon: (tmp513) Fix Current Register value interpretation
(git-fixes).
- hwmon: (tmp513) Fix interpretation of values of Shunt Voltage
and Limit Registers (git-fixes).
- i915/guc: Accumulate active runtime on gt reset (git-fixes).
- i915/guc: Ensure busyness counter increases motonically
(git-fixes).
- i915/guc: Reset engine utilization buffer before registration
(git-fixes).
- mmc: sdhci-tegra: Remove SDHCI_QUIRK_BROKEN_ADMA_ZEROLEN_DESC
quirk (git-fixes).
- i2c: riic: Always round-up when calculating bus period
(git-fixes).
- i2c: pnx: Fix timeout in wait functions (git-fixes).
- mmc: sdhci-pci: Add DMI quirk for missing CD GPIO on Vexia
Edu Atla 10 tablet (stable-fixes).
- PCI: vmd: Add DID 8086:B06F and 8086:B60B for Intel client SKUs
(stable-fixes).
- PCI: qcom: Add support for IPQ9574 (stable-fixes).
- PCI: Add ACS quirk for Wangxun FF5xxx NICs (stable-fixes).
- PCI: Detect and trust built-in Thunderbolt chips (stable-fixes).
- PCI: Add 'reset_subordinate' to reset hierarchy below bridge
(stable-fixes).
- PCI: vmd: Set devices to D0 before enabling PM L1 Substates
(stable-fixes).
- pinctrl: qcom: spmi-mpp: Add PM8937 compatible (stable-fixes).
- pinctrl: qcom-pmic-gpio: add support for PM8937 (stable-fixes).
- leds: class: Protect brightness_show() with led_cdev->led_access
mutex (stable-fixes).
- media: cx231xx: Add support for Dexatek USB Video Grabber
1d19:6108 (stable-fixes).
- media: uvcvideo: Add a quirk for the Kaiweets KTI-W02 infrared
camera (stable-fixes).
- media: uvcvideo: RealSense D421 Depth module metadata
(stable-fixes).
- mmc: mtk-sd: Fix MMC_CAP2_CRYPTO flag setting (git-fixes).
- mmc: mtk-sd: fix devm_clk_get_optional usage (stable-fixes).
- mmc: sdhci-esdhc-imx: enable quirks SDHCI_QUIRK_NO_LED
(stable-fixes).
- mmc: core: Add SD card quirk for broken poweroff notification
(stable-fixes).
- hwmon: (nct6775) Add 665-ACE/600M-CL to ASUS WMI monitoring list
(stable-fixes).
- of: address: Report error on resource bounds overflow
(stable-fixes).
- PCI/AER: Disable AER service on suspend (stable-fixes).
- PCI: Use preserve_config in place of pci_flags (stable-fixes).
- PCI: Add ACS quirk for Broadcom BCM5760X NIC (stable-fixes).
- hwmon: (tmp513) Use SI constants from units.h (stable-fixes).
- hwmon: (tmp513) Simplify with dev_err_probe() (stable-fixes).
- hwmon: (tmp513) Don't use "proxy" headers (stable-fixes).
- commit 5b99336
- drm/amdgpu: don't access invalid sched (git-fixes).
- drm/modes: Avoid divide by zero harder in drm_mode_vrefresh()
(stable-fixes).
- drm/panel: novatek-nt35950: fix return value check in
nt35950_probe() (git-fixes).
- drm/i915: Fix memory leak by correcting cache object name in
error handler (git-fixes).
- drm/i915: Fix NULL pointer dereference in capture_engine
(git-fixes).
- HID: magicmouse: Apple Magic Trackpad 2 USB-C driver support
(stable-fixes).
- gpio: grgpio: Add NULL check in grgpio_probe (git-fixes).
- gpio: grgpio: use a helper variable to store the address of
ofdev->dev (stable-fixes).
- commit caf7811
- dmaengine: tegra: Return correct DMA status when paused
(git-fixes).
- dmaengine: mv_xor: fix child node refcount handling in early
exit (git-fixes).
- dmaengine: apple-admac: Avoid accessing registers in probe
(git-fixes).
- dmaengine: dw: Select only supported masters for ACPI devices
(git-fixes).
- dmaengine: at_xdmac: avoid null_prt_deref in
at_xdmac_prep_dma_memset (git-fixes).
- amdgpu/uvd: get ring reference from rq scheduler (git-fixes).
- Documentation: PM: Clarify pm_runtime_resume_and_get() return
value (git-fixes).
- ACPICA: events/evxfregn: don't release the ContextMutex that
was never acquired (git-fixes).
- ACPI: resource: Fix memory resource type union access
(git-fixes).
- acpi: nfit: vmalloc-out-of-bounds Read in acpi_nfit_ctl
(git-fixes).
- ASoC: amd: yc: Fix the wrong return value (git-fixes).
- ALSA: usb-audio: Add implicit feedback quirk for Yamaha THR5
(stable-fixes).
- Bluetooth: hci_event: Fix using rcu_read_(un)lock while
iterating (git-fixes).
- drm/amdgpu/hdp5.2: do a posting read when flushing HDP
(stable-fixes).
- drm/dp_mst: Verify request type in the corresponding down
message reply (stable-fixes).
- drm/dp_mst: Fix MST sideband message body length check
(stable-fixes).
- dma-buf: fix dma_fence_array_signaled v4 (stable-fixes).
- drm/amdgpu/vcn: reset fw_shared when VCPU buffers corrupted
on vcn v4.0.3 (stable-fixes).
- ASoC: amd: yc: Add quirk for microphone on Lenovo Thinkpad
T14s Gen 6 21M1CTO1WW (stable-fixes).
- ASoC: amd: yc: fix internal mic on Redmi G 2022 (stable-fixes).
- driver core: fw_devlink: Stop trying to optimize cycle detection
logic (git-fixes).
- ACPI: x86: Clean up Asus entries in acpi_quirk_skip_dmi_ids[]
(stable-fixes).
- ACPI: x86: Add skip i2c clients quirk for Acer Iconia One 8
A1-840 (stable-fixes).
- drm/bridge: it6505: Fix inverted reset polarity (git-fixes).
- drm/amdgpu: set the right AMDGPU sg segment limitation
(stable-fixes).
- drm/amdgpu: skip amdgpu_device_cache_pci_state under sriov
(stable-fixes).
- drm/sched: memset() 'job' in drm_sched_job_init()
(stable-fixes).
- drm/panel: simple: Add Microchip AC69T88A LVDS Display panel
(stable-fixes).
- drm/amdgpu: refine error handling in amdgpu_ttm_tt_pin_userptr
(stable-fixes).
- drm/amdgpu: Dereference the ATCS ACPI buffer (stable-fixes).
- drm/amdgpu: clear RB_OVERFLOW bit when enabling interrupts
for vega20_ih (stable-fixes).
- drm/radeon/r600_cs: Fix possible int overflow in
r600_packet3_check() (stable-fixes).
- drm/display: Fix building with GCC 15 (stable-fixes).
- drm/mcde: Enable module autoloading (stable-fixes).
- drm/bridge: it6505: Enable module autoloading (stable-fixes).
- drm: panel-orientation-quirks: Add quirk for AYA NEO GEEK
(stable-fixes).
- drm: panel-orientation-quirks: Add quirk for AYA NEO Founder
edition (stable-fixes).
- drm: panel-orientation-quirks: Add quirk for AYA NEO 2 model
(stable-fixes).
- drm/vc4: hvs: Set AXI panic modes for the HVS (stable-fixes).
- drm/vc4: hdmi: Avoid log spam for audio start failure
(stable-fixes).
- ASoC: hdmi-codec: reorder channel allocation list
(stable-fixes).
- dma-debug: fix a possible deadlock on radix_lock (stable-fixes).
- Bluetooth: hci_core: Fix not checking skb length on
hci_acldata_packet (stable-fixes).
- Bluetooth: btusb: Add RTL8852BE device 0489:e123 to device
tables (stable-fixes).
- Bluetooth: L2CAP: do not leave dangling sk pointer on error
in l2cap_sock_create() (stable-fixes).
- ACPI: x86: Make UART skip quirks work on PCI UARTs without an
UID (stable-fixes).
- ASoC: Intel: sof_sdw: add quirk for Dell SKU 0B8C
(stable-fixes).
- ASoC: Intel: sof_sdw: fix jack detection on ADL-N variant RVP
(stable-fixes).
- drm/bridge: it6505: update usleep_range for RC circuit charge
time (stable-fixes).
- can: gs_usb: add VID/PID for Xylanta SAINT3 product family
(stable-fixes).
- driver core: Add FWLINK_FLAG_IGNORE to completely ignore a
fwnode link (stable-fixes).
- driver core: fw_devlink: Improve logs for cycle detection
(stable-fixes).
- Bluetooth: ISO: Reassociate a socket with an active BIS
(stable-fixes).
- commit e98af40
- exfat: ensure that ctime is updated whenever the mtime is
(git-fixes).
- commit c79a14e
- selftests/bpf: Test PROBE_MEM of VSYSCALL_ADDR on x86-64
(git-fixes).
- bpf, x86: Fix PROBE_MEM runtime load check (git-fixes).
- commit 2300edd
- bpf: verifier: prevent userspace memory access (git-fixes).
- commit d3fc797
- bpf: Check validity of link->type in bpf_link_show_fdinfo()
(bsc#1233772 CVE-2024-53099).
- commit 8a3e410
- x86/static-call: fix 32-bit build (git-fixes).
Branch maintainer: Fix git-fixes warning when merging backport of
upstream 0ef8047b737d.
We don't support 32bit but fix is innocuous so we may as well take
it vs blacklisting.
- commit 74a7f88
- nfsd: restore callback functionality for NFSv4.0 (git-fixes).
- commit 4f425ba
- jffs2: Fix rtime decompressor (git-fixes).
- commit 2f65fdf
- proc/softirqs: replace seq_printf with seq_put_decimal_ull_width
(git-fixes).
- commit 5dd7a98
- 9p: v9fs_fid_find: also lookup by inode if not found dentry
(git-fixes).
- commit 1b79331
- NFS/pnfs: Fix a live lock between recalled layouts and layoutget
(git-fixes).
- commit 996e161
- jffs2: Prevent rtime decompress memory corruption (git-fixes).
- commit cb042eb
- jfs: add a check to prevent array-index-out-of-bounds in
dbAdjTree (git-fixes).
- commit 25ee5c2
- jfs: fix array-index-out-of-bounds in jfs_readdir (git-fixes).
- commit 5229c06
- jfs: fix shift-out-of-bounds in dbSplit (git-fixes).
- commit 865ea26
- jfs: array-index-out-of-bounds fix in dtReadFirst (git-fixes).
- commit ed99429
- xfs: return from xfs_symlink_verify early on V4 filesystems
(git-fixes).
- commit 5b38871
- xfs: fix sb_spino_align checks for large fsblock sizes
(git-fixes).
- commit 241e030
- nilfs2: fix buffer head leaks in calls to truncate_inode_pages()
(git-fixes).
- commit 8d5832a
- nilfs2: prevent use of deleted inode (git-fixes).
- commit 73e5fc2
- wifi: ath5k: add PCI ID for Arcadyan devices (git-fixes).
- wifi: ath5k: add PCI ID for SX76X (git-fixes).
- genirq/irqdesc: Honor caller provided affinity in alloc_desc()
(git-fixes).
- genirq/cpuhotplug: Retry with cpu_online_mask when migration
fails (git-fixes).
- genirq/cpuhotplug: Skip suspended interrupts when restoring
affinity (git-fixes).
- irqflags: Explicitly ignore lockdep_hrtimer_exit() argument
(git-fixes).
- arch: consolidate arch_irq_work_raise prototypes (git-fixes).
- commit 8315804
- blk-cgroup: Fix UAF in blkcg_unpin_online() (bsc#1234726).
- commit b60b794
- af_unix: Call manage_oob() for every skb in
unix_stream_read_generic() (bsc#1234725).
- commit 03c4c99
- idpf: fix idpf_vc_core_init error path (CVE-2024-53064
bsc#1233558 bsc#1234464).
- commit a3dcc3f
- ACPI/HMAT: Move HMAT messages to pr_debug() (bsc#1234294)
- commit ca90bb6
- x86/xen: use new hypercall functions instead of hypercall page
(XSA-466 CVE-2024-53241 bsc#1234282).
- commit 6b3f759
- x86/xen: add central hypercall functions (XSA-466 CVE-2024-53241
bsc#1234282).
- commit 46aadaa
- x86/xen: don't do PV iret hypercall through hypercall page
(XSA-466 CVE-2024-53241 bsc#1234282).
- commit 65b9ccb
- x86/static-call: provide a way to do very early static-call
updates (XSA-466 CVE-2024-53241 bsc#1234282).
- commit ad3c5c8
- objtool/x86: allow syscall instruction (XSA-466 CVE-2024-53241
bsc#1234282).
- commit 05fb6a1
- x86: make get_cpu_vendor() accessible from Xen code (XSA-466
CVE-2024-53241 bsc#1234282).
- commit e26e99c
- xen/netfront: fix crash when removing device (XSA-465
CVE-2024-53240 bsc#1234281).
- commit a1f1eb9
- kdb: Use the passed prompt in kdb_position_cursor()
(bsc#1234654).
- commit c2f5353
- tpm_tis_spi: Release chip select when flow control fails (bsc#1234338)
- commit d89ca9b
- kdb: address -Wformat-security warnings (bsc#1234659).
- commit 4f4b3af
- kdb: Use format-specifiers rather than memset() for padding
in kdb_read() (bsc#1234658).
- commit 4289748
- kdb: Merge identical case statements in kdb_read()
(bsc#1234657).
- commit a8f379d
- kdb: Fix console handling when editing and tab-completing
commands (bsc#1234655).
- commit dfcc116
- kdb: Use format-strings rather than '\0' injection in kdb_read()
(bsc#1234654).
- commit 02dd473
- kdb: Fix buffer overflow during tab-complete (bsc#1234652).
- commit aa371d8
- kgdb: Flush console before entering kgdb on panic (bsc#1234651).
- commit 56f2413
- Update
patches.suse/Bluetooth-hci_event-Align-BR-EDR-JUST_WORKS-paring-w.patch
(git-fixes, bsc#1230697, CVE-2024-8805).
- commit c30f45f
- bpf: sync_linked_regs() must preserve subreg_def (bsc#1234156
CVE-2024-53125).
- commit 84688aa
- s390/cpum_sf: Remove WARN_ON_ONCE statements (git-fixes).
- commit aa00e1d
- s390/facility: Disable compile time optimization for
decompressor code (git-fixes).
- commit 0a4f48e
- s390/cpum_sf: Handle CPU hotplug remove during sampling
(git-fixes).
- commit 775e5ae
- s390/iucv: MSG_PEEK causes memory leak in iucv_sock_destruct()
(git-fixes).
- commit 7e74f7b
- s390/pageattr: Implement missing kernel_page_present()
(git-fixes).
- commit 566fa19
- s390/cio: Do not unregister the subchannel based on DNV
(git-fixes).
- commit 1c87aa1
- net: Make copy_safe_from_sockptr() match documentation
(git-fixes CVE-2024-36915 bsc#1225758).
- commit 169ff54
- IB/mlx5: Allocate resources just before first QP/SRQ is created (git-fixes)
Refresh patches.suse/RDMA-mlx5-Move-events-notifier-registration-to-be-af.patch
- commit 1acdd4a
- arm64: Ensure bits ASID[15:8] are masked out when the kernel uses (bsc#1234605)
- commit ac850b9
- autofs: fix memory leak of waitqueues in autofs_catatonic_mode
(git-fixes).
- Refresh
patches.suse/autofs-use-wake_up-instead-of-wake_up_interruptible.patch.
- commit 232ce22
- Delete patches.suse/NFSD-Convert-the-callback-workqueue-to-use-delayed_w.patch. (bsc#1233837)
- Delete patches.suse/NFSD-Reschedule-CB-operations-when-backchannel-rpc_c.patch. (bsc#1233837)
- commit 5e13c63
- Update references for patches.suse/net-mlx5e-CT-Fix-null-ptr-deref-in-add-rule-err-flow.patch (CVE-2024-53120 bsc#1234075 git-fixes).
- commit 76825cc
- kabi/severities: make vcap_find_actionfield PASS (bsc#1220773)
- commit 9b653b7
- locking/atomic/x86: Correct the definition of __arch_try_cmpxchg128() (bsc#1220773 git-fix).
- commit 60d5cb5
- parisc: Raise minimal GCC version to 12.0.0 (bsc#1220773 git-fix).
- commit 99aca5f
- percpu: Fix self-assignment of __old in raw_cpu_generic_try_cmpxchg() (bsc#1220773 git-fix).
- commit ceecf8a
- rpm/kernel-binary.spec.in: fix KMPs build on 6.13+ (bsc#1234454)
Upstream commit 822b11a74ba2 (kbuild: use absolute path in the generated
wrapper Makefile) sets also KBUILD_OUTPUT in objdir's Makefile before
including srcdir's Makefile.
So emulate this too, otherwise KMPs fail to build:
/usr/src/linux-6.13.0-rc2-1.gf92fc5d/Makefile:782: /usr/src/linux-6.13.0-rc2-1.gf92fc5d/include/config/auto.conf: No such file or directory
- commit 46168e5
- Bluetooth: SCO: Add support for 16 bits transparent voice
setting (git-fixes).
- Bluetooth: iso: Fix recursive locking warning (git-fixes).
- batman-adv: Do not let TT changes list grows indefinitely
(git-fixes).
- batman-adv: Remove uninitialized data in full table TT response
(git-fixes).
- batman-adv: Do not send uninitialized TT changes (git-fixes).
- wifi: mac80211: fix station NSS capability initialization order
(git-fixes).
- wifi: nl80211: fix NL80211_ATTR_MLO_LINK_ID off-by-one
(git-fixes).
- commit 54fd934
- vsock: fix recursive ->recvmsg calls (CVE-2024-44996 bsc#1230205)
- commit d60b119
- bpf: Fix out-of-bounds write in trie_get_next_key() (CVE-2024-50262 bsc#1233239)
- commit 31aa98f
- Update references for patches.suse/bpf-arm64-Fix-address-emission-with-tag-based-KASAN-enabled.patch (CVE-2024-50203 bsc#1233328 git-fixes)
- commit 6ae65a2
- pmdomain: imx93-blk-ctrl: correct remove path (CVE-2024-53134 bsc#1234159)
- commit 3b944bf
- mptcp: cope racing subflow creation in mptcp_rcv_space_adjust (CVE-2024-53122 bsc#1234076)
- commit 129e03d
- virtio/vsock: Improve MSG_ZEROCOPY error handling (CVE-2024-53117 bsc#1234079)
- commit 827fecc
- virtio/vsock: Fix accept_queue memory leak (CVE-2024-53119 bsc#1234073)
- commit 506378c
- vsock: Fix sk_error_queue memory leak (CVE-2024-53118 bsc#1234071)
- commit 0bc6237
- drm/i915/hdcp: Add encoder check in hdcp2_get_capability (CVE-2024-53050 bsc#1233546)
- commit 410a89a
- scsi: mpt3sas: Diag-Reset when Doorbell-In-Use bit is set
during driver load time (jsc#PED-11253).
- commit d0fd569
- iommu/io-pgtable-arm: Fix stage-2 map/unmap for concatenated
tables (git-fixes).
- commit 0c9ae1f
- xfs: remove unknown compat feature check in superblock write
validation (git-fixes).
- commit 6933b9b
- xfs: sb_spino_align is not verified (git-fixes).
- commit de8458a
- xfs: don't allocate COW extents when unsharing a hole
(git-fixes).
- commit 3a93bda
- ocfs2: free inode when ocfs2_get_init_inode() fails (git-fixes).
- commit 04cafb7
- ocfs2: fix uninitialized value in ocfs2_file_read_iter()
(git-fixes).
- commit e44ccda
- nilfs2: fix potential out-of-bounds memory access in
nilfs_find_entry() (git-fixes).
- commit cb9e5a0
- jffs2: fix use of uninitialized variable (git-fixes).
- commit 63ec3f3
- ubifs: authentication: Fix use-after-free in
ubifs_tnc_end_commit (git-fixes).
- commit 7f48142
- ubifs: Correct the total block count by deducting journal
reservation (git-fixes).
- commit 3145547
- igb: Fix potential invalid memory access in igb_init_module()
(git-fixes).
- ixgbe: downgrade logging of unsupported VF API version to debug
(git-fixes).
- ixgbevf: stop attempting IPSEC offload on Mailbox API 1.5
(git-fixes).
- ice: fix PHY Clock Recovery availability check (git-fixes).
- net/mlx5e: Remove workaround to avoid syndrome for internal port
(git-fixes).
- net/qed: allow old cards not supporting "num_images" to work
(git-fixes).
- bnxt_en: Fix receive ring space parameters when XDP is active
(git-fixes).
- bnxt_en: Set backplane link modes correctly for ethtool
(git-fixes).
- bnxt_en: Reserve rings after PCIe AER recovery if NIC interface
is down (git-fixes).
- vdpa/mlx5: Fix suboptimal range on iotlb iteration (git-fixes).
- i40e: Fix handling changed priv flags (git-fixes).
- ice: consistently use q_idx in ice_vc_cfg_qs_msg() (git-fixes).
- Revert "igb: Disable threaded IRQ for igb_msix_other"
(git-fixes).
- net/mlx5e: CT: Fix null-ptr-deref in add rule err flow
(git-fixes).
- net/mlx5e: clear xdp features on non-uplink representors
(git-fixes).
- vdpa/mlx5: Fix PA offset with unaligned starting iotlb map
(git-fixes).
- vDPA/ifcvf: Fix pci_read_config_byte() return code handling
(git-fixes).
- vdpa: solidrun: Fix UB bug with devres (git-fixes).
- drivers: net: ionic: add missed debugfs cleanup to ionic_probe()
error path (git-fixes).
- ice: change q_index variable type to s16 to store -1 value
(git-fixes).
- Octeontx2-pf: Free send queue buffers incase of leaf to inner
(git-fixes).
- devlink: Fix length of eswitch inline-mode (git-fixes).
- net: Return error from sk_stream_wait_connect() if
sk_wait_event() fails (git-fixes).
- commit fa15ce4
- erofs: avoid debugging output for (de)compressed data
(git-fixes).
- commit 3480b45
- NFSD: Fix nfsd4_shutdown_copy() (git-fixes).
- commit a4ffb65
- NFSD: Async COPY result needs to return a write verifier
(git-fixes).
- commit e395e20
- sunrpc: handle -ENOTCONN in xs_tcp_setup_socket() (git-fixes).
- commit 4da96b5
- svcrdma: Address an integer overflow (git-fixes).
- commit b19353d
- NFSD: Remove a never-true comparison (git-fixes).
- commit 931734c
- NFSD: Prevent NULL dereference in nfsd4_process_cb_update()
(git-fixes).
- commit ea6cf72
- NFSD: Cap the number of bytes copied by nfs4_reset_recoverydir()
(git-fixes).
- commit 046d0f2
- nfsd: make sure exp active before svc_export_show (git-fixes).
- commit 2126f12
- nfsd: release svc_expkey/svc_export with rcu_work (git-fixes).
- commit e769a61
- svcrdma: fix miss destroy percpu_counter in svc_rdma_proc_init()
(git-fixes).
- commit e0af091
- NFSv4.0: Fix a use-after-free problem in the asynchronous open()
(git-fixes).
- commit 9d06142
- SUNRPC: timeout and cancel TLS handshake with -ETIMEDOUT
(git-fixes).
- commit 6f9adf8
- sunrpc: clear XPRT_SOCK_UPD_TIMEOUT when reset transport
(git-fixes).
- commit 053db51
- nfsd: fix nfs4_openowner leak when concurrent nfsd4_open occur
(git-fixes).
- commit 2eafa33
- SUNRPC: make sure cache entry active before cache_show
(git-fixes).
- commit 8e9b27b
- NFSD: Prevent a potential integer overflow (git-fixes).
- commit 1b6cbfa
- exfat: fix uninit-value in __exfat_get_dentry_set (git-fixes).
- commit 6f6d820
- hfsplus: don't query the device logical block size multiple
times (git-fixes).
- commit 163ca69
- afs: Fix missing subdir edit when renamed between parent dirs
(git-fixes).
- commit f215f1c
- afs: Automatically generate trace tag enums (git-fixes).
- commit 6c948f0
- jfs: xattr: check invalid xattr size more strictly (git-fixes).
- commit 74de9a6
- drm/amd/display: Add HDR workaround for specific eDP
(stable-fixes).
