bind
- Fixed CVE-2021-25219:
  The lame-ttl option controls how long named caches certain types
  of broken responses from authoritative servers (see the security
  advisory for details). This caching mechanism could be abused by
  an attacker to significantly degrade resolver performance. The
  vulnerability has been mitigated by changing the default value of
  lame-ttl to 0 and overriding any explicitly set value with 0,
  effectively disabling this mechanism altogether. ISC's testing has
  determined that doing that has a negligible impact on resolver
  performance while also preventing abuse.
  Administrators may observe more traffic towards servers issuing
  certain types of broken responses than in previous BIND 9 releases.
  [bsc#1192146, CVE-2021-25219, bind-CVE-2021-25219.patch]
cloud-init
- Update to version 21.2 (bsc#1186004)
  + Remove patches included upstream:
  - cloud-init-azure-def-usr-pass.patch
  - cloud-init-after-kvp.diff
  - cloud-init-recognize-hpc.patch
  - use_arroba_to_include_sudoers_directory-bsc_1181283.patch
  - cloud-init-bonding-opts.patch
  - cloud-init-log-file-mode.patch
  - cloud-init-no-pwd-in-log.patch
  - 0001-templater-drop-Jinja-Python-2-compatibility-shim.patch
  + Remove cloud-init-sle12-compat.patch, version in SLE 12 is frozen to 20.2
  + Remove cloud-init-tests-set-exec.patch no longer needed
  + Forward port:
  - cloud-init-write-routes.patch
  - cloud-init-break-resolv-symlink.patch
  - cloud-init-sysconf-path.patch
  - cloud-init-no-tempnet-oci.patch
  +  Add rn check for SSH keys in Azure (#889)
  +  Revert "/Add support to resize rootfs if using LVM (#721)"/ (#887)
    (LP: #1922742)
  +  Add Vultaire as contributor (#881) [Paul Goins]
  +  Azure: adding support for consuming userdata from IMDS (#884) [Anh Vo]
  +  test_upgrade: modify test_upgrade_package to run for more sources (#883)
  +  Fix chef module run failure when chef_license is set (#868) [Ben Hughes]
  +  Azure: Retry net metadata during nic attach for non-timeout errs (#878)
    [aswinrajamannar]
  +  Azure: Retrieve username and hostname from IMDS (#865) [Thomas Stringer]
  +  Azure: eject the provisioning iso before reporting ready (#861) [Anh Vo]
  +  Use `partprobe` to re-read partition table if available (#856)
    [Nicolas Bock] (LP: #1920939)
  +  fix error on upgrade caused by new vendordata2 attributes (#869)
    (LP: #1922739)
  +  add prefer_fqdn_over_hostname config option (#859)
    [hamalq] (LP: #1921004)
  +  Emit dots on travis to avoid timeout (#867)
  +  doc: Replace remaining references to user-scripts as a config module
    (#866) [Ryan Harper]
  +  azure: Removing ability to invoke walinuxagent (#799) [Anh Vo]
  +  Add Vultr support (#827) [David Dymko]
  +  Fix unpickle for source paths missing run_dir (#863)
    [lucasmoura] (LP: #1899299)
  +  sysconfig: use BONDING_MODULE_OPTS on SUSE (#831) [Jens Sandmann]
  +  bringup_static_routes: fix gateway check (#850) [Petr Fedchenkov]
  +  add hamalq user (#860) [hamalq]
  +  Add support to resize rootfs if using LVM (#721)
    [Eduardo Otubo] (LP: #1799953)
  +  Fix mis-detecting network configuration in initramfs cmdline (#844)
    (LP: #1919188)
  +  tools/write-ssh-key-fingerprints: do not display empty header/footer
    (#817) [dermotbradley]
  +  Azure helper: Ensure Azure http handler sleeps between retries (#842)
    [Johnson Shi]
  +  Fix chef apt source example (#826) [timothegenzmer]
  +  .travis.yml: generate an SSH key before running tests (#848)
  +  write passwords only to serial console, lock down cloud-init-output.log
    (#847) (LP: #1918303)
  +  Fix apt default integration test (#845)
  +  integration_tests: bump pycloudlib dependency (#846)
  +  Fix stack trace if vendordata_raw contained an array (#837) [eb3095]
  +  archlinux: Fix broken locale logic (#841)
    [Kristian Klausen] (LP: #1402406)
  +  Integration test for #783 (#832)
  +  integration_tests: mount more paths IN_PLACE (#838)
  +  Fix requiring device-number on EC2 derivatives (#836) (LP: #1917875)
  +  Remove the vi comment from the part-handler example (#835)
  +  net: exclude OVS internal interfaces in get_interfaces (#829)
    (LP: #1912844)
  +  tox.ini: pass OS_* environment variables to integration tests (#830)
  +  integration_tests: add OpenStack as a platform (#804)
  +  Add flexibility to IMDS api-version (#793) [Thomas Stringer]
  +  Fix the TestApt tests using apt-key on Xenial and Hirsute (#823)
    [Paride Legovini] (LP: #1916629)
  +  doc: remove duplicate "/it"/ from nocloud.rst (#825) [V.I. Wood]
  +  archlinux: Use hostnamectl to set the transient hostname (#797)
    [Kristian Klausen]
  +  cc_keys_to_console.py: Add documentation for recently added config key
    (#824) [dermotbradley]
  +  Update cc_set_hostname documentation (#818) [Toshi Aoyama]
  From 21.1
  +  Azure: Support for VMs without ephemeral resource disks. (#800)
    [Johnson Shi] (LP: #1901011)
  +  cc_keys_to_console: add option to disable key emission (#811)
    [Michael Hudson-Doyle] (LP: #1915460)
  +  integration_tests: introduce lxd_use_exec mark (#802)
  +  azure: case-insensitive UUID to avoid new IID during kernel upgrade
    (#798) (LP: #1835584)
  +  stale.yml: don't ask submitters to reopen PRs (#816)
  +  integration_tests: fix use of SSH agent within tox (#815)
  +  integration_tests: add UPGRADE CloudInitSource (#812)
  +  integration_tests: use unique MAC addresses for tests (#813)
  +  Update .gitignore (#814)
  +  Port apt cloud_tests to integration tests (#808)
  +  integration_tests: fix test_gh626 on LXD VMs (#809)
  +  Fix attempting to decode binary data in test_seed_random_data test (#806)
  +  Remove wait argument from tests with session_cloud calls (#805)
  +  Datasource for UpCloud (#743) [Antti Myyrä]
  +  test_gh668: fix failure on LXD VMs (#801)
  +  openstack: read the dynamic metadata group vendor_data2.json (#777)
    [Andrew Bogott] (LP: #1841104)
  +  includedir in suoders can be prefixed by "/arroba"/ (#783)
    [Jordi Massaguer Pla]
  +  [VMware] change default max wait time to 15s (#774) [xiaofengw-vmware]
  +  Revert integration test associated with reverted #586 (#784)
  +  Add jordimassaguerpla as contributor (#787) [Jordi Massaguer Pla]
  +  Add Rick Harding to CLA signers (#792) [Rick Harding]
  +  HACKING.rst: add clarifying note to LP CLA process section (#789)
  +  Stop linting cloud_tests (#791)
  +  cloud-tests: update cryptography requirement (#790) [Joshua Powers]
  +  Remove 'remove-raise-on-failure' calls from integration_tests (#788)
  +  Use more cloud defaults in integration tests (#757)
  +  Adding self to cla signers (#776) [Andrew Bogott]
  +  doc: avoid two warnings (#781) [Dan Kenigsberg]
  +  Use proper spelling for Red Hat (#778) [Dan Kenigsberg]
  +  Add antonyc to .github-cla-signers (#747) [Anton Chaporgin]
  +  integration_tests: log image serial if available (#772)
  +  [VMware] Support cloudinit raw data feature (#691) [xiaofengw-vmware]
  +  net: Fix static routes to host in eni renderer (#668) [Pavel Abalikhin]
  +  .travis.yml: don't run cloud_tests in CI (#756)
  +  test_upgrade: add some missing commas (#769)
  +  cc_seed_random: update documentation and fix integration test (#771)
    (LP: #1911227)
  +  Fix test gh-632 test to only run on NoCloud (#770) (LP: #1911230)
  +  archlinux: fix package upgrade command handling (#768) [Bao Trinh]
  +  integration_tests: add integration test for LP: #1910835 (#761)
  +  Fix regression with handling of IMDS ssh keys (#760) [Thomas Stringer]
  +  integration_tests: log cloud-init version in SUT (#758)
  +  Add ajmyyra as contributor (#742) [Antti Myyrä]
  +  net_convert: add some missing help text (#755)
  +  Missing IPV6_AUTOCONF=no to render sysconfig dhcp6 stateful on RHEL
    (#753) [Eduardo Otubo]
  +  doc: document missing IPv6 subnet types (#744) [Antti Myyrä]
  +  Add example configuration for datasource `AliYun` (#751) [Xiaoyu Zhong]
  +  integration_tests: add SSH key selection settings (#754)
  +  fix a typo in man page cloud-init.1 (#752) [Amy Chen]
  +  network-config-format-v2.rst: add Netplan Passthrough section (#750)
  +  stale: re-enable post holidays (#749)
  +  integration_tests: port ca_certs tests from cloud_tests (#732)
  +  Azure: Add telemetry for poll IMDS (#741) [Johnson Shi]
  +  doc: move testing section from HACKING to its own doc (#739)
  +  No longer allow integration test failures on travis (#738)
  +  stale: fix error in definition (#740)
  +  integration_tests: set log-cli-level to INFO by default (#737)
  +  PULL_REQUEST_TEMPLATE.md: use backticks around commit message (#736)
  +  stale: disable check for holiday break (#735)
  +  integration_tests: log the path we collect logs into (#733)
  +  .travis.yml: add (most) supported Python versions to CI (#734)
  +  integration_tests: fix IN_PLACE CLOUD_INIT_SOURCE (#731)
  +  cc_ca_certs: add RHEL support (#633) [cawamata]
  +  Azure: only generate config for NICs with addresses (#709)
    [Thomas Stringer]
  +  doc: fix CloudStack configuration example (#707) [Olivier Lemasle]
  +  integration_tests: restrict test_lxd_bridge appropriately (#730)
  +  Add integration tests for CLI functionality (#729)
  +  Integration test for gh-626 (#728)
  +  Some test_upgrade fixes (#726)
  +  Ensure overriding test vars with env vars works for booleans (#727)
  +  integration_tests: port lxd_bridge test from cloud_tests (#718)
  +  Integration test for gh-632. (#725)
  +  Integration test for gh-671 (#724)
  +  integration-requirements.txt: bump pycloudlib commit (#723)
  +  Drop unnecessary shebang from cmd/main.py (#722) [Eduardo Otubo]
  +  Integration test for LP: #1813396 and #669 (#719)
  +  integration_tests: include timestamp in log output (#720)
  +  integration_tests: add test for LP: #1898997 (#713)
  +  Add integration test for power_state_change module (#717)
  +  Update documentation for network-config-format-v2 (#701) [ggiesen]
  +  sandbox CA Cert tests to not require ca-certificates (#715)
    [Eduardo Otubo]
  +  Add upgrade integration test (#693)
  +  Integration test for 570 (#712)
  +  Add ability to keep snapshotted images in integration tests (#711)
  +  Integration test for pull #586 (#706)
  +  integration_tests: introduce skipping of tests by OS (#702)
  +  integration_tests: introduce IntegrationInstance.restart (#708)
  +  Add lxd-vm to list of valid integration test platforms (#705)
  +  Adding BOOTPROTO = dhcp to render sysconfig dhcp6 stateful on RHEL
    (#685) [Eduardo Otubo]
  +  Delete image snapshots created for integration tests (#682)
  +  Parametrize ssh_keys_provided integration test (#700) [lucasmoura]
  +  Drop use_sudo attribute on IntegrationInstance (#694) [lucasmoura]
  +  cc_apt_configure: add riscv64 as a ports arch (#687)
    [Dimitri John Ledkov]
  +  cla: add xnox (#692) [Dimitri John Ledkov]
  +  Collect logs from integration test runs (#675)
  From 20.4.1
