- bind
-
- Update to release 9.16.31
This is the first of monthly updates of "/bind"/. It is planned
to update bind when a new upstream maintennace release becomes
available, which is usually towards the end of a month, see
https://www.isc.org/blogs/2021-bind-release-model/
Compared to the previous SUSE release, in this release,
53 (minor) bugs were fixed
13 (minor) functional enhancements were made
3 security issues are now fixed upstream:
CVE-2022-0396, CVE-2021-25220, CVE-2021-25219
plus a few minor changes.
For a full list of changes, please refer to the
CHANGES file in the source rpm.
This update obsoletes the following patches:
* bind-fix-build-with-older-sphinx.patch
* bind-CVE-2021-25219.patch
* bind-9.16.27-0001-CVE-2021-25220.patch
* bind-9.16.27-0002-CVE-2022-0396.patch
[bind-9.16.31.tar.xz, bind-9.16.31.tar.xz.sha512.asc,
bind-9.16.20.tar.xz, bind-9.16.20.tar.xz.sha512.asc,
bind-fix-build-with-older-sphinx.patch, bind-CVE-2021-25219.patch,
bind-9.16.27-0001-CVE-2021-25220.patch,
bind-9.16.27-0002-CVE-2022-0396.patch,
jsc#SLE-24600]
- When enabling query_logging by un-commenting an example in
bind.conf, named attempts to create a file in /var/log which
fails due to missing credentials. This also applies to the
"/dump-file"/ and the "/statistics-file"/.
This is solved by having systemd-tmpfiles create a subdirectory
"//var/log/named"/ owned by named:named and changing the file
paths accordingly:
/var/log/named_querylog -> /var/log/named/querylog
/var/log/named_dump.db -> /var/log/named/dump.db
/var/log/named.stats -> /var/log/named/stats
Also, in "/named.service"/, the ReadWritePath was changed to
include "//var/log/named"/ rather than just "/var/log"/.
[bsc#1200685, bind.spec, vendor-files/config/named.conf,
vendor-files/system/named.service]
- A non-existent initialization script (eg a leftorver
"/createNamedConfInclude"/ in /etc/sysconfig/named) may cause named
not to start. A warning message is printed in named.prep and
the fact is ignored.
Also, the return value of a failed script was not handled properly
causing a failed script to not prevent named to start. This
is now fixed properly.
[bsc#1199044, vendor-files.tar.bz2]
- dracut
-
- Update to version 055+suse.279.g3b3c36b2:
* fix(bluetooth): accept compressed firmwares in inst_multiple (bsc#1200236)
* fix(network-legacy): support rd.net.timeout.dhcp (bsc#1200360)
* fix(convertfs): ignore commented lines in fstab (bsc#1200251)
* fix(integrity): do not display any error if there is no IMA certificate (bsc#1187654)
- Update to version 055+suse.271.g70f710e4:
* fix(nfs): /var is not mounted during the transactional-update run (bsc#1184970)
* fix(nfs): give /run/rpcbind ownership to rpc user (bsc#1177461)
* fix(dracut-install): copy files preserving ownership attributes (bsc#1197967)
* fix(crypt): remove quotes from cryptsetupopts (bsc#1197635)
* fix(lvm): restore setting LVM_MD_PV_ACTIVATED (bsc#1195604)
* fix(iscsi): remove unneeded iscsi NOP-disable code (bsc#1196267)
* fix(dracut-systemd): do not require vconsole-setup.service (bsc#1195508)
* fix(bluetooth): make hostonly configuration files optional (bsc#1195047)
- gpg2
-
- Security fix [CVE-2022-34903, bsc#1201225]
- Vulnerable to status injection
- Added patch gnupg-CVE-2022-34903.patch
- gnupg-detect_FIPS_mode.patch: use AES as default cipher instead
of 3DES if we are in FIPS mode. (bsc#1196125)
- hwinfo
-
- merge gh#openSUSE/hwinfo#113
- Keep NVMe's namespace output consistency when
nvme_core.multipath=1 (bsc#1199948)
- 21.82
- kernel-default
-
- fix race between exit_itimers() and /proc/pid/timers
(git-fixes).
- commit 62d2eea
- posix-cpu-timers: Cleanup CPU timers before freeing them during exec (CVE-2022-2585 bsc#1202094).
- commit 2decf97
- x86/speculation: Add LFENCE to RSB fill sequence (bsc#1201726
CVE-2022-26373).
- commit e9f7bfc
- x86/speculation: Add RSB VM Exit protections (bsc#1201726
CVE-2022-26373).
- commit 87cc728
- sched/core: Do not requeue task on CPU excluded from cpus_mask
(bnc#1199356).
- commit f226af5
- KVM: emulate: do not adjust size of fastop and setcc subroutines
(bsc#1201930).
- commit 935d297
- kvm/emulate: Fix SETcc emulation function offsets with SLS
(bsc#1201930).
- Refresh
patches.suse/x86-kvm-Fix-SETcc-emulation-for-return-thunks.patch.
- commit 154606a
- net/sched: cls_u32: fix netns refcount changes in u32_change()
(CVE-2022-29581 bsc#1199665).
- commit 6f81977
- blacklist.conf: This is a cleanup, not fixing any bug
- commit 6f050ff
- tee: fix put order in teedev_close_context() (git-fixes).
- commit 1650ec3
- blacklist.conf: duplicate
- commit 1c70642
- random: fix typo in comments (git-fixes).
- commit 6de6114
- blacklist.conf: breaks kABI for a cleanup
- commit 678666e
- random: document add_hwgenerator_randomness() with other input
functions (git-fixes).
- commit 0fb6e8a
- Bluetooth: btusb: Add the new support IDs for WCN6855
(git-fixxes).
- Refresh
patches.suse/Bluetooth-btusb-Add-one-more-Bluetooth-part-for-WCN6.patch.
- commit 91ad5ba
- powerpc/pseries/mobility: set NMI watchdog factor during an LPM
(bsc#1201846 ltc#198761).
- powerpc/watchdog: introduce a NMI watchdog's factor (bsc#1201846
ltc#198761).
- watchdog: export lockup_detector_reconfigure (bsc#1201846
ltc#198761).
- powerpc/mobility: wait for memory transfer to complete
(bsc#1201846 ltc#198761).
- commit 4c3e250
- page_alloc: fix invalid watemark check on a negative value
(git fixes (mm/pgalloc)).
- commit 11d19f6
- VMCI: Add support for ARM64 (bsc#1199291, jsc#SLE-24635).
- commit 91f9b43
- VMCI: Release notification_bitmap in error path (bsc#1199291,
jsc#SLE-24635).
- VMCI: Check exclusive_vectors when freeing interrupt 1
(bsc#1199291, jsc#SLE-24635).
- VMCI: Fix some error handling paths in vmci_guest_probe_device()
(bsc#1199291, jsc#SLE-24635).
- VMCI: dma dg: add support for DMA datagrams receive
(bsc#1199291, jsc#SLE-24635).
- VMCI: dma dg: add support for DMA datagrams sends (bsc#1199291,
jsc#SLE-24635).
- VMCI: dma dg: allocate send and receive buffers for DMA
datagrams (bsc#1199291, jsc#SLE-24635).
- VMCI: dma dg: register dummy IRQ handlers for DMA datagrams
(bsc#1199291, jsc#SLE-24635).
- VMCI: dma dg: set OS page size (bsc#1199291, jsc#SLE-24635).
- VMCI: dma dg: detect DMA datagram capability (bsc#1199291,
jsc#SLE-24635).
- VMCI: dma dg: add MMIO access to registers (bsc#1199291,
jsc#SLE-24635).
- VMCI: dma dg: whitespace formatting change for vmci register
defines (bsc#1199291, jsc#SLE-24635).
- commit 0e13b0d
- blacklist.conf: add commit 7acae6183cf3
I blacklisted the wrong commit: instead of adding 7acae6183cf3, I added the
commit that introduced the bug fixed by it (which isn't present in SLE15-SP4).
- commit 8ec5489
- net: mscc: ocelot: fix backwards compatibility with single-chain
tc-flower offload (git-fixes).