- commit 343cf80
- drm/amd/display: Allow backlight to go below
`AMDGPU_DM_DEFAULT_MIN_BACKLIGHT` (stable-fixes).
- drm/amdkfd: Fix resource leak in criu restore queue
(stable-fixes).
- drm/amdgpu: enable gfxoff quirk on HP 705G4 (stable-fixes).
- drm/amdgpu: add raven1 gfxoff quirk (stable-fixes).
- drm/amdgpu/gfx10: use rlc safe mode for soft recovery
(stable-fixes).
- drm/amdgpu/gfx11: use rlc safe mode for soft recovery
(stable-fixes).
- drm/amd/display: Fix Synaptics Cascaded Panamera DSC
Determination (stable-fixes).
- drm/printer: Allow NULL data in devcoredump printer
(stable-fixes).
- drm/amdgpu/gfx9: use rlc safe mode for soft recovery
(stable-fixes).
- drm/amdgpu: Block MMR_READ IOCTL in reset (stable-fixes).
- drm/radeon/r100: Handle unknown family in
r100_cp_init_microcode() (stable-fixes).
- drm/amdgpu: fix unchecked return value warning for amdgpu_gfx
(stable-fixes).
- drm/amd/display: Revert Avoid overflow assignment
(stable-fixes).
- drm/amd/display: Use gpuvm_min_page_size_kbytes for DML2
surfaces (stable-fixes).
- drm/amd/display: Avoid overflow assignment in link_dp_cts
(stable-fixes).
- drm/amdgpu/gfx9: properly handle error ints on all pipes
(stable-fixes).
- drm/nouveau/gsp: Use the sg allocator for level 2 of radix3
(stable-fixes).
- drm/amdgpu/umsch: don't execute umsch test when GPU is in
reset/suspend (stable-fixes).
- drm/amdgpu/pm: Remove gpu_od if it's an empty directory
(stable-fixes).
- drm/amdgpu: differentiate external rev id for gfx 11.5.0
(stable-fixes).
- drm/amd/pm: fix the high voltage issue after unload
(stable-fixes).
- drm/amdgpu: add smu 14.0.1 discovery support (stable-fixes).
- drm/amdgpu/umsch: reinitialize write pointer in hw init
(stable-fixes).
- commit f0f6440
- Add already cherry-picked ids to AMDGPU patch
- commit bf5122e
- Revert "unicode: Don't special case ignorable code points"
(stable-fixes).
- crypto: x86/sha256 - Add parentheses around macros' single
arguments (stable-fixes).
- crypto: qat - disable IOV in adf_dev_stop() (git-fixes).
- accel/habanalabs: fix debugfs files permissions (stable-fixes).
- accel/habanalabs: increase HL_MAX_STR to 64 bytes to avoid
warnings (stable-fixes).
- accel/habanalabs: export dma-buf only if size/offset multiples
of PAGE_SIZE (stable-fixes).
- accel/habanalabs/gaudi2: unsecure tpc count registers
(stable-fixes).
- commit 64f4d90
- netfilter: nf_reject_ipv6: fix potential crash in
nf_send_reset6() (CVE-2024-50256 bsc#1233200).
- net: napi: Prevent overflow of napi_defer_hard_irqs
(CVE-2024-50018 bsc#1232419).
- commit bb4ef32
- net: preserve kabi for napi_struct and net_device
(CVE-2024-50018 bsc#1232419).
- commit 8d46390
- Refresh
patches.suse/block-sed-opal-add-ioctl-ioc_opal_set_sid_pw.patch.
- commit 85490e8
- Move kABI workaround patch to correct folder
- commit 3c8636b
- afs: Fix lock recursion (bsc#1233637 CVE-2024-53090).
- commit 5df3cda
- nilfs2: propagate directory read errors from nilfs_find_entry()
(bsc#1233324 CVE-2024-50202).
- commit 3d85d69
- dm cache: fix potential out-of-bounds access on the first resume
(bsc#1233467, CVE-2024-50278).
- dm cache: optimize dirty bit checking with find_next_bit when
resizing (bsc#1233467, CVE-2024-50278).
- dm cache: fix flushing uninitialized delayed_work on cache_ctr
error (bsc#1233467, CVE-2024-50278, bsc#1233469, CVE-2024-50280).
- dm cache: correct the number of origin blocks to match the
target length (bsc#1233467, CVE-2024-50278).
- commit 44af9e6
- Update References: field,
patches.suse/dm-cache-fix-out-of-bounds-access-to-the-dirty-bitset-when-resizing.patch
(bsc#1233467, bsc#1233468, CVE-2024-50278, CVE-2024-50279).
- commit c98dcb1
- netfilter: nf_tables: prefer nft_chain_validate (CVE-2024-41042
bsc#1228526).
- commit 2eab656
- Delete
patches.suse/smb-client-Fix-use-after-free-of-network-namespace-.patch
(bsc#1233642 CVE-2024-53095).
[hcarvalho: revert because the fix is incomplete. The patch fixes UAF of
network namespace but causes in another UAF (of the socket) when the
cifs module is removed].
- commit 928bab1
- kABI fix for netfilter: bridge: replace physindev with physinif
in nf_bridge_info (CVE-2024-35839 bsc#1224726).
- commit cf24c71
- PCI: Add T_PERST_CLK_US macro (git-fixes).
- PCI: j721e: Add suspend and resume support (git-fixes).
- PCI: j721e: Use T_PERST_CLK_US macro (git-fixes).
- Refresh
patches.suse/PCI-j721e-Deassert-PERST-after-a-delay-of-PCIE_T_PVP.patch.
- commit 48f05ae
- dmaengine: idxd: Check for driver name match before sva user
feature (bsc#1234357).
- commit 2a8f3bf
- tpm/eventlog: Limit memory allocations for event logs with
excessive size (bsc#1233260 bsc#1233259 bsc#1232421).
- commit 9c38d71
- Move upstreamed sound patches into sorted section
- commit 8c19caa
- netfilter: bridge: replace physindev with physinif in
nf_bridge_info (CVE-2024-35839 bsc#1224726).
- netfilter: propagate net to nf_bridge_get_physindev
(CVE-2024-35839 bsc#1224726).
- netfilter: nf_queue: remove excess nf_bridge variable
(CVE-2024-35839 bsc#1224726).
- netfilter: nfnetlink_log: use proper helper for fetching
physinif (CVE-2024-35839 bsc#1224726).
- commit bcdb77b
- netfilter: nf_tables: use timestamp to check for set element
timeout (CVE-2024-27397 bsc#1224095).
- netfilter: nft_set_rbtree: .deactivate fails if element has
expired (CVE-2024-27397 bsc#1224095).
- commit 7c6b7ec
- kABI workaround for struct drm_dp_mst_topology_mgr (git-fixes).
- commit 9d1af7b
- drm/dp_mst: Fix resetting msg rx state after topology removal
(git-fixes).
- ALSA: usb-audio: Notify xrun for low-latency mode (git-fixes).
- commit 4cb8f05
- drm/amdgpu: prevent BO_HANDLES error from being overwritten
(git-fixes).
- commit c78cf7d
- platform/x86: thinkpad_acpi: Fix for ThinkPad's with ECFW
showing incorrect fan speed (stable-fixes).
- commit 16ab399
- serial: 8250_fintek: Add support for F81216E (stable-fixes).
- drm/amdgpu: fix usage slab after free (stable-fixes).
- drm/amdkfd: Use the correct wptr size (stable-fixes).
- drm/radeon: Fix spurious unplug event on radeon HDMI
(git-fixes).
- drm/amd/pm: update current_socclk and current_uclk in
gpu_metrics on smu v13.0.7 (stable-fixes).
- ASoC: amd: yc: Add a quirk for microfone on Lenovo ThinkPad
P14s Gen 5 21MES00B00 (stable-fixes).
- counter: ti-ecap-capture: Add check for clk_enable()
(git-fixes).
- counter: stm32-timer-cnt: Add check for clk_enable()
(git-fixes).
- Bluetooth: MGMT: Fix possible deadlocks (git-fixes).
- PCI: Fix use-after-free of slot->bus on hot remove
(stable-fixes).
- checkpatch: always parse orig_commit in fixes tag (git-fixes).
- mtd: hyperbus: rpc-if: Add missing MODULE_DEVICE_TABLE
(git-fixes).
- mfd: intel_soc_pmic_bxtwc: Use IRQ domain for PMIC devices
(git-fixes).
- mfd: intel_soc_pmic_bxtwc: Use IRQ domain for TMU device
(git-fixes).
- mfd: intel_soc_pmic_bxtwc: Use IRQ domain for USB Type-C device
(git-fixes).
- mfd: da9052-spi: Change read-mask to write-mask (git-fixes).
- drm/etnaviv: flush shader L1 cache after user commandstream
(stable-fixes).
- Bluetooth: Fix type of len in rfcomm_sock_getsockopt{,_old}()
(stable-fixes).
- wifi: rtlwifi: Drastically reduce the attempts to read efuse
in case of failures (stable-fixes).
- clocksource/drivers/timer-ti-dm: Fix child node refcount
handling (git-fixes).
- clocksource/drivers:sp804: Make user selectable (git-fixes).
- hwmon: (pmbus/core) clear faults after setting smbalert mask
(git-fixes).
- drm: panel-orientation-quirks: Make Lenovo Yoga Tab 3 X90F
DMI match less strict (stable-fixes).
- regulator: rk808: Add apply_bit for BUCK3 on RK809
(stable-fixes).
- can: j1939: fix error in J1939 documentation (stable-fixes).
- platform/x86: dell-wmi-base: Handle META key Lock/Unlock events
(stable-fixes).
- platform/x86: dell-smbios-base: Extends support to Alienware
products (stable-fixes).
- soc: qcom: socinfo: fix revision check in qcom_socinfo_probe()
(git-fixes).
- soc: qcom: Add check devm_kasprintf() returned value
(stable-fixes).
- firmware: arm_scmi: Reject clear channel request on A2P
(stable-fixes).
- usb: typec: use cleanup facility for 'altmodes_node'
(stable-fixes).
- mac80211: fix user-power when emulating chanctx (stable-fixes).
- wifi: iwlwifi: mvm: Use the sync timepoint API in suspend
(stable-fixes).
- net: usb: qmi_wwan: add Quectel RG650V (stable-fixes).
- usb: add support for new USB device ID 0x17EF:0x3098 for the
r8152 driver (stable-fixes).
- PCI: j721e: Add reset GPIO to struct j721e_pcie (stable-fixes).
- PCI: cadence: Set cdns_pcie_host_init() global (stable-fixes).
- PCI: cadence: Extract link setup sequence from
cdns_pcie_host_setup() (stable-fixes).
- PCI: cpqphp: Use PCI_POSSIBLE_ERROR() to check config reads
(stable-fixes).
- drm/amd/display: Add NULL check for clk_mgr in dcn32_init_hw
(stable-fixes).
- drm/amdgpu: disallow multiple BO_HANDLES chunks in one submit
(stable-fixes).
- drm/radeon: change rdev->ddev to rdev_to_drm(rdev)
(stable-fixes).
- drm/radeon: add helper rdev_to_drm(rdev) (stable-fixes).
- checkpatch: check for missing Fixes tags (stable-fixes).
- hwmon: (pmbus_core) Allow to hook PMBUS_SMBALERT_MASK
(stable-fixes).
- PCI: j721e: Add PCIe 4x lane selection support (stable-fixes).
- PCI: j721e: Add per platform maximum lane settings
(stable-fixes).
- mtd: hyperbus: rpc-if: Convert to platform remove callback
returning void (stable-fixes).
- commit c2f6105
- nilfs2: fix null-ptr-deref in block_dirty_buffer tracepoint
(bsc#1234219 CVE-2024-53130).
- commit c6f7b3e
- nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint
(bsc#1234220 CVE-2024-53131).
- commit 6de8c49
- Update tags in
patches.suse/udf-refactor-inode_bmap-to-handle-error.patch
(bsc#1234242 bsc#1233096 CVE-2024-50211).
- commit 18aa07e
- Update tags in:
patches.suse/udf-fix-uninit-value-use-in-udf_get_fileshortad.patch
(bsc#1234243 bsc#1233038 CVE-2024-50143).
- commit 420cdda
- mm: fix NULL pointer dereference in alloc_pages_bulk_noprof
(CVE-2024-53113 bsc#1234077).
- commit 0c80b5e
- mm/mremap: fix address wraparound in move_page_tables()
(CVE-2024-53111 bsc#1234086).
- commit 85bf967
- mm: page_alloc: move mlocked flag clearance into
free_pages_prepare() (CVE-2024-53105 bsc#1234069).
- commit d988d1d
- kABI: Restore deleted EXPORT_SYMBOL(__qdisc_calculate_pkt_len)
(CVE-2024-50039 bsc#1231909).
- commit cc27caf
- net/ipv6: release expired exception dst cached in socket
(bsc#1216813).
- commit 138c9d6
- Update
patches.suse/initramfs-avoid-filename-buffer-overrun.patch
(CVE-2024-53142 bsc#1232436).
- commit d5d0ad8
- drm/amd/display: Handle dml allocation failure to avoid crash (bsc#1234221 CVE-2024-53133)
Added an additional fixes tag refering to commit abd26a3252cb ("drm/amd/display:
Add dml2 copy functions").
- commit 100a7fa
- net/sched: accept TCA_STAB only for root qdisc (CVE-2024-50039
bsc#1231909).
- commit 72cfcc2
- sched/numa: fix memory leak due to the overwritten
vma->numab_state (git fixes (sched/numa)).
- commit 639ae96
- netfilter: nft_set_pipapo: do not free live element
(CVE-2024-26924 bsc#1223387).
- commit e933c39
- net: bridge: mcast: wait for previous gc cycles when removing
port (CVE-2024-44934 bsc#1229809).
- commit 4999b27
- scsi: storvsc: Do not flag MAINTENANCE_IN return of
SRB_STATUS_DATA_OVERRUN as an error (git-fixes).
- net :mana :Request a V2 response version for MANA_QUERY_GF_STAT
(git-fixes).
- commit 5ae2067
- iio: magnetometer: yas530: use signed integer type for clamp
limits (git-fixes).
- scatterlist: fix incorrect func name in kernel-doc (git-fixes).
- kasan: make report_lock a raw spinlock (git-fixes).
- commit c03eb5e
- krb5
-
- Prevent overflow when calculating ulog block size. An authenticated
attacker can cause kadmind to write beyond the end of the mapped
region for the iprop log file, likely causing a process crash;
(CVE-2025-24528); (bsc#1236619).
- Add patch 0012-Prevent-overflow-when-calculating-ulog-block-size.patch
- augeas
-
- Add patch, fix for bsc#1239909 / CVE-2025-2588:
* CVE-2025-2588.patch
- expat
-
- version update to 2.7.1
Bug fixes:
[#980] #989 Restore event pointer behavior from Expat 2.6.4
(that the fix to CVE-2024-8176 changed in 2.7.0);
affected API functions are:
- XML_GetCurrentByteCount
- XML_GetCurrentByteIndex
- XML_GetCurrentColumnNumber
- XML_GetCurrentLineNumber
- XML_GetInputContext
Other changes:
[#976] #977 Autotools: Integrate files "fuzz/xml_lpm_fuzzer.{cpp,proto}"
with Automake that were missing from 2.7.0 release tarballs
[#983] #984 Fix printf format specifiers for 32bit Emscripten
[#992] docs: Promote OpenSSF Best Practices self-certification
[#978] tests/benchmark: Resolve mistaken double close
[#986] Address compiler warnings
[#990] #993 Version info bumped from 11:1:10 (libexpat*.so.1.10.1)
to 11:2:10 (libexpat*.so.1.10.2); see https://verbump.de/
for what these numbers do
Infrastructure:
[#982] CI: Start running Perl XML::Parser integration tests
[#987] CI: Enforce Clang Static Analyzer clean code
[#991] CI: Re-enable warning clang-analyzer-valist.Uninitialized
for clang-tidy
[#981] CI: Cover compilation with musl
[#983] #984 CI: Cover compilation with 32bit Emscripten
[#976] #977 CI: Protect against fuzzer files missing from future
release archives
- version update to 2.7.0 for SLFO-1.1
- deleted patches
- expat-CVE-2024-45490.patch (upstreamed)
- expat-CVE-2024-45491.patch (upstreamed)
- expat-CVE-2024-45492.patch (upstreamed)
- expat-CVE-2024-28757.patch (upstreamed)
- expat-CVE-2024-50602.patch (upstreamed)
- expat-fix-minicheck.patch (upstreamed)
- version update to 2.7.0 (CVE-2024-8176 [bsc#1239618])
* Security fixes:
[#893] #973 CVE-2024-8176 -- Fix crash from chaining a large number
of entities caused by stack overflow by resolving use of
recursion, for all three uses of entities:
- general entities in character data ("<e>&g1;</e>")
- general entities in attribute values ("<e k1='&g1;'/>")
- parameter entities ("%p1;")
Known impact is (reliable and easy) denial of service:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:O/RC:C
(Base Score: 7.5, Temporal Score: 7.2)
Please note that a layer of compression around XML can
significantly reduce the minimum attack payload size.
* Other changes:
[#935] #937 Autotools: Make generated CMake files look for
libexpat.@SO_MAJOR@.dylib on macOS
[#925] Autotools: Sync CMake templates with CMake 3.29
[#945] #962 #966 CMake: Drop support for CMake <3.13
[#942] CMake: Small fuzzing related improvements
[#921] docs: Add missing documentation of error code
XML_ERROR_NOT_STARTED that was introduced with 2.6.4
[#941] docs: Document need for C++11 compiler for use from C++
[#959] tests/benchmark: Fix a (harmless) TOCTTOU
[#944] Windows: Fix installer target location of file xmlwf.xml
for CMake
[#953] Windows: Address warning -Wunknown-warning-option
about -Wno-pedantic-ms-format from LLVM MinGW
[#971] Address Cppcheck warnings
[#969] #970 Mass-migrate links from http:// to https://
[#947] #958 ..
[#974] #975 Document changes since the previous release
[#974] #975 Version info bumped from 11:0:10 (libexpat*.so.1.10.0)
to 11:1:10 (libexpat*.so.1.10.1); see https://verbump.de/
for what these numbers do
- no source changes, just adding jira reference: jsc#SLE-21253
- libxslt
-
- Security fixes:
* Fix use-after-free of XPath context node [bsc#1239625, CVE-2025-24855]
* Fix UAF related to excluded namespaces [bsc#1239637, CVE-2024-55549]
* Make generate-id() deterministic [bsc#1238591, CVE-2023-40403]
Just adding the reference here as this CVE was already fixed
in 0009-Make-generate-id-deterministic.patch
* Add patches:
- libxslt-CVE-2024-55549.patch
- libxslt-CVE-2025-24855.patch
- mozilla-nss
-
- Updated nss-fips-approved-crypto-non-ec.patch to not pass in
bad targetKeyLength parameters when checking for FIPS approval
after keygen. This was causing false rejections.
- Updated nss-fips-approved-crypto-non-ec.patch to approve
RSA signature verification mechanisms with PKCS padding and
legacy moduli (bsc#1222834).
- Updated nss-fips-approved-crypto-non-ec.patch to enforce
approved curves with the CKK_EC_MONTGOMERY key type (bsc#1224113).
- freetype2
-
- update to 2.13.2:
* Some fields in the `FT_Outline` structure have been changed
from signed to unsigned type, which better reflects the actual
usage. It is also an additional means to protect against
malformed input.
* Rare double-free crashes in the cache subsystem have been fixed.
* Excessive stack allocation in the autohinter has been fixed.
* The B/W rasterizer has received a major upkeep that results in
large performance improvements. The rendering speed has
increased and even doubled for very complex glyphs.
- gnutls
-
- Security fix [bsc#1236974, CVE-2024-12243]
* gnutls: inefficient DER Decoding in libtasn1 could lead to remote DoS
* Add gnutls-CVE-2024-12243.patch
- openssl-3
-
- Security fix: [bsc#1240366, CVE-2025-27587]
* Minerva side channel vulnerability in P-384 on PPC arch
* Add openssl-3-p384-minerva-ppc.patch
* Add openssl-3-p384-minerva-ppc-p9.patch
- Security fix: [bsc#1236136, CVE-2024-13176]
* timing side-channel in the ECDSA signature computation
* Add openssl-CVE-2024-13176.patch
- procps
-
- Add patch CVE-2023-4016-part2.patch
* Fix the ps command segfaults when pid argument has a leading space (bsc#1236842)
- python311:base
-
- Remove python-3.3.0b1-test-posix_fadvise.patch (not needed
since kernel 3.6-rc1)
- Update to 3.11.12:
- gh-131809: Update bundled libexpat to 2.7.1
- gh-131261: Upgrade to libexpat 2.7.0
- gh-105704: When using urllib.parse.urlsplit() and
urllib.parse.urlparse() host parsing would not reject domain
names containing square brackets ([ and ]). Square brackets
are only valid for IPv6 and IPvFuture hosts according to RFC
3986 Section 3.2.2 (bsc#1236705, CVE-2025-0938,
gh#python/cpython#105704).
- gh-121284: Fix bug in the folding of rfc2047 encoded-words
when flattening an email message using a modern email
policy. Previously when an encoded-word was too long for
a line, it would be decoded, split across lines, and
re-encoded. But commas and other special characters in the
original text could be left unencoded and unquoted. This
could theoretically be used to spoof header lines using a
carefully constructed encoded-word if the resulting rendered
email was transmitted or re-parsed.
- gh-80222: Fix bug in the folding of quoted strings
when flattening an email message using a modern email
policy. Previously when a quoted string was folded so that
it spanned more than one line, the surrounding quotes and
internal escapes would be omitted. This could theoretically
be used to spoof header lines using a carefully constructed
quoted string if the resulting rendered email was transmitted
or re-parsed.
- gh-119511: Fix a potential denial of service in the imaplib
module. When connecting to a malicious server, it could
cause an arbitrary amount of memory to be allocated. On many
systems this is harmless as unused virtual memory is only
a mapping, but if this hit a virtual address size limit
it could lead to a MemoryError or other process crash. On
unusual systems or builds where all allocated memory is
touched and backed by actual ram or storage it could’ve
consumed resources doing so until similarly crashing.
- gh-127257: In ssl, system call failures that OpenSSL reports
using ERR_LIB_SYS are now raised as OSError.
- gh-121277: Writers of CPython’s documentation can now use
next as the version for the versionchanged, versionadded,
deprecated directives.
- gh-106883: Disable GC during the _PyThread_CurrentFrames()
and _PyThread_CurrentExceptions() calls to avoid the
interpreter to deadlock.
- Remove upstreamed patch:
- CVE-2025-0938-sq-brackets-domain-names.patch
- Add gh-126572-test_ssl-no-stop-ThreadedEchoServer-OSError.patch
which makes test_ssl not to stop ThreadedEchoServer on OSError,
which makes test_ssl pass with OpenSSL 3.5 (bsc#1241067,
gh#python/cpython!126572)
- Allow to disable PGO
- Skip PGO with %want_reproducible_builds (bsc#1239210)
- Add CVE-2025-0938-sq-brackets-domain-names.patch which
disallows square brackets ([ and ]) in domain names for parsed
URLs (bsc#1236705, CVE-2025-0938, gh#python/cpython#105704)
- Configure externally_managed with a bcond
https://en.opensuse.org/openSUSE:Python:Externally_managed
bsc#1228165
- Update to 3.11.11:
- Tools/Demos
- gh-123418: Update GitHub CI workflows to use OpenSSL 3.0.15
and multissltests to use 3.0.15, 3.1.7, and 3.2.3.
- Tests
- gh-125041: Re-enable skipped tests for zlib on the
s390x architecture: only skip checks of the compressed
bytes, which can be different between zlib’s software
implementation and the hardware-accelerated implementation.
- Security
- gh-126623: Upgrade libexpat to 2.6.4
- gh-122792: Changed IPv4-mapped ipaddress.IPv6Address to
consistently use the mapped IPv4 address value for deciding
properties. Properties which have their behavior fixed are
is_multicast, is_reserved, is_link_local, is_global, and
is_unspecified.
- Library
- gh-124651: Properly quote template strings in venv
activation scripts (bsc#1232241, CVE-2024-9287).
- Removed upstreamed patches:
- CVE-2024-9287-venv_path_unquoted.patch
- Add add-loongarch64-support.patch to support loongarch64
- sqlite3
-
- Mark build recipe as POSIX-sh-incompatible
- Run mkdir/rm with verbose mode for the build log
- Update to release 3.49.1:
* Improve portability of makefiles and configure scripts.