  +  Revert "/ssh_util: handle non-default AuthorizedKeysFile config (#586)"/
  From 20.4
  +  tox: avoid tox testenv subsvars for xenial support (#684)
  +  Ensure proper root permissions in integration tests (#664) [James Falcon]
  +  LXD VM support in integration tests (#678) [James Falcon]
  +  Integration test for fallocate falling back to dd (#681) [James Falcon]
  +  .travis.yml: correctly integration test the built .deb (#683)
  +  Ability to hot-attach NICs to preprovisioned VMs before reprovisioning
    (#613) [aswinrajamannar]
  +  Support configuring SSH host certificates. (#660) [Jonathan Lung]
  +  add integration test for LP: #1900837 (#679)
  +  cc_resizefs on FreeBSD: Fix _can_skip_ufs_resize (#655)
    [Mina Galić] (LP: #1901958, #1901958)
  +  DataSourceAzure: push dmesg log to KVP (#670) [Anh Vo]
  +  Make mount in place for tests work (#667) [James Falcon]
  +  integration_tests: restore emission of settings to log (#657)
  +  DataSourceAzure: update password for defuser if exists (#671) [Anh Vo]
  +  tox.ini: only select "/ci"/ marked tests for CI runs (#677)
  +  Azure helper: Increase Azure Endpoint HTTP retries (#619) [Johnson Shi]
  +  DataSourceAzure: send failure signal on Azure datasource failure (#594)
    [Johnson Shi]
  +  test_persistence: simplify VersionIsPoppedFromState (#674)
  +  only run a subset of integration tests in CI (#672)
  +  cli: add  + -system param to allow validating system user-data on a
    machine (#575)
  +  test_persistence: add VersionIsPoppedFromState test (#673)
  +  introduce an upgrade framework and related testing (#659)
  +  add  + -no-tty option to gpg (#669) [Till Riedel] (LP: #1813396)
  +  Pin pycloudlib to a working commit (#666) [James Falcon]
  +  DataSourceOpenNebula: exclude SRANDOM from context output (#665)
  +  cloud_tests: add hirsute release definition (#662)
  +  split integration and cloud_tests requirements (#652)
  +  faq.rst: add warning to answer that suggests running `clean` (#661)
  +  Fix stacktrace in DataSourceRbxCloud if no metadata disk is found (#632)
    [Scott Moser]
  +  Make wakeonlan Network Config v2 setting actually work (#626)
    [dermotbradley]
  +  HACKING.md: unify network-refactoring namespace (#658) [Mina Galić]
  +  replace usage of dmidecode with kenv on FreeBSD (#621) [Mina Galić]
  +  Prevent timeout on travis integration tests. (#651) [James Falcon]
  +  azure: enable pushing the log to KVP from the last pushed byte  (#614)
    [Moustafa Moustafa]
  +  Fix launch_kwargs bug in integration tests (#654) [James Falcon]
  +  split read_fs_info into linux & freebsd parts (#625) [Mina Galić]
  +  PULL_REQUEST_TEMPLATE.md: expand commit message section (#642)
  +  Make some language improvements in growpart documentation (#649)
    [Shane Frasier]
  +  Revert "/.travis.yml: use a known-working version of lxd (#643)"/ (#650)
  +  Fix not sourcing default 50-cloud-init ENI file on Debian (#598)
    [WebSpider]
  +  remove unnecessary reboot from gpart resize (#646) [Mina Galić]
  +  cloudinit: move dmi functions out of util (#622) [Scott Moser]
  +  integration_tests: various launch improvements (#638)
  +  test_lp1886531: don't assume /etc/fstab exists (#639)
  +  Remove Ubuntu restriction from PR template (#648) [James Falcon]
  +  util: fix mounting of vfat on *BSD (#637) [Mina Galić]
  +  conftest: improve docstring for disable_subp_usage (#644)
  +  doc: add example query commands to debug Jinja templates (#645)
  +  Correct documentation and testcase data for some user-data YAML (#618)
    [dermotbradley]
  +  Hetzner: Fix instance_id / SMBIOS serial comparison (#640)
    [Markus Schade]
  +  .travis.yml: use a known-working version of lxd (#643)
  +  tools/build-on-freebsd: fix comment explaining purpose of the script
    (#635) [Mina Galić]
  +  Hetzner: initialize instance_id from system-serial-number (#630)
    [Markus Schade] (LP: #1885527)
  +  Explicit set IPV6_AUTOCONF and IPV6_FORCE_ACCEPT_RA on static6 (#634)
    [Eduardo Otubo]
  +  get_interfaces: don't exclude Open vSwitch bridge/bond members (#608)
    [Lukas Märdian] (LP: #1898997)
  +  Add config modules for controlling IBM PowerVM RMC. (#584)
    [Aman306] (LP: #1895979)
  +  Update network config docs to clarify MAC address quoting (#623)
    [dermotbradley]
  +  gentoo: fix hostname rendering when value has a comment (#611)
    [Manuel Aguilera]
  +  refactor integration testing infrastructure (#610) [James Falcon]
  +  stages: don't reset permissions of cloud-init.log every boot (#624)
    (LP: #1900837)
  +  docs: Add how to use cloud-localds to boot qemu (#617) [Joshua Powers]
  +  Drop vestigial update_resolve_conf_file function (#620) [Scott Moser]
  +  cc_mounts: correctly fallback to dd if fallocate fails (#585)
    (LP: #1897099)
  +  .travis.yml: add integration-tests to Travis matrix (#600)
  +  ssh_util: handle non-default AuthorizedKeysFile config (#586)
    [Eduardo Otubo]
  +  Multiple file fix for AuthorizedKeysFile config (#60) [Eduardo Otubo]
  +  bddeb: new  + -packaging-branch argument to pull packaging from branch
    (#576) [Paride Legovini]
  +  Add more integration tests (#615) [lucasmoura]
  +  DataSourceAzure: write marker file after report ready in preprovisioning
    (#590) [Johnson Shi]
  +  integration_tests: emit settings to log during setup (#601)
  +  integration_tests: implement citest tests run in Travis (#605)
  +  Add Azure support to integration test framework (#604) [James Falcon]
  +  openstack: consider product_name as valid chassis tag (#580)
    [Adrian Vladu] (LP: #1895976)
  +  azure: clean up and refactor report_diagnostic_event (#563) [Johnson Shi]
  +  net: add the ability to blacklist network interfaces based on driver
    during enumeration of physical network devices (#591) [Anh Vo]
  +  integration_tests: don't error on cloud-init failure (#596)
  +  integration_tests: improve cloud-init.log assertions (#593)
  +  conftest.py: remove top-level import of httpretty (#599)
  +  tox.ini: add integration-tests testenv definition (#595)
  +  PULL_REQUEST_TEMPLATE.md: empty checkboxes need a space (#597)
  +  add integration test for LP: #1886531 (#592)
  +  Initial implementation of integration testing infrastructure (#581)
    [James Falcon]
  +  Fix name of ntp and chrony service on CentOS and RHEL. (#589)
    [Scott Moser] (LP: #1897915)
  +  Adding a PR template (#587) [James Falcon]
  +  Azure parse_network_config uses fallback cfg when generate IMDS network
    cfg fails (#549) [Johnson Shi]
  +  features: refresh docs for easier out-of-context reading (#582)
  +  Fix typo in resolv_conf module's description (#578) [Wacław Schiller]
  +  cc_users_groups: minor doc formatting fix (#577)
  +  Fix typo in disk_setup module's description (#579) [Wacław Schiller]
  +  Add vendor-data support to seedfrom parameter for NoCloud and OVF (#570)
    [Johann Queuniet]
  +  boot.rst: add First Boot Determination section (#568) (LP: #1888858)
  +  opennebula.rst: minor readability improvements (#573) [Mina Galić]
  +  cloudinit: remove unused LOG variables (#574)
  +  create a shutdown_command method in distro classes (#567)
    [Emmanuel Thomé]
  +  user_data: remove unused constant (#566)
  +  network: Fix type and respect name when rendering vlan in
    sysconfig. (#541) [Eduardo Otubo] (LP: #1788915, #1826608)
  +  Retrieve SSH keys from IMDS first with OVF as a fallback (#509)
    [Thomas Stringer]
  +  Add jqueuniet as contributor (#569) [Johann Queuniet]
  +  distros: minor typo fix (#562)
  +  Bump the integration-requirements versioned dependencies (#565)
    [Paride Legovini]
  +  network-config-format-v1: fix typo in nameserver example (#564)
    [Stanislas]
  +  Run cloud-init-local.service after the hv_kvp_daemon (#505)
    [Robert Schweikert]
  +  Add method type hints for Azure helper (#540) [Johnson Shi]
  +  systemd: add Before=shutdown.target when Conflicts=shutdown.target is
    used (#546) [Paride Legovini]
  +  LXD: detach network from profile before deleting it (#542)
    [Paride Legovini] (LP: #1776958)
  +  redhat spec: add missing BuildRequires (#552) [Paride Legovini]
  +  util: remove debug statement (#556) [Joshua Powers]
  +  Fix cloud config on chef example (#551) [lucasmoura]
  From 20.3
  +  Azure: Add netplan driver filter when using hv_netvsc driver (#539)
    [James Falcon] (LP: #1830740)
  +  query: do not handle non-decodable non-gzipped content (#543)
  +  DHCP sandboxing failing on noexec mounted /var/tmp (#521) [Eduardo Otubo]
  +  Update the list of valid ssh keys. (#487)
    [Ole-Martin Bratteng] (LP: #1877869)
  +  cmd: cloud-init query to handle compressed userdata (#516) (LP: #1889938)
  +  Pushing cloud-init log to the KVP (#529) [Moustafa Moustafa]
  +  Add Alpine Linux support. (#535) [dermotbradley]
  +  Detect kernel version before swap file creation (#428) [Eduardo Otubo]
  +  cli: add devel make-mime subcommand (#518)
  +  user-data: only verify mime-types for TYPE_NEEDED and x-shellscript
    (#511) (LP: #1888822)
  +  DataSourceOracle: retry twice (and document why we retry at all) (#536)
  +  Refactor Azure report ready code (#468) [Johnson Shi]
  +  tox.ini: pin correct version of httpretty in xenial{,-dev} envs (#531)
  +  Support Oracle IMDSv2 API (#528) [James Falcon]
  +  .travis.yml: run a doc build during CI (#534)
  +  doc/rtd/topics/datasources/ovf.rst: fix doc8 errors (#533)
  +  Fix 'Users and Groups' configuration documentation (#530) [sshedi]
  +  cloudinit.distros: update docstrings of add_user and create_user (#527)
  +  Fix headers for device types in network v2 docs (#532)
    [Caleb Xavier Berger]
  +  Add AlexBaranowski as contributor (#508) [Aleksander Baranowski]
  +  DataSourceOracle: refactor to use only OPC v1 endpoint (#493)
  +  .github/workflows/stale.yml: s/Josh/Rick/ (#526)
  +  Fix a typo in apt pipelining module (#525) [Xiao Liang]
  +  test_util: parametrize devlist tests (#523) [James Falcon]
  +  Recognize LABEL_FATBOOT labels (#513) [James Falcon] (LP: #1841466)
  +  Handle additional identifier for SLES For HPC (#520) [Robert Schweikert]
  +  Revert "/test-requirements.txt: pin pytest to <6 (#512)"/ (#515)
  +  test-requirements.txt: pin pytest to <6 (#512)
  +  Add "/tsanghan"/ as contributor (#504) [tsanghan]
  +  fix brpm building (LP: #1886107)
  +  Adding eandersson as a contributor (#502) [Erik Olof Gunnar Andersson]
  +  azure: disable bouncing hostname when setting hostname fails (#494)
    [Anh Vo]
  +  VMware: Support parsing DEFAULT-RUN-POST-CUST-SCRIPT (#441)
    [xiaofengw-vmware]
  +  DataSourceAzure: Use ValueError when JSONDecodeError is not available
    (#490) [Anh Vo]
  +  cc_ca_certs.py: fix blank line problem when removing CAs and adding
    new one (#483) [dermotbradley]
  +  freebsd: py37-serial is now py37-pyserial (#492) [Gonéri Le Bouder]
  +  ssh exit with non-zero status on disabled user (#472)
    [Eduardo Otubo] (LP: #1170059)