- commit 5dd0ec2
- net: bcmgenet: skip invalid partial checksums (git-fixes).
- commit af8e915
- ice: Fix race condition during interface enslave (git-fixes).
- commit 873e269
- net: bcmgenet: Don't claim WOL when its not available
(git-fixes).
- commit a981d90
- net: marvell: prestera: Add missing of_node_put() in
prestera_switch_set_base_mac_addr (git-fixes).
- commit 4aa2b33
- net: ethernet: lpc_eth: Handle error for clk_enable (git-fixes).
- commit b08b10f
- net: ethernet: ti: cpts: Handle error for clk_enable
(git-fixes).
- commit 549b785
- ice: Fix error with handling of bonding MTU (git-fixes).
- commit 03f6b8d
- ice: stop disabling VFs due to PF error responses (git-fixes).
- commit 13b5865
- ethernet: Fix error handling in xemaclite_of_probe (git-fixes).
- commit 1b69809
- net: dsa: mt7530: fix incorrect test in
mt753x_phylink_validate() (git-fixes).
- commit 8344b36
- spi: bcm2835: bcm2835_spi_handle_err(): fix NULL pointer deref
for non DMA transfers (git-fixes).
- commit 2faff78
- i2c: cadence: Change large transfer count reset logic to be
unconditional (git-fixes).
- i2c: mlxcpld: Fix register setting for 400KHz frequency
(git-fixes).
- gpio: gpio-xilinx: Fix integer overflow (git-fixes).
- gpio: pca953x: use the correct register address when regcache
sync during init (git-fixes).
- gpio: pca953x: use the correct range when do regmap sync
(git-fixes).
- gpio: pca953x: only use single read/write for No AI mode
(git-fixes).
- drm/imx/dcss: Add missing of_node_put() in fail path
(git-fixes).
- drm/ttm: fix locking in vmap/vunmap TTM GEM helpers (git-fixes).
- commit 7a76772
- Update kabi files: import symvers from MU 5.14.21-150400.24.11
- commit 5ac1ff2
- r8152: fix a WOL issue (git-fixes).
- docs: net: dsa: re-explain what port_fdb_dump actually does
(git-fixes).
- docs: net: dsa: delete port_mdb_dump (git-fixes).
- docs: net: dsa: remove port_vlan_dump (git-fixes).
- docs: net: dsa: document port_fast_age (git-fixes).
- docs: net: dsa: document port_setup and port_teardown
(git-fixes).
- docs: net: dsa: document the teardown method (git-fixes).
- docs: net: dsa: document change_tag_protocol (git-fixes).
- docs: net: dsa: add more info about the other arguments to
get_tag_protocol (git-fixes).
- docs: net: dsa: rename tag_protocol to get_tag_protocol
(git-fixes).
- docs: net: dsa: document the shutdown behavior (git-fixes).
- docs: net: dsa: update probing documentation (git-fixes).
- Revert "/e1000e: Fix possible HW unit hang after an s0ix exit"/
(git-fixes).
- e1000e: Enable GPT clock before sending message to CSME
(git-fixes).
- USB: serial: ftdi_sio: add Belimo device ids (git-fixes).
- serial: 8250: fix return error code in
serial8250_request_std_resource() (git-fixes).
- tty: serial: samsung_tty: set dma burst_size to 1 (git-fixes).
- drm/i915/gt: Serialize GRDOM access between multiple engine
resets (git-fixes).
- wifi: mac80211: fix queue selection for mesh/OCB interfaces
(git-fixes).
- pinctrl: aspeed: Fix potential NULL dereference in
aspeed_pinmux_set_mux() (git-fixes).
- irqchip: or1k-pic: Undefine mask_ack for level triggered
hardware (git-fixes).
- ASoC: madera: Fix event generation for rate controls
(git-fixes).
- ASoC: madera: Fix event generation for OUT1 demux (git-fixes).
- ASoC: cs47l15: Fix event generation for low power mux control
(git-fixes).
- ASoC: dapm: Initialise kcontrol data for mux/demux controls
(git-fixes).
- ASoC: rt711-sdca: fix kernel NULL pointer dereference when IO
error (git-fixes).
- ASoC: wm5110: Fix DRE control (git-fixes).
- ASoC: Intel: bytcr_wm5102: Fix GPIO related probe-ordering
problem (git-fixes).
- ASoC: wcd938x: Fix event generation for some controls
(git-fixes).
- ASoC: SOF: Intel: hda-loader: Clarify the cl_dsp_init() flow
(git-fixes).
- ASoC: codecs: rt700/rt711/rt711-sdca: initialize workqueues
in probe (git-fixes).
- ASoC: rt7*-sdw: harden jack_detect_handler (git-fixes).
- soc: ixp4xx/npe: Fix unused match warning (git-fixes).
- cpufreq: pmac32-cpufreq: Fix refcount leak bug (git-fixes).
- NFC: nxp-nci: don't print header length mismatch on i2c error
(git-fixes).
- platform/x86: hp-wmi: Ignore Sanitization Mode event
(git-fixes).
- virtio_mmio: Restore guest page size on resume (git-fixes).
- virtio_mmio: Add missing PM calls to freeze/restore (git-fixes).
- cpufreq: mediatek: Unregister platform device on exit
(git-fixes).
- cpufreq: mediatek: Use module_init and add module_exit
(git-fixes).
- drm/i915/dg2: Add Wa_22011100796 (git-fixes).
- drm/i915: Require the vm mutex for i915_vma_bind() (git-fixes).
- drm/i915/uc: correctly track uc_fw init failure (git-fixes).
- commit 4bd213d
- ARM: 9214/1: alignment: advance IT state after emulating Thumb
instruction (git-fixes).
- ARM: 9213/1: Print message about disabled Spectre workarounds
only once (git-fixes).
- ALSA: hda/realtek - Enable the headset-mic on a Xiaomi's laptop
(git-fixes).
- ALSA: hda/realtek - Fix headset mic problem for a HP machine
with alc221 (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for HP machines
(git-fixes).
- ALSA: hda/realtek - Fix headset mic problem for a HP machine
with alc671 (git-fixes).
- ALSA: hda - Add fixup for Dell Latitidue E5430 (git-fixes).
- ALSA: hda/conexant: Apply quirk for another HP ProDesk 600 G3
model (git-fixes).
- ALSA: hda/realtek: Fix headset mic for Acer SF313-51
(git-fixes).
- ASoC: rt711: fix calibrate mutex initialization (git-fixes).
- ASoC: Intel: sof_sdw: handle errors on card registration
(git-fixes).
- ASoC: rt711-sdca-sdw: fix calibrate mutex initialization
(git-fixes).
- ASoC: Realtek/Maxim SoundWire codecs: disable pm_runtime on
remove (git-fixes).
- ASoC: ops: Fix off by one in range control validation
(git-fixes).
- ALSA: usb-audio: Add quirk for Fiero SC-01 (fw v1.0.0)
(git-fixes).
- ALSA: usb-audio: Add quirk for Fiero SC-01 (git-fixes).
- ALSA: usb-audio: Add quirks for MacroSilicon MS2100/MS2106
devices (git-fixes).
- ARM: dts: stm32: use the correct clock source for CEC on
stm32mp151 (git-fixes).
- commit 65713d7
- Move upstreamed be2net patch into sorted section
- commit c55a187
- Drop doubly applied arm64 dts patch
Delete patches.suse/arm64-dts-broadcom-bcm4908-Fix-timer-node-for-BCM4906-SoC.patch
- commit efd9176
- net: macb: Fix lost RX packet wakeup race in NAPI receive (git-fixes).
- commit eb2677a
- net: ipa: add an interconnect dependency (git-fixes).
- commit 94e475f
- net: stmmac: fix return value of __setup handler (git-fixes).
- commit 3c858ea
- net: sxgbe: fix return value of __setup handler (git-fixes).
- commit 723d359
- net: sparx5: Fix add vlan when invalid operation (git-fixes).
- commit 1d88b17
- net: chelsio: cxgb3: check the return value of
pci_find_capability() (git-fixes).
- commit 74c8cc9
- net: mv643xx_eth: process retval from of_get_mac_address
(git-fixes).