* CVE-2025-29087, bsc#1241020: Fix a bug in the concat_ws()
function, introduced in version 3.44.0, that could lead to a
memory error if the separator string is very large (hundreds
of megabytes).
* CVE-2025-29088, bsc#1241078: Enhanced the
SQLITE_DBCONFIG_LOOKASIDE interface to make it more robust
against misuse.
- Update to release 3.49.0:
* Enhancements to the query planner:
- Improve the query-time index optimization so that it works on
WITHOUT ROWID tables.
- Better query plans for large star-query joins. This fixes
three different performance regressions that were reported
on the SQLite Forum.
- When two or more queries have the same estimated cost, use
the one with the fewer bytes per row.
* Enhance the iif() SQL function so that it can accept any number
of arguments greater than or equal to two.
* Enhance the session extension so that it works on databases
that make use of generated columns.
* Omit the SQLITE_USE_STDIO_FOR_CONSOLE compile-time option which
was not implemented correctly and never worked right. In its place
add the SQLITE_USE_W32_FOR_CONSOLE_IO compile-time option. This
option applies to command-line tools like the CLI only, not to the
SQLite core. It causes Win32 APIs to be used for console I/O
instead of stdio. This option affects Windows builds only.
* Three new options to sqlite3_db_config(). All default "on".
SQLITE_DBCONFIG_ENABLE_ATTACH_CREATE
SQLITE_DBCONFIG_ENABLE_ATTACH_WRITE
SQLITE_DBCONFIG_ENABLE_COMMENTS
- Re-enable SONAME which got disabled by default in 3.48.0.
* https://www.sqlite.org/src/forumpost/5a3b44f510df8ded
* https://sqlite.org/forum/forumpost/ab8f15697a
- Update to release 3.48.0:
* Improved EXPLAIN QUERY PLAN output for covering indexes.
* Allow a two-argument version of the iif() SQL function.
* Also allow if() as an alternative spelling for iif().
* Add the ".dbtotxt" command to the CLI.
* Add the SQLITE_IOCAP_SUBPAGE_READ property to the
xDeviceCharacteristics method of the sqlite3_io_methods object.
* Add the SQLITE_PREPARE_DONT_LOG option to sqlite3_prepare_v3()
that prevents warning messages being sent to the error log if
the SQL is ill-formed. This allows sqlite3_prepare_v3() to be
used to do test compiles of SQL to check for validity without
polluting the error log with false messages.
* Increase the minimum allowed value of SQLITE_LIMIT_LENGTH from
1 to 30.
* Added the SQLITE_FCNTL_NULL_IO file control.
* Extend the FTS5 auxiliary API xInstToken() to work with prefix
queries via the insttoken configuration option and the
fts5_insttoken() SQL function.
* Increase the maximum number of arguments to an SQL function
from 127 to 1000.
* Obsoletes sqlite3-6216bfcb.patch .
- Add sqlite3-6216bfcb.patch to fix a test suite regression in
3.47.0 on s390x. Only the test was broken, not the code itself.
https://sqlite.org/forum/forumpost/7b2bab04c5
- Update to release 3.47.2:
* Fix a problem in text-to-floating-point conversion that affects
text values where the first 16 significant digits are
'1844674407370955'. This issue was introduced in 3.47.0 and
only arises on x64 and i386 hardware.
* Other minor bug fixes.
- Enable the session extension, because NodeJS 22 needs it.
- Update to release 3.47.1:
* Fix the makefiles so that they once again honored DESTDIR for
the "install" target.
* Add the SQLITE_IOCAP_SUBPAGE_READ capability to the VFS, to
work around issues on some non-standard VFSes caused by making
SQLITE_DIRECT_OVERFLOW_READ the default in version 3.45.0.
* Fix incorrect answers to certain obscure IN queries caused by
new query optimizations added in the 3.47.0 release.
* Other minor bug fixes.
- Update to release 3.47.0:
* Allow arbitrary expressions in the second argument to the RAISE
function.
* If the RHS of the ->> operator is negative, then access array
elements counting from the right.
* Fix a problem with rolling back hot journal files in the
seldom-used unix-dotfile VFS.
* FTS5 tables can now be dropped even if they use a non-standard
tokenizer that has not been registered.
* Fix the group_concat() aggregate function so that it returns an
empty string, not a NULL, if it receives a single input value
which is an empty string.
* Enhance the generate_series() table-valued function so that it
is able to recognize and use constraints on its output value.
Preupdate hooks now recognize when a column added by ALTER
TABLE ADD COLUMN has a non-null default value.
* Improved reuse of subqueries associated with the IN operator,
especially when the IN operator has been duplicated due to
predicate push-down.
* Use a Bloom filter on subqueries on the right-hand side of the
IN operator, in cases where that seems likely to improve
performance.
* Ensure that queries like "SELECT func(a) FROM tab GROUP BY 1"
only invoke the func() function once per row.
* No attempt is made to create automatic indexes on a column
that is known to be non-selective because of its use in other
indexes that have been analyzed.
* Adjustments to the query planner so that it produces better
plans for star queries with a large number of dimension
tables.
* Add the "order-by-subquery" optimization, that seeks to
disable sort operations in outer queries if the desired order
is obtained naturally due to ORDER BY clauses in subqueries.
* The "indexed-subtype-expr" optimization strives to use
expressions that are part of an index rather than recomputing
the expression based on table values, as long as the query
planner can prove that the subtype of the expression will
never be used.
* Miscellaneous coding tweaks for faster runtimes.
* Add the experimental sqlite3_rsync program.
* Add extension functions median(), percentile(),
percentile_cont(), and percentile_disc() to the CLI.
* Add the .www dot-command to the CLI.
* The sqlite3_analyzer utility now provides a break-out of
statistics for WITHOUT ROWID tables.
* The sqldiff utility avoids creating an empty database if its
second argument does not exist.
* Enhance the sqlite_dbpage table-valued function such that
INSERT can be used to increase or decrease the size of the
database file.
* SQLite no longer makes any use of the "long double" data type,
as hardware support for long double is becoming less common
and long double creates challenges for some compiler tool
chains. Instead, SQLite uses Dekker's algorithm when extended
precision is needed.
* The TCL Interface for SQLite supports TCL9. Everything
probably still works for TCL 8.5 and later, though this is not
guaranteed. Users are encouraged to upgrade to TCL9.
* Fix a corruption-causing bug in the JavaScript "opfs" VFS.
Correct "mode=ro" handling for the "opfs" VFS. Work around a
couple of browser-specific OPFS quirks.
* Add the fts5_tokenizer_v2 API and the locale=1 option, for
creating custom locale-aware tokenizers and fts5 tables that
may take advantage of them.
* Add the contentless_unindexed=1 option, for creating
contentless fts5 tables that store the values of any UNINDEXED
columns persistently in the database.
* Allow an FTS5 table to be dropped even if it uses a custom
tokenizer whose implementation is not available.
- Update to release 3.46.1:
* Improved robustness while parsing the tokenize= arguments in
FTS5.
* Enhancements to covering index prediction in the query planner.
* Do not let the number of terms on a VALUES clause be limited by
SQLITE_LIMIT_COMPOUND_SELECT, even if the VALUES clause
contains elements that appear to be variables due to
double-quoted string literals.
* Fix the window function version of group_concat() so that it
returns an empty string if it has one or more empty string
inputs.
* In FTS5 secure-delete mode, fix false-positive integrity-check
reports about corrupt indexes.
* Syntax errors in ALTER TABLE should always return SQLITE_ERROR.
In some cases, they were formerly returning SQLITE_INTERNAL.
* Other minor fixes.
- Update to release 3.46.0:
* https://sqlite.org/releaselog/3_46_0.html
* Enhance PRAGMA optimize in multiple ways.
* Enhancements to the date and time functions.
* Add support for underscore ("_") characters between digits in
numeric literals.
* Add the json_pretty() SQL function.
* Query planner improvements.
* Allocate additional memory from the heap for the SQL parser
stack if that stack overflows, rather than reporting a "parser
stack overflow" error.
* Allow ASCII control characters within JSON5 string literals.
* Fix the -> and ->> JSON operators so that when the right-hand
side operand is a string that looks like an integer it is still
treated as a string, because that is what PostgreSQL does.
* Obsoletes sqlite3-float-i586.patch.
- Update to release 3.45.3:
* Fix a long-standing bug (going back to version 3.24.0) that
might (rarely) cause the "old.*" values of an UPDATE trigger
to be incorrect if that trigger fires in response to an UPSERT.
* Reduce the scope of the NOT NULL strength reduction
optimization that was added as item 8e in version 3.35.0. The
optimization was being attempted in some contexts where it did
not work, resulting in incorrect query results.
- Add SQLITE_STRICT_SUBTYPE=1 as recommended by upstream.
- Update to release 3.45.2:
* Added the SQLITE_RESULT_SUBTYPE property for application-
defined SQL functions.
* Enhancements to the JSON SQL functions
* Add the FTS5 tokendata option to the FTS5 virtual table.
* The SQLITE_DIRECT_OVERFLOW_READ optimization is now enabled by
default.
* Query planner improvements
* Increase the default value for SQLITE_MAX_PAGE_COUNT from
1073741824 to 4294967294.
* Enhancements to the CLI
* Restore the JSON BLOB input bug, and promise to support the
anomaly in subsequent releases, for backward compatibility.
* Fix the PRAGMA integrity_check command so that it works on
read-only databases that contain FTS3 and FTS5 tables.
* Fix issues associated with processing corrupt JSONB inputs.
* Fix a long-standing bug in which a read of a few bytes past the
end of a memory-mapped segment might occur when accessing a
craftily corrupted database using memory-mapped database.
* Fix a long-standing bug in which a NULL pointer dereference
might occur in the bytecode engine due to incorrect bytecode
being generated for a class of SQL statements that are
deliberately designed to stress the query planner but which
are otherwise pointless.
* Fix an error in UPSERT, introduced in version 3.35.0.
* Reduce the scope of the NOT NULL strength reduction
optimization that was added in version 3.35.0.
- Add sqlite3-float-i586.patch to fix build on i586.
- sqlite3-rtree-i686.patch is not needed anymore.
- Abort build when %version and %tarversion don't match.
- systemd
-
- Import commit 656494acfaf4b7ac5f3137c09b96b8c4bf08f7d0 (merge of v254.25)
This merge includes the following fix:
7fc7aa5a4d coredump: use %d in kernel core pattern (CVE-2025-4598)
For a complete list of changes, visit:
https://github.com/openSUSE/systemd/compare/41d2be2fb502e62e671db2b22ee330af8fade7e2...656494acfaf4b7ac5f3137c09b96b8c4bf08f7d0
- Import commit 41d2be2fb502e62e671db2b22ee330af8fade7e2
41d2be2fb5 Revert "macro: terminate the temporary VA_ARGS_FOREACH() array with a sentinel" (SUSE specific)
- Import commit 806c21e22ba4e3038817c20da19633b483b3ee80
806c21e22b umount: do not move busy network mounts (bsc#1236177)
- Import commit ebdfa3e44e0c85febfa3b35fc8843f8db6f3fb10
ebdfa3e44e man/pstore.conf: pstore.conf template is not always installed in /etc
304ed20aab man: coredump.conf template is not always installed in /etc (bsc#1237496)
- Add 1003-journal-again-create-user-journals-for-users-with-hi.patch (bsc#1242938)
Don't write messages sent from users with UID falling into the container UID
range to the system journal. Daemons in the container don't talk to the
outside journald as they talk to the inner one directly, which does its
journal splitting based on shifted uids.
- Add 1002-udev-persistent-net-rule-generator-support.patch (bsc#1241190)
This re-adds back the support for the persistent net name rules as well as
their generator since predictable naming scheme is still disabled by default
on Micro (via the `net.ifnames=0` boot option).
- Maintain the network device naming scheme used on SLE15 (jsc#PED-12317)
This shouldn't cause problems as predictable naming schemes are disabled on
SLMicro-6.1 (net.ifnames=0 is set on the kernel command line by default).
Add 1001-man-describe-the-net-naming-schemes-specific-to-SLE.patch for the
description of these schemes in the relevant man page.
- Import commit 09b7477895b79c7a3604a7e1aa71eeb3d401e65c
09b7477895 udev: allow/denylist for reading sysfs attributes when composing a NIC name (bsc#1234015)
- Drop 5004-udev-allow-denylist-for-reading-sysfs-attributes-whe.patch
The path has been merged into the SUSE/v254 branch.
- Import commit 0d0f2dbfc4c901dca09fdd3d5b744b5339e0e991 (merge of v254.24)
For a complete list of changes, visit:
https://github.com/openSUSE/systemd/compare/b4693652f317dbae80e31b978f51e695a23fa3d0...0d0f2dbfc4c901dca09fdd3d5b744b5339e0e991
- Import commit b4693652f317dbae80e31b978f51e695a23fa3d0
b4693652f3 journald: close runtime journals before their parent directory removed
044d051f0c journald: reset runtime seqnum data when flushing to system journal (bsc#1236886)
- Add 0004-core-create-the-credential-directory-even-if-it-s-em.patch (bsc#1229228)
- Import commit d7a56d70fb052f738442c2874b072d6514242050 (merge of v254.23)
eab1d9753b stdio-bridge: fix polled fds
f028f2298e hwdb: comment out the entry for Logitech MX Keys for Mac
e808cbdd6d test: answer 2nd mdadm --create question for compat with new version
bf01f3d692 core/unit-serialize: fix serialization of markers
f043ab6f34 locale-setup: do not load locale from environemnt when /etc/locale.conf is unchanged
71efbe69b6 core: fix assert when AddDependencyUnitFiles is called with invalid parameter
- Fix systemd-network recommending libidn2-devel (boo#1234765)
- Import commit 679c57667db0e755271f392775908d18e4976406
679c57667d tpm2-util: Also retry unsealing after policy_pcr returns PCR_CHANGED (boo#1233752 bsc#1234313)
- Import commit 8752ef2f258c62470bef3bb24ca1ef3a969ac474 (merge of v254.22)
For a complete list of changes, visit:
https://github.com/openSUSE/systemd/compare/e107182cb3dd1702b291d0455bdabcb7db28e537...8752ef2f258c62470bef3bb24ca1ef3a969ac474
- Add 5004-udev-allow-denylist-for-reading-sysfs-attributes-whe.patch (bsc#1234015)
Temporarily add this patch. It will be integrated in the git repository if no
issues are reported in the coming months.
- Import commit 807fe764111b5a74cc8618b8e4ec437a0dec91ff
807fe76411 udev: add new builtin net_driver
3a48b5f21d udev-builtin-net_id: split-out pci_get_onboard_index() from dev_pci_onboard()
5359c1d6d4 udev-builtin-net_id: split-out get_pci_slot_specifiers()
1cd915ac7b udev-builtin-net_id: introduce get_port_specifier() helper function
72a4218155 udev-builtin-net_id: split out get_dev_port() and make its failure critical
f6c721b4da udev-builtin-net_id: split-out pci_get_hotplug_slot() and pci_get_hotplug_slot_from_address()
9e16c3cf27 udev-builtin-net_id: return earlier when hotplug slot is not found
4851355767 udev-builtin-net_id: skip non-directory entry earlier
a571e5f1dd udev-builtin-net_id: make names_xen() self-contained
9acc241d5f udev-builtin-net_id: use sd_device_get_sysnum() to get index of netdevsim
ca8a431b55 udev-builtin-net_id: make names_netdevsim() self-contained
a66251d666 udev-builtin-net_id: make names_platform() self-contained
1e834d7157 udev-builtin-net_id: make names_vio() self-contained
8b236dcd7a udev-builtin-net_id: make names_ccw() self-contained
7d70e2fa7d udev-builtin-net_id: make dev_devicetree_onboard() self-contained
46158a6e91 udev-builtin-net_id: make names_mac() self-contained
7789e7f886 udev-builtin-net_id: split out get_ifname_prefix()
9b0062a667 udev-builtin-net_id: swap arguments for streq() and friends
181a775b40 udev-builtin-net_id: drop unused value from NetNameType
Refactoring to prepare for backporting the filtering mechanism of specific
sysfs attributes during predictable NIC name generation.
- Add 0003-Drop-support-for-efivar-SystemdOptions.patch (bsc#1220338)
Upstream deprecated it and plan to drop it in the future.
Let's get ahead and drop it now as this feature is unlikely to be used on SUSE
distros and it might be used to gain access to encrypted SLEM systems with
unattended disk unlock and with secure boot disabled.
- Import commit e107182cb3dd1702b291d0455bdabcb7db28e537 (merge of v254.21)
This merge includes the following fix:
a467a411f pid1: make clear that $WATCHDOG_USEC is set for the shutdown binary, noone else (bsc#1232227)
For a complete list of changes, visit:
https://github.com/openSUSE/systemd/compare/a3aa27ac6649cb096b3c87c8ac61a6950bfa3567...e107182cb3dd1702b291d0455bdabcb7db28e537
- Import commit a3aa27ac6649cb096b3c87c8ac61a6950bfa3567 (merge of v254.20)
This merge includes the following fix:
8b6ae951d3 udev: skipping empty udev rules file while collecting the stats (bsc#1232844)
For a complete list of changes, visit:
https://github.com/openSUSE/systemd/compare/ae14c7765524a3c84ce8a65d6a3a4db2be981f69...a3aa27ac6649cb096b3c87c8ac61a6950bfa3567
- Import commit ae14c7765524a3c84ce8a65d6a3a4db2be981f69 (merge of v254.19)
For a complete list of changes, visit:
https://github.com/openSUSE/systemd/compare/87f11f092e2a63f6b9af98871ea716dab54f8b58...ae14c7765524a3c84ce8a65d6a3a4db2be981f69
- Clean up some remnants from when homed was in the experimental sub-package (bsc#1231048)
- Add 0001-udev-restore-some-legacy-symlinks-to-maintain-backwa.patch
Given that SLE16 will be based on SLFO, we have no choice but to continue
supporting these compat symlinks. This compatibility code is no longer
maintained in the Git repository though, as we primarily backport upstream
commits these days. Additionally, the compat code rarely changes and often
causes conflicts when merged into recent versions of systemd.
- libtasn1
-
- Security fix: [bsc#1236878, CVE-2024-12133]
* Potential DoS in handling of numerous SEQUENCE OF or SET OF elements
* Add libtasn1-CVE-2024-12133.patch
- tpm2-0-tss
-
Update to version 4.1:
+ Security
- Fixed CVE-2024-29040 (bsc#1223690)
+ Fixed
- fapi: Fix length check on FAPI auth callbacks
- mu: Correct error message for errors
- tss2-rc: fix unknown laer handler dropping bits.
- fapi: Fix deviation from CEL specification (template_value was used instead of template_data).
- fapi: Fix json syntax error in FAPI profiles which was ignored by json-c.
- build: fix build fail after make clean.
- mu: Fix unneeded size check in TPM2B unmarshaling.
- fapi: Fix missing parameter encryption.
- build: Fix failed build with --disable-vendor.
- fapi: Fix flush of persistent handles.
- fapi: Fix test provisioning with template with self generated certificate disabled.
- fapi: Fix error in Fapi_GetInfo it TPM supports SHA3 hash algs.
- fapi: Revert pcr extension for EV_NO_ACTION events.
- fapi: Fix strange error messages if nv, ext, or policy path does not exits.
- fapi: Fix segfault caused by wrong allocation of pcr policy.
- esys: Fix leak in Esys_EvictControl for persistent handles.
- tss2-tcti: tcti-libtpms: fix test failure on big-endian platform.
- esys: Add reference counting for Esys_TR_FromTPMPublic.
- esys: Fix HMAC error if session bind key has an auth value with a trailing 0.
- fapi: fix usage of self signed certificates in TPM.
- fapi: Usage of self signed certificates.
- fapi: A segfault after the error handling of non existing keys.
- fapi: Fix several leaks.
- fapi: Fix error handling for policy execution.
- fapi: Fix usage of persistent handles (should not be flushed)
- fapi: Fix test provisioning with template (skip test without self generated certificate).
- fapi: Fix pcr extension for EV_NO_ACTION
- test: Fix fapi-key-create-policy-signed-keyedhash with P_ECC384 profile
- tcti_spi_helper_transmit: ensure FIFO is accessed only after TPM reports commandReady bit is set
- fapi: Fix read large system eventlog (> UINT16_MAX).
- esys tests: Fix layer check for TPM2_RC_COMMAND_CODE (for /dev/tpmrm0)
- test: unit: tcti-libtpms: fix test failed at 32-bit platforms.
- fapi: Fix possible null pointer dereferencing in Fapi_List.
- sys: Fix size check in Tss2_Sys_GetCapability.
- esys: Fix leak in Esys_TR_FromTPMPublic.
- esys: fix unchecked return value in esys crypto.
- fapi: Fix wrong usage of local variable in provisioning.
- fapi: Fix memset 0 in ifapi_json_TPMS_POLICYNV_deserialize.
- fapi: Fix possible out of bound array access in IMA parser.
- tcti device: Fix possible unmarshalling from uninitialized variable.
- fapi: Fix error checking authorization of signing key.
- fapi: Fix cleanup of policy sessions.
- fapi: Eventlog H-CRTM events and different localities.
- fapi: Fix missing synchronization of quote and eventlog.
- faii: Fix invalid free in Fapi_Quote with empty eventlog.
+ Added
- tcti: LetsTrust-TPM2Go TCTI module spi-ltt2go.
- mbedtls: add sha512 hmac.
- fapi: Enable usage of external keys for Fapi_Encrypt.
- fapi: Support download of AMD certificates.
- tcti: Add USB TPM (FTDI MPSSE USB to SPI bridge) TCTI module.
- fapi: The recreation of primaries (except EK) in the owner hierarchy instead the endorsement hierarchy is fixed.
- rc: New TPM return codes added.
- fapi: Further Nuvoton certificates added.
- tpm_types/esys: Add support for Attestable TPM changes in latest TPM spec.
- tcti: Add '/dev/tcm0' to default conf
- fapi: New Nuvoton certificates added.
- esys: Fix leak in Esys_TR_FromTPMPublic.
+ Removed
- Testing on Ubuntu 18.04 as it's near EOL (May 2023).
- tpm2-tss.keyring: added Andreas Fuchs 0x8F4F9A45D7FFEE74 key, documented
in upstream repo, which was used for signing this new release tarball.
- add new sub-package libtss2-tcti-spidev0: TCTI for communicating with a TPM
connected directly via SPI.
- add new sub-package libtss2-tcti-i2c-helper0: TCTI for communicating with a
TPM connected directly via I2C.
- Fix tmpfiles %ghost file names
- Move tmpfiles config to different package:
* tmpfiles_create was being called with bad input (version ?)
* it avoids breaking SLPP for libtss2-fapi1 (hence the prior
warning in spec)
- tss sysusers requires should be pre not post
- libtss2-fapi1 requires system-user-tss for tmpfile creation
- Require openssl-3 over openssl-1 to assist migration of applications
to newer openssl-3.
- libxml2
-
- security update
- added patches
CVE-2025-32414 [bsc#1241551], out-of-bounds read when parsing text via the Python API
+ libxml2-CVE-2025-32414.patch
CVE-2025-32415 [bsc#1241453], a crafted XML document may lead to a heap-based buffer under-read
+ libxml2-CVE-2025-32415.patch
- security update
- added patches
fix CVE-2024-56171 [bsc#1237363], use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c
+ libxml2-CVE-2024-56171.patch
fix CVE-2025-24928 [bsc#1237370], stack-based buffer overflow in xmlSnprintfElements in valid.c
+ libxml2-CVE-2025-24928.patch
fix CVE-2025-27113 [bsc#1237418], NULL Pointer Dereference in libxml2 xmlPatMatch
+ libxml2-CVE-2025-27113.patch
- netavark
-
- Use recommended way to require latest rust—require cargo.
- Update to version 1.12.2:
* Release v1.12.2
* Release notes for 1.12.2
* fix new rust 1.80 lint issues
* silence new rust 1.80 warnings
* aardvark: on start failure delete entries again
* iptables: make dns rules cover tcp as well
* nftables: make dns rules cover tcp as well
* Release v1.12.1
* Update release notes for v1.12.1
* Change nv cargo categories
* Bump to 1.13.0-dev
* Release 1.12
* Release Notes for 1.12
* run cargo update
* rpm: use nftables as default for f41
* fix(deps): update rust crate serde_json to 1.0.121
* fix(deps): update rust crate tokio to 1.39.2
* aardvark-dns: trim whitespaces from error text
* fix(deps): update rust crate env_logger to 0.11.5
* [skip-ci] RPM: handle iptables/nftables dependencies
* fix aardvark-dns error handling
* fix(deps): update rust crate tokio to 1.39.1
* fix(deps): update rust crate env_logger to 0.11.4
* fix(deps): update rust crate tokio to 1.38.1
* update mozim to 0.2.4 (bsc#1236567)
* fix(deps): update rust crate serde_json to 1.0.120
* netavark: dhcp_proxy: use dns servers from dhcp lease
* fix(deps): update rust crate serde_json to 1.0.119
* fix(deps): update rust crate netlink-packet-route to 0.20.1
* fix(deps): update rust crate log to 0.4.22
* Fix Epoch so upgrade path is preserved from Fedora/RHEL.