  +  cloudinit: remove global disable of pylint W0107 and fix errors (#489)
  +  networking: refactor wait_for_physdevs from cloudinit.net (#466)
    (LP: #1884626)
  +  HACKING.rst: add pytest.param pytest gotcha (#481)
  +  cloudinit: remove global disable of pylint W0105 and fix errors (#480)
  +  Fix two minor warnings (#475)
  +  test_data: fix faulty patch (#476)
  +  cc_mounts: handle missing fstab (#484) (LP: #1886531)
  +  LXD cloud_tests: support more lxd image formats (#482) [Paride Legovini]
  +  Add update_etc_hosts as default module on *BSD (#479) [Adam Dobrawy]
  +  cloudinit: fix tip-pylint failures and bump pinned pylint version (#478)
  +  Added BirknerAlex as contributor and sorted the file (#477)
    [Alexander Birkner]
  +  Update list of types of modules in cli.rst [saurabhvartak1982]
  +  tests: use markers to configure disable_subp_usage (#473)
  +  Add mention of vendor-data to no-cloud format documentation (#470)
    [Landon Kirk]
  +  Fix broken link to OpenStack metadata service docs (#467)
    [Matt Riedemann]
  +  Disable ec2 mirror for non aws instances (#390)
    [lucasmoura] (LP: #1456277)
  +  cloud_tests: don't pass  + -python-version to read-dependencies (#465)
  +  networking: refactor is_physical from cloudinit.net (#457) (LP: #1884619)
  +  Enable use of the caplog fixture in pytest tests, and add a
    cc_final_message test using it (#461)
  +  RbxCloud: Add support for FreeBSD (#464) [Adam Dobrawy]
  +  Add schema for cc_chef module (#375) [lucasmoura] (LP: #1858888)
  +  test_util: add (partial) testing for util.mount_cb (#463)
  +  .travis.yml: revert to installing ubuntu-dev-tools (#460)
  +  HACKING.rst: add details of net refactor tracking (#456)
  +  .travis.yml: rationalise installation of dependencies in host (#449)
  +  Add dermotbradley as contributor. (#458) [dermotbradley]
  +  net/networking: remove unused functions/methods (#453)
  +  distros.networking: initial implementation of layout (#391)
  +  cloud-init.service.tmpl: use "/rhel"/ instead of "/redhat"/ (#452)
  +  Change from redhat to rhel in systemd generator tmpl (#450)
    [Eduardo Otubo]
  +  Hetzner: support reading user-data that is base64 encoded. (#448)
    [Scott Moser] (LP: #1884071)
  +  HACKING.rst: add strpath gotcha to testing gotchas section (#446)
  +  cc_final_message: don't create directories when writing boot-finished
    (#445) (LP: #1883903)
  +  .travis.yml: only store new schroot if something has changed (#440)
  +  util: add ensure_dir_exists parameter to write_file (#443)
  +  printing the error stream of the dhclient process before killing it
    (#369) [Moustafa Moustafa]
  +  Fix link to the MAAS documentation (#442)
    [Paride Legovini] (LP: #1883666)
  +  RPM build: disable the dynamic mirror URLs when using a proxy (#437)
    [Paride Legovini]
  +  util: rename write_file's copy_mode parameter to preserve_mode (#439)
  +  .travis.yml: use $TRAVIS_BUILD_DIR for lxd_image caching (#438)
  +  cli.rst: alphabetise devel subcommands and add net-convert to list (#430)
  +  Default to UTF-8 in /var/log/cloud-init.log (#427) [James Falcon]
  +  travis: cache the chroot we use for package builds (#429)
  +  test: fix all flake8 E126 errors (#425) [Joshua Powers]
  +  Fixes KeyError for bridge with no "/parameters:"/ setting (#423)
    [Brian Candler] (LP: #1879673)
  +  When tools.conf does not exist, running cmd "/vmware-toolbox-cmd
    config get deployPkg enable-custom-scripts"/, the return code will
    be EX_UNAVAILABLE(69), on this condition, it should not take it as
    error. (#413) [chengcheng-chcheng]
  +  Document CloudStack data-server well-known hostname (#399) [Gregor Riepl]
  +  test: move conftest.py to top-level, to cover tests/ also (#414)
  +  Replace cc_chef is_installed with use of subp.is_exe. (#421)
    [Scott Moser]
  +  Move runparts to subp. (#420) [Scott Moser]
  +  Move subp into its own module. (#416) [Scott Moser]
  +  readme: point at travis-ci.com (#417) [Joshua Powers]
  +  New feature flag functionality and fix includes failing silently (#367)
    [James Falcon] (LP: #1734939)
  +  Enhance poll imds logging (#365) [Moustafa Moustafa]
  +  test: fix all flake8 E121 and E123 errors (#404) [Joshua Powers]
  +  test: fix all flake8 E241 (#403) [Joshua Powers]
  +  test: ignore flake8 E402 errors in main.py (#402) [Joshua Powers]
  +  cc_grub_dpkg: determine idevs in more robust manner with grub-probe
    (#358) [Matthew Ruffell] (LP: #1877491)
  +  test: fix all flake8 E741 errors (#401) [Joshua Powers]
  +  tests: add groovy integration tests for ubuntu (#400)
  +  Enable chef_license support for chef infra client (#389) [Bipin Bachhao]
  +  testing: use flake8 again (#392) [Joshua Powers]
  +  enable Puppet, Chef mcollective in default config (#385)
    [Mina Galić (deprecated: Igor Galić)] (LP: #1880279)
  +  HACKING.rst: introduce .net  + > Networking refactor section (#384)
  +  Travis: do not install python3-contextlib2 (dropped dependency) (#388)
    [Paride Legovini]
  +  HACKING: mention that .github-cla-signers is alpha-sorted (#380)
  +  Add bipinbachhao as contributor (#379) [Bipin Bachhao]
  +  cc_snap: validate that assertions property values are strings (#370)
  +  conftest: implement partial disable_subp_usage (#371)
  +  test_resolv_conf: refresh stale comment (#374)
  +  cc_snap: apply validation to snap.commands properties (#364)
  +  make finding libc platform independent (#366)
    [Mina Galić (deprecated: Igor Galić)]
  +  doc/rtd/topics/faq: Updates LXD docs links to current site (#368) [TomP]
  +  templater: drop Jinja Python 2 compatibility shim (#353)
  +  cloudinit: minor pylint fixes (#360)
  +  cloudinit: remove unneeded __future__ imports (#362)
  +  migrating momousta lp user to Moustafa-Moustafa GitHub user (#361)
    [Moustafa Moustafa]
  +  cloud_tests: emit dots on Travis while fetching images (#347)
  +  Add schema to apt configure config (#357) [lucasmoura] (LP: #1858884)
  +  conftest: add docs and tests regarding CiTestCase's subp functionality
    (#343)
  +  analyze/dump: refactor shared string into variable (#350)
  +  doc: update boot.rst with correct timing of runcmd (#351)
  +  HACKING.rst: change contact info to Rick Harding (#359) [lucasmoura]
  +  HACKING.rst: guide people to add themselves to the CLA file (#349)
  +  HACKING.rst: more unit testing documentation (#354)
  +  .travis.yml: don't run lintian during integration test package builds
    (#352)
  +  Add test to ensure docs examples are valid cloud-init configs (#355)
    [James Falcon] (LP: #1876414)
  +  make suse and sles support 127.0.1.1 (#336) [chengcheng-chcheng]
  +  Create tests to validate schema examples (#348)
    [lucasmoura] (LP: #1876412)
  +  analyze/dump: add support for Amazon Linux 2 log lines (#346)
    (LP: #1876323)
  +  bsd: upgrade support (#305) [Gonéri Le Bouder]
  +  Add lucasmoura as contributor (#345) [lucasmoura]
  +  Add "/therealfalcon"/ as contributor (#344) [James Falcon]
  +  Adapt the package building scripts to use Python 3 (#231)
    [Paride Legovini]
  +  DataSourceEc2: use metadata's NIC ordering to determine route-metrics
    (#342) (LP: #1876312)
  +  .travis.yml: introduce caching (#329)
  +  cc_locale: introduce schema (#335)
  +  doc/rtd/conf.py: bump copyright year to 2020 (#341)
  +  yum_add_repo: Add Centos to the supported distro list (#340)
- Add cloud-init-update-test-characters-in-substitution-unit-test.patch
  to fix unit test fail in TestGetPackageMirrorInfo::test_substitution.
- Add patch from upstream to remove python2 compatibility so
  cloud-init builds fine in Tumbleweed with a recent Jinja2
  version. This patch is only applied in TW.
  * 0001-templater-drop-Jinja-Python-2-compatibility-shim.patch
cloud-netconfig
- Update to version 1.6:
  + Ignore proxy when accessing metadata (bsc#1187939)
  + Print warning in case metadata is not accessible
  + Documentation update
cloud-regionsrv-client
- Follow up changes to (jsc#PCT-130, bsc#1182026)
  + Fix executable name for AHB service/timer
  + Update manpage for BYOS instance registration
cryptsetup
- cryptsetup 2.3.7:
  * Fix possible attacks against data confidentiality through LUKS2 online
  reencryption extension crash recovery (CVE-2021-4122).
  * Improve internal metadata validation code for reencryption metadata.
  * Add updated documentation for LUKS2 On-Disk Format Specification
- reencrypt evil maid fixes (bsc#1194469, CVE-2021-4122,
  0001-CVE-2021-4122-fix.patch).
- cryptsetup 2.3.6:
  * integritysetup: Fix possible dm-integrity mapping table truncation.
  * cryptsetup: Backup header can be used to activate TCRYPT device.
    Use --header option to specify the header.
  * cryptsetup: Avoid LUKS2 decryption without detached header.
    This feature will be added later and is currently not supported.
  * Additional fixes and workarounds for common warnings produced
    by some static analysis tools (like gcc-11 analyzer) and additional
    code hardening.
  * Fix standalone libintl detection for compiled tests.
  * Add Blake2b and Blake2s hash support for crypto backends.
    Kernel and gcrypt crypto backend support all variants.
    OpenSSL supports only Blake2b-512 and Blake2s-256.
    Crypto backend supports kernel notation e.g. "/blake2b-512"/.
- cryptsetup 2.3.5:
  * Fix partial reads of passphrase from an interactive terminal
  * Fix maximum length of password entered through a terminal
  * integritysetup: support new dm-integrity HMAC recalculation
    options
  * integritysetup: display of recalculating sector in dump command
  * veritysetup: fix verity FEC if stored in the same image with
    hashes
  * veritysetup: run FEC repair check even if root hash fails
  * veritysetup: do not process hash image if hash area is empty
  * veritysetup: store verity hash algorithm in superblock in
    lowercase
  * bitlk: fix a crash if the device disappears during BitLocker
    scan
  * bitlk: show a better error when trying to open an NTFS device
  * bitlk: add support for startup key protected VMKs
  * Fix LUKS1 repair code (regression since version 1.7.x)
  * Fix luksKeyChange for LUKS2 with assigned tokens
  * Fix cryptsetup resize using LUKS2 tokens
  * Print a visible error if device resize is not supported
  * Add error message when suspending wrong non-LUKS device
  * Fix default XTS mode key size in reencryption
  * Rephrase missing locking directory warning and move it to
    debug level
  * Many fixes for the use of cipher_null (empty debug cipher)
  * Fixes for libpasswdqc 2.0.x (optional passphrase quality check)
  * Fixes for problems discovered by various tools for code
    analysis
  * Various fixes to man pages
- silence hmac packaging warnings
- move licenses to licensedir
expat
- Security fix (CVE-2021-45960, bsc#1194251)
  * A left shift by 29 (or more) places in the storeAtts function
    in xmlparse.c can lead to realloc misbehavior.
