- libxslt
-
- Security fixes:
* Fix use-after-free of XPath context node [bsc#1239625, CVE-2025-24855]
* Fix UAF related to excluded namespaces [bsc#1239637, CVE-2024-55549]
* Add patches:
- libxslt-CVE-2024-55549.patch
- libxslt-CVE-2025-24855.patch
- sqlite3
-
- Sync version 3.49.1 from Factory (jsc#SLE-16032):
* CVE-2025-29087, bsc#1241020: Fix a bug in the concat_ws()
function, introduced in version 3.44.0, that could lead to a
memory error if the separator string is very large (hundreds
of megabytes).
* CVE-2025-29088, bsc#1241078: Enhanced the
SQLITE_DBCONFIG_LOOKASIDE interface to make it more robust
against misuse.
* Obsoletes sqlite3-rtree-i686.patch
- apparmor
-
- Add dac_read_search capability for unix_chkpwd to allow it to read the shadow
file even if it has 000 permissions. This is needed after the CVE-2024-10041
fix in PAM.
* unix-chkpwd-add-read-capability.path, bsc#1241678
- Addapt the allow-pam_unix-to-execute-unix_chkpwd.patch for SLE12.
(bsc#1241876)
- Remove revert-abi-change-for-unix_chkpwd.patch
- Allow pam_unix to execute unix_chkpwd with abi/3.0
- remove dovecot-unix_chkpwd.diff
- Add allow-pam_unix-to-execute-unix_chkpwd.patch
- Add revert-abi-change-for-unix_chkpwd.patch
(bsc#1234452, bsc#1232234)
- Update profile usr.lib.dovecot.auth and add dovecot-unix_chkpwd.diff
to allow dovecot-auth to execute unix_chkpwd, and add a profile for
unix_chkpwd. This is needed for PAM with CVE-2024-10041 (bsc#1234452)
- resource-agents
-
- L3: DB2 resource agent forcefully shuts down database, risking data loss — ref:_00D1igLOd._500TrYJM7l:ref
(bsc#1241692)
Remove bad patch:
0001-db2-HADR-add-STANDBY-REMOTE_CATCHUP_PENDING-DISCONNE.patch
- vim
-
- Introduce patch to fix bsc#1235751 (regression).
* vim-9.1.1134-revert-putty-terminal-colors.patch
- Update to 9.1.1176. Changes:
* 9.1.1176: wrong indent when expanding multiple lines
* 9.1.1175: inconsistent behaviour with exclusive selection and motion commands
* 9.1.1174: tests: Test_complete_cmdline() may fail
* 9.1.1173: filetype: ABNF files are not detected
* 9.1.1172: [security]: overflow with 'nostartofline' and Ex command in tag file
* 9.1.1171: tests: wrong arguments passed to assert_equal()
* 9.1.1170: wildmenu highlighting in popup can be improved
* 9.1.1169: using global variable for get_insert()/get_lambda_name()
* 9.1.1168: wrong flags passed down to nextwild()
* 9.1.1167: mark '] wrong after copying text object
* 9.1.1166: command-line auto-completion hard with wildmenu
* 9.1.1165: diff: regression with multi-file diff blocks
* 9.1.1164: [security]: code execution with tar.vim and special crafted tar files
* 9.1.1163: $MYVIMDIR is set too late
* 9.1.1162: completion popup not cleared in cmdline
* 9.1.1161: preinsert requires bot "menu" and "menuone" to be set
* 9.1.1160: Ctrl-Y does not work well with "preinsert" when completing items
* 9.1.1159: $MYVIMDIR may not always be set
* 9.1.1158: :verbose set has wrong file name with :compiler!
* 9.1.1157: command completion wrong for input()
* 9.1.1156: tests: No test for what patch 9.1.1152 fixes
* 9.1.1155: Mode message not cleared after :silent message
* 9.1.1154: Vim9: not able to use autoload class accross scripts
* 9.1.1153: build error on Haiku
* 9.1.1152: Patch v9.1.1151 causes problems
* 9.1.1151: too many strlen() calls in getchar.c
* 9.1.1150: :hi completion may complete to wrong value
* 9.1.1149: Unix Makefile does not support Brazilian lang for the installer
* 9.1.1148: Vim9: finding imported scripts can be further improved
* 9.1.1147: preview-window does not scroll correctly
* 9.1.1146: Vim9: wrong context being used when evaluating class member
* 9.1.1145: multi-line completion has wrong indentation for last line
* 9.1.1144: no way to create raw strings from a blob
* 9.1.1143: illegal memory access when putting a register
* 9.1.1142: tests: test_startup fails if $HOME/$XDG_CONFIG_HOME is defined
* 9.1.1141: Misplaced comment in readfile()
* 9.1.1140: filetype: m17ndb files are not detected
* 9.1.1139: [fifo] is not displayed when editing a fifo
* 9.1.1138: cmdline completion for :hi is too simplistic
* 9.1.1137: ins_str() is inefficient by calling STRLEN()
* 9.1.1136: Match highlighting marks a buffer region as changed
* 9.1.1135: 'suffixesadd' doesn't work with multiple items
* 9.1.1134: filetype: Guile init file not recognized
* 9.1.1133: filetype: xkb files not recognized everywhere
* 9.1.1132: Mark positions wrong after triggering multiline completion
* 9.1.1131: potential out-of-memory issue in search.c
* 9.1.1130: 'listchars' "precedes" is not drawn on Tabs.
* 9.1.1129: missing out-of-memory test in buf_write()
* 9.1.1128: patch 9.1.1119 caused a regression with imports
* 9.1.1127: preinsert text is not cleaned up correctly
* 9.1.1126: patch 9.1.1121 used a wrong way to handle enter
* 9.1.1125: cannot loop through pum menu with multiline items
* 9.1.1124: No test for 'listchars' "precedes" with double-width char
* 9.1.1123: popup hi groups not falling back to defaults
* 9.1.1122: too many strlen() calls in findfile.c
* 9.1.1121: Enter does not insert newline with "noselect"
* 9.1.1120: tests: Test_registers fails
* 9.1.1119: Vim9: Not able to use an autoloaded class from another autoloaded script
* 9.1.1118: tests: test_termcodes fails
* 9.1.1117: there are a few minor style issues
* 9.1.1116: Vim9: super not supported in lambda expressions
* 9.1.1115: [security]: use-after-free in str_to_reg()
* 9.1.1114: enabling termguicolors automatically confuses users
* 9.1.1113: tests: Test_terminal_builtin_without_gui waits 2 seconds
* 9.1.1112: Inconsistencies in get_next_or_prev_match()
* 9.1.1111: Vim9: variable not found in transitive import
* 9.1.1110: Vim tests are slow and flaky
* 9.1.1109: cmdexpand.c hard to read
* 9.1.1108: 'smoothscroll' gets stuck with 'listchars' "eol"
* 9.1.1107: cannot loop through completion menu with fuzzy
* 9.1.1106: tests: Test_log_nonexistent() causes asan failure
* 9.1.1105: Vim9: no support for protected new() method
* 9.1.1104: CI: using Ubuntu 22.04 Github runners
* 9.1.1103: if_perl: still some compile errors with Perl 5.38
* 9.1.1102: tests: Test_WinScrolled_Resized_eiw() uses wrong filename
- wget
-
- Drop support for shorthand URLs
* Breaking change to fix CVE-2024-10524.
[+ drop-support-for-shorthand-URLs.patch, bsc#1233773]
- kernel-default
-
- Revert "kABI workaround for changeing the variable length type to size_t"
Will evaluate again the CVE and resend the patch if needed
This reverts commit 467381126c46febb6e9adeba40f4439ab1b7f3cd.
- commit 859f819
- Revert "ipv6: Fix signed integer overflow in __ip6_append_data"
Will evaluate again the CVE and resend the patch if needed
This reverts commit 0c4609a89f1351bc34d1fdf73c438d3665a48988.
- commit 9b99659
- Refresh
patches.suse/x86-bhi-do-not-set-BHI_DIS_S-in-32-bit-mode.patch.
- Refresh
patches.suse/x86-bpf-add-IBHF-call-at-end-of-classic-BPF.patch.
- Refresh
patches.suse/x86-bpf-call-branch-history-clearing-sequence-on-exit.patch.
Update the patch-mainline header, these patches are expected to be
found upstream at a later date.
- commit 8ba543d
- fbdev: hyperv_fb: Simplify hvfb_putmem (git-fixes).
- commit 67adb16
- x86/bhi: Do not set BHI_DIS_S in 32-bit mode (bsc#1242778).
- x86/bpf: Add IBHF call at end of classic BPF (bsc#1242778).
- x86/bpf: Call branch history clearing sequence on exit
(bsc#1242778).
- commit 59473c9
- fbdev: hyperv_fb: Allow graceful removal of framebuffer
(git-fixes CVE-2025-21976 bsc#1241145).
- Delete patches.suse/suse-hv-hyperv_fb-rmmod.patch, no longer
needed.
- commit a082a24
- Regression in CVE-2024-56641 fix (CVE-2024-56641, bsc#1235526, bsc#1242319).
- commit a257d42
- Refresh patches.suse/suse-hv-hyperv_fb-rmmod.patch.
Fix the following warning:
drivers/video/fbdev/hyperv_fb.c:1363:20: warning: 'hvfb_drv_exit' defined but not used
- commit ce05eff
- audit: Send netlink ACK before setting connection in auditd_set
(bsc#1231450).
- commit f8c00d6
- Update
patches.suse/can-dev-can_get_echo_skb-prevent-call-to-kfree_skb-i.patch
(git-fixes CVE-2020-36789 bsc#1241408).
- Update
patches.suse/can-dev-can_restart-fix-use-after-free-bug.patch
(git-fixes CVE-2021-47668 bsc#1241404).
- Update
patches.suse/can-vxcan-vxcan_xmit-fix-use-after-free-bug.patch
(git-fixes CVE-2021-47669 bsc#1241405).
- Update patches.suse/fou-fix-initialization-of-grc.patch
(CVE-2024-46763 bsc#1230764 CVE-2024-46865 bsc#1231103).
- Update
patches.suse/ndisc-use-RCU-protection-in-ndisc_alloc_skb.patch
(bsc#1239994 CVE-2025-21764 bsc#1237885).