* test: add macvlan metric test
* fix(deps): update rust crate serde_json to 1.0.118
* fix(deps): update rust crate url to 2.5.2
* fix(deps): update rust crate prost to 0.12.6
* fix(deps): update rust crate url to 2.5.1
* fix(deps): update rust crate iptables to 0.5.2
* [CI:BUILD] rpm: Update Rust macro usage
* fix(deps): update rust crate nftables to 0.4.1
* fix(deps): update rust crate tokio to 1.38.0
* Bump to 1.12.0-dev
- Remove redundant source: cargo_config
- Update to version 1.11.0:
* Release v1.11.0
* Update release notes for 1.11.0
* update netlink-packet-route to 0.20.0
* run cargo update
* fix: remove extra / in make install and uninstall
* chore(deps): update dependency containers/automation_images to v20240529
* fix(deps): update rust crate nix to 0.29.0
* fix(deps): update rust crate nispor to 1.2.19
* fix(deps): update rust crate anyhow to 1.0.86
* fix(deps): update rust crate anyhow to 1.0.85
* [skip-ci] Packit: do not create dup jobs on podman-next
* fix(deps): update rust crate anyhow to 1.0.84
* [skip-ci] RPM: use default __cargo macro across all envs
* [skip-ci] RPM: switch default firewall to nftables on EL10+
* chore(deps): update dependency containers/automation_images to v20240513
* Add conditional compilation of default firewall driver
* fix(deps): update rust crate serde_json to 1.0.117
* fix new clippy warnings
* Update CI image to fedora 40
* fix ncat sctp tests
* fix(deps): update rust crate anyhow to 1.0.83
* build(deps): bump h2 from 0.3.25 to 0.3.26
* [skip-ci] Packit: distinct `-rhel` packages value
* [skip-ci] Packit: enable c10s downstream sync
* fix(deps): update rust crate libc to 0.2.154
* fix(deps): update rust crate ipnet to 2.9.0
* fix(deps): update rust crate tower to 0.4.13
* fix(deps): update rust crate tokio-stream to 0.1.15
* fix(deps): update rust crate prost to 0.12.4
* fix(deps): update rust crate iptables to 0.5.1
* [skip-ci] Packit: remove el8 jobs
* fix(deps): update rust crate anyhow to 1.0.82
* fix(deps): update rust crate serde to 1.0.199
* Add suffix to Aardvark internal network filenames
* fix port forward with strict RPF and multi networks
* renovate: stop rebasing PRs automatically
* chore(deps): update rust crate chrono to 0.4.38
* fix(deps): update rust crate serde_json to 1.0.116
* fix(deps): update rust crate netlink-sys to 0.8.6
* nftables: only dump netavark table rules
* update nftables to 0.4
* fix aardvark-dns netns check
* fix(deps): update rust crate tokio to 1.37
* fix(deps): update rust crate netlink-packet-route to 0.19.0
* Update to nix-0.28.0
* fix(deps): update rust crate mozim to 0.2.3
* fix(deps): update rust crate nispor to 1.2.18
* Update chrono
* fix(deps): update rust crate serde_json to 1.0.115
* build(deps): bump mio from 0.8.9 to 0.8.11
* [skip-ci] rpm: aardvark-dns is a hard dep across the board
* Update Rust crate env_logger to 0.11.3
* Update Rust crate serde to 1.0.197
* Update Rust crate tempfile to 3.10.1
* Update Rust crate log to 0.4.21
* Update Rust crate zbus to 3.15.2
* Update Rust crate serde_json to 1.0.114
* Update Rust crate env_logger to 0.11.2
* Update Rust crate chrono to 0.4.34
* Update Rust crate tonic-build to 0.11
* Update Rust crate tonic to 0.11
* fix netavark update to not start a new aardvark-dns
* Update Rust crate tempfile to 3.10.0
* Update Rust crate zbus to 3.15.0
* Update Rust crate tokio to 1.36
* Update Rust crate chrono to 0.4.33
* Do not perform network namespace detection on AV update
* [CI:BUILD] Packit/rpm: fix aardvark-dns handling
* Update Rust crate serde_json to 1.0.113
* Update Rust crate serde_json to 1.0.112
* Update Rust crate env_logger to 0.11.1
* update README with nftables support
* Bump to v1.11.0-dev
* perf-netavark: accept fw driver as argument
* perf-netavark: fix missing --config arg
- Update to version 1.10.3:
* v1.10.3
* fix netavark update to not start a new aardvark-dns
- openssh
-
- Fix ssh client segfault with GSSAPIKeyExchange=yes in ssh_kex2
due to gssapi proposal not being correctly initialized
(bsc#1236826). The problem was introduced in the rebase of
the patch for 9.6p1:
* openssh-8.0p1-gssapi-keyex.patch
- From Wed Jul 3 16:53:53 UTC 2024 - Antonio Larrosa <alarrosa@suse.com>
- Add #include <stdlib.h> in some files added by the ldap patch to
fix build with gcc14 (boo#1225904).
* openssh-7.7p1-ldap.patch
- From Mon Apr 15 13:21:50 UTC 2024 - Marcus Meissner <meissner@suse.com>
- openssh-8.0p1-gssapi-keyex.patch: Added missing struct initializer,
added missing parameter (bsc#1222840)
- From Tue Apr 2 13:07:43 UTC 2024 - Martin Sirringhaus <martin.sirringhaus@suse.com>
- Rebase openssh-7.7p1-fips.patch (bsc#1221928)
Remove OPENSSL_HAVE_EVPGCM-ifdef, which is no longer supported by
upstream
- From Tue Apr 2 11:23:05 UTC 2024 - Antonio Larrosa <alarrosa@suse.com>
- Use %config(noreplace) for sshd_config . In any case, it's
recommended to drop a file in sshd_config.d instead of editing
sshd_config (bsc#1221063)
- Fix a MitM attack against OpenSSH's VerifyHostKeyDNS-enabled
client and a DoS attack against OpenSSH's client and server
(bsc#1237040, CVE-2025-26465, bsc#1237041, CVE-2025-26466):
* fix-CVE-2025-26465-and-CVE-2025-26466.patch
- From Mon Oct 14 15:06:19 UTC 2024 - Antonio Larrosa <alarrosa@suse.com>
- Use %{with ...} instead of 0%{with ...}
- From Fri Oct 11 09:28:30 UTC 2024 - Antonio Larrosa <alarrosa@suse.com>
- Add a patch to fix a regression introduced in 9.6 that makes X11
forwarding very slow. Submitted to upstream in
https://bugzilla.mindrot.org/show_bug.cgi?id=3655#c4 . Fixes
bsc#1229449:
* fix-x11-regression-bsc1229449.patch
- Drop most of openssh-6.6p1-keycat.patch (actually, it was just
commented out). The keycat binary isn't really installed nor
supported, so we can drop it, except for the code that is used
by other SELinux patches, which is what I kept from that patch
(boo#1229072).
- Add patch submitted to upstream to fix RFC4256 implementation
so that keyboard-interactive authentication method can send
instructions and sshd shows them to users even before a prompt
is requested. This fixes MFA push notifications (boo#1229010).
* 0001-auth-pam-Immediately-report-instructions-to-clients-and-fix-handling-in-ssh-client.patch
- Fix a dbus connection leaked in the logind patch that was
missing a sd_bus_unref call (found by Matthias Gerstner):
* logind_set_tty.patch
- Add a patch that fixes a small memory leak when parsing the
subsystem configuration option:
* fix-memleak-in-process_server_config_line_depth.patch
- From Mon Jun 7 20:54:09 UTC 2021 - Hans Petter Jansson <hpj@suse.com>
- Add openssh-mitigate-lingering-secrets.patch (bsc#1186673), which
attempts to mitigate instances of secrets lingering in memory
after a session exits. (bsc#1213004 bsc#1213008)
- Rebase patches:
* openssh-6.6p1-privsep-selinux.patch
- Remove empty line at the end of sshd-sle.pamd (bsc#1227456)
- pam_u2f
-
- update to 1.3.2:
* Relax authfile permission check to a warning instead of an error to prevent
a breaking change locking existing users out of their systems.
- update to 1.3.1:
* Fix incorrect usage of PAM_IGNORE (YSA-2025-01, CVE-2025-23013).
* Changed return value when nouserok is enabled and the user has no
credentials, PAM_IGNORE is used instead of PAM_SUCCESS.
* Hardened checks of authfile permissions.
* Hardened checks for nouserok.
* Improved debug messages.
* Improved documentation.
- pam
-
- pam_namespace: convert functions that may operate on a user-controlled path
to operate on file descriptors instead of absolute path. And keep the
bind-mount protection from protect_mount() as a defense in depthmeasure.
[bsc#1244509, CVE-2025-6020,
pam_inline-introduce-pam_asprintf-pam_snprintf-and-p.patch,
pam_namespace-fix-potential-privilege-escalation.patch,
pam_namespace-add-flags-to-indicate-path-safety.patch,
pam_namespace-secure_opendir-do-not-look-at-the-grou.patch]
- pam_namespace-fix-potential-privilege-escalation.patch adapted and includes
changes from upstream commits: ds6242a, bc856cd.
* pam_namespace fix logic in return value handling
* pam_namespace move functions around
- patterns-base
-
- do not include busybox packages (bsc#1232246)
- perl
-
- fix heap buffer overflow with tr// [bsc#1241083] [CVE-2024-56406]
new patch: perl-pmtrans.diff
- podman
-
- Add patch for CVE-2025-22869 (bsc#1239330):
* 0006-CVE-2025-22869-ssh-limit-the-size-of-the-internal-pa.patch
- Rebase patches:
* 0001-vendor-update-c-buildah-to-1.33.12.patch
* 0002-Backport-fix-for-CVE-2024-6104.patch
* 0003-Switch-hashicorp-go-retryablehttp-to-the-SUSE-fork.patch
* 0004-http2-close-connections-when-receiving-too-many-head.patch
* 0005-CVE-2025-27144-vendor-don-t-allow-unbounded-amounts-.patch
- Add patch for CVE-2025-27144 (bsc#1237641):
* 0005-CVE-2025-27144-vendor-don-t-allow-unbounded-amounts-.patch
- Rebase patches:
* 0001-vendor-update-c-buildah-to-1.33.12.patch
* 0002-Backport-fix-for-CVE-2024-6104.patch
* 0003-Switch-hashicorp-go-retryablehttp-to-the-SUSE-fork.patch
* 0004-http2-close-connections-when-receiving-too-many-head.patch
- Add patch for CVE-2024-11218 (bsc#1236270):
* 0001-vendor-update-c-buildah-to-1.33.12.patch
- Add patch for CVE-2023-45288 (bsc#1236507):
* 0004-http2-close-connections-when-receiving-too-many-head.patch
- Add supplemental patch for CVE-2024-6104 (bsc#1227052):
* 0003-Switch-hashicorp-go-retryablehttp-to-the-SUSE-fork.patch
- Rebase patch:
* 0002-Backport-fix-for-CVE-2024-6104.patch
- Remove patch(es) (merged upstream):
* 0002-pkg-subscriptions-use-securejoin-for-the-container-p.patch
* 0003-CVE-2024-9407-validate-bind-propagation-flag-setting.patch
* 0004-Properly-validate-cache-IDs-and-sources.patch
* 0005-Use-securejoin.SecureJoin-when-forming-userns-paths.patch
- python-instance-billing-flavor-check
-
- Update to version 1.0.1
+ Fix infinite loop (bsc#1242064)
+ Fix bug in update infrastructure request (bsc#1242064)
- Update to version 1.0.0 (jsc#PCT-531)
+ API incompatibility: The check_payg_byos function no longer exits, it now
returns a tuple of (flavor, exit_code). This makes the function reusable.
+ Update the build setup to work with the system interpreter of
upcoming SLE releases. SLE 12 stays with the Python 3.4 interpreter
and SLE 15 with the Python 3.6 interpreter.
- Version 0.1.2 (bsc#1234444)
+ Improve detection of IPv4 and IPv6 network setup and use appropriate
IP version for access the update servers
+ Improve reliability of flavor detection. Try an update server multiple
times to get an answer, if we hit timeouts return the value flavor
value from a cache file.
- Version 0.1.1 (bsc#1235991, bsc#1235992)
+ Add time stamp to log
- From version 0.1.0
+ Doc improvements clarifying exit staus codes
- python-Jinja2
-
- Add security patch CVE-2025-27516.patch (bsc#1238879)
- python-M2Crypto
-
- Change macro to %{?sle15allpythons} so we build both Python 3.6
and Python 3.11 on SLE-15.
- Fix spelling of BSD-2-Clause license.
- Add rpmlintrc … overflow of ignorable rpmlint warnings caused
me not to see the previous problem.
- Update to 0.44.0:
- fix(rsa): introduce internal cache for rsa.check_key()
(bsc#1236664, srht#mcepl/m2crypto#369)
- fix[authcookie]: modernize the module
- fix(_lib): add missing #include for windows
- ci: relax fedora crypto policy to legacy.
- enhance setup.py for macos compatibility
- prefer packaging.version over distutils.version
- fix segfault with openssl 3.4.0
- fix[ec]: raise ioerror instead when load_key_bio() cannot read
the file.
- doc: update installation instructions for windows.
- fix setting x509.verify_* variables
- fix building against openssl in non-standard location
- test_x509: use only x509_version_1 (0) as version for csr.
- The real license is BSD 2-Clause, not MIT.
- Update to 0.43.0:
- feat[m2]: add m2.time_t_bits to checking for 32bitness.
- fix[tests]: Use only X509_VERSION_1 (0) as version for CSR.
- fix[EC]: raise ValueError when load_key_bio() cannot read the
file (bsc#1231589).
- ci: use -mpip wheel instead of -mbuild
- fix: use PyMem_Malloc() instead of malloc()
- fix[hints]: more work on conversion of type hints to the py3k ones
- fix: make the package build even on Python 3.6
- ci[local]: skip freezing local tests
- fix[hints]: remove AnyStr type
- test: add suggested test for RSA.{get,set}_ex_data
- fix: implement interfaces for RSA_{get,set}_ex_new_{data,index}
- fix: generate src/SWIG/x509_v_flag.h to overcome weaknesses of
swig
- fix: replace literal enumeration of all VERIFY_ constants by a
cycle
- test: unify various test cases in test_ssl related to ftpslib
- fix: replace deprecated url keyword in setup.cfg with complete
project_urls map
- Update 0.42.0:
- allow ASN1_{Integer,String} be initialized directly
- minimal infrastructure for type hints for a C extension and
some type hints for some basic modules
- time_t on 32bit Linux is 32bit (integer) not 64bit (long)
- EOS for CentOS 7
- correct checking for OpenSSL version number on Windows
- make compatible with Python 3.13 (replace PyEval_CallObject
with PyObject_CallObject)
- fix typo in extern function signature (and proper type of
engine_ctrl_cmd_string())
- move the package to Sorucehut
- setup CI to use Sourcehut CI
- setup CI on GitLab for Windows as well (remove Appveyor)
- initial draft of documentation for migration to
pyca/cryptography
- fix Read the Docs configuration (contributed kindly by Facundo
Tuesca)
- Remove upstreamed 32bit_ASN1_Time.patch
- Remove python-M2Crypto.keyring, because PyPI broke GPG support
- Build for modern python stack on SLE/Leap
- Disable broken tests with openssl 3.2, bsc#1217782
- require setuptools
- Update to 0.40.0:
- OK, SO NOT THIS RELEASE, BUT IN THE NEXT RELEASE PYTHON2 WILL
TRULY GO!
- BREAKING CHANGES:
- There are no SWIG generated files (src/SWIG/_m2crytpo_wrap.c)
included anymore, so swig must be installed, no
exceptions! Also, for compatibility with Python 3.12+, swig
4.0+ is required.
- All support for asyncore has been removed, as it has been
removed in Python 3.12 as well (which means also removal of
contrib/dispatcher.py, M2Crypto/SSL/ssl_dispatcher.py,
ZServerSSL).
- All use of distutils (including the bundled ones in
setuptools) has been removed, so `setup.py clean` is no
more.
- Excessively complicated and error-prone __init__py has been
cleaned and `import M2Crypto` doesn’t include everything
anymore. Imports should specified as for example with `from
M2Crypto import foo`.
- ASN1_Time handling has been mostly rewritten and it almost
works even on Windows.
- All tests in Gitlab CI (with exceptions of some skipped tests
especially on Windows) are now green, tests of Python 2.7 on
CentOS 7 have been included.
- Introduce m2.err_clear_error()
- Make X509_verify_cert() accessible as m2.x509_verify_cert
- Add 32bit_ASN1_Time.patch to quench errors on 32bit archs.
- Make tests running again.
- python-PyJWT
-
- Skip failing test gh#jpadilla/pyjwt#802
- Update to version 2.9.0
* Drop support for Python 3.7 (EOL) by @hugovk in #910
* Allow JWT issuer claim validation to accept a list of
strings too by @mattpollak in #913
* Fix unnecessary string concatenation by @sirosen in #904
* Fix docs for ``jwt.decode_complete`` to include ``strict_aud``
option by @woodruffw in #923
* Fix docs step by @jpadilla in #950
* Fix: Remove an unused variable from example code block
by @kenkoooo in #958
* Add support for Python 3.12 by @hugovk in #910
* Improve performance of ``is_ssh_key`` + add unit test by @bdraco in #940
* Allow ``jwt.decode()`` to accept a PyJWK object by @luhn in #886
* Make ``algorithm_name`` attribute available on PyJWK by @luhn in #886
* Raise ``InvalidKeyError`` on invalid PEM keys to be compatible
with cryptography 42.x.x by @CollinEMac in #952
* Raise an exception when required cryptography dependency
is missing by @tobloef in #963
- python-cryptography
-
- Update vendor tarball to fix CVE-2025-3416 (bsc#1242631)
- libxml2:python
-
- security update
- added patches
CVE-2025-32414 [bsc#1241551], out-of-bounds read when parsing text via the Python API
+ libxml2-CVE-2025-32414.patch
CVE-2025-32415 [bsc#1241453], a crafted XML document may lead to a heap-based buffer under-read
+ libxml2-CVE-2025-32415.patch
- security update
- added patches
fix CVE-2024-56171 [bsc#1237363], use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c
+ libxml2-CVE-2024-56171.patch
fix CVE-2025-24928 [bsc#1237370], stack-based buffer overflow in xmlSnprintfElements in valid.c
+ libxml2-CVE-2025-24928.patch
fix CVE-2025-27113 [bsc#1237418], NULL Pointer Dereference in libxml2 xmlPatMatch
+ libxml2-CVE-2025-27113.patch
- python-setuptools
-
- Add patch CVE-2025-47273.patch to fix A path traversal
vulnerability.
(bsc#1243313, CVE-2025-47273, gh#pypa/setuptools@250a6d17978f)
- python311
-
- Remove python-3.3.0b1-test-posix_fadvise.patch (not needed
since kernel 3.6-rc1)
- Update to 3.11.12:
- gh-131809: Update bundled libexpat to 2.7.1
- gh-131261: Upgrade to libexpat 2.7.0
- gh-105704: When using urllib.parse.urlsplit() and
urllib.parse.urlparse() host parsing would not reject domain
names containing square brackets ([ and ]). Square brackets
are only valid for IPv6 and IPvFuture hosts according to RFC
3986 Section 3.2.2 (bsc#1236705, CVE-2025-0938,
gh#python/cpython#105704).
- gh-121284: Fix bug in the folding of rfc2047 encoded-words
when flattening an email message using a modern email
policy. Previously when an encoded-word was too long for
a line, it would be decoded, split across lines, and
re-encoded. But commas and other special characters in the
original text could be left unencoded and unquoted. This
could theoretically be used to spoof header lines using a
carefully constructed encoded-word if the resulting rendered
email was transmitted or re-parsed.
- gh-80222: Fix bug in the folding of quoted strings
when flattening an email message using a modern email
policy. Previously when a quoted string was folded so that
it spanned more than one line, the surrounding quotes and
internal escapes would be omitted. This could theoretically
be used to spoof header lines using a carefully constructed
quoted string if the resulting rendered email was transmitted
or re-parsed.
- gh-119511: Fix a potential denial of service in the imaplib
module. When connecting to a malicious server, it could
cause an arbitrary amount of memory to be allocated. On many
systems this is harmless as unused virtual memory is only
a mapping, but if this hit a virtual address size limit
it could lead to a MemoryError or other process crash. On
unusual systems or builds where all allocated memory is
touched and backed by actual ram or storage it could’ve
consumed resources doing so until similarly crashing.
- gh-127257: In ssl, system call failures that OpenSSL reports
using ERR_LIB_SYS are now raised as OSError.
- gh-121277: Writers of CPython’s documentation can now use
next as the version for the versionchanged, versionadded,
deprecated directives.
- gh-106883: Disable GC during the _PyThread_CurrentFrames()
and _PyThread_CurrentExceptions() calls to avoid the
interpreter to deadlock.
- Remove upstreamed patch:
- CVE-2025-0938-sq-brackets-domain-names.patch
- Add gh-126572-test_ssl-no-stop-ThreadedEchoServer-OSError.patch
which makes test_ssl not to stop ThreadedEchoServer on OSError,
which makes test_ssl pass with OpenSSL 3.5 (bsc#1241067,
gh#python/cpython!126572)
- Allow to disable PGO
- Skip PGO with %want_reproducible_builds (bsc#1239210)
- Add CVE-2025-0938-sq-brackets-domain-names.patch which
disallows square brackets ([ and ]) in domain names for parsed
URLs (bsc#1236705, CVE-2025-0938, gh#python/cpython#105704)
- Configure externally_managed with a bcond
https://en.opensuse.org/openSUSE:Python:Externally_managed
bsc#1228165
- Update to 3.11.11:
- Tools/Demos
- gh-123418: Update GitHub CI workflows to use OpenSSL 3.0.15
and multissltests to use 3.0.15, 3.1.7, and 3.2.3.
- Tests
- gh-125041: Re-enable skipped tests for zlib on the
s390x architecture: only skip checks of the compressed
bytes, which can be different between zlib’s software
implementation and the hardware-accelerated implementation.
- Security
- gh-126623: Upgrade libexpat to 2.6.4
- gh-122792: Changed IPv4-mapped ipaddress.IPv6Address to
consistently use the mapped IPv4 address value for deciding
properties. Properties which have their behavior fixed are
is_multicast, is_reserved, is_link_local, is_global, and
is_unspecified.
- Library
- gh-124651: Properly quote template strings in venv
activation scripts (bsc#1232241, CVE-2024-9287).
- Removed upstreamed patches:
- CVE-2024-9287-venv_path_unquoted.patch
- Add add-loongarch64-support.patch to support loongarch64
- selinux-policy
-
- Update to version 20230523+git27.6fee49569:
* qemu-guest-agent: fix denial for guest-get-fsinfo (bsc#1243389)
- shim
-
- Update shim-install to use the 'removable' way for encrypted
SL-Micro images (bsc#1230316)
* 433cc4e Always use the removable way for SL-Micro
* 769e41d Limit the removable option to encrypted SL-Micro
-- Update to version 15.8
- Various CVE fixes are already merged into this version
mok: fix LogError() invocation (bsc#1215099,CVE-2023-40546)
avoid incorrectly trusting HTTP headers (bsc#1215098,CVE-2023-40547)
Fix integer overflow on SBAT section size on 32-bit system (bsc#1215100,CVE-2023-40548)
Authenticode: verify that the signature header is in bounds (bsc#1215101,CVE-2023-40549)
pe: Fix an out-of-bound read in verify_buffer_sbat() (bsc#1215102,CVE-2023-40550)
pe-relocate: Fix bounds check for MZ binaries (bsc#1215103,CVE-2023-40551)
- remove shim-Enable-the-NX-compatibility-flag-by-default.patch
The codes in this patch are already existing in shim-15.8
The NX flag is disable which is same as the default value of shim-15.8,
hence, not need to enable it by this patch now.
- Patches (git log --oneline --reverse 15.7..15.8)
657b248 Make sbat_var.S parse right with buggy gcc/binutils
7c76425 Enable the NX compatibility flag by default.