- commit 810f895
- net: ll_temac: check the return value of devm_kmalloc()
(git-fixes).
- commit 093ee20
- net: dsa: lan9303: add VLAN IDs to master device (git-fixes).
- commit 13c2302
- Revert "/net: ethernet: bgmac: Use
devm_platform_ioremap_resource_byname"/ (git-fixes).
- commit 411126e
- dpaa2-eth: Initialize mutex used in one step timestamping path
(git-fixes).
- commit b952b7a
- net: ieee802154: ca8210: Fix lifs/sifs periods (git-fixes).
- commit 7bd7001
- blacklist.conf: add ARCnet drivers
- commit 1614d85
- Sort patches from bsc#1201323
- commit 4165437
- Refresh
patches.suse/x86-bugs-Do-not-enable-IBPB-on-entry-when-IBPB-is-not-supp.patch.
- commit c3b4451
- lockdown: Fix kexec lockdown bypass with ima policy
(CVE-2022-21505 bsc#1201458).
- commit 5f6e1e5
- kernel-obs-build: include qemu_fw_cfg (boo#1201705)
- commit e2263d4
- scsi: make sure that request queue queiesce and unquiesce
balanced (bsc#1201651).
Refresh:
- patches.kabi/blk-mq-fix-kabi-support-concurrent-queue-quiesce-unquiesce.patch
- patches.kabi/kABI-fix-adding-field-to-scsi_device.patch
- patches.suse/scsi-core-sd-Add-silence_suspend-flag-to-suppress-some-PM-messages.patch
- scsi: avoid to quiesce sdev->request_queue two times
(bsc#1201651).
- dm: don't stop request queue after the dm device is suspended
(bsc#1201651).
- commit 4dedd62
- kabi/severities: add intel ice
- commit 77a60f8
- Delete patches.suse/xhci-turn-off-port-power-in-shutdown.patch
(bsc#1201691)
This patch leads to a failure to power off.
https://bugzilla.kernel.org/show_bug.cgi?id=216243
- commit f2d59c9
- i2c: smbus: Check for parent device before dereference
(git-fixes).
- net: dsa: mv88e6xxx: fix use-after-free in
mv88e6xxx_mdios_unregister (git-fixes).
- net: usb: qmi_wwan: add Telit 0x1070 composition (git-fixes).
- net: usb: qmi_wwan: add Telit 0x1060 composition (git-fixes).
- commit c96154e
- net: dsa: mv88e6xxx: flush switchdev FDB workqueue before
removing VLAN (git-fixes).
- commit c4e0776
- net: dsa: lan9303: fix reset on probe (git-fixes).
- commit 33805f1
- ice: Avoid RTNL lock when re-creating auxiliary device
(git-fixes).
- commit c168b96
- net: mscc: ocelot: fix mutex lock error during ethtool stats
read (git-fixes).
- commit ceff3da
- dpaa2-eth: unregister the netdev before disconnecting from
the PHY (git-fixes).
- commit c46c86b
- net: amd-xgbe: disable interrupts during pci removal
(git-fixes).
- commit c2f5c50
- net: mdio: aspeed: Add missing MODULE_DEVICE_TABLE (git-fixes).
- commit 1ebdd4d
- net: dsa: lantiq_gswip: don't use devres for mdiobus
(git-fixes).
- commit 93f4a90
- net: dsa: mt7530: fix kernel bug in mdiobus_free() when
unbinding (git-fixes).
- commit 76cc859
- ethtool: Fix get module eeprom fallback (bsc#1201323).
- commit f5666fa
- nvme: wait until quiesce is done (bsc#1201651).
- blk-mq: add one API for waiting until quiesce is done
(bsc#1201651).
- commit d28bf38
- arm64: cpufeature: add HWCAP for FEAT_RPRES (git-fixes)
Refresh patches.suse/0019-arm64-Use-the-clearbhb-instruction-in-mitigations.patch
- commit cbc315a
- arm64: cpufeature: add HWCAP for FEAT_AFP (git-fixes)
- commit b3a2425
- blk-mq: fix kabi support concurrent queue quiesce unquiesce
(bsc#1201651).
- commit def3ab7
- net: dsa: felix: don't use devres for mdiobus (git-fixes).
- commit a03978a
- net: dsa: bcm_sf2: don't use devres for mdiobus (git-fixes).
- commit 682abc6
- net: dsa: ar9331: register the mdiobus under devres (git-fixes).
- commit 6f8e329
- net: dsa: mv88e6xxx: don't use devres for mdiobus (git-fixes).
- commit 61ee304
- gve: Recording rx queue before sending to napi (git-fixes).
- commit 6edbff0
- ixgbevf: Require large buffers for build_skb on 82599VF
(git-fixes).
- commit 2479d47
- net: sparx5: Fix get_stat64 crash in tcpdump (git-fixes).
- commit ea855e1
- net: stmmac: ensure PTP time register reads are consistent
(git-fixes).
- commit 993d341
- net: macsec: Verify that send_sci is on when setting Tx sci
explicitly (git-fixes).
- commit 3b02b3e
- net: macsec: Fix offload support for NETDEV_UNREGISTER event
(git-fixes).
- commit d048544
- net: stmmac: dump gmac4 DMA registers correctly (git-fixes).
- commit 741baff
- blk-mq: support concurrent queue quiesce/unquiesce
(bsc#1201651).
- nvme: loop: clear NVME_CTRL_ADMIN_Q_STOPPED after admin queue
is reallocated (bsc#1201651).
- nvme: paring quiesce/unquiesce (bsc#1201651).
- nvme: prepare for pairing quiescing and unquiescing
(bsc#1201651).
- nvme: apply nvme API to quiesce/unquiesce admin queue
(bsc#1201651).
- nvme: add APIs for stopping/starting admin queue (bsc#1201651).
- commit 6f75240
- net: dsa: mt7530: make NET_DSA_MT7530 select MEDIATEK_GE_PHY
(git-fixes).
- commit c68ab05
- be2net: Fix buffer overflow in be_get_module_eeprom
(bsc#1201323).
- commit 46a7cc8
- net: stmmac: properly handle with runtime pm in
stmmac_dvr_remove() (git-fixes).
- commit 904137a
- net: ieee802154: ca8210: Stop leaking skb's (git-fixes).
- commit fe79137
- Input: i8042 - Apply probe defer to more ASUS ZenBook models
(bsc#1190256).
- commit cf06848
- net: ieee802154: mcr20a: Fix lifs/sifs periods (git-fixes).
- commit 92bd067
- net: ieee802154: hwsim: Ensure proper channel selection at
probe time (git-fixes).
- commit 7ae5bdc
- tun: fix bonding active backup with arp monitoring (git-fixes).
- commit cf865a3
- Update patch references for fbcon fixes (CVE-2021-33655 bsc#1201635)
- commit eb3d075
- supported.conf: rvu_mbox as supported (jsc#SLE-24682)
- commit f21578a
- blacklist.conf: Add memcg/rstat optimizations 11192d9c124d fd25a9e0e23b 5b3be698a872
- commit 932b7ef
- blacklist.conf: Add 26d5badbccdd signal: Implement force_fatal_sig
- commit 1fe0fd9
- nbd: fix possible overflow on 'first_minor' in nbd_dev_add()
(git-fixes).
- md: bcache: check the return value of kzalloc() in
detached_dev_do_request() (git-fixes).
- commit e2af2db
- kABI workaround for snd-soc-rt5682-* (git-fixes).
- kabi/severities: ignore dropped symbol rt5682_headset_detect
- commit 5e19e6d
- net: stmmac: dwmac-visconti: No change to ETHER_CLOCK_SEL for
unexpected speed request (git-fixes).
- commit 59356c4
- net: amd-xgbe: ensure to reset the tx_timer_active flag
(git-fixes).
- commit 3831453
- net: amd-xgbe: Fix skb data length underflow (git-fixes).
- commit 50d3988
- net: stmmac: skip only stmmac_ptp_register when resume from
suspend (git-fixes).
- commit b59b0a9
- blacklist: added commit e1a4541ec0b9
- commit 7d0447e
- net: stmmac: configure PTP clock source prior to PTP
initialization (git-fixes).