- commit fcb2f6d
- cifs: Fix integer overflow while processing actimeo mount option
(git-fixes).
- commit 0c62491
- cifs: Fix integer overflow while processing acdirmax mount
option (CVE-2025-21963 bsc#1240717).
- commit 6c82fff
- cifs: Fix integer overflow while processing acregmax mount
option (CVE-2025-21964 bsc#1240740).
- commit 759fa98
- hyperv_fb: disable rmmod (bsc#1241145, CVE-2025-21976).
- commit 001b30c
- drm/msm/disp/dpu1: set vbif hw config to NULL to avoid use after memory free during pm runtime resume (CVE-2022-49489 bsc#1238244)
- commit 70ef453
- drm/amd/display: Fix a NULL pointer dereference in amdgpu_dm_connector_add_common_modes() (CVE-2022-49232 bsc#1238139)
- commit 233d2c0
- remoteproc: qcom_q6v5_mss: Fix some leaks in q6v5_alloc_memory_region (CVE-2022-49188 bsc#1238138)
- commit 2da2636
- remoteproc: qcom_q6v5_mss: Extract mba/mpss from memory-region (bsc#1238138)
- commit 2730746
- PM: core: keep irq flags in device_pm_check_callbacks() (CVE-2022-49175 bsc#1238099)
- commit ab8e651
- kABI workaround for changeing the variable length type to size_t
(CVE-2022-49728 bsc#1239111).
- commit 4673811
- ipv6: Fix signed integer overflow in __ip6_append_data
(CVE-2022-49728 bsc#1239111).
- commit 0c4609a
- igmp: Fix data-races around sysctl_igmp_llm_reports
(CVE-2022-49590 bsc#1238844).
- commit ffcf577
- ipv6: mcast: add RCU protection to mld_newpack() (CVE-2025-21758
bsc#1238737).
- commit ca8335c
- net: ipv6: fix dst ref loops in rpl, seg6 and ioam6 lwtunnels
(CVE-2025-21768 bsc#1238714).
- commit 4d13df3
- atm: Fix NULL pointer dereference (CVE-2025-22018 bsc#1241266)
- commit bc9b2c6
- drivers: staging: rtl8192u: Fix deadlock in ieee80211_beacons_stop() (CVE-2022-49305 bsc#1238645)
- commit f20b488
- Bluetooth: Fix use after free in hci_send_acl (bsc#1237984
CVE-2022-49111).
- commit 3cd0c1c
- net: mvpp2: Prevent parser TCAM memory corruption
(CVE-2025-22060 bsc#1241526).
- commit 37e999b
- Revert "exec: fix the racy usage of fs_struct->in_exec (CVE-2025-22029"
This reverts commit 14a10bfdc080f8fa12291efe393e7af680537978.
This turned out to be not an issue. See https://bugzilla.suse.com/show_bug.cgi?id=1241378#c4
- commit 4a60e73
- net: ibmveth: make veth_pool_store stop hanging (CVE-2025-22053
bsc#1241373).
- commit 4494ff2
- netfilter: IDLETIMER: Fix for possible ABBA deadlock
(CVE-2024-54683 bsc#1235729).
- commit 938d034
- exec: fix the racy usage of fs_struct->in_exec (CVE-2025-22029
bsc#1241378).
- commit 14a10bf
- bfq: Make sure bfqg for which we are queueing requests is online
(bsc#1238307 CVE-2022-49411).
- blacklist.conf: Remove commit from blacklist
- commit 4daae62
- bfq: Track whether bfq_group is still online (bsc#1238307
CVE-2022-49411).
- commit e167d48
- ext4: fix OOB read when checking dotdot dir (bsc#1241640
CVE-2025-37785).
- commit 0093423
- filemap: Fix bounds checking in filemap_read() (bsc#1234209
CVE-2024-50272 bsc#1233461).
- commit e0c4cb2
- fs: relax assertions on failure to encode file handles
(bsc#1236086 CVE-2024-57924).
- commit ee1cce6
- Update references in patches.suse/ext4-fixup-pages-without-buffers.patch
(bsc#1205495 CVE-2022-49171 bsc#1238093).
- commit 3a68ec8
- tpm: Change to kvalloc() in eventlog/acpi.c (CVE-2024-58005 bsc#1237873)
- commit 055cc9d
- nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu()
(bsc#1240714 CVE-2025-21927).
- commit 1b9235e
- bpf, selftests: Add verifier test case for imm=0,umin=0,umax=1
scalar (bsc#1238803 CVE-2022-49658).
- commit 76015e8
- bpf: Fix insufficient bounds propagation from
adjust_scalar_min_max_vals (bsc#1238803 CVE-2022-49658).
- commit a84c655
- dlm: prevent NPD when writing a positive value to event_done
(bsc#1241601 CVE-2025-23131).
- commit d96b67e
- PCI/ASPM: Fix link state exit during switch upstream function
removal (CVE-2024-58093 bsc#1241347).
- commit 323974a
- RDMA/mlx5: Fix mlx5_poll_one() cur_qp update flow (CVE-2025-22086 bsc#1241458)
- commit 9222451
- drm/amdgpu/cs: make commands with 0 chunks illegal behaviour (CVE-2022-49335 bsc#1238377)
- commit 093b1d6
- drm/amd/amdgpu/amdgpu_cs: fix refcount leak of a dma_fence obj (CVE-2022-49137 bsc#1238155)
- commit c883f61
- printk: Fix signed integer overflow when defining
LOG_BUF_LEN_MAX (bsc#1237950 CVE-2024-58017 bsc#1239112).
- commit 7c45b05
- fou: fix initialization of grc (CVE-2024-46763 bsc#1230764).
- commit 34d05f5
- drop_monitor: fix incorrect initialization order (CVE-2025-21862
bsc#1239474).
- net: openvswitch: fix leak of nested actions (CVE-2022-49086
bsc#1238037).
- commit 907826c
- fou: Fix null-ptr-deref in GRO (CVE-2024-46763 bsc#1230764).
- commit 87825b6
- net: fix geneve_opt length integer overflow (CVE-2025-22055
bsc#1241371).
- commit 7a515dd
- hwpoison, memory_hotplug: lock folio before unmap hwpoisoned
folio (CVE-2025-21931 bsc#1240709).
- commit 4b52623
- skbuff: introduce skb_pull_data (bsc#1235038 CVE-2024-56590).
- commit 4f3bce2
- rds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current->nsproxy
(CVE-2025-21635 bsc#1236111).
- commit 30122f9
- Bluetooth: hci_core: Fix not checking skb length on
hci_acldata_packet (bsc#1235038 CVE-2024-56590).
- commit 2b46315
- partitions: mac: fix handling of bogus partition table
(CVE-2025-21772 bsc#1238911).
- scsi: lpfc: Resolve NULL ptr dereference after an ELS LOGO is
aborted (CVE-2022-49730 bsc#1239070).
- scsi: lpfc: Fix resource leak in lpfc_sli4_send_seq_to_ulp()
(CVE-2022-49521 bsc#1238938).
- scsi: lpfc: Fix call trace observed during I/O with CMF enabled
(CVE-2022-49537 bsc#1238930).
- scsi: lpfc: Protect memory leak for NPIV ports sending PLOGI_RJT
(CVE-2022-49534 bsc#1238893).
- scsi: lpfc: Fix null pointer dereference after failing to
issue FLOGI and PLOGI (CVE-2022-49535 bsc#1238937).
- commit 9071ce6
- scsi: lpfc: Fix SCSI I/O completion and abort handler deadlock
(CVE-2022-49536 bsc#1238838).
- Refresh
patches.suse/scsi-lpfc-Validate-hdwq-pointers-before-dereferencin.patch.
- commit 1f1a811
- block, bfq: don't move oom_bfqq (CVE-2022-49179 bsc#1238092).
- commit 08606de
- drivers/base/node.c: fix compaction sysfs file leak (CVE-2022-49442 bsc#1238243)
- commit 769486d
- dmaengine: Fix double increment of client_count in dma_chan_get() (CVE-2022-49753 bsc#1240250)
- commit 8be64a3
- tcp: add accessors to read/set tp->snd_cwnd (CVE-2022-49325
bsc#1238398).
- Refresh
patches.suse/tcp-fix-tcp_mtup_probe_success-vs-wrong-snd_cwnd.patch.
- commit 00d8ac0
- net: altera: Fix refcount leak in altera_tse_mdio_create
(CVE-2022-49351 bsc#1237939).
- commit 3aeeb63
- mac80211: fix potential double free on mesh join (CVE-2022-49290 bsc#1238156)
- commit 1243bb0
- wifi: rtlwifi: fix memory leaks and invalid access at probe error path (CVE-2024-58063 bsc#1238984)
- commit fac1ba9
- wifi: brcmfmac: Check the return value of of_property_read_string_index() (CVE-2025-21750 bsc#1238905)
- commit f37f3e1
- wifi: brcmfmac: use strreplace() in brcmf_of_probe() (bsc#1238905)
- commit af07444
- brcmfmac: of: remove redundant variable len (bsc#1238905)
- commit 990953e
- brcmfmac: of: Use devm_kstrdup for board_type & check for errors (bsc#1238905)
- commit d9e8c8a
- net: nfc: Fix use-after-free in local_cleanup() (CVE-2023-53023 bsc#1240309)
- commit f91c2a0
- i40e: Fix call trace in setup_tx_descriptors (CVE-2022-49725 bsc#1238016)
- commit 4f6a558
- net: gso: fix ownership in __udp_gso_segment (CVE-2025-21926
bsc#1240712).
- commit 112bb59
- wifi: cfg80211: regulatory: improve invalid hints checking
(CVE-2025-21910 bsc#1240583).
- commit 2ad169d
- wifi: nl80211: reject cooked mode if it is set along with
other flags (CVE-2025-21909 bsc#1240590).
- commit b2acee6
- net: atm: fix use after free in lec_send() (CVE-2025-22004
bsc#1240835).