89972ae CryptoPkg/BaseCryptLib: Fix buffer overflow issue in realloc wrapper
c7b3051 pe: Align section size up to page size for mem attrs
e4f40ae pe: Add IS_PAGE_ALIGNED macro
f23883c Don't loop forever in load_certs() with buggy firmware
1f38cb3 Optionally allow to keep shim protocol installed
102a658 Drop invalid calls to `CRYPTO_set_mem_functions`
aae3df0 test-sbat: Fix exit code
cca3933 Block Debian grub binaries with SBAT < 4
cf59f34 Further improve load_certs() for non-compliant drivers/firmwares
0601f44 SBAT-related documents formatting and spelling
0640e13 Add a security contact email address in README.md
0bfc397 Work around malformed path delimiters in file paths from DHCP
a8b0b60 pe: only process RelocDir->Size of reloc section
f7a4338 Skip testing msleep()
549d346 Rename 'msecs' to 'usecs' to avoid potential confusion
908c388 Change type of fallback_verbose_wait from int to unsigned long
05eae92 Add SbatLevel_Variable.txt to document the various revocations
243f125 Use -Wno-unused-but-set-variable for Cryptlib and OpenSSL
89d25a1 Add a make rule for compile_commands.json
118ff87 Add gnu-stack notes
f132655 test: Make our fake dprintf be a statement.
be00279 Remove CentOS 7 test builds.
9964960 Split pe.c up even more.
569270d Test (and fix) ImageAddress()
61e9894 Verify signature before verifying sbat levels
1578b55 Add libFuzzer support for csv.c
a0673e3 Fix a 1-byte memory leak in .sbat parsing.
e246812 Add libFuzzer support to the .sbat parser.
fd43eda Work around ImageAddress() usage mistake
1e985a3 Correctly free memory allocated in handle_image()
dbbe3c8 mok: Avoid underflow in maximum variable size calculation
04111d4 Make some of the static analysis tools a little easier to run
7ba7440 compile_commands.json: remove stuff clang doesn't like
66e6579 CVE-2023-40546 mok: fix LogError() invocation
f271826 Add primitives for overflow-checked arithmetic operations.
8372147 pe-relocate: Add a fuzzer for read_header()
5a5147d CVE-2023-40551: pe-relocate: Fix bounds check for MZ binaries
e912071 pe-relocate: make read_header() use checked arithmetic operations.
93ce255 CVE-2023-40550 pe: Fix an out-of-bound read in verify_buffer_sbat()
e7f5fdf pe-relocate: Ensure nothing else implements CVE-2023-40550
afdc503 CVE-2023-40549 Authenticode: verify that the signature header is in bounds.
96dccc2 CVE-2023-40548 Fix integer overflow on SBAT section size on 32-bit system
dae82f6 Further mitigations against CVE-2023-40546 as a class
ea0f9df Allow SbatLevel data from external binary
b078ef2 Always clear SbatLevel when Secure Boot is disabled
7dfb687 BS Variables for bootmgr revocations
a967c0e shim should not self revoke
577cedd Print message when refusing to apply SbatLevel
e801b0d sbat revocations: check the full section name
0226b56 CVE-2023-40547 - avoid incorrectly trusting HTTP headers
6f0c8d2 Print errors when setting/clearing memory attrs
57c0eed Updated Revocations for January 2024 CVEs
49c6d95 Fix some minor ia32 build issues.
be8ff7c post-process-pe: Don't set the NX_COMPAT flag by default after all.
13abd9f pe-relocate: Avoid __builtin_add_overflow() on GCC < 5
c46c975 Suppress "Failed to open <..>\revocations.efi" when file does not exist
30a4f37 Rename "previous" revocations to "automatic"
6f395c2 Build time selectable automatic SBATLevel revocations
a23e2f0 netboot read_image() should not hardcode DEFAULT_LOADER
993a345 Try to load revocations.efi even if directory read fails
1770a03 gitmodules: use shim-15.8 for gnu-efi branch
5914984 (HEAD -> main, tag: latest-release, tag: 15.8, origin/main, origin/HEAD) Bump version to 15.8
- supportutils
-
- Changes to version 3.2.10
+ network.txt collect all firewalld zones (pr#233)
+ Collects gfs2 info (PED-11853, pr#235, pr#236)
+ Ignore tasks/threads to prevent collecting duplicate fd data in open_files (bsc#1230371, pr#237)
+ Added openldap2_5 support for SLES (pr#238)
+ Collects additional hawk details (pr#239)
+ Optimized filtering D/Z processes (pr#241)
+ Collect firewalld permanent configuration (pr#243)
+ ldap_info: support for multiple DBs and sanitize olcRootPW (bsc#1231838, pr#247)
+ Added dbus_info for dbus.txt (bsc#1222650, pr#248)
- Changes to version 3.2.9
+ Map running PIDs to RPM package owner aiding BPF program detection (bsc#1222896, bsc#1213291, PED-8221)
+ Supportconfig available in current distro (PED-7131)
+ Corrected display issues (bsc#1231396)
+ NFS takes too long, showmount times out (bsc#1231423)
+ Merged sle15 and master branches (bsc#1233726, PED-11669)
- Changes to version 3.2.8
+ Avoid getting duplicate kernel verifications in boot.text (pr#190)
+ lvm: suppress file descriptor leak warnings from lvm commands (pr#191)
+ docker_info: Add timestamps to container logs (pr#196)
+ Key value pairs and container log timestamps (bsc#1222021 PED-8211, pr#198)
+ Update supportconfig get pam.d sorted (pr#199)
+ yast_files: Exclude .zcat (pr#201)
+ Sanitize grub bootloader (bsc#1227127, pr#203)
+ Sanitize regcodes (pr#204)
+ Improve product detection (pr#205)
+ Add read_values for s390x (bsc#1228265, pr#206)
+ hardware_info: Remove old alsa ver check (pr#209)
+ drbd_info: Fix incorrect escape of quotes (pr#210)
- Changes in version 3.1.30
+ Added -V key:value pair option (bsc#1222021, PED-8211)
+ Avoid getting duplicate kernel verifications in boot.text (pr#193)
+ Suppress file descriptor leak warnings from lvm commands (pr#192, bsc#1220082)
+ Includes container log timestamps (pr#197)
- suse-build-key
-
- changed keys to use SHA256 UIDs instead of SHA1. (bsc#1237294
bsc#1236779 jsc#PED-12321)
- gpg-pubkey-3fa1d6ce-67c856ee.asc to gpg-pubkey-09d9ea69-67c857f3.asc
- gpg-pubkey-09d9ea69-645b99ce.asc to gpg-pubkey-3fa1d6ce-63c9481c.asc
- suse_ptf_key_2023.asc, suse_ptf_key.asc: adjusted
- timezone
-
- Update to 2025b:
* New zone for Aysén Region in Chile (America/Coyhaique) which
moves from -04/-03 to -03
- Refresh patches
* revert-philippines-historical-data.patch
* tzdata-china.diff
- Update to 2025a:
* Paraguay adopts permanent -03 starting spring 2024
* Improve pre-1991 data for the Philippines
* Etc/Unknown is now reserved
- Update to 2024b:
* Improve historical data for Mexico, Mongolia, and Portugal.
* System V names are now obsolescent.
* The main data form now uses %z.
* The code now conforms to RFC 8536 for early timestamps.
* Support POSIX.1-2024, which removes asctime_r and ctime_r.
* Assume POSIX.2-1992 or later for shell scripts.
* SUPPORT_C89 now defaults to 1.
- Add revert-philippines-historical-data.patch, revert-systemv-deprecation.patch
* Fixes testsuite failures for other packages
- update to 2024a:
* Kazakhstan unifies on UTC+5. This affects Asia/Almaty and
Asia/Qostanay which together represent the eastern portion of the
country that will transition from UTC+6 on 2024-03-01 at 00:00 to
join the western portion. (Thanks to Zhanbolat Raimbekov.)
* Palestine springs forward a week later than previously predicted
in 2024 and 2025. (Thanks to Heba Hamad.) Change spring-forward
predictions to the second Saturday after Ramadan, not the first;
this also affects other predictions starting in 2039.
* Asia/Ho_Chi_Minh's 1955-07-01 transition occurred at 01:00
not 00:00. (Thanks to Đoàn Trần Công Danh.)
* From 1947 through 1949, Toronto's transitions occurred at 02:00
not 00:00. (Thanks to Chris Walton.)
* In 1911 Miquelon adopted standard time on June 15, not May 15.
* The FROM and TO columns of Rule lines can no longer be "minimum"
or an abbreviation of "minimum", because TZif files do not support
DST rules that extend into the indefinite past - although these
rules were supported when TZif files had only 32-bit data, this
stopped working when 64-bit TZif files were introduced in 1995.
This should not be a problem for realistic data, since DST was
first used in the 20th century. As a transition aid, FROM columns
like "minimum" are now diagnosed and then treated as if they were
the year 1900; this should suffice for TZif files on old systems
with only 32-bit time_t, and it is more compatible with bugs in
2023c-and-earlier localtime.c. (Problem reported by Yoshito
Umaoka.)
* localtime and related functions no longer mishandle some
timestamps that occur about 400 years after a switch to a time
zone with a DST schedule. In 2023d data this problem was visible
for some timestamps in November 2422, November 2822, etc. in
America/Ciudad_Juarez. (Problem reported by Gilmore Davidson.)
* strftime %s now uses tm_gmtoff if available. (Problem and draft
patch reported by Dag-Erling Smørgrav.)
* The strftime man page documents which struct tm members affect
which conversion specs, and that tzset is called. (Problems
reported by Robert Elz and Steve Summit.)
- update to 2023d:
* Ittoqqortoormiit, Greenland changes time zones on
2024-03-31.
* Vostok, Antarctica changed time zones on 2023-12-18.
* Casey, Antarctica changed time zones five times since
2020.
* Code and data fixes for Palestine timestamps starting in
2072.
* A new data file zonenow.tab for timestamps starting now.
* Fix predictions for DST transitions in Palestine in
2072-2075, correcting a typo introduced in 2023a.
* Vostok, Antarctica changed to +05 on 2023-12-18. It had
been at +07 (not +06) for years.
* Change data for Casey, Antarctica to agree with
timeanddate.com, by adding five time zone changes since 2020.
Casey is now at +08 instead of +11.
* Much of Greenland, represented by America/Nuuk, changed
its standard time from -03 to -02 on 2023-03-25, not on
2023-10-28.
* localtime.c no longer mishandles TZif files that contain
a single transition into a DST regime. Previously,
it incorrectly assumed DST was in effect before the transition
too.
* tzselect no longer creates temporary files.
* tzselect no longer mishandles the following:
* Spaces and most other special characters in BUGEMAIL,
PACKAGE, TZDIR, and VERSION.
* TZ strings when using mawk 1.4.3, which mishandles
regular expressions of the form /X{2,}/.
* ISO 6709 coordinates when using an awk that lacks the
GNU extension of newlines in -v option-arguments.
* Non UTF-8 locales when using an iconv command that
lacks the GNU //TRANSLIT extension.
* zic no longer mishandles data for Palestine after the
year 2075.
- Refresh tzdata-china.diff
- toolbox
-
- switch back to toolbox version 5.5 as SLFO code base still has
limited set of toos available (and supported)
- tpm2.0-tools
-
Update to version 5.7:
+ Security
- Fixed CVE-2024-29038 (bsc#1223687)
- Fixed CVE-2024-29039 (bsc#1223689)
+ Fixed
- Fix eventlog test
- Fix issues with reading NV indexes
- Fix context save error on tpm2_create
- tpm2_sessionconfig: fix handling of --disable-continue session so that the subsequent command will not fail
- when attempting to context save a flushed session.
- detection of functions within libcrypto when CRYPTO_LIBS is set and system has install libcrypto.
- tpm2_send: fix EOF detection on input stream.
- tpm2_policy.c fix compilation error caused by format directive for size_t on 32 bit systems.
- tpm2_nvread: fix input handling no nv index.
- Auth file: Ensure 0-termination when reading auths from a file.
- configure.ac: fix bashisms. configure scripts need to be runnable with a POSIX-compliant /bin/sh.
- cirrus.yml fix tss compilation with libtpms for FreeBSD.
- tpm2_tool.c Fix missing include for basename to enable compilation on netbsd.
- options: fix TCTI handling to avoid failures for commands that should work with no options.
- tpm2_getekcertificate.c Fix leak. ek_uri was not freed if get_ek_server_address failed.
+ Added
- Add the possibility for autoflush (environment variable "TPM2TOOLS_AUTOFLUSH", or -R option)
+ Removed
- Testing on Ubuntu 18.04 as it's near EOL (May 2023).m2_policy.c fix compilation error caused by format directive for size_t on 32 bit systems.
- tpm2_nvread: fix input handling no nv index.
- tpm2-tools.keyring: added Andreas Fuchs 0x8F4F9A45D7FFEE74 key, documented
in upstream repo, which was used for signing this new release tarball.
- Update to version 5.6
+ tpm2_eventlog:
* add H-CRTM event support
* add support of efivar versions less than 38
* Add support to check for efivar/efivar.h manually
* Minor formatting fixes
* tpm2_eventlog: add support for replay with different
StartupLocality
* Fix pcr extension for EV_NO_ACTION
* Extend test of yaml string representation
* Use helper for printing a string dump
* Fix upper bound on unique data size
* Fix YAML string formatting
+ tpm2_policy:
* Add support for parsing forward seal TPM values
* Use forward seal values in creating policies
* Move dgst_size in evaluate_populate_pcr_digests()
* Allow more than 8 PCRs for sealing
* Move dgst_size in evaluate_populate_pcr_digests
* Allow more than 8 PCRs for sealing
* Make __wrap_Esys_PCR_Read() more dynamic to enable testing more
PCRs
+ tpm2_encryptdecrypt: Fix pkcs7 padding stripping
+ tpm2_duplicate:
* Support -a option for attributes
* Add --key-algorithm option
+ tpm2_encodeobject: Use the correct -O option instead of -C
+ tpm2_unseal: Add qualifier static to enhance the privacy of unseal
function
+ tpm2_sign:
* Remove -m option which was added mistakenly
* Revert sm2 sign and verifysignature
+ tpm2_createek:
* Correct man page example
* Fix usage of nonce
* Fix integrating nonce
+ tpm2_clear: add more details about the action
+ tpm2_startauthsession: allow the file attribute for policy
authorization.
+ tpm2_getekcertificate: Add AMD EK support
+ tpm2_ecdhzgen: Add public-key parameter
+ tpm2_nvreadpublic: Prevent free of unallocated pointers on failure
+ Bug-fixes:
* The readthedocs build failed with module 'jinja2' has no
attribute 'contextfilter' a requirement file was added to fix
this problem
* An error caused by the flags -flto -_FORTIFY_SOURCE=3 in kdfa
implementation. This error can be avoided by switching off the
optimization with pragma
* Changed wrong function name of "Esys_Load" to "Esys_Load"
* Function names beginning with Esys_ are wrongly written as Eys_
* Reading and writing a serialized persistent ESYS_TR handles
* cirrus-ci update image-family to freebsd-13-2 from 13-1
+ misc:
* Change the default Python version to Python3 in the helper's
code
* Skip test which uses the sign operator for comparison in
abrmd_policynv.sh
* tools/tr_encode: Add a tool that can encode serialized ESYS_TR
for persistent handles from the TPM2B_PUBLIC and the raw
persistent TPM2_HANDLE
* Add safe directory in config
- vim
-
- Introduce patch to fix bsc#1235751 (regression).
* vim-9.1.1134-revert-putty-terminal-colors.patch
- Update to 9.1.1176. Changes:
* 9.1.1176: wrong indent when expanding multiple lines
* 9.1.1175: inconsistent behaviour with exclusive selection and motion commands
* 9.1.1174: tests: Test_complete_cmdline() may fail
* 9.1.1173: filetype: ABNF files are not detected
* 9.1.1172: [security]: overflow with 'nostartofline' and Ex command in tag file
* 9.1.1171: tests: wrong arguments passed to assert_equal()
* 9.1.1170: wildmenu highlighting in popup can be improved
* 9.1.1169: using global variable for get_insert()/get_lambda_name()
* 9.1.1168: wrong flags passed down to nextwild()
* 9.1.1167: mark '] wrong after copying text object
* 9.1.1166: command-line auto-completion hard with wildmenu
* 9.1.1165: diff: regression with multi-file diff blocks
* 9.1.1164: [security]: code execution with tar.vim and special crafted tar files
* 9.1.1163: $MYVIMDIR is set too late
* 9.1.1162: completion popup not cleared in cmdline
* 9.1.1161: preinsert requires bot "menu" and "menuone" to be set
* 9.1.1160: Ctrl-Y does not work well with "preinsert" when completing items
* 9.1.1159: $MYVIMDIR may not always be set
* 9.1.1158: :verbose set has wrong file name with :compiler!
* 9.1.1157: command completion wrong for input()
* 9.1.1156: tests: No test for what patch 9.1.1152 fixes
* 9.1.1155: Mode message not cleared after :silent message
* 9.1.1154: Vim9: not able to use autoload class accross scripts
* 9.1.1153: build error on Haiku
* 9.1.1152: Patch v9.1.1151 causes problems
* 9.1.1151: too many strlen() calls in getchar.c
* 9.1.1150: :hi completion may complete to wrong value
* 9.1.1149: Unix Makefile does not support Brazilian lang for the installer
* 9.1.1148: Vim9: finding imported scripts can be further improved
* 9.1.1147: preview-window does not scroll correctly
* 9.1.1146: Vim9: wrong context being used when evaluating class member
* 9.1.1145: multi-line completion has wrong indentation for last line
* 9.1.1144: no way to create raw strings from a blob
* 9.1.1143: illegal memory access when putting a register
* 9.1.1142: tests: test_startup fails if $HOME/$XDG_CONFIG_HOME is defined
* 9.1.1141: Misplaced comment in readfile()
* 9.1.1140: filetype: m17ndb files are not detected
* 9.1.1139: [fifo] is not displayed when editing a fifo
* 9.1.1138: cmdline completion for :hi is too simplistic
* 9.1.1137: ins_str() is inefficient by calling STRLEN()
* 9.1.1136: Match highlighting marks a buffer region as changed
* 9.1.1135: 'suffixesadd' doesn't work with multiple items
* 9.1.1134: filetype: Guile init file not recognized
* 9.1.1133: filetype: xkb files not recognized everywhere
* 9.1.1132: Mark positions wrong after triggering multiline completion
* 9.1.1131: potential out-of-memory issue in search.c
* 9.1.1130: 'listchars' "precedes" is not drawn on Tabs.