- commit 6cefa9d
- libceph: fix potential use-after-free on linger ping and resends
(bsc#1201596).
- ceph: fix up non-directory creation in SGID directories
(bsc#1201595).
- commit 8aa4851
- net: cpsw: Properly initialise struct page_pool_params
(git-fixes).
- commit d65aa35
- net: sfp: ignore disabled SFP node (git-fixes).
- commit 5b8ce08
- octeontx2-pf: Forward error codes to VF (git-fixes).
- commit 562327e
- octeontx2-af: cn10k: Do not enable RPM loopback for LPC
interfaces (git-fixes).
- commit b549cad
- octeontx2-af: Do not fixup all VF action entries (git-fixes).
- commit dd1aa95
- net: stmmac: dwmac-visconti: Fix clock configuration for RMII
mode (git-fixes).
- commit e3e3f07
- net: stmmac: dwmac-visconti: Fix bit definitions for
ETHER_CLK_SEL (git-fixes).
- commit 1470b40
- net/fsl: xgmac_mdio: Fix incorrect iounmap when removing module
(git-fixes).
- commit f842d14
- net/fsl: xgmac_mdio: Add workaround for erratum A-009885
(git-fixes).
- commit 6cf1273
- net: mscc: ocelot: fix using match before it is set (git-fixes).
- commit 78b3f03
- net: cpsw: avoid alignment faults by taking NET_IP_ALIGN into
account (git-fixes).
- commit cfa26bb
- net: axienet: increase default TX ring size to 128 (git-fixes).
- commit d910ea1
- net: axienet: fix for TX busy handling (git-fixes).
- commit 99e0d80
- net: axienet: fix number of TX ring slots for available check
(git-fixes).
- commit 0c7e435
- fuse: annotate lock in fuse_reverse_inval_entry() (bsc#1201593).
- fuse: make sure reclaim doesn't write the inode (bsc#1201592).
- commit 938aae2
- net: axienet: Fix TX ring slot available check (git-fixes).
- commit c151ff3
- net: axienet: limit minimum TX ring size (git-fixes).
- commit 13afdcb
- net: axienet: add missing memory barriers (git-fixes).
- commit d466816
- net: axienet: Wait for PhyRstCmplt after core reset (git-fixes).
- commit 7c11a1f
- net: axienet: increase reset timeout (git-fixes).
- commit 5cd6041
- net: sfp: fix high power modules without diagnostic monitoring
(git-fixes).
- commit 8a29229
- net: ethernet: mtk_eth_soc: fix error checking in
mtk_mac_config() (git-fixes).
- commit 7d643fb
- bcmgenet: add WOL IRQ check (git-fixes).
- commit d56437b
- net: ipa: prevent concurrent replenish (git-fixes).
- commit 63abe4d
- net: ipa: use a bitmap for endpoint replenish_enabled
(git-fixes).
- commit 4d71717
- net: ipa: fix atomic update in ipa_endpoint_replenish()
(git-fixes).
- commit f58c0c8
- fsl/fman: Check for null pointer after calling devm_ioremap
(git-fixes).
- commit 2af3cae
- rocker: fix a sleeping in atomic bug (git-fixes).
- commit 75f1355
- kABI workaround for phy_device changes (git-fixes).
- commit 91e246e
- mm: swap: get rid of livelock in swapin readahead (git fixes
(mm/swap)).
- mm: don't try to NUMA-migrate COW pages that have other uses
(git fixes (mm/numa)).
- mm/large system hash: avoid possible NULL deref in
alloc_large_system_hash (git fixes (mm/pgalloc)).
- mm/vmalloc: make sure to dump unpurged areas in
/proc/vmallocinfo (git fixes (mm/vmalloc)).
- mm/vmalloc: repair warn_alloc()s in __vmalloc_area_node()
(git fixes (mm/vmalloc)).
- kasan: fix tag for large allocations when using CONFIG_SLAB
(git fixes (mm/kasan)).
- mm/vmalloc: fix numa spreading for large hash tables (git fixes
(mm/vmalloc)).
- mm/secretmem: avoid letting secretmem_users drop to zero
(git fixes (mm/secretmem)).
- memcg: page_alloc: skip bulk allocator for __GFP_ACCOUNT
(git fixes (mm/pgalloc)).
- commit 4d0f0a6
- Update patch metadata and move to sorted section
patches.suse/mm-page_alloc-Do-not-prefetch-buddies-during-bulk-free.patch.
patches.suse/mm-page_alloc-Drain-the-requested-list-first-during-bulk-free.patch.
patches.suse/mm-page_alloc-Fetch-the-correct-pcp-buddy-during-bulk-free.patch.
patches.suse/mm-page_alloc-Free-pages-in-a-single-pass-during-bulk-free.patch.
patches.suse/mm-page_alloc-Limit-number-of-high-order-pages-on-PCP-during-bulk-free.patch.
patches.suse/mm-page_alloc-Simplify-how-many-pages-are-selected-per-pcp-list-during-bulk-free.patch.
patches.suse/mm-page_alloc-Track-range-of-active-PCP-lists-during-bulk-free.patch.
- commit 14b9fbe
- usbnet: fix memory leak in error case (git-fixes).
- commit 7372d17
- arm64: dts: broadcom: bcm4908: Fix timer node for BCM4906 SoC (git-fixes)
- commit 9119799
- rpm/modules.fips: add ecdsa_generic (jsc#SLE-21132,bsc#1201258).
- commit 0d8f996
- arm64: mm: Don't invalidate FROM_DEVICE buffers at start of DMA transfer (git-fixes)
- commit 3250248
- crypto: testmgr - allow ecdsa-nist in FIPS mode
(jsc#SLE-21132,bsc#1201258).
- commit d8e5343
- blacklist.conf: ffc95a46: CONFIG_SLAB not set in config
- commit d12fa0c
- cpuidle: PSCI: Move the `has_lpi` check to the beginning of the (git-fixes)
- commit 3919bf9
- usb: typec: add missing uevent when partner support PD
(git-fixes).
- usb: dwc3: gadget: Fix event pending check (git-fixes).
- vt: fix memory overlapping when deleting chars in the buffer
(git-fixes).
- wifi: mac80211_hwsim: set virtio device ready in probe()
(git-fixes).
- sysctl: Fix data-races in proc_dointvec_ms_jiffies()
(git-fixes).
- sysctl: Fix data-races in proc_dou8vec_minmax() (git-fixes).
- sysctl: Fix data races in proc_dointvec_jiffies() (git-fixes).
- sysctl: Fix data races in proc_doulongvec_minmax() (git-fixes).
- sysctl: Fix data races in proc_douintvec_minmax() (git-fixes).
- sysctl: Fix data races in proc_dointvec_minmax() (git-fixes).
- video: of_display_timing.h: include errno.h (git-fixes).
- commit 2f456a6
- serial: 8250: Fix PM usage_count for console handover
(git-fixes).
- serial: stm32: Clear prev values before setting RTS delays
(git-fixes).
- serial: pl011: UPSTAT_AUTORTS requires .throttle/unthrottle
(git-fixes).
- spi: amd: Limit max transfer and message size (git-fixes).
- reset: Fix devm bulk optional exclusive control getter
(git-fixes).
- sysctl: Fix data races in proc_douintvec() (git-fixes).
- sysctl: Fix data races in proc_dointvec() (git-fixes).
- Revert "/serial: sc16is7xx: Clear RS485 bits in the shutdown"/
(git-fixes).
- serial: sc16is7xx: Clear RS485 bits in the shutdown (git-fixes).
- commit f48404b
- power/reset: arm-versatile: Fix refcount leak in
versatile_reboot_probe (git-fixes).
- raw: Fix a data-race around sysctl_raw_l3mdev_accept
(git-fixes).
- misc: rtsx_usb: set return value in rsp_buf alloc err path
(git-fixes).
- r8169: fix accessing unset transport header (git-fixes).
- net: rose: fix UAF bug caused by rose_t0timer_expiry
(git-fixes).
- pinctrl: sunxi: sunxi_pconf_set: use correct offset (git-fixes).