- commit cc63f73
- drm/plane: Move range check for format_count earlier (CVE-2021-47659 bsc#1237839)
- commit cc111ee
- dm integrity: fix memory corruption when tag_size is less than digest size (CVE-2022-49044 bsc#1237840)
- commit be90f4e
- net/smc: Fix NULL pointer dereference in smc_pnet_find_ib() (CVE-2022-49060 bsc#1237845)
- commit 867ee3a
- drm/amdkfd: Check for potential null return of kmalloc_array() (CVE-2022-49055 bsc#1237868)
- commit afbd83d
- driver: base: fix UAF when driver_attach failed (CVE-2022-49385 bsc#1237951)
- commit 3dcc3aa
- drm/msm/mdp4: Fix refcount leak in mdp4_modeset_init_intf (CVE-2022-49693 bsc#1237954)
- commit d40fafb
- PM / devfreq: exynos-ppmu: Fix refcount leak in of_get_devfreq_events (CVE-2022-49668 bsc#1237957)
- commit fff3251
- media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init (CVE-2022-49478 bsc#1238000)
- commit 5c8c17f
- media: cx25821: Fix the warning when removing the module (CVE-2022-49525 bsc#1238022)
- commit 8b2ba54
- scsi: lpfc: Move cfg_log_verbose check before calling
lpfc_dmp_dbg() (CVE-2022-49542 bsc#1238722).
- commit 2fbb1a4
- scsi: pm8001: Fix tag leaks on error (CVE-2022-49121
bsc#1237926).
- Refresh
patches.suse/scsi-pm8001-Fix-memory-leak-in-pm8001_chip_fw_flash_.patch.
- commit 1183fb2
- block: fix integer overflow in BLKSECDISCARD (CVE-2024-49994
bsc#1237757).
- scsi: lpfc: Inhibit aborts if external loopback plug is inserted
(CVE-2022-49504 bsc#1238835).
- scsi: hisi_sas: Free irq vectors in order for v3 HW
(CVE-2022-49118 bsc#1237979).
- bfq: fix use-after-free in bfq_dispatch_request (CVE-2022-49176
bsc#1238097).
- commit 61a23eb
- Refresh
patches.suse/net-usb-usbnet-restore-usb-d-name-exception-for-loca.patch.
Patch has been accepted upstream. Moving to correct section.
- commit 44e2f7a
- drm/amd/display: Assign normalized_pix_clk when color depth = 14 (bsc#1240739 CVE-2025-21956)
- commit 8258112
- regulator: check that dummy regulator has been probed before
using it (CVE-2025-22008 bsc#1240942).
- commit e222593
- drm/amd/display: Fix null check for pipe_ctx->plane_state in (bsc#1240701 CVE-2025-21941)
- commit 4fd9018
- blk-throttle: Set BIO_THROTTLED when bio has been throttled
(CVE-2022-49465 bsc#1238919).
- commit 885f88f
- usb: xhci: Fix NULL pointer dereference on certain command aborts (CVE-2024-57981 bsc#1237912)
- commit a6014fc
- media: uvcvideo: Fix double free in error path (CVE-2024-57980 bsc#1237911)
- commit c75a886
- NFC: nci: Add bounds checking in nci_hci_create_pipe() (CVE-2025-21735 bsc#1238497)
- commit 1703ca8
- drm/msm/gem: prevent integer overflow in msm_ioctl_gem_submit() (CVE-2024-52559 bsc#1238507)
- commit 151c011
- Bluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc (CVE-2024-58009 bsc#1238760)
- commit f77505b
- KVM: x86: Reject Hyper-V's SEND_IPI hypercalls if local APIC isn't in-kernel (CVE-2025-21779 bsc#1238768)
- commit c0bacb1
- netfilter: xtables: fix typo causing some targets not to load
on IPv6 (CVE-2024-50038 bsc#1231910).
- netfilter: xtables: avoid NFPROTO_UNSPEC where needed
(CVE-2024-50038 bsc#1231910).
- commit 758059b
- RDMA/hns: Fix soft lockup during bt pages loop (CVE-2025-22010 bsc#1240943)
- commit 4f43f30
- i2c: designware: use casting of u64 in clock multiplication to avoid overflow (CVE-2022-49749 bsc#1240243)
- commit 8e8de37
- HID: appleir: Fix potential NULL dereference at raw event handle (CVE-2025-21948 bsc#1240703)
- commit 00a5124
- scsi: qla1280: Fix kernel oops when debug level > 2 (CVE-2025-21957 bsc#1240742)
- commit bd23d83
- net: let net.core.dev_weight always be non-zero (CVE-2025-21806 bsc#1238746)
- commit f158377
- net: Fix data-races around weight_p and dev_weight_[rt]x_bias (bsc#1238746)
- commit f948447
- Bluetooth: L2CAP: Fix build errors in some archs (CVE-2025-21969
bsc#1240784).
- commit 7b7dc2b
- Bluetooth: L2CAP: fix use-after-free in l2cap_conn_del()
(CVE-2025-21969 bsc#1240784).
- Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm regression
(CVE-2025-21969 bsc#1240784).
- commit 45ad638
- kABI workaround for l2cap_conn changes (CVE-2025-21969
bsc#1240784).
- commit 7316449
- Bluetooth: L2CAP: Fix corrupted list in hci_chan_del
(CVE-2025-21969 bsc#1240784).
- Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_put
(CVE-2025-21969 bsc#1240784).
- commit afacee7
- Bluetooth: Fix error code in chan_alloc_skb_cb() (bsc#1240582
CVE-2025-22007).
- commit b580f9e
- drm/radeon: fix uninitialized size issue in radeon_vce_cs_parse() (CVE-2025-21996 bsc#1240801).
- commit 4ea5dea
- usb: atm: cxacru: fix a flaw in existing endpoint checks
(bsc#1240582 CVE-2025-21916).
- commit e17a34b
- Bluetooth: L2CAP: Fix slab-use-after-free Read in l2cap_send_cmd
(CVE-2025-21969 bsc#1240784).
- commit 900222a
- iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in
ibft_attr_show_nic() (CVE-2025-21993 bsc#1240797).
- commit 1c1b4a4
- tpm: tis: Double the timeout B to 4s (bsc#1235870).
- commit e4e19da
- tpm, tpm_tis: Workaround failed command reception on Infineon
devices (bsc#1235870).
- commit 87601ca
- ppp: Fix KMSAN uninit-value warning with bpf (CVE-2025-21922
bsc#1240639).
- commit ca66710
- arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array (CVE-2025-21785 bsc#1238747)
- commit 24fbd3b
- rapidio: add check for rio_add_net() in rio_scan_alloc_net()
(CVE-2025-21935 bsc#1240700).
- rapidio: fix an API misues when rio_add_net() fails
(CVE-2025-21934 bsc#1240708).
- commit df62006
- macsec: fix UAF bug for real_dev (CVE-2022-49390 bsc#1238233)
- commit d0ae16a
- dax: make sure inodes are flushed before destroy cache (CVE-2022-49220 bsc#1237936)
- commit dd8bb0a
- sysctl: Fix data races in proc_douintvec() (CVE-2022-49641 bsc#1237831)
- commit 1859db6
- gpu: host1x: Fix a memory leak in 'host1x_remove()' (CVE-2021-47648 bsc#1237725)
- commit 565f8ec
- qede: confirm skb is allocated before using (CVE-2022-49084 bsc#1237751)
- commit a2a6334
- net: fix data-races around sk->sk_forward_alloc (CVE-2024-53124
bsc#1234074).
- commit 7d9d482
- netfilter: conntrack: re-fetch conntrack after insertion
(CVE-2022-49561 bsc#1238537).
- commit d3e0ad2
- netfilter: ipset: Fix overflow before widen in the
bitmap_ip_create() function (CVE-2023-53032 bsc#1240270).
- commit 7dde838
- ipv4: prevent potential spectre v1 gadget in
ip_metrics_convert() (CVE-2023-52997 bsc#1240303).
- commit ed98686
- sysctl: Fix data races in proc_douintvec_minmax() (CVE-2022-49640 bsc#1237782)
- commit 0dfbf72
- kernel/sysctl.c: define minmax conv functions in terms of non-minmax versions (bsc#1237782)
- commit 1263b48
- Update references for patches.suse/kernel-sysctl.c-add-missing-range-check-in-do_proc_d.patch (bsc#1237782 bsc#1051510)
- commit 51d8dd8
- pipe: reject F_SETPIPE_SZ with size over UINT_MAX (bsc#1237782)
- commit 57c3c8a
- pipe, sysctl: remove pipe_proc_fn() (bsc#1237782)
- commit 5b47dc3
- pipe, sysctl: drop 'min' parameter from pipe-max-size converter (bsc#1237782)
- commit 559c162
- sysctl: check for UINT_MAX before unsigned int min/max (bsc#1237782)
- commit 6169ace
- pipe: add proc_dopipe_max_size() to safely assign pipe_max_size (bsc#1237782)
- commit 2f6a8d2
- Update references for patches.suse/pipe-match-pipe_max_size-data-type-with-procfs.patch (bsc#1237782 git-fixes)
- commit 4bc1ec0
- nfc: st21nfca: fix memory leaks in EVT_TRANSACTION handling (CVE-2022-49331 bsc#1237813)
- commit 8331408
- phy: qcom-qmp: fix struct clk leak on probe errors (CVE-2022-49397 bsc#1237823)
- commit 29ed697
- KVM: VMX: Prevent RSB underflow before vmenter (CVE-2022-49610
bsc#1238952).
- commit bea6096
- x86/kexec: Fix double-free of elf header buffer (git-fixes
CVE-2022-49546 bsc#1238750).
- x86/kexec: fix memory leak of elf header buffer (CVE-2022-49546
bsc#1238750).
- commit 69722e9
- Refresh patches.suse/ipv6-icmp-convert-to-dev_net_rcu.patch.
- commit 8cd0e69
- bpf, sockmap: Fix double uncharge the mem of sk_msg
(CVE-2022-49205 bsc#1238335).
- commit f6c5311
- af_netlink: Fix shift out of bounds in group mask calculation
(CVE-2022-49197 bsc#1238455).
- commit 9a4a535
- uprobes: Reject the shared zeropage in uprobe_write_opcode() (CVE-2025-21881 bsc#1240185)
- commit f4218b4
- firmware: dmi-sysfs: Fix null-ptr-deref in dmi_sysfs_register_handle (bsc#1238467)
- commit 1cd86ca
- scsi: target: tcmu: Fix possible page UAF (CVE-2022-49053
bsc#1237918).