  * Added expat-CVE-2021-45960.patch
- Security fix (CVE-2021-46143, bsc#1194362)
  * Integer overflow exists for m_groupSize in doProlog
  * Added expat-CVE-2021-46143.patch
- Security fix (CVE-2022-22822, bsc#1194474)
  * Integer overflow in addBinding in xmlparse.c
  * Added expat-CVE-2022-22822.patch
- Security fix (CVE-2022-22823, bsc#1194476)
  * Integer overflow in build_model in xmlparse.c
  * Added expat-CVE-2022-22823.patch
- Security fix (CVE-2022-22824, bsc#1194477)
  * Integer overflow in defineAttribute in xmlparse.c
  * Added expat-CVE-2022-22824.patch
- Security fix (CVE-2022-22825, bsc#1194478)
  * Integer overflow in lookup in xmlparse.c
  * Added expat-CVE-2022-22825.patch
- Security fix (CVE-2022-22826, bsc#1194479)
  * Integer overflow in nextScaffoldPart in xmlparse.c
  * Added expat-CVE-2022-22826.patch
- Security fix (CVE-2022-22827, bsc#1194480)
  * Integer overflow in storeAtts in xmlparse.c
  * Added expat-CVE-2022-22826.patch
- Refresh expat-CVE-2018-20843.patch as a p1 patch.
- Use %autosetup macro
json-c
- Add patch bsc1171479.patch
  + fix integer overflow and out-of-bounds write (CVE-2020-12762, bsc#1171479)
kernel-default
- Rename colliding patches before the next cve/linux-5.3 -> SLE15-SP3 merge
- commit 84178b8
- series.conf: refresh
- update upstream references and resort:
  - patches.suse/powerpc-fadump-Fix-inaccurate-CPU-state-info-in-vmco.patch
  - patches.suse/powerpc-handle-kdump-appropriately-with-crash_kexec_.patch
  - patches.suse/powerpc-watchdog-Avoid-holding-wd_smp_lock-over-prin.patch
  - patches.suse/powerpc-watchdog-Fix-missed-watchdog-reset-due-to-me.patch
  - patches.suse/powerpc-watchdog-Fix-wd_smp_last_reset_tb-reporting.patch
  - patches.suse/powerpc-watchdog-read-TB-close-to-where-it-is-used.patch
  - patches.suse/powerpc-watchdog-tighten-non-atomic-read-modify-writ.patch
- commit 72b7db7
- series.conf: cleanup
- move to "/mainline soon"/ section:
  - patches.suse/0001-mmc-moxart_remove-Fix-UAF.patch
- commit 07d55c3
- vfs: fs_context: fix up param length parsing in
  legacy_parse_param (CVE-2022-0185 bsc#1194517).
- Rename and retag following upstream merge from:
  patches.suse/vfs-Out-of-bounds-write-of-heap-buffer-in-fs_context-c.patch
  to patches.suse/vfs-fs_context-fix-up-param-length-parsing-in-legacy.patch
- commit 33860f2
- sctp: account stream padding length for reconf chunk
  (bsc#1194985 CVE-2022-0322).
- commit a6cab40
- moxart: fix potential use-after-free on remove path
  (bsc#1194516).
- commit 3fae095
- vfs: check fd has read access in kernel_read_file_from_fd() (bsc#1194888).
- commit 4717473
- powerpc/pseries/mobility: ignore ibm, platform-facilities
  updates (bsc#1065729).
- commit b253330
- powerpc/traps: do not enable irqs in _exception (bsc#1065729).
- powerpc: add interrupt_cond_local_irq_enable helper
  (bsc#1065729).
- commit 65f660c
- powerpc/64s: fix program check interrupt emergency stack path
  (bsc#1156395).
- commit a3c26ed
- blacklist.conf: Add a2308836880b powerpc: Fix arch_stack_walk() to have
  running function as first entry
  The stacktrace interface in this kernel version does not provide the
  parameters used to implement the fix.
- commit ee041a3
- fuse: Pass correct lend value to filemap_write_and_wait_range()
  (bsc#1194953).
- commit d2355ea
- Update patches.suse/tpm-fix-potential-NULL-pointer-access-in-tpm_del_cha.patch
  (git-fixes bsc#1193660 ltc#195634).
- commit 11ac3f6
- blacklist.conf: Add 79ca6f74dae0 tpm: fix Atmel TPM crash caused by too frequent queries
  Breaks kABI, there is no report of this problem affecting users, likely
  broken old TPM firmware.
- commit 4ea9f96
- livepatch: Avoid CPU hogging with cond_resched (bsc#1071995).
- commit 27c7aa0
- powerpc/perf: Fix PMU callbacks to clear pending PMI before
  resetting an overflown PMC (bsc#1156395).
- commit 8bdce1e
- powerpc/prom_init: Fix improper check of prom_getprop()
  (bsc#1065729).
- commit 954fa51
- dmaengine: at_xdmac: Fix at_xdmac_lld struct definition
  (git-fixes).
- dmaengine: at_xdmac: Fix lld view setting (git-fixes).
- dmaengine: at_xdmac: Fix concurrency over xfers_list
  (git-fixes).
- dmaengine: at_xdmac: Print debug message after realeasing the
  lock (git-fixes).
- dmaengine: at_xdmac: Don't start transactions at tx_submit level
  (git-fixes).
- Documentation: dmaengine: Correctly describe dmatest with
  channel unset (git-fixes).
- rpmsg: core: Clean up resources on announce_create failure
  (git-fixes).
- ACPI: APD: Check for NULL pointer after calling devm_ioremap()
  (git-fixes).
- Input: ti_am335x_tsc - fix STEPCONFIG setup for Z2 (git-fixes).
- Input: ti_am335x_tsc - set ADCREFM for X configuration
  (git-fixes).
- i3c: master: dw: check return of dw_i3c_master_get_free_pos()
  (git-fixes).
- i3c: fix incorrect address slot lookup on 64-bit (git-fixes).
- commit 3d8614c
- powerpc/pseries/cpuhp: delete add/remove_by_count code
  (bsc#1065729).
- powerpc/pseries/cpuhp: cache node corrections (bsc#1065729).
- commit 9c04898
- Add cherry-picked IDs for qemu fw_cfg patches
- commit 8f947ad
- powerpc/perf: Fix data source encodings for L2.1 and L3.1
  accesses (bsc#1065729).
- commit d096c51
- powerpc/xive: Add missing null check after calling kmalloc
  (bsc#1177437 ltc#188522 jsc#SLE-13294 git-fixes).
- commit d9ea6bb
- tracing/kprobes: 'nmissed' not showed correctly for kretprobe
  (git-fixes).
- commit fd3df8d
- tracing: Add test for user space strings when filtering on
  string pointers (git-fixes).
- commit 9a09d69
- Update armv7hl config files.
- commit a54e64e
- dm writecache: fix performance degradation in ssd mode
  (git-fixes).
- dm writecache: advance the number of arguments when reporting
  max_age (git-fixes).
- commit e385922
- nvme-tcp: fix possible req->offset corruption (git-fixes).
- nvme-tcp: fix io_work priority inversion (git-fixes).
- nvme-tcp: don't update queue count when failing to set io queues
  (git-fixes).
- nvme-tcp: pair send_mutex init with destroy (git-fixes).
- nvme-tcp: can't set sk_user_data without write_lock (git-fixes).
- nvme-tcp: fix error codes in nvme_tcp_setup_ctrl() (git-fixes).
- nvme-tcp: remove incorrect Kconfig dep in BLK_DEV_NVME
  (git-fixes).
- nvme-tcp: check sgl supported by target (git-fixes).
- nvme-tcp: block BH in sk state_change sk callback (git-fixes).
- nvme-tcp: fix a NULL deref when receiving a 0-length r2t PDU
  (git-fixes).
- commit 0e83d53
- nvme-tcp: fix crash triggered with a dataless request submission
  (git-fixes).
- nvme-tcp: pass multipage bvec to request iov_iter (git-fixes).
- nvme-tcp: get rid of unused helper function (git-fixes).
- nvme-tcp: fix wrong setting of request iov_iter (git-fixes).
- nvme-tcp: fix possible data corruption with bio merges
  (git-fixes).
- commit 1412d58
- blacklist.conf: 3e2a56e6f639 ("/tracing: Have syscall trace events use trace_event_buffer_lock_reserve()"/)
  Optimization only.
- commit 9d680b6
- dm writecache: add "/cleaner"/ and "/max_age"/ to Documentation
  (git-fixes).
- dm writecache: flush origin device when writing and cache is
  full (git-fixes).
- commit eeda715
- blacklist.conf: blacklist unnecessary commit
- commit 3eae3eb
- NFSD: Fix zero-length NFSv3 WRITEs (git-fixes).
- nfsd: Fix nsfd startup race (again) (git-fixes).
- NFSv42: Fix pagecache invalidation after COPY/CLONE (git-fixes).
- NFSv42: Don't fail clone() unless the OP_CLONE operation failed
  (git-fixes).
- commit 53bf6fe
- blacklist.conf: 244a36e50da0 drm/vc4: kms: Wait for the commit before increasing our clock rate
- commit f34f06b
- Refresh
  patches.suse/drm-amd-display-Set-plane-update-flags-for-all-plane.patch.
  Alt-commit
- commit efcd4f5
- Refresh
  patches.suse/drm-i915-fb-Fix-rounding-error-in-subsampled-plane-s.patch.
  Alt-commit
- commit e0cab26
- blacklist.conf: 0c980a006d3f drm/vc4: kms: Wait for the commit before increasing our clock rate
- commit a752ba6
- drm/i915/fb: Fix rounding error in subsampled plane size
  calculation (git-fixes).
- commit 559ebf7
- drm/amdgpu: revert "/Add autodump debugfs node for gpu reset v8"/
  (git-fixes).
- commit 3dac018
- blacklist.conf: 93b713304188 drm/i915: Revert "/drm/i915/gem: Asynchronous cmdparser"/
- commit 41290de
- blacklist.conf: 5810323ba692 drm/amd/pm: Fix a bug communicating with the SMU (v5)
- commit 5594ee7
- tracing/uprobes: Check the return value of kstrdup() for
  tu->filename (git-fixes).
- commit 9da2bcc
- blacklist.conf: c9d9fdbc108a drm/i915: Revert "/drm/i915/gem: Asynchronous cmdparser"/
- commit fcd19bb
- blacklist.conf: b601c16b7ba8 drm/vc4: crtc: Lookup the encoder from the register at boot
- commit 2647c26
- tracing: Fix check for trace_percpu_buffer validity in
  get_trace_buf() (git-fixes).
- commit 15d2ff9
- selftests: KVM: Explicitly use movq to read xmm registers
  (git-fixes).
- commit 28d1c00
- dmaengine: idxd: enable SVA feature for IOMMU (bsc#1192931).
- dmaengine: idxd: add module parameter to force disable of SVA
  (bsc#1192931).
- commit 13e606d
- blacklist.conf: 5a184d959d5a drm/vc4: crtc: Fix vc4_get_crtc_encoder logic
- commit 3bf3f00
- blacklist.conf: c6883985d463 drm/vc4: crtc: Pass the drm_atomic_state to config_pv
- commit babde3e
- Revert patches.suse/block-simplify-set_init_blocksize.patch (bsc#1191929)
  Upstream reverted 8dc932d3e8af ("/Revert "/block: simplify
  set_init_blocksize"/ to regain lost performance"/). Drop the initial
  patch and fixup conflicts.
- commit fca2173
- select: Fix indefinitely sleeping task in
  poll_schedule_timeout() (bsc#1194027).
- commit 18b9c4e
- blacklist.conf: 2e4c6c1a9db5 drm/i915: Remove i915_request.lock requirement for execution callbacks
- commit a56a2e1
- usb: ftdi-elan: fix memory leak on device disconnect
  (git-fixes).
- commit d92ffd0
- clk: imx8mn: Fix imx8mn_clko1_sels (git-fixes).
- clk: stm32: Fix ltdc's clock turn off by clk_disable_unused()
  after system enter shell (git-fixes).
- clk: Gemini: fix struct name in kernel-doc (git-fixes).
- clk: imx: pllv1: fix kernel-doc notation for struct clk_pllv1
  (git-fixes).