- pinctrl: sunxi: a83t: Fix NAND function name for some pins
(git-fixes).
- net: phy: Don't trigger state machine while in suspend
(git-fixes).
- mt76: mt7921: get rid of mt7921_mac_set_beacon_filter
(git-fixes).
- commit 8948cad
- kABI workaround for rtsx_usb (git-fixes).
- commit ea7f901
- ima: Fix potential memory leak in ima_init_crypto() (git-fixes).
- ima: force signature verification when CONFIG_KEXEC_SIG is
configured (git-fixes).
- ima: Fix a potential integer overflow in
ima_appraise_measurement (git-fixes).
- ida: don't use BUG_ON() for debugging (git-fixes).
- misc: rtsx_usb: use separate command and response buffers
(git-fixes).
- misc: rtsx_usb: fix use of dma mapped buffer for usb bulk
transfer (git-fixes).
- i2c: cadence: Unregister the clk notifier in error path
(git-fixes).
- i2c: piix4: Fix a memory leak in the EFCH MMIO support
(git-fixes).
- memregion: Fix memregion_free() fallback definition (git-fixes).
- Input: cpcap-pwrbutton - handle errors from platform_get_irq()
(git-fixes).
- commit 41d4678
- efi/x86: use naked RET on mixed mode call wrapper (git-fixes).
- dt-bindings: dma: allwinner,sun50i-a64-dma: Fix min/max typo
(git-fixes).
- fbmem: Check virtual screen sizes in fb_set_var() (git-fixes).
- fbcon: Prevent that screen size is smaller than font size
(git-fixes).
- fbcon: Disallow setting font bigger than screen size
(git-fixes).
- fbdev: fbmem: Fix logo center image dx issue (git-fixes).
- hwmon: (occ) Prevent power cap command overwriting poll response
(git-fixes).
- dt-bindings: soc: qcom: smd-rpm: Fix missing MSM8936 compatible
(git-fixes).
- hwmon: (occ) Remove sequence numbering and checksum calculation
(git-fixes).
- dt-bindings: soc: qcom: smd-rpm: Add compatible for MSM8953 SoC
(git-fixes).
- commit 5a5128b
- drm/amd/display: Only use depth 36 bpp linebuffers on DCN
display engines (git-fixes).
- drm/i915/gt: Serialize TLB invalidates with GT resets
(git-fixes).
- drm/i915/selftests: fix a couple IS_ERR() vs NULL tests
(git-fixes).
- drm/i915/gvt: IS_ERR() vs NULL bug in
intel_gvt_update_reg_whitelist() (git-fixes).
- drm/panfrost: Fix shrinker list corruption by madvise IOCTL
(git-fixes).
- drm/panfrost: Put mapping instead of shmem obj on
panfrost_mmu_map_fault_addr() error (git-fixes).
- drm/i915: fix a possible refcount leak in
intel_dp_add_mst_connector() (git-fixes).
- dmaengine: lgm: Fix an error handling path in intel_ldma_probe()
(git-fixes).
- dmaengine: pl330: Fix lockdep warning about non-static key
(git-fixes).
- dmaengine: at_xdma: handle errors of at_xdmac_alloc_desc()
correctly (git-fixes).
- dmaengine: qcom: bam_dma: fix runtime PM underflow (git-fixes).
- dmaengine: imx-sdma: Allow imx8m for imx7 FW revs (git-fixes).
- drm/amdgpu: To flush tlb for MMHUB of RAVEN series (git-fixes).
- drm/amd/display: Fix by adding FPU protection for
dcn30_internal_validate_bw (git-fixes).
- drm/amd/vcn: fix an error msg on vcn 3.0 (git-fixes).
- drm/i915: Fix a race between vma / object destruction and
unbinding (git-fixes).
- drm/mediatek: Detect CMDQ execution timeout (git-fixes).
- drm/mediatek: Remove the pointer of struct cmdq_client
(git-fixes).
- drm/mediatek: Use mailbox rx_callback instead of cmdq_task_cb
(git-fixes).
- drm/amd/display: Set min dcfclk if pipe count is 0 (git-fixes).
- commit d7feb0b
- dmaengine: ti: Add missing put_device in
ti_dra7_xbar_route_allocate (git-fixes).
- dmaengine: ti: Fix refcount leak in ti_dra7_xbar_route_allocate
(git-fixes).
- can: mcp251xfd: mcp251xfd_regmap_crc_read(): update workaround
broken CRC on TBC register (git-fixes).
- can: mcp251xfd: mcp251xfd_regmap_crc_read(): improve workaround
handling for mcp2517fd (git-fixes).
- can: m_can: m_can_chip_config(): actually enable internal
timestamping (git-fixes).
- can: grcan: grcan_probe(): remove extra of_node_get()
(git-fixes).
- can: gs_usb: gs_usb_open/close(): fix memory leak (git-fixes).
- Revert "/can: xilinx_can: Limit CANFD brp to 2"/ (git-fixes).
- can: bcm: use call_rcu() instead of costly synchronize_rcu()
(git-fixes).
- batman-adv: Use netif_rx() (git-fixes).
- commit ee36772
- ASoC: Intel: Skylake: Correct the handling of fmt_config
flexible array (git-fixes).
- ASoC: Intel: Skylake: Correct the ssp rate discovery in
skl_get_ssp_clks() (git-fixes).
- ASoC: tas2764: Fix amp gain register offset & default
(git-fixes).
- ASoC: tas2764: Correct playback volume range (git-fixes).
- ASoC: tas2764: Fix and extend FSYNC polarity handling
(git-fixes).
- ASoC: tas2764: Add post reset delays (git-fixes).
- ASoC: sgtl5000: Fix noise on shutdown/remove (git-fixes).
- ASoC: Remove unused hw_write_t type (git-fixes).
- ASoC: codecs: rt700/rt711/rt711-sdca: resume bus/codec in
.set_jack_detect (git-fixes).
- ASoC: rt711-sdca: Add endianness flag in
snd_soc_component_driver (git-fixes).
- commit 46eda4a
- arm64: Add HWCAP for self-synchronising virtual counter (git-fixes)
- commit e9387c5
- ASoC: rt5682: Fix deadlock on resume (git-fixes).
- Refresh
patches.suse/ASoC-rt5682-do-not-block-workqueue-if-card-is-unboun.patch.
- commit b58000f
- ASoC: rt5682: Re-detect the combo jack after resuming
(git-fixes).
- Refresh
patches.suse/ASoC-rt5682-do-not-block-workqueue-if-card-is-unboun.patch.
- commit e602e5e
- arm64: dts: broadcom: bcm4908: Fix cpu node for smp boot
(git-fixes).
- arm64: dts: broadcom: bcm4908: Fix timer node for BCM4906 SoC
(git-fixes).
- ARM: dts: imx6qdl-ts7970: Fix ngpio typo and count (git-fixes).
- arm64: dts: rockchip: Assign RK3399 VDU clock rate (git-fixes).
- ASoC: rt711: Add endianness flag in snd_soc_component_driver
(git-fixes).
- ASoC: rt5682: fix an incorrect NULL check on list iterator
(git-fixes).
- ASoC: rt5682: Avoid the unexpected IRQ event during going to
suspend (git-fixes).
- ASoC: rt5682: move clk related code to rt5682_i2c_probe
(git-fixes).
- commit 9f44c25
- ARM: dts: sunxi: Fix SPI NOR campatible on Orange Pi Zero
(git-fixes).
- ARM: dts: at91: sama5d2: Fix typo in i2s1 node (git-fixes).
- ACPI: video: Fix acpi_video_handles_brightness_key_presses()
(git-fixes).
- ARM: 9210/1: Mark the FDT_FIXED sections as shareable
(git-fixes).
- ARM: 9209/1: Spectre-BHB: avoid pr_info() every time a CPU
comes out of idle (git-fixes).
- ACPI: CPPC: Only probe for _CPC if CPPC v2 is acked (git-fixes).
- ALSA: hda/realtek: Add quirk for Clevo L140PU (git-fixes).
- ALSA: usb-audio: Workarounds for Behringer UMC 204/404 HD
(git-fixes).