* 9.1.1129: missing out-of-memory test in buf_write()
* 9.1.1128: patch 9.1.1119 caused a regression with imports
* 9.1.1127: preinsert text is not cleaned up correctly
* 9.1.1126: patch 9.1.1121 used a wrong way to handle enter
* 9.1.1125: cannot loop through pum menu with multiline items
* 9.1.1124: No test for 'listchars' "precedes" with double-width char
* 9.1.1123: popup hi groups not falling back to defaults
* 9.1.1122: too many strlen() calls in findfile.c
* 9.1.1121: Enter does not insert newline with "noselect"
* 9.1.1120: tests: Test_registers fails
* 9.1.1119: Vim9: Not able to use an autoloaded class from another autoloaded script
* 9.1.1118: tests: test_termcodes fails
* 9.1.1117: there are a few minor style issues
* 9.1.1116: Vim9: super not supported in lambda expressions
* 9.1.1115: [security]: use-after-free in str_to_reg()
* 9.1.1114: enabling termguicolors automatically confuses users
* 9.1.1113: tests: Test_terminal_builtin_without_gui waits 2 seconds
* 9.1.1112: Inconsistencies in get_next_or_prev_match()
* 9.1.1111: Vim9: variable not found in transitive import
* 9.1.1110: Vim tests are slow and flaky
* 9.1.1109: cmdexpand.c hard to read
* 9.1.1108: 'smoothscroll' gets stuck with 'listchars' "eol"
* 9.1.1107: cannot loop through completion menu with fuzzy
* 9.1.1106: tests: Test_log_nonexistent() causes asan failure
* 9.1.1105: Vim9: no support for protected new() method
* 9.1.1104: CI: using Ubuntu 22.04 Github runners
* 9.1.1103: if_perl: still some compile errors with Perl 5.38
* 9.1.1102: tests: Test_WinScrolled_Resized_eiw() uses wrong filename
- 9.1.1101 is a fix for:
bsc#1229685 (CVE-2024-43790)
bsc#1229822 (CVE-2024-43802)
bsc#1230078 (CVE-2024-45306)
bsc#1235695 (CVE-2025-22134)
bsc#1236151 (CVE-2025-24014)
bsc#1237137 (CVE-2025-1215)
- Remove obsoleted patch:
* vim-7.3-mktemp_tutor.patch
- update to 9.1.1101
* insexpand.c hard to read
* tests: Test_log_nonexistent only works on Linux
* Update base-syntax, improve variable matching
* Vim9: import with extends may crash
* leaking memory with completing multi lines
* --log with non-existent path causes a crash
* if_perl: Perl 5.38 adds new symbols causing link failure
* tests: matchparen plugin test wrongly named
* Vim9: problem finding implemented method in type hierarchy
* runtime(qf): Update syntax file, match second delimiter
* tests: output of test ...win32_ctrl_z depends on python version
* tests: fix expected return code for python 3.13 on Windows
* tests: timeout might be a bit too small
* tests: test_terminwscroll_topline2 unreliable
* tests: No check when tests are run under Github actions
* tests: plugin tests are named inconsistently
* Vim9: import with extends may crash
* completion doesn't work with multi lines
* filetype: cmmt files are not recognized
* Unable to persistently ignore events in a window and its buffers
* improve syntax highlighting
* setreg() doesn't correctly handle mbyte chars in blockwise mode
* unexpected DCS responses may cause out of bounds reads
* has('bsd') is true for GNU/Hurd
* filetype: Mill files are not recognized
* GUI late startup leads to uninitialized scrollbars
* Add support for lz4 to tar & gzip plugin
* Terminal ansi colors off by one after tgc reset
* included syntax items do not understand contains=TOP
* vim_strnchr() is strange and unnecessary
* Vim9: len variable not used in compile_load()
* runtime(vim): Update base-syntax, match :debuggreedy count prefix
* Strange error when heredoc marker starts with "trim"
* tests: test_compiler fails on Windows without Maven
* 'diffopt' "linematch" cannot be used with {n} less than 10
* args missing after failing to redefine a function
* Cannot control cursor positioning of getchar()
* preinsert text completions not deleted with <C-W>/<C-U>
* getchar() can't distinguish between C-I and Tab
* tests: Test_termwinscroll_topline2 fails on MacOS
* heap-use-after-free and stack-use-after-scope with :14verbose
* no digraph for "Approaches the limit"
* not possible to use plural forms with gettext()
* too many strlen() calls in userfunc.c
* terminal: E315 when dragging the terminal with the mouse
* runtime(openPlugin): fix unclosed parenthesis in GetWordUnderCursor()
* runtime(doc): Tweak documentation style a bit
* tests: test_glvs fails when unarchiver not available
* Vim always enables 'termguicolors' in a terminal
* completion: input text deleted with preinsert when adding leader
* translation(sr): Missing Serbian translation for the tutor
* Superfluous cleanup steps in test_ins_complete.vim
* runtime(netrw): correct wrong version check
* Vim doesn't highlight to be inserted text when completing
* runtime(netrw): upstream snapshot of v176
* runtime(dist/vim9): fix regressions in dist#vim9#Open
* runtime(hyprlang): fix string recognition
* make install fails because of a missing dependency
* runtime(asm): add byte directives to syntax script
* Vim doesn't work well with TERM=xterm-direct
* runtime(filetype): commit 99181205c5f8284a3 breaks V lang detection
* runtime: decouple Open and Launch commands and gx mapping from netrw
* "nosort" enables fuzzy filtering even if "fuzzy" isn't in 'completeopt'
* runtime(just): fix typo in syntax file
* runtime(filetype): Improve Verilog detection by checking for modules definition
* tests: off-by-one error in CheckCWD in test_debugger.vim
* tests: no support for env variables when running Vim in terminal
* too many strlen() calls in os_unix.c
* insert-completed items are always sorted
* crash after scrolling and pasting in silent Ex mode
* Makefiles uses non-portable syntax
* fuzzymatching doesn't prefer matching camelcase
* filetype: N-Tripels and TriG files are not recognized
* Vim9: Patch 9.1.1014 causes regressions
* translation(sr): Update Serbian messages translation
- updade to 9.1.1043
* [security]: segfault in win_line()
* update helptags
* filetype: just files are not recognized
* Update base-syntax, match ternary and falsy operators
* Vim9: out-of-bound access when echoing an enum
* Vim9: imported type cannot be used as func return type
* runtime(kconfig): updated ftplugin and syntax script
* runtime(doc): rename last t_BG reference to t_RB
* Vim9: comments are outdated
* tests: test_channel.py fails with IPv6
* runtime(vim): Update base-syntax, fix is/isnot operator matching
* Vim9: confusing error when using abstract method via super
* make install fails when using shadowdir
* Vim9: memory leak with blob2str()
* runtime(tex): add texEmphStyle to texMatchGroup in syntax script
* runtime(netrw): upstream snapshot of v175
* Vim9: compiling abstract method fails without return
* runtime(c): add new constexpr keyword to syntax file (C23)
* tests: shaderslang was removed from test_filetype erroneously
* link error when FEAT_SPELL not defined
* Coverity complains about insecure data handling
* runtime(sh): update syntax script
* runtime(c): Add missing syntax test files
* filetype: setting bash filetype is backwards incompatible
* runtime(c): Update syntax and ftplugin files
* the installer can be improved
* too many strlen() calls in screen.c
* no sanitize check when running linematch
* filetype: swc configuration files are not recognized
* runtime(netrw): change netrw maintainer
* wrong return type of blob2str()
* blob2str/str2blob() do not support list of strings
* runtime(doc): fix typo in usr_02.txt
* Coverity complains about dereferencing NULL pointer
* linematch option value not completed
* string might be used without a trailing NUL
* no way to get current selected item in a async context
* filetype: fd ignore files are not recognized
* v9.1.0743 causes regression with diff mode
* runtime(doc): fix base64 encode/decode examples
* Vim9: Patch 9.1.1013 causes a few problems
* Not possible to convert string2blob and blob2string
* Coverity complains about dereferencing NULL value
* Vim9: variable not found in transitive import
* runtime(colors): Update colorschemes, include new unokai colorscheme
* Vim9: Regression caused by patch v9.1.0646
* runtime(lyrics): support milliseconds in syntax script
* runtime(vim): Split Vim legacy and Vim9 script indent tests
* Vim9: class interface inheritance not correctly working
* popupmenu internal error with some abbr in completion item
* filetype: VisualCode setting file not recognized
* diff feature can be improved
* tests: test for patch 9.1.1006 doesn't fail without the patch
* filetype: various ignore are not recognized
* tests: Load screendump files with "git vimdumps"
* PmenuMatch completion highlight can be combined
* completion text is highlighted even with no pattern found
* tests: a few termdebug tests are flaky
* [security]: heap-buffer-overflow with visual mode
* runtime(doc): add package-<name> helptags for included packages
* Vim9: unknown func error with interface declaring func var
* runtime(filetype): don't detect string interpolation as angular
* ComplMatchIns highlight hard to read on light background
* runtime(vim): Update base-syntax, highlight literal string quote escape
* runtime(editorconfig): set omnifunc to syntaxcomplete func
* tests: ruby tests fail with Ruby 3.4
* Vim9: leaking finished exception
* runtime(tiasm): use correct syntax name tiasm in syntax script
* filetype: TI assembly files are not recognized
* too many strlen() calls in drawscreen.c
* runtime(xf86conf): add section name OutputClass to syntax script
* ComplMatchIns may highlight wrong text
* runtime(vim): Update base-syntax, improve ex-bang matching
* runtime(doc): clarify buffer deletion on popup_close()
* filetype: shaderslang files are not detected
* Vim9: not able to use comment after opening curly brace
- update to 9.1.0993
* 9.1.0993: New 'cmdheight' behavior may be surprising
* runtime(sh): fix typo in Last Change header
* 9.1.0992: Vim9: double-free after v9.1.0988
* 9.1.0991: v:stacktrace has wrong type in Vim9 script
* runtime(sh): add PS0 to bashSpecialVariables in syntax script
* runtime(vim): Remove trailing comma from match_words
* runtime(zsh): sync syntax script with upstream repo
* runtime(doc): Capitalise the mnemonic "Zero" for the 'z' flag of search()
* 9.1.0990: Inconsistent behavior when changing cmdheight
* 9.1.0989: Vim9: Whitespace after the final enum value causes a syntax error
* runtime(java): Quietly opt out for unsupported markdown.vim versions
* runtime(vim): fix failing vim syntax test
* 9.1.0988: Vim9: no error when using uninitialized var in new()
* runtime(doc): update index.txt
* 9.1.0987: filetype: cake files are not recognized
* 9.1.0986: filetype: 'jj' filetype is a bit imprecise
* runtime(jj): Support diffs in jj syntax
* runtime(vim): Update matchit pattern, no Vim9 short names
* 9.1.0985: Vim9: some ex commands can be shortened
* 9.1.0984: exception handling can be improved
* runtime(doc): update doc for :horizontal
* runtime(doc): update index.txt, windows.txt and version9.txt
* runtime(doc): Tweak documentation about base64 function
* runtime(chordpro): update syntax script
* 9.1.0983: not able to get the displayed items in complete_info()
* runtime(doc): use standard SGR format at :h xterm-true-color
* 9.1.0982: TI linker files are not recognized
* runtime(vim): update vim generator syntax script
* 9.1.0981: tests: typo in test_filetype.vim
* 9.1.0980: no support for base64 en-/decoding functions in Vim Script
* syntax(sh): Improve the recognition of bracket expressions
* runtime(doc): mention how NUL bytes are handled
* 9.1.0979: VMS: type warning with $XDG_VIMRC_FILE
* 9.1.0978: GUI tests sometimes fail when setting 'scroll' options
* 9.1.0977: filetype: msbuild filetypes are not recognized
* 9.1.0976: Vim9: missing return statement with throw
* 9.1.0975: Vim9: interpolated string expr not working in object methods
* 9.1.0974: typo in change of commit v9.1.0873
* 9.1.0973: too many strlen() calls in fileio.c
* runtime(sh): set shellcheck as the compiler for supported shells
* runtime(doc): Fix enum example syntax
* 9.1.0972: filetype: TI linker map files are not recognized
* runtime(vim): Improve syntax script generator for Vim Script
* 9.1.0971: filetype: SLNX files are not recognized
* 9.1.0970: VMS: build errors on VMS architecture
* runtime(doc): Fix documentation typos
* runtime(doc): update for new keyprotocol option value (after v9.1.0969)
* 9.1.0969: ghostty not using kitty protocol by default
* 9.1.0968: tests: GetFileNameChecks() isn't fully sorted by filetype name
* runtime(doc): update version9.txt for bash filetype
* runtime(netrw): update last change header for #16265
* runtime(doc): fix doc error in :r behaviour
* 9.1.0967: SpotBugs compiler setup can be further improved
* 9.1.0966: Vim9: :enum command can be shortened
* runtime(compiler): include a basic bash syntax checker compiler
* 9.1.0965: filetype: sh filetype set when detecting the use of bash
* runtime(doc): clarify ARCH value for 32-bit in INSTALLpc.txt
* 9.1.0963: fuzzy-matching does not prefer full match
* 9.1.0962: filetype: bun.lock file is not recognized
* runtime(vim): update indentation plugin for Vim script
* runtime(doc): tweak documentation style in helphelp.txt
* runtime(vim): Update base-syntax, allow parens in default arguments
* runtime(doc): mention auto-format using clang-format for sound.c/sign.c
* runtime(help): fix typo s/additional/arbitrary/
* runtime(help): Add better support for language annotation highlighting
* 9.1.0961: filetype: TI gel files are not recognized
* 9.1.0960: filetype: hy history files are not recognized
* translation(fi): Fix typoes in Finish menu translation
* 9.1.0959: Coverity complains about type conversion
* runtime(vim): Use supported syntax in indent tests
* 9.1.0958: filetype: supertux2 config files detected as lisp
* 9.1.0956: completion may crash, completion highlight wrong with preview window
* 9.1.0955: Vim9: vim9compile.c can be further improved
* runtime(doc): move help tag E1182
* runtime(graphql): contribute vim-graphql to Vim core
* 9.1.0954: popupmenu.c can be improved
* 9.1.0953: filetype: APKBUILD files not correctly detected
* 9.1.0952: Vim9: missing type checking for any type assignment
* 9.1.0951: filetype: jshell files are not recognized
* runtime(dockerfile): do not set commentstring in syntax script
* 9.1.0950: filetype: fennelrc files are not recognized
* runtime(netrw): do not double escape Vim special characters
* git: ignore reformatting change of netrw plugin
* runtime(netrw): more reformating #16248
* runtime(doc): Add a note about handling symbolic links in starting.txt
* 9.1.0949: popups inconsistently shifted to the left
* git: ignore reformatting change of netrw plugin
* runtime(netrw): change indent size from 1 to 2
* 9.1.0948: Missing cmdline completion for :pbuffer
* runtime(tutor): Reformat tutor1
* 9.1.0947: short-description
* 9.1.0946: cross-compiling fails on osx-arm64
* 9.1.0945: ComplMatchIns highlight doesn't end after inserted text
* translation(sv): re-include the change from #16240
* 9.1.0944: tests: test_registers fails when not run under X11
* 9.1.0943: Vim9: vim9compile.c can be further improved
* runtime(doc): Update README and mention make check to verify
* translation(sv): partly revert commit 98874dca6d0b60ccd6fc3a140b3ec
* runtime(vim): update base-syntax after v9.1.0936
* 9.1.0942: a few typos were found
* 9.1.0941: ComplMatchIns doesn't work after multibyte chars
* runtime(doc): Fix style in fold.txt
* translation(sv): Fix typo in Swedish translation
* 9.1.0940: Wrong cursor shape with "gq" and 'indentexpr' executes :normal
* runtime(doc): fix some small errors
* 9.1.0939: make installtutor fails
* 9.1.0938: exclusive selection not respected when re-selecting block mode
* 9.1.0937: test_undolist() is flaky
* 9.1.0936: cannot highlight completed text
* 9.1.0935: SpotBugs compiler can be improved
* 9.1.0934: hard to view an existing buffer in the preview window
* runtime(doc): document how to minimize fold computation costs
* 9.1.0933: Vim9: vim9compile.c can be further improved
* 9.1.0932: new Italian tutor not installed
* runtime(doc): fix a few minor errors from the last doc updates
* translation(it): add Italian translation for the interactive tutor
* runtime(doc): update the change.txt help file
* runtime(help): Add Vim lang annotation support for codeblocks
* 9.1.0931: ml_get error in terminal buffer
* 9.1.0930: tests: test_terminal2 may hang in GUI mode
* 9.1.0929: filetype: lalrpop files are not recognized
* 9.1.0928: tests: test_popupwin fails because the filter command fails
* editorconfig: set trim_trailing_whitespace = false for src/testdir/test*.vim
* 9.1.0927: style issues in insexpand.c
* 9.1.0926: filetype: Pixi lock files are not recognized
* runtime(doc): Add a reference to |++opt| and |+cmd| at `:h :pedit`
* runtime(doc): add a note about inclusive motions and exclusive selection
* 9.1.0925: Vim9: expression compiled when not necessary
* 9.1.0924: patch 9.1.0923 causes issues
* 9.1.0923: too many strlen() calls in filepath.c
* 9.1.0923: wrong MIN macro in popupmenu.c
* 9.1.0921: popupmenu logic is a bit convoluted
* 9.1.0920: Vim9: compile_assignment() too long
* 9.1.0919: filetype: some assembler files are not recognized
* runtime(netrw): do not pollute search history with symlinks
* 9.1.0918: tiny Vim crashes with fuzzy buffer completion
* 9.1.0917: various vartabstop and shiftround bugs when shifting lines
* runtime(typst): add definition lists to formatlistpat, update maintainer
* 9.1.0916: messages.c is exceeding 80 columns
* runtime(proto): include filetype plugin for protobuf
* 9.1.0915: GVim: default font size a bit too small
* 9.1.0914: Vim9: compile_assignment() is too long
* 9.1.0913: no error check for neg values for 'messagesopt'
* runtime(netrw): only check first arg of netrw_browsex_viewer for being executable
* 9.1.0912: xxd: integer overflow with sparse files and -autoskip
* 9.1.0911: Variable name for 'messagesopt' doesn't match short name
* 9.1.0910: 'messagesopt' does not check max wait time
* runtime(doc): update wrong Vietnamese localization tag
* 9.1.0909: Vim9: crash when calling instance method
- update to 9.1.0908
* refresh vim-7.3-mktemp_tutor.patch
* 9.1.0908: not possible to configure :messages
* 9.1.0907: printoptions:portrait does not change postscript Orientation
* runtime(doc): Add vietnamese.txt to helps main TOC
* 9.1.0906: filetype: Nvidia PTX files are not recognized
* runtime(doc): updated version9.txt with changes from v9.1.0905
* 9.1.0905: Missing information in CompleteDone event
* 9.1.0904: Vim9: copy-paste error in class_defining_member()
* 9.1.0903: potential overflow in spell_soundfold_wsal()
* runtime(netrw): do not detach when launching external programs in gvim
* runtime(doc): make tag alignment more consistent in filetype.txt
* runtime(doc): fix wrong syntax and style of vietnamese.txt
* translation(it): update Italian manpage for vimtutor
* runtime(lua): add optional lua function folding
* Filelist: include translations for Chapter 2 tutor
* translation(vi): Update Vietnamese translation
* runtime(doc): include vietnamese.txt
* runtime(tutor): fix another typo in tutor2
* runtime(doc): fix typo in vimtutor manpage
* translation(it): update Italian manpage for vimtutor
* translation(it): include Italian version of tutor chapter 2
* runtime(tutor): regenerated some translated tutor1 files
* runtime(tutor): fix typo in Chapter 2
* 9.1.0902: filetype: Conda configuration files are not recognized
* runtime(doc): Tweak documentation style a bit
* runtime(tutor): update the tutor files and re-number the chapters
* runtime(tutor): Update the makefiles for tutor1 and tutor2 files
* 9.1.0901: MS-Windows: vimtutor batch script can be improved
* runtime(doc): remove buffer-local completeopt todo item
* 9.1.0900: Vim9: digraph_getlist() does not accept bool arg
* runtime(typst): provide a formatlistpat in ftplugin
* runtime(doc): Update documentation for "noselect" in 'completeopt'
* 9.1.0899: default for 'backspace' can be set in C code
* runtime(helptoc): reload cached g:helptoc.shell_prompt when starting toc
* translation(ru): Updated messages translation
* 9.1.0898: runtime(compiler): pytest compiler not included
* 9.1.0897: filetype: pyrex files are not detected
* runtime(compiler): update eslint compiler
* 9.1.0896: completion list wrong after v9.1.0891
* runtime(doc): document changed default value for 'history'
* 9.1.0895: default history value is too small
* 9.1.0894: No test for what the spotbug compiler parses
* 9.1.0893: No test that undofile format does not regress
* translation(de): update German manpages
* runtime(compiler): include spotbugs Java linter
* 9.1.0892: the max value of 'tabheight' is limited by other tabpages
* runtime(po): remove poDiffOld/New, add po-format flags to syntax file
* 9.1.0891: building the completion list array is inefficient
* patch 9.1.0890: %! item not allowed for 'rulerformat'
* runtime(gzip): load undofile if there exists one
* 9.1.0889: Possible unnecessary redraw after adding/deleting lines
* 9.1.0888: leftcol property not available in getwininfo()
* 9.1.0887: Wrong expression in sign.c
* 9.1.0886: filetype: debian control file not detected
* runtime(c3): include c3 filetype plugin
* 9.1.0885: style of sign.c can be improved
* 9.1.0884: gcc warns about uninitialized variable
* runtime(apache): Update syntax directives for apache server 2.4.62
* translation(ru): updated vimtutor translation, update MAINTAINERS file
* 9.1.0883: message history cleanup is missing some tests
* runtime(doc): Expand docs on :! vs. :term
* runtime(netrw): Fixing powershell execution issues on Windows
* 9.1.0882: too many strlen() calls in insexpand.c
* 9.1.0881: GUI: message dialog may not get focus
* runtime(netrw): update netrw's decompress logic
* runtime(apache): Update syntax keyword definition
* runtime(misc): add Italian LICENSE and (top-level) README file
* 9.1.0880: filetype: C3 files are not recognized
* runtime(doc): add helptag for :HelpToc command
* 9.1.0879: source is not consistently formatted
* Add clang-format config file
* runtime(compiler): fix escaping of arguments passed to :CompilerSet
* 9.1.0878: termdebug: cannot enable DEBUG mode
* 9.1.0877: tests: missing test for termdebug + decimal signs
* 9.1.0876: filetype: openCL files are not recognized
* 9.1.0875: filetype: hyprlang detection can be improved
* 9.1.0874: filetype: karel files are not detected
* 9.1.0873: filetype: Vivado files are not recognized
* 9.1.0872: No test for W23 message
* 9.1.0871: getcellpixels() can be further improved
* 9.1.0870: too many strlen() calls in eval.c
* 9.1.0869: Problem: curswant not set on gm in folded line
* 9.1.0868: the warning about missing clipboard can be improved
* runtime(doc): Makefile does not clean up all temporary files
* 9.1.0867: ins_compl_add() has too many args
* editorconfig: don't trim trailing whitespaces in runtime/doc
* translation(am): Remove duplicate keys in desktop files
* runtime(doc): update helptags
* runtime(filetype): remove duplicated *.org file pattern
* runtime(cfg): only consider leading // as starting a comment
* 9.1.0866: filetype: LLVM IR files are not recognized
* 9.1.0865: filetype: org files are not recognized
* 9.1.0864: message history is fixed to 200
* 9.1.0863: getcellpixels() can be further improved
* runtime(sh): better function support for bash/zsh in indent script
* runtime(netrw): small fixes to netrw#BrowseX
* 9.1.0862: 'wildmenu' not enabled by default in nocp mode
* runtime(doc): update how to report issues for mac Vim
* runtime(doc): mention option-backslash at :h CompilerSet
* runtime(compiler): include a Java Maven compiler plugin
* runtime(racket): update Racket runtime files
* runtime(doc): improve indentation in examples for netrw-handler
* runtime(doc): improve examples for netrw-handler functions
* runtime(idris2): include filetype,indent+syntax plugins for (L)Idris2 + ipkg
* runtime(doc): clarify the use of filters and external commands
* 9.1.0861: Vim9: no runtime check for object member access of any var
* runtime(compiler): update pylint linter
* 9.1.0860: tests: mouse_shape tests use hard code sleep value
* 9.1.0859: several problems with the GLVS plugin
* 9.1.0858: Coverity complains about dead code
* runtime(tar): Update tar.vim to support permissions
* 9.1.0857: xxd: --- is incorrectly recognized as end-of-options
* 9.1.0851: too many strlen() calls in getchar.c
* 9.1.0850: Vim9: cannot access nested object inside objects
* runtime(tex): extra Number highlighting causes issues
* runtime(vim): Fix indent after :silent! function
* 9.1.0849: there are a few typos in the source
* runtime(netrw): directory symlink not resolved in tree view
* runtime(doc): add a table of supported Operating Systems
* runtime(tex): update Last Change header in syntax script
* runtime(doc): fix typo in g:termdebug_config
* runtime(vim): Update base-syntax, improve :normal highlighting
* runtime(tex): add Number highlighting to syntax file
* runtime(doc): Tweak documentation style a bit
* 9.1.0848: if_lua: v:false/v:true are not evaluated to boolean
* runtime(dune): use :setl instead of :set in ftplugin
* runtime(termdebug): allow to use decimal signs
* translation(it): Updated Italian vimtutor
* runtime(compiler): improve cppcheck
* git: git-blame-ignore-revs shown as an error on Github
* 9.1.0847: tests: test_popupwin fails because of updated help file
* 9.1.0846: debug symbols for xxd are not cleaned in Makefile
* runtime(structurizr): Update structurizr syntax
* runtime(8th): updated 8th syntax
* runtime(doc): Add pi_tutor.txt to help TOC
* runtime(compiler): add mypy and ruff compiler; update pylint linter
* runtime(netrw): fix several bugs in netrw tree listing
* runtime(netrw): prevent polluting the search history
* 9.1.0845: vimtutor shell script can be improved
* 9.1.0844: if_python: no way to pass local vars to python
* 9.1.0843: too many strlen() calls in undo.c
* runtime(doc): update default value for fillchars option
* runtime(compiler): fix typo in cppcheck compiler plugin
* runtime(doc): simplify vimtutor manpage a bit more
* runtime(matchparen): Add matchparen_disable_cursor_hl config option
* 9.1.0842: not checking for the sync() systemcall
* 9.1.0841: tests: still preferring python2 over python3
* 9.1.0840: filetype: idris2 files are not recognized
* 9.1.0839: filetype: leo files are not recognized
* runtime(cook): include cook filetype plugin
* runtime(debversions): Update Debian versions
* patch 9.1.0838: vimtutor is bash-specific
* runtime(doc): add help specific modeline to pi_tutor.txt
* Filelist: vimtutor chapter 2 is missing in Filelist
* 9.1.0837: cross-compiling has some issues
* runtime(vimtutor): Add a second chapter
- Fix for bsc#1231373 / CVE-2024-47814.
- Fix for bsc#1229238 / CVE-2024-43374.