- tty: serial: uartlite: allow 64 bit address (git-fixes).
- tty: serial: atmel: Call dma_async_issue_pending() (git-fixes).
- tty: serial: atmel: Check return code of dmaengine_submit()
  (git-fixes).
- staging: rtl8192e: rtllib_module: fix error handle case in
  alloc_rtllib() (git-fixes).
- staging: rtl8192e: return error code from rtllib_softmac_init()
  (git-fixes).
- floppy: Fix hang in watchdog when disk is ejected (git-fixes).
- commit 83ffd12
- misc: lattice-ecp3-config: Fix task hung when firmware load
  failed (git-fixes).
- firmware: qemu_fw_cfg: fix sysfs information leak (git-fixes).
- firmware: qemu_fw_cfg: fix kobject leak in probe error path
  (git-fixes).
- firmware: qemu_fw_cfg: fix NULL-pointer deref on duplicate
  entries (git-fixes).
- firmware: Update Kconfig help text for Google firmware
  (git-fixes).
- uio: uio_dmem_genirq: Catch the Exception (git-fixes).
- dmaengine: pxa/mmp: stop referencing config->slave_id
  (git-fixes).
- mailbox: hi3660: convert struct comments to kernel-doc notation
  (git-fixes).
- PCI/MSI: Fix pci_irq_vector()/pci_irq_get_affinity()
  (git-fixes).
- net: usb: lan78xx: add Allied Telesis AT29M2-AF (git-fixes).
- commit 7a442ee
- char/mwave: Adjust io port register size (git-fixes).
- ASoC: fsl_asrc: refine the check of available clock divider
  (git-fixes).
- ASoC: fsl_mqs: fix MODULE_ALIAS (git-fixes).
- ASoC: samsung: idma: Check of ioremap return value (git-fixes).
- ASoC: mediatek: Check for error clk pointer (git-fixes).
- ASoC: rt5663: Handle device_property_read_u32_array error codes
  (git-fixes).
- ASoC: uniphier: drop selecting non-existing
  SND_SOC_UNIPHIER_AIO_DMA (git-fixes).
- ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus
  Master after reboot from Windows (git-fixes).
- ALSA: usb-audio: Drop superfluous '0' in Presonus Studio
  1810c's ID (git-fixes).
- ALSA: oss: fix compile error when OSS_DEBUG is enabled
  (git-fixes).
- commit 0e71106
- random: fix data race on crng init time (git-fixes).
- Refresh
  patches.suse/0008-random-move-FIPS-continuous-test-to-output-functions.patch.
- commit 792475c
- ALSA: hda: Make proper use of timecounter (git-fixes).
- ALSA: hda: Add missing rwsem around snd_ctl_remove() calls
  (git-fixes).
- ALSA: PCM: Add missing rwsem around snd_ctl_remove() calls
  (git-fixes).
- ALSA: jack: Add missing rwsem around snd_ctl_remove() calls
  (git-fixes).
- USB: core: Fix bug in resuming hub's handling of wakeup requests
  (git-fixes).
- USB: Fix "/slab-out-of-bounds Write"/ bug in
  usb_hcd_poll_rh_status (git-fixes).
- random: fix data race on crng_node_pool (git-fixes).
- staging: wlan-ng: Avoid bitwise vs logical OR warning in
  hfa384x_usb_throttlefn() (git-fixes).
- commit c91af43
- PCI: pci-bridge-emul: Set PCI_STATUS_CAP_LIST for PCIe device
  (git-fixes).
- PCI: pci-bridge-emul: Properly mark reserved PCIe bits in PCI
  config space (git-fixes).
- PCI: xgene: Fix IB window setup (git-fixes).
- PCI: mvebu: Fix support for DEVCAP2, DEVCTL2 and LNKCTL2
  registers on emulated bridge (git-fixes).
- PCI: mvebu: Fix support for PCI_EXP_RTSTA on emulated bridge
  (git-fixes).
- PCI: mvebu: Fix support for PCI_EXP_DEVCTL on emulated bridge
  (git-fixes).
- PCI: mvebu: Do not modify PCI IO type bits in conf_write
  (git-fixes).
- commit f746eae
- PCI: mvebu: Check for errors from pci_bridge_emul_init() call
  (git-fixes).
- PCI: dwc: Do not remap invalid res (git-fixes).
- PCI: pciehp: Fix infinite loop in IRQ handler upon power fault
  (git-fixes).
- drm/amdkfd: Check for null pointer after calling kmemdup
  (git-fixes).
- drm/sun4i: dw-hdmi: Fix missing put_device() call in
  sun8i_hdmi_phy_get (git-fixes).
- drm/atomic: Check new_crtc_state->active to determine if CRTC
  needs disable in self refresh mode (git-fixes).
- mmc: sdhci-pci: Add PCI ID for Intel ADL (git-fixes).
- Bluetooth: bfusb: fix division by zero in send path (git-fixes).
- drm/i915: Avoid bitwise vs logical OR warning in
  snb_wm_latency_quirk() (git-fixes).
- commit 3526b61
- Move upstreamed patches into sorted section
- commit e663fe4
- Updated mpi3mr entry in supported.conf (bsc#1194578 jsc#SLE-18120)
  Moving this driver into the "/supported"/ package.
- commit 6f2da7c
- tpm: fix potential NULL pointer access in tpm_del_char_device
  (git-fixes).
- tpm: add request_locality before write TPM_INT_ENABLE
  (git-fixes).
- spi: spi-meson-spifc: Add missing pm_runtime_disable() in
  meson_spifc_probe (git-fixes).
- usb: mtu3: fix interval value for intr and isoc (git-fixes).
- commit c1e5df4
- selinux: fix potential memleak in selinux_add_opt() (git-fixes).
- pcmcia: fix setting of kthread task states (git-fixes).
- pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in
  nonstatic_find_mem_region() (git-fixes).
- pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in
  __nonstatic_find_io_region() (git-fixes).
- spi: spi-rspi: Drop redeclaring ret variable in
  qspi_transfer_in() (git-fixes).
- regmap: Call regmap_debugfs_exit() prior to _init() (git-fixes).
- mtd: rawnand: mpc5121: Remove unused variable in
  ads5121_select_chip() (git-fixes).
- power: reset: ltc2952: Fix use of floating point literals
  (git-fixes).
- rndis_host: support Hytera digital radios (git-fixes).
- commit 5c51144
- mmc: meson-mx-sdio: add IRQ check (git-fixes).
- mfd: intel-lpss: Fix too early PM enablement in the ACPI
  - >probe() (git-fixes).
- HID: hid-uclogic-params: Invalid parameter check in
  uclogic_params_frame_init_v1_buttonpad (git-fixes).
- HID: hid-uclogic-params: Invalid parameter check in
  uclogic_params_huion_init (git-fixes).
- HID: hid-uclogic-params: Invalid parameter check in
  uclogic_params_get_str_desc (git-fixes).
- HID: hid-uclogic-params: Invalid parameter check in
  uclogic_params_init (git-fixes).
- crypto: stm32/crc32 - Fix kernel BUG triggered in probe()
  (git-fixes).
- crypto: stm32/cryp - fix lrw chaining mode (git-fixes).
- Documentation: refer to config RANDOMIZE_BASE for kernel
  address-space randomization (git-fixes).
- mISDN: change function names to avoid conflicts (git-fixes).
- commit 6c1c0d0
- backlight: qcom-wled: Override default length with
  qcom,enabled-strings (git-fixes).
- backlight: qcom-wled: Fix off-by-one maximum with default
  num_strings (git-fixes).
- backlight: qcom-wled: Pass number of elements to read to
  read_u32_array (git-fixes).
- backlight: qcom-wled: Validate enabled string indices in DT
  (git-fixes).
- crypto: stm32/cryp - fix double pm exit (git-fixes).
- crypto: stm32/cryp - fix xts and race condition in crypto_engine
  requests (git-fixes).
- crypto: qce - fix uaf on qce_ahash_register_one (git-fixes).
- crypto: caam - replace this_cpu_ptr with raw_cpu_ptr
  (git-fixes).
- atlantic: Fix buff_ring OOB in aq_ring_rx_clean (git-fixes).
- commit 8421e32
- blacklist.conf: f28439db470c ("/tracing: Tag trace_percpu_buffer as a percpu pointer"/)
  It fixes a sparse warning only.
- commit 3c1db23
- cgroup: cgroup.{procs,threads} factor out common parts
  (bsc#1194302 CVE-2021-4197).
- commit 0d9ce26
- Revert "/net/mlx5: Add retry mechanism to the command entry
  index allocation"/ (jsc#SLE-15172).
- net/mlx5: Set command entry semaphore up once got index free
  (jsc#SLE-15172).
- netfilter: nft_set_pipapo: allocate pcpu scratch maps on clone
  (bsc#1176447).
- iavf: Fix limit of total number of queues to active queues of VF
  (git-fixes).
- i40e: Fix incorrect netdev's real number of RX/TX queues
  (git-fixes).
- i40e: Fix for displaying message regarding NVM version
  (git-fixes).
- i40e: fix use-after-free in i40e_sync_filters_subtask()
  (git-fixes).
- i40e: Fix to not show opcode msg on unsuccessful VF MAC change
  (git-fixes).
- sfc: The RX page_ring is optional (git-fixes).
- net: ena: Fix error handling when calculating max IO queues
  number (bsc#1154492).
- net: ena: Fix wrong rx request id by resetting device
  (git-fixes).
- net: ena: Fix undefined state when tx request id is out of
  bounds (bsc#1154492).
- net/mlx5e: Fix wrong features assignment in case of error
  (git-fixes).
- ionic: Initialize the 'lif->dbid_inuse' bitmap (bsc#1167773).
- net/mlx5e: Wrap the tx reporter dump callback to extract the sq
  (jsc#SLE-15172).
- net/mlx5: DR, Fix NULL vs IS_ERR checking in
  dr_domain_init_resources (jsc#SLE-8464).
- sfc: falcon: Check null pointer of rx_queue->page_ring
  (git-fixes).
- sfc: Check null pointer of rx_queue->page_ring (git-fixes).
- qlcnic: potential dereference null pointer of
  rx_queue->page_ring (git-fixes).
- RDMA/hns: Replace kfree() with kvfree() (jsc#SLE-14777).
- sfc_ef100: potential dereference of null pointer
  (jsc#SLE-16683).
- ixgbe: set X550 MDIO speed before talking to PHY (git-fixes).
- igc: Fix typo in i225 LTR functions (jsc#SLE-13533).
- igbvf: fix double free in `igbvf_probe` (git-fixes).
- igb: Fix removal of unicast MAC filters of VFs (git-fixes).
- flow_offload: return EOPNOTSUPP for the unsupported mpls action
  type (bsc#1154353).
- net/sched: sch_ets: don't remove idle classes from the
  round-robin list (bsc#1176774).
- net: hns3: fix use-after-free bug in hclgevf_send_mbx_msg
  (jsc#SLE-14777).
- net/sched: fq_pie: prevent dismantle issue (jsc#SLE-15172).
- nft_set_pipapo: Fix bucket load in AVX2 lookup routine for
  six 8-bit groups (bsc#1176447).
- i40e: Fix NULL pointer dereference in i40e_dbg_dump_desc
  (git-fixes).
- iavf: restore MSI state on reset (git-fixes).
- netfilter: nf_tables: initialize set before expression setup
  (bsc#1194518 CVE-2021-46283).
- commit 472b838
- blacklist.conf: Blacklist 2fc428f6b7ca
- commit 19cda1c
- blacklist.conf: Blacklist b781d8db580c
- commit 062524a
- blacklist.conf: Blacklist 480d42dc001b
- commit 25e1570
- cgroup: Use open-time cgroup namespace for process migration
  perm checks (bsc#1194302 CVE-2021-4197).
- cgroup: Allocate cgroup_file_ctx for kernfs_open_file->priv
  (bsc#1194302 CVE-2021-4197).
- cgroup: Use open-time credentials for process migraton perm
  checks (bsc#1194302 CVE-2021-4197).