- commit 72aed94
- Move upstreamed netfilter and tty patches to sorted section
- commit 9d5e117
- x86/bugs: Remove apostrophe typo (bsc#1190497).
- commit 0e5e638
- Sort in RETbleed backport into the sorted section
Now that it is upstream...
- Refresh
patches.suse/KVM-VMX-Convert-launched-argument-to-flags.patch.
- Refresh
patches.suse/KVM-VMX-Fix-IBRS-handling-after-vmexit.patch.
- Refresh patches.suse/KVM-VMX-Flatten-__vmx_vcpu_run.patch.
- Refresh
patches.suse/KVM-VMX-Prevent-RSB-underflow-before-vmenter.patch.
- Refresh
patches.suse/KVM-VMX-Prevent-guest-RSB-poisoning-attacks-with-eIBRS.patch.
- Refresh
patches.suse/intel_idle-Disable-IBRS-during-long-idle.patch.
- Refresh patches.suse/objtool-Add-entry-UNRET-validation.patch.
- Refresh
patches.suse/objtool-Re-add-UNWIND_HINT_-SAVE_RESTORE.patch.
- Refresh
patches.suse/objtool-Treat-.text.__x86.-as-noinstr.patch.
- Refresh patches.suse/objtool-Update-Retpoline-validation.patch.
- Refresh patches.suse/x86-Add-magic-AMD-return-thunk.patch.
- Refresh patches.suse/x86-Undo-return-thunk-damage.patch.
- Refresh patches.suse/x86-Use-return-thunk-in-asm-code.patch.
- Refresh patches.suse/x86-bpf-Use-alternative-RET-encoding.patch.
- Refresh
patches.suse/x86-bugs-Add-AMD-retbleed-boot-parameter.patch.
- Refresh
patches.suse/x86-bugs-Add-Cannon-lake-to-RETBleed-affected-CPU-list.patch.
- Refresh patches.suse/x86-bugs-Add-retbleed-ibpb.patch.
- Refresh
patches.suse/x86-bugs-Do-IBPB-fallback-check-only-once.patch.
- Refresh
patches.suse/x86-bugs-Do-not-enable-IBPB-on-entry-when-IBPB-is-not-supp.patch.
- Refresh patches.suse/x86-bugs-Enable-STIBP-for-JMP2RET.patch.
- Refresh
patches.suse/x86-bugs-Keep-a-per-CPU-IA32_SPEC_CTRL-value.patch.
- Refresh
patches.suse/x86-bugs-Optimize-SPEC_CTRL-MSR-writes.patch.
- Refresh
patches.suse/x86-bugs-Report-AMD-retbleed-vulnerability.patch.
- Refresh
patches.suse/x86-bugs-Report-Intel-retbleed-vulnerability.patch.
- Refresh
patches.suse/x86-bugs-Split-spectre_v2_select_mitigation-and-spectre_v2.patch.
- Refresh
patches.suse/x86-common-Stamp-out-the-stepping-madness.patch.
- Refresh patches.suse/x86-cpu-amd-Add-Spectral-Chicken.patch.
- Refresh patches.suse/x86-cpu-amd-Enumerate-BTC_NO.patch.
- Refresh
patches.suse/x86-cpufeatures-Move-RETPOLINE-flags-to-word-11.patch.
- Refresh
patches.suse/x86-entry-Add-kernel-IBRS-implementation.patch.
- Refresh
patches.suse/x86-ftrace-Use-alternative-RET-encoding.patch.
- Refresh
patches.suse/x86-kvm-Fix-SETcc-emulation-for-return-thunks.patch.
- Refresh patches.suse/x86-kvm-vmx-Make-noinstr-clean.patch.
- Refresh patches.suse/x86-objtool-Create-.return_sites.patch.
- Refresh patches.suse/x86-retpoline-Cleanup-some-ifdefery.patch.
- Refresh
patches.suse/x86-retpoline-Swizzle-retpoline-thunk.patch.
- Refresh patches.suse/x86-retpoline-Use-mfunction-return.patch.
- Refresh
patches.suse/x86-sev-Avoid-using-__x86_return_thunk.patch.
- Refresh
patches.suse/x86-speculation-Add-spectre_v2-ibrs-option-to-support-Kern.patch.
- Refresh
patches.suse/x86-speculation-Fill-RSB-on-vmexit-for-IBRS.patch.
- Refresh
patches.suse/x86-speculation-Fix-RSB-filling-with-CONFIG_RETPOLINE-n.patch.
- Refresh
patches.suse/x86-speculation-Fix-SPEC_CTRL-write-on-SMT-state-change.patch.
- Refresh
patches.suse/x86-speculation-Fix-firmware-entry-SPEC_CTRL-handling.patch.
- Refresh
patches.suse/x86-speculation-Remove-x86_spec_ctrl_mask.patch.
- Refresh
patches.suse/x86-speculation-Use-cached-host-SPEC_CTRL-value-for-guest-.patch.
- Refresh
patches.suse/x86-static_call-Use-alternative-RET-encoding.patch.
- Refresh
patches.suse/x86-vsyscall_emu-64-Don-t-use-RET-in-vsyscall-emulation.patch.
- Refresh patches.suse/x86-xen-Rename-SYS-entry-points.patch.
- commit cc67fa3
- kABI: fix adding field to ufs_hba (git-fixes).
- kABI: fix adding field to scsi_device (git-fixes).
- scsi: iscsi: Exclude zero from the endpoint ID range
(git-fixes).
- scsi: scsi_debug: Fix zone transition to full condition
(git-fixes).
- scsi: sd: Fix potential NULL pointer dereference (git-fixes).
- drbd: fix potential silent data corruption (git-fixes).
- scsi: ufs: core: scsi_get_lba() error fix (git-fixes).
- scsi: ufs: Fix runtime PM messages never-ending cycle
(git-fixes).
- scsi: core: sd: Add silence_suspend flag to suppress some PM
messages (git-fixes).
- scsi: ufs: Fix a deadlock in the error handler (git-fixes).
- scsi: ufs: Remove dead code (git-fixes).
- scsi: scsi_debug: Sanity check block descriptor length in
resp_mode_select() (git-fixes).
- scsi: scsi_debug: Fix type in min_t to avoid stack OOB
(git-fixes).
- scsi: scsi_debug: Don't call kcalloc() if size arg is zero
(git-fixes).
- scsi: sd: Fix sd_do_mode_sense() buffer length handling
(git-fixes).
- scsi: lpfc: Fix mailbox command failure during driver
initialization (git-fixes).
- commit fb67102
- perf/amd/ibs: Advertise zen4_ibs_extensions as pmu capability
attribute (jsc#SLE-24578).
- commit 9992992
- perf/amd/ibs: Add support for L3 miss filtering (jsc#SLE-24578).
- commit 3de312d
- perf/amd/ibs: Use ->is_visible callback for dynamic attributes
(jsc#SLE-24578).
- commit 1a42a36
- perf/amd/ibs: Cascade pmu init functions' return value
(jsc#SLE-24578).
- commit 82fef3c
- crypto: qat - remove dma_free_coherent() for DH (git-fixes).
- crypto: qat - remove dma_free_coherent() for RSA (git-fixes).
- crypto: qat - fix memory leak in RSA (git-fixes).
- crypto: qat - set to zero DH parameters before free (git-fixes).
- crypto: qat - set CIPHER capability for DH895XCC (git-fixes).
- commit 3585cf1
- kabi/severities: add stmmac network driver local symbols
- commit 832dcf3
- ppp: ensure minimum packet size in ppp_write() (git-fixes).
- commit 1871bcf
- veth: Do not record rx queue hint in veth_xmit (git-fixes).
- commit 4e81b53
- net: ethernet: mtk_eth_soc: fix return values and refactor
MDIO ops (git-fixes).
- commit 89745b1
- net: stmmac: Add platform level debug register dump feature
(git-fixes).
- commit 1f1e295
- fsl/fman: Fix missing put_device() call in fman_port_probe
(git-fixes).
- commit 1ea5bd4
- net: lantiq_xrx200: fix statistics of received bytes
(git-fixes).
- commit 21661cb
- net: ag71xx: Fix a potential double free in error handling paths
(git-fixes).