- commit beef048
- mm/khugepaged: fix ->anon_vma race (CVE-2023-52935 bsc#1240276).
- commit a534f8f
- usbnet: gl620a: fix endpoint checking in genelink_bind()
(bsc#1240172 CVE-2025-21877).
- commit 4ca0b45
- Refresh
patches.suse/ipv4-use-RCU-protection-in-ip_dst_mtu_maybe_forward.patch.
- commit 22f6eba
- netem: Update sch->q.qlen before qdisc_tree_reduce_backlog()
(git-fixes CVE-2025-21703 bsc#1237313).
- commit cbd2039
- net: sfp: fix memory leak in sfp_probe() (CVE-2022-49619 bsc#1239003)
- commit 04c9c14
- net: tipc: fix possible refcount leak in tipc_sk_create() (CVE-2022-49620 bsc#1239002)
- commit 73f1781
- team: prevent adding a device which is already a team device lower (CVE-2024-58071 bsc#1238970
- commit 850cca8
- tcp: tcp_rtx_synack() can be called from process context
(CVE-2022-49372 bsc#1238251).
- commit 2b7ccd1
- af_unix: Fix a data-race in unix_dgram_peer_wake_me()
(CVE-2022-49344 bsc#1237988).
- commit 906cfb9
- net/sched: netem: account for backlog updates from child qdisc
(CVE-2024-56770 bsc#1235637).
- net/smc: fix LGR and link use-after-free issue (CVE-2024-56640
bsc#1235436).
- netlink: terminate outstanding dump on socket close
(CVE-2024-53140 bsc#1234222).
- commit fa3efff
- net: mana: Support holes in device list reply msg (bsc#1240133).
- ipvlan: ensure network headers are in skb linear part
(CVE-2025-21891 bsc#1240186).
- bnxt: Do not read past the end of test names (CVE-2023-53010
bsc#1240290).
- net: mdio: validate parameter addr in mdiobus_get_phy()
(CVE-2023-53019 bsc#1240286).
- commit 44816a5
- wifi: brcmfmac: Check the count value of channel spec to
prevent out-of-bounds reads (CVE-2022-49740 bsc#1240233).
- commit 0c49112
- Update
patches.suse/ibmvnic-Don-t-reference-skb-after-sending-to-VIOS.patch
(CVE-2025-21858 bsc#1239468 CVE-2025-21855 bsc#1239484).
- commit f98b7e1
- Update
patches.suse/media-cx24116-prevent-overflows-on-SNR-calculus.patch
(CVE-2024-50290 bsc#1233479 bsc#1225742).
- Update
patches.suse/media-dvbdev-prevent-the-risk-of-out-of-memory-acces.patch
(CVE-2024-53063 bsc#1233557 bsc#1225742).
- commit 3bb8dac
- Update
patches.suse/HID-betop-check-shape-of-output-reports.patch
(git-fixes bsc#1207186 CVE-2023-53015 bsc#1240288).
- Update
patches.suse/Squashfs-fix-handling-and-sanity-checking-of-xattr_i.patch
(git-fixes CVE-2023-52933 bsc#1240275).
- Update
patches.suse/bpf-Fix-pointer-leak-due-to-insufficient-speculative.patch
(bsc#1231375 CVE-2023-53024 bsc#1240272).
- Update
patches.suse/cifs-Fix-oops-due-to-uncleared-server-smbd_conn-in-reconnect.patch
(bsc#1190317 CVE-2023-53006 bsc#1240208).
- Update
patches.suse/cifs-fix-potential-memory-leaks-in-session-setup.patch
(bsc#1190317 CVE-2023-53008 bsc#1240318).
- Update
patches.suse/netlink-prevent-potential-spectre-v1-gadgets.patch
(bsc#1209547 CVE-2017-5753 CVE-2023-53000 bsc#1240227).
- Update
patches.suse/powerpc-imc-pmu-Fix-use-of-mutex-in-IRQs-disabled-se.patch
(bsc#1054914 fate#322448 git-fixes CVE-2023-53031 bsc#1240285).
- Update
patches.suse/scsi-iscsi_tcp-Fix-UAF-during-login-when-accessing-the-shost-ipaddress.patch
(bsc#1210647 CVE-2023-2162 CVE-2023-52974 bsc#1240213).
- Update
patches.suse/squashfs-harden-sanity-check-in-squashfs_read_xattr_.patch
(git-fixes CVE-2023-52979 bsc#1240282).
- Update
patches.suse/tracing-Make-sure-trace_printk-can-output-as-soon-as-it-can-be-used.patch
(git-fixes CVE-2023-53007 bsc#1240229).
- Update
patches.suse/vc_screen-move-load-of-struct-vc_data-pointer-in-vcs.patch
(bsc#1213167 CVE-2023-3567 CVE-2023-52973 bsc#1240218).
- commit 5c75cc8
- Update
patches.suse/cpufreq-governor-Use-kobject-release-method-to-free-dbs_data.patch
(bsc#1237800 CVE-2022-49513).
- commit d961554
- um: Fix out-of-bounds read in LDT setup (CVE-2022-49395 bsc#1237953)
- commit 9b1534c
- firmware: dmi-sysfs: Fix memory leak in dmi_sysfs_register_handle (CVE-2022-49370 bsc#1238467)
- commit 56fb9f5
- ipw2x00: Fix potential NULL dereference in libipw_xmit() (CVE-2022-49544 bsc#1238721)
- commit b1c6aa1
- tee: optee: Fix supplicant wait loop (CVE-2025-21871
bsc#1240183).
- commit dd819c0
- team: add ethtool get_link_ksettings (bsc#1228909).
- commit 29a7164
- Refresh
patches.suse/net-remove-two-BUG-from-skb_checksum_help.patch.
- commit f154628
- cpufreq: governor: Use kobject release() method to free dbs_data
(bsc#1237800).
- dbs_data kABI workaround (bsc#1237800 CVE-2022-49513).
- commit 1891c97
- cpufreq: Move to_gov_attr_set() to cpufreq.h (bsc#1237800
CVE-2022-49513).
- commit af55b29
- net: usb: usbnet: restore usb%d name exception for local mac
addresses (bsc#1234480).
- commit c9b9e0d
- scsi: pm8001: Fix memory leak in pm8001_chip_fw_flash_update_req() (CVE-2022-49119 bsc#1237925)
- commit 3b2e4a3
- scsi: pm8001: Fix task leak in pm8001_send_abort_all() (CVE-2022-49120 bsc#1237969)
- commit 5941b1a
- RDMA/hfi1: Prevent use of lock before it is initialized (CVE-2022-49433 bsc#1238268)
- commit 6b108b0
- drm/msm/hdmi: check return value after calling
platform_get_resource_byname() (CVE-2022-49495 bsc#1237932).
- commit 250e248
- ipv6: mcast: extend RCU protection in igmp6_send()
(CVE-2025-21759 bsc#1238738).
- commit de67669
- ndisc: extend RCU protection in ndisc_send_skb() (CVE-2025-21760
bsc#1238763).
- commit bbd5bed
- vrf: use RCU protection in l3mdev_l3_out() (CVE-2025-21791
bsc#1238512).
- commit 67aac47
- arp: use RCU protection in arp_xmit() (CVE-2025-21762
bsc#1238780).
- commit 86c524f
- neighbour: use RCU protection in __neigh_notify()
(CVE-2025-21763 bsc#1237897).
- commit d195b5b
- ndisc: use RCU protection in ndisc_alloc_skb() (bsc#1239994).
- commit f3d8410
- ndisc: ndisc_send_redirect() must use dev_get_by_index_rcu()
(bsc#1239994).
- commit 794c7eb
- ipv6: Use RCU in ip6_input() (bsc#1239994).
- commit 81adbde
- ipv6: icmp: convert to dev_net_rcu() (bsc#1239994).
- commit 86dda00
- ipv6: use RCU protection in ip6_default_advmss() (CVE-2025-21765
bsc#1237906).
- commit 00b5f63
- ipv4: use RCU protection in __ip_rt_update_pmtu()
(CVE-2025-21766 bsc#1238754).
- commit ae267d9
- ipv4: use RCU protection in inet_select_addr() (bsc#1239994).
- commit 442e2c4
- ipv4: use RCU protection in rt_is_expired() (bsc#1239994).
- commit 6439cd7
- ipv4: use RCU protection in ip_dst_mtu_maybe_forward()
(bsc#1239994).
- commit 6b0f168
- ipv4: add RCU protection to ip4_dst_hoplimit() (bsc#1239994).
- commit fc7ba98
- net: add dev_net_rcu() helper (bsc#1239994).
- commit 51827b8
- net: treat possible_net_t net pointer as an RCU one and add
read_pnet_rcu() (bsc#1239994).
- commit a3369f3
- drm/amdgpu: Fix potential NULL pointer dereference in
atomctrl_get_smc_sclk_range_table (CVE-2024-58052 bsc#1238986).
- commit 9320da0
- KVM: Explicitly verify target vCPU is online in kvm_get_vcpu()
(CVE-2024-58083 bsc#1239036).
- commit 22cf047
- nfp: bpf: Add check for nfp_app_ctrl_msg_alloc() (CVE-2025-21848
bsc#1239479).
- commit 55016a1
- igc: Reinstate IGC_REMOVED logic and implement it properly
(CVE-2022-49605 bsc#1238433).
- commit 5af1e50
- net: dsa: mv88e6xxx: Fix refcount leak in
mv88e6xxx_mdios_register (CVE-2022-49367 bsc#1238447).
- commit 3ebb662
- net: tun: unlink NAPI from device on destruction (CVE-2022-49672
bsc#1238816).
- commit e432fa1
- kABI fix for tcp: properly terminate timers for kernel sockets
(CVE-2024-35910 bsc#1224489).
- commit 03a709f
- ip: Fix data-races around sysctl_ip_prot_sock. (CVE-2022-49578 bsc#1238794)
- commit 55c2c0e
- kABI fix for mptcp: add sk_stop_timer_sync helper
(CVE-2024-35910 bsc#1224489).
- commit d3152b9
- mptcp: add sk_stop_timer_sync helper (CVE-2024-35910
bsc#1224489).