- commit 716e0d8
- patches.suse/ext4-Avoid-trim-error-on-fs-with-small-groups.patch: Update
  tags
- commit 2f64a4f
- blacklist.conf: Blacklist 86399ea07109 and 81dedaf10c20
- commit c1c9a79
- udf: Fix crash after seekdir (bsc#1194592).
- commit 0c1ff08
- isofs: Fix out of bound access for corrupted isofs image
  (bsc#1194591).
- commit 416efa6
- quota: correct error number in free_dqentry() (bsc#1194590).
- commit 6a7c013
- quota: check block number when reading the block in quota file
  (bsc#1194589).
- commit a1f09c3
- pipe: increase minimum default pipe size to 2 pages
  (bsc#1194587).
- commit e2fa7de
- block: fix ioprio_get(IOPRIO_WHO_PGRP) vs setuid(2)
  (bsc#1194586).
- commit b32b906
- blacklist.conf: Blacklist 7607c44c157d and 35e4c6c1a2fc
- commit 94191c1
- blk-cgroup: synchronize blkg creation against policy
  deactivation (bsc#1194584).
- commit 2ff6aca
- ext4: fix lazy initialization next schedule time computation
  in more granular unit (bsc#1194580).
- commit 5b27386
- fget: clarify and improve __fget_files() implementation
  (bsc#1193727).
- commit 4b3242f
- vfs: Out-of-bounds write of heap buffer in fs_context.c
  (CVE-2022-0185 bsc#1194517).
- commit 11341d2
- x86/platform/uv: Add more to secondary CPU kdump info
  (bsc#1194493).
- commit 0c6f56d
- netdevsim: Zero-initialize memory for new map's value in
  function nsim_bpf_map_alloc (bsc#1193927 CVE-2021-4135).
- commit 4b3887a
- Update patch references for NFC security fixes (CVE-2021-4202 bsc#1194529)
- commit 69a4a1d
- iwlwifi: mvm: Use div_s64 instead of do_div in
  iwl_mvm_ftm_rtt_smoothing() (git-fixes).
- commit 51f4dbd
- wireless: iwlwifi: Fix a double free in iwl_txq_dyn_alloc_dma
  (git-fixes).
- commit 0c49000
- thermal/drivers/imx8mm: Enable ADC when enabling monitor
  (git-fixes).
- PCI/ACPI: Fix acpi_pci_osc_control_set() kernel-doc comment
  (git-fixes).
- rtlwifi: rtl8192cu: Fix WARNING when calling local_irq_restore()
  with interrupts enabled (git-fixes).
- mwifiex: Fix possible ABBA deadlock (git-fixes).
- wcn36xx: Release DMA channel descriptor allocations (git-fixes).
- wcn36xx: Indicate beacon not connection loss on
  MISSED_BEACON_IND (git-fixes).
- media: hantro: Fix probe func error path (git-fixes).
- media: msi001: fix possible null-ptr-deref in msi001_probe()
  (git-fixes).
- commit 945c228
- media: dw2102: Fix use after free (git-fixes).
- media: streamzap: remove unnecessary ir_raw_event_reset and
  handle (git-fixes).
- media: si2157: Fix "/warm"/ tuner state detection (git-fixes).
- media: saa7146: mxb: Fix a NULL pointer dereference in
  mxb_attach() (git-fixes).
- media: dib8000: Fix a memleak in dib8000_init() (git-fixes).
- media: uvcvideo: fix division by zero at stream start
  (git-fixes).
- media: venus: core: Fix a resource leak in the error handling
  path of 'venus_probe()' (git-fixes).
- media: mtk-vcodec: call v4l2_m2m_ctx_release first when file
  is released (git-fixes).
- media: si470x-i2c: fix possible memory leak in
  si470x_i2c_probe() (git-fixes).
- media: imx-pxp: Initialize the spinlock prior to using it
  (git-fixes).
- commit 5761229
- media: rcar-csi2: Optimize the selection PHTW register
  (git-fixes).
- media: rcar-csi2: Correct the selection of hsfreqrange
  (git-fixes).
- media: i2c: imx274: fix trivial typo obainted/obtained
  (git-fixes).
- media: i2c: imx274: fix trivial typo expsoure/exposure
  (git-fixes).
- media: dib0700: fix undefined behavior in tuner shutdown
  (git-fixes).
- media: dmxdev: fix UAF when dvb_register_device() fails
  (git-fixes).
- media: stk1160: fix control-message timeouts (git-fixes).
- media: s2255: fix control-message timeouts (git-fixes).
- media: pvrusb2: fix control-message timeouts (git-fixes).
- media: em28xx: fix control-message timeouts (git-fixes).
- commit 46bba79
- iwlwifi: mvm: test roc running status bits before removing
  the sta (git-fixes).
- iwlwifi: mvm: fix 32-bit build in FTM (git-fixes).
- media: cpia2: fix control-message timeouts (git-fixes).
- media: flexcop-usb: fix control-message timeouts (git-fixes).
- media: redrat3: fix control-message timeouts (git-fixes).
- media: mceusb: fix control-message timeouts (git-fixes).
- media: aspeed: Update signal status immediately to ensure sane
  hw state (git-fixes).
- media: em28xx: fix memory leak in em28xx_init_dev (git-fixes).
- media: aspeed: fix mode-detect always time out at 2nd run
  (git-fixes).
- gpu: host1x: Add back arm_iommu_detach_device() (git-fixes).
- commit a0fd0ab
- drm/msm/dpu: fix safe status debugfs file (git-fixes).
- drm/tegra: vic: Fix DMA API misuse (git-fixes).
- drm/radeon/radeon_kms: Fix a NULL pointer dereference in
  radeon_driver_open_kms() (git-fixes).
- drm/amdgpu: Fix a NULL pointer dereference in
  amdgpu_connector_lcd_native_mode() (git-fixes).
- drm/bridge: ti-sn65dsi86: Set max register for regmap
  (git-fixes).
- drm/vboxvideo: fix a NULL vs IS_ERR() check (git-fixes).
- drm/bridge: analogix_dp: Make PSR-exit block less (git-fixes).
- drm/vc4: hdmi: Make sure the controller is powered up during
  bind (git-fixes).
- drm/vc4: hdmi: Set a default HSM rate (git-fixes).
- commit a48eb6b
- Documentation: ACPI: Fix data node reference documentation
  (git-fixes).
- dma_fence_array: Fix PENDING_ERROR leak in
  dma_fence_array_signaled() (git-fixes).
- drm/rockchip: dsi: Disable PLL clock on bind error (git-fixes).
- drm/rockchip: dsi: Fix unbalanced clock on probe error
  (git-fixes).
- drm/rockchip: dsi: Reconfigure hardware on resume() (git-fixes).
- drm/rockchip: dsi: Hold pm-runtime across bind/unbind
  (git-fixes).
- drm/panel: innolux-p079zca: Delete panel on attach() failure
  (git-fixes).
- drm/panel: kingdisplay-kd097d04: Delete panel on attach()
  failure (git-fixes).
- drm: fix null-ptr-deref in drm_dev_init_release() (git-fixes).
- drm/bridge: display-connector: fix an uninitialized pointer
  in probe() (git-fixes).
- commit 5ae7d41
- device property: Fix documentation for
  FWNODE_GRAPH_DEVICE_DISABLED (git-fixes).
- can: gs_usb: gs_can_start_xmit(): zero-initialize
  hf->{flags,reserved} (git-fixes).
- can: xilinx_can: xcan_probe(): check for error irq (git-fixes).
- can: softing: softing_startstop(): fix set but not used variable
  warning (git-fixes).
- can: softing_cs: softingcs_probe(): fix memleak on registration
  failure (git-fixes).
- can: gs_usb: fix use of uninitialized variable, detach device
  on reception of invalid USB data (git-fixes).
- Bluetooth: hci_bcm: Check for error irq (git-fixes).
- can: usb_8dev: remove unused member echo_skb from struct
  usb_8dev_priv (git-fixes).
- clk: bcm-2835: Remove rounding up the dividers (git-fixes).
- clk: bcm-2835: Pick the closest clock rate (git-fixes).
- commit bd7a33a
- ACPI: scan: Create platform device for BCM4752 and LNV4752
  ACPI nodes (git-fixes).
- Bluetooth: hci_qca: Stop IBS timer during BT OFF (git-fixes).
- Bluetooth: L2CAP: Fix using wrong mode (git-fixes).
- Bluetooth: btmtksdio: fix resume failure (git-fixes).
- Bluetooth: stop proccessing malicious adv data (git-fixes).
- Bluetooth: cmtp: fix possible panic when cmtp_init_sockets()
  fails (git-fixes).
- Bluetooth: btusb: fix memory leak in
  btusb_mtk_submit_wmt_recv_urb() (git-fixes).
- commit aa5f21e
- power: supply: core: Break capacity loop (git-fixes).
- ieee802154: atusb: fix uninit value in atusb_set_extended_addr
  (git-fixes).
- mac80211: initialize variable have_higher_than_11mbit
  (git-fixes).
- batman-adv: mcast: don't send link-local multicast to mcast
  routers (git-fixes).
- Input: spaceball - fix parsing of movement data packets
  (git-fixes).
- net: usb: pegasus: Do not drop long Ethernet frames (git-fixes).
- Input: i8042 - enable deferred probe quirk for ASUS UM325UA
  (bsc#1190256).
- Input: i8042 - add deferred probe support (bsc#1190256).
- platform/x86: apple-gmux: use resource_size() with res
  (git-fixes).
- drm/mediatek: Check plane visibility in atomic_update
  (git-fixes).
- HID: asus: Add depends on USB_HID to HID_ASUS Kconfig option
  (git-fixes).
- ASoC: sunxi: fix a sound binding broken reference (git-fixes).
- commit 3be695f
- Rename colliding patches before the next SLE15-SP2 -> SLE15-SP3 merge
- commit daf9fb8
- debugfs: lockdown: Allow reading debugfs files that are not
  world readable (bsc#1193328 ltc#195566).
- commit 8830882
- series.conf: cleanup
- move submitted patch to "/almost mainline"/ section
  patches.suse/ext4-Avoid-trim-error-on-fs-with-small-groups.patch
- commit dc09b47
- ext4: Avoid trim error on fs with small groups (bsc#1191271).
- commit f67e52e
- powerpc/fadump: Fix inaccurate CPU state info in vmcore
  generated with panic (bsc#1193901 ltc#194976).
- powerpc: handle kdump appropriately with
  crash_kexec_post_notifiers option (bsc#1193901 ltc#194976).
- commit 8924f63
- USB: gadget: bRequestType is a bitfield, not a enum (git-fixes).
- usb: dwc3: pci: Enable dis_uX_susphy_quirk for Intel Merrifield
  (git-fixes).
- commit b983cf3
- xhci: Fresco FL1100 controller should not have BROKEN_MSI
  quirk set (git-fixes).
- usb: mtu3: set interval of FS intr and isoc endpoint
  (git-fixes).
- usb: mtu3: fix list_head check warning (git-fixes).
- usb: mtu3: add memory barrier before set GPD's HWO (git-fixes).
- usb: gadget: f_fs: Clear ffs_eventfd in ffs_data_clear
  (git-fixes).
- USB: serial: option: add Telit FN990 compositions (git-fixes).
- USB: serial: cp210x: fix CP2105 GPIO registration (git-fixes).
- USB: NO_LPM quirk Lenovo USB-C to Ethernet Adapher(RTL8153-04)
  (git-fixes).
- usb: xhci: Extend support for runtime power management for
  AMD's Yellow carp (git-fixes).
- usb: core: config: using bit mask instead of individual bits
  (git-fixes).
- usb: core: config: fix validation of wMaxPacketValue entries
  (git-fixes).
- USB: gadget: zero allocate endpoint 0 buffers (git-fixes).
- USB: gadget: detect too-big endpoint 0 requests (git-fixes).
- xhci: avoid race between disable slot command and host runtime
  suspend (git-fixes).
- xhci: Remove CONFIG_USB_DEFAULT_PERSIST to prevent xHCI from
  runtime suspending (git-fixes).