- commit bdd4068
- net: stmmac: dwmac-visconti: Fix value of
ETHER_CLK_SEL_FREQ_SEL_2P5M (git-fixes).
- commit 100c8d7
- net: stmmac: ptp: fix potentially overflowing expression
(git-fixes).
- commit c8a3960
- veth: ensure skb entering GRO are not cloned (git-fixes).
- commit de7c3ec
- net: ks8851: Check for error irq (git-fixes).
- commit c6aa897
- drivers: net: smc911x: Check for error irq (git-fixes).
- commit 76302d7
- fjes: Check for error irq (git-fixes).
- commit 3518c05
- net: marvell: prestera: fix incorrect return of port_find
(git-fixes).
- commit caea254
- net: systemport: Add global locking for descriptor lifecycle
(git-fixes).
- commit ca205ab
- net: stmmac: dwmac-rk: fix oob read in rk_gmac_setup
(git-fixes).
- commit d928a50
- net: stmmac: fix tc flower deletion for VLAN priority Rx
steering (git-fixes).
- commit c13727a
- netdevsim: don't overwrite read only ethtool parms (git-fixes).
- commit e49332e
- nfp: Fix memory leak in nfp_cpp_area_cache_add() (git-fixes).
- commit 14806b1
- net: mvpp2: fix XDP rx queues registering (git-fixes).
- commit 785d73e
- net: fec: only clear interrupt of handling queue in
fec_enet_rx_queue() (git-fixes).
- commit e300fac
- net/qla3xxx: fix an error code in ql_adapter_up() (git-fixes).
- commit 1aeafc7
- qede: validate non LSO skb length (git-fixes).
- commit a6a6f45
- net: altera: set a couple error code in probe() (git-fixes).
- commit 4b6f9c2
- net: bcm4908: Handle dma_set_coherent_mask error codes
(git-fixes).
- commit 57e402c
- net: annotate data-races on txq->xmit_lock_owner (git-fixes).
- commit 823f883
- octeontx2-af: Fix a memleak bug in rvu_mbox_init() (git-fixes).
- commit ab94872
- vrf: Reset IPCB/IP6CB when processing outbound pkts in vrf
dev xmit (git-fixes).
- commit eb079a6
- natsemi: xtensa: fix section mismatch warnings (git-fixes).
- commit dbb5264
- dpaa2-eth: destroy workqueue at the end of remove function
(git-fixes).
- commit 1aeeaf7
- net: marvell: mvpp2: Fix the computation of shared CPUs
(git-fixes).
- commit f25bb21
- Remove Half duplex mode speed capabilities (git-fixes).
- commit 92878dd
- net: stmmac: Avoid DMA_CHAN_CONTROL write if no Split Header
support (git-fixes).
- commit de8c06a
- net: stmmac: retain PTP clock time during SIOCSHWTSTAMP ioctls
(git-fixes).
- commit a6567bd
- net: phylink: Force retrigger in case of latched link-fail
indicator (git-fixes).
- commit 6d547bd
- net: phylink: Force link down and retrigger resolve on interface
change (git-fixes).
- commit 4e89e84
- gpio: tegra186: Add IRQ per bank for Tegra241 (jsc#SLE-24571)
- commit 6cf809d
- gpio: tegra186: Add support for Tegra241 (jsc#SLE-24571)
- commit f025bf7
- dt-bindings: gpio: Add Tegra241 support (jsc#SLE-24571)
- commit f8d4262
- spi: tegra210-quad: combined sequence mode (jsc#SLE-24570)
- commit e187f9a
- spi: tegra210-quad: add new chips to compatible (jsc#SLE-24570)
- commit f0be9d3
- spi: tegra210-quad: add acpi support (jsc#SLE-24570)
- commit 55e4b0b
- spi: tegra210-quad: use devm call for cdata memory (jsc#SLE-24570)
- commit 45eae59
- spi: tegra210-quad: use device_reset method (jsc#SLE-24570)
- commit 3f5e1a3
- spi: Add Tegra234 QUAD SPI compatible (jsc#SLE-24570)
- commit 58f5e5f
- i2c: tegra: use i2c_timings for bus clock freq (jsc#SLE-24569)
- commit 47fa6c7
- i2c: tegra: Add the ACPI support (jsc#SLE-24569)
- commit d323c6e
- i2c: tegra: Add SMBus block read function (jsc#SLE-24569)
- commit 3dd00f6
- i2c: smbus: Use device_*() functions instead of of_*() (jsc#SLE-24569)
- commit 3c0a341
- docs: firmware-guide: ACPI: Add named interrupt doc (jsc#SLE-24569)
- commit 6cd5dd2
- device property: Add fwnode_irq_get_byname (jsc#SLE-24569)
- commit cd979cf
- crypto: octeontx2 - fix missing unlock (jsc#SLE-24682).
- hwrng: cavium - fix NULL but dereferenced coccicheck error
(jsc#SLE-24682).
- crypto: octeontx2 - add synchronization between mailbox accesses
(jsc#SLE-24682).
- crypto: octeontx2 - increase CPT HW instruction queue length
(jsc#SLE-24682).
- crypto: octeontx2 - CN10K CPT to RNM workaround (jsc#SLE-24682).
- crypto: octeontx2 - select CONFIG_NET_DEVLINK (jsc#SLE-24682).
- arm64: Add cavium_erratum_23154_cpus missing sentinel
(jsc#SLE-24682).
- irqchip/gic-v3: Workaround Marvell erratum 38545 when reading
IAR (jsc#SLE-24682).
- crypto: octeontx2 - Avoid stack variable overflow
(jsc#SLE-24682).
- crypto: octeontx2 - out of bounds access in
otx2_cpt_dl_custom_egrp_delete() (jsc#SLE-24682).
- crypto: octeontx2 - Use swap() instead of swap_engines()
(jsc#SLE-24682).
- crypto: octeontx2 - parameters for custom engine groups
(jsc#SLE-24682).
- crypto: octeontx2 - add apis for custom engine groups
(jsc#SLE-24682).
- crypto: octeontx2 - use swap() to make code cleaner
(jsc#SLE-24682).
- commit e64c29a
- crypto: hisilicon/qm - modify the uacce mode check (bsc#1201391).
- commit 755232f
- supported.conf: mark marvell octeontx2 crypto driver as supported (jsc#SLE-24682)
Mark rvu_cptpf.ko and rvu_cptvf.ko as supported.
- commit 2c9f726
- blacklist.conf: Add 6a2d90ba027a ptrace: Reimplement PTRACE_KILL by always sending SIGKILL
- commit 0702138
- kABI: i2c: smbus: restore of_ alert variant (jsc#SLE-24569).
kABI fix for "/i2c: smbus: Use device_*() functions instead of of_*()"/
- commit d0b5048
- ldb
-
- Add ldb-memory-bug-15096-4.15-ldbonly.patch to backport all
changes for ldb-2.4.4.
+ CVE-2022-32745: samba: ldb: AD users can crash the server
process with an LDAP add or modify request; (bso#15008);
(bso#15096); (bsc#1201492).
+ CVE-2022-2031: samba, ldb: AD users can bypass certain
restrictions associated with changing passwords; (bso#15047);
(bsc#1201495);
+ CVE-2022-32744: samba, ldb: AD users can forge password change
requests for any user; (bso#15074); (bso#15047); (bsc#1201493).
- Update to version 2.4.3
+ Fix build problems, waf produces incorrect names for python
extensions; (bso#15071);
- libxml2
-
- Update to 2.9.14:
* Security:
+ [CVE-2022-29824] Integer overflow in xmlBuf and xmlBuffer
+ Fix potential double-free in xmlXPtrStringRangeFunction
+ Fix memory leak in xmlFindCharEncodingHandler
+ Normalize XPath strings in-place
+ Prevent integer-overflow in htmlSkipBlankChars() and
xmlSkipBlankChars()
+ Fix leak of xmlElementContent
* Bug fixes:
+ Fix parsing of subtracted regex character classes
+ Fix recursion check in xinclude.c
+ Reset last error in xmlCleanupGlobals
+ Fix certain combinations of regex range quantifiers
+ Fix range quantifier on subregex
* Improvements:
+ Fix recovery from invalid HTML start tags
* Build system, portability:
+ Define LFS macros before including system headers
+ Initialize XPath floating-point globals
+ configure: check for icu DEFS
+ configure.ac: produce tar.xz only (GNOME policy)
+ CMakeLists.txt: Fix LIBXML_VERSION_NUMBER
+ Fix build with older Python versions
+ Fix --without-valid build
- Build python bindings in a 2nd run, using multibuild: otherwise,
libxml2 requires pkgconfig(libxml-2.0) to build, causing issues
to bootstrap.
