- efivar
-
- Add efivar-bsc1192344-fix-open-dbx.patch to fix the dbx opening
failed by "/Operation not permitted"/. (bsc#1192344, jsc#PM-3148)
- Removed -fstack-clash-protection in CFLAGS when gcc < 8
- The -flto causes ld error, so add
export LDFLAGS="/-flto-partition=one"/
This solution is from openSUSE:Factory/efivar:
Fri Aug 14 08:20:09 UTC 2020 - Martin Liška <mliska@suse.cz>
- Do not partition LTO as we may reach new GAS error:
Error: invalid attempt to declare external version
name as default in symbol `efi_set_variable@@LIBEFIVAR_0.24'
- expat
-
- Security fix (CVE-2021-45960, bsc#1194251)
* A left shift by 29 (or more) places in the storeAtts function
in xmlparse.c can lead to realloc misbehavior.
* Added expat-CVE-2021-45960.patch
- Security fix (CVE-2021-46143, bsc#1194362)
* Integer overflow exists for m_groupSize in doProlog
* Added expat-CVE-2021-46143.patch
- Security fix (CVE-2022-22822, bsc#1194474)
* Integer overflow in addBinding in xmlparse.c
* Added expat-CVE-2022-22822.patch
- Security fix (CVE-2022-22823, bsc#1194476)
* Integer overflow in build_model in xmlparse.c
* Added expat-CVE-2022-22823.patch
- Security fix (CVE-2022-22824, bsc#1194477)
* Integer overflow in defineAttribute in xmlparse.c
* Added expat-CVE-2022-22824.patch
- Security fix (CVE-2022-22825, bsc#1194478)
* Integer overflow in lookup in xmlparse.c
* Added expat-CVE-2022-22825.patch
- Security fix (CVE-2022-22826, bsc#1194479)
* Integer overflow in nextScaffoldPart in xmlparse.c
* Added expat-CVE-2022-22826.patch
- Security fix (CVE-2022-22827, bsc#1194480)
* Integer overflow in storeAtts in xmlparse.c
* Added expat-CVE-2022-22826.patch
- grub2
-
- Fix error not a btrfs filesystem on s390x (bsc#1187645)
* 80_suse_btrfs_snapshot
- Add support for simplefb (boo#1193532).
* grub2-simplefb.patch
- Fix powerpc-ieee1275 lpar takes long time to boot with increasing number of
nvme namespace (bsc#1177751)
* 0001-ieee1275-Avoiding-many-unecessary-open-close.patch
- Fix error lvmid disk cannot be found after second disk added to the root
volume group (bsc#1189874) (bsc#1071559)
* 0001-ieee1275-implement-FCP-methods-for-WWPN-and-LUNs.patch
- Fix error /boot/grub2/locale/POSIX.gmo not found (bsc#1189769)
* 0001-Filter-out-POSIX-locale-for-translation.patch
- libgcrypt
-
- FIPS: Fix gcry_mpi_sub_ui subtraction [bsc#1193480]
* gcry_mpi_sub_ui: fix subtracting from negative value
* Add libgcrypt-FIPS-fix-gcry_mpi_sub_ui.patch
- mozilla-nss
-
- Mozilla NSS 3.68.2 (bsc#1193845)
* mozilla::pkix: support SHA-2 hashes in CertIDs in OCSP responses
(bmo#966856)
- patterns-sles
-
- add newly added libopenssl-1_1-hmac for openssl 1.1. (jsc#SLE-23033)
- polkit
-
- CVE-2021-4034: fixed a local privilege escalation in pkexec (bsc#1194568)
added CVE-2021-4034-pkexec-fix.patch
- tcsh
-
- Modify patch tcsh-6.18.01-toolong.patch to avoid to be oom killed
by broken history files (bsc#1192472)
- telnet
-
- Update Source location to use Gentoo mirror, fixes bsc#1129925
- spec-cleaner used for cleaning the specfile up
- url was repaired
- yast2
-
- Do not use the 'installation-helper' binary to create snapshots
during installation or offline upgrade (bsc#1180142).
- Add a new exception to properly handle exceptions
when reading/writing snapshots numbers (related to bsc#1180142).
- save_y2logs: save kernel messages and udev log (snwint@suse.de).
Related to bsc#1089647 and bsc#1085212.
- 3.2.51
- yast2-installation
-
- Do not crash when it is not possible to create a snapshot after
installing or upgrading the system (bsc#1180142).
- 3.3.2
- yast2-update
-
- Do not rely on the 'installation-helper' binary to create
snapshots after installation or offline upgrade (bsc#1180142).
- Do not crash when it is not possible to create a snapshot before
upgrading the system (related to bsc#1180142).
- 3.2.4
- Backport: At upgrade time, mount also /run and efivars in the
target, to fix hanging LVM tools (bsc#1148500, bsc#1136463)
- 3.2.3
- Backport: Fixed unmounting /mnt/dev when going back to the
partition selection dialog (fix up for the bsc#1089643)
- zsh
-
- Add CVE-2018-0502_CVE-2018-13259.patch. Fixes CVE-2018-0502 and
CVE-2018-13259 (bsc#1107296 and bsc#1107294).