- USB: NO_LPM quirk Lenovo Powered USB-C Travel Hub (git-fixes).
- USB: chipidea: fix interrupt deadlock (git-fixes).
- USB: cdc-acm: fix break reporting (git-fixes).
- USB: cdc-acm: fix racy tty buffer accesses (git-fixes).
- usb: typec: tcpm: handle SRC_STARTUP state if cc changes
  (git-fixes).
- usb: dwc2: check return value after calling
  platform_get_resource() (git-fixes).
- Revert "/USB: xhci: fix U1/U2 handling for hardware with
  XHCI_INTEL_HOST quirk set"/ (git-fixes).
- xhci: fix unsafe memory usage in xhci tracing (git-fixes).
- usb: gadget: composite: Allow bMaxPower=0 if self-powered
  (git-fixes).
- usb: dwc3: gadget: Ignore EP queue requests during bus reset
  (git-fixes).
- usb: dwc3: ulpi: Fix USB2.0 HS/FS/LS PHY suspend regression
  (git-fixes).
- usb: dwc3: ulpi: Replace CPU-based busyloop with Protocol-based
  one (git-fixes).
- usb: dwc3: gadget: Reclaim extra TRBs after request completion
  (git-fixes).
- usb: dwc3: ulpi: fix checkpatch warning (git-fixes).
- usb: dwc3: gadget: Continue to process pending requests
  (git-fixes).
- commit c6091eb
- watchdog: f71808e_wdt: fix inaccurate report in WDIOC_GETTIMEOUT
  (git-fixes).
- wcn36xx: handle connection loss indication (git-fixes).
- watchdog: Fix OMAP watchdog early handling (git-fixes).
- wcn36xx: Fix missing frame timestamp for beacon/probe-resp
  (git-fixes).
- commit ac118b7
- spi: change clk_disable_unprepare to clk_unprepare (git-fixes).
- firmware: tegra: Fix error application of sizeof() to pointer
  (git-fixes).
- serial: pl011: Add ACPI SBSA UART match id (git-fixes).
- thermal: core: Reset previous low and high trip during thermal
  zone init (git-fixes).
- video: backlight: Drop maximum brightness override for
  brightness zero (git-fixes).
- Revert "/PM: sleep: Do not assume that "/mem"/ is always present"/
  (git-fixes).
- thermal/drivers/int340x: Do not set a wrong tcc offset on resume
  (git-fixes).
- tty: synclink_gt: rename a conflicting function name
  (git-fixes).
- shmem: shmem_writepage() split unlikely i915 THP (git-fixes).
- serial: tty: uartlite: fix console setup (git-fixes).
- tty: max310x: fix flexible_array.cocci warnings (git-fixes).
- slimbus: qcom: fix potential NULL dereference in
  qcom_slim_prg_slew() (git-fixes).
- tty: serial: earlycon dependency (git-fixes).
- usermodehelper: reset umask to default before executing user
  process (git-fixes).
- tty: serial: qcom_geni_serial: Drop __init from
  qcom_geni_console_setup (git-fixes).
- string.h: fix incompatibility between FORTIFY_SOURCE and KASAN
  (git-fixes).
- commit a735650
- soc/tegra: fuse: Fix bitwise vs. logical OR warning (git-fixes).
- soc: fsl: dpaa2-console: free buffer before returning from
  dpaa2_console_read (git-fixes).
- soc: fsl: dpio: use the combined functions to protect critical
  zone (git-fixes).
- soc: fsl: dpio: replace smp_processor_id with
  raw_smp_processor_id (git-fixes).
- power: supply: max17042_battery: Clear status bits in interrupt
  handler (git-fixes).
- soc: fsl: dpio: rename the enqueue descriptor variable
  (git-fixes).
- soc: fsl: dpio: use an explicit NULL instead of 0 (git-fixes).
- pwm: mxs: Don't modify HW state in .probe() after the PWM chip
  was registered (git-fixes).
- rtw88: wow: fix size access error of probe request (git-fixes).
- rtw88: wow: build wow function only if CONFIG_PM is on
  (git-fixes).
- rtw88: use read_poll_timeout instead of fixed sleep (git-fixes).
- rtl8xxxu: Fix the handling of TX A-MPDU aggregation (git-fixes).
- pwm: tiecap: Drop .free() callback (git-fixes).
- seq_buf: Make trace_seq_putmem_hex() support data longer than 8
  (git-fixes).
- seq_buf: Fix overflow in seq_buf_putmem_hex() (git-fixes).
- sata: nv: fix debug format string mismatch (git-fixes).
- commit df942c0
- pinctrl: stm32: consider the GPIO offset to expose all the
  GPIO lines (git-fixes).
- pinctrl: mediatek: fix global-out-of-bounds issue (git-fixes).
- platform/x86: thinkpad_acpi: Fix WWAN device disabled issue
  after S3 deep (git-fixes).
- PM: sleep: Do not assume that "/mem"/ is always present
  (git-fixes).
- pinctrl: stm32: use valid pin identifier in
  stm32_pinctrl_resume() (git-fixes).
- pinctrl: qcom: spmi-gpio: correct parent irqspec translation
  (git-fixes).
- pcnet32: Use pci_resource_len to validate PCI resource
  (git-fixes).
- PM: runtime: Defer suspending suppliers (git-fixes).
- commit abf2572
- NFC: st21nfca: Fix memory leak in device probe and remove
  (git-fixes).
- PCI/MSI: Clear PCI_MSIX_FLAGS_MASKALL on error (git-fixes).
- PCI/MSI: Mask MSI-X vectors only on success (git-fixes).
- nfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done
  (git-fixes).
- nfc: fix segfault in nfc_genl_dump_devices_done (git-fixes).
- PCI: cadence: Add cdns_plat_pcie_probe() missing return
  (git-fixes).
- commit da0a149
- mmc: sdhci-tegra: Fix switch to HS400ES mode (git-fixes).
- misc: fastrpc: fix improper packet size calculation (git-fixes).
- mtd: rawnand: fsmc: Fix timing computation (git-fixes).
- mtd: rawnand: fsmc: Take instruction delay into account
  (git-fixes).
- mt76: mt7915: fix NULL pointer dereference in
  mt7915_get_phy_mode (git-fixes).
- mmc: sdhci-esdhc-imx: disable CMDQ support (git-fixes).
- mtd: spi-nor: hisi-sfc: Remove excessive clk_disable_unprepare()
  (git-fixes).
- mt76: mt7915: fix an off-by-one bound check (git-fixes).
- mwifiex: Try waking the firmware until we get an interrupt
  (git-fixes).
- mmc: sdhci-esdhc-imx: clear the buffer_read_ready to reset
  standard tuning circuit (git-fixes).
- misc: fastrpc: Add missing lock before accessing find_vma()
  (git-fixes).
- commit 55425ab
- Input: appletouch - initialize work before device registration
  (git-fixes).
- Input: atmel_mxt_ts - fix double free in mxt_read_info_block
  (git-fixes).
- Input: elantech - fix stack out of bound access in
  elantech_change_report_id() (git-fixes).
- libata: if T_LENGTH is zero, dma direction should be DMA_NONE
  (git-fixes).
- mac80211: mark TX-during-stop for TX in in_reconfig (git-fixes).
- mac80211: fix lookup when adding AddBA extension element
  (git-fixes).
- mac80211: validate extended element ID is present (git-fixes).
- mac80211: agg-tx: don't schedule_and_wake_txq() under sta->lock
  (git-fixes).
- mac80211: send ADDBA requests using the tid/queue of the
  aggregation session (git-fixes).
- mac80211: fix regression in SSN handling of addba tx
  (git-fixes).
- mac80211: track only QoS data frames for admission control
  (git-fixes).
- libata: add horkage for ASMedia 1092 (git-fixes).
- mac80211: do not access the IV when it was stripped (git-fixes).
- Input: max8925_onkey - don't mark comment as kernel-doc
  (git-fixes).
- staging: ks7010: select CRYPTO_HASH/CRYPTO_MICHAEL_MIC
  (git-fixes).
- iwlwifi: mvm: disable RX-diversity in powersave (git-fixes).
- iwlwifi: mvm: Fix scan channel flags settings (git-fixes).
- iwlwifi: fw: correctly limit to monitor dump (git-fixes).
- iwlwifi: mvm: fix access to BSS elements (git-fixes).
- iwlwifi: mvm: avoid static queue number aliasing (git-fixes).
- iwlwifi: pcie: free RBs during configure (git-fixes).
- mac80211: Fix monitor MTU limit so that A-MSDUs get through
  (git-fixes).
- memblock: ensure there is no overflow in
  memblock_overlaps_region() (git-fixes).
- kobject_uevent: remove warning in init_uevent_argv()
  (git-fixes).
- memory: emif: Remove bogus debugfs error handling (git-fixes).
- kobject: Restore old behaviour of kobject_del(NULL) (git-fixes).
- lockdown: Allow unprivileged users to see lockdown status
  (git-fixes).
- kmod: make request_module() return an error when autoloading
  is disabled (git-fixes).
- commit 0f3480f
- iio: trigger: stm32-timer: fix MODULE_ALIAS (git-fixes).
- iio: at91-sama5d2: Fix incorrect sign extension (git-fixes).
- iio: adc: axp20x_adc: fix charging current reporting on AXP22x
  (git-fixes).
- iio: ad7768-1: Call iio_trigger_notify_done() on error
  (git-fixes).
- iio: itg3200: Call iio_trigger_notify_done() on error
  (git-fixes).
- iio: dln2: Check return value of devm_iio_trigger_register()
  (git-fixes).
- iio: trigger: Fix reference counting (git-fixes).
- iio: dln2-adc: Fix lockdep complaint (git-fixes).
- iio: mma8452: Fix trigger reference couting (git-fixes).
- iio: stk3310: Don't return error code in interrupt handler
  (git-fixes).
- iio: kxsd9: Don't return error code in trigger handler
  (git-fixes).
- iio: ltr501: Don't return error code in trigger handler
  (git-fixes).
- iio: accel: kxcjk-1013: Fix possible memory leak in probe and
  remove (git-fixes).
- commit 4c68be5
- i2c: validate user data in compat ioctl (git-fixes).
- i2c: rk3x: Handle a spurious start completion interrupt flag
  (git-fixes).
- ieee802154: hwsim: fix GPF in hwsim_set_edge_lqi (git-fixes).
- ieee802154: hwsim: avoid possible crash in hwsim_del_edge_nl()
  (git-fixes).
- ieee802154: hwsim: Fix memory leak in hwsim_add_one (git-fixes).
- ieee802154: hwsim: Fix possible memory leak in
  hwsim_subscribe_all_others (git-fixes).
- ieee802154: fix error return code in
  ieee802154_llsec_getparams() (git-fixes).
- ieee802154: fix error return code in ieee802154_add_iface()
  (git-fixes).
- commit 5d3590c
- hwmon: (lm90) Do not report 'busy' status bit as alarm
  (git-fixes).
- hwmon: (lm90) Drop critical attribute support for MAX6654
  (git-fixes).
- hwmon: (lm90) Fix usage of CONFIG2 register in detect function
  (git-fixes).
- HID: google: add eel USB id (git-fixes).
- HID: add USB_HID dependancy to hid-prodikeys (git-fixes).
- HID: add USB_HID dependancy to hid-chicony (git-fixes).
- HID: bigbenff: prevent null pointer dereference (git-fixes).
- HID: quirks: Add quirk for the Microsoft Surface 3 type-cover
  (git-fixes).
- hwmon: (lm90) Add basic support for TI TMP461 (git-fixes).
- hwmon: (lm90) Introduce flag indicating extended temperature
  support (git-fixes).
- gpiolib: acpi: Make set-debounce-timeout failures non fatal
  (git-fixes).
- hwmon: (lm90) Add max6654 support to lm90 driver (git-fixes).
- commit 8903a1a
- firmware: arm_scpi: Fix string overflow in SCPI genpd driver
  (git-fixes).
- firmware: smccc: Fix check for ARCH_SOC_ID not implemented
  (git-fixes).
- firmware: arm_scmi: pm: Propagate return value to caller
  (git-fixes).