- Refresh patches.suse/net-add-sock_init_data_uid.patch.
- commit b72feae
- net: remove two BUG() from skb_checksum_help() (CVE-2022-49497
bsc#1238946).
- commit 243b7fc
- net: bonding: fix use-after-free after 802.3ad slave unbind (CVE-2022-49667 bsc#1238282)
- commit bd21be6
- wifi: mac80211: fix use-after-free in chanctx code (CVE-2022-49416 bsc#1238293)
- commit 40d129d
- bus: fsl-mc-bus: fix KASAN use-after-free in fsl_mc_bus_remove() (CVE-2022-49711 bsc#1238416)
- commit 1048344
- media: pci: cx23885: Fix the error handling in cx23885_initdev() (CVE-2022-49524 bsc#1238949)
- commit 45001c2
- NFC: NULL out the dev->rfkill to prevent UAF (CVE-2022-49505 bsc#1238615)
- commit 8dd4c4d
- kABI: protect mr_ifc_count change (CVE-2022-49589 bsc#1238598).
- igmp: Fix data-races around sysctl_igmp_qrv (CVE-2022-49589
bsc#1238598).
- net: igmp: increase size of mr_ifc_count (CVE-2022-49589
bsc#1238598).
- net: igmp: fix data-race in igmp_ifc_timer_expire()
(CVE-2022-49589 bsc#1238598).
- commit 3efb324
- i2c: dev: check return value when calling dev_set_name() (CVE-2022-49046 bsc#1237842)
- commit de84566
- btrfs: fix qgroup reserve overflow the qgroup limit
(CVE-2022-49075 bsc#1237733).
- commit bf9031a
- ceph: fix inode reference leakage in ceph_get_snapdir() (CVE-2022-49109 bsc#1237836)
- commit d418afc
- ceph: fix up error handling with snapdirs (bsc#1237836)
- commit f7001b0
- ubi: ubi_create_volume: Fix use-after-free when volume creation failed (CVE-2022-49388 bsc#1237934)
- commit 0d5c203
- ceph: fix memory leak in ceph_readdir when note_last_dentry returns error (CVE-2022-49107 bsc#1237973)
- commit 40beec1
- ila: serialize calls to nf_register_net_hooks() (CVE-2024-57900
bsc#1235973).
- commit d69423e
- tcp: properly terminate timers for kernel sockets
(CVE-2024-35910 bsc#1224489).
- commit 5ce5df8
- ACPI: PAD: fix crash in exit_round_robin() (bsc#1232370
CVE-2024-49935).
- commit e03632e
- Update
patches.suse/netfilter-nf_tables-initialize-registers-in-nft_do_c.patch
(CVE-2022-1016 bsc#1197227 CVE-2022-49293 bsc#1239454).
- commit cedf6cd
- fbdev: omap: use threaded IRQ for LCD DMA (bsc#1239174 CVE-2025-21821)
- commit f159c1f
- drm/amd/pm: fix double free in si_parse_power_table() (bsc#1238944 CVE-2022-49530)
- commit dfebfa5
- net: phy: micrel: Allow probing without .driver_data
(CVE-2022-49472 bsc#1238951).
- ice: always check VF VSI pointer values (CVE-2022-49516
bsc#1238953).
- commit f9c1961
- geneve: Suppress list corruption splat in
geneve_destroy_tunnels() (CVE-2025-21858 bsc#1239468).
- gtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl()
(CVE-2025-21865 bsc#1239481).
- ibmvnic: Don't reference skb after sending to VIOS
(CVE-2025-21858 bsc#1239468).
- geneve: Fix use-after-free in geneve_find_dev() (CVE-2025-21858
bsc#1239468).
- commit 7c11337
- net: fix SO_REUSEPORT return code (bsc#1239448)
- commit 3c526b1
- nfsd: clear acl_access/acl_default after releasing them
(bsc#1238716 CVE-2025-21796).
- commit d1c11c1
- acct: perform last write from workqueue (CVE-2025-21846
bsc#1239508).
- commit 5fc1617
- irqchip/gic-v3: Fix GICR_CTLR.RWP polling (git-fixes
CVE-2022-49074 bsc#1237728).
- commit 9f6dc13
- media: staging: media: zoran: calculate the right buffer number
for zoran_reap_stat_com (CVE-2021-47645 bsc#1237767).
- commit eab4973
- PCI: Avoid putting some root ports into D3 on TUXEDO Sirius Gen1
(CVE-2025-21831 bsc#1239039).
- commit 10f73c4
- net/smc: check iparea_offset and ipv6_prefixes_cnt when
receiving proposal msg (CVE-2024-49571 bsc#1235733).
- commit ef9a771
- kABI fix for l2tp: prevent possible tunnel refcount underflow
(CVE-2024-49940 bsc#1232812).
Upstream commit 24256415d186 ("l2tp: prevent possible tunnel
refcount underflow") changed the API of `l2tp_session_set_header_len()`
and this patch re-introduces the API in that version.
- commit 803eb4b
- l2tp: prevent possible tunnel refcount underflow (CVE-2024-49940
bsc#1232812).
- commit 377601f
- drm/msm/mdp5: Return error code in mdp5_mixer_release when deadlock (bsc#1238600 CVE-2022-49488)
- commit b961f00
- bpf, sockmap: Fix memleak in tcp_bpf_sendmsg while sk msg is
full (bsc#1238252 CVE-2022-49209).
- commit aeb9c23
- scripts: fix incorrect regex escape
With Tumbleweed's recent switch to Python 3.13 recently I noticed
several syntax warning related to regex
.../scripts/python/suse_git/patch.py:57: SyntaxWarning: invalid escape sequence '\*'
break_matcher = re.compile(b"(---|\*\*\*|Index:)[ \t][^ \t]|^diff -")
.../scripts/python/git_sort/git_sort.py:490: SyntaxWarning: invalid escape sequence '\.'
version_match = re.compile("refs/tags/v(2\.6\.\d+|\d\.\d+)(-rc\d+)?$")
.../scripts/python/git_sort/git_sort.py:578: SyntaxWarning: invalid escape sequence '\.'
m = re.search("v([0-9]+)\.([0-9]+)(|-rc([0-9]+))$", tags[-1])
Fix them by using raw string/byte literal instead.
Link: https://docs.python.org/3/reference/lexical_analysis.html#string-and-bytes-literals
- commit 74871be
- netpoll: Fix race condition in netpoll_owner_active
(CVE-2024-41005 bsc#1227858).
- net: make sure napi_list is safe for RCU traversal
(CVE-2024-41005 bsc#1227858).
- commit b55492f
- net: usb: aqc111: Fix out-of-bounds accesses in RX fixup
(bsc#1237903 CVE-2022-49051).
- commit eb6ef6f
- usb: musb: sunxi: Fix accessing an released usb phy (bsc#1233458
CVE-2024-50269).
- commit 14a906c
- USB: hub: Ignore non-compliant devices with too many configs
or interfaces (bsc#1238909 CVE-2025-21776).
- commit 6d1cc77
- net: usb: rtl8150: enable basic endpoint checking (bsc#1239087
CVE-2025-21708).
- commit 582b035
- Refresh
patches.suse/net-smc-fix-kernel-panic-caused-by-race-of-smc_sock.patch.
- commit 89c4c51
- ALSA: usb-audio: Cancel pending work at closing a MIDI substream
(CVE-2022-49545 bsc#1238729).
- commit c5aef00
- net_sched: sch_sfq: don't allow 1 packet limit (CVE-2024-57996
bsc#1239076).
- commit 30f09ff
- wifi: brcmfmac: fix NULL pointer dereference in
brcmf_txfinalize() (CVE-2025-21744 bsc#1238903).
- commit af88382
- Update
patches.suse/0006-dm-raid-fix-accesses-beyond-end-of-raid-member-array.patch
(git-fixes CVE-2022-49674 bsc#1239041).
- Update
patches.suse/0013-block-don-t-delete-queue-kobject-before-its-children.patch
(git-fixes CVE-2022-49259 bsc#1238413).
- Update
patches.suse/0013-dm-mirror-log-round-up-region-bitmap-size-to-BITS_PE.patch
(git-fixes CVE-2022-49710 bsc#1238417).
- Update
patches.suse/0015-bfq-Update-cgroup-information-before-merging-bio.patch
(git-fixes CVE-2022-49413 bsc#1238710).
- Update
patches.suse/0074-dm-ioctl-prevent-potential-spectre-v1-gadget.patch
(git-fixes CVE-2022-49122 bsc#1237983).
- Update
patches.suse/0077-nbd-call-genl_unregister_family-first-in-nbd_cleanup.patch
(git-fixes CVE-2022-49295 bsc#1238707).
- Update
patches.suse/0078-nbd-fix-race-between-nbd_alloc_config-and-module-removal.patch
(git-fixes CVE-2022-49300 bsc#1238183).
- Update
patches.suse/0079-nbd-fix-io-hung-while-disconnecting-device.patch
(git-fixes CVE-2022-49297 bsc#1238469).
- Update
patches.suse/ALSA-pcm-Fix-potential-AB-BA-lock-with-buffer_mutex-.patch
(CVE-2022-1048 bsc#1197331 CVE-2022-49272 bsc#1238272).
- Update
patches.suse/ALSA-pcm-Fix-races-among-concurrent-hw_params-and-hw.patch
(CVE-2022-1048 bsc#1197331 CVE-2022-49291 bsc#1238705).
- Update
patches.suse/ALSA-pcm-Fix-races-among-concurrent-prealloc-proc-wr.patch
(CVE-2022-1048 bsc#1197331 CVE-2022-49288 bsc#1238271).
- Update
patches.suse/ALSA-pcm-oss-Fix-race-at-SNDCTL_DSP_SYNC.patch
(CVE-2022-3303 bsc#1203769 CVE-2022-49733 bsc#1238454).
- Update
patches.suse/Bluetooth-hci_qca-Use-del_timer_sync-before-freeing.patch
(git-fixes CVE-2022-49555 bsc#1238231).
- Update
patches.suse/NFSD-prevent-underflow-in-nfssvc_decode_writeargs.patch
(git-fixes CVE-2022-49280 bsc#1238630).