- update to 9.1.0836
* 9.1.0836: The vimtutor can be improved
* 9.1.0835: :setglobal doesn't work properly for 'ffu' and 'tsrfu'
* 9.1.0834: tests: 2html test fails
* 9.1.0833: CI: recent ASAN changes do not work for indent tests
* 9.1.0832: :set doesn't work for 'cot' and 'bkc' after :setlocal
* runtime(doc): update help-toc description
* runtime(2html): Make links use color scheme colors in TOhtml
* 9.1.0831: 'findexpr' can't be used as lambad or Funcref
* Filelist: include helptoc package
* runtime(doc): include a TOC Vim9 plugin
* Filelist: ignore .git-blame-ignore-revs
* 9.1.0830: using wrong highlight group for spaces for popupmenu
* runtime(typst): synchronize updates from the upstream typst.vim
* git: ignore reformatting commit for git-blame (after v9.1.0829)
* 9.1.0829: Vim source code uses a mix of tabs and spaces
* 9.1.0828: string_T struct could be used more often
* 9.1.0827: CI: tests can be improved
* runtime(doc): remove stray sentence in pi_netrw.txt
* 9.1.0826: filetype: sway files are not recognized
* runtime(doc): Include netrw-gp in TOC
* runtime(doc): mention 'iskeyword' at :h charclass()
* runtime(doc): update help tags
* 9.1.0825: compile error for non-diff builds
* runtime(netrw): fix E874 when browsing remote directory which contains `~` character
* runtime(doc): update coding style documentation
* runtime(debversions): Add plucky (25.04) as Ubuntu release name
* 9.1.0824: too many strlen() calls in register.c
* 9.1.0823: filetype: Zephyr overlay files not recognized
* runtime(doc): Clean up minor formatting issues for builtin functions
* runtime(netrw): make :Launch/Open autoloadable
* runtime(netrw): fix regression with x mapping on Cygwin
* runtime(netrw): fix filetype detection for remote files
* 9.1.0822: topline might be changed in diff mode unexpectedly
* CI: huge linux builds should also run syntax & indent tests
* 9.1.0821: 'findexpr' completion doesn't set v:fname to cmdline argument
* 9.1.0820: tests: Mac OS tests are too flaky
* runtime(awk): Highlight more awk comments in syntax script
* runtime(netrw): add missing change for s:redir()
* 9.1.0819: tests: using findexpr and imported func not tested
* runtime(netrw): improve netrw's open-handling further
* runtime(netrw): fix syntax error in netrwPlugin.vim
* runtime(netrw): simplify gx file handling
* 9.1.0818: some global functions are only used in single files
* 9.1.0817: termdebug: cannot evaluate expr in a popup
* runtime(defaults): Detect putty terminal and switch to dark background
* 9.1.0816: tests: not clear what tests cause asan failures
* runtime(doc): Remove some completed items from todo.txt
* 9.1.0815: "above" virtual text causes wrong 'colorcolumn' position
* runtime(syntax-tests): tiny vim fails because of line-continuation
* 9.1.0814: mapset() may remove unrelated mapping
* 9.1.0813: no error handling with setglobal and number types
* 9.1.0812: Coverity warns about dereferencing NULL ptr
* 9.1.0811: :find expansion does not consider 'findexpr'
* 9.1.0810: cannot easily adjust the |:find| command
* 9.1.0809: filetype: petalinux config files not recognized
* 9.1.0808: Terminal scrollback doesn't shrink when decreasing 'termwinscroll'
* 9.1.0807: tests: having 'nolist' in modelines isn't always desired
* 9.1.0806: tests: no error check when setting global 'briopt'
* 9.1.0805: tests: minor issues in gen_opt_test.vim
* 9.1.0804: tests: no error check when setting global 'cc'
* 9.1.0803: tests: no error check when setting global 'isk'
* 9.1.0802: tests: no error check when setting global 'fdm' to empty value
* 9.1.0801: tests: no error check when setting global 'termwinkey'
* 9.1.0800: tests: no error check when setting global 'termwinsize'
* runtime(doc): :ownsyntax also resets 'spelloptions'
* 9.1.0799: tests: gettwinvar()/gettabwinvar() tests are not comprehensive
* runtime(doc): Fix wrong Mac default options
* 9.1.0798: too many strlen() calls in cmdhist.c
* 9.1.0797: testing of options can be further improved
* 9.1.0796: filetype: libtool files are not recognized
* (typst): add folding to typst ftplugin
* runtime(netrw): deprecate and remove netrwFileHandlers#Invoke()
* 9.1.0795: filetype: Vivado memory info file are not recognized
* 9.1.0794: tests: tests may fail on Windows environment
* runtime(doc): improve the :colorscheme documentation
* 9.1.0793: xxd: -e does add one extra space
* 9.1.0792: tests: Test_set_values() is not comprehensive enough
* runtime(swayconfig): add flag for bindsym/bindcode to syntax script
* 9.1.0791: tests: errors in gen_opt_test.vim are not shown
* runtime(compiler): check for compile_commands in build dirs for cppcheck
* 9.1.0790: Amiga: AmigaOS4 build should use default runtime (newlib)
* runtime(help): Update help syntax
* runtime(help): fix end of sentence highlight in code examples
* runtime(jinja): Support jinja syntax as secondary filetype
* 9.1.0789: tests: ':resize + 5' has invalid space after '+'
* 9.1.0788: <CSI>27;<mod>u is not decoded to literal Escape in kitty/foot
* 9.1.0787: cursor position changed when using hidden terminal
* 9.1.0786: tests: quickfix update test does not test location list
* runtime(doc): add some docs for file-watcher programs
* CI: uploading failed screendumps still fails on Cirrus CI
* 9.1.0785: cannot preserve error position when setting quickfix list
* 9.1.0784: there are several problems with python 3.13
* 9.1.0783: 'spell' option setting has problems
* 9.1.0782: tests: using wrong neomuttlog file name
* runtime(doc): add preview flag to statusline example
* 9.1.0781: tests: test_filetype fails
* 9.1.0780: MS-Windows: incorrect Win32 error checking
* 9.1.0779: filetype: neomuttlog files are not recognized
* 9.1.0778: filetype: lf config files are not recognized
* runtime(comment): fix commment toggle with mixed tabs & spaces
* runtime(misc): Use consistent "Vim script" spelling
* runtime(gleam): add ftplugin for gleam files
* runtime(doc): link help-writing from write-local-help
* 9.1.0777: filetype: Some upstream php files are not recognized
* runtime(java): Define javaBlockStart and javaBlockOtherStart hl groups
* runtime(doc): mention conversion rules for remote_expr()
* runtime(tutor): Fix missing :s command in spanish translation section 4.4
* 9.1.0776: test_strftime may fail because of missing TZ data
* translation(am): Add Armenian language translation
* 9.1.0775: tests: not enough tests for setting options
* 9.1.0774: "shellcmdline" doesn't work with getcompletion()
* 9.1.0773: filetype: some Apache files are not recognized
* 9.1.0772: some missing changes from v9.1.0771
* 9.1.0771: completion attribute hl_group is confusing
* 9.1.0770: current command line completion is a bit limited
* 9.1.0769: filetype: MLIR files are not recognized
* 9.1.0768: MS-Windows: incorrect cursor position when restoring screen
* runtime(nasm): Update nasm syntax script
* 9.1.0767: A condition is always true in ex_getln.c
* runtime(skill): Update syntax file to fix string escapes
* runtime(help): highlight CTRL-<Key> correctly
* runtime(doc): add missing usr_52 entry to toc
* 9.1.0766: too many strlen() calls in ex_getln.c
* runtime(doc): correct `vi` registers 1-9 documentation error
* 9.1.0765: No test for patches 6.2.418 and 7.3.489
* runtime(spec): set comments and commentstring options
* NSIS: Include libgcc_s_sjlj-1.dll again
* runtime(doc): clarify the effect of 'startofline' option
* 9.1.0764: [security]: use-after-free when closing a buffer
* runtime(vim): Update base-syntax file, improve class, enum and interface highlighting
* 9.1.0763: tests: cannot run single syntax tests
* 9.1.0762: 'cedit', 'termwinkey' and 'wildchar' may not be parsed correctly
* 9.1.0761: :cd completion fails on Windows with backslash in path
* 9.1.0760: tests: no error reported, if gen_opt_test.vim fails
* 9.1.0759: screenpos() may return invalid position
* runtime(misc): unset compiler in various ftplugins
* runtime(doc): update formatting and syntax
* runtime(compiler): add cppcheck linter compiler plugin
* runtime(doc): Fix style in documents
* runtime(doc): Fix to two-space convention in user manual
* runtime(comment): consider &tabstop in lines after whitespace indent
* 9.1.0758: it's possible to set an invalid key to 'wildcharm'
* runtime(java): Manage circularity for every :syn-included syntax file
* 9.1.0757: tests: messages files contains ANSI escape sequences
* 9.1.0756: missing change from patch v9.1.0754
* 9.1.0755: quickfix list does not handle hardlinks well
* runtime(doc): 'filetype', 'syntax' and 'keymap' only allow alphanumeric + some characters
* runtime(systemd): small fixes to &keywordprg in ftplugin
* CI: macos-12 runner is being sunset, switch to 13
* 9.1.0754: fixed order of items in insert-mode completion menu
* runtime(comment): commenting might be off by one column
* 9.1.0753: Wrong display when typing in diff mode with 'smoothscroll'
* 9.1.0752: can set 'cedit' to an invalid value
* runtime(doc): add `usr` tag to usr_toc.txt
* 9.1.0751: Error callback for term_start() not used
* 9.1.0750: there are some Win9x legacy references
* runtime(java): Recognise the CommonMark form (///) of Javadoc comments
* 9.1.0749: filetype: http files not recognized
* runtime(comment): fix syntax error
* CI: uploading failed screendump tests does not work Cirrus
* 9.1.0748: :keep* commmands are sometimes misidentified as :k
* runtime(indent): allow matching negative numbers for gnu indent config file
* runtime(comment): add gC mapping to (un)comment rest of line
* 9.1.0747: various typos in repo found
* 9.1.0746: tests: Test_halfpage_longline() fails on large terminals
* runtime(doc): reformat gnat example
* runtime(doc): reformat ada_standard_types section
* 9.1.0745: filetype: bun and deno history files not recognized
* runtime(glvs): Correct the tag name of glvs-autoinstal
* runtime(doc): include short form for :earlier/:later
* runtime(doc): remove completed TODO
* 9.1.0744: filetype: notmuch configs are not recognised
* 9.1.0743: diff mode does not handle overlapping diffs correctly
* runtime(glvs): fix a few issues
* runtime(doc): Fix typo in :help :command-modifiers
* 9.1.0742: getcmdprompt() implementation can be improved
* runtime(docs): update `:set?` command behavior table
* runtime(doc): update vim90 to vim91 in docs
* runtime(doc): fix typo in :h dos-colors
* 9.1.0741: No way to get prompt for input()/confirm()
* runtime(doc): fix typo in version9.txt nrformat -> nrformats
* runtime(rmd,rrst): 'fex' option not properly restored
* runtime(netrw): remove extraneous closing bracket
* 9.1.0740: incorrect internal diff with empty file
* 9.1.0739: [security]: use-after-free in ex_getln.c
* runtime(filetype): tests: Test_filetype_detection() fails
* runtime(dist): do not output a message if executable is not found
* 9.1.0738: filetype: rapid files are not recognized
* runtime(modconf): remove erroneous :endif in ftplugin
* runtime(lyrics): support multiple timestamps in syntax script
* runtime(java): Optionally recognise _module_ import declarations
* runtime(vim): Update base-syntax, improve folding function matches
* CI: upload failed screendump tests also for Cirrus
* 9.1.0737: tests: screendump tests may require a bit more time
* runtime(misc): simplify keywordprg in various ftplugins
* runtime(java): Optionally recognise all primitive constants in _switch-case_ labels
* runtime(zsh,sh): set and unset compiler in ftplugin
* runtime(netrw): using inefficient highlight pattern for 'mf'
* 9.1.0736: Unicode tables are outdated
* 9.1.0735: filetype: salt files are not recognized
* 9.1.0734: filetype: jinja files are not recognized
* runtime(zathurarc): add double-click-follow to syntax script
* translation(ru): Updated messages translation
* translation(it): updated xxd man page
* translation(ru): updated xxd man page
* 9.1.0733: keyword completion does not work with fuzzy
* 9.1.0732: xxd: cannot use -b and -i together
* runtime(java): Highlight javaConceptKind modifiers with StorageClass
* runtime(doc): reword and reformat how to use defaults.vim
* 9.1.0731: inconsistent case sensitive extension matching
* runtime(vim): Update base-syntax, match Vim9 bool/null literal args to :if/:while/:return
* runtime(netrw): delete confirmation not strict enough
* 9.1.0730: Crash with cursor-screenline and narrow window
* 9.1.0729: Wrong cursor-screenline when resizing window
* 9.1.0728: [security]: heap-use-after-free in garbage collection with location list user data
* runtime(doc): clarify the effect of the timeout for search()-functions
* runtime(idlang): update syntax script
* runtime(spec): Recognize epoch when making spec changelog in ftplugin
* runtime(spec): add file triggers to syntax script
* 9.1.0727: too many strlen() calls in option.c
* runtime(make): add compiler/make.vim to reset compiler plugin settings
* runtime(java): Recognise all available standard doclet tags
* 9.1.0726: not using correct python3 API with dynamic linking
* runtime(dosini): Update syntax script, spellcheck comments only
* runtime(doc): Revert outdated comment in completeopt's fuzzy documentation
* 9.1.0725: filetype: swiftinterface files are not recognized
* runtime(pandoc): Update compiler plugin to use actual 'spelllang'
* runtime(groff): Add compiler plugin for groff
* 9.1.0724: if_python: link error with python 3.13 and stable ABI
* 9.1.0723: if_python: dynamic linking fails with python3 >= 3.13
* 9.1.0722: crash with large id in text_prop interface
* 9.1.0721: tests: test_mksession does not consider XDG_CONFIG_HOME
* runtime(glvs): update GetLatestVimScripts plugin
* runtime(doc): Fix typo in :help :hide text
* runtime(doc): buffers can be re-used
* 9.1.0720: Wrong breakindentopt=list:-1 with multibyte or TABs
* 9.1.0719: Resetting cell widths can make 'listchars' or 'fillchars' invalid
* runtime(doc): Update version9.txt and mention $MYVIMDIR
- Update to 9.1.0718:
* v9.1.0718: hard to know the users personal Vim Runtime Directory
* v9.1.0717: Unnecessary nextcmd NULL checks in parse_command_modifiers()
Maintainers: fix typo in author name
* v9.1.0716: resetting setcellwidth( doesn't update the screen
runtime(hcl,terraform): Add runtime files for HCL and Terraform
runtime(tmux): Update syntax script
* v9.1.0715: Not correctly parsing color names (after v9.1.0709)
* v9.1.0714: GuiEnter_Turkish test may fail
* v9.1.0713: Newline causes E749 in Ex mode
* v9.1.0712: missing dependency of Test_gettext_makefile
* v9.1.0711: test_xxd may file when using different xxd
* v9.1.0710: popup window may hide part of Command line
runtime(vim): Update syntax, improve user-command matching
* v9.1.0709: GUIEnter event not found in Turkish locale
runtime(sudoers): improve recognized Runas_Spec and Tag_Spec items
* v9.1.0708: Recursive window update does not account for reset skipcol
runtime(nu): include filetype plugin
* v9.1.0707: invalid cursor position may cause a crash
* v9.1.0706: test_gettext fails when using shadow dir
CI: Install locales-all package
* v9.1.0705: Sorting of fuzzy filename completion is not stable
translation(pt): update Portuguese/Brazilian menu translation
runtime(vim): Update base-syntax, match bracket mark ranges
runtime(doc): Update :help :command-complete list
* v9.1.0704: inserting with a count is inefficient
runtime(doc): use mkdir -p to save a command
* v9.1.0703: crash with 2byte encoding and glob2regpat()
runtime(hollywood): update syn highlight for If-Then statements
and For-In-Loops
* v9.1.0702: Patch 9.1.0700 broke CI
* v9.1.0701: crash with NFA regex engine when searching for
composing chars
* v9.1.0700: crash with 2byte encoding and glob2regpat()
* v9.1.0699: "dvgo" is not always an inclusive motion
runtime(java): Provide support for syntax preview features
* v9.1.0698: "Untitled" file not removed when running Test_crash1_3
alone
* v9.1.0697: heap-buffer-overflow in ins_typebuf
* v9.1.0696: installing runtime files fails when using SHADOWDIR
runtime(doc): fix typo
* v9.1.0695: test_crash leaves Untitled file around
translation(br): Update Brazilian translation
translation(pt): Update menu_pt_br
* v9.1.0694: matchparen is slow on a long line
* v9.1.0693: Configure doesn't show result when not using python3
stable abi
* v9.1.0692: Wrong patlen value in ex_substitute()
* v9.1.0691: stable-abi may cause segfault on Python 3.11
runtime(vim): Update base-syntax, match :loadkeymap after colon and bar
runtime(mane): Improve <Plug>ManBS mapping
* v9.1.0690: cannot set special highlight kind in popupmenu
translation(pt): Revert and fix wrong Portuguese menu translation
files
translation(pt): revert Portuguese menu translation
translation(br): Update Brazilian translations
runtime(vim): Update base-syntax, improve :let-heredoc highlighting
* v9.1.0689: buffer-overflow in do_search( with 'rightleft'
runtime(vim): Improve heredoc handling for all embedded scripts
* v9.1.0688: dereferences NULL pointer in check_type_is_value()
* v9.1.0687: Makefile may not install desktop files
runtime(man): Fix <Plug>ManBS
runtime(java): Make the bundled &foldtext function optional
runtime(netrw): Change line on `mx` if command output exists
runtime(netrw): Fix `mf`-selected entry highlighting
runtime(htmlangular): add html syntax highlighting
translation(it): Fix filemode of Italian manpages
runtime(doc): Update outdated man.vim plugin information
runtime(zip): simplify condition to detect MS-Windows
* v9.1.0686: zip-plugin has problems with special characters
runtime(pandoc): escape quotes in &errorformat for pandoc
translation(it): updated Italian manpage
* v9.1.0685: too many strlen( calls in usercmd.c
runtime(doc): fix grammar in :h :keeppatterns
runtime(pandoc): refine pandoc compiler settings
* v9.1.0684: completion is inserted on Enter with "noselect"
translation(ru): update man pages
* v9.1.0683: mode( returns wrong value with <Cmd> mapping
runtime(doc): remove trailing whitespace in cmdline.txt
* v9.1.0682: Segfault with uninitialized funcref
* v9.1.0681: Analyzing failed screendumps is hard
runtime(doc): more clarification for the :keeppatterns needed
* v9.1.0680: VMS does not have defined uintptr_t
runtime(doc): improve typedchar documentation for KeyInputPre autocmd
runtime(dist): verify that executable is in $PATH
translation(it): update Italian manpages
runtime(doc): clarify the effect of :keeppatterns after * v9.1.0677
runtime(doc): update Makefile and make it portable between GNU and BSD
* v9.1.0679: Rename from w_closing to w_locked is incomplete
runtime(colors): update colorschemes
runtime(vim): Update base-syntax, improve :let-heredoc highlighting
runtime(doc): Updating the examples in the xxd manpage
translation(ru): Updated uganda.rux
runtime(yaml): do not re-indent when commenting out lines
* v9.1.0678: use-after-free in alist_add()
* v9.1.0677 :keepp does not retain the substitute pattern
translation(ja): Update Japanese translations to latest release
runtime(netrw): Drop committed trace lines
runtime(netrw): Error popup not always used
runtime(netrw): ErrorMsg( may throw E121
runtime(tutor): update Makefile and make it portable between GNU and BSD
translation: improve the po/cleanup.vim script
runtime(lang): update Makefile and make it portable between GNU and BSD
* v9.1.0676: style issues with man pages
* v9.1.0675: Patch v9.1.0674 causes problems
runtime(dosbatch): Show %%i as an argument in syntax file
runtime(dosbatch): Add syn-sync to syntax file
runtime(sql, mysql): fix E169: Command too recursive with
sql_type_default = "mysql"
* v9.1.0674: compiling abstract method fails because of missing return
runtime(javascript): fix a few issues with syntax higlighting
runtime(mediawiki): fix typo in doc, test for b:did_ftplugin var
runtime(termdebug): Fix wrong test for balloon feature
runtime(doc): Remove mentioning of the voting feature
runtime(doc): add help tags for json + markdown global variables
* v9.1.0673: too recursive func calls when calling super-class method
runtime(syntax-tests): Facilitate the viewing of rendered screendumps
runtime(doc): fix a few style issues
* v9.1.0672: marker folds may get corrupted on undo
* v9.1.0671 Problem: crash with WinNewPre autocommand
* v9.1.0670: po file encoding fails on *BSD during make
translation(it): Update Italian translation
translation: Stop using msgconv
* v9.1.0669: stable python ABI not used by default
Update .gitignore and .hgignore files
* v9.1.0668: build-error with python3.12 and stable ABI
translations: Update generated po files
* v9.1.0667: Some other options reset curswant unnecessarily when set
* v9.1.0666: assert_equal( doesn't show multibyte string correctly
runtime(doc): clarify directory of Vim's executable vs CWD
* v9.1.0665 :for loop
runtime(proto): Add indent script for protobuf filetype
* v9.1.0664: console vim did not switch back to main screen on exit
runtime(zip): zip plugin does not work with Vim 9.0
* v9.1.0663: zip test still resets 'shellslash' option
runtime(zip): use defer to restore old settings
runtime(zip): add a generic Message function
runtime(zip): increment base version of zip plugin
runtime(zip): raise minimum Vim version to * v9.0
runtime(zip): refactor save and restore of options
runtime(zip): remove test for fnameescape
runtime(zip): use :echomsg instead of :echo
runtime(zip): clean up and remove comments
* v9.1.0662: filecopy( may return wrong value when readlink( fails
* v9.1.0661: the zip plugin is not tested.
runtime(zip): Fix for FreeBSD's unzip command
runtime(doc): capitalize correctly
* v9.1.0660: Shift-Insert does work on old conhost
translation(it): update Italian manpage
runtime(lua): add/subtract a 'shiftwidth' after '('/')' in indentexpr
runtime(zip): escape '[' on Unix as well
* v9.1.0659: MSVC Makefile is a bit hard to read
runtime(doc): fix typo in syntax.txt
runtime(doc): -x is only available when compiled with crypt feature
* v9.1.0658: Coverity warns about dereferencing NULL pointer.
runtime(colors): update Todo highlight in habamax colorscheme
* v9.1.0657: MSVC build time can be optimized
* v9.1.0656: MSVC Makefile CPU handling can be improved
* v9.1.0655: goaccess config file not recognized
CI: update clang compiler to version 20
runtime(netrw): honor `g:netrw_alt{o,v}` for `:{S,H,V}explore`
* v9.1.0654: completion does not respect completeslash with fuzzy
* v9.1.0653: Patch v9.1.0648 not completely right
* v9.1.0652: too many strlen( calls in syntax.c
* v9.1.0651 :append
* v9.1.0650: Coverity warning in cstrncmp()
* v9.1.0649: Wrong comment for "len" argument of call_simple_func()
* v9.1.0648: [security] double-free in dialog_changed()
* v9.1.0647: [security] use-after-free in tagstack_clear_entry
runtime(doc): re-format tag example lines, mention ctags --list-kinds
* v9.1.0646: imported function may not be found
runtime(java): Document "g:java_space_errors" and "g:java_comment_strings"
runtime(java): Cluster optional group definitions and their group links
runtime(java): Tidy up the syntax file
runtime(java): Tidy up the documentation for "ft-java-syntax"
runtime(colors): update habamax scheme - tweak diff/search/todo colors
runtime(nohlsearch): add missing loaded_hlsearch guard
runtime(kivy): Updated maintainer info for syntax script
Maintainers: Add maintainer for ondir ftplugin + syntax files
runtime(netrw): removing trailing slash when copying files in same
directory
* v9.1.0645: wrong match when searching multi-byte char case-insensitive
runtime(html): update syntax script to sync by 250 minlines by default
* v9.1.0644: Unnecessary STRLEN( when applying mapping
runtime(zip): Opening a remote zipfile don't work
runtime(cuda): source c and cpp ftplugins
* v9.1.0643: cursor may end up on invalid position
* v9.1.0642: Check that mapping rhs starts with lhs fails if not
simplified
* v9.1.0641: OLE enabled in console version
runtime(thrift): add ftplugin, indent and syntax scripts
* v9.1.0640: Makefile can be improved
* v9.1.0639: channel timeout may wrap around
* v9.1.0638: E1510 may happen when formatting a message for smsg()
* v9.1.0637: Style issues in MSVC Makefile
- Update apparmor.vim to latest version (from AppArmor 4.0.2)
- add support for "all" and "userns" rules, and new profile flags
- Update to 9.1.0636:
* 9.1.0636: filetype: ziggy files are not recognized
* 9.1.0635: filetype: SuperHTML template files not recognized
* 9.1.0634: Ctrl-P not working by default
* 9.1.0633: Compilation warnings with `-Wunused-parameter`
* 9.1.0632: MS-Windows: Compiler Warnings
Add support for Files-Included in syntax script
tweak documentation style a bit
* 9.1.0631: wrong completion list displayed with non-existing dir + fuzzy completion
* 9.1.0630: MS-Windows: build fails with VIMDLL and mzscheme
* 9.1.0629: Rename of pum hl_group is incomplete
* 9.1.0628: MinGW: coverage files are not cleaned up
* 9.1.0627: MinGW: build-error when COVERAGE is enabled
* 9.1.0626: Vim9: need more tests with null objects
include initial filetype plugin
* 9.1.0625: tests: test output all translated messages for all translations
* 9.1.0624: ex command modifiers not found
* 9.1.0623: Mingw: errors when trying to delete non-existing files
* 9.1.0622: MS-Windows: mingw-build can be optimized
* 9.1.0621: MS-Windows: startup code can be improved
* 9.1.0620: Vim9: segfauls with null objects
* 9.1.0619: tests: test_popup fails
* 9.1.0618: cannot mark deprecated attributes in completion menu
* 9.1.0617: Cursor moves beyond first line of folded end of buffer
* 9.1.0616: filetype: Make syntax highlighting off for MS Makefiles
* 9.1.0615: Unnecessary STRLEN() in make_percent_swname()
Add single-line comment syntax
Add syntax test for comments
Update maintainer info
* 9.1.0614: tests: screendump tests fail due to recent syntax changes
* 9.1.0613: tests: termdebug test may fail and leave file around
Update base-syntax, improve :set highlighting
Optionally highlight the :: token for method references
* 9.1.0612: filetype: deno.lock file not recognized
Use delete() for deleting directory
escape filename before trying to delete it
* 9.1.0611: ambiguous mappings not correctly resolved with modifyOtherKeys
correctly extract file from zip browser
* 9.1.0610: filetype: OpenGL Shading Language files are not detected
Fix endless recursion in netrw#Explore()
* 9.1.0609: outdated comments in Makefile
update syntax script
Fix flow mapping key detection
Remove orphaned YAML syntax dump files
* 9.1.0608: Coverity warns about a few potential issues
Update syntax script and remove syn sync
* 9.1.0607: termdebug: uses inconsistent style
* 9.1.0606: tests: generated files may cause failure in test_codestyle
* 9.1.0605: internal error with fuzzy completion
* 9.1.0604: popup_filter during Press Enter prompt seems to hang
translation: Update Serbian messages translation
* 9.1.0603: filetype: use correct extension for Dracula
* 9.1.0602: filetype: Prolog detection can be improved
fix more inconsistencies in assert function docs
* 9.1.0601: Wrong cursor position with 'breakindent' when wide char doesn't fit
Update base-syntax, improve :map highlighting
* 9.1.0600: Unused function and unused error constants
* 9.1.0599: Termdebug: still get E1023 when specifying arguments
correct wrong comment options
fix typo "a xterm" -> "an xterm"
* 9.1.0598: fuzzy completion does not work with default completion
* 9.1.0597: KeyInputPre cannot get the (unmapped typed) key
* 9.1.0596: filetype: devscripts config files are not recognized
gdb file/folder check is now performed only in CWD.
quote filename arguments using double quotes
update syntax to SDC-standard 2.1
minor updates.