- firmware_loader: fix pre-allocated buf built-in firmware use
  (git-fixes).
- firmware: qcom_scm: Fix error retval in
  __qcom_scm_is_call_available() (git-fixes).
- firmware: tegra: Reduce stack usage (git-fixes).
- firmware: raspberrypi: Fix a leak in 'rpi_firmware_get()'
  (git-fixes).
- staging: fbtft: Don't spam logs when probe is deferred
  (git-fixes).
- staging: fbtft: Rectify GPIO handling (git-fixes).
- eeprom: idt_89hpesx: Restore printing the unsupported fwnode
  name (git-fixes).
- eeprom: idt_89hpesx: Put fwnode in matching case during
  - >probe() (git-fixes).
- staging: fieldbus: anybuss: jump to correct label in an error
  path (git-fixes).
- staging: emxx_udc: Fix passing of NULL to dma_alloc_coherent()
  (git-fixes).
- commit 6208a26
- drm/amdgpu: correct register access for RLC_JUMP_TABLE_RESTORE
  (git-fixes).
- drm/ast: potential dereference of null pointer (git-fixes).
- drm/syncobj: Deal with signalled fences in
  drm_syncobj_find_fence (git-fixes).
- drm/amd/display: add connector type check for CRC source set
  (git-fixes).
- drm/amd/display: Fix for the no Audio bug with Tiled Displays
  (git-fixes).
- drm/msm/dsi: set default num_data_lanes (git-fixes).
- drm/sun4i: fix unmet dependency on RESET_CONTROLLER for
  PHY_SUN6I_MIPI_DPHY (git-fixes).
- drm/amd/display: dcn20_resource_construct reduce scope of FPU
  enabled (git-fixes).
- drm/msm: prevent NULL dereference in
  msm_gpu_crashstate_capture() (git-fixes).
- commit bdadc10
- drm/msm/mdp5: fix cursor-related warnings (git-fixes).
- drm/amd/amdgpu: Increase HWIP_MAX_INSTANCE to 10 (git-fixes).
- drm/amd/display: Update bounding box states (v2) (git-fixes).
- drm/amd/display: Update number of DCN3 clock states (git-fixes).
- drm/amdkfd: Account for SH/SE count when setting up cu masks
  (git-fixes).
- drm/exynos: Always initialize mapping in
  exynos_drm_register_dma() (git-fixes).
- drm/display: fix possible null-pointer dereference in
  dcn10_set_clock() (git-fixes).
- drm/amd/display: fix incorrect CM/TF programming sequence in
  dwb (git-fixes).
- drm/amd/display: fix missing writeback disablement if plane
  is removed (git-fixes).
- drm/msm/dsi: Fix DSI and DSI PHY regulator config from SDM660
  (git-fixes).
- commit 792bcdc
- drm/msm: mdp4: drop vblank get/put from prepare/complete_commit
  (git-fixes).
- drm: xlnx: zynqmp: release reset to DP controller before
  accessing DP registers (git-fixes).
- drm: xlnx: zynqmp_dpsub: Call pm_runtime_get_sync before
  setting pixel clock (git-fixes).
- drm/amdgpu: Fix a printing message (git-fixes).
- drm/amdgpu: Fix amdgpu_ras_eeprom_init() (git-fixes).
- drm/bridge: nwl-dsi: Avoid potential multiplication overflow
  on 32-bit (git-fixes).
- drm/vc4: hdmi: Set HD_CTL_WHOLSMP and HD_CTL_CHALIGN_SET
  (git-fixes).
- commit c849561
- dmaengine: st_fdma: fix MODULE_ALIAS (git-fixes).
- dmaengine: bestcomm: fix system boot lockups (git-fixes).
- crypto: qat - fix reuse of completion variable (git-fixes).
- crypto: qat - handle both source of interrupt in VF ISR
  (git-fixes).
- crypto: omap-sham - clear dma flags only after
  omap_sham_update_dma_stop() (git-fixes).
- crypto: mxs-dcp - Use sg_mapping_iter to copy data (git-fixes).
- commit dc6c442
- ax25: NPD bug when detaching AX25 device (git-fixes).
- clk: Don't parent clks until the parent is fully registered
  (git-fixes).
- clk: qcom: regmap-mux: fix parent clock lookup (git-fixes).
- can: kvaser_usb: get CAN clock frequency from device
  (git-fixes).
- can: sja1000: fix use after free in ems_pcmcia_add_card()
  (git-fixes).
- ata: ahci: Add Green Sardine vendor ID as board_ahci_mobile
  (git-fixes).
- clk: qcom: gcc-msm8996: Drop (again) gcc_aggre1_pnoc_ahb_clk
  (git-fixes).
- crypto: qat - do not ignore errors from enable_vf2pf_comms()
  (git-fixes).
- commit 56c7fe1
- ASoC: meson: aiu: Move AIU_I2S_MISC hold setting to aiu-fifo-i2s
  (git-fixes).
- ASoC: meson: aiu: fifo: Add missing
  dma_coerce_mask_and_coherent() (git-fixes).
- ASoC: codecs: wsa881x: fix return values from kcontrol put
  (git-fixes).
- ASoC: codecs: wcd934x: return correct value from mixer put
  (git-fixes).
- ASoC: codecs: wcd934x: handle channel mappping list correctly
  (git-fixes).
- ASoC: qdsp6: q6routing: Fix return value from
  msm_routing_put_audio_mixer (git-fixes).
- ASoC: tegra: Fix kcontrol put callback in AHUB (git-fixes).
- ASoC: tegra: Fix kcontrol put callback in DSPK (git-fixes).
- ASoC: tegra: Fix kcontrol put callback in DMIC (git-fixes).
- ASoC: tegra: Fix kcontrol put callback in I2S (git-fixes).
- ASoC: tegra: Fix kcontrol put callback in ADMAIF (git-fixes).
- ASoC: tegra: Fix wrong value type in DSPK (git-fixes).
- ASoC: tegra: Fix wrong value type in DMIC (git-fixes).
- ASoC: tegra: Fix wrong value type in I2S (git-fixes).
- ASoC: tegra: Fix wrong value type in ADMAIF (git-fixes).
- ASoC: codecs: wcd934x: return error code correctly from
  hw_params (git-fixes).
- ASoC: cs42l42: Correct configuring of switch inversion from
  ts-inv (git-fixes).
- ASoC: soc-core: fix null-ptr-deref in
  snd_soc_del_component_unlocked() (git-fixes).
- amd/display: downgrade validation failure log level (git-fixes).
- ASoC: cs42l42: Use device_property API instead of of_property
  (git-fixes).
- ASoC: cs42l42: Disable regulators if probe fails (git-fixes).
- commit 4fe697d
- ALSA: hda/realtek: Fix quirk for TongFang PHxTxX1 (git-fixes).
- commit 02956db
- ALSA: hda/realtek: Add quirk for ASRock NUC Box 1100
  (git-fixes).
- commit 9c729e6
- ALSA: hda/realtek: Fix quirk for Clevo NJ51CU (git-fixes).
- ALSA: hda/hdmi: Disable silent stream on GLK (git-fixes).
- ALSA: hda/realtek: Amp init fixup for HP ZBook 15 G6
  (git-fixes).
- ALSA: jack: Check the return value of kstrdup() (git-fixes).
- ALSA: drivers: opl3: Fix incorrect use of vp->state (git-fixes).
- ALSA: hda/realtek - Add headset Mic support for Lenovo ALC897
  platform (git-fixes).
- commit d2b626b
- fget: check that the fd still exists after getting a ref to it
  (bsc#1193727 CVE-2021-4083).
- commit 9958eae
- ALSA: ctl: Fix copy of updated id with element read/write
  (git-fixes).
- ALSA: pcm: oss: Handle missing errors in
  snd_pcm_oss_change_params*() (git-fixes).
- ALSA: pcm: oss: Limit the period size to 16MB (git-fixes).
- ALSA: pcm: oss: Fix negative period/buffer sizes (git-fixes).
- ACPI: Add stubs for wakeup handler functions (git-fixes).
- ALSA: hda/realtek: Headset fixup for Clevo NH77HJQ (git-fixes).
- ALSA: usb-audio: Line6 HX-Stomp XL USB_ID for 48k-fixed quirk
  (git-fixes).
- ALSA: hda/realtek: Add a quirk for HP OMEN 15 mute LED
  (git-fixes).
- ALSA: hda/realtek: Fixes HP Spectre x360 15-eb1xxx speakers
  (git-fixes).
- commit 5e82764
- btrfs: unlock newly allocated extent buffer after error (bsc#1194001, CVE-2021-4149).
- commit 5719af8
- kprobes: Limit max data_size of the kretprobe instances
  (bsc#1193669).
- commit c7a83f7
- ipv6: use prandom_u32() for ID generation (CVE-2021-45485
  bsc#1194094).
- commit ea9f5f6
- scsi: lpfc: Update lpfc version to 14.0.0.4 (bsc#1194266).
- scsi: lpfc: Add additional debugfs support for CMF
  (bsc#1194266).
- scsi: lpfc: Cap CMF read bytes to MBPI (bsc#1194266).
- scsi: lpfc: Adjust CMF total bytes and rxmonitor (bsc#1194266).
- scsi: lpfc: Trigger SLI4 firmware dump before doing driver
  cleanup (bsc#1194266).
- scsi: lpfc: Fix NPIV port deletion crash (bsc#1194266).
- scsi: lpfc: Fix lpfc_force_rscn ndlp kref imbalance
  (bsc#1194266).
- scsi: lpfc: Change return code on I/Os received during link
  bounce (bsc#1194266).
- scsi: lpfc: Fix leaked lpfc_dmabuf mbox allocations with NPIV
  (bsc#1194266).
- commit f7f7742
- Update patches.suse/qla2xxx-synchronize-rport-dev_loss_tmo-setting.patch
  Update meta data and move the patch into the sorted section.
- commit 9223d1e
- scsi: qla2xxx: Format log strings only if needed (git-fixes).
- wireguard: ratelimiter: use kvcalloc() instead of kvzalloc()
  (git-fixes).
- wireguard: receive: drop handshakes if queue lock is contended
  (git-fixes).
- wireguard: receive: use ring buffer for incoming handshakes
  (git-fixes).
- wireguard: device: reset peer src endpoint when netns exits
  (git-fixes).
- wireguard: selftests: actually test for routing loops
  (git-fixes).
- wireguard: selftests: increase default dmesg log size
  (git-fixes).
- wireguard: allowedips: add missing __rcu annotation to satisfy
  sparse (git-fixes).
- scsi: qla2xxx: edif: Fix off by one bug in
  qla_edif_app_getfcinfo() (git-fixes).
- scsi: qla2xxx: Fix mailbox direction flags in
  qla2xxx_get_adapter_id() (git-fixes).
- scsi: qla2xxx: edif: Fix EDIF bsg (git-fixes).
- scsi: qla2xxx: edif: Increase ELS payload (git-fixes).
- scsi: qla2xxx: edif: Flush stale events and msgs on session down
  (git-fixes).
- scsi: qla2xxx: edif: Fix app start delay (git-fixes).
- scsi: qla2xxx: edif: Fix app start fail (git-fixes).
- commit f28a9ca
- inet: use bigger hash table for IP ID generation (CVE-2021-45486
  bsc#1194087).
- commit 1f316eb
- media: Revert "/media: uvcvideo: Set unique vdev name based in
  type"/ (bsc#1193255).
- commit 6d6cdd3
- net: create netdev->dev_addr assignment helpers (git-fixes).
- commit 49be0aa
- usb: gadget: u_ether: fix race in setting MAC address in setup
  phase (git-fixes).
- commit e9c3803
- block/scsi-ioctl: Fix kernel-infoleak in scsi_put_cdrom_generic_arg() (git-fixes).
- dm crypt: document encrypted keyring key option (git-fixes).
- commit 58565f2
permissions
  * setuid bit for cockpit session binary (bsc#1169614)
- Update to version 20181225:
polkit
- CVE-2021-4034: fixed a local privilege escalation in pkexec (bsc#1194568)
  added CVE-2021-4034-pkexec-fix.patch