- Update
patches.suse/PCI-Avoid-pci_dev_lock-AB-BA-deadlock-with-sriov_num.patch
(git-fixes CVE-2022-49434 bsc#1238916).
- Update
patches.suse/RDMA-hfi1-Prevent-panic-when-SDMA-is-disabled.patch
(git-fixes CVE-2022-49429 bsc#1238889).
- Update
patches.suse/SUNRPC-Fix-the-svc_deferred_event-trace-class.patch
(git-fixes CVE-2022-49065 bsc#1237739).
- Update
patches.suse/bpf-sockmap-Fix-more-uncharged-while-msg-has-more_da.patch
(bsc#1235485 CVE-2024-56633 CVE-2022-49204 bsc#1238240).
- Update
patches.suse/cgroup-Use-separate-src-dst-nodes-when-preloading-css_sets-for-migration.patch
(bsc#1201610 CVE-2022-49647 bsc#1238805).
- Update patches.suse/cifs-fix-handlecache-and-multiuser.patch
(bsc#1190317 CVE-2022-49281 bsc#1238635).
- Update
patches.suse/cifs-potential-buffer-overflow-in-handling-symlinks.patch
(bsc#1190317 CVE-2022-49058 bsc#1237814).
- Update
patches.suse/cifs-prevent-bad-output-lengths-in-smb2_ioctl_query_info-.patch
(bsc#1190317 CVE-2022-49271 bsc#1238626).
- Update patches.suse/crypto-qat-fix-memory-leak-in-RSA.patch
(git-fixes CVE-2022-49566 bsc#1238266).
- Update patches.suse/dlm-fix-plock-invalid-read.patch (git-fixes
CVE-2022-49407 bsc#1238180).
- Update
patches.suse/dm-raid-fix-KASAN-warning-in-raid5_add_disks.patch
(git-fixes CVE-2022-49673 bsc#1238933).
- Update
patches.suse/drbd-Fix-five-use-after-free-bugs-in-get_initial_state
(git-fixes CVE-2022-49085 bsc#1238036).
- Update
patches.suse/drivers-usb-host-Fix-deadlock-in-oxu_bus_suspend.patch
(git-fixes CVE-2022-49313 bsc#1238633).
- Update
patches.suse/drm-virtio-fix-NULL-pointer-dereference-in-virtio_gp.patch
(git-fixes CVE-2022-49532 bsc#1238925).
- Update
patches.suse/exec-Force-single-empty-string-when-argv-is-empty.patch
(bsc#1200571 CVE-2022-49264 bsc#1237815).
- Update patches.suse/ext4-add-reserved-GDT-blocks-check.patch
(bsc#1202712 CVE-2022-49707 bsc#1239035).
- Update patches.suse/ext4-avoid-cycles-in-directory-h-tree.patch
(bsc#1198577 CVE-2022-1184 CVE-2022-49343 bsc#1238382).
- Update patches.suse/ext4-fix-bug_on-ext4_mb_use_inode_pa.patch
(bsc#1200810 CVE-2022-49708 bsc#1238599).
- Update patches.suse/ext4-fix-bug_on-in-__es_tree_search.patch
(bsc#1200809 CVE-2022-49409 bsc#1238279).
- Update patches.suse/ext4-fix-bug_on-in-ext4_writepages.patch
(bsc#1200872 CVE-2022-49347 bsc#1238393).
- Update
patches.suse/ext4-fix-race-condition-between-ext4_write-and-ext4_.patch
(bsc#1200807 CVE-2022-49414 bsc#1238623).
- Update
patches.suse/ext4-fix-use-after-free-in-ext4_rename_dir_prepare.patch
(bsc#1200871 CVE-2022-49349 bsc#1238372).
- Update patches.suse/icmp-Fix-data-races-around-sysctl.patch
(CVE-2024-47678 bsc#1231854 git-fixes CVE-2022-49638
bsc#1238613).
- Update
patches.suse/ixgbe-Add-locking-to-prevent-panic-when-setting-srio.patch
(git-fixes CVE-2022-49584 bsc#1237933).
- Update patches.suse/list-fix-a-data-race-around-ep-rdllist.patch
(git-fixes CVE-2022-49443 bsc#1238434).
- Update
patches.suse/md-bitmap-don-t-set-sb-values-if-can-t-pass-sanity-c.patch
(bsc#1197158 CVE-2022-49526 bsc#1238030).
- Update
patches.suse/module-fix-e_shstrndx-.sh_size-0-OOB-access.patch
(git-fixes CVE-2022-49444 bsc#1238127).
- Update
patches.suse/msft-hv-2556-Drivers-hv-vmbus-Fix-potential-crash-on-module-unloa.patch
(git-fixes CVE-2022-49098 bsc#1238079).
- Update
patches.suse/mxser-fix-xmit_buf-leak-in-activate-when-LSR-0xff.patch
(git-fixes CVE-2022-49191 bsc#1238133).
- Update
patches.suse/net-asix-add-proper-error-handling-of-usb-read-error.patch
(git-fixes CVE-2022-49226 bsc#1238336).
- Update
patches.suse/nvme-pci-fix-a-NULL-pointer-dereference-in-nvme_allo.patch
(git-fixes CVE-2022-49492 bsc#1238954).
- Update
patches.suse/ocfs2-dlmfs-fix-error-handling-of-user_dlm_destroy_l.patch
(git-fixes CVE-2022-49337 bsc#1238376).
- Update
patches.suse/powerpc-pseries-Fix-use-after-free-in-remove_phb_dyn.patch
(bsc#1065729 bsc#1198660 ltc#197803 CVE-2022-49196 bsc#1238274).
- Update
patches.suse/powerpc-tm-Fix-more-userspace-r13-corruption.patch
(bsc#1065729 CVE-2022-49164 bsc#1238108).
- Update
patches.suse/powerpc-xics-fix-refcount-leak-in-icp_opal_init.patch
(bsc#1065729 CVE-2022-49432 bsc#1238950).
- Update
patches.suse/powerpc-xive-Fix-refcount-leak-in-xive_spapr_init.patch
(fate#322438 git-fixes CVE-2022-49437 bsc#1238443).
- Update
patches.suse/powerpc-xive-spapr-correct-bitmap-allocation-size.patch
(fate#322438 git-fixes CVE-2022-49623 bsc#1239040).
- Update
patches.suse/scsi-libfc-Fix-use-after-free-in-fc_exch_abts_resp.patch
(git-fixes CVE-2022-49114 bsc#1238146).
- Update
patches.suse/scsi-lpfc-Address-NULL-pointer-dereference-after-sta.patch
(git-fixes CVE-2022-49332 bsc#1238236).
- Update
patches.suse/scsi-pm8001-Fix-abort-all-task-initialization
(git-fixes CVE-2022-49217 bsc#1238313).
- Update
patches.suse/scsi-qla2xxx-Fix-crash-during-module-load-unload-tes.patch
(bsc#1197661 CVE-2022-49160 bsc#1238172).
- Update
patches.suse/scsi-qla2xxx-Fix-premature-hw-access-after-PCI-error.patch
(bsc#1195823 CVE-2022-49157 bsc#1238169).
- Update
patches.suse/scsi-qla2xxx-Fix-scheduling-while-atomic.patch
(bsc#1195823 CVE-2022-49156 bsc#1238168).
- Update
patches.suse/scsi-qla2xxx-Fix-warning-message-due-to-adisc-being-.patch
(bsc#1195823 CVE-2022-49158 bsc#1238170).
- Update
patches.suse/scsi-qla2xxx-Implement-ref-count-for-SRB.patch
(bsc#1195823 CVE-2022-49159 bsc#1238171).
- Update
patches.suse/scsi-qla2xxx-Suppress-a-kernel-complaint-in-qla_crea.patch
(bsc#1195823 CVE-2022-49155 bsc#1237941).
- Update
patches.suse/scsi-zorro7xx-Fix-a-resource-leak-in-zorro7xx_remove_one
(git-fixes CVE-2022-49095 bsc#1237752).
- Update
patches.suse/tcp-fix-tcp_mtup_probe_success-vs-wrong-snd_cwnd.patch
(bsc#1218450 CVE-2022-49330 bsc#1238378).
- Update
patches.suse/tpm-fix-reference-counting-for-struct-tpm_chip.patch
(CVE-2022-2977 bsc#1202672 CVE-2022-49287 bsc#1238276).
- Update
patches.suse/tracing-Fix-sleeping-function-called-from-invalid-context-on-RT-kernel.patch
(git-fixes CVE-2022-49322 bsc#1238396).
- Update
patches.suse/usb-dwc2-Fix-memory-leak-in-dwc2_hcd_init.patch
(git-fixes CVE-2022-49713 bsc#1238419).
- Update
patches.suse/usb-usbip-fix-a-refcount-leak-in-stub_probe.patch
(git-fixes CVE-2022-49389 bsc#1238257).
- Update patches.suse/usbnet-fix-memory-leak-in-error-case.patch
(git-fixes CVE-2022-49657 bsc#1238269).
- Update
patches.suse/veth-Ensure-eth-header-is-in-skb-s-linear-part.patch
(git-fixes CVE-2022-49066 bsc#1237722).
- Update
patches.suse/video-fbdev-clcdfb-Fix-refcount-leak-in-clcdfb_of_vr.patch
(bsc#1129770 CVE-2022-49421 bsc#1238819).
- Update
patches.suse/virtio_console-eliminate-anonymous-module_init-modul.patch
(git-fixes CVE-2022-49100 bsc#1237735).
- Update
patches.suse/virtio_net-fix-xdp_rxq_info-bug-after-suspend-resume.patch
(git-fixes CVE-2022-49687 bsc#1238181).
- Update
patches.suse/x86-speculation-fill-rsb-on-vmexit-for-ibrs.patch
(bsc#1201726 CVE-2022-26373 CVE-2022-49611 bsc#1238618).
- Update
patches.suse/xen-netback-avoid-entering-xenvif_rx_next_skb-with-a.patch
(bsc#1201381 CVE-2022-49649 bsc#1238612).
- Update
patches.suse/xprtrdma-treat-all-calls-not-a-bcall-when-bc_serv-is.patch
(git-fixes CVE-2022-49321 bsc#1238373).