Cleanup :match and :loadkeymap syntax test files
Update base-syntax, match types in Vim9 variable declarations
* 9.1.0595: make errors out with the po Makefile
* 9.1.0594: Unnecessary redraw when setting 'winfixbuf'
using wrong highlight for UTF-8
include simple syntax plugin
* 9.1.0593: filetype: Asymptote files are not recognized
add recommended indent options to ftplugin
add recommended indent options to ftplugin
add recommended indent options to ftplugin
* 9.1.0592: filetype: Mediawiki files are not recognized
* 9.1.0591: filetype: *.wl files are not recognized
* 9.1.0590: Vim9: crash when accessing getregionpos() return value
'cpoptions': Include "z" in the documented default
* 9.1.0589: vi: d{motion} and cw work differently than expected
update included colorschemes
grammar fixes in options.txt
- Add "Keywords" to gvim.desktop to make searching for gvim easier
- Removed patches, as they're no longer required (refreshing them
deleted their contents):
* vim-7.3-help_tags.patch
* vim-7.4-highlight_fstab.patch
- Reorganise all applied patches in the spec file.
- Update to 9.1.0588:
* 9.1.0588: The maze program no longer compiles on newer clang
runtime(typst): Add typst runtime files
* 9.1.0587: tests: Test_gui_lowlevel_keyevent is still flaky
* 9.1.0586: ocaml runtime files are outdated
runtime(termdebug): fix a few issues
* 9.1.0585: tests: test_cpoptions leaves swapfiles around
* 9.1.0584: Warning about redeclaring f_id() non-static
runtime(doc): Add hint how to load termdebug from vimrc
runtime(doc): document global insert behavior
* 9.1.0583: filetype: *.pdf_tex files are not recognized
* 9.1.0582: Printed line doesn't overwrite colon when pressing Enter in Ex mode
* 9.1.0581: Various lines are indented inconsistently
* 9.1.0580: :lmap mapping for keypad key not applied when typed in Select mode
* 9.1.0579: Ex command is still executed after giving E1247
* 9.1.0578: no tests for :Tohtml
* 9.1.0577: Unnecessary checks for v:sizeoflong in test_put.vim
* 9.1.0576: tests: still an issue with test_gettext_make
* 9.1.0575: Wrong comments in alt_tabpage()
* 9.1.0574: ex: wrong handling of commands after bar
runtime(doc): add a note for netrw bug reports
* 9.1.0573: ex: no implicit print for single addresses
runtime(vim): make &indentexpr available from the outside
* 9.1.0572: cannot specify tab page closing behaviour
runtime(doc): remove obsolete Ex insert behavior
* 9.1.0571: tests: Test_gui_lowlevel_keyevent is flaky
runtime(logindefs): update syntax with new keywords
* 9.1.0570: tests: test_gettext_make can be improved
runtime(filetype): Fix Prolog file detection regex
* 9.1.0569: fnamemodify() treats ".." and "../" differently
runtime(mojo): include mojo ftplugin and indent script
* 9.1.0568: Cannot expand paths from 'cdpath' setting
* 9.1.0567: Cannot use relative paths as findfile() stop directories
* 9.1.0566: Stop dir in findfile() doesn't work properly w/o trailing slash
* 9.1.0565: Stop directory doesn't work properly in 'tags'
* 9.1.0564: id() can be faster
* 9.1.0563: Cannot process any Key event
* 9.1.0562: tests: inconsistency in test_findfile.vim
runtime(fstab): Add missing keywords to fstab syntax
* 9.1.0561: netbeans: variable used un-initialized (Coverity)
* 9.1.0560: bindtextdomain() does not indicate an error
* 9.1.0559: translation of vim scripts can be improved
* 9.1.0558: filetype: prolog detection can be improved
* 9.1.0557: moving in the buffer list doesn't work as documented
runtime(doc): fix inconsistencies in :h file-searching
* 9.1.0556: :bwipe doesn't remove file from jumplist of other tabpages
runtime(htmlangular): correct comment
* 9.1.0555: filetype: angular ft detection is still problematic
* 9.1.0554: :bw leaves jumplist and tagstack data around
* 9.1.0553: filetype: *.mcmeta files are not recognized
* 9.1.0552: No test for antlr4 filetype
* 9.1.0551: filetype: htmlangular files are not properly detected
* 9.1.0550: filetype: antlr4 files are not recognized
* 9.1.0549: fuzzycollect regex based completion not working as expected
runtime(doc): autocmd_add() accepts a list not a dict
* 9.1.0548: it's not possible to get a unique id for some vars
runtime(tmux): Update syntax script
* 9.1.0547: No way to get the arity of a Vim function
* 9.1.0546: vim-tiny fails on CTRL-X/CTRL-A
runtime(hlsplaylist): include hlsplaylist ftplugin file
runtime(doc): fix typo in :h ft-csv-syntax
runtime(doc): Correct shell command to get $VIMRUNTIME into
shell
* 9.1.0545: MSVC conversion warning
* 9.1.0544: filetype: ldapconf files are not recognized
runtime(cmakecache): include cmakecache ftplugin file
runtime(lex): include lex ftplugin file
runtime(yacc): include yacc ftplugin file
runtime(squirrel): include squirrel ftplugin file
runtime(objcpp): include objcpp ftplugin file
runtime(tf): include tf ftplugin file
runtime(mysql): include mysql ftplugin file
runtime(javacc): include javacc ftplugin file
runtime(cabal): include cabal ftplugin file
runtime(cuda): include CUDA ftplugin file
runtime(editorconfig): include editorconfig ftplugin file
runtime(kivy): update kivy syntax, include ftplugin
runtime(syntax-tests): Stop generating redundant "*_* 99.dump"
files
* 9.1.0543: Behavior of CursorMovedC is strange
runtime(vim): Update base-syntax, improve :match command
highlighting
* 9.1.0542: Vim9: confusing string() output for object functions
* 9.1.0541: failing test with Vim configured without channel
* 9.1.0540: Unused assignment in sign_define_cmd()
runtime(doc): add page-scrolling keys to index.txt
runtime(doc): add reference to xterm-focus-event from
FocusGained/Lost
* 9.1.0539: Not enough tests for what v9.1.0535 fixed
runtime(doc): clarify how to re-init csv syntax file
* 9.1.0538: not possible to assign priority when defining a sign
* 9.1.0537: signed number detection for CTRL-X/A can be improved
* 9.1.0536: filetype: zone files are not recognized
* 9.1.0535: newline escape wrong in ex mode
runtime(man): honor cmd modifiers before `g:ft_man_open_mode`
runtime(man): use `nnoremap` to map to Ex commands
* 9.1.0534: completion wrong with fuzzy when cycling back to original
runtime(syntax-tests): Abort and report failed cursor progress
runtime(syntax-tests): Introduce self tests for screen dumping
runtime(syntax-tests): Clear and redraw the ruler line with
the shell info
runtime(syntax-tests): Allow for folded and wrapped lines in
syntax test files
* 9.1.0533: Vim9: need more tests for nested objects equality
CI: Pre-v* 9.0.0110 versions generate bogus documentation tag entries
runtime(doc): Remove wrong help tag CTRL-SHIFT-CR
* 9.1.0532: filetype: Cedar files not recognized
runtime(doc): document further keys that scroll page up/down
* 9.1.0531: resource leak in mch_get_random()
runtime(tutor): Fix wrong spanish translation
runtime(netrw): fix remaining case of register clobber
* 9.1.0530: xxd: MSVC warning about non-ASCII character
* 9.1.0529: silent! causes following try/catch to not work
runtime(rust): use shiftwidth() in indent script
* 9.1.0528: spell completion message still wrong in translations
* 9.1.0527: inconsistent parameter in Makefiles for Vim executable
* 9.1.0526: Unwanted cursor movement with pagescroll at start of buffer
runtime(doc): mention $XDG_CONFIG_HOME instead of $HOME/.config
* 9.1.0525: Right release selects immediately when pum is truncated.
* 9.1.0524: the recursive parameter in the *_equal functions can be removed
runtime(termdebug): Add Deprecation warnings
* 9.1.0523: Vim9: cannot downcast an object
* 9.1.0522: Vim9: string(object) hangs for recursive references
* 9.1.0521: if_py: _PyObject_CallFunction_SizeT is dropped in Python 3.13
* 9.1.0520: Vim9: incorrect type checking for modifying lists
runtime(manpager): avoid readonly prompt
* 9.1.0519: MS-Windows: libvterm compilation can be optimized
* 9.1.0518: initialize the random buffer can be improved
* 9.1.0517: MS-Windows: too long lines in Make_mvc.mak
runtime(terraform): Add filetype plugin for terraform
runtime(dockerfile): enable spellchecking of comments in
syntax script
runtime(doc): rename variable for pandoc markdown support
runtime(doc): In builtin overview use {buf} as param for
appendbufline/setbufline
runtime(doc): clarify, that register 1-* 9 will always be shifted
runtime(netrw): save and restore register 0-* 9, a and unnamed
runtime(termdebug): Refactored StartDebug_term and EndDebug
functions
runtime(java): Compose "g:java_highlight_signature" and
"g:java_highlight_functions"
* 9.1.0516: need more tests for nested dicts and list comparision
* 9.1.0515: Vim9: segfault in object_equal()
* 9.1.0514: Vim9: issue with comparing objects recursively
runtime(termdebug): Change some variables to Enums
runtime(vim): Update base-syntax, fix function tail comments
* 9.1.0513: Vim9: segfault with object comparison
- Update to 9.1.0512:
* Mode message for spell completion doesn't match allowed keys
* CursorMovedC triggered wrongly with setcmdpos()
* update runtime files
* CI: test_gettext fails on MacOS14 + MSVC Win
* not possible to translate Vim script messages
* termdebug plugin can be further improved
* add gomod filetype plugin
* hard to detect cursor movement in the command line
* Optionally highlight parameterised types
* filetype: .envrc & .prettierignore not recognized
* filetype: Faust files are not recognized
* inner-tag textobject confused about ">" in attributes
* cannot use fuzzy keyword completion
* Remove the group exclusion list from @javaTop
* wrong return type for execute() function
* MS-Windows: too much legacy code
* too complicated mapping restore in termdebug
* simplify mapping
* cannot switch buffer in a popup
* MS-Windows: doesn't handle symlinks properly
* getcmdcompltype() interferes with cmdline completion
* termdebug can be further improved
* update htmldjango detection
* Improve Turkish documentation
* include a simple csv filetype and syntax plugin
* include the the simple nohlsearch package
* matched text is highlighted case-sensitively
* Matched text isn't highlighted in cmdline pum
* Fix typos in several documents
* clarify when text properties are cleared
* improve the vim-shebang example
* revert unintended formatting changes for termdebug
* Add a config variable for commonly used compiler options
* Wrong matched text highlighted in pum with 'rightleft'
* bump length of character references in syntax script
* properly check mapping variables using null_dict
* fix KdlIndent and kdlComment in indent script
* Test for patch 9.1.0489 doesn't fail without the fix
* Fold multi-line comments with the syntax kind of &fdm
* using wrong type for PlaceSign()
* filetype: Vim-script files not detected by shebang line
* revert unintended change to zip#Write()
* add another tag for vim-shebang feature
* Cmdline pum doesn't work properly with 'rightleft'
* minor style problems with patch 9.1.0487
* default completion may break with fuzzy
* Wrong padding for pum "kind" with 'rightleft'
* Update base-syntax, match shebang lines
* MS-Windows: handle files with spaces properly
* Restore HTML syntax file tests
* completed item not update on fuzzy completion
* filetype: Snakemake files are not recognized
* make TermDebugSendCommand() a global function again
* close all buffers in the same way
* Matched text shouldn't be highlighted in "kind" and "menu"
* fix wrong helptag for :defer
* Update base-syntax, match :sleep arg
* include Georgian keymap
* Sorting of completeopt+=fuzzy is not stable
* correctly test for windows in NetrwGlob()
* glob() on windows fails with [] in directory name
* rewrite mkdir() doc and simplify {flags} meaning
* glob() not sufficiently tested
* update return type for job_info()
* termdebug plugin needs more love
* correct return types for job_start() and job_status()
* Update base-syntax, match :catch and :throw args
* Include element values in non-marker annotations
* Vim9: term_getjob() throws an exception on error
* fuzzy string matching executed when not needed
* fuzzy_match_str_with_pos() does unnecessary list operations
* restore description of "$" in col() and virtcol()
* deduplicate getpos(), line(), col(), virtcol()
* Update g:vimsyn_comment_strings dump file tests
* Use string interpolation instead of string concat
* potential deref of NULL pointer in fuzzy_match_str_with_pos
* block_editing errors out when using <enter>
* Update base-syntax, configurable comment string highlighting
* fix typos in syntax.txt
* Cannot see matched text in popup menu
* Update base-syntax, match multiline continued comments
* clarify documentation for "v" position at line()
* cmod_split modifier is always reset in term_start()
* remove line-continuation characters
* use shiftwidth() instead of &tabstop in indent script
* Remove orphaned screen dump files
* include syntax, indent and ftplugin files
* CI: Test_ColonEight() fails on github runners
* add missing Enabled field in syntax script
* basic svelte ftplugin file
* term_start() does not clear vertical modifier
* fix mousemodel restoration by comparing against null_string
* Added definitions of Vim scripts and plugins
* Exclude lambda expressions from _when_ _switch-case_ label clauses
* Fix saved_mousemodel check
* Inconsistencies between functions for option flags
* Crash when using autocmd_get() after removing event inside autocmd
* Fix small style issues
* add return type info for Vim function descriptions
* Update Italian Vim manpage
* disable the q mapping
* Change 'cms' for C++ to '// %s'
* fix type mismatch error
* Fix wrong email address
* convert termdebug plugin to Vim9 script
- Update to 9.1.0470:
* tests Test_ColonEight_MultiByte() fails sporadically
* Cannot have buffer-local value for 'completeopt'
* GvimExt does not consult HKEY_CURRENT_USER
* typos in some comments
* runtime(vim): Update base-syntax, allow whitespace before
:substitute pattern
* Missing comments for fuzzy completion
* runtime(man): update Vim manpage
* runtime(comment): clarify the usage of 'commentstring' option
value
* runtime(doc): clarify how fuzzy 'completeopt' should work
* runtime(netrw): prevent accidental data loss
* missing filecopy() function
* no whitespace padding in commentstring option in ftplugins
* no fuzzy-matching support for insert-completion
* eval5() and eval7 are too complex
* too many strlen() calls in drawline.c
* filetype lintstagedrc files are not recognized
* Vim9 import autoload does not work with symlink
* Coverity complains about division by zero
* tests test_gui fails on Wayland
* Left shift is incorrect with vartabstop and shiftwidth=0
* runtime(doc): clarify 'shortmess' flag "S"
* MS-Windows compiler warning for size_t to int conversion
* runtime(doc): include some vim9 script examples in the help
* minor issues in test_filetype with rasi test
* filetype rasi files are not recognized
* runtime(java): Improve the matching of lambda expressions
* Configure checks for libelf unnecessarily
* No test for escaping '<' with shellescape()
* check.vim complains about overlong comment lines
* translation(it): Update Italian translation
* evalc. code too complex
* MS-Windows Compiler warnings
- Update to 9.1.0448:
* compiler warning in eval.c
* remove remaining css code
* Add ft_hare.txt to Reference Manual TOC
* re-generate vim syntax from generator
* fix syntax vim bug
* completion may be wrong when deleting all chars
* getregionpos() inconsistent for partly-selected multibyte char
* fix highlighting nested and escaped quotes in string props
* remove the indent plugin since it has too many issues
* update Debian runtime files
* Coverity warning after 9.1.0440
* Not enough tests for getregion() with multibyte chars
* Can't use blockwise selection with width for getregion()
* update outdated syntax files
* fix floating_modifier highlight
* hare runtime files outdated
* getregionpos() can't properly indicate positions beyond eol
* function get_lval() is too long
* Cannot filter the history
* Wrong Ex command executed when :g uses '?' as delimiter
* support floating_modifier none; revert broken highlighting
* Motif requires non-const char pointer for XPM data
* Crash when using '?' as separator for :s
* filetype: cygport files are not recognized
* make errors trying to access autoload/zig
* Wrong yanking with exclusive selection and ve=all
* add missing help tags file
* Ancient XPM preprocessor hack may cause build errors
* include basic rescript ftplugin file
* eval.c is too long
* getregionpos() doesn't handle one char selection
* check for gdb file/dir before using as buffer name
* refactor zig ftplugin, remove auto format
* Coverity complains about eval.c refactor
* Tag guessing leaves wrong search history with very short names
* some issues with termdebug mapping test
* update matchit plugin to v1.20
* too many strlen() calls in search.c
* set commentstring option
* update vb indent plugin as vim9script
* filetype: purescript files are not recognized
* filetype: slint files are not recognized
* basic nim ftplugin file for comments
* Add Arduino ftplugin and indent files
* include basic typst ftplugin file
* include basic prisma ftplugin file
* include basic v ftplugin for comment support
* getregionpos() wrong with blockwise mode and multibyte
* function echo_string_core() is too long
* hyprlang files are not recognized
* add basic dart ftplugin file
* basic ftplugin file for graphql
* mention comment plugin at :h 'commentstring'
* set commentstring for sql files in ftplugin
* :browse oldfiles prompts even with single entry
* eval.c not sufficiently tested
* clarify why E195 is returned
* clarify temporary file clean up
* fix :NoMatchParen not working
* Cannot move to previous/next rare word
* add basic ftplugin file for sshdconfig
* if_py: find_module has been removed in Python 3.12.0a7
* some screen dump tests can be improved
* Some functions are not tested
* clarify instal instructions for comment package
* Unable to leave long line with 'smoothscroll' and 'scrolloff'
* fix typo in vim9script help file
* Remove trailing spaces
* clarify {special} argument for shellescape()
- update to 9.1.0413
* smoothscroll may cause infinite loop
* add missing entries for the keys CTRL-W g<Tab> and <C-Tab>
* update vi_diff.txt: add default value for 'flash'
* typo in regexp_bt.c in DEBUG code
* allow indented commands
* Fix wrong define regex in ftplugin
* Filter out non-Latin-1 characters for syntax tests
* prefer scp over pscp
* fix typo in usr_52.txt
* too long functions in eval.c
* warning about uninitialized variable
* too many strlen() calls in the regexp engine
* E16 fix, async keyword support for define
* Stuck with long line and half-page scrolling
* Divide by zero with getmousepos() and 'smoothscroll'
* update and remove some invalid links
* update translation of xxd manpage
* Recursively delete directories by default with netrw delete command
* Strive to remain compatible for at least Vim 7.0
* tests: xxd buffer overflow fails on 32-bit
* Stop handpicking syntax groups for @javaTop
* [security] xxd: buffer-overflow with specific flags
* Vim9: not able to import file from start dir
* filetype: mdd files detected as zsh filetype
* filetype: zsh module files are not recognized
* Remove hardcoded private.ppk logic from netrw
* Vim9: confusing error message for unknown type
* block_editing errors out when using del
* add new items to scripts section in syntax plugin
* Vim9: imported vars are not properly type checked
* Wrong display with 'smoothscroll' when changing quickfix list
* filetype: jj files are not recognized
* getregionpos() may leak memory on error
* The CODEOWNERS File is not useful
* Remove and cleanup Win9x legacy from netrw
* add MsgArea to 'highlight' option description
* Cannot get a list of positions describing a region
* Fix digit separator in syntax script for octals and floats
* Update link to Wikipedia Vi page
* clear $MANPAGER in ftplugin before shelling out
* Fix typos in help documents
* 'viewdir' not respecting $XDG_CONFIG_HOME
* tests: Vim9 debug tests may be flaky
* correct getscriptinfo() example
* Vim9: could improve testing
* test_sound fails on macos-12
* update Serbian menu
* update Slovak menu
* update Slovenian menu
* update Portuguese menu
* update Dutch menu
* update Korean menu
* update Icelandic menu
* update Czech menu
* update Afrikaans menu
* update German menu
* filetype: inko files are not recognized
* filetype: templ files are not recognized
* cursor() and getregion() don't handle v:maxcol well
* Vim9: null value tests not sufficient
* update Catalan menu
* filetype: stylus files not recognized
* update spanish menu localization
* regenerate helptags
* Vim9: crash with null_class and null_object
* Add tags about lazyloading of menu
* tests: vt420 terminfo entry may not be found
* filetype: .out files recognized as tex files
* filetype: Kbuild files are not recognized
* cbuffer and similar commands don't accept a range
* Improve the recognition of the "indent" method declarations
* Fix a typo in usr_30.txt
* remove undefined var s:save_cpoptions and add include setting
* missing setlocal in indent plugin
* Calculating line height for unnecessary amount of lines
* improve syntax file performance
* There are a few typos
* Vim9: no comments allowed after class vars
* CI: remove trailing white space in documentation
* Formatting text wrong when 'breakindent' is set
* Add oracular (24.10) as Ubuntu release name
* Vim9: Trailing commands after class/enum keywords ignored
* tests: 1-second delay after Test_BufEnter_botline()
* update helptags for jq syntax
* include syntax, ftplugin and compiler plugin
* fix typo synconcealend -> synconcealed
* include a simple comment toggling plugin
* wrong botline in BufEnter
* clarify syntax vs matching mechanism
* fix undefined variable in indent plugin
* ops.c code uses too many strlen() calls
* Calling CLEAR_FIELD() on the same struct twice
* Vim9: compile_def_function() still too long
* Update Serbian messages
* clarify the effect of setting the shell to powershell
* Improve the recognition of the "style" method declarations
* Vim9: problem when importing autoloaded scripts
* compile_def_function is too long
* filetype: ondir files are not recognized
* Crash when typing many keys with D- modifier
* tests: test_vim9_builtin is a bit slow
* update documentation
* change the download URL of "libsodium"
* tests: test_winfixbuf is a bit slow
* Add filetype, syntax and indent plugin for Astro
* expanding rc config files does not work well
* Vim9: vim9type.c is too complicated
* Vim9: does not handle autoloaded variables well
* minor spell fix in starting.txt
* wrong drawing in GUI with setcellwidth()
* Add include and suffixesadd
* Page scrolling should place cursor at window boundaries
* align command line table
* minor fixes to starting.txt
* fix comment definition in filetype plugin
* filetype: flake.lock files are not recognized
* runtime(uci): No support for uci file types
* Support "g:ftplugin_java_source_path" with archived files
* tests: Test_autoload_import_relative_compiled fails on Windows
* Finding cmd modifiers and cmdline-specials is inefficient
* No test that completing a partial mapping clears 'showcmd'
* tests: test_vim9_dissamble may fail
* Vim9: need static type for typealias
* X11 does not ignore smooth scroll event
* A few typos in test_xdg when testing gvimrc
* Patch v9.1.0338 fixed sourcing a script with import
* Problem: gvimrc not sourced from XDG_CONFIG_HOME
* Cursor wrong after using setcellwidth() in terminal
* 'showcmd' wrong for partial mapping with multibyte
* tests: test_taglist fails when 'helplang' contains non-english
* Problem: a few memory leaks are found
* Problem: Error with matchaddpos() and empty list
* tests: xdg test uses screen dumps
* Vim9: import through symlinks not correctly handled
* Missing entry for XDG vimrc file in :version
* tests: typo in test_xdg
* runtime(i3config/swayconfig): update syntax scripts
* document pandoc compiler and enable configuring arguments
* String interpolation fails for List type
* No test for highlight behavior with 'ambiwidth'
* tests: test_xdg fails on the appimage repo
* tests: some assert_equal() calls have wrong order of args
* make install does not install all files
* runtime(doc): fix typos in starting.txt
- Updated to version 9.1 with patch level 0330, fixes the following problems
* Fixing bsc#1220763 - vim gets Segmentation fault after updating to version 9.1.0111-150500.20.9.1
- refreshed vim-7.3-filetype_spec.patch
- refreshed vim-7.3-filetype_ftl.patch
- Update spec.skeleton to use autosetup in place of setup macro.
- for the complete list of changes see
https://github.com/vim/vim/compare/v9.1.0111...v9.1.0330