- Update to version 2.9.13:
* Security fixes:
+ [CVE-2022-23308] Use-after-free of ID and IDREF attributes
(boo#1196490);
+ Several memory leaks and another issues.
* Many regressions fixes.
* Numerous bug fixes, including, among many others:
+ xmllint's --maxmem option should work as expected now;
+ xmllint now returns an error if arguments are missing.
* Numerous tests and code and fuzzing fixes and improvements.
* Updated documentation.
- The full Libxml2 2.9.13 NEWS can be found here:
https://download.gnome.org/sources/libxml2/2.9/+ libxml2-2.9.13.news.
- Replace version-release macros in all 3 Obsoletes tag with
plain 2.9.13 to avoid unwanted behaviors in the future.
- Remove dropped upstream AUTHORS file from list of files to be
installed in the documentation location with 'cp' command.
- Update http://xmlsoft.org URL tag to Libxml2's new web home:
https://gitlab.gnome.org/GNOME/libxml2.
- Update ftp://xmlsoft.org Source tag to Libxml2's new download
host: https://download.gnome.org.
- Drop deprecated Python-2-related macro definitions/conditional
statement from spec file.
- Drop merged upstream patches:
libxml2-fix-lxml-corrupted-subtree-structures.patch;
libxml2-fix-regression-in-xmlNodeDumpOutputInternal.patch.
- Drop libxml2.keyring source file as the new download host doesn't
offer GPG signatures.
- Use ldconfig_scriptlets macro for post(un) handling.
* Fix CVE-2021-3541, CVE-2021-3537 (bsc#1185698, bsc#1185879),
CVE-2021-3518, CVE-2021-3517, CVE-2021-3516, CVE-2020-7595,
CVE-2019-20388, CVE-2020-24977, and CVE-2019-19956 (bsc#1159928)
- Security fix: [bsc#1185698, CVE-2021-3537]
decompression (boo#1088279 boo#1105166).
(boo#1102046).
- libzypp
-
- appdata plugin: Pass path to the repodata/ directory inside the
cache (bsc#1197684)
- zypp-rpm: flush rpm script output buffer before sending
endOfScriptTag.
- version 17.30.2 (22)
- PluginRepoverification: initial version hooked into
repo::Downloader and repo refresh.
- Immediately start monitoring the download.transfer_timeout.
Do not wait until the first data arrived. (bsc#1199042)
- singletrans: no dry-run commit if doing just download-only.
- Work around cases where sat repo.start points to an invalid
solvable. May happen if (wrong arch) solvables were removed
at the beginning of the repo.
- fix misplaced #endif SINGLE_RPMTRANS_AS_DEFAULT_FOR_ZYPPER
(fixes #388)
- version 17.30.1 (22)
- ncurses
-
- Add patch ncurses-bnc1198627.patch
* Fix bsc#1198627: CVE-2022-29458: ncurses: segfaulting OOB read
- pcre2
-
- Added pcre2-bsc1199235-CVE-2022-1587.patch
* CVE-2022-1587 / bsc#1199235
* Fix out-of-bounds read due to bug in recursions
* Sourced from:
- https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0
- permissions
-
* postfix: add postlog setgid for maildrop binary (bsc#1201385)
- Update to version 20201225:
* apptainer: fix starter-suid location (bsc#1198720)
- Update to version 20201225:
* static permissions: remove deprecated bind / named chroot entries (bsc#1200747)
- Update to version 20201225:
- python-py
-
- Update in SLE-15 (bsc#1195916, bsc#1196696, jsc#PM-3356, jsc#SLE-23972)
- Drop CVE-2020-29651.patch, issue fixed upstream in 1.10.0
- Update to 1.10.0
* Fix a regular expression DoS vulnerability in the py.path.svnwc
SVN blame functionality (CVE-2020-29651)
- Devendor apipkg and iniconfig
- Add pr_222.patch to activate test suite
- Update to 1.9.0
* Add type annotation stubs
- samba
-
- CVE-2022-32746: samba: Use-after-free occurring in database
audit logging; (bso#15009); (bso#15096); (bsc#1201490).
- CVE-2022-32745: samba: ldb: AD users can crash the server
process with an LDAP add or modify request; (bso#15008);
(bso#15096); (bsc#1201492).
- CVE-2022-2031: samba, ldb: AD users can bypass certain
restrictions associated with changing passwords; (bso#15047);
(bsc#1201495);
- CVE-2022-32742:SMB1 code does not correct verify SMB1write,
SMB1write_and_close, SMB1write_and_unlock lengths; (bso#15085);
(bsc#1201496).
- CVE-2022-32744: samba, ldb: AD users can forge password change
requests for any user; (bso#15074); (bso#15047); (bsc#1201493).
- Update to 4.15.8
* Use pathref fd instead of io fd in vfs_default_durable_cookie;
(bso#15042);
* Setting fruit:resource = stream in vfs_fruit causes a panic;
(bso#15099);
* Add support for bind 9.18; (bso#14986);
* logging dsdb audit to specific files does not work; (bso#15076);
* vfs_gpfs with vfs_shadowcopy2 fail to restore file if original
file had been deleted; (bso#15069);
* netgroups support removed; (bso#15087); (bsc#1199247);
* net ads info shows LDAP Server: 0.0.0.0 depending on contacted
server; (bso#14674); (bsc#1199734);
* waf produces incorrect names for python extensions with Python
3.11; (bso#15071);
* smbclient commands del & deltree fail with
NT_STATUS_OBJECT_PATH_NOT_FOUND with DFS; (bso#15100);
(bsc#1200556);
* vfs_gpfs recalls=no option prevents listing files; (bso#15055);
* waf produces incorrect names for python extensions with Python
3.11; (bso#15071);
* Compile error in source3/utils/regedit_hexedit.c; (bso#15091);
* ldconfig: /lib64/libsmbconf.so.0 is not a symbolic link;
(bso#15108);
* smbd doesn't handle UPNs for looking up names; (bso#15054);
* Out-by-4 error in smbd read reply max_send clamp; (bso#14443);
- Move pdb backends from package samba-libs to package
samba-client-libs and remove samba-libs requirement from
samba-winbind; (bsc#1200964); (bsc#1198255);
- Use the canonical realm name to refresh the Kerberos tickets;
(bsc#1196224); (bso#14979);
- Fix smbclient commands del & deltree failing with
NT_STATUS_OBJECT_PATH_NOT_FOUND with DFS; (bso#15100);
(bsc#1200556).
- tar
-
- bsc1200657.patch was previously incomplete leading to deadlocks
* bsc#1202436
* bsc1200657.patch updated
- Fix race condition while creating intermediate subdirectories,
bsc#1200657
* bsc1200657.patch
- yaml-cpp
-
- Version 0.6.3 changed ABI without changing SONAME. Re-add symbol
from the old ABI to prevent ABI breakage and crash of
applications compiled with 0.6.1 (bsc#1200624, bsc#1178332,
bsc#1178331, bsc#1160171, yaml-cpp-abi-breakage.patch).
- zypper
-
- Basic JobReport for "/cmdout/monitor"/.
- versioncmp: if verbose, also print the edition 'parts' which are
compared.
- Make sure MediaAccess is closed on exception (bsc#1194550)
- Display plus-content hint conditionally (fixes #433)
- Honor the NO_COLOR environment variable when auto-detecting
whether to use color (fixes #432)
- Define table columns which should be sorted natural [case
insensitive] (fixes #391, closes #396, fixes #424)
- lr/ls: Use highlight color on name and alias as well.
- version 1.14.53