- commit c156b3c
- Update
patches.suse/0008-video-fbdev-smscufx-Fix-null-ptr-deref-in-ufx_usb_pr.patch
(bsc#1129770 CVE-2021-47652 bsc#1237721).
- Update
patches.suse/ath5k-fix-OOB-in-ath5k_eeprom_read_pcal_info_5111.patch
(git-fixes CVE-2021-47633 bsc#1237768).
- commit 9ae3067
- rdma/cxgb4: Prevent potential integer overflow on 32bit (CVE-2024-57973 bsc#1238531)
- commit dbbc8b2
- RDMA/hfi1: Fix potential integer multiplication overflow errors (CVE-2022-49404 bsc#1238430)
- commit 80a20e6
- nfc: nci: add flush_workqueue to prevent uaf (CVE-2022-49059 bsc#1238007)
- commit 305c681
- ipv6: Fix signed integer overflow in l2tp_ip6_sendmsg (CVE-2022-49727 bsc#1239059)
- commit 7f3b150
- can: m_can: m_can_tx_handler(): fix use after free of skb (CVE-2022-49275 bsc#1238719)
- commit 1fdfcc6
- crypto: qat - add param check for DH (CVE-2022-49564 bsc#1238789)
- commit 7f4f28c
- crypto: qat - add param check for RSA (CVE-2022-49563 bsc#1238787)
- commit f87e665
- wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() (CVE-2024-58014 bsc#1239109)
- commit fe78d7b
- orangefs: fix a oob in orangefs_debug_write (git-fixes
bsc#1239117 CVE-2025-21782).
- commit 6a7a2b9
- ALSA: jack: Fix mutex call in snd_jack_report() (CVE-2022-49538
bsc#1238843).
- commit 0a9be43
- kABI workaround for snd_jack.input_dev_lock field
(CVE-2022-49538 bsc#1238843).
- commit 0decf9d
- ALSA: jack: Access input_dev under mutex (CVE-2022-49538
bsc#1238843).
- ath10k: skip ath10k_halt during suspend for driver state
RESTARTING (CVE-2022-49519 bsc#1238943).
- commit b758634
- extcon: Modify extcon device to be created after driver data
is set (CVE-2022-49308 bsc#1238654).
- commit bb2d5d7
- ALSA: oss: Fix PCM OSS buffer allocation overflow
(CVE-2022-49292 bsc#1238625).
- commit 05f3e03
- wifi: rtlwifi: remove unused check_buddy_priv (CVE-2024-58072
bsc#1238964).
- commit ca6cdaf
- perf/core: Fix data race between perf_event_set_output()
and perf_mmap_close() (CVE-2022-49607 bsc#1238817).
- commit 7d0651a
- kABI workaround for pps changes (CVE-2024-57979 bsc#1238521).
- commit ecc73ae
- pps: Fix a use-after-free (CVE-2024-57979 bsc#1238521).
- commit 5e01f6b
- net: hns3: fix oops when unload drivers paralleling
(CVE-2025-21802 bsc#1238751).
- be2net: Fix buffer overflow in be_get_module_eeprom
(CVE-2022-49581 bsc#1238540).
- commit f8f5e83
- tpm: use try_get_ops() in tpm-space.c (CVE-2022-49286
bsc#1238647).
- commit 0f153ea
- ipvs: fix UB due to uninitialized stack access in
ip_vs_protocol_init() (CVE-2024-53680 bsc#1235715).
- commit 8dac11a
- kABI workaround for bluetooth hci_conn struct change
(CVE-2024-36968 bsc#1226130).
- commit be09290
- Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init()
(CVE-2024-36968 bsc#1226130).
- commit 930b6c7
- scsi: qedf: Ensure the copied buf is NUL terminated
(CVE-2024-38559 bsc#1226785).
- commit 15b9d87
- freetype2
-
- Added patch:
* CVE-2025-23022.patch
+ fixes bsc#1235670, CVE-2025-23022: signed integer overflow in
cf2_doFlex in cff/cf2intrp.c
+ also fixes an overflow in cf2_hintmap_insertHint in
src/cff/cf2hints.c
+ it is a backport of upstream commits e66d7300 and 3802ca8b
- Added patch:
* CVE-2025-27363.patch
+ fixes bsc#1239465, CVE-2025-27363: out-of-bounds write when
attempting to parse font subglyph structures related to
TrueType GX and variable font files
- pciutils
-
- Apply "fix-lack-of-exposure-of-pci_init-for-libpci_3.2.patch" to
fix the biosdevname utility, which was broken by an update to
pcituils 3.5.x because the newer version forgot to export
pci_init() for library version LIBPCI_3.2. [bsc#1241994]
- Update to pciutils 3.5.6 from SLE-15 [jsc#PED-4587].
The following patches are obsolete in the newer version:
* add-decoding-of-vendor-specific-vpd-fields.patch
* pciutils-3.1.7-fix-memory-leak-in-get_cache_name.patch
* pciutils-3.5.1-add-support-for-32-bit-pci-domains.patch
* pciutils-lspci-Correct-Root-Capabilities-CRS-Software-Visibil.patch
* show-gen4-speed-properly.patch
- Add "pciutils-Add-PCIe-5.0-data-rate-32-GT-s-support.patch" and
"pciutils-Add-PCIe-6.0-data-rate-64-GT-s-support.patch" to fix
LnkCap speed recognition in lspci for multi PCIe ports such as
the ML110 Gen11. [bsc#1192862]
- Fix lspci outputs few of the VPD data fields are displayed as unknown (bsc#1170554, ltc#185587).
Added:
* pciutils-VPD-When-printing-item-IDs-escape-non-ASCII-characte.patch
* pciutils-VPD-Cleanup.patch
* pciutils-Add-decoding-of-vendor-specific-VPD-fields.patch
- cloud-regionsrv-client
-
- Update version to 10.4.0
+ Remove repositories when the package is being removed
We do not want to leave repositories behind refering to the plugin that
is being removed when the package gets removed (bsc#1240310, bsc#1240311)
+ Turn docker into an optional setup (jsc#PCT-560)
Change the Requires into a Recommends and adapt the code accordingly
+ Support flexible licenses in GCE (jsc#PCT-531)
+ Drop the azure-addon package it is geting replaced by the
license-watcher package which has a generic implementation of the
same functionality.
+ Handle cache inconsistencies (bsc#1218345)
+ Properly handle the zypper root target argument (bsc#1240997)
- pam
-
- pam_unix/passverify: (get_account_info) [!HELPER_COMPILE]: Always return
PAM_UNIX_RUN_HELPER instead of trying to obtain the shadow password file
entry.
[passverify-always-run-the-helper-to-obtain-shadow-pwd.patch, bsc#1232234,
CVE-2024-10041]
- Do not reject the user with a hash assuming it's non-empty.
[pam_unix-allow-empty-passwords-with-non-empty-hashes.patch]
- libxml2
-
- security update
- added patches
CVE-2025-32414 [bsc#1241551], out-of-bounds read when parsing text via the Python API
+ libxml2-CVE-2025-32414.patch
CVE-2025-32415 [bsc#1241453], a crafted XML document may lead to a heap-based buffer under-read
+ libxml2-CVE-2025-32415.patch
- python
-
- Update CVE-2024-11168-validation-IPv6-addrs.patch
according modifications by the Debian
developers (Sylvain Beucler <beuc@debian.org>,
gh#python/cpython#103848#issuecomment-2708135083).
- python-base
-
- Update CVE-2024-11168-validation-IPv6-addrs.patch
according modifications by the Debian
developers (Sylvain Beucler <beuc@debian.org>,
gh#python/cpython#103848#issuecomment-2708135083).
- python36
-
- Update CVE-2024-11168-validation-IPv6-addrs.patch
according to the Debian version
(gh#python/cpython#103848#issuecomment-2708135083).
- systemd
-
- Add the following patches (bsc#1241079 bsc#1241586)
6004-core-rename-queued_message-pending_reload_message.patch
6005-core-when-we-can-t-send-the-pending-reload-message-s.patch
6006-core-make-sure-we-don-t-throttle-change-signal-gener.patch-
- Import commit 866467ea64074193d226d09a3779c1ff0bec63b0
2aee6d7daf basic/hashmap: add cleanup of memory pools (#7164)
908ac43c61 core: add valgrind helper for daemon-reexec
5357cabb02 sd-bus: fix a memory leak in message_new_reply() (#7636)
db07d03e46 sd-bus: unify three code-paths which free struct bus_container
732f02acb0 bus-message: use structured initialization to avoid use of unitialized memory
- Add 6002-sd-bus-add-APIs-to-query-the-current-read-and-write-.patch and
6003-core-don-t-process-dbus-unit-and-job-queue-when-ther.patch (bsc#1231211 bsc#1231211)
- Don't try to restart the udev socket units anymore (bsc#1228809)
There's currently no way to restart a socket activable service and its socket
units "atomically" and safely.
- kbd
-
- Don't search for resources in the current directory. It can cause
unwanted side effects or even infinite loop (bsc#1237230,
kbd-ignore-working-directory-1.patch,
kbd-ignore-working-directory-2.patch,
kbd-ignore-working-directory-3.patch).
- python-setuptools
-
- Add patch CVE-2025-47273.patch to fix A path traversal
vulnerability.
(bsc#1243313, CVE-2025-47273, gh#pypa/setuptools@250a6d17978f)
- libzypp
-
- Do not double encode URL strings passed on the commandline
(bsc#1237587)
URLs passed on the commandline must have their special chars
encoded already. We just want to check and encode forgotten
unsafe chars like a blank. A '%' however must not be encoded
again.
- version 16.22.16 (0)
- openssh
-
- Add openssh-bsc1232533-big-motd-failure.patch (bsc#1232533),
fixing failures with very large MOTDs. Thanks to Ali Abdallah
<ali.abdallah@suse.com>.
- expat
-
- version update to 2.7.1 for SLE-12
- modified sources
% expatfaq.html
- deleted patches
- config-guess-sub-update.patch (upstreamed)
- expat-2.1.0-CVE-2016-9063.patch (upstreamed)
- expat-2.1.0-heap_buffer_overflow.patch (upstreamed)
- expat-2.1.0-parser_crashes_on_malformed_input.patch (upstreamed)
- expat-2.1.1-CVE-2012-6702.patch (upstreamed)
- expat-CVE-2017-9233.patch (upstreamed)
- expat-CVE-2018-20843.patch (upstreamed)
- expat-CVE-2019-15903-tests.patch (upstreamed)
- expat-CVE-2019-15903.patch (upstreamed)
- expat-CVE-2021-45960.patch (upstreamed)
- expat-CVE-2021-46143.patch (upstreamed)
- expat-CVE-2022-22822.patch (upstreamed)
- expat-CVE-2022-22823.patch (upstreamed)
- expat-CVE-2022-22824.patch (upstreamed)
- expat-CVE-2022-22825.patch (upstreamed)
- expat-CVE-2022-22826.patch (upstreamed)
- expat-CVE-2022-22827.patch (upstreamed)
- expat-CVE-2022-23852.patch (upstreamed)
- expat-CVE-2022-23990.patch (upstreamed)
- expat-CVE-2022-25235.patch (upstreamed)
- expat-CVE-2022-25236-relax-fix.patch (upstreamed)
- expat-CVE-2022-25236.patch (upstreamed)
- expat-CVE-2022-25313-fix-regression.patch (upstreamed)
- expat-CVE-2022-25313.patch (upstreamed)
- expat-CVE-2022-25314-before.patch (upstreamed)
- expat-CVE-2022-25314.patch (upstreamed)
- expat-CVE-2022-25315.patch (upstreamed)
- expat-CVE-2022-40674.patch (upstreamed)
- expat-CVE-2022-43680.patch (upstreamed)
- expat-CVE-2023-52425-1.patch (upstreamed)
- expat-CVE-2023-52425-2.patch (upstreamed)
- expat-CVE-2023-52425-backport-parser-changes.patch (upstreamed)
- expat-CVE-2023-52425-fix-tests.patch (upstreamed)
- expat-CVE-2024-45490.patch (upstreamed)
- expat-CVE-2024-45491.patch (upstreamed)
- expat-CVE-2024-45492.patch (upstreamed)
- expat-CVE-2024-50602.patch (upstreamed)
- expat-alloc-size.patch (upstreamed)
- expat-visibility.patch (upstreamed)
- version update to 2.7.1
Bug fixes:
[#980] #989 Restore event pointer behavior from Expat 2.6.4
(that the fix to CVE-2024-8176 changed in 2.7.0);
affected API functions are:
- XML_GetCurrentByteCount
- XML_GetCurrentByteIndex
- XML_GetCurrentColumnNumber
- XML_GetCurrentLineNumber
- XML_GetInputContext
Other changes:
[#976] #977 Autotools: Integrate files "fuzz/xml_lpm_fuzzer.{cpp,proto}"
with Automake that were missing from 2.7.0 release tarballs
[#983] #984 Fix printf format specifiers for 32bit Emscripten
[#992] docs: Promote OpenSSF Best Practices self-certification
[#978] tests/benchmark: Resolve mistaken double close
[#986] Address compiler warnings
[#990] #993 Version info bumped from 11:1:10 (libexpat*.so.1.10.1)
to 11:2:10 (libexpat*.so.1.10.2); see https://verbump.de/
for what these numbers do
Infrastructure:
[#982] CI: Start running Perl XML::Parser integration tests
[#987] CI: Enforce Clang Static Analyzer clean code
[#991] CI: Re-enable warning clang-analyzer-valist.Uninitialized
for clang-tidy
[#981] CI: Cover compilation with musl
[#983] #984 CI: Cover compilation with 32bit Emscripten
[#976] #977 CI: Protect against fuzzer files missing from future
release archives
- version update to 2.7.0 (CVE-2024-8176 [bsc#1239618])
* Security fixes:
[#893] #973 CVE-2024-8176 -- Fix crash from chaining a large number
of entities caused by stack overflow by resolving use of
recursion, for all three uses of entities:
- general entities in character data ("<e>&g1;</e>")
- general entities in attribute values ("<e k1='&g1;'/>")
- parameter entities ("%p1;")
Known impact is (reliable and easy) denial of service:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:O/RC:C
(Base Score: 7.5, Temporal Score: 7.2)
Please note that a layer of compression around XML can
significantly reduce the minimum attack payload size.
* Other changes:
[#935] #937 Autotools: Make generated CMake files look for
libexpat.@SO_MAJOR@.dylib on macOS
[#925] Autotools: Sync CMake templates with CMake 3.29
[#945] #962 #966 CMake: Drop support for CMake <3.13
[#942] CMake: Small fuzzing related improvements
[#921] docs: Add missing documentation of error code
XML_ERROR_NOT_STARTED that was introduced with 2.6.4
[#941] docs: Document need for C++11 compiler for use from C++
[#959] tests/benchmark: Fix a (harmless) TOCTTOU
[#944] Windows: Fix installer target location of file xmlwf.xml
for CMake
[#953] Windows: Address warning -Wunknown-warning-option
about -Wno-pedantic-ms-format from LLVM MinGW
[#971] Address Cppcheck warnings
[#969] #970 Mass-migrate links from http:// to https://
[#947] #958 ..
[#974] #975 Document changes since the previous release
[#974] #975 Version info bumped from 11:0:10 (libexpat*.so.1.10.0)
to 11:1:10 (libexpat*.so.1.10.1); see https://verbump.de/
for what these numbers do
- no source changes, just adding jira reference: jsc#SLE-21253
- suse-build-key
-
- add and run a import-suse-build-key script, which will be run
after installation using a systemd timer. (jsc#PED-2777)
- ca-certificates-mozilla
-
- Fix awk to compare (missing a =) and give the following output:
[#] NSS_BUILTINS_LIBRARY_VERSION "2.74"
- pass file argument to awk (bsc#1240009)
- update to 2.74 state of Mozilla SSL root CAs:
Removed:
* SwissSign Silver CA - G2
Added:
* D-TRUST BR Root CA 2 2023
* D-TRUST EV Root CA 2 2023
- remove extensive signature printing in comments of the cert
bundle
- Define two macros to break a build cycle with p11-kit.
- Updated to 2.72 state of Mozilla SSL root CAs (bsc#1234798)
Removed:
- SecureSign RootCA11
- Security Communication RootCA3
Added:
- TWCA CYBER Root CA
- TWCA Global Root CA G2
- SecureSign Root CA12
- SecureSign Root CA14
- SecureSign Root CA15
- augeas
-
- Add patch, fix for bsc#1239909 / CVE-2025-2588:
* CVE-2025-2588.patch
- iputils
-
- Security fix [bsc#1242300, CVE-2025-47268]
* integer overflow in RTT calculation can lead to undefined behavior
* Add iputils-CVE-2025-47268.patch
- rsync
-
- Fix bsc#1239649 - rsync bwlimit=0 option was broken by CVE-2024-12088 fix.
* Add rsync-fix-bwlimit.patch
* bwlimit=0 specifies no limit properly now.
- Fix bsc#1237187 - rsync daemon mode after protocol bump
* Add greeting line with available digests
* Add rsync-fix-daemon-proto-32.patch
- Bump protocl version to 32 - make it easier to show server is patched.
* Add rsync-protocol-version-32.patch
- python3
-
- Update CVE-2024-11168-validation-IPv6-addrs.patch
according to the Debian version
(gh#python/cpython#103848#issuecomment-2708135083).
- amazon-ssm-agent
-
- Add patch to fix proxy bypass using IPv6 zone IDs in golang.org/x/net
* CVE-2025-22870.patch (bsc#1238702, CVE-2025-22870)
- pacemaker
-
- pacemaker-attrd: use %PRIu32 format specifier instead of %u for node id (bsc#1239629, gh#ClusterLabs/pacemaker#3860)
* bsc#1239629-0004-Log-pacemaker-attrd-use-PRIu32-format-specifier-inst.patch
- libcrmcluster: correctly log node id (bsc#1239629, gh#ClusterLabs/pacemaker#3860)
* bsc#1239629-0003-Log-libcrmcluster-correctly-log-node-id.patch
- pacemaker-attrd: prevent segfault if a peer leaves when its name is unknown yet (bsc#1239629, gh#ClusterLabs/pacemaker#3860)
* bsc#1239629-0001-Fix-pacemaker-attrd-prevent-segfault-if-a-peer-leave.patch
- spec: create a temporary file in /run directory (bsc#1239770)
- libcrmservices: Unref the dbus connection... (gh#ClusterLabs/pacemaker#3841)
* pacemaker#3841-0002-Refactor-libcrmservices-Unref-the-dbus-connection.patch
- libcrmservices: Don't leak msg if systemd_proxy is NULL. (gh#ClusterLabs/pacemaker#3841)
* pacemaker#3841-0001-Low-libcrmservices-Don-t-leak-msg-if-systemd_proxy-i.patch
- cts-scheduler: update tests for considering parents of an unmanaged resource active on the node (gh#ClusterLabs/pacemaker#3842, bsc#1238519)
* bsc#1238519-0002-Test-cts-scheduler-update-tests-for-considering-pare.patch
- libpe_status: consider parents of an unmanaged resource active on the node (gh#ClusterLabs/pacemaker#3842, bsc#1238519)
* bsc#1238519-0001-Fix-libpe_status-consider-parents-of-an-unmanaged-re.patch
- various: address format-overflow warnings (gh#ClusterLabs/pacemaker#3795)
* pacemaker#3795-0001-Low-various-address-format-overflow-warnings.patch
- libpacemaker: set fail-count to INFINITY for fatal failures (gh#ClusterLabs/pacemaker#3772)
* pacemaker#3772-0002-Fix-libpacemaker-set-fail-count-to-INFINITY-for-fata.patch
- libpacemaker: add PCMK__XA_FAILED_START_OFFSET and PCMK__XA_FAILED_STOP_OFFSET (gh#ClusterLabs/pacemaker#3772)
* pacemaker#3772-0001-Refactor-libpacemaker-add-PCMK__XA_FAILED_START_OFFS.patch
- grub2
-
- Fix zfs.mo not found message when booting on legacy BIOS (bsc#1237865)
* 0001-autofs-Ignore-zfs-not-found.patch
- timezone
-
- Update to 2025b:
* New zone for Aysén Region in Chile (America/Coyhaique) which
moves from -04/-03 to -03
- Refresh patches
* revert-philippines-historical-data.patch
* tzdata-china.diff